Jump to content

Archived

This topic is now archived and is closed to further replies.

darkcarnival

problem with banning emails & usernames

Recommended Posts

hey,

a user told me that they cant register an account because it said they were blacklisted. but that isnt true.

so i edit the code as i thought there was something wrong with it.

now in the testing it'll allow anyone to pass through the error check even if they do fall into the banlist.

here is the email ban code:

[code]function check_email(){
  global $email, $db;

$db->run = "SELECT * FROM ebb_banlist WHERE ban_type='Email' AND ban_item LIKE '$email'";
$match_chk = $db->num_results();
$emailban_q = $db->query();
$db->close();

if ($match_chk == 0){
$emailban = false;
}else{
while ($row = mysql_fetch_assoc($emailban_q)) {
if ($row['match_type'] == "Wildcard") {
$emailban = true;
}else{
if ($row['ban_item'] == $email) {
$emailban = true;
}
}
}
}
return $emailban;
}[/code]

the username ban is very similar so i wont post that unles requested to.

what seems to be the problem? the last way it was written looked like this:

[code]function check_email(){
  global $email, $db;

$db->run = "SELECT * FROM ebb_banlist WHERE ban_type='Email' AND ban_item LIKE '$email'";
$match_chk = $db->num_results();
$emailban_q = $db->query();
$db->close();

if ($match_chk == 0){
$emailban = false;
}else{
while ($row = mysql_fetch_assoc($emailban_q)) {
if ($row['match_type'] == "Wildcard") {
$emailban = true;
}else{
if ($row['ban_item'] == $email) {
$emailban = true;
}
}
}
}
return ($emailban) ? false : true;
}[/code]

that banned anyone, removing that banned no one. so im confused at what to do.

thanks.

Share this post


Link to post
Share on other sites
$db->run = "SELECT * FROM ebb_banlist WHERE ban_type='Email' AND ban_item LIKE '$email'";
I think it should either be
SELECT * FROM ebb_banlist WHERE ban_type = 'Email' AND ban_item = '".$email."';
OR
SELECT * FROM ebb_banlist WHERE ban_type = 'Email' AND ban_item LIKE '%".$email."%'

Share this post


Link to post
Share on other sites
ok doing a smaller test on this. i found the problem

the query id not finding the key term that its uppose to.

to break it down:

i want to be able to ban wildcard so that if i wanted to ban an entire domain.

for example: lets just say i dont want any hotmail users to join my site. i want to be able to just put hotmail.com into my database and any occurance of hotmail would alarm the test and say its banned.

but it's doing that.

if i just enter hotmail.com, it'll say its banned but if i enter someone@hotmail.com, it'll say your email is accepted.

any idea on how to check the domian?

Share this post


Link to post
Share on other sites
when they enter their email address validate it to make sure its leget. like someone@hotmail.com

then take the email address and then... I guess explode it on the @

[code]
<?php
$email = "someone@hotmail.com";

$checkDomain = explode("@", $email);

if($checkDomain[1] == "hotmail.com") {
  // User is hotmail - don't allow
} else {
  // User is not hotmail - Allow
}
?>

[/code]

There some issues with that code, but it can be cleaned up a bit. 

I'm sure there are other way about it to, but the above might help give you a general idea.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.