PHPBuilder - PHP-Based Chat Room Page 5



RSS Twitter
Articles Html

PHP-Based Chat Room - Page 5

by: Mike Hall
|
July 30, 2000

One last thing we should address is how to deal with troublemakers. This is a particular problem if you end up with a popular chat. It's a sad fact we have to face up to - people are frequently jerks. And because of this we have to make sure that only the right kind of people get into our chat room.
One idea is a login system. Store usernames and passwords in a MySQL database and make users register before they can access your chat. The other idea is to log the IP of troublemakers and prevent that IP posting.
This second system is flawed to a certain extent, in that malicious users can switch between any number of proxies to change their IP. And as most ISP's assign dynamic IP addresses, even the stupid ones can just reconnect and get access to the chat.
Most "casual" troublemakers won't be bothered about going to all that effort just to put the wind up a handful of individials. Once "banned" they'll never bother coming back.
So our "banned" IPs are logged in a file called banned.ban. Each IP is terminated by a newline character so as before we can use the file() function to read the file into an array.
$banned_array = file("banned.ban");
Now we have the file we need to cross-reference it with the $REMOTE_ADDR variable so we can tell if the user trying to post a message is banned or not. Simplicity itself :

<?php 

for ($counter=0;$counter<sizeof($banned_array);$counter++) {
    if (
$banned_array[$counter] == $REMOTE_ADDR) {
        print(
"<font color=\"red\" face=\"arial\" align=\"center\">".
            
"You have been banned from this chat</font>");
        exit;
    }
}

?>
The exit command will stop immediately the execution of the script. Place your ban checks before you start performing operations on the POSTed variables and your banned user can't use the chat.
With a mind to accounting in some way for the problem of dynamic IP addresses, it's probably an idea to check the IP block the IP belongs to. A simple function makes makes this easy.

<?php 

function makeMask($ip) {
    
// remember to escape the . so PHP doesn't think it's a concatenation
    
$ip_array explode("\."$ip);
    
$ip_mask "$ip_array[0]\.$ip_array[1]\.$ip_array[2]";
    return 
$ip_mask;
}

?>
Then we replace the looped if with:

<?php 

for ($counter=0;$counter<sizeof($banned_array);$counter++) {
    if (
makeMask($REMOTE_ADDR) == makeMask($banned_array[$counter])) {
        print(
"<font color=\"red\" face=\"arial\" align=\"center\">".
            
"You have been banned from this chat</font>");
        exit;
    }
}

?>
... we have some protection against dynamic IPs.

« Previous Page
1
|
2
|
3
|
4
|
5
|
6
Next Page »

Comment and Contribute

Your comment has been submitted and is pending approval.

Author:
Mike Hall

Comment:



Comment:

(Maximum characters: 1200). You have characters left.