[TMM-TT]

I've been playing around with this code a bit and I'm not sure if this works, so I want to check with you before I say something about the code. If it works, maybe someone can help me with a product update?

First, I created a new table for the database (dumped with mysqlcc ):

Code:

CREATE TABLE `proxycache` (
  `ip` varchar(15) NOT NULL default '',
  `dateline` int(11) NOT NULL default '0',
  `listed` int(11) NOT NULL default '0'
) ENGINE=HEAP DEFAULT CHARSET=latin1 COMMENT='proxycache';

And the code, for caching resolved hosts (this is a replacement for my first code actually):

PHP Code:


// #######################################################
// DNSBL/OPM Proxy Blocker for VB 3.5.2
// Based on an old script added to global.php
// Version 1.0.1 - Written by Tomas Tornevall (TMM-TT)

$timestamp = time();
$cleanafter = 21600;
$timediff = $timestamp - $cleanafter;

// Clean up old entries
$db->query_write("DELETE FROM " . TABLE_PREFIX . "proxycache WHERE dateline < $timediff");


// OPM Databases to use
$opmlist = array(
        "opm.blitzed.org",
        "opm.tornevall.org",
        "dnsbl.njabl.org"
        );

// Pick the data we need
$OPMremote = $_SERVER['REMOTE_ADDR'];

// Make the data reversed for DNSBL
$OPMReverseRemote = explode(".", $OPMremote);

$reverseip = "$OPMReverseRemote[3].$OPMReverseRemote[2].$OPMReverseRemote[1].$OPMReverseRemote[0]";

$proxydb = $db->query_first("SELECT ip,listed FROM " . TABLE_PREFIX . "proxycache WHERE ip = '$OPMremote' LIMIT 1");

$proxyexist = $proxydb['ip'];
$proxylisted = $proxydb['listed'];

// If nothing has been added, act normal
if (!$proxyexist) {

foreach ($opmlist as $OPM) {
  $OPMResolved = gethostbyname($reverseip . "." . $OPM);
  $OPMAnswer =  explode(".", $OPMResolved);
  // Block all hosts that has been resolved to 127.0.0.xxx
  if ($OPMAnswer[0] == "127") {$opmfound = 1;}
  }

}


// Manually added OPM's goes here, just in case of problems (You might want to let someone in?)
// Dont forget the $proxylisted = 0 here
//if ($OPMremote == "whatever.you.want.to.protect.here") {$OPMfound = 0;$proxylisted = 0;}

if ($opmfound == 1) {
     $db->query_write("INSERT INTO " . TABLE_PREFIX . "proxycache (ip, listed, dateline) VALUES ('$OPMremote', 1, $timestamp)");
     $proxylisted = 1;
     } else {
     // 127.* was'nt found, so this one is'nt listed. Also check if it was found in the db. If not - add
     if (!$proxyexist) {$db->query_write("INSERT INTO " . TABLE_PREFIX . "proxycache (ip, listed, dateline) VALUES ('$OPMremote', 0, $timestamp)");}
  }

// If found in db, send error
if ($proxylisted == 1) {
          eval(standard_error(fetch_error('OPM_Deny')));
} 


Any comments? Can this work?




Edit/050103: Just found a human-bug, that was fixed from now
$query_write should be $db->query_write, very sorry for that.