GamerGun Posted January 27, 2009 Share Posted January 27, 2009 Hello all, I'm suffering from a problem with my voting system and i'm unable to find out what is going on. Files affected: index2.php pre_rate_game.php rating.php index2.php is being used to play a game. Also the option to rate and such are included here. <?php session_start(); ?> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <base href="http://www.gamergun.nl" /> <!-- 10eeb0a7337dc8db46881b3e2d4fb620mochiads.com --> <?php include("parse.php"); ?> <?php include("header.php"); ?> <script type="text/javascript">//<![CDATA[ function checkAgeCheckBox(f){ var dob=new Date(); var date=dob.getDate(); var month=dob.getMonth() + 1; var year=dob.getFullYear(); var cmbmonth=parseInt(document.getElementById("cmbmonth").options[document.getElementById("cmbmonth").selectedIndex].value); var cmbday=parseInt(document.getElementById("cmbday").options[document.getElementById("cmbday").selectedIndex].value); var cmbyear=parseInt(document.getElementById("cmbyear").options[document.getElementById("cmbyear").selectedIndex].value); age=year-cmbyear; if(cmbmonth>month){age--;} else{if(cmbmonth==month && cmbday>=date){age--;}} if(cmbmonth==0){alert("Je moet wel je geboortemaand opgeven.");return false;} else if(cmbday==0){alert("Je moet wel je geboortedag opgeven.");return false;} else if(cmbyear==2008){alert("Je moet wel je geboortejaar opgeven.");return false;} else if(age<18){alert("Je bent onder de 18 jaar en mag geen gebruik maken van deze adult games!");location.replace("http://www.gamergun.nl/");return false;} else if(!document.getElementById("agree").checked){alert('Je moet wel instemmen met de voorwaarden.');return false;} else{return true;} } //]]></script> </head> <body> <a name="top"></a> <table width="892" cellpadding="0" cellspacing="0" align="center" class="text"> <tr><td> <div id="container"> <!--[if lte IE 7]> <link rel="stylesheet" type="text/css" href="ie_style.css" media="screen" /> <![endif]--> <!--Thumbnails--> <div id="thumbblok"></div> <script type="text/javascript" src="js/thumbs.js"></script> <script language="JavaScript" src="w4ftell.js" type="text/javascript"></script> <!--End Thumbnails--> <?php include("menu.php"); ?> <div id="box_random"> <?php ///////////////////////////////// Random Games //////////////////////////////////// // random blok $mode = "two_random"; // opbouw manier van random include('pre_list_random.php'); ?> </div> <?php function curPageURL() { $pageURL = 'http'; if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";} $pageURL .= "://"; if ($_SERVER["SERVER_PORT"] != "80") { $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; } else { $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; } return $pageURL; } ?> <?php $URL = curPageURL(); $parsedURL = parse_url ($URL); $splitPath = preg_split ('/\//', $parsedURL['path'], 0, PREG_SPLIT_NO_EMPTY); $test = $splitPath[1]; ?> <div id="content"> <div id="games"> <div style="text-align:center" /><?php ///////////////////////////////// Spelletjes spelen //////////////////////////////////////////////// if(!empty($_GET['game'])){ include("preloader.php"); $game = $test; $query="SELECT * from games WHERE id='" .$game . "'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $title = $rij->title; $descr = $rij->descr; $tagging = $rij->tagging; $page = $rij->page; $cid = $rij->cid; $age= $_GET['yes']; if($_SESSION['id'] == 1){ $age = "0"; } if($age == "0"){ session_register('id'); $_SESSION['id'] = "1"; $query="SELECT gamex, gamey from settings WHERE sid='1'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $gamex = $rij->gamex; $gamey = $rij->gamey; // records times played include("pre_update_clicks.php"); echo("<h2>$title</h2>"); echo("Omschrijving: " .$descr); ?> <p align="center"> <?php include("flash.php"); ?> <br /> <a href="javascript:newWindow('sendpage.php?'+document.location.href,'tell',500,400,'')">Breng iemand op de hoogte van dit spelletje!</a> - <a href="javascript:newWindow('pre_send_mail_broken.php?'+document.location.href,'tell',500,450,'')">Werkt dit spel niet? Laat ons het weten!</a><br /> <?php echo("</p>"); include("pre_rate_game.php"); include("footer.php"); }else{ if($cid == "116"){include('TGD_ageVer.php');}else{ $query="SELECT gamex, gamey from settings WHERE sid='1'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $gamex = $rij->gamex; $gamey = $rij->gamey; // records times played include("pre_update_clicks.php"); echo("<h2>$title</h2>"); echo("Description: " .$descr); ?> <p align="center"><script type="text/javascript" src="http://www.ads4free.nl/show_banner.php?user=gamergun&size=4"></script> <?php include("flash.php"); ?