Home > Backend Development > PHP Tutorial > Share how to limit IP access and number of submissions in PHP

Share how to limit IP access and number of submissions in PHP

黄舟
Release: 2023-03-14 10:42:02
Original
2592 people have browsed it

This article mainly introduces the method of limiting IP access and submission times in PHP, involving PHP's acquisition and judgment of client IP addresses, and related operating techniques such as recording the number of IP access times combined with session. Friends in need can refer to the following

The example in this article describes the method of limiting IP access and submission times in PHP. Share it with everyone for your reference, the details are as follows:

1. Principle

The number of submissions must be written to the database. , for example, when a user logs in, when the user makes an error, forget to write the number of errors 1 to the database, and the error time, and write 2 if there is another error. When it reaches 5 times, it prompts that no more login is allowed. Please try again tomorrow, and then use DateDiff to calculate the error time. and now() time, if it is greater than 24, let him try again.

It is relatively simple to block the IP, especially to disconnect the IP.

Let’s first talk about the situation of opening the IP segment: first take out the IP that the customer accesses. For the convenience of explanation, IP192.168.6 is set .2

Now we want to open the IP segment of 192.168.*.*. Let’s give a code that is easier to understand:


url=split(ip,".") '这里的ip为客户端IP
fsip="192.168.*.*"  '允许的段,可以从数据库取出,也可以这么定义
fip=split(fsip,".")
if fip(0)=url(0) and fip(1)=url(1) then
response.write "您的IP被封"
else response.write "可以通过"
end if
Copy after login

In fact, it is forbidden A certain IP is the same as the above method. Or simply take out the direct comparison between the IP and the client from the database.

Generally, the IP segment in the database is set to double precision, then these are needed:


if Request.ServerVariables("HTTP_X_FORWARDED_FOR")="" then
IP=Request.ServerVariables("REMOTE_ADDR")
else
IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR")
end if
sip=IP
cip=split(ip,".")
ip=256*256*256*cip(0)+256*256*cip(1)+256*cip(2)+cip(3)-1
Copy after login

The above situations are all in the database operation In terms of this, cookies, etc. are not involved.

In fact, blocking IP is not very ideal and will affect innocent people. The relevant reason may be that dynamic IP escapes.

2. Encapsulation example


<?php
class IP{ //获取客户IP地址
  function getIpAdr(&$ip){
    $ip1=getenv("HTTP_X_FORWARDED_FOR");
    $ip2=getenv("HTTP_CLIENT_IP");
    $ip3=getenv("REMOTE_ADDR");
    if($ip1&&$ip1!=&#39;unknow&#39;)
      $ip=$ip1; else if($ip2&&$ip2!=&#39;unknow&#39;)
      $ip=$ip2; else if($ip3&&$ip3!=&#39;unknow&#39;)
      $ip=$ip3; else
      $ip=&#39;127.0.0.1&#39;;
  }
}
function get_netip($myip){ //只留客户IP地址的前三位
  $temp=explode(".",$myip);
  $netip.=$temp[0];
  $netip.=".";
  $netip.=$temp[1];
  $netip.=".";
  $netip.=$temp[2];
  return $netip;
}
$filename="test.ini";  //定义操作文件
$ip_lib=file($filename); //读取文件数据到数组中
$allow=0;
$IP=new IP;
$thisip="";
$IP->getIpAdr(&$thisip);
$thenetip=get_netip($thisip);
for ($i=0;$i<count($ip_lib);$i++){
  if(ereg($thenetip,$ip_lib[$i])){
    $allow=1;
    break;
  }
}
if ($allow==1)
{
  echo "验证通过";
} else {
  echo "<script>location.href=&#39;Error.php&#39;;</script>";
}
Copy after login

3. Limit the number of inputs

1. The page needs session_start() first; 2. Make a judgment when clicking to log in. If it is determined that the password entered by the user is wrong


if(用户的密码是错误的){
  if(!empty($_SESSION[&#39;login_error&#39;])){
    if($_SESSION[&#39;login_error&#39;] == 3){
      exit("这里已经是第三次了");
    } else{
      $_SESSION[&#39;login_error&#39;] = $_SESSION[&#39;login_error&#39;]++;
    }
  } else{
    $_SESSION[&#39;login_error&#39;] = 1;
  }
}
Copy after login

The above is the detailed content of Share how to limit IP access and number of submissions in PHP. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template