php ban script. Is this right?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

php ban script. Is this right?

Post by metjet2 »

I have two tables in my database.

1. is users which has rows username, and last_ip_address
2. is banned_ips with the row ID, and IP

I have a form that is labeled username and the idea is to put the name of the user that I want to ban into the form, submit it and then it takes the last ip address from that user and copies it into the banned ip row.

The code I have is

Code: Select all

<?

include "login_config.php"; // this is the file from your login script

$con = mysql_connect($db_host, $db_username, $db_password)
      or die("Error! Could not connect to database: " . mysql_error());

mysql_select_db($db)
      or die("Error! Could not select the database: " . mysql_error());

$safe_username = ($_POST['username']);
$result = mysql_query("SELECT last_ip_address FROM users WHERE
username = $safe_username");
$ip = mysql_result($result, 0, 0);
mysql_query("INSERT INTO banned_ips ('$ip')");

mysql_close($con);

?>
it is not working so I know something is wrong i just cant figure out what
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: php ban script. Is this right?

Post by Jonah Bron »

Looks like you almost had it, try this.

Code: Select all

<?

include "login_config.php"; // this is the file from your login script

$con = mysql_connect($db_host, $db_username, $db_password)
      or die("Error! Could not connect to database: " . mysql_error());

mysql_select_db($db)
      or die("Error! Could not select the database: " . mysql_error());

$safe_username = mysql_real_escape_string($_POST['username']);
$result = mysql_query('SELECT last_ip_address FROM users WHERE username = "$safe_username"');
$ip = mysql_result($result, 0, 0);
mysql_query("INSERT INTO banned_ips ('$ip')");

mysql_close($con);

?>
Note I cleaned the username with mysql_real_escape_string, and placed it in quotes in the query. FYI, if you have a query that's mysteriously not working, you can find out what the problem is with mysql_error() like this:

Code: Select all

mysql_query('...') or die(mysql_error());
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

I tried your code thank you! But the result is the same. The info is not going into the new banned_ips table :(

the only error that is displayed is

Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 6 in /home/content/public_html/c/banscript.php on line 13
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: php ban script. Is this right?

Post by social_experiment »

Code: Select all

<?php $ip = mysql_result($result, 0, 0); ?>
Have you tried using mysql_result() without the optional field parameter?

Code: Select all

<?php $ip = mysql_result($result, 0); ?>
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

still nothing :\....Maybe its the way I have my databases setup? I have the banned ips table set up like this
Image
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: php ban script. Is this right?

Post by social_experiment »

The only issue i see on the database is that you are assigning a 50 character field to a 15 character value (xxx.xxx.xxx.xxx) at most.

Two questions:
1. What do you get if you var_dump($ip)
2. mysql_query("INSERT INTO banned_ips ('$ip')") The INSERT syntax looks incorrect, INSERT INTO table (field) VALUES (value)
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

If i do 1. I get bool(false) on the page

and i tried 2. and still no success :\
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: php ban script. Is this right?

Post by social_experiment »

If $ip is 0, it's not returning a value from the query. What does the code for the form look like, the one where $_POST['username'] is submitted from.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

Code: Select all

<form name="input" action="banscript.php" method="post">
Username: <input type="text" name="username" />
<input name="submit" type="submit" id="submit" value="Submit" />
</form> 
and banscript.php is the code that is listed above
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: php ban script. Is this right?

Post by social_experiment »

Code: Select all

<?php
 // other stuff
 $safe_username = ($_POST['username']);
 $result = mysql_query("SELECT last_ip_address FROM users WHERE username = $safe_username");
 //
 while ($array = mysql_fetch_array($result)) {
  $ip = $array['last_ip_address'];
 }
 // rest of your code
?>
Why don't you try using mysql_fetch_array() instead of mysql_result()?
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

I tried that and now I get

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/public_html/test/banscript.php on line 14

Just so you know the full code I am using now is

Code: Select all

<?

include "login_config.php"; // this is the file from your login script

$con = mysql_connect($db_host, $db_username, $db_password)
      or die("Error! Could not connect to database: " . mysql_error());

mysql_select_db($db)
      or die("Error! Could not select the database: " . mysql_error());

 $safe_username = ($_POST['username']);
 $result = mysql_query("SELECT last_ip_address FROM users WHERE username = $safe_username");
 //
 while ($array = mysql_fetch_array($result)) {
  $ip = $array['last_ip_address'];
 }
$ip = mysql_result($result, 0);
mysql_query("INSERT INTO table (banned_ips) VALUES ($ip)");
var_dump($ip) ;

mysql_close($con);

?>
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: php ban script. Is this right?

Post by superdezign »

Jonah made an error when he told you to use this:

Code: Select all

$result = mysql_query('SELECT last_ip_address FROM users WHERE username = "$safe_username"'); 
And you made an error when you used this:

Code: Select all

$result = mysql_query("SELECT last_ip_address FROM users WHERE username = $safe_username"); 
Your error lies in not delimiting your string for SQL. Jonah's error lies in mixing up the single and double quotation marks. In SQL, you can use either to delimit strings. However, to use the PHP variable in it, you must surround the string with double quotes.

Try:

Code: Select all

$result = mysql_query("SELECT last_ip_address FROM users WHERE username = '$safe_username'"); 
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: php ban script. Is this right?

Post by Jonah Bron »

Oops :roll:
metjet2
Forum Newbie
Posts: 14
Joined: Mon Dec 06, 2010 9:21 am

Re: php ban script. Is this right?

Post by metjet2 »

Still not working :\...I know it CAN be done I just am completely stumped at this point
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: php ban script. Is this right?

Post by Jonah Bron »

What error do you get now?
Post Reply