> <br /> <a href="javascript:newWindow('sendpage.php?'+document.location.href,'tell',500,400,'')">Notify someone about this game!</a> - <a href="javascript:newWindow('pre_send_mail_broken.php?'+document.location.href,'tell',500,450,'')">Game not working? Tell us now!</a><br /> <?php echo("</p>"); include("pre_rate_game.php"); include("footer.php"); } } } ///////////////////////////////// Einde spelletjes spelen ////////////////////////////////////////// ?> </div> </div> </div> </td></tr></table> </body> </html> pre_rate_game.php is the form to vote and which sends the information <?php include("header.php"); ?> <?php $query = mysql_query("SELECT votes, score, clicks, tagging FROM games WHERE id='$game' ")or die(" Error: ".mysql_error()); $numbers = mysql_fetch_assoc($query); $count = $numbers['votes']; $score = $numbers['score']; $real_ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if($score != 0){ $avg = $score/$count; } else { $avg = 0; } if($count == 1){ $votes = "vote"; } else { $votes = "votes"; } echo("Times played: ".$numbers['clicks']." - Score: <b>". round($avg,1) . " / 10 </b>(".$count. " ".$votes.")"); $voted=mysql_num_rows(mysql_query("SELECT used_ips FROM games WHERE used_ips LIKE '%".$real_ip."%' AND id='".$game."' ")); if(!$voted) { //if the user hasn't yet voted, then vote normally... ?> <form method="post" action="rating.php"> <input type="hidden" name="ip" value="<?php echo($real_ip);?>" /> <input type="hidden" name="id" value="<?php echo($game); ?>" /> <label for="cijfer">Rate:</label> <select name="vote" id="vote"> <?php for ($i = 10; $i >= 1; $i--){ echo '<option>'.$i.'</option>'.PHP_EOL; } ?> </select> <input type="submit" value="Vote!" /> </form> <?php } else { echo(" <font color=#387C44>Thank you for voting!</font><br /><br />"); } // tags voor zoek verbetering echo("<b>Tags:</b> ".$tagging.""); ?> rating.php is to transfer the information into the db and reloads the index2.php page with the updated rating. <?php header("Cache-Control: no-cache"); header("Pragma: nocache"); require('connect/connect-db.php'); // get the db connection info //getting the values $vote_sent = mysql_real_escape_string($_POST['vote']); $id_sent = mysql_real_escape_string($_POST['id']); $ip_sent = mysql_real_escape_string($_POST['ip']); //connecting to the database to get some information $query = mysql_query("SELECT votes, score, used_ips FROM games WHERE id='$id_sent' ")or die(" Error: ".mysql_error()); $numbers = mysql_fetch_assoc($query); $checkIP = unserialize($numbers['used_ips']); $count = $numbers['votes']; //how many votes total $current_rating = $numbers['score']; //total number of rating added together and stored $sum = $vote_sent+$current_rating; // add together the current vote value and the total vote value $tense = ($count==1) ? "stem" : "stemmen"; //plural form votes/vote // checking to see if the first vote has been tallied // or increment the current number of votes ($sum==0 ? $added=0 : $added=$count+1); // if it is an array i.e. already has entries the push in another value ((is_array($checkIP)) ? array_push($checkIP,$ip_sent) : $checkIP=array($ip_sent)); $insertip=serialize($checkIP); //IP check when voting $voted=mysql_num_rows(mysql_query("SELECT used_ips FROM games WHERE used_ips LIKE '%".$ip_sent."%' AND id='".$id_sent."' ")); if(!$voted) { //if the user hasn't yet voted, then vote normally... if ($vote_sent >= 1 && $vote_sent < 11) { // keep votes within range $update = "UPDATE games SET votes='".$added."', score='".$sum."', used_ips='".$insertip."' WHERE id='$id_sent'"; $result = mysql_query($update) or die(" Error: ".mysql_error()); } #echo("<meta http-equiv=\"refresh\" content=\"0;URL=http://gamergun.nl/game/$id_sent/.html\" />"); echo $id_sent; exit; } else { #echo("<meta http-equiv=\"refresh\" content=\"0;URL=http://gamergun.nl/game/$id_sent/.html\" />"); echo $id_sent; } ?> To make a long story short, $id_sent is empty. As you can see it starts with $test = $splitPath[1]; in index2.php This transforms into $game = $test; After that, it goes to pre_rate_game.php In that one, it's being used as <input type="hidden" name="id" value="<?php echo($game); ?>" /> Till there it looks like that it is working. Just when doing the final step, the problem occurs. $id_sent = mysql_real_escape_string($_POST['id']); that is. Any idea why the data is not being send or where it can go wrong? I've been playing with it for hours now and i just can't find out what is going wrong. Thanks in advance. Pz -T Quote Link to comment Share on other sites More sharing options...
gevans Posted January 27, 2009 Share Posted January 27, 2009 Look back at pre_rate_game.php Where does $game come from? Is it set in header.php, maybe you've doen something naughty and have registered globals on, but this would be a good starting point. Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 Look back at pre_rate_game.php Where does $game come from? Is it set in header.php, maybe you've doen something naughty and have registered globals on, but this would be a good starting point. No, it's not in the header, but pre_rate_game.php is a part of index2.php e.g. being included. Should that not be enough? When i echo $game in that file i get the correct output. Quote Link to comment Share on other sites More sharing options...
gevans Posted January 27, 2009 Share Posted January 27, 2009 My appologies, Ok when the page with the form is loaded hit view source and see if id is set correctly in the form? Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 Yep, it does <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>GamerGun - Play Games For Free - Free Flash Games</title> <meta name="Keywords" content="" /> <meta name="Play games for free" content="" /> <link href="index.css" rel="stylesheet" type="text/css" /> Times played: 55 - Score: <b>0 / 10 </b>(0 votes) <form method="post" action="rating.php"> <input type="hidden" name="ip" value="194.171.252.100" /> <input type="hidden" name="id" value="2952" /> <label for="cijfer">Rate:</label> <select name="vote" id="vote"> <option>10</option> <option>9</option> <option>8</option> <option>7</option> <option>6</option> <option>5</option> <option>4</option> <option>3</option> <option>2</option> <option>1</option> Thanks for helping me out Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 try putting print_r($_POST); at the top of ur pages, then use the source viewer to look at the results. Quote Link to comment Share on other sites More sharing options...
gevans Posted January 27, 2009 Share Posted January 27, 2009 Before this line; $id_sent = mysql_real_escape_string($_POST['id']); put; echo '<pre>';var_dump($_POST);echo '</pre>'; Copy and pasted the extra stuff that gets posted. Also $id_sent should be a variable so you can do this to be secure; $id_sent = (int) $_POST['id']; Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 try putting print_r($_POST); at the top of ur pages, then use the source viewer to look at the results. All are just outputting Array ( ) Before this line; $id_sent = mysql_real_escape_string($_POST['id']); put; echo '<pre>';var_dump($_POST);echo '</pre>'; Copy and pasted the extra stuff that gets posted. Also $id_sent should be a variable so you can do this to be secure; $id_sent = (int) $_POST['id']; This gives me: array(0) { } 0 echo '<pre>';var_dump($_POST);echo '</pre>'; $id_sent = (int) $_POST['id']; #$id_sent = mysql_real_escape_string($_POST['id']); Thanks Pz -T Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 There is something ouve missed or not told us, The page is not recieving any post information. at all. as if your not submitting the form to that page. make a normal html document, put the action to the URL of the buggy script, post any data with the var dump or print r at the top of your page. you should. Apart from; $_POST var being reset, accidentally posting URL arguments ($_GET); Old version of PHP (other scripts wouldnt work). there shud be no possible explanation why there is no post data. the other pages accept post data fine. Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 There is something ouve missed or not told us, The page is not recieving any post information. at all. as if your not submitting the form to that page. Yes, looks like rating.php is not getting anything. Just tested $vote_sent and such too, all empty. make a normal html document, put the action to the URL of the buggy script, post any data with the var dump or print r at the top of your page. you should. Sorry i don't get what you mean. A new html document, instead of rating.php or a new combination of both pre_rate_game.php and rating.php? Apart from; $_POST var being reset, accidentally posting URL arguments ($_GET); How can i check this? Old version of PHP (other scripts wouldnt work). I'm using PHP version 5.1 or 5.2 so that should be fine. Got no other problems. there shud be no possible explanation why there is no post data. the other pages accept post data fine. Indeed. Thanks for helping me Quote Link to comment Share on other sites More sharing options...
gevans Posted January 27, 2009 Share Posted January 27, 2009 What version of php are you running? Also try swapping POST for REQUEST Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 gevans, he stated his version. but yes you could try request to see if the data is being accidentall sent threough the URL. via _GET. OR; save this to test.html (change ACTION_HERE to the URL of the buggy script). <form method="post" action="ACTION_HERE"> <input type="text" name="text_input"><br /> <input type="checkbox" value="Check1"><Br /> <input type="submit" value="Submit Form"> </form> view test.html in any browser (does not have to be off server can just double click the file.), and see if it has any post data then. Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 gevans, he stated his version. but yes you could try request to see if the data is being accidentall sent threough the URL. via _GET. OR; save this to test.html (change ACTION_HERE to the URL of the buggy script). <form method="post" action="ACTION_HERE"> <input type="text" name="text_input"><br /> <input type="checkbox" value="Check1"><Br /> <input type="submit" value="Submit Form"> </form> view test.html in any browser (does not have to be off server can just double click the file.), and see if it has any post data then. Thanks. Take a look: http://gamergun.nl/test.html This is giving me output, so perhaps that gives us some more information Quote Link to comment Share on other sites More sharing options...
gevans Posted January 27, 2009 Share Posted January 27, 2009 Yep, it does <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>GamerGun - Play Games For Free - Free Flash Games</title> <meta name="Keywords" content="" /> <meta name="Play games for free" content="" /> <link href="index.css" rel="stylesheet" type="text/css" /> Times played: 55 - Score: <b>0 / 10 </b>(0 votes) <form method="post" action="rating.php"> <input type="hidden" name="ip" value="194.171.252.100" /> <input type="hidden" name="id" value="2952" /> <label for="cijfer">Rate:</label> <select name="vote" id="vote"> <option>10</option> <option>9</option> <option>8</option> <option>7</option> <option>6</option> <option>5</option> <option>4</option> <option>3</option> <option>2</option> <option>1</option> Thanks for helping me out Check your HTML, there's no head tag closing or body tags in this code. Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 Im in the process of figuring this out. btw gevans; head and body is there hes just putting the meta tags/link tags and title in the wrong place. For the form, ill get back to you.... Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 Hmm, it seems i cannot debug any further, your server will not accept POST variables sent from an outside address, so i cant mess around with the form. Basically, put this into test.html: <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <base href="http://www.gamergun.nl" /> <!-- 10eeb0a7337dc8db46881b3e2d4fb620mochiads.com --> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>GamerGun - Play Games For Free - Free Flash Games</title> <meta name="Keywords" content="" /> <meta name="Play games for free" content="" /> <link href="index.css" rel="stylesheet" type="text/css" /><script type="text/javascript">//<![CDATA[ function checkAgeCheckBox(f){ var dob=new Date(); var date=dob.getDate(); var month=dob.getMonth() + 1; var year=dob.getFullYear(); var cmbmonth=parseInt(document.getElementById("cmbmonth").options[document.getElementById("cmbmonth").selectedIndex].value); var cmbday=parseInt(document.getElementById("cmbday").options[document.getElementById("cmbday").selectedIndex].value); var cmbyear=parseInt(document.getElementById("cmbyear").options[document.getElementById("cmbyear").selectedIndex].value); age=year-cmbyear; if(cmbmonth>month){age--;} else{if(cmbmonth==month && cmbday>=date){age--;}} if(cmbmonth==0){alert("Je moet wel je geboortemaand opgeven.");return false;} else if(cmbday==0){alert("Je moet wel je geboortedag opgeven.");return false;} else if(cmbyear==2008){alert("Je moet wel je geboortejaar opgeven.");return false;} else if(age<18){alert("Je bent onder de 18 jaar en mag geen gebruik maken van deze adult games!");location.replace("http://www.gamergun.nl/");return false;} else if(!document.getElementById("agree").checked){alert('Je moet wel instemmen met de voorwaarden.');return false;} else{return true;} } //]]></script> <script src="/mint/?js" type="text/javascript"></script> </head> <body> <a name="top"></a> <table width="892" cellpadding="0" cellspacing="0" align="center" class="text"> <tr><td> <div id="container"> <!--[if lte IE 7]> <link rel="stylesheet" type="text/css" href="ie_style.css" media="screen" /> <![endif]--> <!--Thumbnails--> <div id="thumbblok"></div> <script type="text/javascript" src="js/thumbs.js"></script> <script language="JavaScript" src="w4ftell.js" type="text/javascript"></script> <!--End Thumbnails--> <div id="header"> <h1>GamerGun</h1> <h2>Play games for free</h2> <ul> <li><a href="index.php" accesskey="3" title="">Home</a></li> <li><a href="multiplayerbox.php" accesskey="2" title="multiplayer games">Multiplayer</a></li> <li><a href="index_games.php?games=alle" accesskey="4" title="">All games</a></li> <li><a href="index_cats.php?cat=alle" accesskey="5" title="">Categories</a></li> <li><a href="help.php" accesskey="6" title="">Help</a></li> </ul> </div> <div id="box_random"> <table width="250" border="0" cellpadding="3" cellspacing="0" class="random_text"><tr><td rowspan="2" width="75" valign="top"><a href="game/79/Bug_Patrol.html"><img src="411.png" width="75" height="75" border="0" alt="" /></a></td><td valign="top" width="175" height="10"><a href="game/79/Bug_Patrol.html">Bug Patrol</a></td></tr><tr><td valign="top">Spray down the approaching bugs using your deadly spray before they reach the flowers....</td></tr></table><table width="250" border="0" cellpadding="3" cellspacing="0" class="random_text"><tr><td rowspan="2" width="75" valign="top"><a href="game/2187/Metroid_Elements.html"><img src="1536.png" width="75" height="75" border="0" alt="" /></a></td><td valign="top" width="175" height="10"><a href="game/2187/Metroid_Elements.html">Metroid Elements</a></td></tr><tr><td valign="top">Guide Samus Aran through the dangerous Pyramid and destroy all the Metroids and defeat Ridley....</td></tr></table></div> <div id="content"> <div id="games"> <div style="text-align:center" /> <h2>Snoopy Click</h2>Description: Snoopy Cilck is a game with its intention to test your memory capability. <p align="center"><script type="text/javascript" src="http://www.ads4free.nl/show_banner.php?user=gamergun&size=4"></script> <object type="application/x-shockwave-flash" data="games/20529.swf" width="700" height="550"> <param name="movie" value="games/20529.swf" /> <param name="quality" value="high"/> </object> <br /> <a href="javascript:newWindow('sendpage.php?'+document.location.href,'tell',500,400,'')">Notify someone about this game!</a> - <a href="javascript:newWindow('pre_send_mail_broken.php?'+document.location.href,'tell',500,450,'')">Game not working? Tell us now!</a><br /> </p> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>GamerGun - Play Games For Free - Free Flash Games</title> <meta name="Keywords" content="" /> <meta name="Play games for free" content="" /> <link href="index.css" rel="stylesheet" type="text/css" />Times played: 10 - Score: <b>0 / 10 </b>(0 votes) <form method="post" action="rating.php"> <input type="hidden" name="ip" value="93.97.208.2" /> <input type="hidden" name="id" value="443" /> <label for="cijfer">Rate:</label> <select name="vote" id="vote"> <option>10</option> <option>9</option> <option>8</option> <option>7</option> <option>6</option> <option>5</option> <option>4</option> <option>3</option> <option>2</option> <option>1</option> </select> <input type="submit" value="Vote!" /> </form> <b>Tags:</b> <div id="footer_ads"> <table class="footerding" align="center"> <tr><td width="250"><b>Steun GamerGun</b><br /> Steun GamerGun.nl door op <a href="http://www.gamergun.nl/out.php?id=17" target="_blank">deze link</a> te klikken.<br /> Hiermee komen wij hoger in de GameTop. Bedankt!