Hello , I am seeking help to change a file that allow's member's to Rate cars they submit.
The way the file is setup (rate.php) is so that if it's the same user ( the user cannot rate his own car ) the same IP or too soon .. If the rate was posted less then 24 hour's ago if wont take the rate.
Well , What i need to do is transform this into a rate.php file where every user can rate a car once every 24 hour's .. forget the IP limit's. So if you signed up as "Mike" , and i was "jake" .. you could rate my car 1 time every 24 hour's ..
For some reason it's not working , and ive looked thru the code and spent about 3 hours trying different methods but nothing im doing is working.. Can anyone help me learn what i can do? Im new to php so take it easy on me , but am trying to learn as best as i can.
Any help would be great. Thanks and Regards.
<?php
include("./admin/config.php");
include("$include_path/common.php");
global $HTTP_POST_VARS,$HTTP_GET_VARS,$HTTP_SESSION_VARS;
global $_SESSION;
if ($HTTP_POST_VARS!="")
$_POST=$HTTP_POST_VARS;
if ($HTTP_GET_VARS!="")
$_GET=$HTTP_GET_VARS;
if ($HTTP_SESSION_VARS!="")
$_SESSION=$HTTP_SESSION_VARS;
check_user_login();
$img_num = $_POST['img_num'];
if(!$img_num)
$img_num=1;
mt_srand(make_seed());
$user_id = 0;
if(isset($_POST['submit_rating']) && isset($_POST['user_id']) &&
($_POST['submit_rating'] >= 0 && $_POST['submit_rating'] <= 10)){
$user_id = (int) $_POST['user_id'];
if(isset($_SESSION['ra'])){
$_SESSION['ra'] .= $user_id . ",";
} else {
$_SESSION['ra'] = $user_id . ",";
}
$rating = (int) $_POST['submit_rating'];
$rater_id = isset($_POST['rater_id']) ? $_POST['rater_id'] : 0;
if($rater_id) {
$rater_sql = " and rater_id ='$rater_id' ";
}
else {
$rater_sql = "";
}
$check_ip_sql = "
select
*
from
$tb_ratings
where
user_id = '$user_id'
$rater_sql
and image_number ='$img_num'
order by
timestamp desc
limit
0, 1
";
//echo " sql <BR> $check_ip_sql ";
$check_ip_query = mysql_query($check_ip_sql) or die(mysql_error());
if(mysql_num_rows($check_ip_query)) {
$last_rater_ip = @mysql_result($check_ip_query, "0", "rater_ip");
$last_rater_id = @mysql_result($check_ip_query, "0", "rater_id");
$last_rated = @mysql_result($check_ip_query, "0", "timestamp");
}
else {
$last_rater_ip ="";
$last_rater_id ="";
$last_rated ="";
}
$yesterday = date("YmdHis",
mktime(date("H"), date("i"), date("s"), date("m"), date("d")-1, date("Y")));
$same_ip = false;
$too_soon = false;
$same_user = false;
if($last_rater_ip == $HTTP_SERVER_VARS['REMOTE_ADDR']) $same_ip = true;
if($last_rated > $yesterday) $too_soon = true;
if($user_id == $rater_id) $same_user = true;
//echo" <br> U $user_id R $rater_id ";
//echo "<BR> same user $same_user IP $same_ip SOON $too_soon ";
session_register("previous_rated_image");
$_SESSION['previous_rated_image'] ="$user_id&&$img_num";
if(!$same_user && (!$same_ip || !$too_soon)){
//echo " TEST <BR> $check_ip_sql "; exit;
$rating_accepted = true;
$is_sql = "
insert into $tb_ratings (
id,
user_id,
rating,
rater_id,
rater_ip,
image_number
) values (
'',
'$user_id',
'$rating',
'$rater_id',
'$_SERVER[REMOTE_ADDR]',
'$img_num'
)
";
$is_query = mysql_query($is_sql) or die(mysql_error());
$gs_sql = "
select
total_ratings,
total_points,
average_rating
from
$tb_users
where
id = '$user_id'
";
$gs_query = mysql_query($gs_sql) or die(mysql_error());
$total_ratings = mysql_result($gs_query, 0, "total_ratings");
$total_points = mysql_result($gs_query, 0, "total_points");
$total_ratings++;
$total_points += $rating;
$average_rating = $total_points / $total_ratings;
$ps_sql = "
update
$tb_users
set
total_ratings = '$total_ratings',
total_points = '$total_points',
average_rating = '$average_rating'
where
id = '$user_id'
";
$ps_query = mysql_query($ps_sql) or die(mysql_error());
}
}
