i need help with easy php action

General PHP Help
#1

Hello all,
i started to make simple poll for my website and i stopped because my srcipt dont want to work :slight_smile:
[php]if(isset($_POST[‘poll’])){ //to go inside action if the “Vote button is really clicked”
if(isset ($_COOKIE[“poll”])){ //to see, if the the user before have voted, if the cookie is set, he cant vote again
echo “Error!
Sorry but you can vote more then 1 time !”;
}else{ //if the cookie isnt set, start the action
setcookie(“poll”, “vote”, time()+345600); //set cookie to cant vote again, just after few days!
function plusglas($moment){ //function to add +1, in mysql later
$result = $moment + 1;
return $result;
}
$izglasan = mysql_query(“SELECT * FROM glasanje WHERE Id=’$_POST[poll]’”);// in poll i have something like this and it gets the id of name who is voted
while($row = mysql_fetch_array($izglasan))
{
$konecenrezultat = plusglas($row[‘votes’]); //function made votes + 1
mysql_query(“UPDATE glasanje SET Votes=’$konecenrezultat’ WHERE Id=’$_POST[poll]’”); // update back to the mysql
}
}
}else{
echo “Error!
Sorry but the server wasnt send any informations !”;
}[/php]

My problem is because after i voted, in phpmyadmin the number Votes is same… No changes

can you help me ?

#2

[php]mysql_query(“UPDATE glasanje SET Votes=’$konecenrezultat’ WHERE Id=’$_POST[poll]’”);[/php]

check $_POST[poll] has the actual id and check $konecenrezultat has an updated value also its very dangerous to pass raw value into your database query you need to secure the data first at the very least with mysql_real_escape_string

#3

Sorry, but i cant understand what you told me with mysql_real_escape_string, because im seeing this function first time in my live, can you give me description why i should use it, :slight_smile: thanks

#4

OK what is does is escape the data in a string to stop any potential of tampering with your sql query.

If you use data from a form you don’t know if they have placed javascript or worse in the form using this function means you don’t have to worry about it.

to use it is very simple like this:

[php]$firstName = mysql_real_escape_string($_POST[‘firstName’]);[/php]

after you’ve used it your safe to perform the query in the case about I would use $firstName in the query rather then $_POST[‘firstName’]

#5

Ok, thanks i will use it too, also i found my problem with radio buttons, Radio buttons had an same name with input type submit , button and when i cheked it, the web shows radio button name not ID of chosen answer… now it works, i have to finish it now, also on the web mail function dont work,(im working it on localhost), i saw it on w3school, but it dont send the mail to my email :confused:

#6

ti may be your localhost is not configured to use mail its usually easy to fix for instance I think on XAMPP its just a case of uncommenting a line on the apache config

#7

Maybe we dont have to spam here about other things, can you give me in pm a little description what to open what to edit, etc… :slight_smile: thanks

#8

i’m no expert on that just follow this guide: http://mattwad.wordpress.com/2011/11/13/send-emails-from-xampp-lite-on-windows/

#9

ok thanks :slight_smile:

Sponsor our Newsletter | Privacy Policy | Terms of Service