Monk3h Posted May 18, 2008 Share Posted May 18, 2008 can anyone tell me why this dosnt work? <?php $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); mysql_query("update players set hostname=$hostname where id=$stat[id]"); $badisp = mysql_fetch_array(mysql_query("select * from badisp")); if ($hostname == $badisp[isp]){ print "Invalid login MOFO."; } ?>/code] Quote Link to comment Share on other sites More sharing options...
EGONick Posted May 18, 2008 Share Posted May 18, 2008 As long as the data exists in the database try this: <?php $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); mysql_query("update players set hostname=$hostname where id=$stat[id]"); $badisp = mysql_fetch_array(mysql_query("select * from badisp")); if ($hostname == $badisp['isp']){ print "Invalid login MOFO."; } ?> Quote Link to comment Share on other sites More sharing options...
corbin Posted May 18, 2008 Share Posted May 18, 2008 $hostname will be a string, therefore, it needs quotes around it. mysql_query("update players set hostname='{$hostname}' where id={$stat['id']}"); Also, $stat['id'] is set, yes? Also, when ever you access arrays with strings, you should quote them, or PHP will try to see if the string is a constant (and issue either a warning or notice. I think a notice, but I could be rememering wrong). Quote Link to comment Share on other sites More sharing options...
Monk3h Posted May 18, 2008 Author Share Posted May 18, 2008 Still doesnt work.. <?php $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); $stat = mysql_fetch_array(mysql_query("select * from players where user='$user' and pass='$pass'")); mysql_query("update players set hostname='{$hostname}' where id={$stat['id']}"); $badisp = mysql_fetch_array(mysql_query("select * from badisp")); if ($hostname == $badisp['isp']){ print "Invalid login MOFO."; } ?> Quote Link to comment Share on other sites More sharing options...
Monk3h Posted May 18, 2008 Author Share Posted May 18, 2008 Script Explantion.. When Some one cheats i add there isp details into a table called badisp, in a feild called isp. Im prety sure i used the right sql string to access that table. The script should display that message if any of the entries match that person ISP. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted May 18, 2008 Share Posted May 18, 2008 Im prety sure i used the right sql string to access that table. i suggest that you skip the shortcuts and take more control your database interactions, for instance: <?php $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); $hsql = "select * from players where user='$user' and pass='$pass'"; $hresult = mysql_query($hsql) or die(mysql_error()); if (count($hresult) > 0) { $stat = mysql_fetch_array($hresult); $usql = "update players set hostname='{$hostname}' where id={$stat['id']}"; mysql_query($usql) or die(mysql_error()); $tsql = "select * from badisp"; $tresult = mysql_query($tsql) or die(mysql_error()); if (count($tresult) > 0) { $badisp = mysql_fetch_array($tresult); if ($hostname == $badisp['isp']){ print "Invalid login MOFO."; } } } ?> this will help you find the mistakes in your database interactions. without error reporting, you have to guess and hack and waste time when the solution could be right in front of you. Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted May 18, 2008 Share Posted May 18, 2008 Why are we selecting all the rows from a table and then looking for a match? Use a database the way it's designed to be used: $sql = "SELECT COUNT(*) FROM badisp WHERE isp='$hostname'"; $result = mysql_query($sql) or die(mysql_error()); if(mysql_result($result,0) > 0){ echo 'invalid login'; } ?> Also, when ever you access arrays with strings, you should quote them, or PHP will try to see if the string is a constant (and issue either a warning or notice. I think a notice, but I could be rememering wrong). It's a notice. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.