Home/ Questions/Q 7775423
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T17:37:40+00:00

so this was working perfect up until an hour ago and since then i

  • 0

so this was working perfect up until an hour ago and since then i have racked my brain to fix it and got nothing, maybe im missing the obvious (thats usually the case).

The code prints out a list of users and a button to ban them in a table, however the problem is if you click ban on say.. the 34th user it bans the first, then if you click ban on the 56th user it bans the second user. If you see my code you should see that that shouldn’t be the case (note all other details are perfectly right except for the uID):

  $query = mysql_query("SELECT id, full_name, banned, username from `tblUsers`");
        while($row = mysql_fetch_array($query)){
            $uID = $row['id'];
            if($row['banned'] == '0'){ 
                $banBool =  '<form id="ban" method="post" action="ban.php?uid='.$uID.'">
            <input type="hidden" name="ban" value="" /> 
            <a onclick="document.getElementById(\'ban\').submit();">Ban</a>
        </form>'; }else{   
            $banBool = '<form id="unban" method="post" action="unban.php?uid='.$uID.'">
            <input type="hidden" name="name" value="" /> 
            <a onclick="document.getElementById(\'unban\').submit();">UnBan</a>
            </form>' ;
        }
            if($row['banned'] == '1'){
                $status = 'Banned';
            }else{
                $status = 'Active';
            }
            echo "<tr><td>" . $row['username'] . " " . $uID . "</td><td>" . $banBool . "</td><td>" . $status . "</td><td>" . $row['full_name'] . "</td></tr>";
        }

The issue is in the action=”unban.php?uid=’.$uID.’ as when i trace the path the id is always the lowest number (top result)

ban.php

<?php
include '../../includes/dataBase.class.php';
sql::connect();
if(!sql::checkAdmin() == 1){
    header("Location: ../myaccount.php");
}
if(!isset($_GET['uid'])){
    header("Location: users.php?action=1");
}
$uid = $_GET['uid'];
$ip = $_SERVER['REMOTE_ADDR'];  
mysql_query("INSERT INTO `uipBan` (`ip`) VALUES ('$ip')")or die(mysql_error()); 
mysql_query("UPDATE tblUsers SET banned = '1' WHERE id = '$uid'")or die(mysql_error());
//header("Location: users.php?action=1");
echo $uid;
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You provide a form for each user which bans/unbans that user. The problem is in your form id because they’re not unique. When you click on any Ban/UnBan link, JavaScript searches for the ban/unban element, finds the first one and submits that one.

    The solution is very easy:

      $query = mysql_query("SELECT id, full_name, banned, username from `tblUsers`");
        while($row = mysql_fetch_array($query)){
            $uID = $row['id'];
            if($row['banned'] == '0'){ 
                $banBool =  '<form id="ban' . $uID . '" method="post" action="ban.php?uid='.$uID.'">
            <input type="hidden" name="ban" value="" /> 
            <a onclick="document.getElementById(\'ban' . $uID . '\').submit();">Ban</a>
        </form>'; }else{   
            $banBool = '<form id="unban' . $uID . '" method="post" action="unban.php?uid='.$uID.'">
            <input type="hidden" name="unban" value="" /> 
            <a onclick="document.getElementById(\'unban' . $uID . '\').submit();">UnBan</a>
            </form>' ;
        }
            if($row['banned'] == '1'){
                $status = 'Banned';
            }else{
                $status = 'Active';
            }
            echo "<tr><td>" . $row['username'] . " " . $uID . "</td><td>" . $banBool . "</td><td>" . $status . "</td><td>" . $row['full_name'] . "</td></tr>";
        }

    I just included the User ID on every form and JS call so that they are unique. (Also, your second hidden field had the name as name)

    • 0