When dealing with financial matters, it is important that an application pay min

Question

When dealing with financial matters, it is important that an application pay mind to security. One way to improve the security environment is to ensure that an application is only accessed from a local computer. In this assignment, you will check the IP address of the visitor's computer to make sure that it resides on the same network as the server.

* The XHTML portion of the solution03.php file should not be used. Rather than leave it empty, though, add text to that section which will reflect the fact that it should only be reached in error.
* In the PHP portion of the solution03.php file, read in the contents of the REMOTE_ADDR environment variable, and save that string in a variable named $ipaddress.
* Construct an if statement which will test to see whether the $ipaddress contains either 127.0 or 192.168. If it does, re-direct the visitor to the greeting page you created for Assignment #1 (which should be named solution01.php or something similar).
* (NOTE: The simplest way to do this is to use the if clause to test for one of the two strings and an else if clause to test for the other. That is easier than using the OR logical operator . . .)
* If the address does not contain either of those strings, re-direct the visitor to a page named solution03_breach.html. Set the background of that page to red (yes, it will hurt your eyes) and write text informing the visitor that he/she is accessing the application from an unsecured location.
* Your submission for this assignment should include three pages: the solution03.php which performs the re-direction, the solution03_breach.html which serves as the error page, and the greeting page which serves as the good target.

Explanation / Answer

solution03.php

<?php
/* The user's IP Address */
$ipaddress = $_SERVER['REMOTE_ADDR'];

/* Used for debugging... */
//echo $ipaddress."<br />";

/* Check for a match for local IP Addresses */
if ( ( preg_match('/127.0/', $ipaddress ) ) OR ( preg_match('/192.168/', $ipaddress ) ) )
{
    /* Your asgn says to redirect the user if a match is
    found... You may need to change the path for this to
    be where you have solution01.php or something similar.*/
    header('Location: ./solution01.php');
}
else
{
/* This is where we send people if NO MATCH is found... This path may need to be changed depending on where you put the file.*/
    header('Location: ./solution03_breach.html');
}
?>

solution03_breach.html

<html>
<head><title>PHP Coding Project</title></head>
<body bgcolor=red text=white>

<h1>ALERT!!!</h1>

<h4>YOU ARE ACCESSING THE APPLICATION FROM AN UNSECURED LOCATION!</h4>

</body>
</html>

solution01.php

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.