Raised This Month: $ Target: $400
 0% 

~req: (HTML|PHP) Ban IP for incorrect login


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
dasha
Senior Member
Join Date: Apr 2012
Location: \%STEAM -> $_SESSION
Old 07-05-2012 , 17:59   ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #1

Hi! can anyone show me an example? I have this html and I need add some php functions, if someone fails 2 attempts, the IP will be banned, and everytime that person trie to connect to the website, the file " banned.html " will pop up

Also the admin can remove the ban.. the bans must be saved in mysql or in .txt (don't know what's better ^^)

admin.html:>



HTML Code:
admin.html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Admin Login</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<script src="js/form-elements.js" type="text/javascript"></script>
</head>
<body>
<div id="giris">
	<form action="login.php" method="post">
		<div id="kullanici">
			<input class="input" name="user" onblur="if (value =='') {value = 'Admin'}" onfocus="if (value == 'Admin') {value =''}" type="text" value="Admin" /></div>
		<div id="sifre">
			<input class="input" name="pw" onblur="if (value =='') {value = '123456'}" onfocus="if (value == '123456') {value =''}" type="password" value="123456" /></div>
		<div id="unuttum-buton">
			<div id="unuttum">
				<input class="styled" name="Checkbox1" type="checkbox" /> <span>
				<strong>Lembrar</strong> me</span></div>
			<div id="gonder-buton">
				<input class="submit" name="Submit1" type="submit" value="" /></div>
		</div>
		<div id="unuttum-madde">
			<div>
				<span></span> Esqueceu-se da <a href="r_pw.html"> <strong>Password</strong></a> o
				nome de <a href="t_un.html"><strong> Usuario?</strong></a></div>
		</div>
	</form>
</div>
</body>
</html>
I don't think u will need the css and the js..Any help thanks! <3
Attached Thumbnails
Click image for larger version

Name:	1.JPG
Views:	1918
Size:	31.8 KB
ID:	106054  

Last edited by dasha; 07-05-2012 at 18:00.
dasha is offline
fysiks
Veteran Member
Join Date: Sep 2007
Location: Flatland, USA
Old 07-05-2012 , 18:41   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #2

I recommend asking in a PHP forum.
__________________

Last edited by fysiks; 07-05-2012 at 18:41.
fysiks is offline
teol
Veteran Member
Join Date: Oct 2009
Location: Marbella
Old 07-06-2012 , 09:55   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #3

Hi,

Made it quickly, didn't try it :
PHP Code:
<?php
session_start
();
DEFINE('EMAIL''[email protected]'); //Email to contact when a ban is made
DEFINE('DASHBOARD''dashboard.php'); //Path to the page to show if login is right
DEFINE('BANNED''banned.php'); //Path to the page to show when the visitor is banned
DEFINE('BANLIST''bans.txt'); //Path to text file to log bans
DEFINE('USER''root'); //Correct User
DEFINE('PW''azerty'); //Correct Password

function getIP(){
    if (!empty(
$_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    
{
        
$ip $_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty(
$_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    
{
        
$ip $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
        
$ip $_SERVER['REMOTE_ADDR'];
    }
    return 
$ip;
}

function 
addBan($ip){
    
$handle fopen(BANLIST"a");
    
fputs($handle$ip."/n");
    
fclose($handle);
    
    
$html "<html><body>
    <p>Hello,<br />
    New banned IP : "
.$ip."</p>
    <p>PHP SCRIPT BY TEOL</p>"
//Mail body
    
mail(EMAIL'New ban'$html); //Send mail
}

function 
isBanned($ip){
    if(!isset(
$_COOKIE['admin'])){
        if(
file_exists(BANLIST){
            
$handle fopen(BANLIST"r");
            while(
$line fgets($handle)){
                if(
$line == $ip){
                    return 
true;
                }
            }
            
fclose($handle);
        }
        return 
false;
    }
    else{
        return 
true;
    }
}

$ip getIP(); //Ip set
if(!isBanned($ip)){
    if(isset(
$_POST) && !empty($_POST)){
        
extract($_POST);
        
$errors = array();
        
        if(
$user == ''){
            
$errors[] = "Please fill in your username.";
        }
        
        if(
$pw == ''){
            
$errors[] = "Please fill in your password.";
        }
        
        if(
$user != USER OR $pw != PW){ //Incorrect login
            
addBan($ip);
            
setcookie('banned''true'time() + 2*365*24*3600nullnullfalsetrue);
            
