Poller With Cookie AND IP Protection

[NairB]

Peeps,

I have downloaded an ajax poller from http://www.dhtmlgoodies.com/index.ht...pt=ajax-poller

The poller uses cookie protection so that folks cannot vote twice BUT I am trying to figure out how to use IP protection with this also.

Does anyone know how I can query the SQL table, read the IP address of voters so that it stops them voting again when they clear their cookies.

I would be most greatful if someone could help me.

Oh...if anyone tries install the poller....make sure all file extensions are .php & all tags within the files say <?php or it might not work.

You can see the script on my site http://www.yamahabikersforum.com/index.php?pid=4

Thanks peeps,

NairB

[djr33]

Haha. Cookie protection?
If someone wants to vote twice, they can just delete the cookie.
IP would be possible, though.

I'd suggest looking into mysql (through php, likely)

http://php-mysql-tutorial.com

[Twey]

IP protection is more effective, but a worse idea. Quite often more than one person will share the same IP. In fact, several ISPs route all HTTP requests for an area through one web cache. This is particularly annoying for me on sites like RapidShare: it always says I've exceeded my download limit for the hour or whatever it is, since the moment that countdown reaches zero, everyone within fifty miles of Brighton dashes to download whatever they're trying to download from it. Only the first three out of goodness knows how many can actually get it.

[NairB]

dear peeps....

Haha. Cookie protection?
If someone wants to vote twice, they can just delete the cookie.
IP would be possible, though.

I'd suggest looking into mysql (through php, likely)

http://php-mysql-tutorial.com

Thanks for this tutorial djr....gives me something to work on. Looks like its full of excellent info.

IP protection is more effective, but a worse idea. Quite often more than one person will share the same IP. In fact, several ISPs route all HTTP requests for an area through one web cache. This is particularly annoying for me on sites like RapidShare: it always says I've exceeded my download limit for the hour or whatever it is, since the moment that countdown reaches zero, everyone within fifty miles of Brighton dashes to download whatever they're trying to download from it. Only the first three out of goodness knows how many can actually get it.

Hahaha, this is funny Twey. I know what you mean and can imagine everyone dashing to download because of this.

I am going to scan through that tutorial that djr gave and see if I can come up with something for the poller.....in the meantime, if anyone else can help, please do

thanks

-NairB

[thetestingsite]

This isn't tested, but you could try it in the PHP script for the poller (can't remember the name of the file off the top of my head). Anyways, the parts in red is what I added.

Code:

<?php

if(isset($_GET['pollId'])){
	require_once("dbConnect.php");

   $getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

  if (mysql_num_rows($getIP) >= 1) {
    echo 'It appears you have already voted!';
    exit;
  }

  else {	

	$optionId = false;
	
	if(isset($_GET['optionId'])){
		$optionId = $_GET['optionId'];
		$optionId = preg_replace("/[^0-9]/si","",$optionId);
	}
	$pollId = $_GET['pollId'];
	$pollId = preg_replace("/[^0-9]/si","",$pollId);
	

			
	// Insert new vote into the database
	// You may put in some more code here to limit the number of votes the same ip adress could cast.
	
	if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");
	
	// Returning data as xml
	
	echo '<?xml version="1.0" ?>';
	
	$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
	if($inf = mysql_fetch_array($res)){
		echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";
		
		$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
		while($infOptions = mysql_fetch_array($resOptions)){
			echo "<option>\n";
			echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";					
			echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";					
			
			$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
			if($infVotes = mysql_fetch_array($resVotes)){
				echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";							
			}										
			echo "</option>";				
			
		}				
	}
	exit;
  }
}else{
	echo "No success";
	
}

?>

Hope this helps; and again, this code is not tested.

[NairB]

thetestingsite, you are marvellous....it nearly works.

It sticks on you have already voted but now it wont display the results, even after refreshing....see it here on my site http://www.yamahabikersforum.com/index.php?pid=4

Very very close to a solution

[thetestingsite]

Ok, I see what you mean by it just displays the "you already voted" message. I haven't tested this, but it should work the way you want it to.

