开发者

Issue with banning system on login

I've created the following banning system when a user logins on my site. It checks if the user is banned, and then follows a process to gather information, and finally brings up a n开发者_高级运维otice and doesn't let the user login. However, this does not happen and I can login fine. Any help would be appriciated.

    $un9 = "gdscei";
    $checkban = mysql_query("SELECT * FROM bans WHERE usr = '" .$un9. "'") or die(mysql_error());
        if(mysql_num_rows($checkban) != 0){
            $query7 = "SELECT * FROM bans WHERE usr = '".$un9."'";
    $result7 = mysql_query($query7) or die(mysql_error());
    while ($row7 = mysql_fetch_assoc($result7)) {
        $reas = $row7['reas'];
        $timeb = $row7['time'];
        $tban = $row7['tban'];
            $tip = $row7['ipd'];
    };
    if($timeb == "perm"){
        $bant = "Permanent";
    }else{
        $bant = $timeb;
    };
    $checkusrdel = mysql_query("SELECT * FROM users WHERE username = '".$un9."'") or die(mysql_error());
    if(mysql_num_rows($checkusrdel) != 0){
    $acdel = "n";
    }else{
    $acdel = "y";
    };
    if(empty($tip) && acdel == "n"){
    $bank = "account ban";
    }else if($acdel == "y" && empty($tip)){
    $bank = "account deleted";
    }else if($acdel == "y" && $tip){
    $bank = "account deleted + IP ban";
    }else{
    $bank = "account ban + IP ban";
    };
    $notice = '<script type="text/javascript">alert("You have been banned, as followed: "'.$bank.'". Your ban lasts until "'.$bant.'"."); window.open("login.php","_self");</script>';
    };


The solution is simpler than you may have imagined:

$notice = '<script type="text/javascript">alert("You have been banned, as followed: '.$bank.'. Your ban lasts until '.$bant.'."); window.open("login.php","_self");</script>';

In short, you shouldn't have used brackets twice in the JavaScript alert message.

Addition: Do not forget to echo the notice in the end. The excerpt of your PHP script doesn't show me anything like that. If you want to show your homepage after the ban check, just use the die-function to output a message and terminate the current script if the user is banned. In your case, just add the following after having defined the variable $notice:

die($notice);


You are providing too much information to the user, all they need to know is that they are banned, not the type of ban.

if (banned)
{
  ajax.display("Ban HAMMER!!");
}
else
{
  user.logon();
  redirect("location: home.php");
}
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