Page 1 of 2

Ban system doesnt work for unbaned people,shows blank screen

Posted: Sat Jun 24, 2006 7:46 pm
by adamb10
This is hard to explain but here it goes...

I implented a ban system in my guestbook software, ban by ip. However I have a problem with it. When Im not banned I cant access the admin center and add new post page. All I get is a blank page. When I am baned though it works, I get an error message saying im baned and the reason. Heres the code of index.php.

Code: Select all

<?
//index.php
//Start the session
session_start();

//Load required files
require('sources/functions.php');

//Counters are cool, I think we need one...
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "sources/counter.txt";
$counter_file_line = file($counter_file);
if(!$c_ip) {
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++;
$cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]"); fclose($cf);
}
elseif($c_ip != $REMOTE_ADDR){
$counter_file_line[0]++; $cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
 fclose($cf);
}

//Essential Functions
db_connect();

//Prepare for Query in 5..4..3..2..1
function query($query){
    $sql = "$query";
    $result = mysql_query($sql);
    return mysql_fetch_array ($result); 
}

//Query time!
$row = query("SELECT * FROM settings"); //settings query
$row1 = query("SELECT * FROM colors"); //colors query

$q1 = 'SELECT * FROM Bans'; //ban query
      $r1 = mysql_query($q1) or die(mysql_error());

if($row['postorder'] == "descend") { //Comment Query 1
 $q = 'SELECT * FROM comments ORDER BY Date DESC';
      $r = mysql_query($q) or die(mysql_error());
     
} elseif($row['postorder'] == "ascend"){ //Comment Query 2
     $q = 'SELECT * FROM comments ORDER BY Date ASC';
      $r = mysql_query($q) or die(mysql_error());
   }

$hf = query("SELECT * FROM hf"); //HF Query
if (!$hf) {
   die('Invalid query: ' . mysql_error());
   }

//Lets output the html
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<head>
<title>'.$row['title'].'</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <style type="text/css">
<!--


a:link {
    color: #'.$row1['link'].';
    text-decoration: none;
}
a:visited {
    color: #'.$row1['visitedlink'].';
    text-decoration: none;
}
a:active {
    color: #'.$row1['activelink'].';
    text-decoration: none;
}
a:hover {
    color: #'.$row1['hoverlink'].';
    text-decoration: none;
    }
body {
    background-color: #'.$row1['bodybg'].';
    font-family: '.$row1['fontfamily'].';
    font-size: '.$row1['fontsize'].';
    color: #'.$row1['font'].';
    margin:0px;
    ';
if ($row1['bodybgimage'] != "") {
echo 'background-image: url('.$row1['bodybgimage'].');';
}
echo '
    }
.titlebg {
    background-color: #'.$row1['titlebg'].';
    font-family: '.$row1['titlefontfamily'].';
    font-size: '.$row1['titlefontsize'].' ;
    color: #'.$row1['titlefont'].'; ';
    if ($row1['tilebgimage'] == "") {
    echo '
    background-image: url('.$row1['titlebgimage'].');';
}
        echo '
        }
.windowbg {
    background-color: #'.$row1['windowbg'].';
    font-family: '.$row1['windowfontfamily'].';
    font-size: '.$row1['windowfontsize'].' ;
    color: #'.$row1['windowfont'].';';
    if ($row1['windowbgimage'] != "") {
    echo 'background-image: url('.$row1['windowbgimage'].');';
    }
    echo '
    }
.windowbg2 {
    background-color: #'.$row1['window2bg'].';
    font-family: '.$row1['window2fontfamily'].';
    font-size: '.$row1['window2fontsize'].';
    color: #'.$row1['window2font'].';';
    if($row1['window2bgimage'] != "") {
    echo 'background-image: url('.$row1['window2bgimage'].');';
    }
  
    echo '
     }
.border {
    background-color: #'.$row1['border'].';
    }
td {
    font-size: 11px;
    }
input,textarea {
    font-family: '.$row1['fontfamily'].';
    font-size: 11px;
    }
select {
    font-family: '.$row1['fontfamily'].';
    font-size: 11px;
    }
    --!>
    </style>
    <title>'.$row1['title'].'</title>
</head>

