What are some best practices for implementing a ban/unban system in PHP using a form?
When implementing a ban/unban system in PHP using a form, it is important to validate user input to prevent malicious actions. One best practice is to use prepared statements to prevent SQL injection attacks. Additionally, you should securely store ban status in a database and update it accordingly when a user is banned or unbanned.
<?php
// Connect to database
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Process ban/unban form submission
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$userId = $_POST['user_id'];
$banStatus = $_POST['ban_status'];
// Update ban status in database
$stmt = $conn->prepare("UPDATE users SET ban_status = ? WHERE id = ?");
$stmt->bind_param("ii", $banStatus, $userId);
$stmt->execute();
// Close statement
$stmt->close();
}
// Close connection
$conn->close();
?>
Keywords
Related Questions
- Why is it recommended to validate and generate file names separately when using "file_put_contents" in PHP?
- What are some best practices for handling nested elements in HTML parsing with XPath in PHP?
- What are the advantages and disadvantages of creating multiple columns for keywords versus using a separate table for keyword relationships?