Jump to content

Archived

This topic is now archived and is closed to further replies.

saikiran

Cancelling registered user !!!

Recommended Posts

hi,

I am creating an online order processing system, which has got personalized login system with registration process.

What i do is this:

1) Accept registration through a form

2)Activate the registration, and send a random password, to the registered user email

3)After become member, they can access my order processing system and can view my company stocks and query for some stocks.


[color=red]What i want, is after registering an user, if i feel the user is not genuine, i want to cancel the user's registration and to block that user.[/color]

how to go abt this. i am using PHP 4.0/Wind XP/IIS




cheers
saikiran

Share this post


Link to post
Share on other sites
you really cant.  you could log their IP in a bad IP list, then check their IP when they try to register again.  if their IP shows up then give them an error message.  that problem with that is if their IP changes then there is no way in knowing if they are blocked or not.

Share this post


Link to post
Share on other sites
i have an idea though..  if they have cookies enabled,  which most do.  then just log their login name in a list and when they sign in again have a script that checks for banned logins and sends them a cookie if it is banned. in your registration part you can check for that cookie and if its there then they cant sign up..  you shouldnt delete their account untill they sign on again. so you can send them the cookie then, and delete their account after that. you should also relog their IP every time that cookie is found when they try to sign up. just incase they delete the cookie.  and if the cookie isnt found then it checks the IP and if the IP is found it will resend the cookie.  but still they can delete the cookie and have a different IP.  so if they really want back in to your site then they can get it.. but it will be alot harder!

Share this post


Link to post
Share on other sites
hi just-j,

thank your for your valuable idea, to be frank, i am just getting into PHP, yes i have a fair knowledge of using Sessions, but for the second idea, you have put forth, if you could help me out with some tutorial or code link, it would be appreciated.

But, as you have mentioned, apart from these how could we do this, as this is a must for our system.


cheers
saikiran

Share this post


Link to post
Share on other sites
You just want to block the user? Just make another field in the the table you store the users data in. Call it "Blocked". If you dont want that user to be able to log in, set blocked to 1 and run a check when they log in to see if Blocked = true (1 is true). If so, redirect to google or something. Also, just-j, I dont recommend doing IP checks, as multiple users can be on one IP address.

Share this post


Link to post
Share on other sites
hi,

Thank for your idea.

when they are logging in i am just checking whether their email and password are correct and existing, If yes, i redirect them to their personalized page.

In this case, along with email and password, i want to check with the field block also. I hope i am right.


the sql code will be something like this

sql = select * from customers where cust_email='{$_POST['cust_email']}' && cust_pass = '{$_POST['cust_pass']}' && blocked = 'true'

i hope this is what , i have to do inorder to block the user.


cheers
saikiran

Share this post


Link to post
Share on other sites
your right about the same IP being used by different people.. the cookie idea is a good one i think!!  the thing when adding a blocked column in sql is that they can just sign up with a different account. but if you wanna use the blocked column idea then when someone logs in run this

[code]
<?php
$result = mysql_query(select * from customers where cust_email='{$_POST['cust_email']}' && cust_pass = '{$_POST['cust_pass']}')
$row = mysql_fetch_array( $result );
if ($row->blocked == true) { echo "<script language=javascript>window.location='ANY WEBPAGE HERE';</script>" }
?>
[/code]

that will redirect them to where ever you want if they are blocked.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.