R
E
S
O
U
R
C
E
S
       Home      Products & Services      Contact Us      Links


WebHatchers will design & develop your site for you.
_______________________

Website Menu Heaven: menus, buttons, etc.
_______________________

Send us your questions.
_______________________

site search by freefind
_______________________

HOME
SEO, Google, Privacy
   and Anonymity
Browser Insanity
JavaScript
Popups and Tooltips
Free Website Search
HTML Form Creator
Animation
Buttons and Menus
Counters
Captchas
Image Uploading
CSS and HTML
PHP
AJAX
XPATH
Website Poll
IM and Texting
Databases—MySQL
   or Not MySQL
Personal Status Boards
Content Management
   Systems
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs




Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement



Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

Chat Room Administrator — Delete User Accounts

There are occasional annoying chat room visitors who have such barren lives that their idea of fun is harrassing and annoying other chat room visitors. When the chat room administrator notices such visitors (probably due to a complaining email to the site, or on some sites one may simply report the annoyer by clicking the screen name and then clicking Report), he needs to delete their accounts. The utility that does this is listed below. It's essential that this app is NOT linked to the site in such a way that visitors can get to it. Use of htaccess files will be of great help here. FTP this (exactly as you see it—do NOT edit) to your chat folder after saving it as htaccess:

<Files "chat-room-administrator-delete-user-accounts.php">
order deny,allow
deny from all
</Files>
Options -Indexes


On to the code: The function validatedump() checks the administrator's input to make sure it is legit. It will also be checked in the PHP code. Note that the JavaScript focus() function keeps the cursor on the input box until the input is legit at which point the script does a return true. Next there's a check() function that serves two purpose: ensuring the administrator has logged in, and using a JavaScript confirm() function to make sure the specific MySQL record deletion is desired. Note that the user name being spanked is pulled from the input box that selects it. This turns out to be a dropdown list that the administrator can easily click on to select the doomed user. This form is echoed to the screen in the PHP section of the page.

On to the PHP code. As usual, we start with config.php, since without it, the MySQL-based app would not be viable. You cannot relate to a db without knowing the magic words. The mix() function hashes the password, one character at a time, with md5(), then does a sha512() hash on the result before it gets trimmed down to 65 characters.

The input data gets POSTed to the PHP, next, with $U getting the administrator user name, $P getting his password, $SN getting the screen name of the doomed user, and $F getting the flag showing whether the administrator has logged in yet. He won't be able to delete squat without logging in.

The next script is the deletion script. It had to be before the code that slaps the dropdown onto the screen in case the administrator wants to delete more that one user. The dropdown will get updated so it has one less screen name after every deletion, but if the dropdown script came first, this essential updating would not occur. The script makes sure the dropdown selection has occured and that the login has occured as well, before deleting.

Then we have the dropdown script. Notice an array called $names is used and it gets filled with all screen names via the PHP array_push() function. See how smoothly HTML and PHP mix? AS long as you use proper syntax, it works cool. The options list gotten in PHP db queries (which use SQL commands) can be stuck right onto the screen neat as you please using PHP echo statements. The onsubmit event runs the check() function, using a return so the function's return false and return true statements will, respectively, come back and disallow the submitting or come back and allow the submitting.

Next, if the login form has just been submitted the PHP input validation script gets run to make sure the login user name and password are OK. The PHP preg_match() function is used to ensure that proper characters only have been typed. If not, a JavaScript alert message is shown. The series of }else{ conditionals ensures that if there is a problem with login input, the script goes no further. If all is well, a "Login accepted" message displays and the $F flag is set to indicate that fact.

Next, the HTML login form is pretty standard stuff. Finally, the json_encode() function (available since PHP 5.2 hit) is used to grab the PHP variable and turn it into JavaScript. It's a number so it didn't require JSON (but strings do), but using JSON ensures there will be no problems, whether number or string, so it's the safest way, as long as the server is running PHP 5.2 or better, which most are. The use we made of getting $F into fff is, as you can see, to stick the value into the hidden field in the dropdown form, so that each time the form is run, the script continues to acknowledge that the login was successful—which is essential.

