I am building an admin panel. and I want to block certain IP ranges. I'm testing this on my localhost wamp server but ir doesn't seem to redirect me.
<?php
if($_SERVER['REMOTE_ADDR'] == '127.0.0..*')
header("Location: http://google.com");
else
echo "Hai";
?>
Any input is appreciated.
Is sufficient to use string comparison
if (strncmp('127.0.0.', $_SERVER['REMOTE_ADDR'], 8) === 0)
header("Location: http://google.com");
else
echo "Hai";
Update: Taken from the comments of inits answer
Suppose i want to block any IP coming from this range: 192.168.0.1-255. What would be the best solution for it ? Thanks.
Then just make the same string comparison against this block
if (strncmp('192.168.0.', $_SERVER['REMOTE_ADDR'], 10) === 0)
header("Location: http://google.com");
else
echo "Hai";
If you want to test the remote address against both blocks at once, you will probably put them together into one expression. This time we need a different approach
if (in_array(substr($_SERVER['REMOTE_ADDR'], 0, strrpos($_SERVER['REMOTE_ADDR'], '.')), array('127.0.0', '192.168.0'))) {
header("Location: http://google.com");
else
echo "Hai";
The substr()-part takes the IP until the last .. We can just try to find this string in a set (-> array) of IP-prefixes.
$ip0 = ip2long("127.0.0.1");
$ip1 = ip2long("127.0.0.254");
$ip = ip2long($_SERVER['REMOTE_ADDR']);
if ($ip0 <= $ip && $ip <= $ip1) {
echo long2ip($ip) . " is inside range " . long2ip($ip0) . "-" . long2ip($ip1);
}
else {
echo long2ip($ip) . " is outside range " . long2ip($ip0) . "-" . long2ip($ip1);
}
This would be a better approach, using regualr expression:
// returns true for IPs 127.0.0.0-255
if (preg_match("'^127[.]0[.]0[.][0-9]+'",$_SERVER['REMOTE_ADDR']))
{
header("Location: http://google.com");
}
else
{
echo "Hai";
}
EDIT: Fine, take it to another level, maybe not the most effective, but easier to configure:
$mask = "192.168.1.1-255";
$ip = explode(".",$_SERVER['REMOTE_ADDR']);
$in = 0;
foreach (explode(".",$mask) as $k => $v)
{
if (preg_match("'^([0-9]+)-([0-9]+)$'",$v,$n))
{
if ($ip[$k] >= $n[1] && $ip[$k] <= $n[2]) $in++;
}
elseif (preg_match("'^[0-9]+$'",$v,$n))
{
if ($ip[$k] == $n[0]) $in++;
}
}
if ($in == 4)
{
header("Location: http://google.com");
}
else
{
echo "Hai";
}
Here is my solution to the problem of just allowing some fixed IPs and some IP ranges:
$ClientIP = $_SERVER['REMOTE_ADDR'];
$First3PartsOfIP = substr($ClientIP, 0, strrpos($ClientIP, '.'));
$AllowedIPs = ['127.0.0.1'];
$AllowedFirst3Parts = ['172.20.8', '172.21.13'];
if (!in_array($ClientIP, $AllowedIPs) && !in_array($First3PartsOfIP, $AllowedFirst3Parts)) {
//echo "Your IP: $ClientIP<br />";
die("Access Denied!");
}
Related
I have this code:
$allowed_host = 'domain.com';
$host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
if(substr($host, 0 - strlen($allowed_host)) == $allowed_host) {
echo "ok";
} else {
echo "not ok";
exit();
}
This code based on domain but how can I check domain and php file?
If referrer page: domain.com/fromok.php {echo "ok";} else {echo "not ok";}
Your code will give you 'ok' if the request host name ends with 'domian.com', for example if it is 'adomian.com'. I assume you don't want it.
You can use
$allowed_host = 'domain.com';
$allowed_path = '/fromok.php';
$url_components = parse_url($_SERVER['HTTP_REFERER']);
if((($url_components['host'] === $allowed_host) || (substr($url_components['host'], - (strlen($allowed_host) + 1) === '.' . $allowed_host)) && ($url_components['path'] === $allowed_path)) {
echo "ok";
} else {
echo "not ok";
exit();
}
I have this code:
<?php $url = JURI::getInstance()->toString();
if ($url == "http://example.com/news/latest/"){
echo "This is latest page";
} else {
echo "This is not latest page";
}
?>
What I'm trying to do is instead of 'http://example.com/news/latest/', how can I select the pages/items under /latest/. If it makes any more sense, here's a syntax:
if ($url == "http://example.com/news/latest/" + ANYTHING UNDER THIS)
I cannot use not equal to ($url !=) since it will include other parent pages not equal to /latest/. I just want what's under it. If anyone understands it, I need help on how to put it into code.
