Jump to content

Set cookies to see if user voted?


pro_se

Recommended Posts

[b]I want to create a cookie and send it to a users machine to see if they voted yet... [i]this is what i have... [/i][/b]
[code]<?
mysql_connect("localhost","root","poop");
mysql_select_db("monkey");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
    echo "<b>You have been counted...</b>";
?>[/code]

[u]is there any way to incorp. a cookie system into that?[/u]
Link to comment
Share on other sites

wow... it looks like its going to work but it does not... i must be doing somthing wrong... here is my code... [code]<?php session_start();
$_SESSION['voted'] = "yes";

if ($_SESSION == "yes") {
  echo("<b>You Have voted already!</b>");
} else {
  mysql_connect("localhost","poop","bogus");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
echo("<b>Vote counted!</b>");
}?>[/code]
Link to comment
Share on other sites

[quote author=brown2005 link=topic=100964.msg399112#msg399112 date=1153208531]
shouldnt ur code be that...

<?php
session_start();
$_SESSION['voted'] = "yes";

if ([b]$[/b]$_SESSION['voted'] == "yes") {
  // don't allow the user to vote.
} else {
  // allow to vote
}
?>
[/quote]

$_SESSION only 1 $.

Hmm.. The scripts look alright.
The user still could vote ?

Btw.. Set the session after the person voted.

[code]<?php
session_start();
if ($_SESSION == "yes") {
  echo("<b>You Have voted already!</b>");
} else {
  mysql_connect("localhost","poop","bogus");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
        $_SESSION['voted'] = "yes";
echo("<b>Vote counted!</b>");
}
?>[/code]
Link to comment
Share on other sites

But sessions is no good solution... If the user closes the browser and reopens it, he has a new session id.
There's no 100% solution. The best solution is by [b]combining[/b]. Get both the user's IP (and enter it to a table/txt-file), send him a cookie and start a session. Then when you check, check the IP wasnt already used, the user doesnt have a cookie, and that he doesnt have a session.
Over course there's no problem breaching this defense, but I cant see a better solution.

Orio.
Link to comment
Share on other sites

i cant think of what to use for the ip thing though... i already have it inserting the ip: [code]<?php
//insert into the database...
$id = $_GET["id"];
mysql_connect("localhost","root","poop");
mysql_select_db("hizzr");
$result = mysql_query("INSERT INTO vote_security VALUES ('$REMOTE_ADDR','$id')");
//see if it matches somthing in the database?
if (ip exists) {
shoot the person}
else { vote}
?>[/code]
but how to validate? iono...
Link to comment
Share on other sites

To validate, do this:

[code]<?php
//let's say $ip holds the user's ip
$sql="SELECT * FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=0){
die("Error- You can only vote once!");
}
?>[/code]

Basicly, search if there's such an IP in the db. If so, "shoot the user".

Orio.
Link to comment
Share on other sites

the thing with IP addresses is that many users, like anyone with AOL, have a new IP address assigned each time they go online - sometimes, it changes every time they click a new link.  The only REAL solution is to make a user log into your site before they vote.  Then you can track who has voted and who hastn't.

(of course, the user may have more then one user account, but this is still more efficent then the other methods)
since the log in makes a voting poll a bit cumbersome - in the end, really, I guess all you can do is remind users that this is not a scientific pole and the results may not accuratly portray your demographics true opinions.
Link to comment
Share on other sites

[quote author=Orio link=topic=100964.msg399152#msg399152 date=1153221949]
To validate, do this:

[code]<?php
//let's say $ip holds the user's ip
$sql="SELECT * FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=0){
die("Error- You can only vote once!");
}
?>[/code]

Basicly, search if there's such an IP in the db. If so, "shoot the user".

Orio.
[/quote]

dude... i tried it... it does not work... this is how i put it in...
[code]<?php
mysql_connect("localhost","root","poopy");
$ip = $REMOTE_ADDR;
$sql="SELECT ip FROM vote_security WHERE IP='$ip'";
if(mysql_num_rows(mysql_query($sql))!=$ip)
{
die("Error- You can only vote once!");
} else { mysql_connect("localhost","root","i am n00b");
mysql_select_db("hizzr");
  $id = $_GET["id"];
$sql = "UPDATE links SET total_votes = total_votes + 1 WHERE id='$id'";
$result = mysql_query($sql);
echo("<b>Vote counted!</b>"); }
?>[/code]
Link to comment
Share on other sites

1) You need to connect the db (and selecting one) before exacuting the query.


2) This:
$sql="SELECT ip FROM vote_security WHERE IP='$ip'";
Once you call the column "ip" and once "IP". It's case sensative. So call it by it's case sensative name.

Orio.

PS: @Mods- Sorry for double posting, but when I trie to edit my post I had problems.
Link to comment
Share on other sites

it still does not work... all it does is says it 'Error- You can only vote once!'... it does not enter it but even if the ip was not in the table it still says that... i am gonna try the cookies and go on the honor system....
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.