Save this file as chat-room-administrator-delete-user-accounts.php

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Chat Room Administrator — Delete User Accounts</TITLE>
<meta name="description" content="Chat Room Administrator — Delete User Accounts">
<meta name="keywords" content="Chat Room Administrator — Delete User Accounts,Delete User Accounts,chatroom,chat room,php,javascript, dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
.formform {font:bold 15px Verdana;position:absolute;top:200px;left:500px}
</style>
<script language="javascript">

function validatedump(){

var ck_password = /^[A-Za-z0-9!@#$%^&*()_]{4,20}$/;
if (document.formadmin.dumppassword.value.search(ck_password)==-1)
{alert("Please only enter letters, numbers and these for the password: !@#$%^&*()_");
document.formadmin.dumppassword.focus();return false}

var ck_username = /^[A-Za-z0-9_]{6,20}$/;
if (document.formadmin.dumpname.value.search(ck_username)==-1)
{alert("Please only enter 6 to 20 letters, numbers and underline for the user name.");document.formadmin.dumpname.focus();return false}

return true;}

function check(){

if(fff==0||fff==null){alert("deletion aborted--you must log in first");return false}

var nme=document.formdump.dumper.value;
var answer = confirm("Attention, "+nme+"\'s account will be deleted. OK?");
if (!answer){alert("deletion aborted");return false}

return true;}

</script>

</head>
<body>

<?php
include_once"config.php";

function mix(){
global $upassword, $c;
$p = str_split($upassword);
foreach ($p as $h){$m .= md5($h);}
$c = hash('sha512',$m);
$c = substr($c, 0, 65);}

$U = $_POST['dumpname'];
$SN = $_POST['dumper'];
$P = $_POST['dumppassword'];$upassword=$P;mix();
$F = $_POST['loggedin'];

if($F==1 && strlen($SN)>5 && isset($_POST['dumpem'])){
$dump = "DELETE FROM chatroommembers WHERE screen_name = '$SN'";
$result=mysql_query($dump) or die('Error ,deleting failed');
$rc = mysql_affected_rows();
if ($rc>0){echo '<script language="javascript">alert("The account deleting was successfully accomplished."); </script>';}
else{echo '<script language="javascript">alert("Deleting failed.");window.location = "chat-room-administrator-delete-user-accounts.php"; </script>';}}

$names=array();
$result = mysql_query("SELECT screen_name FROM chatroommembers order by screen_name") or die(mysql_error());
while($row = mysql_fetch_array($result)) {
array_push ($names, $row[0]);}

$num=count($names);

echo "<div class='formform'><center><b>Select member to delete:</B></center><BR><form name='formdump' method='post' action='chat-room-administrator-delete-user-accounts.php' onsubmit='return check()'><table><tr><td><input name='dumpem' type='submit' value='Delete Account'></td><td><select name='dumper'>";
for ($i=0;$i<$num;$i++) {
echo "<option value='".$names[$i]."'>".$names[$i]."</option>";}
echo "</select></td></tr><tr><td><center><input type='hidden' name='loggedin' value=''></center></td></tr></table></form></div>";

if(isset($_POST['dumplogin'])&&isset($_POST['dumpname'])&&isset($_POST['dumppassword'])){
$U = strip_tags($U);
if (!preg_match("/[A-Za-z0-9_]{6,20}$/",$U)) {
echo '<script language="javascript">alert("Please enter 6 to 20 letters, numbers and underline for username."); </script>';

}else{

if (strlen($upassword)<6 || strlen($upassword)>20) {
echo '<script language="javascript">alert("Please enter 6 to 20 characters for password.");</script>';

}else{

$check_user_data = mysql_query("SELECT * FROM chatroommembers WHERE username = '$U'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0)
{echo '<script language="javascript">alert("This user name does not exist. Please try again.")</script>;';unset($U);unset($P);

}else{

$get_user_data = mysql_fetch_array($check_user_data);
$Z=$get_user_data['upassword'];

if($Z != $c || !isset($_POST['dumplogin']))
{echo '<script language="javascript">alert("Username/password pair is invalid. Please try again.")</script>';$F=0;

}else{

echo '<script language="javascript">alert("Login accepted.")</script>';$F=1;}}}}}

?>

<h1>Chat Room Administrator — Delete User Accounts</h1>

<div id='dump' style='position:absolute;top:200px;left:100px;width:350px;border:4px solid blue;background-color:#8aa;'><table border='0' cellspacing=0 cellpadding=6><tr><th style='font-size:24;text-align:right'>Administrator Login&nbsp;&nbsp;&nbsp;&nbsp;</th></tr>
<form name="formadmin" method="post" action="chat-room-administrator-delete-user-accounts.php" onsubmit="return validatedump()">
<tr><td><label for="User Name"><b>User Name: </b><input type="text" name="dumpname" size="20" maxlength="20" value=""></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td></tr>
<tr><td><label for="Password"><b>Password: &nbsp;&nbsp;&nbsp;</b><input type="password" name="dumppassword" size="20" maxlength="20" value=""></label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td></tr>
<tr><td><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" value="Submit" name="dumplogin">
<input type="reset" value="Reset"></form></td></tr></table>
</div>

<script language="javascript">

var fff = <?php echo json_encode($F); ?>;
document.formdump.loggedin.value=fff;

</script>

</body>
</html>