<body>';

//Ban System
if($_GET['action'] == "")
{
$ip1 = $_SERVER['REMOTE_ADDR']; //grab the users ip address
while($row = mysql_fetch_array($r1)){
$ip = $row['ip'];
 $reason = $row['reason'];
if($ip==$ip1){
error('You ('.$ip.') have been baned from this guestbook for '.$reason.'');
}
}
}
if($ip != $ip1) {


//echo out the Guestbook Header
guestbook_header();
echo '<br><br><br>';
require('sources/actions.php');

//Check if this really is index.php. 
if($_GET['action'] == "")
{
echo '<br>'.$hf['header'].'';
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "top"){
kwikpost();
}
}}
}

echo '<br><br>
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';

//Prepare the comment system...
if($_GET['action'] == "")
{

 while($row = mysql_fetch_array($r)){

 $date = explode("|", $row['date']);
            $name = $row['name'];
            $comment = $row['comment'];
            $email = $row['email'];
            $website = $row['website'];

if(!isset($cmd)){
echo '
 <tr class="windowbg2">
          <td style="width: 27%;">';
         
//Hi, whats your name?
           echo
          "$name
         <br><a href=\"mailto: $email\">
             [email]</a>";
          
           
            if($website != "") {
            echo "<a href=\"$website\">[website]</a>";
            }
            echo '
           
        </td>
        <td>';
       
//Date System
       $d = $row['date'];
        $month = date("M");
        $day = date("d");
        $year = date("Y");

//Was the comment posted yesterday or today?
echo 'Posted on ';
if($date['0']==$month && $date['1']==$day && $date['3']==$year){
            echo '<b>Today</b>';
        } elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
            echo '<b>Yesterday</b>';
        } else {
            echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
        }
        echo ' at <b>'.$date['4'].'</b>';
    }

echo   "<br><br>
       
$comment
           </td>
    </tr>";
   }

echo '
<table>
<br>';

//Kwik Post time!
$row = query("SELECT * FROM settings");
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "bottom"){
kwikpost();
}}}

echo '
'.$hf['footer'].'';

    }
copyright();
        }

?>
Thanks!!

Posted: Sun Jun 25, 2006 3:35 pm
by adamb10
bump.

Posted: Sun Jun 25, 2006 3:49 pm
by daedalus__
You shouldn't use IPs to ban people.

Posted: Sun Jun 25, 2006 3:51 pm
by adamb10
Um, why is that?

Posted: Sun Jun 25, 2006 4:21 pm
by Gambler
IPs are frequently dymanic. Or they may correspond to many people at once.

Posted: Sun Jun 25, 2006 4:23 pm
by adamb10
Ban by IP though is really the only solution.

Posted: Sun Jun 25, 2006 4:34 pm
by Gambler
In theory you can make a complicated analysis of user's "signature" info. But that's theory...

Personally, I simply delete all bad messages. Eventually user gets it and stops doing whatever he/she was doing. Or leaves. Very effective.

Okay, ban by IP...

Code: Select all

function getUserIp(){
    static $ip;
    if ($ip == NULL) {
        $ip = (empty($_SERVER['REMOTE_ADDR']) 
            ? $_ENV['REMOTE_ADDR'] : $_SERVER['REMOTE_ADDR']);
        if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
            $ip = $_SERVER['HTTP_CLIENT_IP'];
        }
        if (!empty($_ENV['HTTP_CLIENT_IP'])) {
            $ip = $_ENV['HTTP_CLIENT_IP'];
        }
        if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
            $ips = explode(',', $_ENV['HTTP_X_FORWARDED_FOR']);
            $ip = $ips[0];
        }
        if (!empty($_ENV['HTTP_X_FORWARDED_FOR'])) {
            $ips = explode(',', $_ENV['HTTP_X_FORWARDED_FOR']);
            $ip = $ips[0];
        }
    }
    return $ip;
}

$query = "SELECT * FROM Bans WHERE ip = '".mysql_real_escape_string(getUserIp())."'";
$result = mysql_query($query) or die(mysql_error()); 
$row = mysql_fetch_assoc($result);
if ($row != NULL) {
    //handle ban
}
That's how I would do it. I don't quite follow all of your code, though.

