I've been creating a voting system and I've noticed that the users are still able to vote again after logout.
What I'm trying to do is to add a variable to vote, now button, and set its maximum value to 1 to prevent the user from voting again.
Is there any suggestion or way to achieve this so users will not be able to vote again like?
$errors = array();
$db = mysqli_connect("localhost", "root", "", "registration");
if (isset($_POST['votenow'])) {
$user_check_query = "SELECT * FROM users WHERE votenow = '$votenow'";
$votenow = "update users set votenow = votenow + 1";
$run_vote = mysqli_query($db, $votenow);
if ($votenow > 1 ) {
echo "No more votes can be added.";
}
if ($run_vote) {
header( "Location: renewsys3.php" );
}
}
I've been also trying this but the users can still vote again. The votes were working that limits to 1 vote but the users are still being redirect to next page instead of returning. renewsys2re is the current page and renewsys3 is the next page.
<?php
$errors = array();
$db = mysqli_connect("localhost","root","","registration");
if(isset($_POST['votenow']))
{
$votenow = "update users set votenow = votenow + 1 where votenow < 1
LIMIT 1";
$run_vote = mysqli_query($db,$votenow);
if ($votenow == 2 ){
echo '<script type="text/javascript">alert("Once!");</script>';
header ("Refresh:0; url=renewsys2re.php");
}
else{
echo '<script type="text/javascript">alert("Welcome!");</script>';
header ("Refresh:0; url=renewsys3.php");
}
}
?>
You have to maintain $_SESSION variable after user login and logout.You have to store and compare user_id
and modified your query of checking votes to $user_check_query = "SELECT * FROM users WHERE user_id=:user_id and votenow=:votenow";
Use bindparams to add security from sql injection.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.