MySQL + PHP design for disabling IP addresses

Disabling IP addresses is a secure part. The following is an analysis of the program design of PHP + MySQL that prohibits IP addresses. For more information, see.

Let's take a simple example.

Create Table 'banned '(
'IP _ start' int (10) Not null default '0 ',
'IP _ end' int (10) Not null default '0 ',
) Type = MyISAM comment = 'prohibit IP list ';
Create a new data table. The table has two fields to record the beginning of the IP address to be disabled. Ip_tart indicates start and ip_end indicates end. The value of ip_start is smaller or equal than that of ip_end. The value range is 0 ~ 4294967295. If there is only one IP address, the field value of ip_start is the same as that of ip_end.

Note that both fields are int-type. Why? Because an IP address can be converted into a corresponding decimal number. The comparison of numbers has a strong advantage.

In the following example, enter a forbidden IP address. 127.0.0.1
Insert into 'banne' ('IP _ start', 'IP _ end') values (inet_aton ('192. 0.0.1 '), inet_aton ('192. 0.0.1 '));
If you want to disable an IP segment, such as 192.168.1.1 ~ 192.168.255.2255
Insert into 'banne' ('IP _ start', 'IP _ end') values (inet_aton ('192. 168.1.1 '), inet_aton ('192. 168.20.255 '));

We can see from the data table that the ip_start and ip_end fields of the records inserted above are 2130706433. Because the MySQL function inet_aton converts the IP address to a number.

To disable an IP address, check whether the IP address is a record in the data table.

$ IP = '1970. 0.0.1 ';
$ SQL = "select count (*) from 'banned' where ip_start> = inet_aton ('$ ip') and ip_end <= inet_aton (' $ ip ')";
$ Result = mysql_query ($ SQL );
$ Banned = mysql_fetch_array ($ result );
Echo $ banned [0]? "Forbidden IP": "connected IP Address ";