certain php code request

Page 1 of 2

10/26/2011 02:22 PowerChaos#1

Dear noobs and pro's

i know that this post has not mutch to do with eo
but it is still used for eo ( my online checker script) as i want to get powerchaos.info back online so it can be used
but before i put it back online i need to have a good script that does his work instead a messy script (you will see what is changed as soon it is ready to go live)

i like to know who are the scripters here because i got a small request for them

i am searching for a way to block invalid ip's that get submitted with a form

to give a example

ip 258.12.20.14 is invalid

invalid is 192.168.1.1 (private lan network)

i got already a way to block hamachi ip's
i got in meantime a way to block all invalid ip's but for 1 of other reason it allows a few to get true

would some1 be nice to point me to the error or fix the error for me ?

a own code that does the same would be nice to :D

demo of below code can be found at [Only registered and activated users can see links. Click Here To Register...]

PHP Code:


			
                    $validipcheck1 = "^([1-9]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $validipcheck2 = "^([1-2]{1,1})+([0-9]{1,2})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $hamachiip = "^([5]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $local1 = "^([1]{1,1})+([9]{1,1})+([2]{1,1})+\.([1]{1,1})+([6]{1,1})+([8]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $local2 = "^([1]{1,1})+([0]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $range1 = "^([1]{1,1})+([7]{1,1})+([2]{1,1})+\.([1-2]{1,1})+([6-9]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $range2 = "^([1]{1,1})+([7]{1,1})+([2]{1,1})+\.([3]{1,1})+([0-2]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $subcheck1 = "^([2-9]{1,1})+([5-9]{1,1})+([5-9]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $subcheck2 = "^([0-9]{1,3})+\.([2-9]{1,1})+([5-9]{1,1})+([5-9]{1,1})+\.([0-9]{1,3})+\.([0-9]{1,3})$";
                    $subcheck3 = "^([0-9]{1,3})+\.([0-9]{1,3})+\.([2-9]{1,1})+([5-9]{1,1})+([5-9]{1,1})+\.([0-9]{1,3})$";
                    $subcheck4 = "^([0-9]{1,3})+\.([0-9]{1,3})+\.([0-9]{1,3})+\.([2-9]{1,1})+([5-9]{1,1})+([5-9]{1,1})$";
                    if ((eregi($subcheck1, $ip)) OR (eregi($subcheck2, $ip)) OR (eregi($subcheck3, $ip)) OR (eregi($subcheck4, $ip)) OR (eregi($local1, $ip)) OR (eregi($local2, $ip)) OR (eregi($range1, $ip)) OR (eregi($range2, $ip)))
                            {
                            $sub == 1;
                            }
                            
                            if  ((!eregi($validipcheck1, $ip)) OR (!eregi($validipcheck2, $ip)) OR ( $sub == 1 ))
                            {
                            $proceed = 0;
                            $end = 1;
                                echo "<blockquote>
                                                      <p>
                                                          “Server ip adress is Not Allowed , Please fill in a differend ip adress.”
                                                      </p>
                                                  </blockquote>";
                            }
                            else if ((eregi($validipcheck1, $ip)) OR (eregi($validipcheck2, $ip)))
                            {
                            $proceed = 0;
                            $end = 1;
                                echo "<blockquote>
                                                      <p>
                                                          “Valid ip match.”
                                                      </p>
                                                  </blockquote>";
                            }

the user who can fix this and can show that it works get free Lifetime Premium hosting from me :P

to point it in small what need to be done

block private lan adresses
192.168.0.0 – 192.168.255.255
172.16.0.0 – 172.31.255.255
10.0.0.0 – 10.255.255.255
5.0.0.0 - 5.255.255.255
block invalid ip adresses ( like 256 or higher in any block )
check for 3 dots (valid ip adress )

this is what the script still failt to do

block invalid ip adresses ( 256.25.21.20 = working )
allow short ip adresses ( 1.1.1.1 = fail )
allow some valid ip adresses ( 205.25.25.25 = fail )

enjoy the fun :D
Greetings From PowerChaos

10/26/2011 02:31 ~*Kronic*~#2

If you would explain what it is intended to do a little more I would be happy to help. You are just trying to block any ips that are local and hamachi?

