Simple URL Filtering Script
This php script will simply allow you to filter any request to your page by its Query String. You can even track people who has accessed that forbidden request. They usualy request it for finding out any sql injection or xss vulnerability on the page.
By adding the log script you can have their activity recorded on your host. You can also add more info to the log, just modify it if you want
Here’s the script…
-
<?php
/* Copyright (C) 2009 crazydavinci.net */
/* Simple URL Filter + Activity Logger */function jebak($url){
?>
<body bgcolor="black" text="red">
<h1 align="center">HEY DUDE, WHAT THE HELL ARE U DOING HERE ?!<br>
You Activity Has Been Logged !!! Thanks For Trying…</h1>
</body>
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$date=date("d/M/y g:i:s a");
$file= fopen('log.txt', 'a');
fwrite($file, "\r\nURI : $url - $date - IP : $ip\r\n");
fclose($file);
die();
}
$ref=strtolower($_SERVER['QUERY_STRING']);
$filter=array('http://','select','order','=-','null','%3c','%3e','from','–','/*','+','t;','');
for($i=0; $i<count($filter); $i++)
{
if(strstr($ref,$filter[$i]))jebak($ref);
}?>
Put it on the first line of your php so it will be evaluated first, before loading the real content of the page. Try out the sample page here…
You can see that the character open and close tag for the html is filtered by the script, you can add or remove the filter entries by modifying the array variable ($filter)
To have the log file, make sure you create the log.txt file on the same directory and make it writeable…
Here’s what you will see on the log file :
- URI : paged=%3chtml%3etest%3c/html%3e - 07/Apr/09 9:07:53 am - IP : xxx.xxx.xxx.xxx











Media-Box
April 16th, 2009 at 4:20 AM
kodenya entar di taruh mana..??
soale aku baru belajar ni
April 16th, 2009 at 9:02 AM
di paling atas bro, sebelum kode yang laen
copy paste aja kodenya, save trus tinggal tambah nanti di php kamu
require(’file blah blah blah’);
April 19th, 2009 at 8:50 PM
Thanks ya mas
April 22nd, 2009 at 5:06 AM
om joy,,,
mohon bimbingan’a…
saya sedot yak,
April 22nd, 2009 at 8:38 AM
monggo, silakan sedot, awas keselek..
April 28th, 2009 at 12:56 PM
ehm mo nanya nich … ku ambil backgroung di friendster123.com
biar link friendster123 na ga da di profil ku gmn ya plase
lgi blajar jga nich …..
April 29th, 2009 at 4:30 AM
masukin kodenya yang tag <script> sama tag <link> aja, yang laen ga usah
tapi hal ini ga saya recommend ya….
soalnya link itu dibuat juga sebagai credit, apresiasi terhadap si pembuat layout, ok?!
May 1st, 2009 at 10:58 AM
duh bg…..
aq nyerah ni…
gmn cara make layouts ni???
layoutsnya mantep bgt…..
tunjukkin ya….
makasih bg….
May 3rd, 2009 at 1:17 PM
makin lama makin rumit nich kotak media ny.
masih gampang yang woxiaspear
May 4th, 2009 at 10:03 AM
om…..
tunjukkin dunk…………
pa sich kode layoutsnya????
May 8th, 2009 at 3:39 PM
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
blzannya mna coy…………..
May 28th, 2009 at 6:22 PM
om joy..
klw di kombinasikn sma script php fs gmn?
koq sy “gatot” trs… T.T
akhir’a sy pk warning’a ajj…xixi
tnx b4
June 6th, 2009 at 6:49 AM
Ma JOY, bisakah file PHP tersebut diatas dikombinasikan dgn file PHP cookies saya?
Teima Kasih, smoga dijawab.
December 28th, 2009 at 6:59 PM
bang joy ne gmn c cr kerjanya???mohon tutor diperluas bang joy..,help please
March 8th, 2010 at 3:58 PM
cara kerja dia, filter berdasarkan url yg ada di addressbar lex..
jd misal yg mengandung kata2 yg dilarang, kaya union, schema dll langsung ke blok
kurang lebih bgt, cara pakenya tgl require aja di baris awal kode phpnya..