Redirect users based on ip address ranges help in sql database

edcerv
edcerv used Ask the Experts™
on
Hi, I run a website written in classic asp. Certain members would like to be able to access the members area of the site by using ip address ranges, which I'd like to store in a table in a SQL db using the following or similar format to explain the allowed ranges:

129.130.*.*
193.60.128-143.*

I found some code which almost does what I want, except that it doesn't explain how to deal with values if in a db table. I also don't understand how to call the function. Here's the code I found:

<%
'**************************************
'(c) 2000-2002 by Richard Burwood
'Contact: development@rburwood.com
'**************************************
Function allowAccess(testIPstr)
'
'**************************************
'YOU SHOULD ONLY NEED TO EDIT THE VALUE
'OF THE VARIABLES / CONSTANTS IN THIS
'AREA TO GET THIS FUNCTION TO WORK!!!!
'**************************************
'Adjust the number of items in the
'array to reflect the number of rules
'you are testing
Dim IPrules(2)
'The ip rule can either be a single ip
'address or it can contain the *
'character used as a wildcard. You can
'specify a range of IP addresses by
'using the following syntax,
'"192.168.0.5-10" See examples below...
'Example Rules:
'    "127.0.0.*"
'    "192.168.0.1-40"
'    "192.168.0.*"
'    "192.168.*.*"
'    "192.168.0-10.*"
'    "127.0.0.1"
'
'These rule definitions could very
'easily be in a database or txt file
IPrules(0)= "127.0.0.*"
IPrules(1)= "192.168.0.1-50"
'If the function can't obtain the IP
'address should the function return
'allow access?
'Possible Values = "Allow" or "Refuse"
IPErr = "Refuse"
'Does the function return True or False
'if the IP address being tested is
'within the rule?
'Possible Values = "True" or "False"
RuleType = "True"
'************************************
'There are two server variables that
'we use to obtain the users IP address:
'REMOTE_ADDR and HTTP_X_FORWARDED_FOR.
'Most web users access the internet
'via a third party (their ISP),
'REMOTE_ADDR does not always contain
'their IP address. It can contain their
'ISP's IP address. If it does, most
'browsers will then store the users IP
'address in the HTTP_X_FORWARDED_FOR
'variable. So we first check the
'HTTP_X_FORWARDED_FOR, and then if
'that is empty, we will try to use
'REMOTE_ADDR.
    If testIPstr = "" Then
        testIPstr = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
        If testIPstr ="" Then
            testIPstr = Request.ServerVariables("REMOTE_ADDR")
        End If
    End If
    If testIPstr ="" Then
        ' Can't Obtain user IP address
        If IPErr = "Allow" Then
            allowAccess = "True"
        Else
            allowAccess = "False"
        End If
    Else
        testIP = Split(testIPstr,".")
        'testIP(0) = 1st octet of test ip address
        'testIP(1) = 2nd octet of test ip address
        'testIP(2) = 3rd octet of test ip address
        'testIP(3) = 4th octet of test ip address
       
        'Declare the result array
        Dim IPresult(4)
        'Loop through the array of rules and test the IP address against them
        ctr1 = 0
        Do While ctr1 < UBound(IPRules)
            accessIP = Split(IPRules(ctr1),".")
           
            'accessIP(0) = 1st octet of the ip rule
            'accessIP(1) = 2nd octet of the ip rule
            'accessIP(2) = 3rd octet of the ip rule
            'accessIP(3) = 4th octet of the ip rule
                       
            'We will now Loop through the ip octets and compare them.
            'If the ip rule octet is equal an asterix Then it is an immediate
            'match. if the access octet contains the minus character Then the
            'octet is a range of addresses. All of the octets must return a
            'match For the function To be certain that the IP address being
            'tested is a match.
           
            ctr2 = 0
            Do While ctr2 < 4
                If accessIP(ctr2) <> "*" Then
                    If InStr(accessIP(ctr2), "-") > 0 Then
                        accessLR = Left(accessIP(ctr2) , InStr(accessIP(ctr2) , "-") - 1)
                        accessUR = Right(accessIP(ctr2) , Len(accessIP(ctr2) ) - InStr(accessIP(ctr2), "-"))
                        If testIP(ctr2) => accessLR And testIP(ctr2) <= accessUR Then
                            IPresult(ctr2) = "Match"
                        Else
                            IPresult(ctr2) = "NoMatch"
                        End If
                    Else
                        If testIP(ctr2) = accessIP(ctr2) Then
                            IPresult(ctr2) = "Match"
                        Else
                            IPresult(ctr2) = "NoMatch"
                        End If
                    End If
                Else
                    IPresult(ctr2) = "Match"
                End If
                ctr2 = ctr2 + 1
            Loop
           
            'This function can be used either To allow access or restrict access to the
            'specified accessIP address / range. If the function is True Then there is no
            'need To check further rules so Exit loop.
           
