Ban system doesnt work for unbaned people,shows blank screen
Posted: Sat Jun 24, 2006 7:46 pm
This is hard to explain but here it goes...
I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.
Thanks!!
I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.
Code: Select all
<?
//index.php
//Start the session
session_start();
//Load required files
require('sources/functions.php');
//Counters are cool, I think we need one...
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "sources/counter.txt";
$counter_file_line = file($counter_file);
if(!$c_ip) {
setcookie("user_ip", $REMOTE_ADDR, time()+360000); $counter_file_line[0]++;
$cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]"); fclose($cf);
}
elseif($c_ip != $REMOTE_ADDR){
$counter_file_line[0]++; $cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
fclose($cf);
}
//Essential Functions
db_connect();
//Prepare for Query in 5..4..3..2..1
function query($query){
$sql = "$query";
$result = mysql_query($sql);
return mysql_fetch_array ($result);
}
//Query time!
$row = query("SELECT * FROM settings"); //settings query
$row1 = query("SELECT * FROM colors"); //colors query
$q1 = 'SELECT * FROM Bans'; //ban query
$r1 = mysql_query($q1) or die(mysql_error());
if($row['postorder'] == "descend") { //Comment Query 1
$q = 'SELECT * FROM comments ORDER BY Date DESC';
$r = mysql_query($q) or die(mysql_error());
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
$q = 'SELECT * FROM comments ORDER BY Date ASC';
$r = mysql_query($q) or die(mysql_error());
}
$hf = query("SELECT * FROM hf"); //HF Query
if (!$hf) {
die('Invalid query: ' . mysql_error());
}
//Lets output the html
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<head>
<title>'.$row['title'].'</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css">
<!--
a:link {
color: #'.$row1['link'].';
text-decoration: none;
}
a:visited {
color: #'.$row1['visitedlink'].';
text-decoration: none;
}
a:active {
color: #'.$row1['activelink'].';
text-decoration: none;
}
a:hover {
color: #'.$row1['hoverlink'].';
text-decoration: none;
}
body {
background-color: #'.$row1['bodybg'].';
font-family: '.$row1['fontfamily'].';
font-size: '.$row1['fontsize'].';
color: #'.$row1['font'].';
margin:0px;
';
if ($row1['bodybgimage'] != "") {
echo 'background-image: url('.$row1['bodybgimage'].');';
}
echo '
}
.titlebg {
background-color: #'.$row1['titlebg'].';
font-family: '.$row1['titlefontfamily'].';
font-size: '.$row1['titlefontsize'].' ;
color: #'.$row1['titlefont'].'; ';
if ($row1['tilebgimage'] == "") {
echo '
background-image: url('.$row1['titlebgimage'].');';
}
echo '
}
.windowbg {
background-color: #'.$row1['windowbg'].';
font-family: '.$row1['windowfontfamily'].';
font-size: '.$row1['windowfontsize'].' ;
color: #'.$row1['windowfont'].';';
if ($row1['windowbgimage'] != "") {
echo 'background-image: url('.$row1['windowbgimage'].');';
}
echo '
}
.windowbg2 {
background-color: #'.$row1['window2bg'].';
font-family: '.$row1['window2fontfamily'].';
font-size: '.$row1['window2fontsize'].';
color: #'.$row1['window2font'].';';
if($row1['window2bgimage'] != "") {
echo 'background-image: url('.$row1['window2bgimage'].');';
}
echo '
}
.border {
background-color: #'.$row1['border'].';
}
td {
font-size: 11px;
}
input,textarea {
font-family: '.$row1['fontfamily'].';
font-size: 11px;
}
select {
font-family: '.$row1['fontfamily'].';
font-size: 11px;
}
--!>
</style>
<title>'.$row1['title'].'</title>
</head>
<body>';
//Ban System
if($_GET['action'] == "")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
$reason = $row['reason'];
if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');
}
}
}
if($ip != $ip1) {
//echo out the Guestbook Header
guestbook_header();
echo '<br><br><br>';
require('sources/actions.php');
//Check if this really is index.php.
if($_GET['action'] == "")
{
echo '<br>'.$hf['header'].'';
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "top"){
kwikpost();
}
}}
}
echo '<br><br>
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';
//Prepare the comment system...
if($_GET['action'] == "")
{
while($row = mysql_fetch_array($r)){
$date = explode("|", $row['date']);
$name = $row['name'];
$comment = $row['comment'];
$email = $row['email'];
$website = $row['website'];
if(!isset($cmd)){
echo '
<tr class="windowbg2">
<td style="width: 27%;">';
//Hi, whats your name?
echo
"$name
<br><a href=\"mailto: $email\">
[email]</a>";
if($website != "") {
echo "<a href=\"$website\">[website]</a>";
}
echo '
</td>
<td>';
//Date System
$d = $row['date'];
$month = date("M");
$day = date("d");
$year = date("Y");
//Was the comment posted yesterday or today?
echo 'Posted on ';
if($date['0']==$month && $date['1']==$day && $date['3']==$year){
echo '<b>Today</b>';
} elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
echo '<b>Yesterday</b>';
} else {
echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
}
echo ' at <b>'.$date['4'].'</b>';
}
echo "<br><br>
$comment
</td>
</tr>";
}
echo '
<table>
<br>';
//Kwik Post time!
$row = query("SELECT * FROM settings");
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "bottom"){
kwikpost();
}}}
echo '
'.$hf['footer'].'';
}
copyright();
}
?>