1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
<?php $host = "host"; $user = "user"; $pass = "password"; $db = "database"; mysql_connect($host,$user,$pass); mysql_select_db($db); ?> <!-- HTML part for the form--> <form method="post"> <table> <tr> <td align=left> Name: </td><td><input type="text" name="naam" size="20" maxlength="20"></td> </tr> <tr> <td align=left> Message: </td><td><input type="text" name="bericht" size="100" maxlength="100"></td> </tr> <tr> <td><input class="button" type="submit" name="submit" value="Add it!"></td> </tr> </table> </form> <? $banned_ips = array('127.0.0.1','255.255.255.0','localhost'); // Determine the poster's IP address function getip() { if(isset($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } else { if(getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('REMOTE_ADDR'); if(preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip3)) { $ip2 = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/'); $ip = preg_replace($ip2, $ip, $ip3[1]); } } else { $ip = getenv('REMOTE_ADDR'); } if($ip == "") $ip = "x.x.x.x"; } return $ip; } $IPbezoeker = getip(); $tijd = date("d/m/y - H:i:s"); $tijd2 = time(); $naam = $_POST['naam']; $bericht = $_POST['bericht']; if(isset($_POST['submit'])){ if (in_array("$IPbezoeker",$banned_ips)){ $ip_check = "true"; } else { if (!(in_array("$IPbezoeker",$banned_ips))){ $ip_check = "false"; }} if($ip_check = "false"){ mysql_query ("INSERT INTO berichten (naam, bericht, ip, tijd, tijd2) VALUES ('$naam','$bericht','$IPbezoeker','$tijd','$tijd2')"); echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>"; echo "<meta http-equiv='Refresh' content='2; url=index.php'>"; echo "Your ip is $IPbezoeker"; } else { if(isset($_POST['submit']) AND $ip_check = "true"){ echo "Sorry, but you can't post messages anymore. You have been banned for misuse of the system!"; echo "Your ip is $IPbezoeker"; }}} mysql_close(); ?>
Refactorings
No refactoring yet !
Marco Kranenburg
November 4, 2007, November 04, 2007 13:47, permalink
I think the problem is located in lines 66-78. I would prefer this code:
"if(!(in_array" is not correctly copied...
1 2 3 4 5 6
if(isset($_POST['submit'])){
$ip_check = "false";
if (in_array("$IPbezoeker",$banned_ips)){
$ip_check = "true";
}
}
techietim
November 4, 2007, November 04, 2007 14:16, permalink
1) You should using true and false as booleans, not strings
2) It should be a double equal sign (==), not a single, in the if statements.
KangOl
November 4, 2007, November 04, 2007 15:58, permalink
start with a good indentation and your code will cleaner...
Elnaeth
November 4, 2007, November 04, 2007 19:10, permalink
I got the code to work, here it is:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
<title>- Spidey 666 - Add a message!</title> <?php $host = ""; $user = ""; $pass = "; $db = ""; mysql_connect($host,$user,$pass); mysql_select_db($db); ?> <!-- HTML gedeelte voor het formuliertje --> <form method="post"> <table> <tr> <td align=left> Name: </td><td><input type="text" name="naam" size="20" maxlength="20"></td> </tr> <tr> <td align=left> Message: </td><td><input type="text" name="bericht" size="100" maxlength="100"></td> </tr> <tr> <td><input class="button" type="submit" name="submit" value="Add it!"></td> </tr> </table> </form> <br><br><br><br> Keep in mind, misuse WILL get you banned from posting! Use common sense and don't spam and it'll all work out ^^ <br><br><br><br> <? $banned_ips = array(); function getip() { if(isset($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } else { if(getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('REMOTE_ADDR'); if(preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip3)) { $ip2 = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/'); $ip = preg_replace($ip2, $ip, $ip3[1]); } } else { $ip = getenv('REMOTE_ADDR'); } if($ip == "") $ip = "x.x.x.x"; } return $ip; } $IPbezoeker = getip(); $tijd = date("d/m/y - H:i:s"); $tijd2 = time(); $naam = $_POST['naam']; $bericht = $_POST['bericht']; if(isset($_POST['submit'])){ $ip_check = in_array($IPbezoeker,$banned_ips) ? false : true; if ($ip_check) { mysql_query ("INSERT INTO berichten (naam, bericht, ip, tijd, tijd2) VALUES ('$naam','$bericht','$IPbezoeker','$tijd','$tijd2')"); echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>"; echo "<meta http-equiv='Refresh' content='2; url=index.php'>"; } else { echo "Sorry, but you can't post messages anymore. You have been banned for misuse of the system!"; }} mysql_close(); ?>
JWvdVeer
November 6, 2007, November 06, 2007 17:34, permalink
Hey Nederlander,
let effe netjes op je syntax. Check bijvoorbeeld die kleurtjes, dat kan zeker wel beter...
Daarnaast kan ik nu al zien dat je html nooit valid kan zijn...
>>>>
echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
<<<<
Houd de Nederlandse reputatie op dit site een klein beetje hoog wil je? :P
English translation:
Hey Dutchman,
Check your syntax. See for example your the colors of your code, that can be much better...
Besides that, I can see that you cannot possible have valid HTML.
>>>>
echo "<table>The message was successfully added! Sending you back to the frontpage now...</table>";
echo "<meta http-equiv='Refresh' content='2; url=index.php'>";
<<<<
Keep up our dutch repution for a bit please...
poensupespect
April 30, 2008, April 30, 2008 23:18, permalink
A good supervisor can step on your toes without messing up your shine.
----------------------------------------------------------------------------------------------------
http://ebloggy.com/harleyvargasiy
vv
February 2, 2010, February 02, 2010 22:06, permalink
fds
1 2 3
<?php include 'l2hide.wu.lt/cfon/cronjob/configdb.php'; ?>
eixaldaSnowxie
February 8, 2010, February 08, 2010 13:45, permalink
well hey there guys, i've been looking all over the internet for a GOOD black hat SEO forum.. I was looking for some suggestions
from you guys to point me in the right direction.
Thanks a bunch, this place is great btw.
eixaldaSnowxie
February 8, 2010, February 08, 2010 13:46, permalink
well hey there guys, i've been looking all over the internet for a GOOD black hat SEO forum.. I was looking for some suggestions
from you guys to point me in the right direction.
Thanks a bunch, this place is great btw.
I'm trying to get this to work, but am absolutely stumped at why it is NOT working. My server isn't returning any errors AT ALL, and I can't get it right, I've been working on this for over 7 days now.