FlameX 0 Report post Posted March 19, 2011 heyaa guys, i recently have a project, in which i have a module in my Database Admin panel in which i need to BLOCK the existing users in my application.. So i wanted to know what code could be applied in PHP to block an existing user.. eg: if there is an email id called : jimmy@hotmal.com so if he abuses my rules and regulation then the Database Admin can block that particular user(email id) ie. he will be completely banned from my site or application. So next time if he tries to log in or even register into my website he wont b able to log in with the same email id(jimmy@hotmal.com he has earlier used. to sum up i wanted the code to block the users who are already present in my database. Thanks Share this post Link to post Share on other sites
xpress 0 Report post Posted March 21, 2011 heyaa guys, i recently have a project, in which i have a module in my Database Admin panel in which i need to BLOCK the existing users in my application.. So i wanted to know what code could be applied in PHP to block an existing user.. eg: if there is an email id called : jimmy@hotmal.com so if he abuses my rules and regulation then the Database Admin can block that particular user(email id) ie. he will be completely banned from my site or application. So next time if he tries to log in or even register into my website he wont b able to log in with the same email id(jimmy@hotmal.com he has earlier used. to sum up i wanted the code to block the users who are already present in my database. Thanks I dont know how you designed your database. If you designed it on your own, then i think you have a users or some other table in which the username and password of the user is stored. So in that table add another field with name status. If you know enum field, then make it enum field with values active/blocked. When a user registers in your forum make it active by default. And when you need to block some user then change the field to blocked with some script in your admin panel(guessing you know how to do). Then in your login script, when comparing username and password with sql query, also you add sql code to check whether the status is active or not. If the status is not active then don't allow the user to login. I think you understood the basic concept. If not please ask your doubts and i will explain in detail. Share this post Link to post Share on other sites
8ennett 0 Report post Posted March 27, 2011 Yes, you haven't really given us a lot to go on here. We need to know the structure of your current code and database, then that would make it easier for us to help you modify the code to allow for user banning.If you want to create a list of banned email addresses then you could create a database table which contains each of these banned addresses then when a user tries to register with your site it will check the email address they entered against the list of blocked addresses. If it returns a value then the email address is banned and the user cannot register.eg. $checkban = mysql_query("SELECT id FROM banned WHERE address='".$email."'");if (mysql_num_rows($checkban) == 0){// Do registration stuff here}else {// Take user to register failed page} And also add a banned column to your userlist table in the database. So create a new field in your userlist called banned, make it an int(50) as well with a default value of 0. Next when your user either logs in or visits a logged in page on your site, check to see if the banned field is higher than the time() function. This way you can ban a users account for a set amount of time without having to manually unban them. So for example, during the login code...$checkban = mysql_query("SELECT banned FROM userlist WHERE userid='".$userid."' AND banned>".time());if (mysql_num_rows($checkban) == 0){// Do login here}else {// Go to login failed page} So it's a very simple concept, and writing the ability to ban user accounts in to your admin panel should be very simple. So the standard would be, check banned addresses during registration, check banned account during login, modify banned settings in admin panel. Then you will have a banning system in place for your site.It's highly adviseable that you also study how to prevent SQL injection from user inputted data, otherwise people will be able to manipulate your system to unban their accounts and maybe even delete your entire database. If you are unsure how to create the code yourself, don't. Put more time and study in to what it is you are doing before jumping in at the deep end and not only putting your website at risk, but your users information as well.There are many security issues you will need to study when php programming, as there is always the threat of some little hacker kid out there who has nothing but malicious intentions. Also marketing companies will stop at nothing to get a hold of personal information about people and use that information to their own ends. Share this post Link to post Share on other sites