Allow Only 1 Vote Per Member Allow Only 1 Vote Per Member
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Allow Only 1 Vote Per Member

Started by pftq, November 21, 2007, 02:25:26 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

pftq

Is there a way to base Voting on the member account rather than IP? If not, what files should I look at to make the adjustment myself?

Joachim Müller

This is how voting currently works: logged in users can vote only once per pic, even if their IP address changes, as the fact that the user has voted on a particular pic is being recorded in the database. If you allow anonymous comments, voting is cookie-based. Voting permission never is based on IP address in Coppermine. The IP address is only being recorded for logging purposes.
Subsequently, I can't recommend anything, as you request something that already exists. Post more details of what you're trying to accomplish.

pftq

That is very strange. ??? I justed tested this and by switching computers and relogging in - it allowed me to vote again.  I checked the logs and it shows both my votes (each from different IPs).

I have guests disabled so it cannot be the anonymous voting can it?

Joachim Müller

Hm, that's strange indeed. Needs looking into. Let me check on this later. Please bump this thread if I should forget about it in two or three days.

pftq

Any luck? What files are the code in? Perhaps I can make a few cheap edits real quick because a few people are abusing this. ???

Nibbler

ratepic.php. Look at the code under

// Check if user already rated this picture

Make sure that is working as expected. Perhaps you have manually modifed the 'keep_votes_time' setting.

pftq

#6
Nope I've never opened that file.  :-\

Here's the code currently in my file:
// Check if user already rated this picture
$user_md5_id = USER_ID ? md5(USER_ID) : $USER['ID'];
$sql = "SELECT * " . "FROM {$CONFIG['TABLE_VOTES']} " . "WHERE pic_id = '$pic' AND user_md5_id = '$user_md5_id'";
$result = cpg_db_query($sql);
if (mysql_num_rows($result)) cpg_die(ERROR, $lang_rate_pic_php['already_rated'], __FILE__, __LINE__);
//Test for Self-Rating
$user=USER_ID;
$owner=$row['owner_id'];


However, I just checked and the keep_votes_time in my table says 30... maybe that's why.  (The videos are over a month old) Is there a way to just disable this and keep all votes? (without editing the ratepics.php)

Edit: Nope.. set it to 999 and still able to rate files a second time.

K I edited the ratepics file so it writes some of the results to a file.  Here's what I got:
DELETE FROM cpg_votes WHERE vote_time < 1109613441 ~ Vote time
SELECT * FROM cpg_votes WHERE pic_id = '294' AND user_md5_id = 'c4ca4238a0b923820dcc509a6f75849b' ~ 0 Results

So apparently it's not retrieving the rows correctly... (yes I checked the previous votes, my vote from over a month ago is still in there, but with a different IP.)

Edit2: Bleh, nevermind. :P I didn't see that the votes cleanup affected all pictures.  It must be that the pictures I'm testing (since they're over a month old) already have the votes wiped clean.  Again, is there an option to disable this?