PHP limits the resolution of multiple submissions with the same IP

This article mainly introduces the implementation of PHP to restrict IP access to the number of submissions, involving PHP access to the client IP, judgment and combined with the session record number of IP visits and other related operational skills, the need for friends can refer to the following

In this paper, the implementation of PHP to limit the number of submissions is described in this example. Share to everyone for your reference, as follows:

First, the principle

The number of submissions is sure to go to the database to write the number of this data, such as user login, when the user is wrong to forget the database write error 1, and error time, and then error write 2, when full such as 5 times prompted not to allow the landing, please try again tomorrow, and then use DateDiff to calculate the error and now () time, If it is greater than 24, let him try again.

IP, especially to the IP break is relatively simple,

First say to the IP segment open situation: First remove the client access IP, in order to explain the convenience, with IP192.168.6.2

Now to open the IP field 192.168.*.*, give a relatively easy to read code it:

Url=split (IP, ".") ' Here the IP for the client ipfsip= "192.168.*.*"  ' allowed segments, can be removed from the database, or so define Fip=split (Fsip, ".") If FIP (0) =url (0) and FIP (1) =url (1) thenresponse.write "Your IP is blocked" Else Response.Write "can pass" end if

In fact, the prohibition of an IP is the same as the above method. Or simply take a direct comparison of the IP and client from the database.

Generally, the IP segment in the database is set to double, then you need these:

If Request.ServerVariables ("http_x_forwarded_for") = "" Thenip=request.servervariables ("REMOTE_ADDR") elseIP= Request.ServerVariables ("Http_x_forwarded_for") End Ifsip=ipcip=split (IP, ".") IP=256*256*256*CIP (0) +256*256*cip (1) +256*CIP (2) +CIP (3)-1

The above situation is in the database operation, does not involve cookies and so on.

In fact, IP is not very ideal, will affect innocent people, perhaps because the dynamic IP escaped.

Second, packaging examples

<?phpclass ip{//Get client IP address  function Getipadr (& $ip) {    $ip 1=getenv ("http_x_forwarded_for");    $ip 2=getenv ("http_client_ip");    $ip 3=getenv ("remote_addr");    if ($ip 1&& $ip 1!= ' unknow ')      $ip = $ip 1, else if ($ip 2&& $ip 2!= ' unknow ')      $ip = $ip 2; else if ($ip 3 && $ip 3!= ' unknow ')      $ip = $ip 3; else      $ip = ' 127.0.0.1 ';  }} function Get_netip ($MYIP) {//Leave only the first three digits of the client's IP address  $temp =explode (".", $myip);  $netip. = $temp [0];  $netip. = ".";  $netip. = $temp [1];  $netip. = ".";  $netip. = $temp [2];  return $netip;} $filename = "Test.ini";  Define the action file $ip_lib=file ($filename); Reads the file data into the array $allow=0; $IP =new IP; $thisip = ""; $IP->getipadr (& $thisip); $thenetip =get_netip ($THISIP); for ($i =0 ; $i <count ($ip _lib); $i + +) {  if (Ereg ($thenetip, $ip _lib[$i]) {    $allow =1;    break;  }} if ($allow ==1) {  echo "validation passed";} else {  echo "<script>location.href= ' error.php ';</script>";}

Third, limit the number of inputs

1. The page needs to be session_start first (); 2. Click on the login to make a judgment, if the user entered the password is wrong

If (the user's password is wrong) {  if (!empty ($_session[' Login_error ')) {    if ($_session[' login_error '] = = 3) {      exit (" This is already the third time ");    else{      $_session[' login_error '] = $_session[' Login_error ']++;    }  else{    $_session[' login_error '] = 1 ;  }}