PHP Login System with Admin Features

This forum was created to talk about the PHP Login System with admin features created by jpmaster77 on evolt's website


    Un ban users

    Share

    abbo

    Number of posts : 5
    Registration date : 2008-05-09

    Un ban users

    Post  abbo on Fri May 09, 2008 5:41 am

    Has anyone added this feature, I know copying the information over to a 'banned' table and then back again is one option. However would it be easier to just add a banned column to the users table with a yes/no option and then if a username has a yes in the row they cant login.

    I would appreciate any opions on the best way to achieve this and how i would go about coding this?

    Thanks
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: Un ban users

    Post  Linchpin311 on Sun May 11, 2008 10:10 pm

    it might be a good idea to create a new user level and have it act as a "banned users" user level. add a new user level in constants.php and check out the confirmUserPass function in database.php. Throw some code in there to make sure the user's user level is not the new level you just created (user level 2 in my example), try...

    Code:
    /* Validate that userlevel is NOT 2 */
    if($dbarray['userlevel'] == 2){
      return 3; //Indicates account is banned
    }

    that return 3 part will return a value of 3 to session.php's login function. find that section and add on some code to the check error codes if statement that tells the user their account is banned. try...

    Code:
    else if($result == 3){
      $field = "user";
      $form->setError($field, "Your account has been banned");
    }

    sorry i rushed the explanation, but let me know if you follow me.


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.

    abbo

    Number of posts : 5
    Registration date : 2008-05-09

    Re: Un ban users

    Post  abbo on Wed May 14, 2008 1:59 pm

    Thanks for the response, I followed what you said and put the code in the pages and set a user to userlevel 2. However when I login with that name it still lets me in as normal, any idea what i could be doing wrong?

    Thanks again
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: Un ban users

    Post  Linchpin311 on Wed May 14, 2008 2:47 pm

    i was in class while typing my last post, i had to rush it cause i was about to get kicked off the computer.

    hmm...lets see.

    did you add the new user level in constants.php? it should look something like...
    Code:
    define("ADMIN_NAME", "admin");
    define("GUEST_NAME", "Guest");
    define("ADMIN_LEVEL", 9);
    define("BANNED_LEVEL",  2);
    define("USER_LEVEL",  1);
    define("GUEST_LEVEL", 0);

    to tell you the truth, you dont even need to add that part, but if you ever want to add any kind of functionality for your banned users then its a good idea.

    then in database.php your confirmUserPass function might look something like this...
    Code:
      function confirmUserPass($username, $password){
          /* Add slashes if necessary (for query) */
          if(!get_magic_quotes_gpc()) {
             $username = addslashes($username);
          }

          /* Verify that user is in database */
          $q = "SELECT password,userlevel FROM ".TBL_USERS." WHERE username = '$username'";
          $result = mysql_query($q, $this->connection);
          if(!$result || (mysql_numrows($result) < 1)){
            return 1; //Indicates username failure
          }

          /* Retrieve password and userlevel from result, strip slashes */
          $dbarray = mysql_fetch_array($result);
          $dbarray['password'] = stripslashes($dbarray['password']);
          $dbarray['userlevel'] = stripslashes($dbarray['userlevel']);
          $password = stripslashes($password);

          /* Validate that userlevel IS NOT 2 */
          if($dbarray['userlevel'] == 2){
            return 3; //Indicates account is banned
          }

          /* Validate that password is correct */
          if($password == $dbarray['password']){
            return 0; //Success! Username and password confirmed
          }
          else{
            return 2; //Indicates password failure
          }
      }

    after that, in session.php locate the login function. Inside the login function find the /* Check error codes */ section (line 155 if you haven't edited anything in the file). Edit that section so it looks something like...
    Code:
          /* Check error codes */
          if($result == 1){
            $field = "user";
            $form->setError($field, "Username or password is invalid");
          }
          else if($result == 2){
            $field = "pass";
            $form->setError($field, "Username or password is invalid");
          }
          else if($result == 3){
            $field = "user";
            $form->setError($field, "Your account has been banned");
          }

    i just tested this on my local server and it seems to work fine. If you need more help then dont hesitate to ask!
    Very Happy


