# Help required in incrementing a value

## Recommended Posts

One other thing, I don't know what it is, but I keep getting votes from American IP addresses (probably automated), for obvious reasons I will not post them here, but the last digits are always different, while the first 4 numbers are the same, eg. xx.xxx.xx.19, then another one (first three exactly the same) xx.xxx.xx.234 etc.

It is unlikely that Americans would vote for or even know my radio station, let alone voting to this extent.

(Which is why I think a robot or hacker is doing this).

##### Share on other sites

• Replies 73
• Created

If you don't want certain ip s to be voting, then simply check before tallying the vote and send them back a nice message.

##### Share on other sites

Yes, that is a solution I immediately thought about, however, doing it is quite a different thing.

##### Share on other sites

I think I have an idea of how to do it,but can I use wildcards in variables. eg. if \$ipaddress="xx.xxx.xx.???" then..... ?

##### Share on other sites

And why is that?  IF you are comfortable with trusting the address you are getting and wish to base your decision on it, then checking it against a list of 4 digit or 8 digit or 12 digit prefixes shouldn't be a problem.

##### Share on other sites

Well, it is just because only the last digits are different every time.

And, I DON'T trust them, as they keep bombarding me with votes.

##### Share on other sites

explode the string on the dots then compare the first element to a value and then the second element and so on.

168.192.12.21  would end up as

array[0] = 168

array[1] = 192

array[2[ = 12

array[3] = 21

If you wanted to eliminate ips that look like "168.192.22.xxxx" you would compare the 0 element to 168, the 1 element to 192 and so on.

##### Share on other sites

Oh dear, this is even more difficult than I had imagined.

I'll keep doing my research.

Thanks.

##### Share on other sites

Would this do any good?

``` \$result = mysqli_query(\$link, \$query);
\$targetAddr = "67.249..*..*";  //yes is two dots

//this code will match any class of 123.123.x.x,
//you can also do "123.123.123..*" to do anything that is 123.123.123.x

//remote address match, do something or don't do anything
echo "GET LOST!!!!";
mysqli_close();
} else {
//the rest of my script.
}
```

Thanks.

##### Share on other sites

Obviously not, as there are still votes coming in from those IP addresses.

##### Share on other sites

Would this do any good?

``` \$result = mysqli_query(\$link, \$query);
\$targetAddr = "67.249..*..*";  //yes is two dots

//this code will match any class of 123.123.x.x,
//you can also do "123.123.123..*" to do anything that is 123.123.123.x

//remote address match, do something or don't do anything
\$output = "GET LOST!!!!";
mysqli_close();
} else {
//the rest of my script.
}
```

Thanks.

Changed the echo to \$output =

Wonder if that makes any difference.

##### Share on other sites

• 2 weeks later...

Hi,

I have found a glitch in the script:

if someone votes for a certain song which I have in the list twice, performed by different artists, both the song titles get a vote.

I have tried a number of things so that the script recognises the field "Artist" as well as "Song" and only votes for the chosen song by the particular artist, but I do not seem to be getting anywhere.

Can anyone point me in the right direction please?

Thank you.

##### Share on other sites

your data should have a unique identifier (id) assigned to them in your database table (using a autoincrement index column.)

when you display the data, each item you display would carry it's unique id (not sure if you are using links or a form.) when the data is submitted you would use that id to record the vote, so two songs with the same title and different artists would have two different id's, but the id that the visitor picked and submitted, based on the song/artist they see, would tell you which one they voted for.

##### Share on other sites

Yes, I use a link for the voting.

I shall give it a try using the id.

Thanks.

##### Share on other sites

Plus, it looks like you are putting the song title on the query string. Ideally, you should be using an ID and not a textual value for the song anyway.

##### Share on other sites

I have done this, the URL was changed to http://www.vlaamseradio.tk/top10/top10stem.php?Nr=

where Nr is the song number (the ID).

