Jump to content

Recommended Posts

  • Replies 73
  • Created
  • Last Reply

Top Posters In This Topic

Then there is just one more thing:

How could I send a cookie to the voters so they can only vote once every 24 hours?

(It doesn't matter about it being a cookie, as most of my audience are not computer literate enough to delete or fiddle with a cookie).

 

I have already noticed that, while the script has only been running a few hours, people are already voting like mad, and I would like things to go a bit honest at least.

 

I REALLY do not have a clue about how to do any of this, so be patient with me please.

 

Thanks in advance.

:thumb-up:

OK,

Here it comes:

<?php
session_start();
error_reporting(E_ALL | E_STRICT | E_NOTICE);
ini_set('display_errors', '1');
$host="localhost";
$user="jingleko_reload";
$pwd="*******";
$dbname="jingleko_reloader";
$link = mysqli_connect($host,$user,$pwd,$dbname) or die(mysqli_error());
$lied = mysqli_real_escape_string($link,$_GET['Song']);
$songSafeHtml = htmlspecialchars($_GET['Song']);
if (mysqli_query($link, "UPDATE voting SET Votes= Votes+1 WHERE Song = '$song'"))
    echo "You voted for <b>$songSafeHtml</b><br> U het gestem vir <b>$songSafeHtml</b></br>";
	else
    die(mysqli_error());
	$to = "[email protected]";
   $subject = "There was a vote";
   $message = "Someone voted for $songSafeHtml.";
   $header = "From:[email protected] \r\n";
   $retval = mail ($to,$subject,$message,$header);
   if( $retval == true )   
   {
      echo "Your vote has been registered...";
   }
   else
   {
      echo "There was a fault...";
   }
?>

Thanks so much once again.

Hmm, that can't be your working script. you define the passed value as the variable $lied, but then use $song in the query. A few other things:

 

1. Use comments in your code. It will make it easier for you and us

2. You are using the return value of the email() function to determine if the user sees that their vote was registered or not. You should be determining that based upon whether the query passed. If the email is not sent, that doesn't mean their vote wasn't registered. I wouldn't show the user any error based upon the email. It is not pertinent to the process for them. In fact, the fact that the query passed is not an indication that their vote passed. The query would succeed with ANY passed value. Even ones that don't exist in the database - it just wouldn't update any records. You should check that there were affected rows.

3. You should turn off error reporting when putting the script into production. The detailed reporting of errors can leak information that one could use to perform malicious activities.

4. I would suggest not 'bundling' up multiple functions in a single line - especially in an if() condition. If there is a problem, it makes it more difficult to debug

 

Give this a try

 

<?php
 
//Check if the user had voted in the last 24 hours
if(isset($_COOKIE['voted']))
{
    $expireString = date('m-d-Y h:i:s', $_COOKIE['voted']);
    $output = "Sorry, you can only vote once every 24 hours. You can vote again after $expireString";
}
else
{
    //Start session and enable error reporting
    session_start();
    error_reporting(E_ALL | E_STRICT | E_NOTICE);
    ini_set('display_errors', '1');
 
    //Connect to DB
    $host="localhost";
    $user="jingleko_reload";
    $pwd="*******";
    $dbname="jingleko_reloader";
    $link = mysqli_connect($host,$user,$pwd,$dbname) or die(mysqli_error());
 
    //Update count for selected song
    $song = mysqli_real_escape_string($link,$_GET['Song']);
    $query = "UPDATE voting SET Votes = Votes+1 WHERE Song = '$song'";
    $result = mysqli_query($link, $query);
 
    if (!$result)
    {
        //Query failed
        #die(mysqli_error()); //Uncomment for debugging only
        $output = "There was a problem processing your request.";
    }
    elseif(!mysqli_affected_rows($link))
    {
        //No records were updated
        $output = "The song you selected doesn't exist."
    }
    else
    {
        //Vote was registered
        $songSafeHtml = htmlspecialchars($_GET['Song']);
        $output = "You voted for <b>$songSafeHtml</b><br> U het gestem vir <b>$songSafeHtml</b></br>";
        //Set cookie to prevent multiple votes
        $expire = time() + (60 * 60 * 24); //Set expiration for 24 hours
        setcookie('voted', $expire, $expire);
        //Send confirmation email
        $to = "[email protected]";
        $subject = "There was a vote";
        $message = "Someone voted for $songSafeHtml.";
        $header = "From: [email protected] \r\n";
        $retval = mail($to, $subject, $message, $header);
    }
}
?>
<html>
<head></head>
<body>
<?php echo $output; ?>
</body>
</html>

Thanks, Psycho.

