saikiran Posted July 24, 2006 Share Posted July 24, 2006 hi,I am creating an online order processing system, which has got personalized login system with registration process.What i do is this:1) Accept registration through a form2)Activate the registration, and send a random password, to the registered user email3)After become member, they can access my order processing system and can view my company stocks and query for some stocks.[color=red]What i want, is after registering an user, if i feel the user is not genuine, i want to cancel the user's registration and to block that user.[/color]how to go abt this. i am using PHP 4.0/Wind XP/IIScheerssaikiran Quote Link to comment Share on other sites More sharing options...
just-j Posted July 24, 2006 Share Posted July 24, 2006 you really cant. you could log their IP in a bad IP list, then check their IP when they try to register again. if their IP shows up then give them an error message. that problem with that is if their IP changes then there is no way in knowing if they are blocked or not. Quote Link to comment Share on other sites More sharing options...
just-j Posted July 24, 2006 Share Posted July 24, 2006 i have an idea though.. if they have cookies enabled, which most do. then just log their login name in a list and when they sign in again have a script that checks for banned logins and sends them a cookie if it is banned. in your registration part you can check for that cookie and if its there then they cant sign up.. you shouldnt delete their account untill they sign on again. so you can send them the cookie then, and delete their account after that. you should also relog their IP every time that cookie is found when they try to sign up. just incase they delete the cookie. and if the cookie isnt found then it checks the IP and if the IP is found it will resend the cookie. but still they can delete the cookie and have a different IP. so if they really want back in to your site then they can get it.. but it will be alot harder! Quote Link to comment Share on other sites More sharing options...
saikiran Posted July 24, 2006 Author Share Posted July 24, 2006 hi just-j,thank your for your valuable idea, to be frank, i am just getting into PHP, yes i have a fair knowledge of using Sessions, but for the second idea, you have put forth, if you could help me out with some tutorial or code link, it would be appreciated.But, as you have mentioned, apart from these how could we do this, as this is a must for our system.cheerssaikiran Quote Link to comment Share on other sites More sharing options...
Prismatic Posted July 24, 2006 Share Posted July 24, 2006 You just want to block the user? Just make another field in the the table you store the users data in. Call it "Blocked". If you dont want that user to be able to log in, set blocked to 1 and run a check when they log in to see if Blocked = true (1 is true). If so, redirect to google or something. Also, just-j, I dont recommend doing IP checks, as multiple users can be on one IP address. Quote Link to comment Share on other sites More sharing options...
saikiran Posted July 24, 2006 Author Share Posted July 24, 2006 hi,Thank for your idea.when they are logging in i am just checking whether their email and password are correct and existing, If yes, i redirect them to their personalized page.In this case, along with email and password, i want to check with the field block also. I hope i am right.the sql code will be something like thissql = select * from customers where cust_email='{$_POST['cust_email']}' && cust_pass = '{$_POST['cust_pass']}' && blocked = 'true'i hope this is what , i have to do inorder to block the user.cheerssaikiran Quote Link to comment Share on other sites More sharing options...
just-j Posted July 24, 2006 Share Posted July 24, 2006 your right about the same IP being used by different people.. the cookie idea is a good one i think!! the thing when adding a blocked column in sql is that they can just sign up with a different account. but if you wanna use the blocked column idea then when someone logs in run this[code]<?php$result = mysql_query(select * from customers where cust_email='{$_POST['cust_email']}' && cust_pass = '{$_POST['cust_pass']}')$row = mysql_fetch_array( $result );if ($row->blocked == true) { echo "<script language=javascript>window.location='ANY WEBPAGE HERE';</script>" }?>[/code]that will redirect them to where ever you want if they are blocked. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.