Jump to content

Using a cookie instead of a session

Merdok

By Merdok
in PHP Coding Help

 Share

Recommended Posts

Merdok Member

Merdok

Posted
Posted

Hi guys,

 

I've written a poll mod for my CMS but I want it to create a cookie on the users machine to prevent a user from casting multiple votes. So far I've managed to get it working using sessions as follows:

 

if ($updatePoll) { $_SESSION['pollCast'] = 1; } // Creates a session called pollCast

 

However whenever I try to use setcookie() I get a 'headers already sent error' 

 

The code is running inside an include so could this be the problem? I can seperate it out if that is what HAS to be done but i've been trying to keep the smaller modules self contained (ie not have to include code outside of the module folder)

 

The full code for the module is:

<?php 
//Gets the latest poll from the database
$getPoll = mysql_query("SELECT * FROM module_poll WHERE pollStatus = 1 LIMIT 1") or die ('Failed to return poll: '.mysql_error());
$pollArray = mysql_fetch_array($getPoll, MYSQL_BOTH);
extract($pollArray, EXTR_PREFIX_ALL, "dbp");
if ($_POST['vote']) {
if ($_POST['answers']) {
switch ($_POST['answers']) {
	case 1: 
	$incrementPoll = "UPDATE module_poll SET a1result = a1result+1 WHERE pollID = $dbp_pollID";
	break;
	case 2: 
	$incrementPoll = "UPDATE module_poll SET a2result = a2result+1 WHERE pollID = $dbp_pollID";
	break;
	case 3: 
	$incrementPoll = "UPDATE module_poll SET a3result = a3result+1 WHERE pollID = $dbp_pollID";
	break;
	case 4: 
	$incrementPoll = "UPDATE module_poll SET a4result = a4result+1 WHERE pollID = $dbp_pollID";
	break;
	case 5: 
	$incrementPoll = "UPDATE module_poll SET a5result = a5result+1 WHERE pollID = $dbp_pollID";
	break;
	}
$updatePoll = mysql_query($incrementPoll) or die ('Could not update poll results'.(mysql_error()));	
if ($updatePoll) { $_SESSION['pollCast'] = 1; } // Creates a session called pollCast
} else {
$pollMessage = 'You did not choose an answer';
}
}
if ($_SESSION['pollCast'] != 1) {// Checks the users cookies to find out if they have already voted, if they have not yet voted, display the poll
?>
<div id="poll">
<h1> <?php echo $dbp_question; ?> </h1>
<div class="box">
<div class="detail">
<?php if ($dbp_detail) { echo $dbp_detail; } ?>
</div>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" enctype="multipart/form-data" method="post" id="pollForm">
<input type="hidden" name="referringPage" value="<?php echo $_SERVER['REQUEST_URI']; ?>" />
    <div class="radio"><label class="block">
      <input type="radio" name="answers" value="1"/>
      <?php echo $dbp_answer1; ?></label>
    </div>
    <div class="radio">
    <label class="block">
      <input type="radio" name="answers" value="2"/>
      <?php echo $dbp_answer2; ?></label>
    </div>
<?php if ($dbp_answer3) { ?>
    <div class="radio">
    <label class="block">
      <input type="radio" name="answers" value="3"/>
      <?php echo $dbp_answer3; ?></label>
    </div>
<?php } ?>
<?php if ($dbp_answer4) { ?>
    <div class="radio">
    <label class="block">
      <input type="radio" name="answers" value="4"/>
      <?php echo $dbp_answer4; ?></label>
    </div>
<?php } ?><?php if ($dbp_answer5) { ?>
    <div class="radio">
    <label class="block">
      <input type="radio" name="answers" value="5"/>
      <?php echo $dbp_answer5; ?></label>
    </div>
<?php } ?>
<input class="voteButton" name="vote" type="submit" value="vote" />
<?php echo $pollMessage; ?>
</form>
</div>
</div>
<?php } else { 
// If a cookie for this poll already exists on the users machine, show them the results instead of the poll.
// work out how many votes the were in total
$allVotes = array($dbp_a1result, $dbp_a2result, $dbp_a3result, $dbp_a4result, $dbp_a5result);
$totalVotes = array_sum($allVotes);
// Now work out the percentage value of each question
$result1 = ceil($dbp_a1result / $totalVotes * 100);
$result2 = ceil($dbp_a2result / $totalVotes * 100);
if ($dbp_answer3) { $result3 = ceil($dbp_a3result / $totalVotes * 100); }
if ($dbp_answer4) { $result4 = ceil($dbp_a4result / $totalVotes * 100); }
if ($dbp_answer5) { $result5 = ceil($dbp_a5result / $totalVotes * 100); }
?>
<div id="poll">
<h1><?php echo $dbp_question; ?></h1>
<div class="box">
<h2> Results </h2>
<ul id="resultContainer">
   <li class="result"> <?php echo $dbp_answer1 ?>
	<li><div class="resultBar" style="width:<?php if ($result1 == 0) { echo '1px'; } else { echo $result1.'%'; } ?>"><?php echo '<span class="text">' . $result1 . '%</span>' ?></div></li>
  </li>
  
