CodeIgniter – Ban IP and store it into Database and check database

StackOverflow https://stackoverflow.com/questions/22572200

Pergunta

I’m developing a website using CodeIgniter; I’m making a voting website. The problem is that some of the entries actually let me vote again and again. They keep banning the IP in the database.

My Test Controller:

class Vote extends CI_Controller {

function __construct()
{
    parent::__construct();
}

public function index()
{

}

public function vote_now()
{
    if ($this->uri->segment(2)){

        $q = $this->db->query('SELECT * FROM banned_ip WHERE entry='.$this->uri->segment(2).' LIMIT 1');
        $row = $q->row_array();

        $qe = $this->db->query('SELECT * FROM entries WHERE ID='.$this->uri->segment(2).' LIMIT 1');
        $r = $qe->row_array();

        if($row['IP'] == $this->input->ip_address()){

            echo 'Already Voted.';

        }

        else {

            $insert_data_votes = array(
            'votes' => $r['votes']+1,
            );
            $this->db->where('ID', $this->uri->segment(2))->update('entries', $insert_data_votes);

            $insert_data = array(
            'IP' => $this->input->ip_address(),
            'entry' => $this->uri->segment(2),
            );
            $this->db->insert('banned_ip', $insert_data);

            redirect('foto/'.$this->uri->segment(2).'', 'refresh');

        }

    }
}}

Anyone has any idea what’s the problem?

Thanks.

Foi útil?

Solução

Try like this in case id is not INT, and its better to pass as function param rather then $this->uri->segment(2)

public function vote_now($id = '') {
    $id = (int) $id;
    if ($id > 0) {
        $q = $this->db->select('IP')
                ->from('banned_ip')
                ->where('entry', $id)
                ->where('IP', $this->input->ip_address())
                ->get();

        if ($q->num_rows() > 0) {
            echo 'Already Voted.';
        } else {

            $qe = $this->db->query("SELECT * FROM entries WHERE ID='$id' LIMIT 1");
            $r = $qe->row_array();

            $insert_data_votes = array(
                'votes' => $r['votes'] + 1,
            );
            $this->db->where('ID', $id)->update('entries', $insert_data_votes);

            $insert_data = array(
                'IP' => $this->input->ip_address(),
                'entry' => $id,
            );
            $this->db->insert('banned_ip', $insert_data);

            redirect('foto/' . $id, 'refresh');
        }
    }
}
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top