Jump to content


Photo

Ban feature not working right


  • Please log in to reply
3 replies to this topic

#1 Adamb10

Adamb10
  • Members
  • PipPip
  • Member
  • 19 posts
  • LocationMilwaukee, Wisconsin

Posted 25 June 2006 - 02:10 AM

This is hard to explain but here it goes...

I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page which I should be able to. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.

 <?
 //index.php
 //Start the session
 session_start();
 
 //Load required files
 require('sources/functions.php');
 
 //Counters are cool, I think we need one...
 $c_ip = $HTTP_COOKIE_VARS["user_ip"];
 $counter_file = "sources/counter.txt";
 $counter_file_line = file($counter_file);
 if(!$c_ip) {
 setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++;
 $cf = fopen ($counter_file, "w+");
 fputs($cf, "$counter_file_line[0]"); fclose($cf);
 }
 elseif($c_ip != $REMOTE_ADDR){
 $counter_file_line[0]++; $cf = fopen ($counter_file, "w+");
 fputs($cf, "$counter_file_line[0]");
  fclose($cf);
 }
 
 //Essential Functions
 db_connect();
 
 //Prepare for Query in 5..4..3..2..1
 function query($query){
     $sql = "$query";
     $result = mysql_query($sql);
     return mysql_fetch_array ($result); 
 }
 
 //Query time!
 $row = query("SELECT * FROM settings"); //settings query
 $row1 = query("SELECT * FROM colors"); //colors query
 
 $q1 = 'SELECT * FROM Bans'; //ban query
       $r1 = mysql_query($q1) or die(mysql_error());
 
 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
 } elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
 
 $hf = query("SELECT * FROM hf"); //HF Query
 if (!$hf) {
    die('Invalid query: ' . mysql_error());
    }
 
 //Lets output the html
 echo '
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
 <head>
 <title>'.$row['title'].'</title>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <style type="text/css">
 <!--
 
 
 a:link {
     color: #'.$row1['link'].';
     text-decoration: none;
 }
 a:visited {
     color: #'.$row1['visitedlink'].';
     text-decoration: none;
 }
 a:active {
     color: #'.$row1['activelink'].';
     text-decoration: none;
 }
 a:hover {
     color: #'.$row1['hoverlink'].';
     text-decoration: none;
     }
 body {
     background-color: #'.$row1['bodybg'].';
     font-family: '.$row1['fontfamily'].';
     font-size: '.$row1['fontsize'].';
     color: #'.$row1['font'].';
     margin:0px;
     ';
 if ($row1['bodybgimage'] != "") {
 echo 'background-image: url('.$row1['bodybgimage'].');';
 }
 echo '
     }
 .titlebg {
     background-color: #'.$row1['titlebg'].';
     font-family: '.$row1['titlefontfamily'].';
     font-size: '.$row1['titlefontsize'].';
     color: #'.$row1['titlefont'].'; ';
     if ($row1['tilebgimage'] == "") {
     echo '
     background-image: url('.$row1['titlebgimage'].');';
 }
         echo '
         }
 .windowbg {
     background-color: #'.$row1['windowbg'].';
     font-family: '.$row1['windowfontfamily'].';
     font-size: '.$row1['windowfontsize'].';
     color: #'.$row1['windowfont'].';';
     if ($row1['windowbgimage'] != "") {
     echo 'background-image: url('.$row1['windowbgimage'].');';
     }
     echo '
     }
 .windowbg2 {
     background-color: #'.$row1['window2bg'].';
     font-family: '.$row1['window2fontfamily'].';
     font-size: '.$row1['window2fontsize'].';
     color: #'.$row1['window2font'].';';
     if($row1['window2bgimage'] != "") {
     echo 'background-image: url('.$row1['window2bgimage'].');';
     }
   
     echo '
      }
 .border {
     background-color: #'.$row1['border'].';
     }
 td {
     font-size: 11px;
     }
 input,textarea {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
 select {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
     --!>
     </style>
     <title>'.$row1['title'].'</title>
 </head>
 
 <body>';
 
