Jump to content

Recommended Posts

One other thing, I don't know what it is, but I keep getting votes from American IP addresses (probably automated), for obvious reasons I will not post them here, but the last digits are always different, while the first 4 numbers are the same, eg. xx.xxx.xx.19, then another one (first three exactly the same) xx.xxx.xx.234 etc.

 

It is unlikely that Americans would vote for or even know my radio station, let alone voting to this extent.

(Which is why I think a robot or hacker is doing this).

 

Any advice please?

Edited by mrfdes
  • Replies 73
  • Created
  • Last Reply

Top Posters In This Topic

explode the string on the dots then compare the first element to a value and then the second element and so on.

 

168.192.12.21  would end up as

array[0] = 168

array[1] = 192

array[2[ = 12

array[3] = 21

 

If you wanted to eliminate ips that look like "168.192.22.xxxx" you would compare the 0 element to 168, the 1 element to 192 and so on.

Edited by ginerjm

Would this do any good?

 $result = mysqli_query($link, $query);
   $targetAddr = "67.249..*..*";  //yes is two dots
 
//this code will match any class of 123.123.x.x,
//you can also do "123.123.123..*" to do anything that is 123.123.123.x
 
if (ereg($targetAddr, $_SERVER['REMOTE_ADDR'])) {
    //remote address match, do something or don't do anything
echo "GET LOST!!!!";
mysqli_close();
} else {
   //the rest of my script.
}

Thanks.

Would this do any good?

 $result = mysqli_query($link, $query);
   $targetAddr = "67.249..*..*";  //yes is two dots
 
//this code will match any class of 123.123.x.x,
//you can also do "123.123.123..*" to do anything that is 123.123.123.x
 
if (ereg($targetAddr, $_SERVER['REMOTE_ADDR'])) {
    //remote address match, do something or don't do anything
$output = "GET LOST!!!!";
mysqli_close();
} else {
   //the rest of my script.
}

Thanks.

Changed the echo to $output =

Wonder if that makes any difference.

  • 2 weeks later...

Hi,

I have found a glitch in the script:

if someone votes for a certain song which I have in the list twice, performed by different artists, both the song titles get a vote.

I have tried a number of things so that the script recognises the field "Artist" as well as "Song" and only votes for the chosen song by the particular artist, but I do not seem to be getting anywhere.

 

Can anyone point me in the right direction please?

Thank you.

your data should have a unique identifier (id) assigned to them in your database table (using a autoincrement index column.)

 

when you display the data, each item you display would carry it's unique id (not sure if you are using links or a form.) when the data is submitted you would use that id to record the vote, so two songs with the same title and different artists would have two different id's, but the id that the visitor picked and submitted, based on the song/artist they see, would tell you which one they voted for.

I have done this, the URL was changed to http://www.vlaamseradio.tk/top10/top10stem.php?Nr=

where Nr is the song number (the ID).

 

The script became:

<?php
 
//Check if the user had voted in the last 24 hours
if(isset($_COOKIE['voted']))
{
    $expireString = date('m-d-Y h:i:s', $_COOKIE['voted']);
    $output = "Sorry, you can only vote once every 24 hours. You can vote again after $expireString";
}
else
{
    //Start session and enable error reporting
    session_start();
    error_reporting(E_ALL | E_STRICT | E_NOTICE);
    ini_set('display_errors', '1');
 
    //Connect to DB
    $host="localhost";
    $user="jingleko_reload";
    $pwd="*******";
    $dbname="jingleko_reloader";
    $link = mysqli_connect($host,$user,$pwd,$dbname) or die(mysqli_error());
 
