Author |
Topic |
SalmanKhana
Average Member
USA
961 Posts |
Posted - 06 March 2002 : 14:22:16
|
good MOD
If I was very determined in banning a person I would do the following steps.
1) Put the email user password mod and unlock the new members manually (another MOD).
2) before unlocking a member check their IP address myself and see if they are the similar to problem maker's IP
3) use the following mentioned code too ! because banning IP can be very dangerous sometimes because good people can be stopped from coming in too !
thats my 10 cents for now.
|
|
|
lmajors
Starting Member
13 Posts |
|
Caspoory
Starting Member
United Kingdom
18 Posts |
Posted - 09 March 2002 : 13:37:20
|
Dear KC,
I liked your code and idea. I think it works great if you apply it with the Ban IP mod. I used your code, and did few changes to it HOPE you don't mind
I apologise, if you feel offended or you don't like people changing what you have done, however I will tell you what I changed and explain why.
Changes: (The first is the most important one, you can ignore the rest)
- Imagine that you have two users, with a very similar username (e.g. KC and LC) and you have banned LC. If KC tries to login and mistype his/her name (k and l are close on the keyboard), then the cookie will be written to that KC's machine! When it shouldn't. It will be written because the script will check and find that strLoginStatus is 0 because of the wrong password, and will then check that LC (the mistyped username) is banned and it will write the cookie to KC's machine!!!
Therefore I changed the SQL statement to check the password as well, and if ALL is right then it will write the cookie. Also made the SQL statement more generic (more like Snitz standards and convensions) and also applied the ChkString on the password so that it won't return an error if there is no password, here it is:
strSql = "SELECT " & strMemberTablePrefix & "MEMBERS.M_STATUS " strSql = strSql & "FROM " & strMemberTablePrefix & "MEMBERS " strSql = strSql & "WHERE " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & getMemberNumber(strDBNTFUserName) & " " strSql = strSql & "AND " & strMemberTablePrefix & "MEMBERS.M_PASSWORD = '" & ChkString(Request.Form("Password"), "SQLString") & "'"
- The second change is not very important, is that I changed the expiry date of the cookie to be +3650! It will last for 10 years, enough for the user to change the computer or to become more mature
- I did put the code as a Sub in the inc_functions.asp and called it from inc_top.asp, so that it will check everywhere.
- Part of the Sub that will be called in every page is another check, to check which page is called from and then redirect him to the nastygram if it was policy or register. This is just to make it easy to implement and change and have the code in one place and more generic, nothing more, nothing less.
Dim strScriptName, aryScriptName aryScriptName = Split(Request.ServerVariables("SCRIPT_NAME"), "/") strScriptName = aryScriptName(UBound(aryScriptName))
if (strScriptName = "policy.asp" OR strScriptName = "register.asp") AND Request.Cookies(strUniqueID & "Status")("banUser") = "1" then Response.Redirect "ur_banned.asp" end if
I guess that's all I have now, and You still da man for this code and idea
Let me know if you are interested in the new code, then I will post it as a downloadable zip. Otherwise, you got the picture.
A.Mosa : IPS Studio :: iNCiA
Edited by - caspoory on 09 March 2002 13:45:49 |
|
|
iwps
Starting Member
10 Posts |
Posted - 11 March 2002 : 10:46:24
|
Zip request please?
I like original idea of the mod PLUS your enhancements, but I'm having trouble following (sorry, still slow on this ASP stuff).
THX!
|
|
|
Caspoory
Starting Member
United Kingdom
18 Posts |
|
Helena
Starting Member
Spain
21 Posts |
Posted - 28 March 2002 : 12:10:24
|
Hi, I added those lines and locked a user. When I try to log with this user (using another machine) I get this:
Error '80020009' Ocurrió una excepción.
forum/inc_top.asp, line 111
ocurrió una excepción=(translation) an exception occurs
In line 111 I've this:
if banG(0) = "0" then
What wrong did I ? |
|
|
Id
Junior Member
USA
129 Posts |
Posted - 28 March 2002 : 17:12:23
|
My guess is it's using the wrong connection string
replace connBan.open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & server.MapPath ("tools/snitz_forums_2000.mdb")
with connBan.open strConnString
See if that does anything
Going insane one day at a time |
|
|
Helena
Starting Member
Spain
21 Posts |
Posted - 29 March 2002 : 08:13:27
|
Hi, ID, first all, thanks
The bad new is that it didn't work I replaced that line, and no changes appear. The exactly same error in line 111. |
|
|
Huntress
New Member
USA
96 Posts |
Posted - 02 April 2002 : 09:36:13
|
LOVE THIS MOD!!!!
While there is no perfect solution to the ban issue, it sure helps to have more than one weapon in your arsonal.
Sure helps me with those folks on AOL Now I don't have to take out all my good AOL'rs
BTW... I used Caspoory's zip file... works like a charm!
Thanks! |
|
|
SubKamran
Junior Member
101 Posts |
Posted - 02 April 2002 : 12:38:19
|
why not ban by CPU ID? it would store their ID in a table in ur database so they couldn't delete it...there's a way to do that (get CPU ID). so, when the person logs in, a script grabs the users's CPU ID (every1's ID) and when u want to ban some1 look up their CPU ID with the User...how bout it?
|
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 02 April 2002 : 12:57:31
|
I posted some code elsewhere in the forum that allows you to get the clientID of your machine which can then be stored.
|
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
|
SubKamran
Junior Member
101 Posts |
Posted - 02 April 2002 : 13:16:40
|
yah, but then people have 2 login THEN submit the form...the form ur talking about is the profile right?
Kamran A 14/m/mn Minneapolis, MN Web Dev/Flash Dev |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 02 April 2002 : 14:40:41
|
actually no, I was thinking more like the login form. But for a new forum you could record it when they register, or you could attach it to the post form or any othe rform for that matter.
|
|
|
SubKamran
Junior Member
101 Posts |
Posted - 02 April 2002 : 19:36:56
|
ah, ic....
so, is there a MOD like that, i mean, so it's easier to Ban them? u got the script. so how do u ban them?
Kamran A 14/m/mn Minneapolis, MN Web Dev/Flash Dev |
|
|
Topic |
|