10/26/2011 02:37 PowerChaos#3

indeed
my form submits the server ip ( game server)
and because i know that there are a lot of people ( including bots) that submit wrong ip's
so i like to prevent wrong submision

a wrong ip gives me a lot of server load as my script checks every ip on the provided port to know if it is open or not ( status checking script for private games)

[Only registered and activated users can see links. Click Here To Register...] <-- thats what it shows after submision so far

hopely by looking at the above link you got a better idea of what it going be and why i definaly need that ip security

the ip security get used to to prevent local submisions (as best thing ever i saw was 192.168.1.1 as submision ip )

Greetings From PowerChaos

ps: form get submitted and posted into a database and then included in my ip checking script to see if ports are open , thats all it does

10/26/2011 02:55 ~*Kronic*~#4

All I have to say at the moment is that eregi is a very bad function to use as it is slow and outdated (using str functions is better)... but I fear this topic will be closed and/or locked. If not I will be happy to help tomorrow :)

EDIT: The echo statements are also not correct formatting, that may be where your problem lies?

10/26/2011 03:10 PowerChaos#5

Quote:

Originally Posted by ~*Kronic*~

EDIT: The echo statements are also not correct formatting, that may be where your problem lies?

if i want to write it like this

PHP Code:


			
echo "
t
h
e
s
t
";

then it still shows like this

Code:

test

so that echo output does not mather :P

it goes realy only about the checks , but i included the 2 echo's on it to know what it give or should give ( not true/false , but a value if equal )

the script itself got even a email script build in on the same "messy" way as that echo ^^

Greetings From PowerChaos

10/26/2011 06:07 hio77#6

tbh that code is pretty clean, clean and short are two very different things.. ill have a look over it if i get a chance for you.. allthough im not the best on eregs..

10/26/2011 12:14 PowerChaos#7

Quote:

Originally Posted by hio77

tbh that code is pretty clean, clean and short are two very different things.. ill have a look over it if i get a chance for you.. allthough im not the best on eregs..

it does not neeed to be in eregs

it can be kinda the same way or a other way

the only thing that counts for me is that it works and does what it need to do

so it blocks unwanted ip's and invalid ips (like explained above)

Greetings From PowerChaos

10/26/2011 18:23 idlemonkey#8

Im no master scripter but maybe you can make some good use of this ...

10/26/2011 18:23 Eurion#9

Here's a fast write up, I did. I tested it on a few of the IP's you provided and it seems to be working fine.

Here's the PHP Code:

Code:

<?php
$host = "YourHost"; //Server Host
$db_user = "YourDbUser"; //Database User
$db_pass = "YourDbPass"; //Db Password
$connect = mysql_connect($host, $db_user, $db_pass) OR DIE(mysql_error());
$db_name = "YourDatabase"; //Db Name
//Invalid Ip Checker
function check_ip($IP1) 
{ 
global $connect;
mysql_select_db($db_name);
$IP1 = $IP1; 
$result = mysql_query("SELECT * FROM invalid_ip WHERE active='1'") OR DIE(mysql_error()); 
while($row = mysql_fetch_array($result)) 
{ 
$StartIP = $row['start']; 
$EndIP   = $row['end']; 
if ($IP1 >= $StartIP && $IP1 <= $EndIP) 
{ 
$IP1 = "0";
} 
} 
return $IP1; 
}        
?>

<form action="" method="POST">
<table>
<tr><td>Ip:</td><td><input type="text" name="ip"></td></tr>
<tr><td></td><td><input type="submit" name="check" value=" Check IP "></td></tr>
</table>
</form>
<br />
<br />
<?php
If(ISSET($_POST['check']))
{
global $connect; //Makes the connection variable Global   
$ip = mysql_real_escape_string($_POST['ip']); //Grab the Entered IP
$valid_ip = (check_ip($ip) == '0' ? "No" : "Yes"); //Ternary Check of Invalid Ips. Runs off of the function
$ip_nums = explode('.', $ip);  //Seperates the $ip variable so it can count the blocks
$periods = count($ip_nums) - 1; // Takes the seperate IP blocks, and counts them, then minus's by 1 to get true value.