</td> <td width="50">|<br />|<br />|<br />|</td> <td width="500" align="center"> <p><a href="http://www.gamergun.nl/out.php?id=17" target="_blank"><img src="http://www.gamergun.nl/images/gametop_banner_xxx.gif" border="0" style="border-color: #000000" width="468" height="60" alt="Kom jij met mij spelen Gametop" title="Kom jij met mij spelen Gametop" /></a></p></td></tr> </table></div> <div id="footer"> <div class="topimage"><a href="#top"><img src="images/top.jpg" alt="Go to top" border="0" /></a></div> <p style="text-align: center"> <br />Copyright (c) 2009 GamerGun - Play Games For Free - Free Flash Games. All Rights Reserved.<br /> <a href="index.php" accesskey="8" title="">Home</a> | <a href="help.php" accesskey="8" title="">Help</a> | <a href="advertise.php" accesskey="8" title="">Advertise</a> | <a href="linktous.php" accesskey="8" title="">Link to GamerGun</a> | <a href="terms.php" accesskey="8" title="">Terms</a> | <a href="newsletter.php" accesskey="8" title="">Newsletter</a> | <a href="mail.php" accesskey="8" title="">Contact</a><br /> Page loaded in 0.019 seconds </p></div> </div> </div> </div> </td></tr></table> </body> </html> Then, keep trying to post data from it, start with just leaving the form tags and the form elements, if that works then you know its something on the page; and you can start putting bits back in line b line until you find whats causing it. the fact that the small test.html works shows that there is something wrong with the way its posting data, maybe a server restriction bug (never seen this restriction b4), or just something in your html markup is messing up the form - you need to find out what it is. Good Luck. Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 Thanks for your explanation. I'm trying the test file, but that one is giving the same problem: array(0) { } I'm a bit confused in here also because the small test file is working fine like you said ... Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 yes exactly, the small test file works, this 1 doesn't. So, there is something on that page stopping it from working, keep taking bits out around the form until it works, or until your left with the form, i which case ill be here 2 moro helpin u out again lol. Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 To start, get rid of everthing above the beginning <form tag. save, and test it. if it works, u know its something to do with that part u got rid of. CTRL Z and start halfing that til u find the culprit. Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 I found the problem! After i removed <base href="http://www.gamergun.nl" />, it is working fine. Now you'd ask, why are you using that base href? Well, im having some rewrite rules: Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ http://%1/$1 [R=301,L] RewriteRule ^([^/]*)\.(jpg|gif|png)$ thumbnails/$1.$2 RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?gamergun.nl/.*$ [NC] RewriteRule .*\.(swf)$ http://www.gamergun.nl [R,NC] RewriteRule ^game/([^/]*)/([^/]*)\.html$ /index2.php?game=$1&name=$2 [L] Without it, images don't load and such. Let me test it on the live version. Quote Link to comment Share on other sites More sharing options...
uniflare Posted January 27, 2009 Share Posted January 27, 2009 There you go, at least you found the problem, and you've learned a little debugging technique at the same time . Now you just have to find out why base ref affected form data, or find a way around using it. unfortunately i never got into mod_rewrite but im sure there are plenty of rewrite experts on here! Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 See what i mean; http://gamergun.nl/game/2962/Math_Lines.html But now the VOTE button is giving a 404. The error log says: [error] [client 194.171.252.100] File does not exist: /home/mqxfaokl/domains/gamergun.nl/public_html/game, referer: http://gamergun.nl/game/2962/Math_Lines.html After "game" there should be a / and the ID, which is not the case. rating.php echo("<meta http-equiv=\"refresh\" content=\"0;URL=http://gamergun.nl/game/$id_sent/.html\" />"); exit; } else { echo("<meta http-equiv=\"refresh\" content=\"0;URL=http://gamergun.nl/game/$id_sent/.html\" />"); } Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 27, 2009 Author Share Posted January 27, 2009 Okay, changed some things, but still having the problem that it is not submitting stuff. See for yourself: http://gamergun.nl/game/529/Bullseye.html index2.php <?php session_start(); ?> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <!-- 10eeb0a7337dc8db46881b3e2d4fb620mochiads.com --> <?php include("parse.php"); ?> <?php include("header.php"); ?> <script type="text/javascript">//<![CDATA[ function checkAgeCheckBox(f){ var dob=new Date(); var date=dob.getDate(); var month=dob.getMonth() + 1; var year=dob.getFullYear(); var cmbmonth=parseInt(document.getElementById("cmbmonth").options[document.getElementById("cmbmonth").selectedIndex].value); var cmbday=parseInt(document.getElementById("cmbday").options[document.getElementById("cmbday").selectedIndex].value); var cmbyear=parseInt(document.getElementById("cmbyear").options[document.getElementById("cmbyear").selectedIndex].value); age=year-cmbyear; if(cmbmonth>month){age--;} else{if(cmbmonth==month && cmbday>=date){age--;}} if(cmbmonth==0){alert("Je moet wel je geboortemaand opgeven.");return false;} else if(cmbday==0){alert("Je moet wel je geboortedag opgeven.");return false;} else if(cmbyear==2008){alert("Je moet wel je geboortejaar opgeven.");return false;} else if(age<18){alert("Je bent onder de 18 jaar en mag geen gebruik maken van deze adult games!");location.replace("http://www.gamergun.nl/");return false;} else if(!document.getElementById("agree").checked){alert('Je moet wel instemmen met de voorwaarden.');return false;} else{return true;} } //]]></script> </head> <body> <a name="top"></a> <table width="892" cellpadding="0" cellspacing="0" align="center" class="text"> <tr><td> <div id="container"> <!--[if lte IE 7]> <link rel="stylesheet" type="text/css" href="http://www.gamergun.nl/ie_style.css" media="screen" /> <![endif]--> <!--Thumbnails--> <div id="thumbblok"></div> <script type="text/javascript" src="http://www.gamergun.nl/js/thumbs.js"></script> <script language="JavaScript" src="http://www.gamergun.nl/w4ftell.js" type="text/javascript"></script> <!--End Thumbnails--> <?php include("menu.php"); ?> <div id="box_random"> <?php ///////////////////////////////// Random Games //////////////////////////////////// // random blok $mode = "two_random"; // opbouw manier van random include('pre_list_random.php'); ?> </div> <div id="content"> <div id="games"> <div style="text-align:center" /><?php ///////////////////////////////// Spelletjes spelen //////////////////////////////////////////////// if(!empty($_GET['game'])){ include("preloader.php"); $game = mysql_real_escape_string($_GET['game']); $query="SELECT * from games WHERE id='" .$game . "'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $title = $rij->title; $descr = $rij->descr; $tagging = $rij->tagging; $page = $rij->page; $cid = $rij->cid; $age= $_GET['yes']; if($_SESSION['id'] == 1){ $age = "0"; } if($age == "0"){ session_register('id'); $_SESSION['id'] = "1"; $query="SELECT gamex, gamey from settings WHERE sid='1'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $gamex = $rij->gamex; $gamey = $rij->gamey; // records times played include("pre_update_clicks.php"); echo("<h2>$title</h2>"); echo("Omschrijving: " .$descr); ?> <p align="center"> <?php include("flash.php"); ?> <br /> <a href="javascript:newWindow('http://www.gamergun.nl/sendpage.php?'+document.location.href,'tell',500,400,'')">Breng iemand op de hoogte van dit spelletje!</a> - <a href="javascript:newWindow('http://www.gamergun.nl/pre_send_mail_broken.php?'+document.location.href,'tell',500,450,'')">Werkt dit spel niet? Laat ons het weten!</a><br /> <?php echo("</p>"); include("pre_rate_game.php"); include("footer.php"); }else{ if($cid == "116"){include('TGD_ageVer.php');}else{ $query="SELECT gamex, gamey from settings WHERE sid='1'"; $result = mysql_query($query) or die ("ERROR: " . mysql_error()); $rij = mysql_fetch_object($result); $gamex = $rij->gamex; $gamey = $rij->gamey; // records times played include("pre_update_clicks.php"); echo("<h2>$title</h2>"); echo("Description: " .$descr); ?> <p align="center"><script type="text/javascript" src="http://www.ads4free.nl/show_banner.php?user=gamergun&size=4"></script> <?php include("flash.php"); ?> <br /> <a href="javascript:newWindow('http://www.gamergun.nl/sendpage.php?'