How to do something with a variable

[champbronc2]

OK so I have a url and it looks like Http://www.example.com/example.php?ad=###

 

What I want to do is something like this:

 

$ad_id=limpiar($_GET["ad"]);
if '$ad_id LIKE %0% OR contains %abcdefghijklmnopqrstuvwxyz%{
echo '$user=uc($_COOKIE["usNick"]);
$delete = "DELETE FROM users
WHERE username='$user'"
$go = mysql_query($delete)
"Account deleted! Stop cheating"
}
else
{

 

I realize that this code is complete garbage because it is wrong. I don't know the commands but I am trying to show you what I need it to do.

 

Can anyone give me the code to do what I am trying to do?

[Andy-H]

$ad_id = $_GET['id'];

if ( (ereg("[^[:digit:]]", $ad_id)) || ($ad_id == 0) ){

$user = uc($_COOKIE['usNick']);

$del = "DELETE FROM users WHERE username = '$user'";
$go  = mysql_query($del)or trigger_error("Could not delete account");

echo "Account deleted! Stop cheating!!!";

}else{

rest of code...

}

 

Is that what you want?

[Andy-H]

Although quite frankly this is a bad way to handle cheaters, if people are cheating on your site then it's your own fault as you should have made it secure. Cheaters also help you to make your site secure if you missed any security holes/exploits as they will probably end up reporting the problem to you...

[champbronc2]

$ad_id = $_GET['ad']; //Shouldn't that be getting the ad variable not id?

if ( (ereg("[^[:digit:]]", $ad_id)) || ($ad_id == 0) ){

$user = uc($_COOKIE['usNick']);

$del = "DELETE FROM users WHERE username = '$user'";
$go  = mysql_query($del)or trigger_error("Could not delete account");

echo "Account deleted! Stop cheating!!!";

}else{

rest of code...

}

 

Is that what you want?

No I don't think that would work because wouldn't that flag anyone viewing http://www.example.com/view.php?ad=###

 

I only want it to flag people if the # in the ad URL variable has a zero or letters in it.

 

I got this when I went to this url http://www.example.com/view.php?ad=0

Fatal error: Call to undefined function uc() in /home/champbux/public_html/betaview.php on line 7

 

And when I tried http://www.example.com/view.php?ad=0123 it didn't flag it.

[Andy-H]

uc was a function from your code, are you even using cookies or are you using sessions?

 

You would also need to look into regex, I dont know a great deal about it...

[champbronc2]

The username and password are from cookies.

[champbronc2]

OK, I will pay $5 PayPal if somebody can just do this.

[GKWelding]

$ad_id = $_GET['ad'];

preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*)

if ( !is_int($ad_id) || isset($match[0]) )
{

$user = uc($_COOKIE['usNick']); //if function uc() does not existing thn this should be $user = $_COOKIE['usNick'];

$del = "DELETE FROM users WHERE username = '$user'";
$go  = mysql_query($del)or trigger_error("Could not delete account");

echo "Account deleted! Stop cheating!!!";

}else{

rest of code...

}

 

Don't worry about the $5.

[champbronc2]

Parse error: syntax error, unexpected '/', expecting ')' in /home/champbux/public_html/betaview.php on line 6

 

preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*)

[wildteen88]

preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*)

 

Should be

preg_match('/(.*)0(.*)/',$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*)

[champbronc2]

Well now it kind of works.

 

No error, but it deletes the account no matter what is in the ad # and doesn't say the account deleted message.

 

 

I went to http://www.example.com/view.php?ad=123

 

That shouldn't be marked as cheating but still did mark it as cheating and deleted the account.