            If IPresult(0) = "Match" And IPresult(1) = "Match" And IPresult(2) = "Match" And IPresult(3) = "Match" Then
                If RuleType = "True" Then
                    allowAccess = "True"
                    Exit Do
                Else
                    allowAccess = "False"
                End If          
            Else
                If RuleType = "True" Then
                    allowAccess = "False"
                Else
                    allowAccess = "True"
                    Exit Do
                End If
            End If
        ctr1 = ctr1 + 1
        Loop
    End If
End Function
%>
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
in brief, what i could understand about your requirement is:
1. you have more than one part of some application/ program,
2. you want give access of different part of program to different persons, whose identity is IP address of their computer.
for example, if the IP address of some user's computer is 192.112.214.21 then he/ she must be able to use view reports only, if the IP is 192.112.214.25 then he must be able to use edit module of a particular part of application only... etc. etc....
if this is what you want please confirm, as i m handling this type of application since long.
regards

Author

Commented:
that's broadly correct - i have a list of accepted IP addresses and ranges of my paid up members held in a sql database table. what i want to happen is that when a user goes to my home page, if their IP address is in this table they are automatically logged in and redirected to the members area.

Thanks

Author

Commented:
Ok, so I've made some progress, but the following code just returns a blank page, whereas it should be returning "True" or "False" and I can't work out what's going wrong. Any ideas?


Dim rstGetRows   ' ADO recordset
Dim strDBPath    ' Path to our Access DB (*.mdb) file
Dim arrDBData   ' Array that we dump all the data into

' Execute a simple query using the connection object.
' Store the resulting recordset in our variable.
Set rstGetRows = objConn.Execute("SELECT IPAddress from IPAddresses")

' Now this is where it gets interesting... Normally we'd do
' a loop of some sort until we ran into the last record in
' in the recordset.  This time we're going to get all the data
' in one fell swoop and dump it into an array so we can
' disconnect from the DB as quickly as possible.
arrDBData = rstGetRows.GetRows()


' Close our recordset and connection and dispose of the objects.

rstGetRows.Close
Set rstGetRows = Nothing
objConn.Close
Set objConn = Nothing

dim testIPstr, testIP, RuleType, Allowaccess
RuleType = "True"
testIPstr = UserIPAddress

 testIP = Split(testIPstr,".")
        'testIP(0) = 1st octet of test ip address
        'testIP(1) = 2nd octet of test ip address
        'testIP(2) = 3rd octet of test ip address
        'testIP(3) = 4th octet of test ip address
       
        'Declare the result array
        Dim IPresult(4), ctr1, accessIP
        'Loop through the array of rules and test the IP address against them
        ctr1 = 0
        Do While ctr1 < UBound(arrDBData)
            accessIP = Split(arrDBData(ctr1),".")
           
            'accessIP(0) = 1st octet of the ip rule
            'accessIP(1) = 2nd octet of the ip rule
            'accessIP(2) = 3rd octet of the ip rule
            'accessIP(3) = 4th octet of the ip rule
                       
            'We will now Loop through the ip octets and compare them.
            'If the ip rule octet is equal an asterix Then it is an immediate
            'match. if the access octet contains the minus character Then the
            'octet is a range of addresses. All of the octets must return a
            'match For the function To be certain that the IP address being
            'tested is a match.
          Dim ctr2, accessLR, accessUR  
            ctr2 = 0
            Do While ctr2 < 4
                If accessIP(ctr2) <> "*" Then
                    If InStr(accessIP(ctr2), "-") > 0 Then
                        accessLR = Left(accessIP(ctr2) , InStr(accessIP(ctr2) , "-") - 1)
                        accessUR = Right(accessIP(ctr2) , Len(accessIP(ctr2) ) - InStr(accessIP(ctr2), "-"))
                        If testIP(ctr2) => accessLR And testIP(ctr2) <= accessUR Then
                            IPresult(ctr2) = "Match"
                        Else
                            IPresult(ctr2) = "NoMatch"
                        End If
                    Else
                        If testIP(ctr2) = accessIP(ctr2) Then
                            IPresult(ctr2) = "Match"
                        Else
                            IPresult(ctr2) = "NoMatch"
                        End If
                    End If
                Else
                    IPresult(ctr2) = "Match"
                End If
                ctr2 = ctr2 + 1
            Loop
                  
           
            'This function can be used either To allow access or restrict access to the
            'specified accessIP address / range. If the function is True Then there is no
            'need To check further rules so Exit loop.
           
            If IPresult(0) = "Match" And IPresult(1) = "Match" And IPresult(2) = "Match" And IPresult(3) = "Match" Then
                 If RuleType = "True" Then
                    allowAccess = "True"
                    Exit Do
                Else
                    allowAccess = "False"
                End If          
            Else
                If RuleType = "True" Then
                    allowAccess = "False"
                Else
                    allowAccess = "True"
                    Exit Do
                End If
            End If
        ctr1 = ctr1 + 1
        Loop
            
 Response.Write(allowAccess)
 

%>

Commented:
Sorry, i m late to respond, and may be i have not catched your point correctly, but if you are maintaining all the allowed IP addresses in some table, y do u need to split the ip.
the simple solution to your problem, in my way, could be like this:-
1. I assume that a table is there with at lease following fields: 1. I. P. Address, 2. Permitted Modules for this I. P.
now i would simply open the table :
--------
rsYourIPtable.open "select * from yourIPtable where fld_IP = '" & request.serverVAriables("remote_host") & "'",yourConnectionName
if rsYourIPtable.eof and rsYourIPtable.bof then
  response.write "Your not allowed to any one of Module of this application...!!!"
else
  newRedirection = rsYourIPtable.fields("fld_ModuleName")
  response.redirect newRedirection
end if
----------
I guess this basic concept will work with your application

all the best
and
friendly regards
Guy Hengel [angelIII / a3]Billing Engineer
Most Valuable Expert 2014
Top Expert 2009

Commented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial