neptunerain Posted December 2, 2012 Share Posted December 2, 2012 (edited) Hello again guys. Someone can tell me whats whrong with this code? it almost all ok but the sessions doesn't work. When i start the session and put a value on it why is it allowing the user to "vote" again? It should be calling the echo shouldn't it? <?php $connection = mysql_connect("localhost","root",""); if($connection){ mysql_select_db("votes"); $pega = mysql_query("SELECT * FROM mariolink"); $row = mysql_fetch_array($pega); } else{ echo "erro";} if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } mysql_query("UPDATE `mariolink` SET `link` = `link`+1"); session_start(); $_SESSION['ok'] = 1; } if(isset($_POST['mario'])){ if(!empty($_SESSION['ok'])){ echo "Sorry but you have already voted"; } mysql_query("UPDATE `mariolink` SET `mario` = `mario`+1"); session_start(); $_SESSION['ok'] = 1; } ?> <html> <head> </head> <body> <?php echo "Mario has ";echo $row['mario']; echo" Votes"; ?> <br> <?php echo "Link has ";echo $row['link'];echo" Votes"; ?> <form method="post" action=""> <image src="link.jpeg"/> <br> <input type="submit" name="link" value="Choose Link"> <br> <br> <image src="mario.jpeg"><br> <input type="submit" name="mario" value="Choose Mario"> <br> <br> <br><br></form> </body> </html> Edited December 2, 2012 by neptunerain Quote Link to comment Share on other sites More sharing options...
MDCode Posted December 2, 2012 Share Posted December 2, 2012 (edited) if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } mysql_query("UPDATE `mariolink` SET `link` = `link`+1"); session_start(); $_SESSION['ok'] = 1; You're checking if it's empty and echoing if it isn't. But if it is you aren't preventing it. Use an else { there if(!empty()) { } else { } Edited December 2, 2012 by SocialCloud Quote Link to comment Share on other sites More sharing options...
neptunerain Posted December 2, 2012 Author Share Posted December 2, 2012 Ok i tried putting the else{} but it still doesn't work . The code: if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } else{ mysql_query("UPDATE `mariolink` SET `link` = `link` +1"); session_start(); $_SESSION['ok'] = 1; } } Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 2, 2012 Share Posted December 2, 2012 Your session_start() statement must come before any reference to a $_SESSION variable. While you can use a session variable to prevent accidental resubmission of data, you cannot use it to prevent intentional resubmission of data because all it takes to get a new chance is to drop the session id cookie and you get a new session. Quote Link to comment Share on other sites More sharing options...
neptunerain Posted December 3, 2012 Author Share Posted December 3, 2012 Oh thanks,i forgot this detail but by the way what can i do to prevent the users "vote" more than one time? This was the only way i thought was possible. Quote Link to comment Share on other sites More sharing options...
MDCode Posted December 3, 2012 Share Posted December 3, 2012 You can use cookies (which can be cleared) or use a database. Quote Link to comment Share on other sites More sharing options...
neptunerain Posted December 3, 2012 Author Share Posted December 3, 2012 (edited) Ok i tried with cookies and it worked perfectly, i'm doing these codes just to study so i should not be worried about the fact that they ( the cookies) can be cleared. Thank you all. Edited December 3, 2012 by neptunerain Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.