投票重复投票

时间:2012-09-27 10:28:11

标签: php

我们目前有一个投票系统设置,可以保存投票者停止重复投票的IP地址。

然而,每天都会从数据库中删除IP地址,以便他们可以对最喜欢的项目进行重新投票。

通过下面的代码,您可以看到我如何阻止这一点,以便具有特定IP地址的人永远不会再投票给该特定项目?然而,他们能够对其他参赛者进行投票,但只能投票一次。

有什么想法吗?

<?php
// Script Voting - http://www.coursesweb.net/
class Voting {
  // properties
  static protected $conn = false;            // stores the connection to mysql
  public $affected_rows = 0;        // number of affected, or returned rows in SQL query
  protected $voter = '';                    // the user who vote, or its IP
  protected $nrvot = 0;                 // if it is 1, the user can vote only one item in a day, 0 for multiple items
  protected $svoting = 'mysql';         // 'mysql' to register data in database, any other value register in TXT files
  public $votitems = 'voting';        // Table /or file_name to store items that are voted
  public $votusers = 'votusers';             // Table /or filename that stores the users who voted in current day
  protected $tdy;                // will store the number of current day
  public $eror = false;          // to store and check for errors

  // constructor
  public function __construct() {
    // sets $nrvot, $svoting, $voter, and $tdy properties
    if(defined('NRVOT')) $this->nrvot = NRVOT;
    if(defined('SVOTING')) $this->svoting = SVOTING;
    if(defined('USRVOTE') && USRVOTE === 0) { if(defined('VOTER')) $this->voter = VOTER; }
    else $this->voter = $_SERVER['REMOTE_ADDR'];
    $this->tdy = date('j');

    // if set to use TXT files, set the path and name of the files
    if($this->svoting != 'mysql') {
      $this->votitems = '../votingtxt/'.$this->votitems.'.txt';
      $this->votusers = '../votingtxt/'.$this->votusers.'.txt';
    }
  }

  // for connecting to mysql
  protected function setConn() {
    try {
      // Connect and create the PDO object
      self::$conn = new PDO("mysql:host=".DBHOST."; dbname=".DBNAME, DBUSER, DBPASS);

      // Sets to handle the errors in the ERRMODE_EXCEPTION mode
      self::$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

      self::$conn->exec('SET CHARACTER SET utf8');      // Sets encoding UTF-8

    }
    catch(PDOException $e) {
      $this->eror = 'Unable to connect to MySQL: '. $e->getMessage();
    }
  }

  // Performs SQL queries
  public function sqlExecute($sql) {
    if(self::$conn===false OR self::$conn===NULL) $this->setConn();      // sets the connection to mysql
    $re = true;           // the value to be returned

    // if there is a connection set ($conn property not false)
    if(self::$conn !== false) {
      // gets the first word in $sql, to determine whenb SELECT query
      $ar_mode = explode(' ', trim($sql), 2);
      $mode = strtolower($ar_mode[0]);

      // performs the query and get returned data
      try {
        if($sqlprep = self::$conn->prepare($sql)) {
          // execute query
          if($sqlprep->execute()) {
            // if $mode is 'select', gets the result_set to return
            if($mode == 'select') {
              $re = array();
              // if fetch() returns at least one row (not false), adds the rows in $re for return
              if(($row = $sqlprep->fetch(PDO::FETCH_ASSOC)) !== false){
                do {
                  // check each column if it has numeric value, to convert it from "string"
                  foreach($row AS $k=>$v) {
                    if(is_numeric($v)) $row[$k] = $v + 0;
                  }
                  $re[] = $row;
                }
                while($row = $sqlprep->fetch(PDO::FETCH_ASSOC));
              }
              $this->affected_rows = count($re);                   // number of returned rows
            }
          }
          else $this->eror = 'Cannot execute the sql query';
        }
        else {
          $eror = self::$conn->errorInfo();
          $this->eror = 'Error: '. $eror[2];
        }
      }
      catch(PDOException $e) {
        $this->eror = $e->getMessage();
      }
    }

    // sets to return false in case of error
    if($this->eror !== false) { echo $this->eror; $re = false; }
    return $re;
  }

  // returns JSON string with item:['vote', 'nvotes', renot] for each element in $items array 
  public function getVoting($items, $vote = '') {
    $votstdy = $this->votstdyCo($items);     // gets from Cookie array with items voted by the user today

    // if $vote not empty, perform to register the vote, $items contains one item to vote
    if(!empty($vote)) {
      // if $voter empty means user not loged
      if($this->voter === '') return "alert('Vote Not registered.\\nYou must be logged in to can vote')";
      else {
        // gets array with items voted today from mysql, or txt-files (according to $svoting), and merge unique to $votstdy
        if($this->svoting == 'mysql') {
          $votstdy = array_unique(array_merge($votstdy, $this->votstdyDb()));
        }
        else {
          $all_votstdy = $this->votstdyTxt();     // get 2 array: 'all'-rows voted today, 'day'-items by voter today
          $votstdy = array_unique(array_merge($votstdy, $all_votstdy[$this->tdy]));
        }

