473,395 Members | 1,383 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > limiting access by reading server logs and matching against client ip address.

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Limiting access by reading server logs and matching against client IP address.

Basically,

I have a email script which (on the sending of the email) writes into a file handle called $fcf (on a new line) with the senders ip address ($ipaddress) and the time on which they sent their email ($time) in this format: $ipaddress--$time on a new line in $fcf.

I am new to php and if someone could convert my normal language into PHP scripting I would be very grateful.
Expand|Select|Wrap|Line Numbers
  1. if ($fcf contains $_SERVER['REMOTE_ADDR'] with time() [giving a time offset anywhere between 0 and 500 seconds ago]) {
  2. [continue the script]
Thanks

(This is the full code:
[PHP]<?php

$subject = $_POST['subject'];
$message = $_POST['message'];
$time = $_SERVER['REQUEST_TIME'];
$ipaddress = $_SERVER['REMOTE_ADDR'];
$fcfdata = "$ipaddress--$time\n";
include 'config.inc.php';
$fcf = fopen($floodcontrolfile, 'a+');
$fcfread = fread($fcf);

//if ($fcf contains $_SERVER['REMOTE_ADDR'] with time() [giving a time offset anywhere between 0 and 500 seconds ago]) {

if ($subject == "") {

echo '
<script language="Javascript">
<!--
alert ("The message contained no subject. Redirecting you to the homepage.")
//-->
</script>
';
echo ' <META HTTP-EQUIV="refresh" CONTENT="2;URL=';
echo $homepage;
echo ' ">';
echo ' <h1> Redirecting... ( Error! No Subject! ) </h1>';
exit();

}

elseif (mail($to, $subject, $message, $headers)) {
fwrite($fcf, $fcfdata);
echo '
<script language="Javascript">
<!--
alert ("Message sent. Redirecting you to the homepage.")
//-->
</script>
';
echo ' <META HTTP-EQUIV="refresh" CONTENT="2;URL=';
echo $homepage;
echo ' ">';
echo ' <h1> Redirecting... ( Sent! ) </h1>';
exit();

} else {

echo '
<script language="Javascript">
<!--
alert ("Error sending message. Redirecting you to the homepage.")
//-->
</script>
';
echo ' <META HTTP-EQUIV="refresh" CONTENT="3;URL=';
echo $homepage;
echo ' ">';
echo ' <h1> Redirecting ( Error Sending Message! Try Again! ) </h1>';
exit();

}[/PHP]
Sep 1 '07 #1
7 1839
Atli
5,058 Expert 4TB
Hi.

Are you only trying to check whether the user with a given IP address has sent anything recently?

If so you should consider some alternate methods. Your method would require you to read through the entire file every time, which will take up more and more resources as the file gets longer.

If you were to use Sessions, you could simply write the current time to the session and then check that field each time before you send an email. You wouldn't even have to save the IP address.
Sep 1 '07 #2
Are you only trying to check whether the user with a given IP address has sent anything recently?
Yep

If so you should consider some alternate methods. Your method would require you to read through the entire file every time, which will take up more and more resources as the file gets longer.
I was going to add a part that deletes the IP Address/Time once it expires

If you were to use Sessions, you could simply write the current time to the session and then check that field each time before you send an email. You wouldn't even have to save the IP address.
How would I do that?
Sep 2 '07 #3
Atli
5,058 Expert 4TB
Sessions are very easy to use. I wrote an article on them, if you want to know the basics.

In your case, you would simply have to check if a session variable exists before you send your email. If it does not, then create it and set it's value to the current time. If it does, make sure that that the time value it contains is older than the time you want to elapse.

