Indsend nyhed
Har du fundet en fed nyhed så indsend den så alle andre på Tweak.dk kan få glæde af den.
Indsend nyhed
Kære gæst, velkommen til Tweak.dk.
Hvis dette er dit første besøg her, bør du læse Hjælp . Her forklares i detaljer hvordan denne side fungerer.
For at benytte alle funktionerne på denne side, bør du overveje at lade dig registrere.
Benyt venligst registreringsformularen for at registrere her eller læs yderligere information om registreringsprocessen.
Hvis du allerede er registreret, så log på her .
find min fejl i PHP koden eller JS.
Hejsa
Jeg sidder og leger lidt med et script fra scripteen.com til lidt image voting.
men den kom med en fejl hvor den ikke blocker for at man kan vote flere gange fra samme IP,
selv om det burde være lavet sådan.
Jeg har forsøgt at finde fejlen i koden, men kan ikke helt se mig klog på hvor den skulle være,
så tænkte et par friske Tweak øjne sikkert kunne spotte noget
jeg vil tro det er i en af de nedenstående koder, som er dels index.php og script.js
smider også et mindre screenshot af SQL databasen.
index.php
PHP kildekode
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?php
require_once( "3rdparty/ajax/cpaint2.inc.php" );
class mod_ajax extends Module
{
var $cp ;
var $imgprocess ;
function mod_ajax ()
{
$this -> ModuleName = 'ajax' ;
$this -> Public = 1 ;
$this -> defaultAccess = "Public" ;
$this -> PrivateActions = Array();
$this -> PublicActions = Array( 'ajax_init' );
parent :: Module ();
}
function main ()
{
$this -> imgprocess = $this -> loadobject ( 'imgprocess' );
$action = Requestall ( 'action' );
switch ( $action )
{
case 'ajax_init' :
$this -> init_ajax ();
break;
}
}
function init_ajax ()
{
$this -> cp = new cpaint ();
$this -> cp -> register (array(& $this , 'getthumb' ));
$this -> cp -> register (array(& $this , 'getimg' ));
$this -> cp -> register (array(& $this , 'get5img' ));
$this -> cp -> register (array(& $this , 'rate' ));
$this -> cp -> start ();
$this -> cp -> return_data ();
}
function getthumb ( $img )
{
$files = $this -> imgprocess -> get_files ( RS_SYSTEM_PATH . 'uploads' );
$found = false ;
$up_dir = RS_SYSTEM_PATH . 'uploads' ;
foreach( $files as $file ) {
if ( md5 ( $file ) == $img ) {
$found = true ;
$rname = substr ( $file , strlen ( $up_dir )+ 1 );
$thumbpath = $this -> imgprocess -> generate_thumb ( $up_dir . '/' . $rname , "import" , THUMB_SMALL , THUMB_TEMP );
$x = 'img src="' . $thumbpath . '"' ;
$this -> cp -> set_data ( $x );
break;
};
};
}
function getimg ( $imgid = 0 )
{
if( $imgid > 0 )
$sql = sprintf ( SQL_SELECT_UIMAGE , $imgid );
else
$sql = sprintf ( SQL_SELECT_IMAGE );
$info = $this -> Conn -> QuerySingle ( $sql );
$id = & $this -> cp -> add_node ( 'id' );
$id -> set_data ( $info [ 'imgid' ]);
$x = & $this -> cp -> add_node ( 'image' );
$x -> set_data ( $info [ 'imgname' ]);
$y = & $this -> cp -> add_node ( 'url' );
$y -> set_data ( ScriptUrl . '/' . $info [ 'imgid' ]. '.html' );
$z = & $this -> cp -> add_node ( 'code' );
$z -> set_data ( ScriptUrl . '/photos/' . $info [ 'imgname' ]);
$a = & $this -> cp -> add_node ( 'rating' );
$a -> set_data ( round ( $info [ 'rate' ]/ $info [ 'vote' ], 2 ));
$b = & $this -> cp -> add_node ( 'votes' );
$b -> set_data ( $info [ 'vote' ]);
}
function get5img ()
{
$sql = sprintf ( SQL_SELECT_5IMAGE );