Posted: Sun Jun 25, 2006 4:52 pm
by adamb10
Thanks, that appeared to work for unbanned people now. There is a problem though that now arises with banned people...

It shows the message now but it also shows the rest of the page as shown below...

Image

Finally please note that every page is linked to index.php in some way.

Posted: Sun Jun 25, 2006 4:59 pm
by Gambler
Wel... You can try using die() or exit() in your ban-handling code. Do you need to output footer after message about being banned?

Posted: Sun Jun 25, 2006 5:01 pm
by adamb10
When someone is banned, I just want the message to be shown. Probobly not even the copyrght either even tho it would be nice.

Posted: Sun Jun 25, 2006 6:18 pm
by tecktalkcm0391
Well what is your code right now. So we can tell you how to fix this problem.

Posted: Sun Jun 25, 2006 6:28 pm
by adamb10
It's pretty much the same as above. Index.php(same file as above)

Code: Select all

<?
//index.php
//Start the session
session_start();

//Load required files
require('sources/functions.php');

//Counters are cool, I think we need one...
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "sources/counter.txt";
$counter_file_line = file($counter_file);
if(!$c_ip) {
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++; 
$cf = fopen($counter_file, "w+");fputs($cf, "$counter_file_line[0]"); fclose($cf); 
} 
elseif($c_ip != $REMOTE_ADDR){
$counter_file_line[0]++; $cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
 fclose($cf);
} 

//Essential Functions
db_connect();

//Prepare for Query in 5..4..3..2..1
function query($query){
    $sql = "$query";
    $result = mysql_query($sql);
    return mysql_fetch_array ($result);  
}

//Query time!
$row = query("SELECT * FROM settings"); //settings query
$row1 = query("SELECT * FROM colors"); //colors query

$q1 = 'SELECT * FROM Bans'; //ban query
      $r1 = mysql_query($q1) or die(mysql_error());

 if($row['postorder'] == "descend") { //Comment Query 1
  $q = 'SELECT * FROM comments ORDER BY Date DESC';
       $r = mysql_query($q) or die(mysql_error());
      
} else{
if($row['postorder'] == "ascend"){ //Comment Query 2
      $q = 'SELECT * FROM comments ORDER BY Date ASC';
       $r = mysql_query($q) or die(mysql_error());
    }
}

$hf = query("SELECT * FROM hf"); //HF Query
if (!$hf) {
   die('Invalid query: ' . mysql_error());
   }

//Lets output the html
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<head>
<title>'.$row['title'].'</title> 
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <style type="text/css">
<!--


a:link {
    color: #'.$row1['link'].';
    text-decoration: none;
}
a:visited {
    color: #'.$row1['visitedlink'].';
    text-decoration: none;
}
a:active {
    color: #'.$row1['activelink'].';
    text-decoration: none;
}
a:hover {
    color: #'.$row1['hoverlink'].';
    text-decoration: none;
    }
body {
    background-color: #'.$row1['bodybg'].';
    font-family: '.$row1['fontfamily'].';
    font-size: '.$row1['fontsize'].';
    color: #'.$row1['font'].';
    margin:0px;
    ';
if ($row1['bodybgimage'] != "") {
echo 'background-image: url('.$row1['bodybgimage'].');';
}
echo '
    }
.titlebg {
    background-color: #'.$row1['titlebg'].';
    font-family: '.$row1['titlefontfamily'].';
    font-size: '.$row1['titlefontsize'].' ;
    color: #'.$row1['titlefont'].'; ';
    if ($row1['tilebgimage'] == "") {
    echo '
    background-image: url('.$row1['titlebgimage'].');';
}
        echo '
        }
.windowbg {
    background-color: #'.$row1['windowbg'].';
    font-family: '.$row1['windowfontfamily'].';
    font-size: '.$row1['windowfontsize'].' ;
    color: #'.$row1['windowfont'].';';
    if ($row1['windowbgimage'] != "") {
    echo 'background-image: url('.$row1['windowbgimage'].');';
    }
    echo '
    }
.windowbg2 {
    background-color: #'.$row1['window2bg'].';
    font-family: '.$row1['window2fontfamily'].';
    font-size: '.$row1['window2fontsize'].';
    color: #'.$row1['window2font'].';';
    if($row1['window2bgimage'] != "") {
    echo 'background-image: url('.$row1['window2bgimage'].');';
    }
   
