php help

[marcus123]

Hi could you please check this code ad tell me why it doesn't work. It doesn't check the IP it just blocks the user!

functions_user.php

// REGIP = new param
        $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup,regip", "uid='".intval($uid)."'", array('limit' => 1));
        $user = $db->fetch_array($query);
    }
    if(!$user['salt'])
    {

member.php

elseif($user['usergroup'] == X || $user['usergroup'] == Y)
        {
            $currentip = $_SERVER['REMOTE_ADDR'];
            if ($currentip != $user['regip'])
             {
               $errors[] = "Cannot log you in!";
             }
        }

X and Y is where I put group ID

[effone]

Checked (print_r) the values from $user array (specifically $user['regip']) after getting it from DB?

[Matt]

There's a good chance the IP they're using currently won't be the same as the IP they registered with, what are you trying to do here?

[spork985]

There's a good chance the IP they're using currently won't be the same as the IP they registered with, what are you trying to do here?

It sounds like he doesn't want people to log in once their IP changes which is rather stupid.

[marcus123]

There's a good chance the IP they're using currently won't be the same as the IP they registered with, what are you trying to do here?

It sounds like he doesn't want people to log in once their IP changes which is rather stupid.

No it's not! I only want this to affect Admin and Moderator group! I will notify all the moderators that they have to login with the same IP address. This a firewall in case someone gets Admin or Moderator password!

[spork985]

That isn't a very good idea. Almost everyone is going to have a dynamic IP address unless they're logging in from a business. This means the IP will change from time to time on its own. Your staff aren't going to be very happy when they can't log in every other week. They will also no longer be able to browse from their phones or anywhere else aside from the original registration computer.

[marcus123]

Thanks but my stuff will have to do what I tell them to do and what I want is to protect my forum.
I will tell them to use static IP address or to change their IP to the one they have registered with!
The problem I see is that you can prevent people from entering ./admin but there is no way to protect people from gaining access to your forum through main page!

This is only for now that I am trying to figure how to run a forum!

[spork985]

I will tell them to use static IP address or to change their IP to the one they have registered with!

How exactly do you expect someone to pick the IP address they are using once their dynamic IP changes?

[marcus123]

I will tell them to use static IP address or to change their IP to the one they have registered with!

How exactly do you expect someone to pick the IP address they are using once their dynamic IP changes?

If I decide to promote someone to moderator I will tell them the IP address they need to use in order to access their account. So all you have to do is to change you IP to the one I provided you with (the one you have registered with)

[spork985]

I will tell them to use static IP address or to change their IP to the one they have registered with!

How exactly do you expect someone to pick the IP address they are using once their dynamic IP changes?

If I decide to promote someone to moderator I will tell them the IP address they need to use in order to access their account. So all you have to do is to change you IP to the one I provided you with (the one you have registered with)

You don't get to pick your own IP address. They're assigned by your Internet Service Provider.