[SOLVED] how to make a rating system in which each user can vote only once

[jck]

how to make a rating system in which each user can vote only once

[jck]

this is the rate.php and i think it does using ip adress even when there is login facility

<?

require_once("conn.php");

 

//check the user ???

$q1 = "select * from dd_rating where ItemID = '$_POST[itemID]' and ip = '$_SERVER[REMOTE_ADDR]' ";

$r1 = mysql_query($q1) or die(mysql_error());

 

if(mysql_num_rows($r1) == '0')

{

 

$q2 = "insert into dd_rating set

ItemID = '$_POST[itemID]',

Rating = '$_POST[rr]',

ip = '$_SERVER[REMOTE_ADDR]' ";

mysql_query($q2) or die(mysql_error());

 

header("location:$_SERVER[HTTP_REFERER]&rate_error=n");

}

else

{

header("location:$_SERVER[HTTP_REFERER]&rate_error=y");

}

 

?>

[suma237]

any error in your code?

[maxudaskin]

You trying to imply something? 

[jck]

no error n code bur that prebuilt code allows same users to vote again ang again by changing ip adress which can be accomplished by disconnecting and reconnecting i want to modify that so each registered member can vote once only

[suma237]

1.check for the member,if already vote (same ip and in same date )use update command instead of insert command

[mosi]

In that case store the memberid or username instead of the IP and check for that instead. Or have both so:

$q1 = "select * from dd_rating where ItemID = '$_POST[itemID]' and ip = '$_SERVER[REMOTE_ADDR]' or userid = '$userid' ";

[jck]

thank u thats what i was thinking but i dont understand in that script how all ips are stored

 

 

are the ips stored??????

im an utter noob im just trying to modify with my little knowledge oh this

from what i understood in the script all the ip's are NOT stored

for example if i vote and then my friend in another comp voted then i will be able to vote again

if im wrong please explain how??

[jck]

one more thing the user id's are stored in another table

[mosi]

To get the visitors ip it's this bit of code: $_SERVER[REMOTE_ADDR]

 

When a user is logged in do you set cookies or a session variable at all with the userid or something like that so you can use: "or userid = '$_SESSION[userid] ";" at the end of the select statement.

I have also added "userid = '$_SESSION[userid]' ";" to store the userid in the table (you would have to add a new column for this in the db)

 

Set the itemid, userid, ip as primary on your db and use REPLACE INTO instead of INSERT INTO too.

 

<?php
require_once("conn.php");

//check the user 
$q1 = "select * from dd_rating where ItemID = '$_POST[itemID]' and ip = '$_SERVER[REMOTE_ADDR]' or userid = '$_SESSION[userid]' ";
$r1 = mysql_query($q1) or die(mysql_error());

if(mysql_num_rows($r1) == '0')
{
$q2 = "REPLACE into dd_rating set 
	ItemID = '$_POST[itemID]',
	Rating = '$_POST[rr]',
	ip = '$_SERVER[REMOTE_ADDR]' ,
	userid = '$_SESSION[userid]' ";
mysql_query($q2) or die(mysql_error());

header("location:$_SERVER[HTTP_REFERER]&rate_error=n");
}
else
{
header("location:$_SERVER[HTTP_REFERER]&rate_error=y");
}

?>

[mediabob]

Do your users have to be registered to vote?

 

I did it by storing the User ID of the person that voted with the vote then checking the db for a match of username and item id to see if they voted before

 

but that only works if they are registered to vote

[jck]

REPLACE INTO instead of INSERT INTO too.

what does this mean??

[Yesideez]

I think he/she means UPDATE rather than INSERT.

[jck]

oh right thanks to all of u ill mark it resolved if it works.....

[Azu]

What if they use new IP/Account and clear cookies?

How would you detect them?

[Yesideez]

You can't really or if there is a way I'm unknown to it.

[jck]

i made it just user id and no ip so its gr8 now