I’m developing a website using CodeIgniter; I’m making a voting website. The problem is that some of the entries actually let me vote again and again. They keep banning the IP in the database.
My Test Controller:
class Vote extends CI_Controller {
function __construct()
{
parent::__construct();
}
public function index()
{
}
public function vote_now()
{
if ($this->uri->segment(2)){
$q = $this->db->query('SELECT * FROM banned_ip WHERE entry='.$this->uri->segment(2).' LIMIT 1');
$row = $q->row_array();
$qe = $this->db->query('SELECT * FROM entries WHERE ID='.$this->uri->segment(2).' LIMIT 1');
$r = $qe->row_array();
if($row['IP'] == $this->input->ip_address()){
echo 'Already Voted.';
}
else {
$insert_data_votes = array(
'votes' => $r['votes']+1,
);
$this->db->where('ID', $this->uri->segment(2))->update('entries', $insert_data_votes);
$insert_data = array(
'IP' => $this->input->ip_address(),
'entry' => $this->uri->segment(2),
);
$this->db->insert('banned_ip', $insert_data);
redirect('foto/'.$this->uri->segment(2).'', 'refresh');
}
}
}}
Anyone has any idea what’s the problem?
Thanks.
Try like this in case id is not INT, and its better to pass as function param rather then $this->uri->segment(2)
public function vote_now($id = '') {
$id = (int) $id;
if ($id > 0) {
$q = $this->db->select('IP')
->from('banned_ip')
->where('entry', $id)
->where('IP', $this->input->ip_address())
->get();
if ($q->num_rows() > 0) {
echo 'Already Voted.';
} else {
$qe = $this->db->query("SELECT * FROM entries WHERE ID='$id' LIMIT 1");
$r = $qe->row_array();
$insert_data_votes = array(
'votes' => $r['votes'] + 1,
);
$this->db->where('ID', $id)->update('entries', $insert_data_votes);
$insert_data = array(
'IP' => $this->input->ip_address(),
'entry' => $id,
);
$this->db->insert('banned_ip', $insert_data);
redirect('foto/' . $id, 'refresh');
}
}
}