PDA

View Full Version : Quick question with php


Iskib
03-06-2008, 07:44 PM
Sinario:

I have a banned user table in my database

When a user signs up I want to check the username against this list.

in database banned usernames
test
admin
mod

I can do this with:
if (mysql_num_rows($ban_username_exists) != '0')

What is I wanted to check if any part of the username exsist in the database.

for example if the user tried to register
test1, test_now, testtaco
admin_me, admin1, adminme
mod1,mod_me,modme

What code would I use to pickup these partials ?

MoT3rror
03-06-2008, 07:48 PM
$check_ban = $db->query_first("SELECT *, COUNT(field) AS 'count FROM banlist
WHERE username = " . $vbulletin->userinfo['username'] . "
GROUP by field");

if($check_ban['count'] > 0)
{
//user is banned
exit;
}

Iskib
03-06-2008, 07:55 PM
Hey,

Thanks for the quick response. This is for another app not vbulletin.

I know I can check the database for the username entered , but what if they use part of a username that exsist for example admin is banned

what if they try to register admin1 or adminMe

MoT3rror
03-06-2008, 09:13 PM
Use mysql wildcards like this.

SELECT * FROM banlist WHERE username = '%$username%'

Iskib
03-06-2008, 10:40 PM
Hey,

No that didn't work. It returned for example:

admin as a banned username , but when I tried admin1

it still let admin1 be registered as a user

MoT3rror
03-06-2008, 11:25 PM
Sorry it should use a like then a equal sign.

SELECT * FROM banlist WHERE username LIKE '%$username%'

Iskib
03-07-2008, 06:16 AM
Hey still not working

Here is what I have full code..

require_once ('js/xajax_core/xajax.inc.php');
$xajax = new xajax();
$xajax->registerFunction("processForm");

function processForm($username)
{
$ban_username_exists = sql_query("SELECT * FROM banned_usernames WHERE banned_username = '" .
$username . "'");
$result = sql_query(sprintf("SELECT * FROM users WHERE username = '%s'", $username));
$banned = sql_query("SELECT * FROM usernames WHERE banned_username = '" . $username .
"' LIKE '" . $username % "'");

$objResponse = new xajaxResponse();
if (empty($username)) {
$objResponse->assign("result", "innerHTML",
'<span style="color:#f00"><font size="2">Username Empty</font></span>');
} elseif (!preg_match("/^[a-zA-Z\d\-_]+$/i", $username)) {
$objResponse->assign("result", "innerHTML",
'<span style="color:#f00"><font size="2">Invalid Username - Invalid Character or Space</font></span>');
} elseif (mysql_num_rows($ban_username_exists) != '0') {
$objResponse->assign("result", "innerHTML",
'<span style="color:#f00"><font size="2">Invalid Username - Banned Username</font></span>');
} elseif (mysql_fetch_row($banned)) {
$objResponse->assign("result", "innerHTML",
'<span style="color:#f00"><font size="2">Invalid Username - Banned Username</font></span>');
} elseif (mysql_num_rows($result) > 0) {
$objResponse->assign("result", "innerHTML",
'<span style="color:#f00"><font size="2">Not Available</font></span>');
} else {
$objResponse->assign("result", "innerHTML",
'<span style="color:#0c0"><font size="2">Available</font></span>');
}
return $objResponse;
}
$xajax->processRequest();

--------------- Added 1204900783 at 1204900783 ---------------

Other then the mySQL wildcard is there anyway of matching any username that would have part of a banned username? maybe a reg expression ?

Opserty
03-07-2008, 01:42 PM
Does AdminCP > vBulletin Options > vBulletin Options > User Registration Options > Illegal User Names not cover what you want to do?

Iskib
03-07-2008, 04:47 PM
No. As I said in the third post in this thread. It is not a vbulletin site therefore the vbulletin option can not be used.

I am just asking for a little help

Opserty
03-07-2008, 05:12 PM
No. As I said in the third post in this thread. It is not a vbulletin site therefore the vbulletin option can not be used.
Ah right must have missed that post.