Deny Annonymous From Posting in Shoutbox?

  Post new topicReply to topicPrintable Version
<< View previous topic View next topic >>
Share: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
#1   Deny Annonymous From Posting in Shoutbox?
Tendency
CZ Super Newbie
 Codezwiz Site Donator
Tendency has been a member for over 20 year's 20 Year Member
usa.gif florida.gif
Occupation: Longshoreman
Age: 54
Gender: Male
Fav. Sports Team: Dallas Cowboys
Website:
Status: Offline
Joined: Nov 25, 2003
0.01 posts per day
Posts: 97
Points: 9,373
  MSN Messenger 
I am looking to prevent annonymous posts in a shoutbox. I pasted the code below. Maybe someone can help me out here. Thanks...

<?php

/************************************************************************/
/* PHP-NUKE: GZ Shout Admin for PHP-Nuke                                */
/* ============================================                         */
/* Copyright (c) 2004 by Brian Tyndall                                  */
/* http://www.gz-tech.net                                               */
/* Made for PHP-NUKE Advanced Content Management System                 */
/* ============================================                         */
/* Copyright (c) 2003 by Francisco Burzi                                */
/* http://phpnuke.org                                                   */
/************************************************************************/

include("config.php");
include("mainfile.php");

$link = mysql_connect($dbhost, $dbuname, $dbpass);
@mysql_select_db($dbname);
cookiedecode($user);


switch($op){

case write:



$msg = $_POST['shout'];
$time = time();

$user = $cookie[1];
if ($user == "") {
$username = "Anonymous"; 
}
$result =  mysql_query("INSERT INTO ".$prefix."_shout (UID, PDT, MSG)
VALUES ('$user', '$time', '$msg')") or die(mysql_error());


case read:


$query = mysql_query("select * from ".$prefix."_shout ORDER BY PID DESC");
$nrows = mysql_num_rows($query);
$msg = "output=";
for($i = 0; $i < $nrows; $i++) {
   $row = mysql_fetch_array($query);
   $time = strftime("%a %m/%d/%y %H:%M", $row['PDT']);
   $msg .= "<p class=\"output1\">" . $row['UID'] . " " . $time . "</p>";
   $msg .= "<p class=\"output2\">".$row['MSG'] . "</p>";
   $msg .= "<p class=\"output1\">--------------------------------------------------------------</p><br>";

}


$msg .= "";
echo $msg;

$user = $cookie[1];
if ($user == "") {
$user = "Anonymous";
}
$msg2 = "&username=";
$msg2 .= $user;
echo $msg2;


break;


default:

   die ("You can't access this file directly...");
}
mysql_close($link);
?>




Back to top Reply with quote
#2   
Telli
Site Admin
Occupation: Self Employed
Age: 46
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.03 posts per day
Posts: 8089
Points: 494,430
   
That doesnt look like the whole thing. This would prevent it from getting to the database:


if (is_user($user)) {
$result =  mysql_query("INSERT INTO ".$prefix."_shout (UID, PDT, MSG)
VALUES ('$user', '$time', '$msg')") or die(mysql_error());
}




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
Display posts from previous:      
Add To: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
<< View previous topic View next topic >>
Post new topicReply to topic

Jump to 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum