Web Wiz Forums - Bug 7.92 bannedip

Print Page | Close Window

Bug 7.92 bannedip

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=16121
Printed Date: 13 April 2026 at 6:23pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: Bug 7.92 bannedip

Posted By: JJLatWebWiz
Subject: Bug 7.92 bannedip
Date Posted: 06 August 2005 at 2:53pm

I noticed that the bannedIP bug is still in 7.92 (and 7.95). In the functions/functions_common.asp, look for Function BannedIP(). The standard coding truncates the User IP variable (strUserIPAddress) to the length of the wildcarded banned IP and doesn't restore the variable to the full IP for future comparisons. sfd19 provided a very efficient http://forums.webwiz.net/forum_posts.asp?TID=12385#74540 - solid fix . So, the following code should replace the existing function:


'******************************************

'****           Banned IP's             *****

'******************************************

Private Function bannedIP()



     'Declare variables

     Dim rsIPAddr

     Dim strCheckIPAddress

     Dim strUserIPAddress

     Dim blnIPMatched

     

     'Intilise variable

     blnIPMatched = False

     

     'Get the users IP

     strUserIPAddress = getIP()



     'Intialise the ADO recordset object

     Set rsIPAddr = Server.CreateObject("ADODB.Recordset")



     'Get any banned IP address from the database

     'Initalise the strSQL variable with an SQL statement to query the database to count the number of topics in the forums

     If strDatabaseType = "SQLServer" Then

          strSQL = "EXECUTE " & strDbProc & "BannedIPs"

     Else

          strSQL = "SELECT " & strDbTable & "BanList.IP FROM " & strDbTable & "BanList WHERE " & strDbTable & "BanList.IP Is Not Null;"

     End If



     'Query the database

     rsIPAddr.Open strSQL, adoCon



     'Loop through the IP address and check 'em out

     Do while NOT rsIPAddr.EOF and NOT blnIPMatched

     

          'Get the IP address to check from the recordset

          strCheckIPAddress = rsIPAddr("IP")

          

          'See if we need to check the IP range or just one IP address

          'If the last character is a * then this is a wildcard range to be checked

          If Right(strCheckIPAddress, 1) = "*" Then

              �

              �'Remove the wildcard charcter form the IP

               �strCheckIPAddress = Replace(strCheckIPAddress, "*", "", 1, -1, 1)

              �

              �'See if whats left of the IP matches

              �If strCheckIPAddress = Mid(strUserIPAddress, 1, Len(strCheckIPAddress)) Then blnIPMatched = True

       �

           'Else check the IP address metches     

          Else

              �'Else check to see if the IP address match

              �If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True

          

          End If



          'Move to the next record

          rsIPAddr.MoveNext

     Loop



     'Clean up

     rsIPAddr.Close

     Set rsIPAddr = Nothing



     'Return the function

     bannedIP = blnIPMatched

End Function

Most importantly, the function will do a proper IP address comparison, but the change above also stops checking the list after the first match, which could save time and processor resources.

EDIT 10/24/2005: corrected "strCheckIP Address" to "strCheckIPAddress" and removed extraneous "&nbs p;".

-------------
p.s. I'm not affiliated with Web Wiz Guide in any way. I'm just an average Web Wiz user repaying my debt for the use of their fine forum by trying to help other Web Wiz Guide users.