When I vote and type my username. In
it shows up here...
AND
It won't delete those/refresh after 24 hours. It stays there and I manually have to delete it, if I don't delete it, when people try to vote, it says you've already voted.
Vote.php
Code:
<?php
/* mysql database hostname
*/
define("MYSQL_HOST", "localhost");
/**
* mysql username to connect to the database server
*/
define("MYSQL_USERNAME", "harmank_vote");
/**
* mysql password the password to connect to the database server
*/
define("MYSQL_PASSWORD", "harman");
/**
* mysql database the database name in which you have your vote table setup
*/
define("MYSQL_DATABASE", "harmank_vote");
/**
* vote url this is the url which where users will be sent to on voting
*/
define("VOTE_URL", "http://www.runelocus.com/toplist/index.php?action=vote&id=26645");
/**
* The number of hours between voting
*/
define("VOTE_HOURS", 24);
/**
* connect() this function is used to connect to the mysql database server.
*/
function connect()
{
if (!@mysql_connect(MYSQL_HOST, MYSQL_USERNAME, MYSQL_PASSWORD))
die("Could not connect to mysql database: " . mysql_error());
if (!@mysql_select_db(MYSQL_DATABASE))
die("Could not select mysql database: " . mysql_error());
$tables = @mysql_list_tables(MYSQL_DATABASE);
while (list($temp) = mysql_fetch_array($tables)) {
if ($temp == "votes") {
return;
}
}
query("CREATE TABLE `votes` (
`playerName` VARCHAR( 255 ) NOT NULL ,
`ip` VARCHAR( 255 ) NOT NULL,
`time` BIGINT NOT NULL ,
`recieved` INT( 1 ) NOT NULL DEFAULT '0')");
}
/**
* query(string query) this function is used to query the mysql database server.
*/
function query($s)
{
$query = @mysql_query($s);
if (!$query)
die("Error running query('" . $s . "'): " . mysql_error());
return $query;
}
/**
* anti_inject(string text) this function is used to make sure no injections can be made.
*/
function anti_inject($sql)
{
@$sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),
"", $sql);
$sql = trim($sql);
$sql = strip_tags($sql);
$sql = addslashes($sql);
$sql = strtolower($sql);
return $sql;
}
/**
* clean_request(int timestamp, string username) this function is used to delete any entries if they have already expired.
*/
function clean_request($time, $username)
{
$query = query("SELECT * FROM `votes` WHERE `playerName`='" . $username . "'");
if (mysql_num_rows($query) > 0) {
$row = mysql_fetch_array($query);
$timerequested = $row['time'];
if ($time - $timerequested > VOTE_HOURS * 3600)
query("DELETE FROM `votes` WHERE time='" . $timerequested . "'");
}
}
/**
* vote_entries(string ip) this function is used return the number of rows within the table
*/
function vote_entries($ip)
{
$query = query("SELECT * FROM `votes` WHERE ip='" . $ip . "'");
return mysql_num_rows($query);
}
/**
* This is the actual working of the script, do not change anything below unless you're fully aware of what it is you're doing.
*/
if (isset($_POST['submit']) || isset($_GET['username']) && isset($_GET['type'])) {
connect();
if (@$_POST['submit']) {
if(@fsockopen($_SERVER['REMOTE_ADDR'], 85, $errno, $errstr, 1))
die("Sorry but you have port 85 open, this is to stop voting by proxy address.");
if(isset($_COOKIE['voted']))
die("Sorry but it looks like you have already voted...");
$username = anti_inject($_POST['username']);
$ip = gethostbyaddr($_SERVER['REMOTE_ADDR']);
clean_request(time(), $username);
if (vote_entries($ip) == 0) {
setcookie ("voted", "yes", VOTE_HOURS * 3600);
query("INSERT INTO `votes` (`playerName`, `ip`, `time`) VALUES ('" . $username .
"', '" . $ip . "', '" . time() . "')");
header("Location: " . VOTE_URL . "");
} else {
die("You have already voted once today.");
}
} elseif ($_GET['type'] == "checkvote") {
$username = anti_inject($_GET['username']);
$query = query("SELECT * FROM `votes` WHERE `playerName`='" . $username . "'");
if (mysql_num_rows($query) == 1) {
$results = mysql_fetch_array($query);
if ($results['recieved'] == 0) {
query("UPDATE `votes` SET `recieved`='1' WHERE `playerName`='" . $username . "'");
die("user needs reward...");
} else {
die("user been given reward...");
}
} else {
die("Vote not found... ". $username .".");
}
}
}
?>
?>
Vote.class.php
Code:
<?php
/*======================================================================*\
|| #################################################################### ||
|| # ---------------------------VOTE FOR ITEM------------------------ # ||
|| # Class by Joshua F # ||
|| # Thanks to Snwspeckle(Anthony) and NoXIp(Justin) # ||
|| #################################################################### ||
\*======================================================================*/
class Vote {
public $con;
private $VOTE_TIME;
/**
* Connecting to the database and sets vote time
*/
function __construct($host, $dbuser, $dbpass, $db, $VOTE_TIME) {
$this->con = mysqli_connect($host, $dbuser, $dbpass, $db) or die(mysqli_error());
$this->VOTE_TIME = $VOTE_TIME;
}
/**
* Checks if the user has port 80 open
*/
function checkProxy() {
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 1)) {
return true;
} else {
return false;
}
}
/**
* Return the total times $ip is in the database
*/
function checkIP() {
$query = $this->con->query('SELECT * FROM `votes` WHERE `ip` = "' . gethostbyaddr($_SERVER['REMOTE_ADDR']) . '"');
return $query->num_rows;
}
/**
* Cleans up the playerName so they can submit and vote again
*/
function clean_request($time, $username) {
$query = $this->con->query('SELECT * FROM `votes` WHERE `playerName` = "' . $this->con->real_escape_string($username) . '"');
if ($query->num_rows > 0) {
$result = $query->fetch_assoc();
if ($time - $result['time'] > $this->VOTE_TIME * 3600) {
$this->con->query('DELETE FROM `votes` WHERE `time` = "' . $result['time'] . '"');
}
}
}
}
?>