Update:
What I'm trying to do is if the page is example.com/news/latest, it will echo "Latest". And if for example, I am in example.com/news/latest/subpage1/subpage2, it will echo "You are in a page that is under Latest." Anything beyond "Latest" will echo that.
$str = 'example.com/news/latest/dfg';
preg_match('/example.com\/news\/([^\/]+)\/?(.*)/', $str, $page);
if(isset($page[2]) && $page[2])
echo 'You are under: ' , $page[1];
elseif(isset($page[1]))
echo 'At: ' , $page[1];
else
echo 'Error';
Edit: after clarification switched to regular expression.
Use a regular expression:
$matches = array();
if((preg_match('#http://example\.com/news/latest/(.*)#', $url, $matches)) === 1) {
if(strlen($matches[0]) > 0) {
echo "You're at page: $matches[0]";
} else {
echo "You're at the root";
}
} else {
// Error, incorrect URL (should not happen)
}
EDIT: Fixed, untested so you may have to tweak it a little
I want to write a simple if statement using HTTP_ACCEPT_LANGUAGE function that redirects based on result of what the users browser language is. I am still a beginner so am obviously keeping it as simple as possible. This is what I have so far but the "if" statement needs work. Can anyone help me with a fix?
<?php
$lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
if ($lang=german) {
header("Location: http://www.example.com/german/index.html");
} else if ($lang=spanish) {
header("Location: http://www.example.com/spanish/index.html");
}
else if ($lang=french) {
header("Location: http://www.example.com/french/index.html");
}
else if ($lang=chinese) {
header("Location: http://www.example.com/chinese /index.html");
} else {
echo "<html>english content</html>";
}
?>
I don't know what your language literals are, so I'd say make them ISO language codes.
Use a switch statement, this is more readable and smaller:
$lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
switch($lang) {
case "de-DE":
case "es-ES":
case "cn-CN":
case "fr-FR":
header("Location: http://www.example.com/$lang/index.html");
break;
default:
header("Location: http://www.example.com/en-US/index.html");
break;
}
Further, you are assigning, not comparing. You compare with ==:
if ($lang == "de-DE")
Assuming you always redirect to /language/, you could do it this way:
<?php
$lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
if ( in_array( $lang,array("german","spanish","french","chinese") ) ) {
header("Location: http://www.example.com/$lang/index.html");
} else {
echo "<html>english content</html>";
}
?>
Also, the comparisons in your if need to be done with ==, it's assignment otherwise!
Try this:
<?php
$path = array(
'en-US' => 'english',
// etc
);
$accepts = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
if (in_array($accepts[0], $path)) { // if path exists for language then redirect to path, else redirect to default path (english)
header('Location: http://www.example.com/' . $path[$accepts[0]] . '/index.html');
} else {
header('Location: http://www.example.com/english/index.html');
}
?>
HTTP_ACCEPT_LANGUAGE returns not "english", but two signs symbol like "en", or region and language symbol like "en_us". You shouldn't use if statement it's hard to read. You should use array (in future you can simple write it to config files, or move to databases).
The proper code should look that:
$default_lang = 'en';
$lang_redirectors = array('de' => 'http://www.example.com/german/index.html',
'en' => 'http://www.example.com/english/index.html');
function redirect($url){
header("Location: " . $url);
}
$hal = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
$langs = explode($hal, ',');
foreach($langs as $lang){
$lang_prefix = substr($lang, 0, 2);
if(in_array($lang_prefix, $lang_redirectors)){
redirect($lang_redirectors[$lang_prefix]);
break;
}
redirect($lang_redirectors[$default_lang]);
}
<?php
$browserlang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
$lang = $browserlang[0] . $browserlang[1] . $browserlang[2] . $browserlang[3] . $browserlang[4];
if (($lang=="sk_SK") OR ($lang=="sk-SK")) {
header("Location: https://www.example.sk/sk");
}
else if (($lang=="en_EN") OR ($lang=="en-EN") OR ($lang=="en_GB") OR ($lang=="en_US") OR ($lang=="en-GB") OR ($lang=="en-US")) {
header("Location: https://www.example.sk/en");
}
else {
header("Location: https://www.example.sk/en");
}
?>
I have coded a nice script but i am constantly getting
Error on line 29: Parse error, unexpected T_IF(if)
I have tried debugging code, wasted plenty of time. But nothing, came out.
Here is my code.