        // if already voted, add in cookie, returns JSON from which JS alert message and will reload the page
        // else, accesses the method to add the new vote, in mysql or TXT file
        if(in_array($items[0], $votstdy) || ($this->nrvot === 1 && count($votstdy) > 0)) {
          $votstdy[] = $items[0];
          setcookie("votings", implode(',', array_unique($votstdy)), strtotime('tomorrow'));
          return '{"'.$items[0].'":[0,0,3]}';
        }
        else if($this->svoting == 'mysql') $this->setVotDb($items, $vote, $votstdy);       // add the new vote in mysql
        else $this->setVotTxt($items, $vote, $all_votstdy);          // add the new vote, and voter in TXT files

       array_push($votstdy, $items[0]);        // adds curent item as voted
     }
    }

    // if $nrvot is 1, and $votstdy has item, set $setvoted=1 (user already voted today)
    // else, user can vote multiple items, after Select is checked if already voted the existend $item
    $setvoted = ($this->nrvot === 1 && count($votstdy) > 0) ? 1 : 0;

    // get array with items and their votings from mysql or TXT file
    $votitems = ($this->svoting == 'mysql') ? $this->getVotDb($items, $votstdy, $setvoted) : $this->getVotTxt($items, $votstdy, $setvoted);

    return json_encode($votitems);
  }

  // insert /update rating item in #votitems, delete rows in $votusers which are not from today, insert $voter in $votusers
  protected function setVotDb($items, $vote, $votstdy) {
    $this->sqlExecute("INSERT INTO `$this->votitems` (`item`, `vote`) VALUES ('".$items[0]."', $vote) ON DUPLICATE KEY UPDATE `vote`=`vote`+$vote, `nvotes`=`nvotes`+1");

    $this->sqlExecute("DELETE FROM `$this->votusers` WHERE `day`!=$this->tdy");

    $this->sqlExecute("INSERT INTO `$this->votusers` (`day`, `voter`, `item`) VALUES ($this->tdy, '$this->voter', '".$items[0]."')");

    // add curent voted item to the others today, and save them as string ',' in cookie (till the end of day)
    $votstdy[] = $items[0];
    setcookie("votings", implode(',', array_unique($votstdy)), strtotime('tomorrow'));
  }

  // select 'vote' and 'nvotes' of each element in $items, $votstdy stores items voted by the user today
  // returns array with item:['vote', 'nvotes', renot] for each element in $items array
  protected function getVotDb($items, $votstdy, $setvoted) {
    $re = array_fill_keys($items, array(0,0,$setvoted));    // makes each value of $items as key with an array(0,0,0)

    function addSlhs($elm){return "'".$elm."'";}      // function to be used in array_map(), adds "'" to each $elm
    $resql = $this->sqlExecute("SELECT * FROM `$this->votitems` WHERE `item` IN(".implode(',', array_map('addSlhs', $items)).")");
    if($this->affected_rows > 0) {
      for($i=0; $i<$this->affected_rows; $i++) {
        $voted = in_array($resql[$i]['item'], $votstdy) ? $setvoted + 1 : $setvoted;   // add 1 if the item was voted by the user today
        $re[$resql[$i]['item']] = array($resql[$i]['vote'], $resql[$i]['nvotes'], $voted);
      }
    }

    return $re;
  }

  // add /update rating item in TXT file, keep rows from today in $votusers, and add new row with $voter
  protected function setVotTxt($items, $vote, $all_votstdy) {
    // get the rows from file with items, if exists
    if(file_exists($this->votitems)) {
      $rows = file($this->votitems, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
      $nrrows = count($rows);

      // if exist rows registered, get array for each row, with - item^vote^nvotes
      // if row with item, update it and stop, else, add the row at the end
      if($nrrows > 0) {
        for($i=0; $i<$nrrows; $i++) {
          $row = explode('^', $rows[$i]);
          if($row[0] == $items[0]) {
            $rows[$i] = $items[0].'^'.($row[1] + $vote).'^'.($row[2] + 1);
            $rowup = 1; break;
          }
        }
      }
    }
    if(!isset($rowup)) $rows[] = $items[0].'^'.$vote.'^1';

    file_put_contents($this->votitems, implode(PHP_EOL, $rows));      // save the items in file

    // add row with curent item voted and the voter (today^voter^item), and save all the rows
    $all_votstdy['all'][] = $this->tdy.'^'.$this->voter.'^'.$items[0];
    file_put_contents($this->votusers, implode(PHP_EOL, $all_votstdy['all']));

