neptunerain Posted December 2, 2012 Share Posted December 2, 2012 Hello again guys. Someone can tell me whats whrong with this code? it almost all ok but the sessions doesn't work. When i start the session and put a value on it why is it allowing the user to "vote" again? It should be calling the echo shouldn't it? <?php $connection = mysql_connect("localhost","root",""); if($connection){ mysql_select_db("votes"); $pega = mysql_query("SELECT * FROM mariolink"); $row = mysql_fetch_array($pega); } else{ echo "erro";} if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } mysql_query("UPDATE `mariolink` SET `link` = `link`+1"); session_start(); $_SESSION['ok'] = 1; } if(isset($_POST['mario'])){ if(!empty($_SESSION['ok'])){ echo "Sorry but you have already voted"; } mysql_query("UPDATE `mariolink` SET `mario` = `mario`+1"); session_start(); $_SESSION['ok'] = 1; } ?> <html> <head> </head> <body> <?php echo "Mario has ";echo $row['mario']; echo" Votes"; ?> <br> <?php echo "Link has ";echo $row['link'];echo" Votes"; ?> <form method="post" action=""> <image src="link.jpeg"/> <br> <input type="submit" name="link" value="Choose Link"> <br> <br> <image src="mario.jpeg"><br> <input type="submit" name="mario" value="Choose Mario"> <br> <br> <br><br></form> </body> </html> Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/ Share on other sites More sharing options...
MDCode Posted December 2, 2012 Share Posted December 2, 2012 if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } mysql_query("UPDATE `mariolink` SET `link` = `link`+1"); session_start(); $_SESSION['ok'] = 1; You're checking if it's empty and echoing if it isn't. But if it is you aren't preventing it. Use an else { there if(!empty()) { } else { } Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397000 Share on other sites More sharing options...
neptunerain Posted December 2, 2012 Author Share Posted December 2, 2012 Ok i tried putting the else{} but it still doesn't work . The code: if(isset($_POST['link'])){ if(!empty($_SESSION['ok'])){ echo "sorry you have already voted"; } else{ mysql_query("UPDATE `mariolink` SET `link` = `link` +1"); session_start(); $_SESSION['ok'] = 1; } } Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397009 Share on other sites More sharing options...
PFMaBiSmAd Posted December 2, 2012 Share Posted December 2, 2012 Your session_start() statement must come before any reference to a $_SESSION variable. While you can use a session variable to prevent accidental resubmission of data, you cannot use it to prevent intentional resubmission of data because all it takes to get a new chance is to drop the session id cookie and you get a new session. Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397013 Share on other sites More sharing options...
neptunerain Posted December 3, 2012 Author Share Posted December 3, 2012 Oh thanks,i forgot this detail but by the way what can i do to prevent the users "vote" more than one time? This was the only way i thought was possible. Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397034 Share on other sites More sharing options...
MDCode Posted December 3, 2012 Share Posted December 3, 2012 You can use cookies (which can be cleared) or use a database. Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397037 Share on other sites More sharing options...
neptunerain Posted December 3, 2012 Author Share Posted December 3, 2012 Ok i tried with cookies and it worked perfectly, i'm doing these codes just to study so i should not be worried about the fact that they ( the cookies) can be cleared. Thank you all. Link to comment https://forums.phpfreaks.com/topic/271501-sessions-arent-working/#findComment-1397065 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.