    echo '
     }
.border {
    background-color: #'.$row1['border'].';
    }
td {
    font-size: 11px;
    }
input,textarea {
    font-family: '.$row1['fontfamily'].';
    font-size: 11px;
    }
select {
    font-family: '.$row1['fontfamily'].';
    font-size: 11px;
    }
    --!>
    </style>
    <title>'.$row1['title'].'</title>
</head>

<body>';
if($_GET['action'] == "")
{
getUserIp();
}



//echo out the Guestbook Header
guestbook_header();
echo '<br><br><br>';
require('sources/actions.php');

//Check if this really is index.php.  
if($_GET['action'] == "")
{
echo '<br>'.$hf['header'].'';
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "top"){
kwikpost();
} 
}}
}

echo '<br><br>
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">';

//Prepare the comment system...
if($_GET['action'] == "")
{

 while($row = mysql_fetch_array($r)){

 $date = explode("|", $row['date']);
            $name = $row['name'];
            $comment = $row['comment'];
            $email = $row['email']; 
            $website = $row['website']; 

if(!isset($cmd)){ 
echo '
 <tr class="windowbg2">
          <td style="width: 27%;">';
          
//Hi, whats your name?
           echo
          "$name
         <br><a href=\"mailto: $email\">
             [email]</a>";
           
            
            if($website != "") {
            echo "<a href=\"$website\">[website]</a>";
            }
            echo '
            
        </td>
        <td>';
        
//Date System
       $d = $row['date'];
		$month = date("M");
		$day = date("d");
		$year = date("Y");

//Was the comment posted yesterday or today?
echo 'Posted on ';
if($date['0']==$month && $date['1']==$day && $date['3']==$year){
			echo '<b>Today</b>';
		} elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){
			echo '<b>Yesterday</b>';
		} else {
			echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>';
		}
		echo ' at <b>'.$date['4'].'</b>';
	}

echo   "<br><br>
        
$comment
           </td>
    </tr>";
   }

echo '
<table>
<br>';

//Kwik Post time!
$row = query("SELECT * FROM settings");
if($row['posting'] == "enabled") {
if($row['kwikpost'] == "yes"){
if($row['kwikpostlocation'] == "bottom"){
kwikpost();
}}}

echo '
'.$hf['footer'].'';

	}


copyright();
?>

Posted: Sun Jun 25, 2006 7:05 pm
by tecktalkcm0391
Do this then:

Code: Select all

<? 
// START MEMORY BUFFER
ob_start();

//index.php 
//Start the session 
session_start(); 

//Load required files 
require('sources/functions.php'); 

//Counters are cool, I think we need one... 
$c_ip = $HTTP_COOKIE_VARS["user_ip"]; 
$counter_file = "sources/counter.txt"; 
$counter_file_line = file($counter_file); 
if(!$c_ip) { 
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++; 
$cf = fopen($counter_file, "w+");fputs($cf, "$counter_file_line[0]"); fclose($cf); 
} 
elseif($c_ip != $REMOTE_ADDR){ 
$counter_file_line[0]++; $cf = fopen($counter_file, "w+"); 
fputs($cf, "$counter_file_line[0]"); 
 fclose($cf); 
} 

//Essential Functions 
db_connect(); 

