query("SELECT role FROM users WHERE id = '$user_id'")->fetch_assoc(); if (($check_admin['role'] ?? '') !== 'admin') { die("
ACCESS DENIED. You are not an administrator.
"); } $msg = ""; $error_msg = ""; // 2. Handle Manual IP Ban if (isset($_POST['ban_ip'])) { $ip = trim($_POST['ip']); // Check if already banned $check = $conn->prepare("SELECT id FROM blocked_ips WHERE ip_address = ?"); $check->bind_param("s", $ip); $check->execute(); if ($check->get_result()->num_rows == 0) { $stmt = $conn->prepare("INSERT INTO blocked_ips (ip_address, reason) VALUES (?, 'Manual Admin Ban')"); $stmt->bind_param("s", $ip); if ($stmt->execute()) { $msg = "IP Address $ip has been banned."; } else { $error_msg = "Database Error: " . $conn->error; } } else { $error_msg = "This IP is already banned."; } } // 3. Handle Domain Block if (isset($_POST['block_domain'])) { $domain = trim($_POST['domain']); // Remove http/https/www if pasted $domain = preg_replace('#^https?://#', '', $domain); $domain = preg_replace('#^www\.#', '', $domain); // Check if already blocked $check = $conn->prepare("SELECT id FROM blocked_domains WHERE domain = ?"); $check->bind_param("s", $domain); $check->execute(); if ($check->get_result()->num_rows == 0) { $stmt = $conn->prepare("INSERT INTO blocked_domains (domain, added_by) VALUES (?, 'admin')"); $stmt->bind_param("s", $domain); if ($stmt->execute()) { $msg = "Domain $domain has been blocked."; } else { $error_msg = "Database Error: " . $conn->error; } } else { $error_msg = "This domain is already blocked."; } } ?> Security Control - Admin

Security Control

Ban IP Address

Prevent a specific IP from accessing your links or creating accounts.

Block Domain (Anti-Phishing)

Prevent users from shortening links to this domain (e.g. known malware sites).

Want to see who is banned? Check the database tables blocked_ips and blocked_domains.