Ban feature not working right

Adamb10 · June 25, 2006

This is hard to explain but here it goes...

I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page which I should be able to. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.

[code]
<?
//index.php
//Start the session
session_start();

//Load required files
require('sources/functions.php');

//Counters are cool, I think we need one...
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "sources/counter.txt";
$counter_file_line = file($counter_file);
if(!$c_ip) {
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++;
$cf = fopen ($counter_file, "w+");
fputs($cf, "$counter_file_line[0]"); fclose($cf);
}
elseif($c_ip != $REMOTE_ADDR){
$counter_file_line[0]++; $cf = fopen ($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
  fclose($cf);
}

//Essential Functions
db_connect();

//Prepare for Query in 5..4..3..2..1
function query($query){
     $sql = "$query";
     $result = mysql_query($sql);
     return mysql_fetch_array ($result);
}

//Query time!
$row = query("SELECT * FROM settings"); //settings query
$row1 = query("SELECT * FROM colors"); //colors query

$q1 = 'SELECT * FROM Bans'; //ban query
       $r1 = mysql_query($q1) or die(mysql_error());

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());

} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

$hf = query("SELECT * FROM hf"); //HF Query
if (!$hf) {
    die('Invalid query: ' . mysql_error());
    }

//Lets output the html
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<head>
<title>'.$row['title'].'</title>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <style type="text/css">
<!--

a:link {
     color: #'.$row1['link'].';
     text-decoration: none;
}
a:visited {
     color: #'.$row1['visitedlink'].';
     text-decoration: none;
}
a:active {
     color: #'.$row1['activelink'].';
     text-decoration: none;
}
a:hover {
     color: #'.$row1['hoverlink'].';
     text-decoration: none;
     }
body {
     background-color: #'.$row1['bodybg'].';
     font-family: '.$row1['fontfamily'].';
     font-size: '.$row1['fontsize'].';
     color: #'.$row1['font'].';
     margin:0px;
     ';
if ($row1['bodybgimage'] != "") {
echo 'background-image: url('.$row1['bodybgimage'].');';
}
echo '
     }
.titlebg {
     background-color: #'.$row1['titlebg'].';
     font-family: '.$row1['titlefontfamily'].';
     font-size: '.$row1['titlefontsize'].';
     color: #'.$row1['titlefont'].'; ';
     if ($row1['tilebgimage'] == "") {
     echo '
     background-image: url('.$row1['titlebgimage'].');';
}
         echo '
         }
.windowbg {
     background-color: #'.$row1['windowbg'].';
     font-family: '.$row1['windowfontfamily'].';
     font-size: '.$row1['windowfontsize'].';
     color: #'.$row1['windowfont'].';';
     if ($row1['windowbgimage'] != "") {
     echo 'background-image: url('.$row1['windowbgimage'].');';
     }
     echo '
     }
.windowbg2 {
     background-color: #'.$row1['window2bg'].';
     font-family: '.$row1['window2fontfamily'].';
     font-size: '.$row1['window2fontsize'].';
     color: #'.$row1['window2font'].';';
     if($row1['window2bgimage'] != "") {
     echo 'background-image: url('.$row1['window2bgimage'].');';
     }

     echo '
      }
.border {
     background-color: #'.$row1['border'].';
     }
td {
     font-size: 11px;
     }
input,textarea {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
select {
     font-family: '.$row1['fontfamily'].';
     font-size: 11px;
     }
     --!>
     </style>
     <title>'.$row1['title'].'</title>
</head>

<body>';

//Ban System
if($_GET['action'] == "")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
  $reason = $row['reason'];
if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');
}
}
}
if($ip != $ip1) {

//echo out the Guestbook Header
guestbook_header();
echo '<br><br><br>';
require('sources/actions.php');

//Check if this really is index.php.
if($_GET['action'] == "")
{
echo '<br>'.$hf['header'].'';
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "top"){
kwikpost();
}
}}
}

echo '<br><br>
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';

//Prepare the comment system...
if($_GET['action'] == "")
{

  while($row = mysql_fetch_array($r)){

  $date = explode("|", $row['date']);
             $name = $row['name'];
             $comment = $row['comment'];
             $email = $row['email'];
             $website = $row['website'];

if(!isset($cmd)){
echo '
  <tr class="windowbg2">
           <td style="width: 27%;">';

//Hi, whats your name?
            echo
           "$name
          <br><a href=\"mailto: $email\">
              [email]</a>";


             if($website != "") {
             echo "<a href=\"$website\">[website]</a>";
             }
             echo '

         </td>
         <td>';

//Date System
        $d = $row['date'];
         $month = date("M");
         $day = date("d");
         $year = date("Y");

//Was the comment posted yesterday or today?
echo 'Posted on ';
if($date['0']==$month && $date['1']==$day && $date['3']==$year){
             echo '<b>Today</b>';
         } elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
             echo '<b>Yesterday</b>';
         } else {
             echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
         }
         echo ' at <b>'.$date['4'].'</b>';
     }

echo   "<br><br>

$comment
            </td>
     </tr>";
    }

echo '
<table>
<br>';

//Kwik Post time!
$row = query("SELECT * FROM settings");
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "bottom"){
kwikpost();
}}}

echo '
'.$hf['footer'].'';

     }
copyright();
         }

?>
[/code]

Thanks!!

shortj75 · June 25, 2006

try changing this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());

} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

[/code]

to this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());

} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}[/code]

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps

.josh · June 25, 2006

also i'd like to point out that since the if statements execute virtually the same thing, except for one little thing, you might want to condense that code down a bit. for example, change your $row['postorder'] to hold asc and desc, instead of ascend and descend, and then you can just simply execute the query order by date $row['postorder'].

or if that's not feasable, then how about chopping off the last 3 characters - the 'end' in asc[b]end[/b] and desc[b]end[/b] and then running the query with the var, instead of doing the if statements.

Adamb10 · June 25, 2006

[!--quoteo(post=387703:date=Jun 25 2006, 02:25 AM:name=shortj75)--][div class=\'quotetop\']QUOTE(shortj75 @ Jun 25 2006, 02:25 AM) [snapback]387703[/snapback][/div][div class=\'quotemain\'][!--quotec--] try changing this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());

} elseif($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }

[/code]

to this

[code]

if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());

} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}[/code]

you forgot to put { after else and with that you would need to add } at the end try that and see if it helps [/quote]
Doesnt help at all I dont think. Please note that I have this code in several files too...

[code]
$q1 = 'SELECT * FROM Bans'; //ban query
      $r1 = mysql_query($q1) or die(mysql_error());

if($_GET['action'] == "login")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
$reason = $row['reason'];

if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');

}
}
if($ip != $ip1) {
[/code]

Sign In

Ban feature not working right

Recommended Posts

Adamb10

Link to comment

Share on other sites

shortj75

Link to comment

Share on other sites

.josh

Link to comment

Share on other sites

Adamb10

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information