<?php
include("geoip.inc");
$ip=$_SERVER['REMOTE_ADDR'];
$gi = geoip_open("GeoIP.dat",GEOIP_STANDARD);
$country_code = geoip_country_code_by_addr($gi, "$ip");
$referrer=$_SERVER['HTTP_REFERER'];
// Country name is not used so commented
// Get Country Name based on source IP
//$country = geoip_country_name_by_addr($gi, "$ip");
$real=0;
geoip_close($gi);
if(strstr(strtolower($_SERVER['HTTP_USER_AGENT']), "googlebot")) {
$real = 1;
}
else {
if ($_COOKIE['iwashere'] != "yes") {
setcookie("iwashere", "yes", time()+315360000);
if ($country_code="IN") {
if(preg_match('/google/i', $referrer)) {
$key = "g17x9erm28n7cgifddssfqhgorjf3e"; // Account API Key
$ip = $_SERVER['REMOTE_ADDR']; // IP to Lookup
$result = file_get_contents('http://www.ipqualityscore.com/api/ip_lookup.php?KEY='.$key.'&IP='.$ip);
$real=$result
//$result will be equal to 1 for detected proxies & vpns or equal to 0 for clean IP's
{if($real==0)
{setcookie("testcookie", "testvalue");
if( isset( $_COOKIE['testcookie'] ) ) {
if (isset($_POST['jstest'])) {
$nojs = FALSE;
} else {
// create a hidden form and submit it with javascript
echo '<form name="jsform" id="jsform" method="post" style="display:none">';
echo '<input name="jstest" type="text" value="true" />';
echo '<script language="javascript">';
echo 'document.jsform.submit();';
echo '</script>';
echo '</form>';
// the variable below would be set only if the form wasn't submitted, hence JS is disabled
$nojs = TRUE;
}
if ($nojs){
$real=1;
}
}
else
$real=1;
}
else
$real=1;
} else
$real = 1;
}
else {
$real = 1;
}
} }
if ($real==1) {
include_once('Biggenius1.htm');
}
?>
It is if inside. Please give me advice, on how can i avoid these error. And also is there any alternative to code such complex script with multiple nested if statements?
Please post entire code:
try this
$real = 0;
geoip_close($gi);
if (strstr(strtolower($_SERVER['HTTP_USER_AGENT']), "googlebot")) {
$real = 1;
} else {
if ($_COOKIE['iwashere'] != "yes") {
setcookie("iwashere", "yes", time() + 315360000);
if ($country_code = "IN") {
if (preg_match('/google/i', $referrer)) {
$key = "g17x9erm28n7cgifddssfqhgorjf3e"; // Account API Key
$ip = $_SERVER['REMOTE_ADDR']; // IP to Lookup
$result = file_get_contents('http://www.ipqualityscore.com/api/ip_lookup.php?KEY=' . $key . '&IP=' . $ip);
$real = $result;
//$result will be equal to 1 for detected proxies & vpns or equal to 0 for clean IP's {
if ($real == 0) {
setcookie("testcookie", "testvalue");
if (isset($_COOKIE['testcookie'])) {
if (isset($_POST['jstest'])) {
$nojs = FALSE;
} else {
}
// create a hidden form and submit it with javascript
echo '<form name="jsform" id="jsform" method="post" style="display:none">';
echo '<input name="jstest" type="text" value="true" />';
echo '<script language="javascript">';
echo 'document.jsform.submit();';
echo '</script>';
echo '</form>';
// the variable below would be set only if the form wasn't submitted, hence JS is disabled
$nojs = TRUE;
}
if ($nojs) {
$real = 1;
}
}
else
$real = 1;
}
else
$real = 1;
} else
$real = 1;
}
else {
$real = 1;
}
}
if ($real == 1) {
include_once('Biggenius1.htm');
}
On line 29, $real=$result should end in a semi-colon and on the following line {if($real==0) should be if($real==0){.
The error message is your friend, it suggested you look to line 29.
You placed a curely braces before the if condition
//$result will be equal to 1 for detected proxies & vpns or equal to 0 for clean IP's
{if($real==0)
remove it then your error wil be removed
From reading over your code, it seems like the only errors I can find are these:
{if($real==0)
And:
$real=$result
Which should be changed into:
if($real==0){
And:
$real=$result;
Here are the few errors I found:
if ($country_code="IN") : This is an assignment not comparision, will always return true
$real=$result : Missing Termination ; on the end
im looking for a way to restrict my administration page to only my own ip range
concider my ip range is 215.67..
so in php i will begin with this :
$myip = "215.67.*.*";
$myip = explode(".", $my_ip);
$userip = getenv("REMOTE_ADDR") ;
$userip = explode(".", $userip);
if ($myip[0] == $userip[0] AND $myip[1] == $userip[1] ) {
//Contunue admin
}
is there any better and more professional way to do it ?
<?php
function in_ip_range($ip_one, $ip_two=false){
if($ip_two===false){
if($ip_one==$_SERVER['REMOTE_ADDR']){
$ip=true;
}else{
$ip=false;
}
}else{
if(ip2long($ip_one)<=ip2long($_SERVER['REMOTE_ADDR']) && ip2long($ip_two)>=ip2long($_SERVER['REMOTE_ADDR'])){
$ip=true;
}else{
$ip=false;
}
}
return $ip;
}
//usage
echo in_ip_range('192.168.0.0','192.168.1.254');
?>
Taken from http://www.php.net/manual/en/function.ip2long.php#81030