Jump to content

Archived

This topic is now archived and is closed to further replies.

Adamb10

Ban feature not working right

Recommended Posts

This is hard to explain but here it goes...

I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page which I should be able to. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.

[code]
<?
//index.php
//Start the session
session_start();

//Load required files
require('sources/functions.php');

//Counters are cool, I think we need one...
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "sources/counter.txt";
$counter_file_line = file($counter_file);
if(!$c_ip) {
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++;
$cf = fopen ($counter_file, "w+");
fputs($cf, "$counter_file_line[0]"); fclose($cf);
}
elseif($c_ip != $REMOTE_ADDR){
$counter_file_line[0]++; $cf = fopen ($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
  fclose($cf);
}

//Essential Functions
db_connect();

//Prepare for Query in 5..4..3..2..1
function query($query){
     $sql = "$query";
     $result = mysql_query($sql);
     return mysql_fetch_array ($result);
}

//Query time!
$row = query("SELECT * FROM settings"); //settings query
$row1 = query("SELECT * FROM colors"); //colors query

$q1 = 'SELECT * FROM Bans'; //ban query
       $r1 = mysql_query($q1) or die(mysql_error());

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

$hf = query("SELECT * FROM hf"); //HF Query
if (!$hf) {
    die('Invalid query: ' . mysql_error());
    }

//Lets output the html
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<head>
<title>'.$row['title'].'</title>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <style type="text/css">
<!--


a:link {
     color: #'.$row1['link'].';
     text-decoration: none;
}
a:visited {
     color: #'.$row1['visitedlink'].';
     text-decoration: none;
}
a:active {
     color: #'.$row1['activelink'].';
     text-decoration: none;
}
a:hover {
     color: #'.$row1['hoverlink'].';
     text-decoration: none;
     }
body {
     background-color: #'.$row1['bodybg'].';
     font-family: '.$row1['fontfamily'].';
     font-size: '.$row1['fontsize'].';
     color: #'.$row1['font'].';
     margin:0px;
     ';
if ($row1['bodybgimage'] != "") {
echo 'background-image: url('.$row1['bodybgimage'].');';
}
echo '
     }
.titlebg {
     background-color: #'.$row1['titlebg'].';
     font-family: '.$row1['titlefontfamily'].';
     font-size: '.$row1['titlefontsize'].';
     color: #'.$row1['titlefont'].'; ';
     if ($row1['tilebgimage'] == "") {
     echo '
     background-image: url('.$row1['titlebgimage'].');';
}
         echo '
         }
.windowbg {
     background-color: #'.$row1['windowbg'].';
     font-family: '.$row1['windowfontfamily'].';
     font-size: '.$row1['windowfontsize'].';
     color: #'.$row1['windowfont'].';';
     if ($row1['windowbgimage'] != "") {
     echo 'background-image: url('.$row1['windowbgimage'].');';
     }
     echo '
     }
.windowbg2 {
     background-color: #'.$row1['window2bg'].';
     font-family: '.$row1['window2fontfamily'].';
     font-size: '.$row1['window2fontsize'].';
     color: #'.$row1['window2font'].';';
     if($row1['window2bgimage'] != "") {
     echo 'background-image: url('.$row1['window2bgimage'].');';
     }
  
     echo '
      }
.border {
     background-color: #'.$row1['border'].';
     }
td {
     font-size: 11px;
     }
input,textarea {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
select {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
     --!>
     </style>
     <title>'.$row1['title'].'</title>
</head>

<body>';

//Ban System
if($_GET['action'] == "")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
  $reason = $row['reason'];
if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');
}
}
}
if($ip != $ip1) {


//echo out the Guestbook Header
guestbook_header();
echo '<br><br><br>';
require('sources/actions.php');

//Check if this really is index.php.
if($_GET['action'] == "")
{
echo '<br>'.$hf['header'].'';
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "top"){
kwikpost();
}
}}
}

echo '<br><br>
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';

//Prepare the comment system...
if($_GET['action'] == "")
{

  while($row = mysql_fetch_array($r)){

  $date = explode("|", $row['date']);
             $name = $row['name'];
             $comment = $row['comment'];
             $email = $row['email'];
             $website = $row['website'];

if(!isset($cmd)){
echo '
  <tr class="windowbg2">
           <td style="width: 27%;">';
          
//Hi, whats your name?
            echo
           "$name
          <br><a href=\"mailto: $email\">
              [email]</a>";
          
            
             if($website != "") {
             echo "<a href=\"$website\">[website]</a>";
             }
             echo '
            
         </td>
         <td>';
        
//Date System
        $d = $row['date'];
         $month = date("M");
         $day = date("d");
         $year = date("Y");

//Was the comment posted yesterday or today?
echo 'Posted on ';
if($date['0']==$month && $date['1']==$day && $date['3']==$year){
             echo '<b>Today</b>';
         } elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
             echo '<b>Yesterday</b>';
         } else {
             echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
         }
         echo ' at <b>'.$date['4'].'</b>';
     }

echo   "<br><br>
        
$comment
            </td>
     </tr>";
    }

echo '
<table>
<br>';

//Kwik Post time!
$row = query("SELECT * FROM settings");
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "bottom"){
kwikpost();
}}}

echo '
'.$hf['footer'].'';

     }
copyright();
         }

?>
[/code]

Thanks!!

Share this post


Link to post
Share on other sites
try changing this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

[/code]

to this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}[/code]

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps

Share this post


Link to post
Share on other sites
also i'd like to point out that since the if statements execute virtually the same thing, except for one little thing, you might want to condense that code down a bit. for example, change your $row['postorder'] to hold asc and desc, instead of ascend and descend, and then you can just simply execute the query order by date $row['postorder'].

or if that's not feasable, then how about chopping off the last 3 characters - the 'end' in asc[b]end[/b] and desc[b]end[/b] and then running the query with the var, instead of doing the if statements.

Share this post


Link to post
Share on other sites
[!--quoteo(post=387703:date=Jun 25 2006, 02:25 AM:name=shortj75)--][div class=\'quotetop\']QUOTE(shortj75 @ Jun 25 2006, 02:25 AM) [snapback]387703[/snapback][/div][div class=\'quotemain\'][!--quotec--] try changing this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

[/code]

to this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}[/code]

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps [/quote]
Doesnt help at all I dont think. Please note that I have this code in several files too...

[code]
$q1 = 'SELECT * FROM Bans'; //ban query
      $r1 = mysql_query($q1) or die(mysql_error());


if($_GET['action'] == "login")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
$reason = $row['reason'];

if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');

}
}
if($ip != $ip1) {
[/code]



Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.