Command

Joshua F · September 27, 2010

I have a shoutbox my friend made, and I'm just adding onto it.

I have command that are like @prune, @prunelogs, @logout, etc.. I am tying to make it so you can type @ban username, @unban username, etc..

Here is my command that my friend came up with.

if($_POST['text'] == '@ban'.$username.'') {$unn=$idk['username'];mysql_query("UPDATE users SET banned = '1' WHERE usernane='$unn'") or die(mysql_error());mysql_query("INSERT INTO chat (`log`, `date` ,`username` ,`text`) VALUES (1, NOW( ) , '".stripslashes($_SESSION['user'])."', 'has banned '$unn'.');") or die(mysql_error());

Rifts · September 27, 2010

what errors are you getting and what is this $unn=$idk['username'];

chintansshah · September 27, 2010

Where you assign the value of $idk

rwwd · September 27, 2010

if(isset($_POST['text']) && ($_POST['text'] == '@ban'.$username)){

Check it's set then check it's value if you know what it should be..

No need for the extra '' at the end of $username, this would create an extra space, therefore, not equal too. As you are concatenating string to var, you don't need to finish of the quote. And realistically you don't need to have the semi-colon in the sql statement, as the php function add's this for you anyway..

At this point of the script I would echo the sql string value to screen to see if you are getting the string populated as you expect, and, I would build the string outside of the function as this makes more sense for when you come to debug later on...

Rw

ignace · September 27, 2010

Maybe something like this? My idea being that you would want to display normal text in the shout box and hide commands. Each command will perform it's action on execute(). Bad commands for example can be seen by the one who typed it.

CommandFactory::create($_POST['shout'])->execute();

class CommandFactory {
    static function create($shout) {
        if($shout[0] != '@')
            return new NullShout($shout);
        $args = str_word_count($shout, 1);
        $command = array_shift($command);
        $command = str_replace(' ', '', ucwords(str_replace('_', ' ', $shout)));
        return new $command($args);
    }
}

rwwd · September 27, 2010

if($shout[0] != '@')

Nice, nifty bit of code, often i think that most of us forget that you can use a string to be technically an array:-

$MyString = "phpFreaks";
echo $MyString[3];//outputs 'F'
echo $MyString[5];//outpus 'e'

And can be referenced as such. Though I may be tired as I can't see where the execute() comes into it. Either that or my beers stronger than I gave it credit for..

Rw

Joshua F · September 27, 2010

if(isset($_POST['text']) && ($_POST['text'] == '@ban'.$username)){
Check it's set then check it's value if you know what it should be..

No need for the extra '' at the end of $username, this would create an extra space, therefore, not equal too. As you are concatenating string to var, you don't need to finish of the quote. And realistically you don't need to have the semi-colon in the sql statement, as the php function add's this for you anyway..

At this point of the script I would echo the sql string value to screen to see if you are getting the string populated as you expect, and, I would build the string outside of the function as this makes more sense for when you come to debug later on...

Rw

Still doesn't work. When I type @ban Username it still says it in the Chatbox, but it does nothing.

Updated code

if(isset($_POST['text']) && ($_POST['text'] == '@ban'+$username)){
$ban = mysql_query("SELECT * FROM users WHERE username='$username'")or die (mysql_error());
if(mysql_num_rows($ban)> 0) {
While($ban1 = mysql_fetch_assoc($ban)) {
mysql_query("UPDATE users SET banned = '1' WHERE username='$username'") or die(mysql_error());
mysql_query("INSERT INTO chat (`log`, `date` ,`username` ,`text`) VALUES (1, NOW( ) , '".stripslashes($_SESSION['user'])."', 'has banned '$username'.');") or die(mysql_error());
}}
return false;
}

DigitalMind · September 27, 2010

show full script

Joshua F · September 27, 2010

show full script

Read the post above yours.

gizmola · September 27, 2010

Well, I don't have enough code to understand why this would work or not work, but the obvious question here is:

-How would the script know the value of $username?

-Why would '@ban fred' ever == '@banfred'

-The php concatenation operator is '.' not +!

*IF* and that's a big if here, you somehow have a value for username, which again, I don't see you having without some regex someplace), then your comparison would need to be something like:

$_POST['text'] == '@ban ' . $username

Basically, you seem to be down the wrong track entirely. Ignace gave you some code that is more along the lines of something OOP, but if that's too complicated for you to understand right now, then you'd be much better off looking into the use of http://us3.php.net/preg_match.

Using that will get you a pattern match for '@ban' and the word following it can then be grabbed and used as the username.

Joshua F · September 27, 2010

Would it be preg_split?

gizmola · September 28, 2010

Would it be preg_split?

No.

Here's a little test program to run. Make sure you look up regex characters and look at the manual page enough so you understand why my test program works.


$subject = '@ban baduser needs to be banned';

$regex = '/@ban\s(\w+)/i';

if (preg_match($regex, $subject, $match) > 0) {
  echo "The username to ban is $match[1]";
}

If you have specific questions, feel free to ask.

Joshua F · September 28, 2010

Would it be preg_split?

No.

Here's a little test program to run. Make sure you look up regex characters and look at the manual page enough so you understand why my test program works.
<?php

$subject = '@ban baduser needs to be banned';

$regex = '/@ban\s(\w+)/i';

if (preg_match($regex, $subject, $match) > 0) {
  echo "The username to ban is $match[1]";
}
If you have specific questions, feel free to ask.

So regex is the /@ban\s(\w+)/i part am I correct. I believe I am. Thanks I'll look up some info about Regex.

gizmola · September 29, 2010

Yes, that was the regex part. the Perl regex (preg_) functions require a delimiter character -- in this case I went with the user choice of using '/'.

So the /..../i part is not the regex itself, but rather just the perl delimiter that is required to indicate the regex.

The 'i' modifier is to allow it to operate case insensitively.

So focus on the inner portion.

ignace · September 29, 2010

I extended the regex to also support prune and prunelog.

@(ban|prune|prunelog)\s(\w+)

I doubt though this is the way to go as I keep thinking about how Linux finds/executes his commands and the similarities with your guestbook administration system. Basically each command would have it's own class which also would have knowledge about the user typing the command ($_SESSION) and an ACL to control whether or not they may execute that specific command.

You may have for example @impersonate someUser which would be a privileged command for admins to make modifications to one's account or @login username password to log-in Basically you would be building your own IRC into your guestbook

Sign In

Command

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information