Board logo

标题: HOW-TO: BLocking countries from your site (PHP) [打印本页]
作者: 网普科技     时间: 2004-12-27 06:48 PM    标题: HOW-TO: BLocking countries from your site (PHP)

转自:WebHostingTalk Forums

Hello,

Well I for one am tired of fraudulent orders from the same old countries and I want to educate as many people as possible about stopping or at least lowering such orders on the internet. So here goes my first How-To :-)

Okay lets start.

Step 1 - Obtaining the country codes

Firstly, lets download the database of countries to IP address (which is provided courtesy of webhosting.info):

http://ip-to-country.webhosting.info/node/view/6

Download the zip file, extract it and then upload it to your server.

Step 2 - Setting up the database

Now create two MySQL tables using the following:
CODE:  [Copy to clipboard]
CREATE TABLE `country_list` (
  `IP_FROM` double NOT NULL default '0',
  `IP_TO` double NOT NULL default '0',
  `country_code` char(2) NOT NULL default '',
  `country_code2` char(3) NOT NULL default '',
  `country_name` varchar(50) NOT NULL default ''
) TYPE=MyISAM;
CODE:  [Copy to clipboard]
CREATE TABLE country_blocks (
  id int(5) NOT NULL auto_increment,
  country_code char(2) NOT NULL default '',
  KEY id (id)
) TYPE=MyISAM;
Okay now we want to load all the data into the country_list table. It's very quick if you can run this command from a MySQL prompt:
CODE:  [Copy to clipboard]
LOAD DATA INFILE '/directory/ip-to-country.csv' INTO
TABLE `country_list` FIELDS TERMINATED BY ',' ENCLOSED BY '"'
ESCAPED BY '\' LINES TERMINATED BY '\r\n'
Lets also load some countries that have high fraud stats:
CODE:  [Copy to clipboard]
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (1, 'AF');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (2, 'DZ');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (3, 'BD');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (4, 'BG');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (5, 'CN');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (6, 'HR');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (7, 'ID');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (8, 'JP');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (9, 'MY');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (10, 'NG');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (11, 'RO');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (12, 'SG');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (13, 'TW');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (14, 'VN');
INSERT INTO `country_blocks` (`id`, `country_code`) VALUES (15, 'EG');-
Blocks access from these countries:
AFGHANISTAN, ALGERIA, BANGLADESH, BULGARIA, CHINA, CROATIA, EGYPT, INDONESIA, JAPAN, MALAYSIA, NIGERIA, ROMANIA, SINGAPORE, TAIWAN, VIET NAM.

Step 3 - Doin the PHP

Great, that's that hard stuff! Now lets do the PHP stuff - its pretty easy!

Usually all sites created from php have a common.php or a file that is loaded before anything else if yours is like this then add the following function into that file:
CODE:  [Copy to clipboard]
function ip_access_check($ip)
{
    $result = mysql_query("SELECT country_code FROM country_list WHERE IP_FROM <= inet_aton('" . $ip . "') AND IP_TO >= inet_aton('" . $ip . "')") or mysql_err();
    $row = mysql_fetch_array($result);
     
    $result = mysql_query("SELECT country_code FROM country_blocks WHERE country_code = '" . $row["country_code"] . "'") or mysql_err();
     
    if ($row = mysql_fetch_array($result))
        {
        header("Location: /blocked.html");
        exit;
        }
}
If you don't have a common.php or similar then simply create a file called common.php with the function in it and include it in every page that you want using the include(); function.

Notice the "header("Location: /blocked.html");" in the above php function, well you can change this to point to a page that displays a message saying why you have blocked the page.

Now in your index.php and any other pages add the following just after calling the common.php file:
CODE:  [Copy to clipboard]
<?
ip_access_check($REMOTE_ADDR);
?>
Step 3 - Testing it

Test by adding your country into the country_blocks and then access that page which you have added the php code to.

Conclusion

I do hope this does lower any fraudulent orders you may get.. Good Luck with your endeavors and please let me know how it goes for you!

-Phil



欢迎光临 网普技术论坛 (http://bbs.netpu.net/) Powered by Discuz! 2.5