Jump to content

How to do approvals...

Lee-Bartlett

By Lee-Bartlett
in PHP Coding Help

 Share

Recommended Posts

Lee-Bartlett Member

Lee-Bartlett

Posted
Posted

Im not sure what the code would look like for this, at the moment my web page has a database echoed on a page. When the form is filled in, it automatically puts in a new entry, but i need an approval page to stop spam after spam of entries. So i have full controll of what goes on there. Atm all i have is my database echoed out on the pages, that code is bellow. How would i go about doing the rest of it, it would be good if it was check boxxed.

Link to comment
Share on other sites
rarebit Regular Member

rarebit

Posted
Posted

Confused but...

 

There are various ways to stop spammers and bots. Bots you block by using a CAPTCHA image verification system, by asking a grammatical question or the such like. Another thing to add is a check the page referrer using $_SERVER['HTTP_REFERER'], but that can easily be spoofed. Next is to add a page generation id and check for it (can only use once).

 

To stop actual spammers, check the content, only allow their ip to submit n times in x time, use a login system, etc...

Link to comment
Share on other sites
Lee-Bartlett Member

Lee-Bartlett

Posted
  • Author
Posted

Im not the best at explaining :( i do have captchas i would like a little system like this. The user fills in the form, it goes into the database and stays there. On an admin page i have a check box in a collum, if checked it moves to the public page, else it either remains hidden or gets automatically deleted. Somthing like, validation can only go so far, cause they can still enter aaabbb somthing like that.

Link to comment
Share on other sites
dropfaith Advanced Member

dropfaith

Posted
Posted

oh you want admin approval of all submitted stories

 

uhmm first your going to want a login system

 

to block people from that page

http://www.ineedtutorials.com/articles/complete-advanced-login-member-system-php-tutorial  heres a tutorial ive used

 

then on the index. php page that they have you create you need to list all threads submitted with links to a edit script

 

//this is a rough edit script

<?php
session_start( ); //bored of this function yet?
if(!isset($_SESSION["username"])){
header('Location: /user/index.php'); //location of login page if session username is not set
}
else
{
?>
<?php
   // includes
    include("../header.php"); //header.php is just my connection details so i can mobilze from server to server faster
    // validate text input fields
    $Name = mysql_escape_string(trim(htmlentities($_GET['Name'])));
    $Contact  = mysql_real_escape_string(trim(stripslashes($_POST['Contact'])));
    $About  = mysql_real_escape_string(trim(stripslashes($_POST['About'])));
    $Website  = mysql_real_escape_string(trim(stripslashes($_POST['Website'])));
        // open database connection
$conn = mysql_connect(HOST, DBUSER, PASS) or  die('Could not connect !<br />Please contact the site\'s administrator.');
$db = mysql_select_db(DB) or  die('Could not connect to database !<br />Please contact the site\'s administrator.');
        // generate and execute query
        $query = "UPDATE Music SET  Contact = '$Contact', About = '$About', Website = '$Website' WHERE Name = '$Name'";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
mysql_close($connection);
?>
<?php 

}
?>

 

 

Link to comment
Share on other sites
Lee-Bartlett Member

Lee-Bartlett

Posted
  • Author
Posted

Nah, its just a mess arround site to practice on, my uncle is giving me little tasks to get used to this sort of stuff, atm i have used php my admin for password the admin, an i thought it would be a if yes else no, have you got any links to a tut or somthing like that, here are all my pages of code which it will be linked to.

 

the admin page, havn't put the check box in, wasnt sure if it was best to use, or maybe a button which said allow, then it will be displayed on the code below this code.

 

--Admin page--

 

<?php  require_once("includes/db_connection.php"); ?>
    
    <html>

<title></title>
<style type="text/css">
<!--
.style1 {
      font-size: 36px;
      color: #FFFFFF;
}
-->
</style>
</head>

<body>
<table width="617" border="1" align="center" cellpadding="5" cellspacing="0" bordercolor="#000000">
  <tr>
    <td colspan="2" bgcolor="#0099FF"><p> </p>
    <p align="center" class="style1"><?php $header = implode("", file("header.htt")); echo $header ?></p>      
    <p> </p></td>
  </tr>
  <tr>
    <td width="129" height="318" align="left" valign="top"><p><br>
        <a href="index.php">Delete/Update</a></p>
   
        <a href="http://www.nexodom.com/website/admin/index.php">Take me back to my database</a></p>
    

        <a href="adminuserform.php">Add a new user.</a></p>
    
    <td width="482" align="left" valign="top"><p align="center"> </p>
    



<?php

      if(isset($_POST['id']))
      {
            $id = $_POST['id'];