That could be accomplished somewhat like this:
Expand|Select|Wrap|Line Numbers
  1. // Start session
  2. session_start();
  3.  
  4. // Check the session variable exists
  5. if(isset($_SESSION['LastSent'])) {
  6.   // Check if a post was made in the last 5 seconds
  7.   if($_SESSION['LastSent'] > time() + 5) {
  8.     die("You have already sent a message in the last 5 seconds!");
  9.   }
  10. }
  11. // Set the session variable to the current time
  12. $_SESSION['LastSent'] = time();
  13.  
  14. // Send your mail
  15. // <your code here>
  16.  
  17.  
Sep 2 '07 #4
pbmods
5,821 Expert 4TB
Changed thread title to better describe the problem (did you know that threads whose titles do not follow the Posting Guidelines actually get FEWER responses?).
Sep 2 '07 #5
I would recommend using a database to store IP addresses, sessions can easily be lost,destroyed, or changed.
When someone is attempting to send use this.
[PHP]
<?php
$sql = 'SELECT id FROM ips WHERE ip="'.$_SERVER['REMOTE_ADDR'].'" AND lastsent <= UNIX_TIMESTAMP()-500 LIMIT 1';
$res = mysql_query($sql);
if(mysql_num_rows($res) > 0){
//Deny
}else{
//allow
}
?>
[/php]
When its sent use this.
[php]
<?php
//Clean out any old sends. you could do this with select if found update else insert if you want
$sql = 'DELETE FROM ips WHERE ip="'.$_SERVER['REMOTE_ADDR'].'" LIMIT 1';
mysql_query($sql);
$sql = 'INSERT INTO ips VALUES(``,"'.$_SERVER['REMOTE_ADDR'].'",UNIX_TIMESTAMP())';
mysql_query($sql);
?>
[/php]

I recomend a structure of
Expand|Select|Wrap|Line Numbers
  1. int id `20` PRIMARY AUTO_INC
  2. varchar ip `15`  PRIMARY
  3. int lastsent `10` PRIMARY
Sep 2 '07 #6
thanks, ill try and implement that.
Sep 2 '07 #7
Atli
5,058 Expert 4TB
I would recommend using a database to store IP addresses, sessions can easily be lost,destroyed, or changed.
Sessions can only be used by the server. So unless you plan on throwing in random session_destroy() calls, your sessions are pretty safe.

Databases are also a pretty good way of doing this, but they do tend to use more resources and they are, in my opinion, not to be used for data that you do not want to keep. That is to say; you should avoid using your databases as a temporary storage, they should used for long-term storage. Especially if there are other, easier, ways to accomplish the same functionality.
Sep 2 '07 #8

Sign in to post your reply or Sign up for a free account.

Similar topics

3
ERROR 1045: Access denied for user
by: dstewart | last post by:
Situation: One common MySQL database server on SuSE 9.1 with all updates. Uses 'rinetd'. Has entries for the appropriate IP addresses of all servers. NOTE: If the appropirate entries are NOT in...
MySQL Database
4
Placing Access Data On SQL
by: BerkshireGuy | last post by:
Our IT department wants to place our Access 2000 tables on an SQL server due to the fact the tables are quite large. With that said, can we still use the Access queries or do we have to do...
Microsoft Access / VBA
47
Advice needed: Should we upgrade MS Access 2000? And if so to what?
by: ship | last post by:
Hi We need some advice: We are thinking of upgrading our Access database from Access 2000 to Access 2004. How stable is MS Office 2003? (particularly Access 2003). We are just a small...
Microsoft Access / VBA
10
UDP socket problem - not receiving data form server
by: Jim H | last post by:
I have a UDP socket that sends out a request on a multicast socket and waits for a response. This client is not listening on a multicast IP but the local IP. The server (UNIX) responds to the...
C# / C Sharp
4
Can't see the forest for the trees - when reading file, only processingfirst line
by: News | last post by:
Hi Everyone, The attached code creates client connections to websphere queue managers and then processes an inquiry against them. The program functions when it gets options from the command...
Python
10
Access 03 query question
by: Robert | last post by:
I am an attorney in a non-profit organization and a self-taught programmer. I'm trying to create a client db that will allow me to search for potential conflicts of interest based either on Social...
Microsoft Access / VBA
12
data access
by: Hugh Welford | last post by:
hi Running an asp site on win/IIs/MSACCESS with a database reaching 45 meg. Responses seem a little slow. Could anyone provide a checklist of things to look at to optimise data access on this...
ASP / Active Server Pages
3
Apache access times out
by: Sidu | last post by:
Ok well i'm still very new to apache, mysql, and php.. let me explain everything i have set up.. I have installed Appserv, for those of you who are unfamiliar with it.. it installs mysql, php,...
Apache Web Server
2
Access Value of a control on another page
by: RSH | last post by:
I have a situation where I have a page called "HiddenFrame.aspx" that contains a public property exposing the value of a textbox called "TextBox1" that is in a hiddenframe. Loaded in the main...
ASP.NET
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!