WCDDL wcddl submit help

[1LinkDL]

hello please can someone help me with the submit if only on whitelist. but i also need to check email is right with submitting site as on my database

i have tried this but it do not work.

SELECT url,email FROM wcddl_whitelist WHERE url = '".mysql_real_escape_string($surl)."'"

thanks is you can help :D

 

[Sponge Bob]

Hey please explain further i am not getting your question clearly.

 

[1LinkDL]

iam using the wcddl whitelist.
wcddl_whitelist db table

url,email,reason,dat

so only whitelisted sites can submit downloads.

im looking for some way to check the submitting sites email is same as the email address in my database. if not then no link are submitted.

my submit.php

    public function doSubmit() {
        if(!empty($_POST)) {
        $titles = $_POST['title'];
        $urls = $_POST['url'];
        $types = $_POST['type'];
        $sname = $_POST['sname'];
        $surl = $_POST['surl'];
        $email = $_POST['email'];
            if(empty($titles[0]) || empty($urls[0]) || empty($types[0]) || empty($sname) || empty($surl) || empty($email)) {
                $this->error = 'Error: Some fields were not set, please check you filled in all details.';
            } else {
                $surl = $this->purl(str_replace("www.","",$surl),"host");
                $durl = $this->purl(str_replace("www.","",$urls[0]),"host");
                if($this->blackorwhite == "black" && @mysql_num_rows(mysql_query("SELECT url FROM wcddl_blacklist WHERE url = '".mysql_real_escape_string($surl)."'"))) {
                    $listfail = true;
                    $this->error = 'You have been blacklisted, please email the admin for more information.';
                } elseif($this->blackorwhite == "white" && !@mysql_num_rows(mysql_query("SELECT url,email FROM wcddl_whitelist WHERE url = '".mysql_real_escape_string($surl)."'"))) {
                    $listfail = true;
                    $this->error = 'You must be whitelisted to submit downloads or site details are wrong. Email the admin to be added to the list.';
                }
                if($surl != $durl) {
                    $listfail = true;
                    $this->error .= '<br>Download URL does not match Site URL.';
                }
                $this->processHook("submitChecks");
                if(!isset($listfail)) {
                    $checkSite = mysql_query("SELECT id FROM wcddl_sites WHERE url = '".mysql_real_escape_string($surl)."'");
                    if(@mysql_num_rows($checkSite)) {
                        $checkSite = mysql_result($checkSite,0);
                    } else {
                        $checkSite = false;
                        mysql_query("INSERT INTO wcddl_sites (name,url,email) VALUES ('".mysql_real_escape_string($sname)."','".mysql_real_escape_string($surl)."','".mysql_real_escape_string($email)."')");
                    }
                    $sid = ($checkSite) ? $checkSite : mysql_insert_id();
                    for($i=0;$i<=count($titles)-1;$i++) {
                        if(!$this->allow_dupes) {
                            unset($downDupe);
                            $downDupe = mysql_query("SELECT COUNT(*) FROM wcddl_downloads WHERE url = '".mysql_real_escape_string($urls[$i])."'");
                            $downDupe = mysql_result($down_dupe,0);
                            if($downDupe < 1)
                                unset($downDupe);
                        }
                        if(!empty($titles[$i]) && !empty($urls[$i]) && !empty($types[$i]) && (in_array(strtolower($types[$i]),$this->allowed_types) || in_array($types[$i],$this->allowed_types)) && !isset($downDupe)) {
                            mysql_query("INSERT INTO wcddl_queue (sid,title,type,url) VALUES ('".mysql_real_escape_string($sid)."','".mysql_real_escape_string($titles[$i])."','".mysql_real_escape_string($types[$i])."','".mysql_real_escape_string($urls[$i])."')");
                        }
                    }
                $subSuccess = 'Downloads submitted successfully!';
                }
            }
        }
        $this->processHook("submitEnd");
        return $subSuccess;
    }

 

[jomasaco]

SELECT url, email FROM wcddl_whitelist WHERE url = '".mysql_real_escape_string($surl)."' AND email = '".mysql_real_escape_string($email)."'

email on whitelist i guess shold be an valid contact email not the submit email who are public

if you want to lock the site to use always same email on submittions, first shold advise that to site woners cuz some can change there submittion email.

so after check for whitelist
if(!isset($listfail)) {
!@mysql_num_rows(mysql_query("SELECT url,email FROM wcddl_sites WHERE url = '".mysql_real_escape_string($surl)."' AND email = '".mysql_real_escape_string($email)."'")) {
$listfail = true;
$this->error = 'ERROR: That information does not match our records';
}
}

 

[1LinkDL]

thanks very much mate the top code works good. :D
but your bottum code is what i want to do so all emails get locked. please can you tell me were i need to add this code.

[COLOR=#000000][COLOR=#007700]if(!isset([/COLOR][COLOR=#0000bb]$listfail[/COLOR][COLOR=#007700])) {
[/COLOR][/COLOR][COLOR=#000000][COLOR=#007700]!@[/COLOR][COLOR=#0000bb]mysql_num_rows[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000bb]mysql_query[/COLOR][COLOR=#007700]([/COLOR][COLOR=#dd0000]"SELECT url,email FROM wcddl_sites WHERE url = '"[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000bb]mysql_real_escape_string[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000bb]$surl[/COLOR][COLOR=#007700]).[/COLOR][COLOR=#dd0000]"' [/COLOR][/COLOR][COLOR=#000000][COLOR=#dd0000]AND email = [/COLOR][/COLOR][COLOR=#000000][COLOR=#dd0000]'"[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000bb]mysql_real_escape_string[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000bb]$email[/COLOR][COLOR=#007700]).[/COLOR][COLOR=#dd0000]"'[/COLOR][/COLOR][COLOR=#000000][COLOR=#dd0000]"[/COLOR][COLOR=#007700])) {
[/COLOR][COLOR=#0000bb]$listfail [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000bb]true[/COLOR][COLOR=#007700];
[/COLOR][COLOR=#0000bb]$this[/COLOR][COLOR=#007700]->[/COLOR][COLOR=#0000bb]error [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#dd0000]'ERROR: [/COLOR][/COLOR]That information does not match our records[COLOR=#000000][COLOR=#dd0000]'[/COLOR][COLOR=#007700];
}[/COLOR][/COLOR]
[COLOR=#000000][COLOR=#007700]}[/COLOR][/COLOR]

 

[1LinkDL]

has anybody found why this code has error's please i need relly bad :'(