I made a ban script where it updates the members list and put SET banned=Yes WHERE username=$_POST[username]
But now I would like to make timed bans, like if a user get banned for a day, he will be un-banned after his ban time.
Does anyone know how I could do this? I'm not pretty good with MySQL and times.
Simply change the column to something like "BannedUntil (datetime)" set that to one day into the future:
UPDATE Users SET BannedUntil = DATE_ADD(NOW(), INTERVAL 1 DAY) WHERE username = <username>
And to check if the user is banned
SELECT 1 FROM Users WHERE BannedUntil > NOW() AND username = <username>
If we get a row back, the user is banned, otherwise not.
You save the time of the ban, and the duration of the ban.
Pseudo-code:
if (current_date == ban_time + ban_duration) { unban_user }
Store the time when the user was banned and the duration of the ban. When the user attempts to access any page which needs to know whether he or she's banned or not - to display a "you're banned" message or whatnot - query the database for the user info. If he's banned, add the ban duration to the ban time and compare it to your current time. You can lift the ban if you've passed that computed time.
You must save ban time (unix timestamp field or datetime) and also duration of ban, when user try to login, you can simply check how much time passed after ban, if ban time passed, update row, and set banned column to 'No'
Related
I have a script that will login and logout a user. It works perfectly. Now I have like a widget that counts how many users are registered and activated as well as how many users are online. I do this by having a field in my users database that says online = 1 or 0. When the person logs in, online = 1 and logs out online = 0. Now I haven't taken into account that this field is only being updated because the user is doing something. I haven't taken into account that the session would timeout.
How can I make a function that says something like if session timeout = true then update users set online=0 where username=$username and user_id=$user_id.
In your database table, add another column something like last_seen. Update this every time you see your users online. After a certain period of inactivity, they will be marked as inactive. In fact, I suggest you replace your online field with this.
For example,
ALTER TABLE users CHANGE COLUMN `online` `online` DATETIME; -- SAMPLE SQL query only
To check how many users are online:
SELECT * FROM users WHERE online>(NOW()-INTERVAL 1 HOUR); -- SELECTS all users online in the past hour.
If the user logs out, you can simply set the online = NOW()-INTERVAL 1 HOUR. Or, you can also retain your previous online field and you can check if the user is idle (using my suggestion) OR online=0.
Instead of trying to use a boolean value to see if somebody is logged in, try using a TIMESTAMP. Then you can perform more accurate logic based on how long somebody has been away. If the last time somebody has loaded a page on your website was 30 minutes ago, do you think they're online? Do you even think they're at their keyboard?
The session will only timeout if you want it to do so. This question is really a duplicate of 'How do I expire a PHP session?'
Code is only executed when a php page is served, so you will need to track the last time a user was active my using a session variable to track the last time a page was served to that user. Then, whenever serving any php page to the user, check to see if the timeout period has elapsed and log the user out if it has, see link for examples.
Add lastOnline field which stores the timestamp of last user activity.
Have some ajax function on the page which updates the timestamp every "n" seconds.
To check if user is online - check both: online field and timestamp. If timestamp was updates more than "n" seconds ago - user is offline even if online field is equal 1.
i am new in php.. i want to delete the user automatically if he does not attempt login in 30 days.
for example
if user login on "10-02-2012" ,
and if user doesnot login for next 30 days
then system should automatically delete his account.
if user again login on "15-02-2012" ,
then limit should be for next 30 days i-e "15-03-2012"
please help me i am very new in php
i have no idea how to store the date when user attempt to login.
You want to have a date field in the user table and a query that sets that date to CURDATE() whenever your login script runs. Something like:
UPDATE 'users' SET 'lastlogin' = CURDATE() WHERE 'userid' = '$userid';
Have a crontab that runs once a day (or however often you want) that queries all the fields that are 31 days old and deletes them:
DELETE FROM 'users' WHERE 'lastlogin' < CURDATE() - INTERVAL 31 DAY
Log the last login date in a Database.
