473,473 Members | 1,738 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Problem With Script - when SELECTING from database for logged and non logged in users

ilya Kraft
134 New Member
Hi,

Right, I've recently added Like/Dislike system to my website. One of the features is recording voters ip address, so he can't vote more than 1 time. But Now I tried to change system so it checks if user is logged in, and if he is than information from database is filtered by username instead of ip, but for non logged in users it is filtered by ip like before. I tried to achieve this task, but for some reason it is not working correctly (Showing same data for all logged and non logged in users)

Here is the full code of the system, It is quiet big... but I will BOLD and UNDERLINE the area/s where, I think, problem could be. (I will comment code in important parts)

Expand|Select|Wrap|Line Numbers
  1.  
  2. <?php
  3. include("pulse.config.php"); //Contains Database Connection info
  4. class Pulse {
  5.     private $style;
  6.     private $votes_table;
  7.     private $format = "%7Bup%7D+upvotes%2C+%7Bdown%7D+downvotes";
  8.  
  9.     function __construct($style=''){ 
  10.         $this->style = empty($style) ? 'thumb1' : $style;
  11.         $this->votes_table = 'pulse_votes';
  12.     }
  13.  
  14.     function setFormat($tpl) {
  15.         $this->format = urlencode($tpl);
  16.     }
  17.  
  18.     public static function css(){
  19.         return "<link rel='stylesheet' href='".PULSE_DIR."/assets/css/pulse.css'></link>";
  20.     }
  21.  
  22.     public static function javascript(){
  23.         return "<script type=\"text/javascript\" src='http://inelmo.com/js/jquery-1.6.js'></script>\n<script type=\"text/javascript\" src='".PULSE_DIR."/assets/js/pulse.core.js'></script>";
  24.     }
  25.  
  26.     public function votedBefore($story_id){
  27.  
  28.         if($_COOKIE['pulse_item_'.$story_id] == 1) { 
  29.             return true;
  30.         } else {
  31.  
  32.         $queryData = "";
  33.         $userName = $_SESSION['username']; //Collects Username from another script on the page (not here)
  34.         $ip = $_SERVER['REMOTE_ADDR'];   //Collects users ip address 
  35.  
  36.         if(isset($_SESSION['username']) && $_SESSION['username'] != ""){ //If user is loged in, so has username and that username is not empty
  37.         $queryData = '("SELECT * FROM {$this->votes_table} WHERE `username` = ' . $username . ' AND `item_id` = $story_id")'; //Filter data by username
  38.         } else { //If user is not logged in, so has no username
  39.         $queryData = '("SELECT * FROM {$this->votes_table} WHERE `ip` = ' . $ip . ' AND `item_id` = $story_id")'; //Filter data by ip address
  40.         }
  41.  
  42.             $query = $queryData;
  43.             $result = mysql_query($query);
  44.             if(mysql_num_rows($result)>0){ 
  45.                 return true;
  46.             } elseif(mysql_num_rows($result)==0){ 
  47.                 return false;
  48.             }
  49.         }
  50.     }
  51.  
  52.     public function countUpVotes($story_id) {
  53.         $query = "SELECT * FROM {$this->votes_table} WHERE `item_id`= $story_id AND `vote_value`>0";
  54.         $result = mysql_query($query);
  55.         $votes = 0;
  56.         while($row = mysql_fetch_assoc($result)){
  57.             $votes+=$row['vote_value'];
  58.         }
  59.         return (int) $votes;
  60.     }
  61.  
  62.     public function countDownVotes($story_id) {
  63.         $query = "SELECT * FROM {$this->votes_table} WHERE `item_id`= $story_id AND `vote_value`<0";
  64.         $result = mysql_query($query);
  65.         $votes = 0;
  66.         while($row = mysql_fetch_assoc($result)){
  67.             $votes+=$row['vote_value'];
  68.         }
  69.         return (int) -$votes; 
  70.     }
  71.  
  72.     private function createButtons($story_id){
  73.         if($this->votedBefore($story_id)==true){
  74.             $html = <<<EOD
  75. <span class='pulse_vote_buttons'>
  76. <input value='lol' type='button' class='pulse_vote_button vote_up disabled' data-dir='up' data-itemId='$story_id' data-format='$this->format' disabled='disabled'><input value='lol' type='button' class='pulse_vote_button vote_down disabled' data-dir='down' data-itemId='$story_id' data-format='$this->format' disabled='disabled'>
  77. </span>
  78. EOD;
  79.         return $html;
  80.         } else {
  81.         $html = <<<EOD
  82. <span class='pulse_vote_buttons'>
  83. <input value='lol' type='button' class='pulse_vote_button vote_up' data-dir='up' data-itemId='$story_id' data-format='$this->format'/><input value='lol' type='button' class='pulse_vote_button vote_down' data-dir='down' data-itemId='$story_id' data-format='$this->format'>
  84. </span>
  85. EOD;
  86.         return $html;
  87.         }
  88.     }
  89.  
  90.     public function getFormatted($story_id, $format) { 
  91.         $upVotes = $this->countUpVotes($story_id);
  92.         $downVotes = $this->countDownVotes($story_id);
  93.         $balance = $upVotes - $downVotes;
  94.         $result = preg_replace('/{up}/',$upVotes, urldecode($format));
  95.         $result = preg_replace('/{down}/', $downVotes, $result);
  96.         $result = preg_replace('/{balance}/',$balance, $result);
  97.         return $result;
  98.     }
  99.  
  100.     public function voteHTML($story_id) {
  101.         $html = "<div class='pulse_votes_container $this->style'>\n".$this->createButtons($story_id)."\n<span class='pulse_result_format'>".$this->getFormatted($story_id, $this->format)."</span>\n</div>";
  102.         return $html;
  103.     }
  104.  
  105.     public function voteUp($story_id){
  106.         if(!$this->votedBefore($story_id)){ 
  107.             $ip = $_SERVER['REMOTE_ADDR'];
  108.             $voter_username = $_SESSION['username'];
  109.             $query = "INSERT INTO {$this->votes_table} (`item_id`, `vote_value`, `ip`, `username`) VALUES ($story_id, 1, '$ip', '$voter_username')";
  110.             $result = mysql_query($query);
  111.             if(mysql_affected_rows()==1){ 
  112.                 return true;
  113.             } else { 
  114.                 return false;
  115.             }
  116.         }
  117.     }
  118.  
  119.     public function voteDown($story_id){
  120.         if(!$this->votedBefore($story_id)){
  121.             $ip = $_SERVER['REMOTE_ADDR'];
  122.             $voter_username = $_SESSION['username'];
  123.             $query = "INSERT INTO {$this->votes_table} (`item_id`, `vote_value`, `ip`, `username`) VALUES ($story_id, -1, '$ip', '$voter_username')";
  124.             $result = mysql_query($query);
  125.             if(mysql_affected_rows()==1){ 
  126.                 return true;
  127.             } else { 
  128.                 return false;
  129.             }
  130.         }
  131.     }
  132. }
  133. ?>
  134.  
  135.  
Aug 19 '11 #1
1 1265
dlite922
1,584 Recognized Expert Top Contributor
simply debug your votedBefore function.

Put a die('in if') in the if part and put die('in else') in the else section. Test it in the browser. Do you always get the else part?

Is session var 'username' correct? Did you forget to create your session by calling session_start() in this page?

do a die(var_dump($_SESSION))

That gives you all your variables. See if username is in there.

Also, I wouldn't use 'username' as a good key. Think about when the user logs out? do you still want to know who it is? no if you reset this, that means I could vote once with my username and once more with my IP :)

IP can be changed easily, see google("proxy"), so I can vote many many times.

I would use IP, Session Cookie, and as many other things as possible.

This is one reason why sites don't let you vote unless you've signed up with an account. (see Facebook's "like" feautre and reddit.com or digg.com's up vote and digg features)

Good luck,

Dan
Aug 24 '11 #2

Sign in to post your reply or Sign up for a free account.

Similar topics
4
Check who is log in
by: Shamrock | last post by:
Hi, I need to write application which tell me who is login. In example: 1. login as Shamrock 2. I see Shamrock login 3. someone login as Morbious 4. They both see : Shamrock & Morbious 5....
Latest Bytes
4
Monitoring logged-in users with sessions: autologoff
by: vesely | last post by:
Hi all, I'm currently relying on logged-in users hitting "logout" (logoff) before they leave, in order to terminate the session. With PHP the session filename is in a cookie that lasts for the...
Latest Bytes
4
Web App: Limiting # of logged in users
by: Adam | last post by:
Greetings, I am creating a web application, which I will be selling licenses to be able to use it. So Customer Group A, could purchase 3 licenses, Customer Group B could purchase 30. With...
Latest Bytes
2
Currently Logged on Users in Access ADO ADP
by: Lauren Quantrell | last post by:
In my MS Access2000 MDB Files I used the code below to populate a list box of all logged on users. Can anyone help me figure out a way to modify the code to do the same with my MS Access2000 ADP...
Latest Bytes
8
Displaying all logged on users
by: Vince Varallo | last post by:
Hello All, I would like to display all logged on users on a web page. I store each user's name in a session varible, but I don't seem to be able to loop through a sessions collection to view...
Latest Bytes
21
SQL Server 2005: Collation Conflict Error when selecting Database Properties
by: Peter Nurse | last post by:
I have just upgraded to SQL Server 2005 from SQL Server 2000. In Microsoft SQL Server Management Studio, when I click on database properties, I receive the following error:- Cannot resolve the...
Latest Bytes
3
getting logged on users using WMI
by: iwdu15 | last post by:
hi, im writing a program that will get all currently logged on users to my LAN. so far i can only egt all users, logged on or not, using the WMI Searcher object...ive looked on the MSDN website for...
Latest Bytes
3
Updating application without affecting logged in users
by: =?Utf-8?B?V2FubmFiZQ==?= | last post by:
When we want to make updates to our application, we have to make sure all users are logged out, or they will get kicked out when we copy a new DLL. Our web application, using the 1.1 framework,...
Latest Bytes
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Latest Bytes
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
Latest Bytes
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Latest Bytes
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Latest Bytes
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Latest Bytes
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
Latest Bytes
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Latest Bytes
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Latest Bytes
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Latest Bytes

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us