Stopping multiple votes

Question

I have a voting system which allows for users to upvote and downvote on items. I am looking to improve the system because users can vote multiple times. Below you can see my code.

<h4> Votes </h4>

<table>
<tr>
<th>Up-Votes</th>
<th>Down-Votes</th>
<tr/>
<tr>
<?php 
 mysql_connect("localhost", "root", "PASS") or die(mysql_error()); 
 mysql_select_db("DBNAME") or die(mysql_error()); 

 if ( isset( $_POST['Upvote'] ) )
 {

 mysql_query ("UPDATE reports SET up = up + 1 WHERE reportID = $id"); 

 } else if (isset( $_POST['Downvote'] ))
{
 mysql_query ("UPDATE reports SET down = down + 1 WHERE reportID = $id"); 
}

$data = mysql_query("SELECT * FROM reports WHERE reportID = $id") or die(mysql_error()); 

while($ratings = mysql_fetch_array( $data )) 
{ 

Echo "<td>" .$ratings['up']."</td>"; 
Echo "<td>" .$ratings['down']."</td>"; 

} 

?>
</tr>
</table>
<br/>
<form method='POST'>
<input type='submit' value='up' name='Upvote' class="myButton">
<input type='submit' value='down' name='Downvote' class="myButton">
</form>

Does anybody have any suggestions which could prevent duplicate votes?

There are potentially thousands of items on my system, I am unsure as to how I can make a user be exempt from voting on particular reports

Cheers

Are you storing any session? Is the user logged? How would you like to achieve this? — Fabio, Mar 22 '14 at 20:02
It's impossible if it's a public vote without regsitration... but you can implement things to make it harder like set a cookie and/or save voters IP. — Bernhard, Mar 22 '14 at 20:03
So just store user vote and check against already voted, you can manage that with a new tabke or maybe with a new filed `userid` in vote table — Fabio, Mar 22 '14 at 20:04

score 1 · Accepted Answer · edited Apr 03 '15 at 08:21

1

Make a database of votes:

CREATE TABLE Votes (
    Value int,
    User int
);

Value is 1 for upvotes, -1 for downvotes, User is the user ID. Just override an existing column when a vote is already placed:

if (mysqli_fetch_array(mysqli_query($con, "SELECT FROM `Votes` WHERE `User` = ".$theuserid)) {
    mysqli_query("UPDATE `Votes` SET `Value` = ".$mynewvalue." WHERE `User` = ".$theuserid);
} else {
    mysqli_query("INSERT INTO `Votes`(`User`,`Value`) VALUES (".$theuserid.",".$mynewvalue.")");
}

To get the sum of the votes, use:

SELECT sum(Value) FROM Votes

edited Apr 03 '15 at 08:21

marc_s

732,580
175
1,330
1,459

answered Mar 22 '14 at 20:08

bjb568

11,089
11
50
71

I have a table which stored the votes, this works fine and votes are recorded – user2320010 Mar 22 '14 at 20:09
Edited with more info. – bjb568 Mar 22 '14 at 20:15

score 0 · Answer 2 · answered Mar 22 '14 at 20:14

0

And then right this in your php

$voted = $this->getUserVoted(escape($_POST['user']));
    if($voted) { $this->addError($language_votes['you_already_rated']); return; }

answered Mar 22 '14 at 20:14

user3403416

1
2

Stopping multiple votes

2 Answers2