DeanWhitehouse Posted May 13, 2008 Share Posted May 13, 2008 my IP ban isn't working , what have i done wrong? <?php $ip = $_SERVER['REMOTE_ADDR']; $ban_ip = mysql_query("SELECT * FROM darkflame_ban WHERE `ip` LIMIT 0,1"); $ban = mysql_fetch_assoc($ban_ip); if ($ip == $ban) ?> this is the bit to check if it is banned Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 13, 2008 Share Posted May 13, 2008 <?php $ip = $_SERVER['REMOTE_ADDR']; $ban_ip = mysql_query("SELECT * FROM darkflame_ban WHERE `ip`=$ip LIMIT 0,1"); $ban = mysql_fetch_assoc($ban_ip); if ($ban) { ?> 1) You never finished your WHERE clause. 2) Your if() made no sense so I changed it. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 13, 2008 Author Share Posted May 13, 2008 i get this error Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/www/darkflame.awardspace.com/guestbook.php on line 40 $ban_ip = mysql_query("SELECT * FROM darkflame_ban WHERE `ip`=$ip LIMIT 0,1"); $ban = mysql_fetch_assoc($ban_ip); if ($ban) line 40 $ban = mysql_fetch.... Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 13, 2008 Share Posted May 13, 2008 Replace that line with: $query = "SELECT * FROM darkflame_ban WHERE `ip`='$ip' LIMIT 0,1""; $ban = mysql_query($query) OR die(mysql_error()); EDIT: Changed the query. I noticed a mistake. It might work with no errors now. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 13, 2008 Author Share Posted May 13, 2008 thanks Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 14, 2008 Author Share Posted May 14, 2008 using this code $query = "SELECT * FROM darkflame_ban WHERE `ip`='$ip' LIMIT 0,1"; $ban = mysql_query($query) OR die(mysql_error()); echo "$ban<br>"; echo "$ip<br>"; if ($ban) { echo "Enough spamming<br>Your Posting Rights Have Been Suspended, contact the administrator if you think it is a mistake"; exit(); } it count's everyone as banned, i am echoing to try and debug it, $ban echoes Resource id #4 any help? Quote Link to comment Share on other sites More sharing options...
RichardRotterdam Posted May 14, 2008 Share Posted May 14, 2008 i got a hunch that $ban var is an array with a couple of fields or one field name try this <pre> <?php print_r($ban); ?> </pre> you probably should do the check like so <?php if($ban['ip']){ //ban yer butt } ?> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 14, 2008 Author Share Posted May 14, 2008 this <pre> <?php print_r($ban); ?> </pre> prints the same thing Resource id #4 this is my whole section <?php if (isset($_GET['add_gbookentry'])) { if(isset($_POST['add'])) { $name = mysql_real_escape_string($_POST['name']); $message = mysql_real_escape_string($_POST['message']); $email = mysql_real_escape_string($_POST['email']); $website = mysql_real_escape_string($_POST['website']); $ip = $_SERVER['REMOTE_ADDR']; $query = "SELECT * FROM darkflame_ban WHERE `ip`='$ip' LIMIT 0,1"; $ban = mysql_query($query) OR die(mysql_error()); ?><pre> <?php print_r($ban); ?> </pre> <?php echo "$ban<br>"; echo "$ip<br>"; if ($ban) { echo "Enough spamming<br>Your Posting Rights Have Been Suspended, contact the administrator if you think it is a mistake"; exit(); } elseif($name && $message) { mysql_query("INSERT INTO `darkflame_gbook` (id, time, ip, content, email, name, website) VALUES( '','$date','$ip', '$message', '$email', '$name' ,'$website')") or die('Error ' . mysql_error()); ?> <p><a href="guestbook.php">View Guestbook</a></p> <?php echo "Entry Added"; exit(); } else { echo "Please Fill In All The Fields"; } } ?> <form action="<?php $_SERVER['PHP_SELF'] ?>" method="POST">Name: <input type="text" name="name" /><br />Email: <input type="text" name="email" /><br />Website: <input type="text" name="website" /><br />Message:<textarea name="message" cols="50" rows="10" title="Your Message Here"></textarea><br /><input type="submit" value="Submit" name="add" /></form> <?php exit(); } ?> Quote Link to comment Share on other sites More sharing options...
RichardRotterdam Posted May 14, 2008 Share Posted May 14, 2008 you can do a couple of things 1. try in phpmyadmin or mysql query browser if that sql returns a record (i think it returns multiple fields this way you can be sure) 2. echo your $ban var 3. only select the field you need $query = "SELECT ip_field_name FROM darkflame_ban WHERE ip ='$ip' LIMIT 0,1"; and the php was actually correct in your previous if ($ip == $ban){ } Quote Link to comment Share on other sites More sharing options...
jonsjava Posted May 14, 2008 Share Posted May 14, 2008 I know there are other ways, but this *should* work <?php if (isset($_GET['add_gbookentry'])) { if(isset($_POST['add'])) { $name = mysql_real_escape_string($_POST['name']); $message = mysql_real_escape_string($_POST['message']); $email = mysql_real_escape_string($_POST['email']); $website = mysql_real_escape_string($_POST['website']); $ip = $_SERVER['REMOTE_ADDR']; $query = "SELECT * FROM darkflame_ban WHERE `ip`='$ip' LIMIT 0,1"; $ban = mysql_query($query) OR die(mysql_error()); $banned = mysql_num_rows($ban); ?><pre> </pre> <?php echo "$banned<br>"; echo "$ip<br>"; if ($banned > 0) { echo "Enough spamming<br>Your Posting Rights Have Been Suspended, contact the administrator if you think it is a mistake"; exit(); } elseif($name && $message) { mysql_query("INSERT INTO `darkflame_gbook` (id, time, ip, content, email, name, website) VALUES( '','$date','$ip', '$message', '$email', '$name' ,'$website')") or die('Error ' . mysql_error()); ?> <p><a href="guestbook.php">View Guestbook</a></p> <?php echo "Entry Added"; exit(); } else { echo "Please Fill In All The Fields"; } } ?> <form action="<?php $_SERVER['PHP_SELF'] ?>" method="POST">Name: <input type="text" name="name" /><br />Email: <input type="text" name="email" /><br />Website: <input type="text" name="website" /><br />Message:<textarea name="message" cols="50" rows="10" title="Your Message Here"></textarea><br /><input type="submit" value="Submit" name="add" /></form> <?php exit(); } ?> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 14, 2008 Author Share Posted May 14, 2008 succes, thanks for all the help Quote Link to comment Share on other sites More sharing options...
rhock_95 Posted May 14, 2008 Share Posted May 14, 2008 another way to ban an IP...FWIW <?php $deny = array("111.111.111", "222.222.222", "333.333.333"); if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) { header("location: http://www.google.com/"); exit(); } ?> Quote Link to comment Share on other sites More sharing options...
jonsjava Posted May 14, 2008 Share Posted May 14, 2008 that's the way I do it, but I was just going off his code to help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.