$info = $this -> Conn -> Query ( $sql );
$total = & $this -> cp -> add_node ( 'total' );
$total -> set_data ( count ( $info ));
for ( $i = 0 ; $i < count ( $info ); $i ++)
{
$j = $i + 1 ;
$id = & $this -> cp -> add_node ( 'id' . $j );
$id -> set_data ( $info [ $i ][ 'imgid' ]);
$x = & $this -> cp -> add_node ( 'timage' . $j );
$x -> set_data ( ScriptUrl . '/thumbs/' . $info [ $i ][ 'thumbname' ]);
}
}
function rate ( $imgid , $rate )
{
if( $this -> Settings -> blockIp )
{
$ip = $_SERVER [ 'REMOTE_ADDR' ];
$sql = "SELECT count(*) as total FROM tblips where ip=' $ip ' and imgid like '%, $imgid ,%'" ;
$total = $this -> Conn -> ExecuteSingle ( $sql );
$x = & $this -> cp -> add_node ( 'avoted' );
if( $total <= 0 )
{
$x -> set_data ( '0' );
$sql = "SELECT * FROM tblips where ip=' $ip ' limit 1" ;
$rs = $this -> Conn -> QuerySingle ( $sql );
if( $rs [ 'ip' ]== '' )
{
$newid = ',' . $imgid . ',' ;
$sql = "Insert into tblips(ip,imgid) values('" . $ip . "','" . $newid . "')" ;
$this -> Conn -> Execute ( $sql );
}
else
{
$newid = $rs [ 'imgid' ]. $imgid . ',' ;
$sql = "UPDATE tblips set imgid='" . $newid . "' where ip='" . $ip . "'" ;
$this -> Conn -> Execute ( $sql );
}
//Calculate rate
$sql = "update tblimages set vote=vote+1, rate=rate+ $rate where imgid= $imgid " ;
$this -> Conn -> Execute ( $sql );
}
else
{
$x -> set_data ( '1' );
}
}
else
{
$x = & $this -> cp -> add_node ( 'avoted' );
$x -> set_data ( '0' );
$sql = "update tblimages set vote=vote+1, rate=rate+ $rate where imgid= $imgid " ;
$this -> Conn -> Execute ( $sql );
}
}
}
?>
Script.js
PHP kildekode
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
var id = 0 ;
var count = 1 ;
var max = 10 ;
var currentimage = 0 ;
var ALLOWED_TYPES = '.gif.jpg.jpeg.png.' ;
function add_item ()
{
var element ;
if( count >= max )
{
alert ( 'You can not add more' );
return false ;
}
x = Builder . node ( 'div' ,{ className : 'ct' , id : 'opt' + id });
element = Builder . node ( 'input' ,{ name : 'pic_' + count , type : 'file' , className : 'bttn' , size : '40' });
element2 = Builder . node ( 'span' ,{ className : 'sp' });
$( element2 ). innerHTML = ' <a href="#" onclick="return remove_item(' + id + ')"><img src="../images/admin/remove.png" width="24" height="24" border="0" valign="bottom"></a><br /><br />' ;
x . appendChild ( element );
x . appendChild ( element2 );
id ++; count ++;
$( 'boxes' ). appendChild ( x );
return false ;
}
function remove_item ( id )
{
a = 'opt' + id ;
x = document . getElementById ( a );
$( 'boxes' ). removeChild ( x );
count --;
return false ;
}
function check_all ()
{
var el = $( 'formid' ). select ( '[class="ptest"]' );
var value = document . getElementById ( 'value' ). checked ;
for(var i = 0 ; i < el . length ; i ++)
{
if ( value == true )
el [ i ]. checked = true ;
else
el [ i ]. checked = false ;
}
return false ;
}
function show_data ( status , action )
{
window . location . href = "index.php?" + action + "&status=" + status ;
return false ;
}
function page_go ( pageno , action )
{
if( pageno > 0 )
window . location . href = "index.php?" + action + "&page=" + pageno ;
}
function displayimage ()
{
show_loading ();
if( arguments . length > 0 )
cp . call ( 'index.php?module=ajax&action=ajax_init' , 'getimg' , outputimage , arguments [ 0 ]);
else
