Some code for member administration on the forum by Captain Ron at 1:54 AM EDT on August 24, 2011
Well, I've just created the following code to view IP addresses used by each member when posting:
<?php mysql_connect("sql_server", "username", "password") or die(mysql_error()); mysql_select_db("sql_db_name") or die(mysql_error()); $query = "SELECT users.uname, board.ip ". "FROM users LEFT JOIN board ". "ON board.author = users.idx "; $result = mysql_query($query) or die(mysql_error()); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><title>HCS Forum - IP Address Listing</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta name="description" content="Here's a listing of all the members on this forum."> <link rel="stylesheet" type="text/css" href="forum.css"> </head><body> <?php echo "<table border='1'>"; echo "<tr> <th>Member name</th> <th>IP address</th> </tr>"; while($row = mysql_fetch_array($result)){ echo "<tr><td>"; echo $row['uname']."</td><td>".$row['ip']."</td>"; echo "</tr>"; } echo "</table>"; ?></body></html>
I'm now trying to devise a method of applying a ban once an IP is typed into a form. I sadly cannot create any .htaccess file without triggering any server-sided bugs (considering that it's technically a hidden file that can't be accessed remotely). If anyone has any suggestions, please let me know.
In the meanwhile, if you want to ban people, do it the old-fashioned way; use a text editor to create your own .htaccess file & upload it to the forum's root directory.
edited 1:55 AM EDT August 24, 2011
by Captain Ron at 9:48 PM EDT on September 15, 2011
Here's a new update to this HCS Forum admin script.
Changes:
Each user's password is displayed along with their IP address. As much of a "violation" of a user's privacy it is, passwords were never encrypted to begin with (thus the reason why the forum software warns you to avoid using sensitive passwords). :P
Prerequisites:
1. A password-protected web folder, or some kind of PHP Authentication for the admin script.
2. A functioning MySQL database which you have credentials for, containing HCS Forum data.
It doesn't matter if the HCS Forum software itself is online or not; the admin script is independent of the HCS Forum proper & will always work as long as the forum's database is intact.
Code:
<?php mysql_connect("sql_server", "username", "password") or die(mysql_error()); mysql_select_db("sql_db_name") or die(mysql_error()); $query = "SELECT users.uname, users.pass, board.ip ". "FROM users LEFT JOIN board ". "ON board.author = users.idx "; $result = mysql_query($query) or die(mysql_error()); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><title>HCS Forum - IP Address Listing</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta name="description" content="Here's a listing of all the members on this forum."> </head><body> <?php echo "<table border='1'>"; echo "<tr> <th>Member Name</th> <th>Password</th> <th>IP Address</th> </tr>"; while($row = mysql_fetch_array($result)){ echo "<tr><td>"; echo $row['uname']."</td><td>".$row['pass']."</td><td>".$row['ip']."</td>"; echo "</tr>"; } echo "</table>"; ?></body></html>
Potential uses for admins:
1. Controlling a user's account (either to assist them, or to thwart out offending users by changing their passwords).
2. Banning offending users via HTACCESS, based on their IPs.