guyfromfl Posted February 2, 2011 Share Posted February 2, 2011 I am trying to protect my queries to check the user's ip address to make sure they are not banned... When I comment out the if statement in $db->query the error goes away... The checkIp function works in other instances, I am just trying to call it so nobody can inject things by trying to go around the actual pages... my db function class looks like this: class dblib { function query($sql) { if ($this->checkIp($_SERVER['REMOTE_ADDR']) == true) { die("GH".$ip); // Used to see if I can get that far... $result = mysql_query($sql) or die("Database error: " . mysql_error() . "<br /><br /><h2>SQL</h2><p>$sql</p>"); return $result; } else { die("<h1>Banned</h1>"); } } /// .......some other functions function checkIp($ip) { $sql = "SELECT * FROM block WHERE ip='$ip' LIMIT 1 "; $result = $this->query($sql); if (mysql_num_rows($result) == 0) return true; else return false; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.