Minimeallolla Posted November 18, 2010 Share Posted November 18, 2010 im trying to make it so before it inserts the comment and username into the database it check if the username is active: 0 or 1. if it is 0 then die but if active then its all good lol. what i have now lets anybody comment. to me it looks perfect ? =[ if (isset($_POST['submit'])) { $check = mysql_query("SELECT active FROM users WHERE active ='1'") or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 != 1) { die('You are Not allowed to comment untill your account is activated.'); }else{ $comment = mysql_real_escape_string(stripslashes(trim($_POST['comment']))); $insert = "INSERT INTO homecomments (username, comment) VALUES ('[$username]', '[$comment]')"; $add_member = mysql_query($insert); { echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=index.php\">"; } } } Quote Link to comment Share on other sites More sharing options...
seanlim Posted November 18, 2010 Share Posted November 18, 2010 $check = mysql_query("SELECT active FROM users WHERE active ='1'") or die(mysql_error()); this line should be changed to include the username. you will want the database to fetch only the record of the username if it is active. your current statement will fetch ALL records with active='1' if you are using sessions for the login, it'll be something along the lines of: $check = mysql_query("SELECT active FROM users WHERE active ='1' AND username='".mysql_real_escape_string($_SESSION['username'])."'") or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.