+document.location.href,'tell',500,400,'')">Notify someone about this game!</a> - <a href="javascript:newWindow('http://www.gamergun.nl/pre_send_mail_broken.php?'+document.location.href,'tell',500,450,'')">Game not working? Tell us now!</a><br /> <?php echo("</p>"); include("pre_rate_game.php"); include("footer.php"); } } } ///////////////////////////////// Einde spelletjes spelen ////////////////////////////////////////// ?> </div> </div> </div> </td></tr></table> </body> </html> pre_rate_game.php <?php $query = mysql_query("SELECT votes, score, clicks, tagging FROM games WHERE id='$game' ")or die(" Error: ".mysql_error()); $numbers = mysql_fetch_assoc($query); $count = $numbers['votes']; $score = $numbers['score']; $real_ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if($score != 0){ $avg = $score/$count; } else { $avg = 0; } if($count == 1){ $votes = "vote"; } else { $votes = "votes"; } echo("Times played: ".$numbers['clicks']." - Score: <b>". round($avg,1) . " / 10 </b>(".$count. " ".$votes.")"); $voted=mysql_num_rows(mysql_query("SELECT used_ips FROM games WHERE used_ips LIKE '%".$real_ip."%' AND id='".$game."' ")); if(!$voted) { //if the user hasn't yet voted, then vote normally... ?> <form method="post" action="http://www.gamergun.nl/rating.php"> <input type="hidden" name="ip" value="<?php echo($real_ip);?>" /> <input type="hidden" name="id" value="<?php echo($game); ?>" /> <label for="cijfer">Rate:</label> <select name="vote" id="vote"> <?php for ($i = 10; $i >= 1; $i--){ echo '<option>'.$i.'</option>'.PHP_EOL; } ?> </select> <input type="submit" value="Vote!" /> </form> <?php } else { echo(" <font color=#387C44>Thank you for voting!</font><br /><br />"); } ?> rating.php <?php header("Cache-Control: no-cache"); header("Pragma: nocache"); require('connect/connect-db.php'); // get the db connection info //getting the values $vote_sent = mysql_real_escape_string($_POST['vote']); echo '<pre>';var_dump($_POST);echo '</pre>'; $id_sent = mysql_real_escape_string($_POST['id']); $ip_sent = mysql_real_escape_string($_POST['ip']); //connecting to the database to get some information $query = mysql_query("SELECT votes, score, used_ips FROM games WHERE id='$id_sent' ")or die(" Error: ".mysql_error()); $numbers = mysql_fetch_assoc($query); $checkIP = unserialize($numbers['used_ips']); $count = $numbers['votes']; //how many votes total $current_rating = $numbers['score']; //total number of rating added together and stored $sum = $vote_sent+$current_rating; // add together the current vote value and the total vote value $tense = ($count==1) ? "stem" : "stemmen"; //plural form votes/vote // checking to see if the first vote has been tallied // or increment the current number of votes ($sum==0 ? $added=0 : $added=$count+1); // if it is an array i.e. already has entries the push in another value ((is_array($checkIP)) ? array_push($checkIP,$ip_sent) : $checkIP=array($ip_sent)); $insertip=serialize($checkIP); //IP check when voting $voted=mysql_num_rows(mysql_query("SELECT used_ips FROM games WHERE used_ips LIKE '%".$ip_sent."%' AND id='".$id_sent."' ")); if(!$voted) { //if the user hasn't yet voted, then vote normally... if ($vote_sent >= 1 && $vote_sent < 11) { // keep votes within range $update = "UPDATE games SET votes='".$added."', score='".$sum."', used_ips='".$insertip."' WHERE id='$id_sent'"; $result = mysql_query($update) or die(" Error: ".mysql_error()); } echo("<meta http-equiv=\"refresh\" content=\"5;URL=index2.php?game=$id_sent\" />"); exit; } else { echo("<meta http-equiv=\"refresh\" content=\"5;URL=index2.php?game=$id_sent\" />"); } ?> Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 28, 2009 Author Share Posted January 28, 2009 Tried some things but the problem still exists, it's bugging me like hell hehe. Any help is wanted. Thx Pz -T Quote Link to comment Share on other sites More sharing options...
GamerGun Posted January 29, 2009 Author Share Posted January 29, 2009 Fixed it the dirty way. Well.. fixed... more like a work around but it works. Just using GET instead of POST. Dunno why that is working. Not that safe but like anyone is gonna hack a voting system :') Thanks for thinking with me. Pz -T Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.