Hi guys.
I am seriously confused with this issue. I've set up some pages to ban, unban and approve a user. On localhost, it works fine. I can ban them and their record is updated to show that. I can unban them and again, it's updated. I can also approve and all is fine.
However, when I uploaded this to a website I'm having a big problem. When I try and approve a user, or unban them - it changes their banned/approved state and then logs me in as them! And when I try and ban them, it just logs me out.
Here is the code I have (I'll show you the banned pages, as they're all basically the same):
ban.php
<?php
include 'core/init.php';
protect_page();
not_admin_redirect();
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Liste - </title>
<link rel="stylesheet" type="text/css" href="css/main.css" />
</head>
<body style="background-image: url(http://i.imgur.com/Wim7Rj9.png);">
<!-- Begin Wrapper -->
<div id="wrapper">
<!-- Begin Header -->
<div id="header">
<center><a href="liste.php"><img src="http://forum.defensedpt.com/Themes/Fresh/images/theme/logo.png"></a></center>
</div>
<!-- End Header -->
<!-- Begin Left Column -->
<div id="leftcolumn">
<?php
$result = mysql_query("SELECT `user_id`, `username` FROM `users` WHERE `approved`=1 AND `banned`=0 ORDER BY `username`");
echo "<center><table>";
while($row = mysql_fetch_array($result)) {
echo "<tr><td align=center><font color=\"white\">" . htmlspecialchars($row['username']) . "</font></td><td><font color=\"white\"> | </font></td><td><a href=\"ban_user.php?user_id=" . $row['user_id'] . "\"><font color=\"white\">Ban</font></a></td>";
}
echo "</table></center>";
?>
<br><center><a href="liste.php">Go back</a></center>
</div>
<!-- End Left Column -->
<!-- Begin Right Column -->
<div id="rightcolumn">
<center>
<?php
include 'loggedin.php';
include 'habbo_image.php';
?>
<hr>
<a href="logout.php"><font size="3">Logout</font></a>
<br />
<a href="changepassword.php"><font size="3">Change Password</font></a>
<hr>
<br />
<hr>
<a href="liste.php">E-3+ (OPNAV)</a>
<hr>
<a href="dd.php">Dishonorable Discharge</a>
<hr>
<a href="hd.php">Honorable Discharge</a>
<hr>
<a href="deserter.php">Deserter</a>
<hr>
<br />
<?php
if ($user_data['permissions'] == 2) {
echo '
<hr>
<a href="approve.php">Approve Users</a>
<hr>
<a href="ban.php">Ban Users</a>
<hr>
<a href="unban.php">Unban Users</a>
<hr>';
} else {
echo ''; }?>
</center>
</div>
<!-- End Right Column -->
<!-- Begin Footer -->
<div id="footer">
<center>DefenseDpt.com © All rights reserved</center>
</div>
<!-- End Footer -->
</div>
<!-- End Wrapper -->
</body>
</html>
ban_user.php
<?php
include 'core/init.php';
protect_page();
not_admin_redirect();
$user_id = $_GET['user_id'];
mysql_query("UPDATE `users` SET `banned`= 1 WHERE `user_id` = $user_id");
header('Location: liste.php');
?>
Thanks guys. If you need me to explain what a function is or does, or anything like that, please ask. I wasn't really sure what you guys needed, short of providing all 41 of my files.
Oh - and when someone logs in a $_SESSION is set with their user id, and when someone logs out that $_SESSION is destroyed.
Thanks guys!