Forum Tutorial - MOTD and Banning Messages

Submitted by Yorkiebar on Saturday, March 8, 2014 - 08:49.

Introduction: This tutorial is going to be covering message of the days and banning messages. Database Setup: First we are going to set the database up ready for storing our information, create a new table named "reasons", then give it the following columns of structure: id - INT - 5 Length - Primary Key - Auto Increment (AI/A_I) use - VARCHAR - 255 Length message - VARCHAR - 255 Length additional - VARCHAR - 255 Length We are going to make the use value "motd" for Message of the Day, or "ban" for the banning message. While we use the additional slot to hold the username for banning messages. Banning Messages: Next we are going to add a banning message option to the banning form of the admin panel...

echo '<tr><td>'.$row["username"].'</td><td>Current Level: '.$row["level"].'</td><td>Change Level: </td><td><form action="admin.php?act=level&uID='.$row["id"].'" method="POST"><input type="number" name="newLevel" /><input type="submit" value="Change User Level" /></form></td><td><form action="admin.php?act=ban&uID='.$row["id"].'" method="POST"><input type="text" name="message" /><input type="submit" value="Ban User!" /></form></td><td><form action="admin.php?act=unban&uID='.$row["id"].'" method="POST"><input type="submit" value="Unban User!" /></form></td></tr>';

Next we will alter our processing to add the banning reason to our new table...

else if(isSet($_GET['act']) && $_GET['act'] == 'ban' && isSet($_GET['uID'])) {
        $uID = $_GET['uID'];
        $checkUserExists = mysqli_query($con, "SELECT * FROM `users` WHERE `id`='$uID'");
        if (mysqli_num_rows($checkUserExists) > 0) {
                //User exists, set level to 0 and ban them.
                $banUserQuery = mysqli_query($con, "UPDATE `users` SET `level`='0' WHERE `id`='$uID'");
                if ($banUserQuery) {
                        $banMessage = $_POST['message'];
                        $banUserInfo = mysqli_fetch_array($checkUserExists) or die(mysql_error());
                        $banUser = $banUserInfo['username'];
                        $insertReasonQ = mysqli_query($con, "INSERT INTO `reasons` VALUES ('', 'ban', '$banMessage', '$banUser')");
                                if ($insertReasonQ)
                                        echo 'Banned user.';
                }else
                        echo 'Failed to ban user...';
                header("Location:admin.php");
                exit();
        }
}

Finally we need to output the message to the user once they try to login, but they're banned...

if (isSet($_POST['login']) && isSet($_POST['user']) && isSet($_POST['pass']) && $_POST['user'] != '' && $_POST['pass'] != '') {
        $pass = $_POST['pass'];
        $passMD5 = md5($pass);
        $user = $_POST['user'];
        $q = mysqli_query($con, "SELECT * FROM `users` WHERE `username`='$user'");
        if (mysqli_num_rows($q) > 0) {
                $info = mysqli_fetch_array($q);
                if ($info['level'] != '0') {
                        $storedPassword = $info['password'];
                        if ($storedPassword == $passMD5) {
                                $_SESSION['username'] = $user;
                                if ($info['level'] == 2)
                                        $_SESSION['isMod'] = 'yes';
                                if ($info['level'] == 3)
                                        $_SESSION['isAdmin'] = 'yes';
                                header("Location:forumTutorial.php");
                                exit();
                                echo 'Logged in!';
                        }else
                                echo 'Password was incorrect. Please try again.';
                }else{
                        $banReasonQ = mysqli_query($con, "SELECT * FROM `reasons` WHERE `additional`='$user' AND `use`='ban'") or die(mysql_error());
                        $banReasonInfo = mysqli_fetch_array($banReasonQ);
                        $banReason = $banReasonInfo['message'];
                        echo 'That account is banned!<br/>Reason: '.$banReason;
                }
        }else
                echo 'That username was not found. Please try again.';
}

Message Of The Day: Next we add a message of the day option to the admin panel...

<h1>Message of the Day:</h1>
<form action='admin.php?act=motd' method='POST'>
Current MOTD: <?php
        $motdQ = mysqli_query($con, "SELECT * FROM `reasons` WHERE `use`='motd'");
        if (mysqli_num_rows($motdQ) > 0) {
                $motdInfo = mysqli_fetch_array($motdQ);
                echo $motdInfo['message'];
        }
?>
<br/>
Update MOTD: <input type='text' name='newMOTD' />
</form>

Next we process the information. If there is already an motd, we update it, otherwise we insert a new row to create one...

else if(isSet($_GET['act']) && $_GET['act'] == 'motd') {
        $message = $_POST['newMOTD'];
        $motdQ = mysqli_query($con, "SELECT * FROM `reasons` WHERE `use`='motd'");
        if (mysqli_num_rows($motdQ) > 0) {
                mysqli_query($con, "UPDATE `reasons` SET `message`='$message' WHERE `use`='motd'");
                echo 'MOTD Updated.';
        }else{
                $motdInsert = mysqli_query($con, "INSERT INTO `reasons` VALUES ('', 'motd', '$message', '')");
                if ($motdInsert) {
                        echo 'Inserted motd.';
                }else
                        echo 'Failed to insert motd.';
        }
}

Finally we show the motd on the homepage...

<?php
        $motdQ = mysqli_query($con, "SELECT * FROM `reasons` WHERE `use`='motd'");
        $motdInfo = mysqli_fetch_array($motdQ);
        if (mysqli_num_rows($motdQ) > 0 && $motdInfo['message'] != '') {
                echo '<h1>MOTD:</h1><br/>'.$motdInfo['message'];
        }
?>

Add new comment

39 views