cp . call ( 'index.php?module=ajax&action=ajax_init' , 'getimg' , outputimage );
cp . call ( 'index.php?module=ajax&action=ajax_init' , 'get5img' , genall );
return false ;
}
function outputimage ( result )
{
var root = result . getElementsByTagName ( 'ajaxResponse' ). item ( 0 );
//var error = root.getElementsByTagName('error').item(0).firstChild.data;
var id = root . getElementsByTagName ( 'id' ). item ( 0 ). firstChild . data ;
var image = root . getElementsByTagName ( 'image' ). item ( 0 ). firstChild . data ;
var url = root . getElementsByTagName ( 'url' ). item ( 0 ). firstChild . data ;
var code = root . getElementsByTagName ( 'code' ). item ( 0 ). firstChild . data ;
var rating = root . getElementsByTagName ( 'rating' ). item ( 0 ). firstChild . data ;
var votes = root . getElementsByTagName ( 'votes' ). item ( 0 ). firstChild . data ;
var width = rating * 30 ;
currentimage = id ;
$( 'img' ). src = code ;
$( 'code' ). update ( url );
$( 'url' ). update ( code );
$( 'current_rating' ). setStyle ({ width : width + 'px' });
$( 'votes' ). update ( votes );
$( 'crate' ). update ( rating );
}
function genall ( result )
{
var root = result . getElementsByTagName ( 'ajaxResponse' ). item ( 0 );
var total = root . getElementsByTagName ( 'total' ). item ( 0 ). firstChild . data ;
var x , y , z ;
for(var i = 1 ; i <= total ; i ++)
{
x = "id" + i ;
y = "timage" + i ;
var imgid = root . getElementsByTagName ( x ). item ( 0 ). firstChild . data ;
var timage = root . getElementsByTagName ( y ). item ( 0 ). firstChild . data ;
$($( x )). src = timage ;
$($( x )). alt = imgid ;
$($( x )). setStyle ({ cursor : 'hand' });
$($( x )). onclick =function(){
var z = this . alt ;
displayimage ( z );
return false ;
};
}
hide_loading ();
}
function rate ( r )
{
cp . call ( 'index.php?module=ajax&action=ajax_init' , 'rate' , rateresult , currentimage , r );
return false ;
}
function rateresult ( result )
{
var root = result . getElementsByTagName ( 'ajaxResponse' ). item ( 0 );
var avoted = root . getElementsByTagName ( 'avoted' ). item ( 0 ). firstChild . data ;
avoted = 1 //already voted 0=new vote
displayimage ();
}
function show_loading ()
{
var top = document . viewport . getScrollOffsets (). top ;
var left = document . viewport . getDimensions (). width - 200 ;
$( 'loading' ). setStyle ({ display : 'block' });
$( 'loading' ). style . top = top ;
$( 'loading' ). style . left = left ;
}
function hide_loading ()
{
$( 'loading' ). setStyle ({ display : 'none' });
}
function filetypeCheck () {
var fn = $( "ufile" ). value ;
if ( fn == "" ){
$( "allowed" ). className = '' ;
$( "upload" ). disabled = true ;
} else {
var ext = fn . split ( "." );
if ( ext . length == 1 )
ext = '.noext.' ;
else
ext = '.' + ext [ ext . length - 1 ]. toLowerCase () + '.' ;
if ( ALLOWED_TYPES . indexOf ( ext ) == - 1 ) {
$( "allowed" ). className = 'red' ;
$( "upload" ). disabled = true ;
} else {
$( "allowed" ). className = '' ;
$( "upload" ). disabled = false ;
}
}
}
function clearme ()
{
var email = $( 'email' ). value ;
if( email == 'Your Email' )
$( 'email' ). value = '' ;
}
function notifyupload ()
{
hide_loading ();
$( "submitinfo" ). hide ();
$( "theform" ). hide ();
$( "uresult" ). style . display = 'block' ;
}
SQL:
torsdag, 20. juni 2013, 07:00
Gå til toppen af siden
