Jump to content

Search the Community

Showing results for tags 'rank issue'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (PhpStorm, VS Code, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 1 result

  1. I am using a barebones script listed as a members area but all it does is give me login and secure pages using the auth.php (code listed below) since I got the script I have added a new column 'Rank' to the database table 'members' with this rank there are 4 ranks: Guest Blocked/Banned Helpers Administration The new page I am creating I want it to use this rank system I added, ranks 3 and 4 get access, rank 2 I want to redirect to my 403 Access Forbidden located at my main site 'bullwebhost.co.uk/error.php?cmd=403' , rank 1 gets a message shown saying 'Welcome Guest print '$_SERVER["REMOTE_ADDR"]; , You have tried accessing a Restricted Area Your IP print '$_SERVER["REMOTE_ADDR"]; has been logged and Webmaster Informed (if possible via phpmail as i cant use smtp) of your accessing this area. Now For the code auth.php //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) { header("location: access-denied.php"); exit(); } Database Structure CREATE TABLE IF NOT EXISTS `members` ( `member_id` int(11) unsigned NOT NULL AUTO_INCREMENT, `Rank` int(11) NOT NULL DEFAULT '1', `firstname` varchar(100) DEFAULT NULL, `lastname` varchar(100) DEFAULT NULL, `login` varchar(100) NOT NULL DEFAULT '', `passwd` varchar(32) NOT NULL DEFAULT '', PRIMARY KEY (`member_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; config.php <?php define('DB_HOST', '****'); define('DB_USER', '****'); define('DB_PASSWORD', '****'); define('DB_DATABASE', '***'); ?> Restricted File require_once('auth.php'); include 'config.php'; $conn = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(! $conn ) { die('Could not connect: ' . mysql_error()); } $sql = 'SELECT Rank FROM members WHERE Rank="3" or Rank="4"'; mysql_select_db(DB_DATABASE); $retval = mysql_query( $sql, $conn ); if(! $retval ) { die('Could not get data: ' . mysql_error()); } while($row = mysql_fetch_array($retval, MYSQL_ASSOC)) { print ' <!DOCTYPE html PUBLIC "-//W3C//DTD(I have code for this part) XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>My Profile</title> <link href="loginmodule.css" rel="stylesheet" type="text/css" /> </head> <body> <h1>My Profile </h1> <a href="member-index.php">Home</a> | <a href="logout.php">Logout</a> <p>This is another secure page. </p> </body> </html>'; } Attempts Okay I did a more detailed (I think) search and came across something but it didn't work my edited code is below $sql = mysql_query("SELECT * FROM members WHERE Rank ='3 or 4' AND member_id ='".$_SESSION['SESS_MEMBER_ID']); Code Removed else { (redirect to error document) mysql_close($conn); } That is all I changed in the Restricted File code above. I still am not getting errors printed I have php errors in htaccess and using the trigger but still blank white screen Trying to get my question across (not very easy for me), I am trying to make a page (not giving name of file) that using the auth and config files to do a check for the users rank is either 3 or 4 user gets access, 1 print message 2 redirect to 403 document (easiest way possible) so that even if someone tries to bypass any security in place they still need to be rank 3 or 4 to even see the page contents. Also possible long shot but what would be the best way to block IP addresses would php and mysql/mysqli (don't know PDO, willing to learn mysqli) or would it be better to use .htaccess for the reason being I wanting to block Loads of IPS but want adding them to be easy and also using my new pages was looking at building forms to add entries, remove entries Viewing the list, (I have code for this part). What I asking is would I be better of using php and mysql/i or .htaccess because some of the ips are wildcard ips to be banned and redirected to my error document. Kind regards Harry Smith
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.