Jump to content

PHP Poll - unable to insert or update database

fuuumanchu

By fuuumanchu
in Third Party Scripts

Recommended Posts

fuuumanchu Newbie

fuuumanchu

Posted
Posted

I'm somewhat a newbie in php & mysql.  This one has me stumped. I've modified the poll below to conform to my database but I can't for the life of me figure out why this is not updating it or inserting as it should.  Note that I use dreamweaver but for this php page I removed the "GetValueString" function which prevents sql injection attacks. Please, please help.  I'm I missing something? Also note that I removed the recordsets from here. Thanks!

 

<?php require_once('Connections/connQuery.php'); ?>
<?php


$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
  
}


// function to examine and secure mysql input
function escape_data ($data) {
        global $dbc;
	$data = htmlentities($data);
        if (ini_get('magic_quotes_gpc')) {
            $data = stripslashes($data);
            }
        return mysql_real_escape_string(trim($data),$dbc);
        }										 






// when poll is submitted:
if ((isset($_POST['choice'])) && ($_POST['choice'] == 'form')) {
// set check point variables: (see if user has taken poll before) 
// each IP is allowed to take the test twice, in case two members of a household
// want to vote separately - all data is verified to protect against SQL injection 
// attack



$chart = mysql_fetch_array($rsDisplaygumor,MYSQL_ASSOC);
$rsDisplayGumor = escape_data($_POST['poll_name']);
$ip = escape_data($_POST['ip']);
$match_ip = escape_data($_POST['match_ip']);//new ip value
$field = escape_data($_POST['choice']);
// create new mysql queries
$check = mysql_query("SELECT * FROM poll_ip WHERE poll_ip.ip='$ip' AND post_id = $colname4_rsDisplayGumor");//query poll_ip fields
$poll_ip = "INSERT INTO poll_ip VALUES ('','$ip',1)";//insert user's ip
$up_poll_ip = "UPDATE poll_ip SET ip_inc=ip_inc+1";//update number of uses
$poll_update = "UPDATE post_table SET $field=$field+1 WHERE poll_ip.ip='$ip' AND post_id = $colname6_rsDisplayGumor";




// update poll for selected choice
// see if this IP address has already taken the poll, update if not
// change $ip_reg ==  to 2, 3, 4.. if you want to adjust multiple voting
$checkquery = mysql_fetch_array($check, MYSQL_ASSOC);
$ip_reg = $checkquery['ip_inc'];
if (isset($checkquery['ip'])) {
    	if ($ip_reg == 1) {
        $update_ip = mysql_query($up_poll_ip);
        $update_poll = mysql_query($poll_update);
        } else {
        // alert if poll has already been taken twice at this IP
    	echo "<p>$alert</p>";
        }
	} else {
	$update_ip = mysql_query($poll_ip);
        $update_poll = mysql_query($poll_update);
	} 

  mysql_select_db($database_connQuery, $connQuery);
  $Result1 = mysql_query($field, $poll_update, $connQuery) or die(mysql_error());

}
?>


//process the form



<form action="<?php echo $editFormAction; ?>" method= "POST" name="form" id="poll-form"> 

<p>
  <input type='radio' name='choice' value='choice1' id='choice1' /><label for='choice1'>True</label>
  <input type='hidden' name='poll_name' id= 'poll_name' value='$chart' />
  <input type='hidden' name='ip' value='$ip_match' />
  <br />
<input type='radio' name='choice' value='choice2' id='choice2' /><label for='choice2'>False</label>
</p>

<p>
<input type='submit' value='Vote' class='button' /><br />
</p>

</form>
<div id='poll_footer'>


<?php
mysql_free_result($match_ip);

mysql_free_result($rsDisplayGumor);
?>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.