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.

    abbo

    Number of posts : 5
    Registration date : 2008-05-09

    Re: Un ban users

    Post  abbo on Thu May 15, 2008 5:36 am

    Thanks for the help, much appreciated. Its all working now it was all due to user error Embarassed Smile
    avatar
    intothefantasy

    Number of posts : 37
    Registration date : 2009-04-11

    Re: Un ban users

    Post  intothefantasy on Sat Apr 11, 2009 3:27 pm

    hmm strange...i followed everything and i still can get that ban error msg...i set my user name testt to lvl 2 and put the code u gave into all the files stated...i tried to login with testt and i still able to do so without getting any ban error msg
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: Un ban users

    Post  Linchpin311 on Sun Apr 12, 2009 8:12 am

    start with the error message the script is giving you. you need to start in session.php, find that message, and go backwards to trace what is happening to your script. that should give you some clues as to what you can do to fix the problem.

    let me know if you need help doing this


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.
    avatar
    intothefantasy

    Number of posts : 37
    Registration date : 2009-04-11

    Re: Un ban users

    Post  intothefantasy on Sun Apr 12, 2009 8:24 am

    ok call me stupid but i really tried all and have no result...still able to let my banned user login...and as for unbaning user without completely delete them from the database...i edit some of the code

    at adminprocess.php
    Code:
      function procBanUser(){
          global $session, $database, $form;
          /* Username error checking */
          $subuser = $this->checkUsername("banuser");
         
          /* Errors exist, have user correct them */
          if($form->num_errors > 0){
            $_SESSION['value_array'] = $_POST;
            $_SESSION['error_array'] = $form->getErrorArray();
            header("Location: ".$session->referrer);
          }
          /* Ban user from member system */
          else{
            //$q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
            //$database->query($q);

            $q = "INSERT INTO ".TBL_BANNED_USERS." VALUES ('$subuser', $session->time)";
            $database->query($q);
            header("Location: ".$session->referrer);
          }
      }


    again at adminprocess.php
    Code:
    function procDeleteBannedUser(){
          global $session, $database, $form;
          /* Username error checking */
          $subuser = $this->checkUsername("delbanuser", true);
         
          /* Errors exist, have user correct them */
          if($form->num_errors > 0){
            $_SESSION['value_array'] = $_POST;
            $_SESSION['error_array'] = $form->getErrorArray();
            header("Location: ".$session->referrer);
          }
          /* Delete user from database */
          else{
            $q = "DELETE FROM ".TBL_BANNED_USERS." WHERE username = '$subuser'";
            $database->query($q);
             
            header("Location: ".$session->referrer);
          }
      }

    at session.php with function login($subuser, $subpass, $subremember){
    Code:
     /* Check error codes */
          if($result == 1){
            $field = "user";
            $form->setError($field, "* Username not found");
          }
          else if($result == 2){
            $field = "pass";
            $form->setError($field, "* Invalid password");
          }
          else if($database->usernameBanned($subuser)){
          $field = "user";
                $form->setError($field, "* Username banned");
            }

    so when u ban a user...it will duplicated its name to the ban db...instead of deleting them at the original user db..while we have the username and timestamp only at the ban db...we can check when login where the user is banned...and if is true..just show that username banned..and also u can delete the ban user from the ban table and still maintaining the infomation of that ban user at user db...which means like unbanning them..
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: Un ban users

    Post  Linchpin311 on Sun Apr 12, 2009 8:51 am

    well you have to figure session.php is still giving the OK to log the user in. have you checked the database to make sure the banned username's userlevel is the same as the BANNED_USER constant?

    if it is, i am almost certain the problem is with session.php and how it is checking to see if a username is banned. try putting the code that checks for banned usernames before the username and password checks. see what that does.


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.

    Sponsored content

    Re: Un ban users

    Post  Sponsored content


      Current date/time is Mon Nov 20, 2017 9:27 am