    // add curent voted item to the others today, and save them as string ',' in cookie (till the end of day)
    $all_votstdy[$this->tdy][] = $items[0];
    setcookie("votings", implode(',', array_unique($all_votstdy[$this->tdy])), strtotime('tomorrow'));
  }

  // get from TXT 'vote' and 'nvotes' of each element in $items, $votstdy stores items voted by the user today
  // returns array with item:['vote', 'nvotes', renot] for each element in $items array
  protected function getVotTxt($items, $votstdy, $setvoted) {
    $re = array_fill_keys($items, array(0,0,$setvoted));    // makes each value of $items as key with an array(0,0,0)

    if(file_exists($this->votitems)) {
      $rows = file($this->votitems, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
      $nrrows = count($rows);

      // if exist rows registered, get array for each row, with - item^vote^nvotes
      // if row with item is in $items, add its data in $re
      if($nrrows > 0) {
        for($i=0; $i<$nrrows; $i++) {
          $row = explode('^', $rows[$i]);
          $voted = in_array($row[0], $votstdy) ? $setvoted + 1 : $setvoted;   // add 1 if the item was voted by the user today
          if(in_array($row[0], $items)) $re[$row[0]] = array($row[1], $row[2], $voted);
        }
      }
    }

    return $re;
  }

  // gets and returns from Cookie an array with items voted by the user ($voter) today
  protected function votstdyCo() {
    $votstdy = array();

    // if exists cookie 'votings', adds items voted today in $votstdy (array_filter() - removes null, empty elements)
    if(isset($_COOKIE['votings'])) {
      $votstdy = array_filter(explode(',', $_COOKIE['votings']));     // cookie stores string with: item1, item2, ...
    }

    return $votstdy;
  }

  // returns from mysql an array with items voted by the user today
  protected function votstdyDb() {
    $votstdy = array();
    $resql = $this->sqlExecute("SELECT `item` FROM `$this->votusers` WHERE `day`=$this->tdy AND `voter`='$this->voter'");
    if($this->affected_rows > 0) {
      for($i=0; $i<$this->affected_rows; $i++) {
        $votstdy[] = $resql[$i]['item'];
      }
    }

    return $votstdy;
  }

  // returns from TXT file an array with 2 arrays: all rows voted today, and items voted by the user today
  protected function votstdyTxt() {
    $re['all'] = array();  $re[$this->tdy] = array();
    if(file_exists($this->votusers)) {
      $rows = file($this->votusers, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
      $nrrows = count($rows);

      // if exist rows registered, get array for each row, with - day^voter^item , compare 'day', and 'voter'
      if($nrrows > 0) {
        for($i=0; $i<$nrrows; $i++) {
          $row = explode('^', $rows[$i]);
          if($row[0] == $this->tdy) {
            $re['all'][] = $rows[$i];
            if($row[1] == $this->voter) $re[$this->tdy][] = $row[2];
          }
        }
      }
    }

    return $re;
  }
}

3 个答案:

答案 0 :(得分:0)

创建一个您要禁止的IP地址的SQL数据库,或者如果列表足够短,我们就是一个数组。

检查IP地址是否在数据库或阵列中。如果它不允许他们投票。但是,如果让他们认为他们投票将其放入数据库并将其作为投票,但将投票标记为不计数,这样他们就不会试图绕过你的区块。

答案 1 :(得分:0)

此功能似乎正在删除不属于“今天”的投票:

// insert /update rating item in #votitems, delete rows in $votusers which are not from today, insert $voter in $votusers
  protected function setVotDb($items, $vote, $votstdy) {
        $this->sqlExecute("INSERT INTO `$this->votitems` (`item`, `vote`) VALUES ('".$items[0]."', $vote) ON DUPLICATE KEY UPDATE `vote`=`vote`+$vote, `nvotes`=`nvotes`+1");

        //$this->sqlExecute("DELETE FROM `$this->votusers` WHERE `day`!=$this->tdy");

        $this->sqlExecute("INSERT INTO `$this->votusers` (`day`, `voter`, `item`) VALUES ($this->tdy, '$this->voter', '".$items[0]."')");

        // add curent voted item to the others today, and save them as string ',' in cookie (till the end of day)
        $votstdy[] = $items[0];
        setcookie("votings", implode(',', array_unique($votstdy)), strtotime('tomorrow'));
  }

我已经注释掉了删除查询。您应该在投入生产之前对其进行测试。

答案 2 :(得分:0)

您的数据库结构似乎有点混乱,您有一个表来计算每个项目的投票数,还有一个表来计算每个用户的投票数。

您应该检查数据库结构,将这两个表合并到一个表中,并使用:item,user,vote fields。

因此,只要您愿意,您就可以为每个项目的每个投票保留一个记录,并最终使count()或sum()请求获得每个项目的总票数