Forum Topic: trying to understand PHP anti-proxy snippet

Forum: .htaccess Forum : General • Posted by RememberToForget • Updated: 
if (@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1)) {
      die("Proxy access not allowed");
}

So I’m playing around with this thing, and carefully monitoring proxy hits and for the most part it seems to block trash, but still I’d like to try and understand what exactly this piece of code does.

From what I’ve gathered so far:

‘if fsockopen’ means, “if a socket connection is possible.”

Then, such a connection would be possible because it’s a server with an open port 80, which is the typical port for publicly-accessible servers? This, in turn, would mean that it’s not just the IP of some dude’s laptop, but an actual internet server?

Next, the errstr, errno, and 1. Based on what I’ve read so far (i.e., very little as you can see) I’m actually at a total loss.

Sidenote, where can I learn PHP basics? I need the teacher to be something like yourself and Chris (i.e., explained well, clearly, doesn’t deliberately remain vague so that you feel inferior, and if at all possible, doesn’t subtly condescend you and even possesses a sense of humor.)

I just need PHP basics, you know, like I got Chris’ jquery video course for beginners and it was, like I actually learned from it and it stuck. A sophisticated teacher is surprisingly hard to find.

2 Replies to “trying to understand PHP anti-proxy snippet”

Posted by Jeff Starr

I’m not sure where a good place is to learn PHP basics, but I know there are literally millions of resources available to you. I would provide some names or whatever but I learned myself, mostly by doing, but also with some help from library books, tuts, etc.

For the proxy method, it’s basically just checking for a connection based on the hostname. It will return either a file pointer or FALSE if no connection is available. Here are definitions of the parameters:

hostname – If OpenSSL support is installed, you may prefix the hostname with either ssl:// or tls:// to use an SSL or TLS client connection over TCP/IP to connect to the remote host.

port – The port number. This can be omitted and skipped with -1 for transports that do not use ports, such as unix://.

errno – If provided, holds the system level error number that occurred in the system-level connect() call.
If the value returned in errno is 0 and the function returned FALSE, it is an indication that the error occurred before the connect() call. This is most likely due to a problem initializing the socket.

errstr – The error message as a string.

timeout – The connection timeout, in seconds.

And to really dig in, here is the offical page at php.net:

http://us1.php.net/fsockopen

Posted by RememberToForget •

Such Chinese, wow.

PHP.

…is not for me. :)

Thanks for doing your best to explain it.