Code:

<?php

if(isset($_GET['pollId'])){
	require_once("dbConnect.php");

   $getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

	$optionId = false;
	
	if(isset($_GET['optionId'])){
		$optionId = $_GET['optionId'];
		$optionId = preg_replace("/[^0-9]/si","",$optionId);
	}
	$pollId = $_GET['pollId'];
	$pollId = preg_replace("/[^0-9]/si","",$pollId);
	

			
	// Insert new vote into the database
	// You may put in some more code here to limit the number of votes the same ip adress could cast.

  if (mysql_num_rows($getIP) == 0) {

	if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");

  }

	echo '<?xml version="1.0" ?>';
	
	$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
	if($inf = mysql_fetch_array($res)){
		echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";
		
		$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
		while($infOptions = mysql_fetch_array($resOptions)){
			echo "<option>\n";
			echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";					
			echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";					
			
			$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
			if($infVotes = mysql_fetch_array($resVotes)){
				echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";							
			}										
			echo "</option>";				
			
		}				
	}
	exit;

}else{
	echo "No success";
	
}

?>

Hope this helps.

[NairB]

Drat,

Its back up and running but still not working as I can clear cookies and vote again.

Hmmm, the first bit of code was close as it was looking at the IP.

EDIT...I am trying this again mytestingsite

No joy, it allows me to vote again when cookies cleared and I noticed the vote count wont go up now....

[thetestingsite]

Ok, this is my last try. There is probably a cleaner way of doing this, but I can't figure it out (without playing around with it). Anyways, this is the first code snippet that I posted, just modified to display the results instead of a "You Already Voted" message.

Code:

<?php

if(isset($_GET['pollId'])){
	require_once("dbConnect.php");

   $getIP = mysql_query("SELECT * FROM `poller_vote` WHERE `ipAddress` = '".getenv('REMOTE_ADDR')."'");

  if (mysql_num_rows($getIP) >= 1) {
// Returning data as xml
	
	echo '<?xml version="1.0" ?>';
	
	$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
	if($inf = mysql_fetch_array($res)){
		echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";
		
		$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
		while($infOptions = mysql_fetch_array($resOptions)){
			echo "<option>\n";
			echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";					
			echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";					
			
			$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
			if($infVotes = mysql_fetch_array($resVotes)){
				echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";							
			}										
			echo "</option>";				
			
		}				
	}
	exit;
  }

  else {	

	$optionId = false;
	
	if(isset($_GET['optionId'])){
		$optionId = $_GET['optionId'];
		$optionId = preg_replace("/[^0-9]/si","",$optionId);
	}
	$pollId = $_GET['pollId'];
	$pollId = preg_replace("/[^0-9]/si","",$pollId);
	

			
	// Insert new vote into the database
	// You may put in some more code here to limit the number of votes the same ip adress could cast.
	
	if($optionId)mysql_query("insert into poller_vote(optionID,ipAddress)values('".$optionId."','".getenv("REMOTE_ADDR")."')");
	
	// Returning data as xml
	
	echo '<?xml version="1.0" ?>';
	
	$res = mysql_query("select ID,pollerTitle from poller where ID='".$pollId."'");
	if($inf = mysql_fetch_array($res)){
		echo "<pollerTitle>".$inf["pollerTitle"]."</pollerTitle>\n";
		
		$resOptions = mysql_query("select ID,optionText from poller_option where pollerID='".$inf["ID"]."' order by pollerOrder") or die(mysql_error());
		while($infOptions = mysql_fetch_array($resOptions)){
			echo "<option>\n";
			echo "\t<optionText>".$infOptions["optionText"]."</optionText>\n";					
			echo "\t<optionId>".$infOptions["ID"]."</optionId>\n";					
			
			$resVotes = mysql_query("select count(ID) from poller_vote where optionID='".$infOptions["ID"]."'");
			if($infVotes = mysql_fetch_array($resVotes)){
				echo "\t<votes>".$infVotes["count(ID)"]."</votes>\n";							
			}										
			echo "</option>";				
			
		}				
	}
	exit;
  }
}else{
	echo "No success";
	
}

?>

Hopefully this works.

[NairB]

thetestingsite,

Many many thanks for your help on this, you have gave me more than enough to help me figure this out

The last bit of code displays a blank but im sure after I play around with the code you have made I will get this to work.

Maybe when you get time to test this out properly you can let me know.

Many thanks again friend.

NairB