Every once in a while, you get a few users who are just too pesky. Well in this tutorial I will show you how to create a full IP banning system! How it works:
1. You enter IP into admin panel
2. IP is entered into database
3. Every page load, the database is checked against the visitors IP - and if it's in there then we redirect them to a ban message
Sounds simple, because it is. First we'll need to run a query to set up the database. Not everyone has knowledge of phpMyAdmin, and as I really can't be bothered to go through it, we'll just make a file to install it for us. Create a new PHP file and call it install.php. It doesn't matter what you call this because after it's done you'll be deleting it.
You will also need a database connection page for this, if you do not have one, follow the first step in our tutorial on echoing mySQL data. For ease of time, I've added mouseovers to help you with the code line by line throughout this tutorial:
[PHP]<?
include("connect.php";
CREATE TABLE `banned` (
`ip` TEXT NOT NULL ,
`reason` TEXT NOT NULL
) ENGINE = MYISAM ;
echo "installed!";
?> [/PHP]
Now that you've got this saved, upload it to your server, and visit it in your browser (e.g yoursite.com/install.php). Now delete the file! This is important as anyone could just visit that page and then oh dear. Now that we have the database set up, we'll need an admin page to insert the data! Now this page will not be protected, however you could easily do it yourself with IPs or cookies. Call this page ip-admin.php.
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IP Ban Manager v1.0 by Julian Thompson</title>
</head>
<body>
<form id="ipban" name="ipban" method="post" action="/banip.php">
IP
<label>
<input name="ip" type="text" id="ip" />
</label>
banned because
<label>
<input name="reason" type="text" id="reason" />
</label>
<label>
<input type="submit" name="Submit" value="Ban That IP!" />
</label>
</form>
<?
include("connect.php");
$getips = @mysql_query("SELECT * FROM banned ORDER BY reason ASC");
while($row = mysql_fetch_array($getips)) {
echo "[unban-ip.php?ip=$row[ip]\" title=\"Unban this IP!\">X</a>] $row[ip] (banned for $row[reason])
";
}
?>
</body>
</html> I haven't commented this page because really I shouldn't have to, very basic XHTML displaying a form. Basically it has your two inputs (one for the IP and the other for the reason) and a form tag, taking us to banip.php. What I have commented up there is the PHP, echoing out IPs that are already banned and providing a link to unban them.
So now we have our form to ban IPs and a link to unban IPs. All we need now is banip.php and unban-ip.php (might want to alter unban-ip.php's name, otherwhise anyone could find the URL and unban themselves). I'm just going to bam these two pages at you, as I have given mouse-over hints throughout.
Code: Select all
<?php banip.php
<?
include("connect.php";
$ip = htmlspecialchars($_POST['ip'], ENT_QUOTES);
$re = htmlspecialchars($_POST['reason'], ENT_QUOTES);
@mysql_query("INSERT INTO banned (ip, reason) VALUES ('$ip', '$re')")or die(mysql_error());
header("Location: /ip-admin.php";
?>
unban-ip.php
<?
include("connect.php";
$ip = $_GET['ip'];
@mysql_query("DELETE FROM banned WHERE ip='$ip'";
header("Location: /ip-admin.php";
?> Now you'll need some code to check if the visiting IP is banned or not. Place this on every page you want the user to be banned from:
[PHP]<?php
$ip = $_SERVER['REMOTE_ADDR'];
$getips = mysql_query("SELECT * FROM banned WHERE ip='$ip'";
if(mysql_num_rows($getips)) !== 0) {
$v = mysql_fetch_array($getips);
echo "Sorry, you have been banned because $v['reason']";
}
[/PHP]
Done...
Credit by Julian Thompson..