            $delete = mysql_query("DELETE FROM tblbasicform WHERE id='$id'"); 
      }
      

$sql = "SELECT * from tblbasicform";
$res = mysql_query($sql) or die(mysql_error());
?>

<?
// Table where the db feilds sit
echo "<table border=1 align=centre font size=\"5\" face=\"verdana\">";
echo "<tr><td>id</td> <td>Name</td><td>Email</td><td>Buissnes Name</td><td>Street Name</td><td>Website</td><td>Telephone</td><td>Free or Paid</td><td>Longitude</td><td>Latitude</td><td>Delete</td><td>Update</td></tr>"; 
while($row = MYSQL_FETCH_ARRAY($res))
{
//Database is echoed for user to see all entries
echo "<tr><td>".$row['id']."</td>";
echo "<td>".$row['name']."</td>";
echo "<td>".$row['email']."</td>";
echo "<td>".$row['location']."</td>";
echo "<td>".$row['ct']."</td>";
echo "<td>".$row['website']."</td>";
echo "<td>".$row['telephone']."</td>";
echo "<td>".$row['type']."</td>";
echo "<td>".$row['longitude']."</td>";
echo "<td>".$row['latitude']."</td>";


// Begining of the form buttons.
echo "<td><form action='".$_SERVER['PHP_SELF']."' method='post'> <input type='hidden' name='id' value='" . $row['id'] . "'><input type='submit' value='delete' name='deletebutton'></form></td>"; 
echo "<td><form action='form2.php' method='post'> <input type='hidden' name='id' value='" . $row['id'] . "'><input type='submit' value='update' name='updatebutton' ></form></td>";

}

echo "</tr>";
?>
<?php $footer = implode("", file("footer.htt")) ?>



</table><br>

    
    <p> </p>
    <p> </p>
    <p> </p>
    <p> </p>
    <p> </p></td>
  </tr>
  <tr>
    <td height="20" colspan="2" bgcolor="#0099FF"> <?php echo $footer ?> </td>
  </tr>
</table>
</body>
</html>

 

 

-- Public Side--

 

<?php  require_once("includes/db_connection.php"); ?>

<html>
<head> <style type="text/css">
<!--
.style1 {
font-size: 36px;
color: #FFFFFF;
}
-->
</style>
</head>
<body onLoad="load()" onUnload="GUnload()" >
<table width="1128" border="1" align="center" cellpadding="5" cellspacing="0" bordercolor="#000000">
  <tr>
    <td colspan="2" bgcolor="#0099FF"><p> </p>
    <p align="center" class="style1"><?php $header = implode("", file("header.htt")); echo $header ?> </p>
    <p> </p></td>
  </tr>
  <tr>
    <td width="198" height="318" align="left" valign="top"><p><a href="index.wifi"></a><br>
        <a href="index.php">Home</a></p>
    </td>
    <td width="904" align="left" valign="top"><p align="center">WIFI Hot Spot List<br>


<?php

$sql = "SELECT * from tblbasicform";
$res = mysql_query($sql) or die(mysql_error());

echo "<table border=2>";
echo "<tr> <td>Buissnes Name</td><td>Location</td><td>City/Town</td><td>Website</td><td>Telephone</td><td>Latitude</td><td>Longitude</td> <td>Free or Paid</td><td>Veiw on a map</td></tr>";
while($row = MYSQL_FETCH_ARRAY($res))
{
$id = $row['id'];


?>
<script language='javascript' type='text/javascript'>
<!--
function openWindow<?=$id?>() {
popupWin = window.open('popup.php?id=<?=$id?>', 'popup','width=550,height=400,resizable=no,scrollbars=yes,toolbar=no,screenX=0,screenY=0,Top=0,Left=0')
}
// -->
</script>


<?php

echo "<form method=\"post\" name=\"pop$id\">";
echo "<tr><td>".$row['buissnes_name']."</td>";
echo "<td>".$row['location']."</td>";
echo "<td>".$row['ct']."</td>";
echo "<td>".$row['website']."</td>";
echo "<td>".$row['telephone']."</td>";
echo "<td>".$row['latitude']."</td>";
echo "<td>".$row['longitude']."</td>";
echo "<td>".$row['type']."</td>";
echo "<form>";
if ($row['latitude'] and $row['longitude']) {
echo "<td><input type=\"button\" onClick=\"openWindow$id(); return false;\" value=\"Pop Up  Map\">";
} else {
echo "<td>No Lat or Long entered";
}
}


echo "</td>";
echo "</form>";


?><?php $footer = implode("", file("footer.htt")) ?>
</tr></table>
<table>
<tr><td>

</td></tr>
</table>


<br> 
<a href="userform.php">Submit a WIFI hotspot</a>
<br />
<br />
  <?php echo $footer; ?>
</body>
</html>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.