If you would like to redirect browsers based on their IP the following method can be used to handle multiple IP’s.  You can choose to redirect entire networks or a single ip.

<?php
//array of ip's you wish to block.  Note that you can block an 
//entire class by replacing it with 0, so to block a class c 
//(254 computers) use something like 123.123.123.0
$blockIP = array('123.123.123.0','100.100.100.101');
 
$remote = explode('.',$_SERVER['REMOTE_ADDR']);
foreach($blockIP as $ip) {
  $goodIP = false;
	for($i=0;$i<4;$i++) {
    $ipSeg = explode('.',$ip);
    if($remote[$i] == $ipSeg[$i] || $ipSeg[$i] == '0') {
      //segment qualifies
      $goodIP = true;
    } else {
      //ip no good so move to the next
      $goodIP = false;
      continue 2; 
    }
  }
  if($goodIP) {
    //ip passes so no need to check the rest
    $blockThisIP = $ip;
    break;			
  }
 
}
//for convenience test $blockThisIP and process here
//replace www.crayola.com with the place you wish to 
//send ip's too
if($blockThisIP) {
  //php header method - can only use this if the page 
  //has not begin to display in the browser
  header('Location: http://www.crayola.com');
 
  //javascript redirection - use this method if browser has 
  //begun to display page
  echo "<script type=\"text/javascript\">
  window.location = \"http://www.crayola.com\";</script>";
}
?>

On more than one occasion these characters  have turned up just when everything else seems fine.  Like a tiny weeney scratch on a new car, one that only you know about, these little bastards turn up and take the rest of the day to diagnose. 

So what  is for?

•  cannot be smoked or injected
• Too much  causes stress in older programmers
• Does  increase or decrease carbon emissions?
• is  useful for anything? How does it help?

What is  ???

 is often seen at the top left corner of a web page.  When you open the source file and compare that to the output source you will not find , so what causes  to appear in your file?

The secret to diagnosing  is to avoid looking for the obvious.  If you have code that looks like this:-

<?php
echo "Hello World";
?>

placed in a file called hello.php and you run this directly (ie not as an include file) then you may wonder wtf is going on?  How come  turns up?  When you run it the output looks like this:-

 
Hello World

The reason is your editor has saved the file as UTF-8.  With the ever increasing complexity of character encoding some editors will automatically ignore your settings and update your configuration to use UTF-8. Even if you have been using ASCII without any trouble since 1982!

So what you may ask? Winjii, it’s so you can type in Winjii. Not sure what it is, but the 127 characters provided by ASCII’s not enough for some languages, they need more because they are not able to express themselves with so few characters.

Well there’s *$@# chance that I will ever need any more so the solution at least for me is straightforward.

The Fix

Change the character encoding of your page.  With most editors all you need to do is select properties and then choose ASCII then save the file. 

Changing the meta tag alone is not enough, with extended attributes on files now no one can be sure where a browser or whatever reader your using will use to determine how to display it.

To remove stuff such as punction and spaces (or anything you want) from a text box before sending to the server for validation you can use code like this, first the HTML:-

<input 
name="name" 
onblur="this.value = entrycheck(this.value);" 
type="text" 
size="20">

And then the following Javascript will remove invalid characters when the user moves to another field:-

<script type="text/javascript">
function namecheck(theInput) {
  var valid = 'abcdefghijklmnopqrstuvwxyz1234567890';
  var test ='';
  var ret ='';
  for(i=0;i<theInput.length;i++) {
    test = theInput.substr(i,1);
    if(valid.indexOf(test.toLowerCase()) != -1) {
      ret = ret + test;
    }
  }
  return ret;
}
</script>

In this example I just want digits and characters. If you want to add certain punctuation such as stops and commas just add them to the valid variable.

It wasn’t long before I needed to expand upon banning a few IP’s. I needed to be able to ban whole networks so here’s the Q&D solution:-

First create a text file called ipsec.txt and enter some IP’s you wish to ban, to ban a network just leave off the end of the IP class number, for example:-

10.20.30.40
10.50

In the above example the first is a specific IP that you wish to ban, the second will ban all IP addresses that start 10.50 (for example 10.50.20.1 and 10.50.100.1 will both be banned). Enter as many as you like, one per line.

Now create or edit your global.asa file and add the following code to the session_onstart sub procedure:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

sub session_onstart
  remote_ip = request.servervariables("Remote_Addr")
  ipsec     = server.mappath("/ipsec.txt")
  ips       = getFileContents(ipsec)
  ips       = split(ips,vbcrlf)
 
  for each ip in ips
    if len(trim(ip)) > 0 then
      ip_parts        = split(ip,".")
      remote_ip_parts = split(remote_ip,".")
      found = true
      for x = 0 to ubound(ip_parts)
        if ip_parts(x) <> remote_ip_parts(x) then
          found = false
          exit for
        end if
      next
      If found then
        response.redirect "/redir.html?ip=" & remote_ip
      end if
    end if
  Next
end sub

Replace /redir.html with a file or location you want to redirect banned ip’s too.

As this code runs in the session_onstart section of the global.asa it will be run only once for each visitor, this means that during the session they could return and this code would be bypased. If that is a concern modify the code to be a common function and place it strategically, perhaps in a common file called throughout the website.

This demonstrates how to ban a single IP address, later, I’ll show how to ban whole networks but chances are you will be able to work that out for yourself anyway after reading this anyway.

If global.asa does not exist then create it and add the following:

sub session_onstart
 
  ip = request.servervariables("Remote_Addr")
 
  select case ip
    case "111.111.111.111", "111.111.111.112", "111.111.111.123"
      response.redirect "http://www.example.com"
  end select
 
end sub

Replace 111.111.111.11x with the IP addresses you wish to ban, note they are comma separated and the last one is not followed with a comma.

You can change the redirection to a page on your site that informs them they are no longer allowed (a bit vindictive), to a blank page is probably best or you could even forward them on to a competitor :D