   <li class="result"> <?php echo $dbp_answer2 ?>
	<li><div class="resultBar" style="width:<?php if ($result2 == 0) { echo '1px'; } else { echo $result2.'%'; } ?>"><?php echo '<span class="text">' . $result2 . '%</span>' ?></div></li>
  </li>
  
  <?php if ($dbp_answer3) { ?>
   <li class="result"> <?php echo $dbp_answer3 ?>
	<li><div class="resultBar" style="width:<?php if ($result3 == 0) { echo '1px'; } else { echo $result3.'%'; } ?>"><?php echo '<span class="text">' . $result3 . '%</span>' ?></div></li>
  </li>
  <?php } ?>
  
  <?php if ($dbp_answer4) { ?>
   <li class="result"> <?php echo $dbp_answer4 ?>
	<li><div class="resultBar" style="width:<?php if ($result4 == 0) { echo '1px'; } else { echo $result4.'%'; } ?>"><?php echo '<span class="text">' . $result4 . '%</span>' ?></div></li>
  </li>
  <?php } ?>
  
  <?php if ($dbp_answer5) { ?>
   <li class="result"> <?php echo $dbp_answer5 ?>
	<li><div class="resultBar" style="width:<?php if ($result5 == 0) { echo '1px'; } else { echo $result5.'%'; } ?>"><?php echo '<span class="text">' . $result5 . '%</span>' ?></div></li>
  </li>
  <?php } ?>
  </ul>
  <p class="totalVotes"> <strong>Total votes:</strong> <?php echo $totalVotes ?> </p>
</div>

</div>
<?php }; ?>

 

If I have to use output buffering then I will do but are there any downsides to doing this?

 

Thanks in advance for your help guys.

 

Link to comment
Share on other sites
ChemicalBliss Newbie

ChemicalBliss

Posted
Posted

Your CMS im afraid to say is flawed from functionality - your using inline html statements, html should be echoed (imo) at the end of the script, then you have the freedom of changing and adding headers throughout your script.

 

The only way to do it - how your CMS is atm, is to use a Javascript function to add the cookie. An inline <script> tag should do the trick.

 

But these arent safe anyway and tbh you should make your users log in before being able to modify anything in mysql (even if its just votes).

 

-cb-

Link to comment
Share on other sites
mikesta707 Member

mikesta707

Posted
Posted

Alternatively, you could also use output buffering. Be aware, as Chemical said, there is a flaw in your CMS design. This should really be looked at as a bandaid and not a permanent fix.

 

Check out the page for information on what output buffering is, and how it works. Without knowing how your website is formatted, My best guess as to where to use output buffering would simply be to put it at the top of your main including page (if you use dynamic includes) or at the top of every page that needs it (if you use static links)

ob_start();//starts output buffering
... blah blah
blah blah...
//All output, like the following
echo "hello";
//will not be output to the page, but instead be stored in an internal buffer

//after we do all our stuff, we want to output everything and clear the buffer
ob_end_flush();

Link to comment
Share on other sites
Merdok Member

Merdok

Posted
  • Author
Posted

Thanks guys, Whilst I would normally agree with you, I have designed this system to be easily understood by people with zero knowledge of PHP. I've been testing it out on a few web designers who only know how to use HTML and they have found it to be a lot easier to use. Changing it to the preferred method would remove that.

 

I guess I'll just have to use output buffering. :)

Link to comment
Share on other sites
Merdok Member

Merdok

Posted
  • Author
Posted

Ok I managed to get around having to use output buffering by adding the setcookie to the module config however the cookie does not appear to work immediately. When the user hits vote, they still have the option  to vote again until they reload the page.

 

Looking at the documentation, this seems to be standard behaviour so what is the standard way of getting around this?

Link to comment
Share on other sites
Merdok Member

Merdok

Posted
  • Author
Posted

Sorry, that was me being stupid. I just got the config file to set a blank variable which gets turned on if the cookie has been set and then have the poll look for that as well. Sorted :)

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.