//Check to make sure each ip block isnt greater than 255
If($ip_nums[0] > 255 || $ip_nums[1] > 255 || $ip_nums[2] > 255 || $ip_nums[3] > 255)
{
 echo 'Sorry Ips can not be larger than 255';    
}
ElseIf($periods != 3) //Check Periods to make sure there are only 3 periods.
{
 echo "Sorry you don't have enough periods in your IP.";   
}
ElseIf($valid_ip == "No")//Runs the Ip check to see if the entered IP is in the invalid list.
{
 echo "Sorry the IP you entered is invalid.";   
}
Else
{
 echo "It worked!!!!";   
} 
}    
?>

Here's the Mysql Table for the invalid IP checker

Code:

DROP TABLE IF EXISTS `invalid_ip`;
CREATE TABLE `invalid_ip` (
  `id` int(15) NOT NULL auto_increment,
  `start` varchar(20) NOT NULL default '',
  `end` varchar(20) NOT NULL default '',
  `active` enum('0','1') NOT NULL default '0',
  PRIMARY KEY  (`id`)
) TYPE=MyISAM;

/* Insert Invalid Ip Ranges that we know of */
INSERT INTO `invalid_ip` VALUES 
('1', '192.168.0.0', '192.168.1.255.255', '1'),
('2', '172.16.0.0', '172.31.255.255', '1'),
('3', '10.0.0.0', '10.255.255.255', '1'),
('4', '5.0.0.0', '5.255.255.255', '1');

I had it set up to a form on my test page. But by following the comments, you should be-able to tell what each section does.

10/26/2011 21:06 Thorlon#10

Nice job Eurion, im sure Powerchaos will be very grateful.:)

10/26/2011 23:58 PowerChaos#11

Quote:

Originally Posted by idlemonkey

Im no master scripter but maybe you can make some good use of this ...

it is a nice script
but the checks are failing
i can not add every single ip range to a txt file to lookup the check

the 3 dot check is missing , the 255+ is missing and the ip range check is missing

but for the rest it is a nice script :D

Quote:
Originally Posted by Eurion
Here's a fast write up, I did. I tested it on a few of the IP's you provided and it seems to be working fine.

Here's the Mysql Table for the invalid IP checker
Code:
('1', '192.168.0.0', '192.168.1.255.255', '1'),
I had it set up to a form on my test page. But by following the comments, you should be-able to tell what each section does.

Thank you for the code
but you messed up a little part ( the part i quoted :P )

if it works then i let you know , i still need to edit a lot from it as my script got a own database already
but atleast the function/check part is what i need and then i can implent it into my script

Thank you
Greetings From PowerChaos

Thank you Eurion,
i can confirm that this code works like it need to be
i can even block proxy's from submitting and can do a lot more now with the example you provided to me

it is a bit differend code then i was thinking , but atleast it works perfect like it need to be ( easy to add new blocks and to add other security to it )

please send me a pm for the coupon code of the lifetime hosting (so i know if you realy want it ^^ )

Greetings From PowerChaos

10/27/2011 02:39 Eurion#12

Thanks for the offer PowerChaos, but I'm in no need for a membership :) Perhaps you can give it to someone else who is in need of it.

10/27/2011 05:03 PowerChaos#13

The site is live now

i made a new topic so users can request what need to be added or what they like to have added

your code is realy nice and easy
exactly what i needed
in meantime i was finishing the script as the submit script is the most work ( it need a lot of checks :P )

Thank you
Greetings From PowerChaos

10/27/2011 05:08 Thorlon#14

I don't want to be pushy but if you are willing to give away the vps i would be very interested :)

10/27/2011 05:11 PowerChaos#15

Quote:

Originally Posted by Thorlon

I don't want to be pushy but if you are willing to give away the vps i would be very interested :)

who is talking about a vps ??

Quote:

the user who can fix this and can show that it works get free Lifetime Premium hosting from me :P

premium hosting = 10GB space , 300GB traffic ... and so on (its a hosting package from me with a value of 3€ per month )

anyway , i leave the desision totaly up to eurion or i can give it away as a other reward when needed :P

Greetings From PowerChaos

Page 1 of 2