champbronc2 Posted October 27, 2008 Share Posted October 27, 2008 OK so I have a url and it looks like Http://www.example.com/example.php?ad=### What I want to do is something like this: $ad_id=limpiar($_GET["ad"]); if '$ad_id LIKE %0% OR contains %abcdefghijklmnopqrstuvwxyz%{ echo '$user=uc($_COOKIE["usNick"]); $delete = "DELETE FROM users WHERE username='$user'" $go = mysql_query($delete) "Account deleted! Stop cheating" } else { I realize that this code is complete garbage because it is wrong. I don't know the commands but I am trying to show you what I need it to do. Can anyone give me the code to do what I am trying to do? Quote Link to comment Share on other sites More sharing options...
Andy-H Posted October 27, 2008 Share Posted October 27, 2008 $ad_id = $_GET['id']; if ( (ereg("[^[:digit:]]", $ad_id)) || ($ad_id == 0) ){ $user = uc($_COOKIE['usNick']); $del = "DELETE FROM users WHERE username = '$user'"; $go = mysql_query($del)or trigger_error("Could not delete account"); echo "Account deleted! Stop cheating!!!"; }else{ rest of code... } Is that what you want? Quote Link to comment Share on other sites More sharing options...
Andy-H Posted October 27, 2008 Share Posted October 27, 2008 Although quite frankly this is a bad way to handle cheaters, if people are cheating on your site then it's your own fault as you should have made it secure. Cheaters also help you to make your site secure if you missed any security holes/exploits as they will probably end up reporting the problem to you... Quote Link to comment Share on other sites More sharing options...
champbronc2 Posted October 27, 2008 Author Share Posted October 27, 2008 $ad_id = $_GET['ad']; //Shouldn't that be getting the ad variable not id? if ( (ereg("[^[:digit:]]", $ad_id)) || ($ad_id == 0) ){ $user = uc($_COOKIE['usNick']); $del = "DELETE FROM users WHERE username = '$user'"; $go = mysql_query($del)or trigger_error("Could not delete account"); echo "Account deleted! Stop cheating!!!"; }else{ rest of code... } Is that what you want? No I don't think that would work because wouldn't that flag anyone viewing http://www.example.com/view.php?ad=### I only want it to flag people if the # in the ad URL variable has a zero or letters in it. I got this when I went to this url http://www.example.com/view.php?ad=0 Fatal error: Call to undefined function uc() in /home/champbux/public_html/betaview.php on line 7 And when I tried http://www.example.com/view.php?ad=0123 it didn't flag it. Quote Link to comment Share on other sites More sharing options...
Andy-H Posted October 27, 2008 Share Posted October 27, 2008 uc was a function from your code, are you even using cookies or are you using sessions? You would also need to look into regex, I dont know a great deal about it... Quote Link to comment Share on other sites More sharing options...
champbronc2 Posted October 27, 2008 Author Share Posted October 27, 2008 The username and password are from cookies. Quote Link to comment Share on other sites More sharing options...
champbronc2 Posted October 28, 2008 Author Share Posted October 28, 2008 OK, I will pay $5 PayPal if somebody can just do this. Quote Link to comment Share on other sites More sharing options...
GKWelding Posted October 28, 2008 Share Posted October 28, 2008 $ad_id = $_GET['ad']; preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*) if ( !is_int($ad_id) || isset($match[0]) ) { $user = uc($_COOKIE['usNick']); //if function uc() does not existing thn this should be $user = $_COOKIE['usNick']; $del = "DELETE FROM users WHERE username = '$user'"; $go = mysql_query($del)or trigger_error("Could not delete account"); echo "Account deleted! Stop cheating!!!"; }else{ rest of code... } Don't worry about the $5. Quote Link to comment Share on other sites More sharing options...
champbronc2 Posted October 28, 2008 Author Share Posted October 28, 2008 Parse error: syntax error, unexpected '/', expecting ')' in /home/champbux/public_html/betaview.php on line 6 preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*) Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted October 28, 2008 Share Posted October 28, 2008 preg_match( /(.*)0(.*)/,$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*) Should be preg_match('/(.*)0(.*)/',$ad_id,$match); //if you just want to find 0's at the beginning of the string then replace (.*)0(.*) with 0(.*) Quote Link to comment Share on other sites More sharing options...
champbronc2 Posted October 28, 2008 Author Share Posted October 28, 2008 Well now it kind of works. No error, but it deletes the account no matter what is in the ad # and doesn't say the account deleted message. I went to http://www.example.com/view.php?ad=123 That shouldn't be marked as cheating but still did mark it as cheating and deleted the account. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.