Well, it is my working script, 

 

I just translated it in English so that people here would understand the variables and must have forgotten one. :psychic:

Anyway, I'll test it to see what happens.

By the way, the sendmail() function was used to send a message to me when someone votes so I can follow what happens.

 

Thank you very much again for this, it is much appreciated.

 

Like I said, I am a novice, one who was even still working with mysql rather than mysqli, so PDO is definitely still far beyond me.

But these things make me even more determined to carry on learning.

 

Thanks again.

By the way, the sendmail() function was used to send a message to me when someone votes so I can follow what happens.

 

Yes, I understand that. But, as I said, what does sending you an email have to do with whether or not the vote was counted? Understanding the available functions and processes of the language only makes up part of the process of being able to program. A LARGE part of programming is just being able to think logically. That can be difficult when you are working out of your element. What will help is if you think through the process before you write the code. Create a flow chart if needed to determine what data you need to capture, what decision need to be made and what output should be generated. It may seem like it will take longer to accomplish your task when you want to start writing code, but by looking at the big picture first and making those decisions you will save your self many hours in having to rework/rewrite code because of a logic error you did not anticipate.

Very true, Psycho,

however, the script was tested before the email bit was added, and it still works now in that I do not get an email if someone tried to vote more than once in 24 hours, also, the votes do not get incremented if that is the case, so it seems all is well.

 

Now one more thing: how can i integrate this

date_default_timezone_set('Europe/Brussels');

into my script?

I live in the UK, but my audience mostly reside in Belgium/Holland/South Africa, 1 hour ahead of us, and the time given in the warning was probably US time, as it seems I had voted in the middle of the night at 7pm here.

 

Apart from that, I do take your comments to heart and I am grateful for them, I definitely want to learn proper PHP programming, but that is obviously not so simple having to do it all by yourself, is it?

 

Thank you very much again.

Very true, Psycho,

however, the script was tested before the email bit was added, and it still works now in that I do not get an email if someone tried to vote more than once in 24 hours, also, the votes do not get incremented if that is the case, so it seems all is well

 

I don't think you understood what I was saying. There was a flaw in the logic you had. You had a step to increment the vote. If that passed, you had a step to send the email. If that failed you told the user that their vote wasn't registered. That would be incorrect, because the only way for the user to get to the step that sends the email would be if their vote had already been saved!

 

As for the time, did you try incorporating it in the script? It should affect any functions that deal with time that come after where you use it  (hint: put it at the top of your script).

Thank you for your further explanation, Psycho.

It all helps me to learn more.

I have read your comments properly and tried to analyse everything you said.

 

As for the time zone, I suspected it had to be put at the top of the script, but then I thought "PHP is NEVER that simple", well, it proved me wrong.

Although it still gives me  a weird time out put. The time is almost 9 pm here, and I get 08:06:seconds...

The time should be 1 hour ahead of me, though,

 

I used exactly this code: 

date_default_timezone_set("Europe/Brussels");

which looks 100% valid to me.

 

Anyway, I am not going to mope about details, nor bother you with them.

 

Thank you so much once again.

My point was:

 

You should check the outcome of the timezone set command to see if it worked or not.  That could explain why your time is off by an hour.  The default is UTC (or GMT) and that is probably one hour behind you in Belgium, no?

Can't hurt to check your attempt to set it correctly.

 

You can also try this:

 

After the date_default_.....  command insert these lines.

  print_r(phpinfo());

  exit();

 

I would then save this entire script under a new name (in new folder?) and test it out before deleting it.  (You don't want the world to see the output of this)

 

Once you have the output onscreen, do a find for 'timezone' and see if your setting appears.
 

I have one further question, though:

 

How can I log the voter's IP address in the email?

 

I tried the following, but that did not work:

 //Send confirmation email
        $to = "[email protected]";
        $subject = "Someone voted";
        $message = "Someone voted for $songSafeHtml.";
        $ip= SERVER['REMOTE_ADDR'];
		$header = "From: [email protected] \r\n";
		$retval = mail($to, $subject, $message, $ip, $header);
    }

So, probably something was put in the wrong place.

 

Thank you.

Just because YOU want to add a new piece of data to your email does not mean you can alter the syntax of the function call.  The manual will show you what the arguements of a function are and that's the way it is.

 

To add a piece of information to your email you probably want to put it into your message area.  Think about it.

This was my attempt:

  //Send confirmation email
	$ipaddress = $_SERVER['REMOTE_ADDR'];
        $to = "[email protected]";
        $subject = "There was a vote";
        $message = "Someone with IP address .$ipaddress voted for $songSafeHtml.";
		$header = "From: [email protected] \r\n";
		$retval = mail($to, $subject, $message, $header);
    }

No syntax errors this time, so I'll see what happens.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.