The script became:

```<?php

//Check if the user had voted in the last 24 hours
{
\$output = "Sorry, you can only vote once every 24 hours. You can vote again after \$expireString";
}
else
{
//Start session and enable error reporting
session_start();
error_reporting(E_ALL | E_STRICT | E_NOTICE);
ini_set('display_errors', '1');

//Connect to DB
\$host="localhost";
\$pwd="*******";

//Update count for selected song: THIS IS WHERE I MADE THE CHANGES
\$query = "UPDATE voting SET Votes = Votes+1 WHERE Nr = '\$number'";

if (!\$result)
{
//Query failed
#die(mysqli_error()); //Uncomment for debugging only
\$output = "There was a problem processing your request.";
}
{
//No records were updated
\$output = "The song you selected doesn't exist."
}
else
{
//Vote was registered
\$songSafeHtml = htmlspecialchars(\$_GET['Song']);
\$output = "You voted for <b>\$songSafeHtml</b><br> U het gestem vir <b>\$songSafeHtml</b></br>";
\$expire = time() + (60 * 60 * 24); //Set expiration for 24 hours
//Send confirmation email
\$subject = "There was a vote";
\$message = "Someone voted for \$songSafeHtml.";
\$retval = mail(\$to, \$subject, \$message, \$header);
}
}
?>
<html>
<body>
<?php echo \$output; ?>
</body>
</html>
```

I indicated the changes in the comments.

It works as it should, however, I have been looking for a way to get the songname too, for the purpose of displaying "You have voted for 'This or that song'. Thank you" after the vote has been registered, but I am not getting there (don't forget I am a complete beginner).

So, how can I get the field 'Song' to display too?

Like I said, it is only for display purposes, nothing else needs to happen, as now it says (obviously) You voted for "number", which does not say much.

.

Thanks.

##### Share on other sites

I also tried to put the URL to http://www.vlaamseradio.tk/top10/top10stem.php?Nr=&Song= but that did not do any good either.

I got the message the song did not exist.

Thanks.

##### Share on other sites

You should ONLY be passing the ID of the record. After incrementing the vote count you should do a SELECT query to get the name of the song for display purposes.

##### Share on other sites

I did that with the following lines:

```\$query="SELECT Song FROM stemming WHERE Nr=\$songSafeHtml";
\$output = "You voted for <b>\$songSafeHtml." ".\$result</b><br> U het gestem vir <b>\$songSafeHtml." ".\$result</b></br>";
```

and it gives me:

```Catchable fatal error: Object of class mysqli_result could not be converted to string in /home/jingleko/public_html/vlaamseradio.tk/top10/top10stem.php on line 71
```

Really no idea now.

##### Share on other sites

Well, \$result is a MySQLi result object. What do you expect to get when you insert that into a string?

If you want the data from the query, you need to actually fetch it with one of the various fetch method like mysqli_fetch_assoc().

##### Share on other sites

I don't know what to expect, as I said before, I am a COMPLETE beginner.

##### Share on other sites

`\$query="SELECT Song FROM stemming WHERE Nr=\$songSafeHtml";`

You aren't using \$songSafeHtml anymore - that shouldn't be in your query.

##### Share on other sites

```<?php

//Start session and enable error reporting
session_start();
error_reporting(E_ALL | E_STRICT | E_NOTICE);
ini_set('display_errors', '1');

//Check if the user had voted in the last 24 hours
{
\$output = "Sorry, you can only vote once every 24 hours. You can vote again after \$expireString";
}
else
{
//Connect to DB
\$host   ="localhost";
\$pwd    ="*******";

//Update count for selected song: THIS IS WHERE I MADE THE CHANGES
\$number = intval(\$_GET['Nr']);
\$query  = "UPDATE voting SET Votes = Votes+1 WHERE Nr = \$number";

if (!\$result)
{
//Query failed
#die(mysqli_error()); //Uncomment for debugging only
\$output = "There was a problem processing your request.";
}
{
//No records were updated
\$output = "The song you selected doesn't exist."
}
else
{
//Vote was registered
\$query = "SELECT Song FROM stemming WHERE Nr = \$number";
\$row = mysqli_fetch_assoc(\$result);
\$songSafeHtml = htmlspecialchars(\$row['Song']);
\$output = "You voted for <b>\$songSafeHtml</b><br> U het gestem vir <b>\$songSafeHtml</b></br>";
\$expire = time() + (60 * 60 * 24); //Set expiration for 24 hours
//Send confirmation email
\$subject = "There was a vote";
\$message = "Someone voted for \$songSafeHtml.";
\$retval = mail(\$to, \$subject, \$message, \$header);
}
}
?>
<html>
<body>
<?php echo \$output; ?>
</body>
</html>```
##### Share on other sites

Thank you ever so much, Psycho,

I REALLY tried (almost) everything.

While it is good for the learning process to "learn from your mistakes" and watch closely what the error messages say, it can be quite stressful.

Nevertheless, I have learned more stuff again, and this is a motivation to carry on with my course even more intensely.

Thank you again.

#### Archived

This topic is now archived and is closed to further replies.

×

• #### Activity

• Chat
×
• Create New...