//Prepare for Query in 5..4..3..2..1 
function query($query){ 
    $sql = "$query"; 
    $result = mysql_query($sql); 
    return mysql_fetch_array ($result);  
} 

//Query time! 
$row = query("SELECT * FROM settings"); //settings query 
$row1 = query("SELECT * FROM colors"); //colors query 

$q1 = 'SELECT * FROM Bans'; //ban query 
      $r1 = mysql_query($q1) or die(mysql_error()); 

 if($row['postorder'] == "descend") { //Comment Query 1 
  $q = 'SELECT * FROM comments ORDER BY Date DESC'; 
       $r = mysql_query($q) or die(mysql_error()); 
      
} else{ 
if($row['postorder'] == "ascend"){ //Comment Query 2 
      $q = 'SELECT * FROM comments ORDER BY Date ASC'; 
       $r = mysql_query($q) or die(mysql_error()); 
    } 
} 

$hf = query("SELECT * FROM hf"); //HF Query 
if (!$hf) { 
   die('Invalid query: ' . mysql_error()); 
   } 

//Lets output the html 
echo ' 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"> 
<head> 
<title>'.$row['title'].'</title> 
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 
    <style type="text/css"> 
<!-- 


a:link { 
    color: #'.$row1['link'].'; 
    text-decoration: none; 
} 
a:visited { 
    color: #'.$row1['visitedlink'].'; 
    text-decoration: none; 
} 
a:active { 
    color: #'.$row1['activelink'].'; 
    text-decoration: none; 
} 
a:hover { 
    color: #'.$row1['hoverlink'].'; 
    text-decoration: none; 
    } 
body { 
    background-color: #'.$row1['bodybg'].'; 
    font-family: '.$row1['fontfamily'].'; 
    font-size: '.$row1['fontsize'].'; 
    color: #'.$row1['font'].'; 
    margin:0px; 
    '; 
if ($row1['bodybgimage'] != "") { 
echo 'background-image: url('.$row1['bodybgimage'].');'; 
} 
echo ' 
    } 
.titlebg { 
    background-color: #'.$row1['titlebg'].'; 
    font-family: '.$row1['titlefontfamily'].'; 
    font-size: '.$row1['titlefontsize'].' ; 
    color: #'.$row1['titlefont'].'; '; 
    if ($row1['tilebgimage'] == "") { 
    echo ' 
    background-image: url('.$row1['titlebgimage'].');'; 
} 
        echo ' 
        } 
.windowbg { 
    background-color: #'.$row1['windowbg'].'; 
    font-family: '.$row1['windowfontfamily'].'; 
    font-size: '.$row1['windowfontsize'].' ; 
    color: #'.$row1['windowfont'].';'; 
    if ($row1['windowbgimage'] != "") { 
    echo 'background-image: url('.$row1['windowbgimage'].');'; 
    } 
    echo ' 
    } 
.windowbg2 { 
    background-color: #'.$row1['window2bg'].'; 
    font-family: '.$row1['window2fontfamily'].'; 
    font-size: '.$row1['window2fontsize'].'; 
    color: #'.$row1['window2font'].';'; 
    if($row1['window2bgimage'] != "") { 
    echo 'background-image: url('.$row1['window2bgimage'].');'; 
    } 
    
    echo ' 
     } 
.border { 
    background-color: #'.$row1['border'].'; 
    } 
td { 
    font-size: 11px; 
    } 
input,textarea { 
    font-family: '.$row1['fontfamily'].'; 
    font-size: 11px; 
    } 
select { 
    font-family: '.$row1['fontfamily'].'; 
    font-size: 11px; 
    } 
    --!> 
    </style> 
    <title>'.$row1['title'].'</title> 
</head> 

<body>'; 
if($_GET['action'] == "") 
{ 
getUserIp(); 
} 



//echo out the Guestbook Header 
guestbook_header(); 
echo '<br><br><br>'; 
require('sources/actions.php'); 

