Jump to content

Set cookies to see if user voted?

pro_se

By pro_se
in PHP Coding Help

Recommended Posts

pro_se Member

pro_se

Posted
Posted
[b]I want to create a cookie and send it to a users machine to see if they voted yet... [i]this is what i have... [/i][/b]
[code]<?
mysql_connect("localhost","root","poop");
mysql_select_db("monkey");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
    echo "<b>You have been counted...</b>";
?>[/code]

[u]is there any way to incorp. a cookie system into that?[/u]
Link to comment
https://forums.phpfreaks.com/topic/14920-set-cookies-to-see-if-user-voted/
Share on other sites
pro_se Member

pro_se

Posted
  • Author
Posted
wow... it looks like its going to work but it does not... i must be doing somthing wrong... here is my code... [code]<?php session_start();
$_SESSION['voted'] = "yes";

if ($_SESSION == "yes") {
  echo("<b>You Have voted already!</b>");
} else {
  mysql_connect("localhost","poop","bogus");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
echo("<b>Vote counted!</b>");
}?>[/code]
hackerkts Member

hackerkts

Posted
Posted
[quote author=brown2005 link=topic=100964.msg399112#msg399112 date=1153208531]
shouldnt ur code be that...

<?php
session_start();
$_SESSION['voted'] = "yes";

if ([b]$[/b]$_SESSION['voted'] == "yes") {
  // don't allow the user to vote.
} else {
  // allow to vote
}
?>
[/quote]

$_SESSION only 1 $.

Hmm.. The scripts look alright.
The user still could vote ?

Btw.. Set the session after the person voted.

[code]<?php
session_start();
if ($_SESSION == "yes") {
  echo("<b>You Have voted already!</b>");
} else {
  mysql_connect("localhost","poop","bogus");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
        $_SESSION['voted'] = "yes";
echo("<b>Vote counted!</b>");
}
?>[/code]
Orio Member

Orio

Posted
Posted
But sessions is no good solution... If the user closes the browser and reopens it, he has a new session id.
There's no 100% solution. The best solution is by [b]combining[/b]. Get both the user's IP (and enter it to a table/txt-file), send him a cookie and start a session. Then when you check, check the IP wasnt already used, the user doesnt have a cookie, and that he doesnt have a session.
Over course there's no problem breaching this defense, but I cant see a better solution.

Orio.
pro_se Member

pro_se

Posted
  • Author
Posted
i cant think of what to use for the ip thing though... i already have it inserting the ip: [code]<?php
//insert into the database...
$id = $_GET["id"];
mysql_connect("localhost","root","poop");
mysql_select_db("hizzr");
$result = mysql_query("INSERT INTO vote_security VALUES ('$REMOTE_ADDR','$id')");
//see if it matches somthing in the database?
if (ip exists) {
shoot the person}
else { vote}
?>[/code]
but how to validate? iono...
Orio Member

Orio

Posted
Posted
To validate, do this:

[code]<?php
//let's say $ip holds the user's ip
$sql="SELECT * FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=0){
die("Error- You can only vote once!");
}
?>[/code]

Basicly, search if there's such an IP in the db. If so, "shoot the user".

Orio.
micah1701 Member

micah1701

Posted
Posted
the thing with IP addresses is that many users, like anyone with AOL, have a new IP address assigned each time they go online - sometimes, it changes every time they click a new link.  The only REAL solution is to make a user log into your site before they vote.  Then you can track who has voted and who hastn't.

(of course, the user may have more then one user account, but this is still more efficent then the other methods)
since the log in makes a voting poll a bit cumbersome - in the end, really, I guess all you can do is remind users that this is not a scientific pole and the results may not accuratly portray your demographics true opinions.
pro_se Member

pro_se

Posted
  • Author
Posted
[quote author=Orio link=topic=100964.msg399152#msg399152 date=1153221949]
To validate, do this:

[code]<?php
//let's say $ip holds the user's ip
$sql="SELECT * FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=0){
die("Error- You can only vote once!");
}
?>[/code]

Basicly, search if there's such an IP in the db. If so, "shoot the user".

Orio.
[/quote]

dude... i tried it... it does not work... this is how i put it in...
[code]<?php
mysql_connect("localhost","root","poopy");
$ip = $REMOTE_ADDR;
$sql="SELECT ip FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=$ip)
{
die("Error- You can only vote once!");
} else { mysql_connect("localhost","root","i am n00b");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
echo("<b>Vote counted!</b>"); }
?>[/code]
Orio Member

Orio

Posted
Posted
1) You need to connect the db (and selecting one) before exacuting the query.


2) This:
$sql="SELECT ip FROM vote_security WHERE IP='$ip'";
Once you call the column "ip" and once "IP". It's case sensative. So call it by it's case sensative name.

Orio.

PS: @Mods- Sorry for double posting, but when I trie to edit my post I had problems.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.