0

基本上正在发生的事情是我一直在尝试开发一个评级系统来存储用户的总评级并根据他们的评级按顺序显示项目。但是现在我遇到了一个错误,它只会在评级两次后改变评级/显示,而不是显然只改变一次。

这是代码:

<?php
include ("sql.php");

function getTotal($name) {
$query = "SELECT total FROM items WHERE name = '$name'";
// echo $query;
// echo "<br />";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
return $row[0];
}



display();
function display($items) {
    $video = getTotal(video);
    // echo "video total: ".$video;
    // echo "<br />";
    $Music = getTotal(Music);
    // echo "Music total: ".$Music;
    // echo "<br />";
    $football = getTotal(football);
    // echo "football total: ".$football;
    // echo "<br />";

    $items = array($video => 'video', $Music => 'Music', $football=>'football');
    // echo "<br />";
    krsort($items);
    // print_r($items);
foreach ($items as $key => $val) {
    print ("<form method = 'post'>
    $val
    <button name ='upvote' type = 'submit' value ='$val' />Upvote</button>
    <button name ='downvote' type ='submit' value ='$val' />Downvote</button>
    </form> TOTAL: ".$key."
        ");
    }
}

if (isset($_POST['upvote']) || isset($_POST['downvote'])) {

$ip = 23;
//$ip = ip2long($_SERVER['REMOTE_footballDR']);

if ($_POST['upvote'] != null) {
$item = $_REQUEST['upvote'];
}
else {
$item = $_REQUEST['downvote'];
}

//see if person has voted before, for this item
$q = "SELECT count(*) FROM tracker".$item." WHERE ip = $ip";
$check = mysql_query($q);
$row = mysql_fetch_row($check);
$bool = ($row[0] > 0);

    if (!$bool) {
        echo "User has not voted before for this item <br />";

    }

    else {
        echo "user has voted for this item before";
        //then the user has voted before
        //row[0] = ip, row[1] = value
        $d = "SELECT * FROM tracker".$item." WHERE ip = '$ip'";
        $e = mysql_query($d);
        $row = mysql_fetch_row($e);
        $value = -$row[1];
        echo "<br /> value: ".$value;
        $qry = "UPDATE items SET total = total + $value WHERE name = '$item'";
        echo "<br /> qry: ".$qry;
        $result = mysql_query($qry);

        if (!$result) {
            echo "problem with result".mysql_error();

        }


        $q = "DELETE FROM tracker".$item." WHERE ip = '$ip'";
        echo "<br /> Delete query".$q; 
        $r = mysql_query($q);
        if (!$r) {
            echo "problem with r".mysql_error();
        }

    }



if ($item == $_POST['upvote']) {
    echo "<br /> item has been upvoted";
    $qry = "UPDATE items SET total = total + 1 WHERE name = '$item'";
    echo "<br /> qry: ".$qry;
    mysql_query($qry);

//also get the ip footballdress and footballd to the who's voted table
    $d = "INSERT INTO tracker".$item." VALUES ('$ip', '1')";
    mysql_query($d);
    }

elseif ($item == $_POST['downvote']) {
    echo "<br /> item has been downvoted";
    $qry = "UPDATE items SET total = total - 1 WHERE name = '$item'";
    mysql_query($qry);

//also get the ip footballdress and footballd to the who's voted table
    $d = "INSERT INTO tracker".$item." VALUES ('$ip', '-1')";
    mysql_query($d);
    }
}
4

1 回答 1

0

我在那里详细说明了一些错误:

  1. 使用PDOmysqli_*函数
  2. 记得清理 SQL 中的任何输入以防止SQL 注入
  3. 始终检查变量queries

    $check = 查询($sql); if (!$check) { // 如果需要,显示或返回错误消息 } $row = mysql_fetch_row($check);

  4. 使用trycatch阻塞来防止非托管异常

  5. 要显示新的更新投票,您可以在从表格更新后检索投票
于 2013-03-10T02:00:07.707 回答