1

how to convert from an Array to string conversion I keep being prompt with error messages. Having tried the other recommendations but no luck. this is what i have so far.

<?php

// Create connection
$con=mysqli_connect("********","***","*****","blocklist");

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }



    $query = "SELECT addresses from addresstbl;";  
$result = query($query,$error); 
if (!$result) { echo "error: $error"; }



$deny = array("$query");

if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {

header("location: http://www.google.com/");

exit();

} ?>
Improve this question
1
  • 1
    $deny = array("$query"); doesn't do what you think it does. $deny will be set to array('SELECT addresses from addresstbl;'). You need to look for your IP address in the $result. Commented Mar 20, 2014 at 19:20

3 Answers 3

Reset to default
1

you can use .htaccess to block ip addresses, in your .htaccess file write-

order allow,deny
deny from ipaddress
deny from ipaddress 2
allow from all
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

hmm, How do i acceess .htaccess?
it should be present in your root directory, if not, you can create one!
do you know any link which explains the creation of this?
ironpaper.com/webintel/articles/…
1

First of all , here is the link from php.net on how to use mysql_query. The result in this case will be a mysql resource and you have to use mysql_fetch_assoc to convert that result to an array that you can actually use. So you would want to use something like. 

$mysqli = new mysqli('localhost', '***', '**', '***');

$result = $mysqli->query('select * from addresstbl');
if ($result) {
    $ip_result = array();
    while ($row = $result->fetch_assoc()) {
            $ip_result[] = $row['profile_name'];
    }

}
print_r($ip_result);

I hope that helps.

Improve this answer

3 Comments

He's not using mysql_*. He's using MySQLi. Also, we don't know what his query() method does. It could be doing this.
yes mysqli..Also I have tested the query it works. But this method does not work. It brings up a lot of errors lol.
I have edited the code per Rocket Hazmat's comment. User3034002 just make sure that you your result is being generated correctly. I was just perusing the docs on mysqli and their seems like their are multiple ways to do it.
0

I think it would be a lot safer and faster if you work with a white list...

If the IP address is in your database, then continue, otherwise redirect the user to Google...

Something like this:

<?php
$user = "root";
$password = "";
$host = "localhost";
$dbname = "beta";
$site_id = "event_horizon";

$db = new mysqli($host, $user, $password, $dbname) or die("I can't make a connection with the database");

mysqli_select_db($db,$dbname);

$remote_ip = $_SERVER['REMOTE_ADDR'];


$query=("SELECT addresses from addresstbl WHERE addresses='".mysqli_real_escape_string($db,$remote_ip)."'");


$q = mysqli_query($db,$query);


if(mysqli_error($db)){
    echo "I'm sorry, but something went wrong";

    } 

$found = mysqli_num_rows($q);

if($found==0){
    header("location: http://www.google.com/");
} else {
    // you're IP address is not on the black list...
}
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.