need help with my banning function

[darkcarnival]

hey,

im trying to fix my banning function and currently its not workng like it should.

basically its suppose to ban users who have a certain email or username but when i test it out it lets the banned email through. here is the code im using:

[code]function check_email(){

global $email, $txt, $db;

$sql = "SELECT * FROM ebb_banlist WHERE ban_type='Email'";
$errorq = $sql;
$banemail_q = mysql_query($sql) or die(error($error, "mysql", $errorq));
$numchk = mysql_num_rows($banemail_q);
if($numchk == 0){
//bypass this check, nothing is found to check.
}else{
while ($row = mysql_fetch_assoc ($banemail_q)){

if($row['match_type'] == "Wildcard"){
$db->run = "SELECT * FROM ebb_banlist WHERE ban_type='Email' and ban_item like '%$email%'";
$match_chk = $db->num_results();
$db->close();
#see if a match is found.
if ($match_chk == 1){
$error = $txt['emailban'];
echo error($error, "general");
}
}else{
$db->run = "SELECT * FROM ebb_banlist WHERE ban_type='Email' and ban_item='$email'";
$match_chk = $db->num_results();
$db->close();
#see if a match is found.
if ($match_chk == 1){
$error = $txt['emailban'];
echo error($error, "general");
}
}
}
}
}[/code]

I'm really stumped on this, and ive tried other ways with no success too. please help me.

thanks.

[.josh]

umm.. i think you're making it more difficult than it really is. in essence, it is no different than checking a table to see if an entry already exists (like, a username in a register script)

[code]
$email = 'email@to.check';
$sql = "select * from bannedemails where email like '%$email%'";
$rs = mysql_query($sql);
$num = mysql_num_rows($rs);
if ($num > 0) {
  echo "this email is banned!";
} else {
  // do whatever, like continue to register
}
[/code]

[poirot]

darkcarnival, you are overcomplicating things. I've redone the function and actually set a database to test it.

Since I didn't knew what your error(), $txt, and so on, did, I made up them and also the database.

[code]<?php

// This is MySQL connection stuff
mysql_connect('localhost', 'user', 'pass');
mysql_select_db('test');

// This is an error handling function I coded based on what I see
function error($error, $type, $details="")
{
   echo 'Error: ' . $error . '<br />';
   echo 'Type: ' . $type . '<br />';
   if (!empty($details)) {
      echo 'Deatils: ' . $details . '<br />';
   }
}

// Retrieves the email
$email = $_GET['email'];

// This is what I supposed your $txt to be.
$txt = array ('emailban' => 'Your Email is banned');

// This is a rewritten check_email() function
// It returns true if the email is not banned, false otherwise
// It works based on how I think your database is structured.
function check_email()
{
   global $email;

   $sql = "SELECT * FROM ebb_banlist WHERE ban_type='Email' AND ban_item LIKE '%$email%'";

   $banemail_q = mysql_query($sql) or die(error(mysql_error(), "mysql", $sql));

   if (mysql_num_rows($banemail_q) != 0) {

      while ($row = mysql_fetch_assoc($banemail_q)) {
         if ($row['match_type'] == "Wildcard") {
            $error = true;
         } else {
            if ($row['ban_item'] == $email) {
               $error = true;
            }
         }
      }
   }
   return ($error) ? false : true;
}

// This is basically how to use the function
if (!check_email()) {
   $error = $txt['emailban'];
   echo error($error, "general");
} else {
   echo 'You\'re good to go!';
}

?>[/code]

Here is an SQL dump of the test database:

[!--sql--][div class=\'sqltop\']SQL[/div][div class=\'sqlmain\'][!--sql1--][color=orange]-[/color][color=orange]-[/color]
[color=orange]-[/color][color=orange]-[/color] Table structure for table `ebb_banlist`
[color=orange]-[/color][color=orange]-[/color]

CREATE TABLE `ebb_banlist` (
`id` int(11) NOT NULL auto_increment,
`ban_type` varchar(32) NOT NULL default '',
`match_type` varchar(32) NOT NULL default '',
`ban_item` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE[color=orange]=[/color]MyISAM AUTO_INCREMENT[color=orange]=[/color]3 ;

[color=orange]-[/color][color=orange]-[/color]
[color=orange]-[/color][color=orange]-[/color] Dumping data for table `ebb_banlist`
[color=orange]-[/color][color=orange]-[/color]

[span style=\'color:blue;font-weight:bold\']INSERT[/span] [color=green]INTO[/color] [color=orange]`ebb_banlist`[/color] VALUES (1, [color=red]'Email'[/color], [color=red]'Wildcard'[/color], [color=red]'test@test.com.nc'[/color]);
[span style=\'color:blue;font-weight:bold\']INSERT[/span] [color=green]INTO[/color] [color=orange]`ebb_banlist`[/color] VALUES (2, [color=red]'Email'[/color], [color=red]'', '[/color]gargoyle@google.com'); [!--sql2--][/div][!--sql3--]

With this, I ran some test emails:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]test@test.com.cn -> wildcard on

test@test.com -> banned
test@test.com.cn -> banned

gargoyle@google.com -> wildcard off

gargoyle@google.com -> banned
gargoyle@google.com.nc -> not banned[/quote]

[darkcarnival]

ok ill give that a try.

btw $txt is a language variable(i have other since this program is multi-langual supported)

error() is a error printing function i made to make displaying errors easier and more detailed ;)

[poirot]

[!--quoteo(post=381530:date=Jun 8 2006, 11:38 AM:name=darkcarnival)--][div class=\'quotetop\']QUOTE(darkcarnival @ Jun 8 2006, 11:38 AM) [snapback]381530[/snapback][/div][div class=\'quotemain\'][!--quotec--]
ok ill give that a try.

btw $txt is a language variable(i have other since this program is multi-langual supported)

error() is a error printing function i made to make displaying errors easier and more detailed ;)
[/quote]
Indeed, I thought so and made simple replicas of them [img src=\"style_emoticons/[#EMO_DIR#]/wink.gif\" style=\"vertical-align:middle\" emoid=\":wink:\" border=\"0\" alt=\"wink.gif\" /]

[darkcarnival]

EDIT:

ok after a small workaround i got it to work correctly. :)

thank you for your help.