0

Hello. I'm wondering if someone could help me. I have a simple like/dislike voting voting system. Everything works fine but a user is able to click both up and down freely without checking if they have voted.

So what I'm going for is 'Php sessions' because I dont want to clutter a table in mysql with ips and its superficial voting.

I'm using ajax to avoid a refresh which calls on two scripts to add the +1 count to the columns in my table (up/down)

up.php

<?php
include("dbcon.php");

if($_POST['id'])
{
$id=$_POST['id'];
$id = mysql_escape_String($id);

$sql = "update comments set up=up+1  where id='$id'";
mysql_query( $sql);

$result=mysql_query("select up from comments where id='$id'");
$row=mysql_fetch_array($result);
$up_value=$row['up'];
echo "<img src='images/up.png' ALIGN='top' height='14px' width='14px'/> $up_value";
}
?>

The down.php is the same mostly of course.

How do i add sessions to this so i can vote up only once for each comment on a page?


I was able to do ips in a database fine but this is above me. any help please and thanks.

1
Contributor
1
Reply
3
Views
5 Years
Discussion Span
Last Post by reco21
0

This isnt clean but works. also escape string is deprecated. And using setcookie to track votes.


up.php

<?php
include("dbcon.php");

if($_POST['id'])
{

$id = $_POST['id'];
$id = mysql_escape_String($id);

 	if(isset($_COOKIE["voted$id"])) 

 		{ 
 		Echo "voted"; 
 		} 
 
 	else 
 		{ 
 		
	 	$month = 2592000 + time(); 
 		
	setcookie("voted$id", $id, $month); 	
	
$sql = "update comments set up=up+1  where id='$id'";
mysql_query( $sql);

$result=mysql_query("select up from comments where id='$id'");
$row=mysql_fetch_array($result);
$up_value=$row['up'];
echo "<img src='images/up.png' ALIGN='top' height='14px' width='14px'/> $up_value";

 
 }

}
?>

it sets a cookie called voted6 (6 being the $uid) for each vote up and prevents more up votes until browser cookies are removed.

Edited by reco21: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.