Make suspended user unable to login?

[phpSensei]

oh sorry...

 

I wasnt readind the query right.

[Fadion]

Ok then probably i was wrong with my previous, previous code . If u get the value then its ok, it works. Who has 0 is not a suspended one so try a user with isHold = 1.

[djfox]

Yeah but the problem is, if someone who has the isHold value of 0 should be able to log in. But the code stops them and says the log in failed when I put in what you gave me (or I`m assuming i put it in correctly). But if I remove your code, the person can log in normally with no problem.

 

Edit:

I tested with a user who`s isHold = 1 and the same thing occurs, the messages says log in failed, it doesn`t permit the person to log on but it doesn`t say anything about being suspended.

[phpSensei]

$row[6] is nothing but $row[5] echos as 0, which is good because that is the correct number for the account I tested with.

 

doesnt this mean I was right? About the $row[5] for isHold...

 

 

[djfox]

Yes, $row[5] is for the field isHold.

 

Er, my post right before yours has a bit more info of the results of what is happening (I tested with a user who`s account is suspended [or their ishold = 1]).

[Fadion]

doesnt this mean I was right? About the $row[5] for isHold...

 

Three posts above this is where is said that i was wrong. Even if it still makes no sense to me, i said im used to mysql_fetch_array(). Anyway for being right u arent getting an Academy Award lol jk.

 

djfox normally they should login as the code blocks only isHold = 1. Dont know whats wrong now.

[Fadion]

Normaly the code should be:

 

$rows = mysql_fetch_rows($query);
$numRows = mysql_num_rows($query);
if($numRows == 1){
   //the code
} else{
   //login error
}

[djfox]

Ah, it always seems like every problem I have, no one knows the answer to. 

 

Then if the log in thing doesn`t want to cooperate, my only other option at this point then is to put in on every page something like

isHold > 0

(hide stuff with a message about the suspension)

else isHold < 1

(show stuff)

 

I do a similar thing with membership levels. It`s just such a pain to have to go through each and every page with that method. I was hoping maybe I could just end it before they even log in.

 

Well, thanks for trying.

[phpSensei]

I just copied your hole table,copied your updated script, plus made a login page, and everything works...

 

I made a user with the isHold of 1, and I couldnt log in....

[djfox]

It`s keeping the people with isHold=0 from logging in, too. Or at least on my server it is.

[phpSensei]

It`s keeping the people with isHold=0 from logging in, too. Or at least on my server it is.

 

I don't have that problem.

 

All I did was this

 

if($row['suspended']=='YES'){

/////// stop the login //////

}

else

///// run the log in

[Fadion]

lol phpSensei, u actually are right. Logically it should work.

 

djfox u got the answer. A lot of people here streched their heads for you so you should be a bit more thankful. What i would suggest is reading about handling mysql data in php and create your own code, so u can learn in the process.

[phpSensei]

I tried my method and his, and both worked.

[djfox]

I made some progress. I added and s to the $rows[5] (before it was just $row[5] ). If the person`s isHold is 1 they get the suspension notice. Good, that wasn`t happening before.

 

But it still wants to not let the other people logged in. I`m going to look more into the code and see if there is something I`m missing.

[djfox]

If you want to test the two sides directly on my server:

 

The suspended account:

username: skyeflare

password: stuff

 

The not suspended account:

username: testuser

password: pansey

 

Edit:

It would help if I provided the url, wouldn`t it?

http://www.secrettrance.net

[phpSensei]

edit:nvm

[Fadion]

lol its funny. It worked for suspended account, but shows login failed for not suspended one. Anyway the funny part is that its showing the user menu for everything i enter in the username (ex: "asdsdj") lol.

[phpSensei]

WAIT A MINUTE!!!

 

Where is this username, and password coming in from anyways?

 

You need to log them in first (validate the login), then check if they are suspended or not.

[djfox]

Yah, it`s not the best setup in the world (fixing that comes later). But if you go to another page after that log in, you`re not logged in. The form to log in re-appears. If the log in was successful the login failed message would not be there and you`d be logged in for real.

[Fadion]

try using the following modified code:

 

if ($res=mysql_query("SELECT id,level,mailNum, echo_count, status, isHold FROM userdata WHERE login='$username' AND password='$password'")){
	   $rows=mysql_fetch_row($res))
                           $numRows = mysql_num_rows($res);
                           if($numRows == 1){
                                  if($row[6] == '1'){
                                        die('Your account is suspended');
                                  } else{
                                      if ($rows=mysql_fetch_row($res)) {
		    $_SESSION['sess_name'] = $username;
			$_SESSION['pass'] = $password;
			$_SESSION['gal'] = $rows[0];
			$_SESSION['mail'] = $rows[2];
			$_SESSION['level2'] = $rows[1];	
			$_SESSION['echos'] = $rows[3];
			$_SESSION['status'] = $rows[4];
		    $_SESSION['magic'] = SESSION_MAGIC;
		    $_SESSION['rows'] = $rows; /* stupid stupid hack */
		    $nmsg = CountMessages($rows[0]);
		    $ok=true;
	   } else {
		   include('login_failed.php');
	   }
	   mysql_free_result($res);
	   }
   return($ok);
                                  }
                            }
	   
	   
  
}

 

This way ull know when a user has an account or not. Try it this way and tell if the suspended thing is working.

[phpSensei]

else{

                                      if ($rows=mysql_fetch_row($res)) {

   $_SESSION['sess_name'] = $username;

$_SESSION['pass'] = $password;

$_SESSION['gal'] = $rows[0];

$_SESSION['mail'] = $rows[2];

$_SESSION['level2'] = $rows[1];

$_SESSION['echos'] = $rows[3];

$_SESSION['status'] = $rows[4];

   $_SESSION['magic'] = SESSION_MAGIC;

   $_SESSION['rows'] = $rows; /* stupid stupid hack */

   $nmsg = CountMessages($rows[0]);

   $ok=true;

  } else {

  include('login_failed.php');

 

 

You put TWO else's, which will do both the session and the include...

 

am i wrong?

 

Maybe add something liek Elseif($record =  $username...etc

 

EDIT: nvm, I didnt see the "if"

[djfox]

This comes up:

Parse error: syntax error, unexpected ')' in /home/secrett1/public_html/auth.php on line 74

[phpSensei]

what is line 74?

[djfox]

Line 74

$rows=mysql_fetch_row($res))

 

I changed it to

 

$rows=(mysql_fetch_row($res))

 

Then got this:

Parse error: syntax error, unexpected T_VARIABLE in /home/secrett1/public_html/auth.php on line 75

 

Line 75 is this:

$numRows = mysql_num_rows($res);

[Fadion]

Did the code quickly, so my bad:

 

change:

$rows=mysql_fetch_row($res))

 

to

$rows=mysql_fetch_row($res);