如何防止自己的职位投票?
[英]How to prevent of giving vote to his own post?
问题描述
I have a table named Votes like this: 
我有一个名为Votes的表格,如下所示:
// Votes
+----+---------+------------+---------+-------+------------+
| id | post_id | table_code | user_id | value | timestamp |
+----+---------+------------+---------+-------+------------+
| 1 | 1424 | 2 | 433 | 1 | 1445898101 |
| 2 | 53431 | 4 | 54 | -1 | 1443891149 |
. . . . .
. . . . .
+----+---------+---------+-------+------------+
Now I want to know, how should I check Votes table that the new vote is belong to his-own-post or that post is from other guy? 现在我想知道,我应该如何检查“ Votes表新的投票属于他自己的帖子,还是该帖子来自其他人? Should I check $_SESSION['user_id'] with what? 我应该用什么检查$_SESSION['user_id']吗?
3 个解决方案
解决方案1
2 已采纳 2015-12-19 16:15:04
You should check for this when they're trying to vote, and not allow the vote. 当他们尝试投票时,您应该检查一下此内容,并且不允许投票。 Do a query like: 进行如下查询:
SELECT author_id
FROM Posts
WHERE id = $_POST[post_id]
Then check if the author is the same as the current user: 然后检查作者是否与当前用户相同:
if ($row['author_id'] == $_SESSION['user_id']) {
echo "You can't vote on your own posts!";
} else {
// insert into Votes table
}
If you want to do the check in INSERT query, you can do it like this: 如果要在INSERT查询中进行检查,可以这样进行:
INSERT INTO Votes (post_id, user_id, value, timestamp)
SELECT $post_id, $user_id, $value, $timestamp
FROM DUAL
WHERE $user_id != (SELECT author_id FROM Posts WHERE id = $post_id)
Then to report the error, you can get the number of rows affected by the query; 然后要报告错误,您可以获取查询影响的行数; if this is 0 , it means they tried to vote on their own post. 如果为0 ,则表示他们尝试对自己的帖子进行投票。
if (mysqli_affected_rows($conn) == 0) {
echo "You can't vote on your own posts!";
} else {
echo "Thank you, your vote has been recorded.";
}
解决方案2
1 2015-12-18 20:38:28
You could do the check within your MySQL query. 您可以在MySQL查询中进行检查。 Don't forget to protect against MySQL injection. 不要忘记防止MySQL注入。 Not 100% sure about the syntax, but this should give you a good idea. 不能100%确定语法,但这应该给您一个好主意。
$answer = $MySQL->query("UPDATE Votes SET ['value'] = (['value']+1) WHERE post_id = ".$post_id." AND user_id != ".$SESSION['user_id']);
if($answer) return "Upvoted";
else return "Can't upvote yourself !";
EDIT : 编辑:
You should actually do a check in your Posts table first 您实际上应该先在Posts表中进行检查
$userWhoPosted= $MySQL->query("SELECT user_id FROM Post WHERE post_id = ".$post_id);
if($userWhoPosted != $_SESSION['user_id']){
$answer = $MySQL->query("INSERT INTO Votes (post_id,user_id,value,timestamp) VALUES (".$post_id.",".$user_id.",".$value.",".$timeStamp.") ")
}
else return "Can't upvotes yourself";
EDIT 2 : 编辑2:
$answer = $MySQL->query("INSERT INTO Votes (post_id,user_id,value,timestamp) VALUES (".$post_id.",".$user_id.",".$value.",".$timeStamp.") WHERE user_id != (SELECT user_id FROM Post WHERE post_id = ".$post_id.") ")
解决方案3
0 2015-12-18 20:42:13
You didn't give us enough information, but there is a classical solution in MySQL 您没有给我们足够的信息,但是MySQL中有一个经典的解决方案
CREATE TABLE Votes
(
// your fields here
CONSTRAINT uc_post_user_vote UNIQUE (post_id,user_id,value)
)
It means that one user won't be able give vote up or down twice for the same post. 这意味着一个用户将无法针对同一帖子两次投票。 Think abobut this, I hope it'll help you. 仔细考虑一下,希望对您有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.