Write a script which searches and deletes users where the last login was more then 30 days ago.
start the search and delete script with a cron job
Here's a tutorial on building a login system:
http://www.phpeasystep.com/phptu/6.html
Your solution would add to the tutorial by adding a DATETIME field named "last_login" to the members table. Whenever someone logs in, you update the last_login field with a database query like:
UPDATE TABLE members SET last_login = CURRENT_TIME WHERE id = xxx LIMIT 1
Then you can run another database query once a day to delete inactive accounts, customizing the deletion date as needed:
DELETE FROM TABLE members WHERE last_login < '2012-04-01 00:00:00'
it's very simple.
create a field in the DB table that stores the most recent login date.
write a script run every night at midnight that checks the login date against the current date.
the great thing about this is date objects allow you to easily compare dates easily.
here are some links that will help:
http://php.net/manual/en/function.date.php
http://www.w3schools.com/sql/sql_dates.asp
best of luck! it's pretty straight forward I have done it many times im sure you wont have much trouble.
In your data base, where user accounts are stored, you can store the last time they logged in using one of the built in MySQL date/time data types. In your PHP you can update this to the current time with another MySQL command. This page will get you started: http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html
As for deleting a user, you will want to set up a cron job/scheduled task, that will delete this user by checking the date and seeing if it is 30 days ago.
You can add two field for users table
created : date when user registered
login_date: date update on every login by user.
And you can use cron Job which run automatically (run a php file which path set in it) on selected time. you can run it every day on a fixed time. and if found both created and login_date same then delete that user from database. You can set cron job from your cpanel.
thanks
set up cron job for once a day and check who didn't logged in from last 30 days to current time / date you can use timestamp or date for last login
Ok, ive got a minecraft server and im making a voting script for it.
I need a way to check the users ip in a mySQL.
If it doesn't exist it will put the ip in the database, and it will remove it after 24 hours in the database.
If anyone could help me do this, it would be great, thanks
There are plenty of tutorials online on how to achieve this, thus I wont give you the code. Just a few hints to get you started.
In PHP, you can get the user's ip address from the $_SERVER superglobal
$ip = $_SERVER['REMOTE_ADDR'];
To check if it exists in your table
$query = sprintf("SELECT COUNT(*) FROM yourtable WHERE `ip` = '%s'", mysql_real_escape_string($ip));
If it does not exist, store it using the INSERT command along with a timestamp.
As for removing after 24 hours, you can set up a cron job that runs through the table every hour or so and removes all entries that have expired. However, it would be easier to not remove the entries. Instead, when a user votes, just check the timestamp of his last vote. If 24 hours have passed since the last vote, just update the timestamp.
Basically, the workflow would be:
1. Get users's IP address.
2. Does this IP exist in table?
2a. If no, let user vote, and enter his ip in the table along with the current time in the timestamp column
2b. If yes, get the timestamp of his last vote. Has it been 24 hours since his last vote?
2b.a. If yes, let user vote and update timestamp column with current time.
2b.b. If no, do not let user vote / reject his vote. Leave timestamp column unchanged.
The easiest way is to do the following
$ip = $_SERVER['REMOTE_ADDR'];
// Run cleanup for given IP
$result = mysql_query("SELECT * FROM table
WHERE `ip`='$ip' AND `timestamp` > NOW() - 24*3600");
if (mysql_num_rows($result)==0)
// there is no record within the last 24h, let insert a new one
{
mysql_query("INSERT INTO table SET `ip`='$ip', `timestamp` = NOW()");
echo "Thank you for your vote!";
}
else echo "You may vote only once in 24 hours";
// run total cleanup query from time to time
if (rand(1,5)<2) mysql_query("DELETE FROM table
WHERE `timestamp` < NOW() - 24*3600");
ps: If you have different votings, each of them should have different unique ID. and the MySQL table, which had before two columns ip and timestamp, should have one more column voteid, for example. In that case the code above will change to
// voteid should be somehow set to the id of the voting.
