CodeIgniter – Ban IP and store it into Database and check database

StackOverflow https://stackoverflow.com/questions/22572200

Question

I’m developing a website using CodeIgniter; I’m making a voting website. The problem is that some of the entries actually let me vote again and again. They keep banning the IP in the database.

My Test Controller:

class Vote extends CI_Controller {

function __construct()
{
    parent::__construct();
}

public function index()
{

}

public function vote_now()
{
    if ($this->uri->segment(2)){

        $q = $this->db->query('SELECT * FROM banned_ip WHERE entry='.$this->uri->segment(2).' LIMIT 1');
        $row = $q->row_array();

        $qe = $this->db->query('SELECT * FROM entries WHERE ID='.$this->uri->segment(2).' LIMIT 1');
        $r = $qe->row_array();

        if($row['IP'] == $this->input->ip_address()){

            echo 'Already Voted.';

        }

        else {

            $insert_data_votes = array(
            'votes' => $r['votes']+1,
            );
            $this->db->where('ID', $this->uri->segment(2))->update('entries', $insert_data_votes);

            $insert_data = array(
            'IP' => $this->input->ip_address(),
            'entry' => $this->uri->segment(2),
            );
            $this->db->insert('banned_ip', $insert_data);

            redirect('foto/'.$this->uri->segment(2).'', 'refresh');

        }

    }
}}

Anyone has any idea what’s the problem?

Thanks.

Was it helpful?

Solution

Try like this in case id is not INT, and its better to pass as function param rather then $this->uri->segment(2)

public function vote_now($id = '') {
    $id = (int) $id;
    if ($id > 0) {
        $q = $this->db->select('IP')
                ->from('banned_ip')
                ->where('entry', $id)
                ->where('IP', $this->input->ip_address())
                ->get();

        if ($q->num_rows() > 0) {
            echo 'Already Voted.';
        } else {

            $qe = $this->db->query("SELECT * FROM entries WHERE ID='$id' LIMIT 1");
            $r = $qe->row_array();

            $insert_data_votes = array(
                'votes' => $r['votes'] + 1,
            );
            $this->db->where('ID', $id)->update('entries', $insert_data_votes);

            $insert_data = array(
                'IP' => $this->input->ip_address(),
                'entry' => $id,
            );
            $this->db->insert('banned_ip', $insert_data);

            redirect('foto/' . $id, 'refresh');
        }
    }
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top