I have a great Rating system that does not require cookies and stores time and IP in a MySQL database to keep users from rigging the votes. Now my problem is I need to add My IP to vote as many times as i want. Just my IP. I know it is unethical but a job is a job and that's what they want. Atleast i am not killing anyone!!!
were and how do i add the code to allow my IP not to be subject to the constraints i set for everyone else?
here is the beast of the code
Code: Select all
include_once("config.php");
@mysql_connect($rate_host,$rate_username,$rate_password);
$rhdb=@mysql_select_db($rate_database) or die("Cannot connect to database");
$ratecounter=0;
if ($_POST['action'] == "doit") {
// $hotscript_pop=0;
if ($_POST['rate']>0 && !empty($_POST['rateit_id'])) {
//if we add $rateit_id to cookiename we have an unique id
//and more ratings on 1 page can be done
if (!$_COOKIE[$rate_cookiename.$_POST['rateit_id']]) {
$time_cookie = 0;
} else {
$time_cookie = $_COOKIE[$rate_cookiename.$_POST['rateit_id']];
}
if ($time_cookie == 0) {
//maybe cookies blocked so we will check the ip, clean table first
$result = mysql_query("DELETE FROM ".$rate_table."_ip WHERE datum<NOW() ");
$result = mysql_query("SELECT UNIX_TIMESTAMP(max(datum)) from ".$rate_table."_ip WHERE article='$_POST[rateit_id]' AND ip='$_SERVER[REMOTE_ADDR]' ");
if (mysql_num_rows($result) >= 1) {
$dat=mysql_fetch_array($result);
$time_cookie=$dat[0];
// now time from ip known, no cheating!
}
}
if (mysql_num_rows(mysql_query("SELECT * from ".$rate_table." WHERE id='$_POST[rateit_id]' "))== 0 ) {
// ---------------- automate admin page insertion -----------------------
$query="INSERT INTO ".$rate_table." (article,rate,count,class,datum) VALUES ('$_POST[rateit_id]',0,0,'$class',NOW() ) ";
mysql_query($query) or die("Error, cannot add new ratings item" .mysql_error());
}
if (time() >= $time_cookie) {
$ip = $_SERVER["REMOTE_ADDR"];
$query = "SELECT count(*) AS num FROM ".$rate_table."_ip WHERE datum>NOW() AND ip='$ip' AND article='$_POST[rateit_id]' ";
$rs = mysql_query($query) or die("LINE 40: article not found? ".mysql_error());
$as = mysql_fetch_array($rs);
if ($as[num]==0 ) {
// update rate
$query = "SELECT * FROM ".$rate_table." WHERE article='".$_POST[rateit_id]."'";
$rs = mysql_query($query);
$as = mysql_fetch_array($rs);
$as[rate] = $as[rate]+$_POST[rate];
$as[count] ++;
$query="UPDATE ".$rate_table." SET rate='$as[rate]',datum=NOW(),count='$as[count]' WHERE article='$_POST[rateit_id]'";
$ss=mysql_query($query) or die("LINE 50:".mysql_error());
$valid=time()+$days*86400;
// update ip table
$query="INSERT INTO ".$rate_table."_ip VALUES('$ip',date_add(NOW(),INTERVAL ".$days." DAY),'$_POST[rateit_id]')";
mysql_query($query) or die("LINE 55: Cannot update ip table.".mysql_error());
//$x=setcookie($rate_cookiename.$_POST['rateit_id'],$valid,$valid,'/',$rate_sitecookie);
//}
/*if ($_POST[hotscript_id]!='' && $_POST[hotscript_id]!='0') {
$hotscript_pop=1;
} */
} else { $ratedone=$_POST[postedcounter];}
} else{ $ratedone = $_POST[postedcounter];}
}
}
function ShowForm($id,$num,$me="Select Rate",$it="Rate!",$class="")
{
global $ratedone,$rate,$ratecounter;
$ratecounter++;
// the function also has to be numbered!
if ($ratedone != $ratecounter) {
echo '
<script type="text/javascript">
function submitit'.$ratecounter.'() {
if (document.rateform'.$ratecounter.'.rate.value=="x"){
alert ("You did not select a rating for this deal");
} else {
document.rateform'.$ratecounter.'.submit();
}
}
</script>';
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="rateform'.$ratecounter.'" style="display:inline">';
echo '<select name="rate" class="Sel">';
echo '<option value="x" selected>'.$me.'</option>';
for ($c=$num; $c >= 1 ; $c--) {
echo '<option value="'.$c.'">'.$rate[$c].'</option>';
}
echo '</select> ';
echo '<input type="hidden" name="rateit_id" value="'.$id.'">'; // id to link
echo '<input type="hidden" name="postedcounter" value="'.$ratecounter.'"> ';
echo '<input type="hidden" name="action" value="doit"> ';
echo ' <input type="button" value="'.$it.'" style="font-size:9px" onclick="javascript:submitit'.$ratecounter.'()">';
echo '</form>';
} else echo '<b>Your vote has already been counted.</b> ';
}Some one help i have been struggling on this for 2 days!
thanks
vin