//Check if this really is index.php.  
if($_GET['action'] == "") 
{ 
echo '<br>'.$hf['header'].''; 
if($row['posting'] == "enabled") { 
if($row['kwikpost'] == "yes"){ 
if($row['kwikpostlocation'] == "top"){ 
kwikpost(); 
} 
}} 
} 

echo '<br><br> 
<table style="width: 55%;" class="border" border="0" cellpadding="4" cellspacing="1" align="center">'; 

//Prepare the comment system... 
if($_GET['action'] == "") 
{ 

 while($row = mysql_fetch_array($r)){ 

 $date = explode("|", $row['date']); 
            $name = $row['name']; 
            $comment = $row['comment']; 
            $email = $row['email']; 
            $website = $row['website']; 

if(!isset($cmd)){ 
echo ' 
 <tr class="windowbg2"> 
          <td style="width: 27%;">'; 
          
//Hi, whats your name? 
           echo 
          "$name 
         <br><a href=\"mailto: $email\"> 
             [email]</a>"; 
            
            
            if($website != "") { 
            echo "<a href=\"$website\">[website]</a>"; 
            } 
            echo ' 
            
        </td> 
        <td>'; 
        
//Date System 
       $d = $row['date']; 
                $month = date("M"); 
                $day = date("d"); 
                $year = date("Y"); 

//Was the comment posted yesterday or today? 
echo 'Posted on '; 
if($date['0']==$month && $date['1']==$day && $date['3']==$year){ 
                        echo '<b>Today</b>'; 
                } elseif($date['0']==$month && $date['1']==$day-1 && $date['3']==$year){ 
                        echo '<b>Yesterday</b>'; 
                } else { 
                        echo '<b>'.$date['0'].' '.$date['1'].''.$date['2'].', '.$date['3'].'</b>'; 
                } 
                echo ' at <b>'.$date['4'].'</b>'; 
        } 

echo   "<br><br> 
        
$comment 
           </td> 
    </tr>"; 
   } 

echo ' 
<table> 
<br>'; 

//Kwik Post time! 
$row = query("SELECT * FROM settings"); 
if($row['posting'] == "enabled") { 
if($row['kwikpost'] == "yes"){ 
if($row['kwikpostlocation'] == "bottom"){ 
kwikpost(); 
}}} 

echo ' 
'.$hf['footer'].''; 

        } 


copyright(); 

// FLUSH MEMORY BUFFER (CLEANER THEN LEAVING IT OUT)
ob_flush();
?>
and where is the getUserIp funciton?

Posted: Sun Jun 25, 2006 7:09 pm
by adamb10
The function's code is posted in another reply in this topic, it's in functions.php.

Posted: Sun Jun 25, 2006 7:28 pm
by tecktalkcm0391
ok i didn't see the include. and try this ofr the Getuserip:

Code: Select all

function getUserIp(){ 
    static $ip; 
    if ($ip == NULL) { 
        $ip = (empty($_SERVER['REMOTE_ADDR']) 
            ? $_ENV['REMOTE_ADDR'] : $_SERVER['REMOTE_ADDR']); 
        if (!empty($_SERVER['HTTP_CLIENT_IP'])) { 
            $ip = $_SERVER['HTTP_CLIENT_IP']; 
        } 
        if (!empty($_ENV['HTTP_CLIENT_IP'])) { 
            $ip = $_ENV['HTTP_CLIENT_IP']; 
        } 
        if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { 
            $ips = explode(',', $_ENV['HTTP_X_FORWARDED_FOR']); 
            $ip = $ips[0]; 
        } 
        if (!empty($_ENV['HTTP_X_FORWARDED_FOR'])) { 
            $ips = explode(',', $_ENV['HTTP_X_FORWARDED_FOR']); 
            $ip = $ips[0]; 
        } 
    } 
    return $ip; 
} 

$query = "SELECT * FROM Bans WHERE ip = '".mysql_real_escape_string(getUserIp())."'"; 
$result = mysql_query($query) or die(mysql_error()); 
$row = mysql_fetch_assoc($result); 
if ($row != NULL) { 
    //handle ban 
exit();
}