    //Update count for selected song: THIS IS WHERE I MADE THE CHANGES
    $number = mysqli_real_escape_string($link,$_GET['Nr']);
    $query = "UPDATE voting SET Votes = Votes+1 WHERE Nr = '$number'";
    $result = mysqli_query($link, $query);
 
    if (!$result)
    {
        //Query failed
        #die(mysqli_error()); //Uncomment for debugging only
        $output = "There was a problem processing your request.";
    }
    elseif(!mysqli_affected_rows($link))
    {
        //No records were updated
        $output = "The song you selected doesn't exist."
    }
    else
    {
        //Vote was registered
        $songSafeHtml = htmlspecialchars($_GET['Song']);
        $output = "You voted for <b>$songSafeHtml</b><br> U het gestem vir <b>$songSafeHtml</b></br>";
        //Set cookie to prevent multiple votes
        $expire = time() + (60 * 60 * 24); //Set expiration for 24 hours
        setcookie('voted', $expire, $expire);
        //Send confirmation email
        $to = "[email protected]";
        $subject = "There was a vote";
        $message = "Someone voted for $songSafeHtml.";
        $header = "From: [email protected] \r\n";
        $retval = mail($to, $subject, $message, $header);
    }
}
?>
<html>
<head></head>
<body>
<?php echo $output; ?>
</body>
</html>

I indicated the changes in the comments.

 

It works as it should, however, I have been looking for a way to get the songname too, for the purpose of displaying "You have voted for 'This or that song'. Thank you" after the vote has been registered, but I am not getting there (don't forget I am a complete beginner).

So, how can I get the field 'Song' to display too?

Like I said, it is only for display purposes, nothing else needs to happen, as now it says (obviously) You voted for "number", which does not say much.

.

 

Thanks.

I did that with the following lines:

$query="SELECT Song FROM stemming WHERE Nr=$songSafeHtml";
		$result=mysqli_query($link,$query);
        $output = "You voted for <b>$songSafeHtml." ".$result</b><br> U het gestem vir <b>$songSafeHtml." ".$result</b></br>";

and it gives me:

Catchable fatal error: Object of class mysqli_result could not be converted to string in /home/jingleko/public_html/vlaamseradio.tk/top10/top10stem.php on line 71

Really no idea now.

 

<?php
 
//Start session and enable error reporting
session_start();
error_reporting(E_ALL | E_STRICT | E_NOTICE);
ini_set('display_errors', '1');
 
//Check if the user had voted in the last 24 hours
if(isset($_COOKIE['voted']))
{
    $expireString = date('m-d-Y h:i:s', $_COOKIE['voted']);
    $output = "Sorry, you can only vote once every 24 hours. You can vote again after $expireString";
}
else
{
    //Connect to DB
    $host   ="localhost";
    $user   ="jingleko_reload";
    $pwd    ="*******";
    $dbname ="jingleko_reloader";
    $link = mysqli_connect($host,$user,$pwd,$dbname) or die(mysqli_error());
 
    //Update count for selected song: THIS IS WHERE I MADE THE CHANGES
    $number = intval($_GET['Nr']);
    $query  = "UPDATE voting SET Votes = Votes+1 WHERE Nr = $number";
    $result = mysqli_query($link, $query);
 
    if (!$result)
    {
        //Query failed
        #die(mysqli_error()); //Uncomment for debugging only
        $output = "There was a problem processing your request.";
    }
    elseif(!mysqli_affected_rows($link))
    {
        //No records were updated
        $output = "The song you selected doesn't exist."
    }
    else
    {
        //Vote was registered
        $query = "SELECT Song FROM stemming WHERE Nr = $number";
        $result = mysqli_query($link, $query);
        $row = mysqli_fetch_assoc($result);
        $songSafeHtml = htmlspecialchars($row['Song']);
        $output = "You voted for <b>$songSafeHtml</b><br> U het gestem vir <b>$songSafeHtml</b></br>";
        //Set cookie to prevent multiple votes
        $expire = time() + (60 * 60 * 24); //Set expiration for 24 hours
        setcookie('voted', $expire, $expire);
        //Send confirmation email
        $to = "[email protected]";
        $subject = "There was a vote";
        $message = "Someone voted for $songSafeHtml.";
        $header = "From: [email protected] \r\n";
        $retval = mail($to, $subject, $message, $header);
    }
}
?>
<html>
<head></head>
<body>
<?php echo $output; ?>
</body>
</html>

Thank you ever so much, Psycho,

 

I REALLY tried (almost) everything.

 

While it is good for the learning process to "learn from your mistakes" and watch closely what the error messages say, it can be quite stressful.

 

Nevertheless, I have learned more stuff again, and this is a motivation to carry on with my course even more intensely.

 

Thank you again.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.