// for example by GET request
$voteid = intval($_GET['voteid']);
$ip = $_SERVER['REMOTE_ADDR'];
// Run cleanup for given IP
$result = mysql_query("SELECT * FROM table
WHERE `ip`='$ip' AND `voteid`='$voteid` AND `timestamp` > NOW() - 24*3600");
if (mysql_num_rows($result)==0)
// there is no record within the last 24h, let insert a new one
{
mysql_query("INSERT INTO table SET `ip`='$ip',
`voteid`='$voteid', `timestamp` = NOW()");
echo "Thank you for your vote!";
}
else echo "You may vote only once in 24 hours";
// run total cleanup query from time to time
if (rand(1,5)<2) mysql_query("DELETE FROM table
WHERE `timestamp` < NOW() - 24*3600");
I want to set up online detection on my website.
I have a row in my user table where the last login datetime is stored. Every time a user visits the site, his login date updates and user online row sets to 1 (1 - online, 0 - offline).
How to change the online row to 0 (offline) if the last login was 10 or more minutes ago? The aim is to find difference between dates.
cronjob every 10 minutes?
UDPATE users SET online = 0 WHERE login_date > (NOW() - INTERVAL 10 minute);
just to each user add a last_seen timestamp to there row so that when you do your user is authed check you can update the time
if(logged_in())
{
update_user();
}
function update_user()
{
//UPDATE users SET last_seen = unix_timestamp() WHERE uid = X;
}
Then you can do for you users:
SELECT * FROM users WHERE last_seen > (unix_timestamp()-300)
To get the last 5 mins.
If you want to show the users who have been online within last 10 mins then the best method is to include the datetime condition in the sql query.
Save the last login time as timestamp, then you can easily compare it with the current time and tell how much time has passed since.
Depending on the size of your user table, you can run the check of those who are still supposedly online every time somebody calls your website.
A different approach is to store active users in buckets, labeled with the last login time, you can then easily reset all users that are in buckets older than 10 minutes.
I want to create a function that allows me to ban an account for 10days.
In the dbc, I have a field called "ban" and Boolean of 1=notban, 0=ban. I also have a field called "date_banned" which is just the timestamp of when the user got banned.
My question is how do I create a time frame of 10days from the date the user was banned?
ex: James was banned on "2010-05-03 20:43:48". So how can I go about adding 10days to the timestamp? And after 10days, it would set the "ban" equal to 1(which is not banned).
EDIT: how can i show how many days the user has left of a ban? ex: 8 more days till unban
Can I...do NOW()-$date_banned? or how do I subtract the ban date from the current date?
To add 10 days to your date_banned field in MySQL, you can simply use the DATE_ADD() function. You could do the following check when the user tries to log-in, to see if the ban has expired:
... WHERE NOW() > DATE_ADD(date_banned, INTERVAL 10 DAY);
Then you may want to toggle the ban field when the user tries to log in. Otherwise you can run a scheduled job every day, or at any other rate, that checks for expired bans and updates this field accordingly.
However you do not actually need the ban field to check if a user is banned or not. In fact you may want to consider eliminating it. Actually, I would go further and suggest to use a banned_until instead of date_banned (or use them both). The banned_until field would make your queries simpler, and would allow you to predefine arbitrary ban durations at the time the ban is issued. In this case, when a user logs in, you can simply do the following check:
... WHERE NOW() > banned_until;
UPDATE:
To get the number of days remaining until the end of the ban, you can use the TIMESPANDIFF() function in MySQL:
SELECT TIMESTAMPDIFF(DAY, NOW(), DATE_ADD(date_banned, INTERVAL 10 DAY)) ...
Or if you were to use the banned_until field, it will be even shorter:
SELECT TIMESTAMPDIFF(DAY, NOW(), banned_until) ...
unban_date=DATE_ADD(NOW(), INTERVAL 10 DAY) should do the trick
Then just have a cron that checks to see if anybody's unban_date is in the past, and you can update your banned flag.