please help, code works but not how i want.

dchubad · August 15, 2015, 6:39am

hi this is my first post here, i really hope i can get a little help with this small php code because it is driving me nuts lol ive been looking at it for days and have no idea how to tackle the situation.
I have installed a simple photo contest script to my website and everything works great accept one small annoying bit. firstly the the developer doesnt seem to be around anymore and the licence for the code says it can be freely modified, shared, distributed, trod on or used as a beer mat if so desired so to speak.

the settings have two options…
Only one vote per contest. (not one vote per person, just one single vote so if i vote on one image then nobody else can vote)
Unlimited votes. (anyone can vote on one or more photos as many times as they like)

I was really hoping to change how the first setting works. I want to edit the code so that everyone can get one vote. at the moment if someone votes then nobody else can vote. below is the code i believe which controls all the voting system…

[php]<?php
include(“config.php”);

if(isset($_POST[‘id’]) and !empty($_POST[‘id’])){
$id= intval($_POST[‘id’]);
$contest= htmlspecialchars($_POST[‘contest’]);
$ip = $_POST[‘fingerprint’];
$ret = mysqli_query($bd, “select * from contests where contest = ‘$contest’”);
if ($ret !== null){
$contest_settings = mysqli_fetch_object($ret);
if ($contest_settings->voting_type == “contest”){
$ip_sql=mysqli_query($bd, “select ip_add from image_IP where contest = ‘$contest’”);
}else{
$ip_sql=mysqli_query($bd, “select ip_add from image_IP where img_id_fk=$id and ip_add=’$ip’”);
}
$count=mysqli_num_rows($ip_sql);
//var_dump($id);
if($count==0){
$sql = "UPDATE images SET love = love +1 WHERE img_id = ".$id;
//var_dump($sql);
mysqli_query($bd, $sql);
$sql_in = “insert into image_IP (ip_add,img_id_fk,contest) values (’$ip’,$id,’$contest’)”;
mysqli_query($bd, $sql_in);
$result=mysqli_query($bd, “select love from images where img_id=$id”);
//var_dump($result);
$row=mysqli_fetch_array($result);
$love=$row[‘love’];
?>
<?php echo $love; ?>
<?php
}else{
echo _(‘You have already voted !’);
}
}
}

if (isset($_POST[‘action’])){
if ($_POST[‘action’] == ‘login’){
$pwd = $POST[‘pwd’];
if ($pwd == PASSWD){
$ok = setcookie(COOKIE_NAME, sha1(PASSWD.HASH), 0, ‘/’, ‘’, FALSE, TRUE);
if (!$ok){
echo ‘

cookie failed !

’;
}
}else{
echo ‘
×’.(‘Wrong password !’).’
’;
}
}
}
?>[/php]

iam · August 15, 2015, 8:03pm

It looks like the fingerprint might not have the right value (IP address). If it doesn’t then look at using:

[php]if (!empty($_SERVER[‘HTTP_CLIENT_IP’])) {
$ip = $_SERVER[‘HTTP_CLIENT_IP’];
} elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_FOR’])) {
$ip = $_SERVER[‘HTTP_X_FORWARDED_FOR’];
} else {
$ip = $_SERVER[‘REMOTE_ADDR’];
}[/php]

dchubad · August 15, 2015, 8:34pm

hmm thats strange, it seems to only store the 1st 2 sections of the IP address in the db without the fullstops. for instance if my ip was 87.81.44.23 in the db it looks like this 8781 not sure whats going on there

benanamen · August 16, 2015, 2:44pm

What is the column type and data length?

dchubad · August 16, 2015, 7:11pm

the column ip_add was int(11) so i changed it to varchar(40) and by miracle it worked perfectly, the right ip is now being stored in the column ip_add.
my code below now looks like this but there is still silly little problem which i will explain after the code.
[php]<?php
include(“config.php”);
if(isset($_POST[‘id’]) and !empty($_POST[‘id’])){
$id= intval($_POST[‘id’]);
$contest= htmlspecialchars($_POST[‘contest’]);
if (!empty($_SERVER[‘HTTP_CLIENT_IP’])) {
$ip = $_SERVER[‘HTTP_CLIENT_IP’];
} elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_FOR’])) {
$ip = $_SERVER[‘HTTP_X_FORWARDED_FOR’];
} else {
$ip = $_SERVER[‘REMOTE_ADDR’];
}
$ret = mysqli_query($bd, “select * from contests where contest = ‘$contest’”);
if ($ret !== null){
$contest_settings = mysqli_fetch_object($ret);
if ($contest_settings->voting_type == “contest”){
$ip_sql=mysqli_query($bd, “select ip_add from image_IP where contest = ‘$contest’”);
}else{
$ip_sql=mysqli_query($bd, “select ip_add from image_IP where img_id_fk=$id and ip_add=’$ip’”);
}
// next 2 lines need changing to search the db in collumn ip_add and compare if the connecting users ip is listed and if not then allow the vote. if the ip is found then deny the vote.
$count=mysqli_num_rows($ip_sql);
if($count==0){
$sql = "UPDATE images SET love = love +1 WHERE img_id = ".$id;
mysqli_query($bd, $sql);
$sql_in = “insert into image_IP (ip_add,img_id_fk,contest) values (’$ip’,$id,’$contest’)”;
mysqli_query($bd, $sql_in);
$result=mysqli_query($bd, “select love from images where img_id=$id”);
$row=mysqli_fetch_array($result);
$love=$row[‘love’];
?>
<?php echo $love; ?>
<?php
}else{
echo _(‘You have already voted !’);
}
}
}

if (isset($_POST[‘action’])){
if ($_POST[‘action’] == ‘login’){
$pwd = $POST[‘pwd’];
if ($pwd == PASSWD){
$ok = setcookie(COOKIE_NAME, sha1(PASSWD.HASH), 0, ‘/’, ‘’, FALSE, TRUE);
if (!$ok){
echo ‘

cookie failed !

’;
}
}else{
echo ‘
×’.(‘Wrong password !’).’
’;
}
}
}
?>
[/php]

the problem is on line 22 and 23. what it is doing is searching to see if anyones IP is listed and of so then it stops anyone else from voting(adding a new IP to the list).
what i need is for it to compare the IP of the person who is trying to vote against the list of IPs stored in ip_add to see if they have already voted(if their IP is already in the list) and if so they can not post again but if their IP is not found then they can vote adding their IP to the ip_add column.

i dont usually ask for help as i really like to try and do it for myself but it seems to be getting a little too advanced for me now and i am so close to getting this to work.

benanamen · August 16, 2015, 7:20pm

What you’re wanting to do is not advanced at all. It is very basic. All you need to do is select from the database where IP address equals users IP address and see if there is a result and then deal with it. Also that is not the correct way to store IP addresses. You want to learn about inet_ntoa.

dchubad · August 16, 2015, 7:32pm

i am not sure of the right way to store an ip address but im just glad to see it is starting to work now. its been a few years since i have done any programming with php and i find myself really struggling. one big problem for me is that a lot of forums seems to have gone quiet where once they were full of people more than willing to help but i guess those silly social networks have consumed a lot of them.
i was never fantastic with php but i am always willing to learn and try for myself where i can, when ever i ask for help it is usually because i am truly stuck

dchubad · August 17, 2015, 3:24am

do you know where i can find some examples please

dchubad · August 17, 2015, 9:18am

i give up, there’s obviously no help here. bye

benanamen · August 17, 2015, 3:44pm

If you cannot select a column where the value equals something you are not ready to ask for help. Go study the basics and come back. We don’t mind helping, but you need to put in a little effort and understand the basics of basics.

Its as simple as:

SELECT ipaddress FROM mytable WHERE ipaddress = usersIpAddress;