Header('Location: '.BANNED.'');
            exit;
        }
        
        if(empty(
$errors)){ //LOGIN OK
            
$_SESSION['username'] = USER//Session var, make your own
            
            
Header('Location: '.DASHBOARD.'');
            exit;
        }
    }
}
else{
    
Header('Location: '.BANNED.'');
    exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Admin Login</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<script src="js/form-elements.js" type="text/javascript"></script>
</head>
<body>
<div id="giris">
    <form action="login.php" method="post">
        <div id="kullanici">
            <input class="input" name="user" onblur="if (value =='') {value = 'Admin'}" onfocus="if (value == 'Admin') {value =''}" type="text" value="Admin" /></div>
        <div id="sifre">
            <input class="input" name="pw" onblur="if (value =='') {value = '123456'}" onfocus="if (value == '123456') {value =''}" type="password" value="123456" /></div>
        <div id="unuttum-buton">
            <div id="unuttum">
                <input class="styled" name="Checkbox1" type="checkbox" /> <span>
                <strong>Lembrar</strong> me</span></div>
            <div id="gonder-buton">
                <input class="submit" name="Submit1" type="submit" value="" /></div>
        </div>
        <div id="unuttum-madde">
            <div>
                <span>•</span> Esqueceu-se da <a href="r_pw.html"> <strong>Password</strong></a> o
                nome de <a href="t_un.html"><strong> Usuario?</strong></a></div>
        </div>
    </form>
</div>
</body>
</html>
Juste configure those few lines :
PHP Code:
DEFINE('EMAIL''[email protected]'); //Email to contact when a ban is made
DEFINE('DASHBOARD''dashboard.php'); //Path to the page to show if login is right
DEFINE('BANNED''banned.php'); //Path to the page to show when the visitor is banned
DEFINE('BANLIST''bans.txt'); //Path to text file to log bans
DEFINE('USER''root'); //Correct User
DEFINE('PW''azerty'); //Correct Password 
Set your email etc.

Then, when someone will get banned, it will add is IP Addresse to the defined txt file, and set a cookie. If he uses the same IP or he has got the cookie when he'll come back he will stay banned.
But someone with a minimal knowledge could bypass that easily.

Tell me if you have more questions or if it doesn't work.

You can also make a kiss to ANTICHRISTUS, he sent me your topic :p

EDIT : Sorry it bans when you fail only one time, I did not read carefully

Last edited by teol; 07-06-2012 at 09:58.
teol is offline
dasha
Senior Member
Join Date: Apr 2012
Location: \%STEAM -> $_SESSION
Old 07-06-2012 , 10:18   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #4

WOW thankyou so much, that's extacly what I was looking for
the only problem, when I open the file, i receive an error..

Parse error: syntax error, unexpected '{' in C:\Program Files (x86)\VertrigoServ\www\test\index.php on line 40


line 40: if(!isset($_COOKIE['admin'])){
dasha is offline
teol
Veteran Member
Join Date: Oct 2009
Location: Marbella
Old 07-06-2012 , 10:21   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #5

Line 40 is :
PHP Code:
if(file_exists(BANLIST){ 
Just change it like that :
PHP Code:
if(file_exists(BANLIST)){ 
I just added a ")".
teol is offline
dasha
Senior Member
Join Date: Apr 2012
Location: \%STEAM -> $_SESSION
Old 07-06-2012 , 10:56   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #6

Quote:
Originally Posted by teol View Post
Line 40 is :
PHP Code:
if(file_exists(BANLIST){ 
Just change it like that :
PHP Code:
if(file_exists(BANLIST)){ 
I just added a ")".
Well, is working now, iThink
thankyouuu

but i'm noob in php
the dashboard.php need to have something with require_login yes?
because for example you can go to url.com/dashboard.php ...
dasha is offline
teol
Veteran Member
Join Date: Oct 2009
Location: Marbella
Old 07-06-2012 , 11:01   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #7

Quote:
Originally Posted by dasha View Post
the dashboard.php need to have something with require_login yes?
Did not understand sorry

The dashboard is the page displaed if the entered login is okay.
teol is offline
dasha
Senior Member
Join Date: Apr 2012
Location: \%STEAM -> $_SESSION
Old 07-06-2012 , 18:19   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #8

Quote:
Originally Posted by teol View Post
Did not understand sorry

The dashboard is the page displaed if the entered login is okay.
Yes, but the file can be opened only when you login, how to do it?
Because i suppose anyone can go to mysite.com/dashboard.php
dasha is offline
teol
Veteran Member
Join Date: Oct 2009
Location: Marbella
Old 07-07-2012 , 02:58   Re: ~req: (HTML|PHP) Ban IP for incorrect login
Reply With Quote #9

PHP Code:
<?php
session_start
();

if(empty(
$_SESSION['username'])){
    die(
"You're not logged in");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Admin Login</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<script src="js/form-elements.js" type="text/javascript"></script>
</head>
<body>
<div id="giris">
    <form action="login.php" method="post">
        <div id="kullanici">
            <input class="input" name="user" onblur="if (value =='') {value = 'Admin'}" onfocus="if (value == 'Admin') {value =''}" type="text" value="Admin" /></div>
        <div id="sifre">
            <input class="input" name="pw" onblur="if (value =='') {value = '123456'}" onfocus="if (value == '123456') {value =''}" type="password" value="123456" /></div>
        <div id="unuttum-buton">
            <div id="unuttum">
                <input class="styled" name="Checkbox1" type="checkbox" /> <span>
                <strong>Lembrar</strong> me</span></div>
            <div id="gonder-buton">
                <input class="submit" name="Submit1" type="submit" value="" /></div>
        </div>
        <div id="unuttum-madde">
            <div>
                <span>•</span> Esqueceu-se da <a href="r_pw.html"> <strong>Password</strong></a> o
                nome de <a href="t_un.html"><strong> Usuario?</strong></a></div>
        </div>
    </form>
</div>
</body>
</html>
You can change the html code . If someone tries to access to dashboard, the only thing displayed will be "You're not logged in".
teol is offline
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 02:43.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode