Peeps,

I have downloaded an ajax poller from http://www.dhtmlgoodies.com/index.html?whichScript=ajax-poller

The poller uses cookie protection so that folks cannot vote twice BUT I am trying to figure out how to use IP protection with this also.

Does anyone know how I can query the SQL table, read the IP address of voters so that it stops them voting again when they clear their cookies.

I would be most greatful if someone could help me.

Oh...if anyone tries install the poller....make sure all file extensions are .php & all tags within the files say <?php or it might not work.

You can see the script on my site http://www.yamahabikersforum.com/index.php?pid=4

Thanks peeps,

NairB :)

Haha. Cookie protection?
If someone wants to vote twice, they can just delete the cookie.
IP would be possible, though.

I'd suggest looking into mysql (through php, likely)

http://php-mysql-tutorial.com

IP protection is more effective, but a worse idea. Quite often more than one person will share the same IP. In fact, several ISPs route all HTTP requests for an area through one web cache. This is particularly annoying for me on sites like RapidShare: it always says I've exceeded my download limit for the hour or whatever it is, since the moment that countdown reaches zero, everyone within fifty miles of Brighton dashes to download whatever they're trying to download from it. Only the first three out of goodness knows how many can actually get it.

dear peeps....


Haha. Cookie protection?
If someone wants to vote twice, they can just delete the cookie.
IP would be possible, though.

I'd suggest looking into mysql (through php, likely)

http://php-mysql-tutorial.com

Thanks for this tutorial djr....gives me something to work on. Looks like its full of excellent info. ;)


IP protection is more effective, but a worse idea. Quite often more than one person will share the same IP. In fact, several ISPs route all HTTP requests for an area through one web cache. This is particularly annoying for me on sites like RapidShare: it always says I've exceeded my download limit for the hour or whatever it is, since the moment that countdown reaches zero, everyone within fifty miles of Brighton dashes to download whatever they're trying to download from it. Only the first three out of goodness knows how many can actually get it.

Hahaha, this is funny Twey. I know what you mean and can imagine everyone dashing to download because of this.http://i27.photobucket.com/albums/c192/nairbs/893lets-get-um-smilie-thumb.gif

I am going to scan through that tutorial that djr gave and see if I can come up with something for the poller.....in the meantime, if anyone else can help, please do ;)

thanks

-NairB

This isn't tested, but you could try it in the PHP script for the poller (can't remember the name of the file off the top of my head). Anyways, the parts in red is what I added.



<?php

if(isset($_GET['pollId'])){
require_once("dbConnect.php");

$getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

if (mysql_num_rows($getIP) >= 1) {
echo 'It appears you have already voted!';
exit;
}

else {

$optionId = false;

if(isset($_GET['optionId'])){
$optionId = $_GET['optionId'];
$optionId = preg_replace("/[^0-9]/si","",$optionId);
}
$pollId = $_GET['pollId'];
$pollId = preg_replace("/[^0-9]/si","",$pollId);



// Insert new vote into the database
// You may put in some more code here to limit the number of votes the same ip adress could cast.

if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");

// Returning data as xml

echo '<?xml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;
}
}else{
echo "No success";

}

?>


Hope this helps; and again, this code is not tested.

thetestingsite, you are marvellous....it nearly works.

It sticks on you have already voted but now it wont display the results, even after refreshing....see it here on my site http://www.yamahabikersforum.com/index.php?pid=4

Very very close to a solution :D

Ok, I see what you mean by it just displays the "you already voted" message. I haven't tested this, but it should work the way you want it to.



<?php

if(isset($_GET['pollId'])){
require_once("dbConnect.php");

$getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

$optionId = false;

if(isset($_GET['optionId'])){
$optionId = $_GET['optionId'];
$optionId = preg_replace("/[^0-9]/si","",$optionId);
}
$pollId = $_GET['pollId'];
$pollId = preg_replace("/[^0-9]/si","",$pollId);



// Insert new vote into the database
// You may put in some more code here to limit the number of votes the same ip adress could cast.

if (mysql_num_rows($getIP) == 0) {

if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");

}

echo '<?xml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;

}else{
echo "No success";

}

?>


Hope this helps.

Drat,

Its back up and running but still not working as I can clear cookies and vote again.

Hmmm, the first bit of code was close as it was looking at the IP.

EDIT...I am trying this again mytestingsite

No joy, it allows me to vote again when cookies cleared and I noticed the vote count wont go up now....

Ok, this is my last try. There is probably a cleaner way of doing this, but I can't figure it out (without playing around with it). Anyways, this is the first code snippet that I posted, just modified to display the results instead of a "You Already Voted" message.



<?php

if(isset($_GET['pollId'])){
require_once("dbConnect.php");

$getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

if (mysql_num_rows($getIP) >= 1) {
// Returning data as xml

echo '<?xml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;
}

else {

$optionId = false;

if(isset($_GET['optionId'])){
$optionId = $_GET['optionId'];
$optionId = preg_replace("/[^0-9]/si","",$optionId);
}
$pollId = $_GET['pollId'];
$pollId = preg_replace("/[^0-9]/si","",$pollId);



// Insert new vote into the database
// You may put in some more code here to limit the number of votes the same ip adress could cast.

if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");

// Returning data as xml

echo '<?xml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;
}
}else{
echo "No success";

}

?>


Hopefully this works.

thetestingsite,

Many many thanks for your help on this, you have gave me more than enough to help me figure this out :)

The last bit of code displays a blank but im sure after I play around with the code you have made I will get this to work.

Maybe when you get time to test this out properly you can let me know.

Many thanks again friend.

NairB :)

It works....it works http://i27.photobucket.com/albums/c192/nairbs/yahoo.gif

Thanks to thetestingsite's coding and after I moved it around a little I got the Poller IP & cookie protected.

After the user votes and clears cookies they try and vote again....but the IP protection will not register a second vote, total votes remain the same.....whoopee http://i27.photobucket.com/albums/c192/nairbs/yahoo.gif

Here is a link to test this http://www.yamahabikersforum.com/forum/

Thanks peeps...

Happy NairB :D

Glad to see its working the way you wanted it to. :)

Indeed.
I really like the way the poll counts up when it shows the results. That's a nice effect.

Damn. All NSW schools share the same IP.
It's quite a bad idea, especially for dial-up users (they change IPs every time)

Thanks to you both...glad to see its working....who better to test it ;)

I forgot to post the final code that made it work so here it is (thetestingsite will reckognise this)....

The changed bit of code I added to thetestingsite's work is in red....

<?php

if(isset($_GET['pollId'])){
require_once("dbConnect.php");

$optionId = false;

if(isset($_GET['optionId'])){
$optionId = $_GET['optionId'];
$optionId = preg_replace("/[^0-9]/si","",$optionId);
}
$pollId = $_GET['pollId'];
$pollId = preg_replace("/[^0-9]/si","",$pollId);

$getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

if (mysql_num_rows($getIP) >= 1) {
// Returning data as xml

echo '<?phpxml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;
}

else {

$optionId = false;

if(isset($_GET['optionId'])){
$optionId = $_GET['optionId'];
$optionId = preg_replace("/[^0-9]/si","",$optionId);
}
$pollId = $_GET['pollId'];
$pollId = preg_replace("/[^0-9]/si","",$pollId);



// Insert new vote into the database
// You may put in some more code here to limit the number of votes the same ip adress could cast.

if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");

// Returning data as xml

echo '<?phpxml version="1.0" ?>';

$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
if($inf = mysql_fetch_array($res)){
echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";

$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
while($infOptions = mysql_fetch_array($resOptions)){
echo "<option>\n";
echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";
echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";

$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
if($infVotes = mysql_fetch_array($resVotes)){
echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";
}
echo "</option>";

}
}
exit;
}
}else{
echo "No success";

}

?>

-NairB

Damn. All NSW schools share the same IP.
It's quite a bad idea, especially for dial-up users (they change IPs every time)

I agree, but this coding will allow you to change the amount of votes allowed from a certain IP address if you prefer but I do agree with you though.....its finding an accurate comprimise at the end of the day.

At the very least, we have BOTH methods operational with this hack....its upto you what you do with it ;)

One option to consider is that you're using this in a forum. If you were able to somehow integrate it into the user system, then you could have the chance to just allow one vote per user. This is a very secure way to allow each person one and only one vote.

One option to consider is that you're using this in a forum. If you were able to somehow integrate it into the user system, then you could have the chance to just allow one vote per user. This is a very secure way to allow each person one and only one vote.

Good idea djr....there is a voting/rating system that comes with the forum/portal I am using and the next step for me is to do exactly as you suggested. :)

Shouldn't this:

echo '<?phpxml version="1.0" ?>';

be this instead?


echo '<?xml version="1.0" ?>';

Shouldn't this:

echo '<?phpxml version="1.0" ?>';

be this instead?


echo '<?xml version="1.0" ?>';


Thats very interesting you asked this thetestingsite(is there any code you dont analyse LoL). I originally test all my scripts/codes/forums/webpages etc on my localhost PC using apache, php5 and sql. Somehow if php is not added in front of the <? tag, certain scripts etc will not work.....I am not the only one who suffers from this dilemma. So as rule of thumb, any PHP script with <? tags must look like <?php and scripts work :confused: :rolleyes: :eek:

I use php script editor so it will do the job for me.....no hassles ;)

Somehow if php is not added in front of the <? tag, certain scripts etc will not work.....I am not the only one who suffers from this dilemma. So as rule of thumb, any PHP script with <? tags must look like <?php and scripts work


That is caused by short tags not being allowed (defined in the php.ini file for your server). But the thing is that the snippet I posted:



echo '<?phpxml version="1.0" ?>';


Should actually be like so:



echo '<?xml version="1.0" ?>';


becuase it is echoing an xml file, and not a php script/file.

Anyways; I guess it works either way.

Actually, it probably shouldn't be there at all. Read one of the forum's many threads on why using XHTML is currently a bad idea (http://www.dynamicdrive.com/forums/showthread.php?t=20784).

I have taken your advice and removed the offending code LoL :p . Seems to be working fine without it.

I need to fix my php.ini file on my PC as you mentioned thetestingsite

Hey Twey, I will read through that thread so that I will never commit such an outrage in the coding world ever again :o :D