...

View Full Version : Breaking Out of iframe by ip address



embeebutterly
08-20-2011, 06:29 PM
Hi there, i really could use the help.

Ok, so (and im sure i will be told other ways) i have come up with a way of blocking people from my site even if they are currently on the site and dont reload the page.

What i was thinking of is simply:
a tiny iframe on the bottom of my page, so small it cant be seen ie 1px
that iframe goes to a page saying YOU HAVE BEEN BANNED

That page istself will be on a constant 10 seccond refresh so as soon as i add the ip address to it, BOOM, it will break out of the iframe and take the user away from the main page as display the you have been banned message.

Sound good?


ok, so here is what i have sofar but i know its wrong, dont really know how to write it correctly. The main point is:

if ip is 111.111.111 then break out of iframe

else

do nothing.


Thanks for the help.


<script language="JavaScript">
VIH_ForeColor = "navy";
VIH_FontPix = "16";
VIH_DisplayFormat = "%%IP%%";
VIH_DisplayOnPage = "no";
</script>
<script language="JavaScript" src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"></script>

<script language="JavaScript" src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"></script>
<script>
if (VIH_HostIP == "111.111.111.111")

document.write('if (top.location!= self.location) {
top.location = self.location.href
}' );
}else{
document.write('');
;}
</script>

Logic Ali
08-20-2011, 07:39 PM
<script type=text/javascript">

if ( VIH_HostIP == "111.111.111.111" && top != self )
top.location.href = self.location.href;

</script>That should work for a user whose ip address never changes and/or who doesn't know how to request a new ip address. Otherwise it's useless and potentially could be seen by an un-banned subscriber.

embeebutterly
08-20-2011, 07:46 PM
<script type=text/javascript">

if ( VIH_HostIP == "111.111.111.111" && top != self )
top.location.href = self.location.href;

</script>That should work for a user whose ip address never changes and/or who doesn't know how to request a new ip address. Otherwise it's useless and potentially could be seen by an un-banned subscriber.


cheers i will try that, i know its not unbeatable, but for my kinda users, it should do the job. it just allows be the effect of instant banning which will either make them go away, or flip on me and make them more determind lol, will let you know the outcome

embeebutterly
08-20-2011, 08:11 PM
:thumbsup: cheers, works great!, can i just keep adding ips like this (VIH_HostIP == "111.111.111" || VIH_HostIP == "111.111.111" || VIH_HostIP == "111.111.111" || ect ect ect?

Logic Ali
08-20-2011, 11:00 PM
:thumbsup: cheers, works great!, can i just keep adding ips like this (VIH_HostIP == "111.111.111" || VIH_HostIP == "111.111.111" || VIH_HostIP == "111.111.111" || ect ect ect?

This is an easily-maintained function that allows you to use wildcards:

function knownIp( ip ) /* Specify IP as a string. '*' acts as wildcard in any section */
{
var re = new RegExp( "(^|[\\,\\s])" + ip.replace(/\*/, '\\d+') + "([\\,\\s]|$)" ),

ipData = "543.54.67.16, 258.36.55.44, 85.210.96.143, 192.168.10.250"; /* Add more IPs separated by commas and/or spaces */

return re.test( ipData );
}

alert( knownIp( "192.168.*.250" ) ); //true
alert( knownIp( "358.36.*.44" ) ); //false
alert( knownIp( "543.54.67.*7" ) ); //false
alert( knownIp( "85.210.96.1*" ) ); //true

Old Pedant
08-20-2011, 11:08 PM
You can, but that's a crappy way to do it.

Why don't you do this in the PHP code????

You get the IP address from there, so why not simply have the PHP code send back either nothing (user is okay) or the JS break-out code?

Why do you put the <script src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"> in there twice?

If you don't know how to modify the PHP code, then you could do this:


<!-- use the more modern script tag, with type= instead of language= -->
<script type="text/javascript" src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"></script>

<script type="text/javascript">
// create an array of banned ip's. Put a comma after each except last one:
var banned = [
"111.111.111.111",
"222.222.222.222",
"33.33.33.33"
];

for ( var b = 0; b < banned.length; ++b )
{
if ( VIH_HostIP == banned[b] )
{
if ( top != self ) top.location.href = self.location.href;
break; // don't look for more
}
}

embeebutterly
08-22-2011, 04:51 PM
If you don't know how to modify the PHP code, then you could do this:


<!-- use the more modern script tag, with type= instead of language= -->
<script type="text/javascript" src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"></script>

<script type="text/javascript">
// create an array of banned ip's. Put a comma after each except last one:
var banned = [
"111.111.111.111",
"222.222.222.222",
"33.33.33.33"
];

for ( var b = 0; b < banned.length; ++b )
{
if ( VIH_HostIP == banned[b] )
{
if ( top != self ) top.location.href = self.location.href;
break; // don't look for more
}
}


thanks for this, works well . however, it seems to be displaying the ip address of the user, i would rather it didnt

embeebutterly
08-22-2011, 04:53 PM
This is an easily-maintained function that allows you to use wildcards:

function knownIp( ip ) /* Specify IP as a string. '*' acts as wildcard in any section */
{
var re = new RegExp( "(^|[\\,\\s])" + ip.replace(/\*/, '\\d+') + "([\\,\\s]|$)" ),

ipData = "543.54.67.16, 258.36.55.44, 85.210.96.143, 192.168.10.250"; /* Add more IPs separated by commas and/or spaces */

return re.test( ipData );
}

alert( knownIp( "192.168.*.250" ) ); //true
alert( knownIp( "358.36.*.44" ) ); //false
alert( knownIp( "543.54.67.*7" ) ); //false
alert( knownIp( "85.210.96.1*" ) ); //true

Not sure i get this to be honest Ali



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum