0c36a298fc7f7c41cb08d12a65a609b1

I'm trying to get this to work, but am absolutely stumped at why it is NOT working. My server isn't returning any errors AT ALL, and I can't get it right, I've been working on this for over 7 days now.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
$host = "host";
$user = "user";
$pass = "password";
$db = "database";

mysql_connect($host,$user,$pass);
mysql_select_db($db);

?>

<!-- HTML part for the form-->

<form method="post">
<table>
  <tr>
   <td align=left> Name: </td><td><input type="text" name="naam" size="20" maxlength="20"></td>
  </tr>

  <tr>
   <td align=left> Message: </td><td><input type="text" name="bericht" size="100" maxlength="100"></td>
  </tr>

  <tr>
   <td><input class="button" type="submit" name="submit" value="Add it!"></td>
  </tr>
</table>
</form>


<?

$banned_ips = array('127.0.0.1','255.255.255.0','localhost');
// Determine the poster's IP address
function getip()
    {
        if(isset($_SERVER['HTTP_CLIENT_IP']))
        {
            $ip = $_SERVER['HTTP_CLIENT_IP'];
        } else {
            if(getenv('HTTP_X_FORWARDED_FOR'))
            {
                $ip = getenv('REMOTE_ADDR');
                if(preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip3))
                {
                    $ip2 = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
                    $ip = preg_replace($ip2, $ip, $ip3[1]);
                }
            } else {
                $ip = getenv('REMOTE_ADDR');
            }
            if($ip == "")    $ip = "x.x.x.x";
        }
            return $ip;
}

$IPbezoeker = getip(); 

$tijd = date("d/m/y - H:i:s");
$tijd2 = time();
$naam = $_POST['naam'];
$bericht = $_POST['bericht'];



if(isset($_POST['submit'])){

	if (in_array("$IPbezoeker",$banned_ips)){

		$ip_check = "true";
	
} else {
	
	if (!(in_array("$IPbezoeker",$banned_ips))){
		
		$ip_check = "false";
	
}}


	if($ip_check = "false"){
	
		mysql_query ("INSERT INTO berichten (naam, bericht, ip, tijd, tijd2) VALUES ('$naam','$bericht','$IPbezoeker','$tijd','$tijd2')");
		echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
		echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
		echo "Your ip is $IPbezoeker";

} else {

	if(isset($_POST['submit']) AND $ip_check = "true"){
	
		echo "Sorry, but you can't post messages anymore. You have been banned for misuse of the system!";
		echo "Your ip is $IPbezoeker";

}}}

mysql_close();
?>

Refactorings

No refactoring yet !

C097648c7afc6e2c2065916cb371d23d

Marco Kranenburg

November 4, 2007, November 04, 2007 13:47, permalink

3 ratings. Login to rate!

I think the problem is located in lines 66-78. I would prefer this code:

"if(!(in_array" is not correctly copied... 

1
2
3
4
5
6
if(isset($_POST['submit'])){
	$ip_check = "false";
	if (in_array("$IPbezoeker",$banned_ips)){
		$ip_check = "true";
	}
}
441c4f02db55ef2cbe96027af7012e01

techietim

November 4, 2007, November 04, 2007 14:16, permalink

2 ratings. Login to rate!

1) You should using true and false as booleans, not strings
2) It should be a double equal sign (==), not a single, in the if statements.

Avatar

KangOl

November 4, 2007, November 04, 2007 15:58, permalink

2 ratings. Login to rate!

start with a good indentation and your code will cleaner...

0c36a298fc7f7c41cb08d12a65a609b1

Elnaeth

November 4, 2007, November 04, 2007 19:10, permalink

No rating. Login to rate!

I got the code to work, here it is:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<title>- Spidey 666 - Add a message!</title>

<?php



$host = "";
$user = "";
$pass = ";
$db = "";

mysql_connect($host,$user,$pass);
mysql_select_db($db);

?>

<!-- HTML gedeelte voor het formuliertje -->

<form method="post">
<table>
  <tr>
   <td align=left> Name: </td><td><input type="text" name="naam" size="20" maxlength="20"></td>
  </tr>

  <tr>
   <td align=left> Message: </td><td><input type="text" name="bericht" size="100" maxlength="100"></td>
  </tr>

  <tr>
   <td><input class="button" type="submit" name="submit" value="Add it!"></td>
  </tr>
</table>
</form>

<br><br><br><br>
Keep in mind, misuse WILL get you banned from posting! Use common sense and don't spam and it'll all work out ^^
<br><br><br><br>


<?

$banned_ips = array();


function getip()
    {
        
        if(isset($_SERVER['HTTP_CLIENT_IP']))
        {
            $ip = $_SERVER['HTTP_CLIENT_IP'];
        } else {
            if(getenv('HTTP_X_FORWARDED_FOR'))
            {
                $ip = getenv('REMOTE_ADDR');
                if(preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip3))
                {
                    $ip2 = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
                    $ip = preg_replace($ip2, $ip, $ip3[1]);
                }
            } else {
                $ip = getenv('REMOTE_ADDR');
            }
            if($ip == "")    $ip = "x.x.x.x";
        }
            return $ip;
}

$IPbezoeker = getip(); 

$tijd = date("d/m/y - H:i:s");
$tijd2 = time();
$naam = $_POST['naam'];
$bericht = $_POST['bericht'];



if(isset($_POST['submit'])){

	$ip_check = in_array($IPbezoeker,$banned_ips) ? false : true;

if ($ip_check) {
   mysql_query ("INSERT INTO berichten (naam, bericht, ip, tijd, tijd2) VALUES ('$naam','$bericht','$IPbezoeker','$tijd','$tijd2')"); 
   echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
   echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
 
}
else {
   echo "Sorry, but you can't post messages anymore. You have been banned for misuse of the system!";
}} 

mysql_close();
?>
Avatar

JWvdVeer

November 6, 2007, November 06, 2007 17:34, permalink

No rating. Login to rate!

Hey Nederlander,
let effe netjes op je syntax. Check bijvoorbeeld die kleurtjes, dat kan zeker wel beter...
Daarnaast kan ik nu al zien dat je html nooit valid kan zijn...
>>>>
echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
<<<<
Houd de Nederlandse reputatie op dit site een klein beetje hoog wil je? :P

English translation:
Hey Dutchman,
Check your syntax. See for example your the colors of your code, that can be much better...
Besides that, I can see that you cannot possible have valid HTML.
>>>>
echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
<<<<
Keep up our dutch repution for a bit please...

3d4eeaae73e099895cffeedb7844a5ef

poensupespect

April 30, 2008, April 30, 2008 23:18, permalink

No rating. Login to rate!

A good supervisor can step on your toes without messing up your shine.


----------------------------------------------------------------------------------------------------
http://ebloggy.com/harleyvargasiy

Your refactoring





Format Copy from initial code

or Cancel