 //Ban System
 if($_GET['action'] == "")
 {
 $ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
 while($row = mysql_fetch_array($r1)){
 $ip = $row['ip'];
  $reason = $row['reason'];
 if($ip==$ip1){
 error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');
 }
 }
 }
 if($ip != $ip1) {
 
 
 //echo out the Guestbook Header
 guestbook_header();
 echo '<br><br><br>';
 require('sources/actions.php');
 
 //Check if this really is index.php. 
 if($_GET['action'] == "")
 {
 echo '<br>'.$hf['header'].'';
 if($row['posting'] == "enabled") {
 if($row['kwikpost'] == "yes"){
 if($row['kwikpostlocation'] == "top"){
 kwikpost();
 }
 }}
 }
 
 echo '<br><br>
 <table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';
 
 //Prepare the comment system...
 if($_GET['action'] == "")
 {
 
  while($row = mysql_fetch_array($r)){
 
  $date = explode("|", $row['date']);
             $name = $row['name'];
             $comment = $row['comment'];
             $email = $row['email'];
             $website = $row['website'];
 
 if(!isset($cmd)){
 echo '
  <tr class="windowbg2">
           <td style="width: 27%;">';
          
 //Hi, whats your name?
            echo
           "$name
          <br><a href=\"mailto: $email\">
              [email]</a>";
           
            
             if($website != "") {
             echo "<a href=\"$website\">[website]</a>";
             }
             echo '
            
         </td>
         <td>';
        
 //Date System
        $d = $row['date'];
         $month = date("M");
         $day = date("d");
         $year = date("Y");
 
 //Was the comment posted yesterday or today?
 echo 'Posted on ';
 if($date['0']==$month && $date['1']==$day && $date['3']==$year){
             echo '<b>Today</b>';
         } elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
             echo '<b>Yesterday</b>';
         } else {
             echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
         }
         echo ' at <b>'.$date['4'].'</b>';
     }
 
 echo   "<br><br>
        
 $comment
            </td>
     </tr>";
    }
 
 echo '
 <table>
 <br>';
 
 //Kwik Post time!
 $row = query("SELECT * FROM settings");
 if($row['posting'] == "enabled") {
 if($row['kwikpost'] == "yes"){
 if($row['kwikpostlocation'] == "bottom"){
 kwikpost();
 }}}
 
 echo '
 '.$hf['footer'].'';
 
     }
 copyright();
         }
 
 ?>

Thanks!!

#2 shortj75

shortj75
  • Members
  • PipPipPip
  • Advanced Member
  • 118 posts
  • LocationPort Huron,mi

Posted 25 June 2006 - 07:25 AM

try changing this


 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }


to this


 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps
The Short One

hopfully this helps if it doesn't sorry
i won't write the code for you!!! you don't learn that way

#3 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 25 June 2006 - 07:53 AM

also i'd like to point out that since the if statements execute virtually the same thing, except for one little thing, you might want to condense that code down a bit. for example, change your $row['postorder'] to hold asc and desc, instead of ascend and descend, and then you can just simply execute the query order by date $row['postorder'].

or if that's not feasable, then how about chopping off the last 3 characters - the 'end' in ascend and descend and then running the query with the var, instead of doing the if statements.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#4 Adamb10

Adamb10
  • Members
  • PipPip
  • Member
  • 19 posts
  • LocationMilwaukee, Wisconsin

Posted 25 June 2006 - 01:38 PM

[!--quoteo(post=387703:date=Jun 25 2006, 02:25 AM:name=shortj75)--][div class=\'quotetop\']QUOTE(shortj75 @ Jun 25 2006, 02:25 AM) View Post[/div][div class=\'quotemain\'][!--quotec--] try changing this


 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }


to this


 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps [/quote]
Doesnt help at all I dont think. Please note that I have this code in several files too...

$q1 = 'SELECT * FROM Bans'; //ban query
      $r1 = mysql_query($q1) or die(mysql_error());


if($_GET['action'] == "login")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
 $reason = $row['reason'];
 
if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');

}
}
if($ip != $ip1) {








0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users