Hi!
i have installed Glennu's cookie "mod" to prevent multiple rate.
It's not working .. are there any variables i should have set ..?

thanx


Gregor
www.vstopnice.com
www.balonarstvo.com
www.e-nepremicnine.com

Nope. Are you sure you followed the instructions properly?

One thing I noticed was (for Glennu).....

There is no need to use regex - you can just do....

Also I don't see the point of the mod because rate.cgi already logs the IP of the person submitting the rating.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Hmm I don't see where Glennu has defined $cdat

At the top of the code add....

$cdat = $ENV{HTTP_COOKIE};

Like:

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Hi!
thanx for solution .. i tried .. no luck ... when i rebuild i can still vote for a link in database ...
Yes links are logging Ip but doesn't prevent user to rate a link again when i rebuild ALL !?

bye

Gregor
www.vstopnice.com
www.balonarstvo.com
www.e-nepremicnine.com

Could this same cookie be used in add.cgi?

Thanks.

DT

Yes sure - you could make a new one and use similar code to check if it exists and if it does then send visitors to an error page.

You would just have to change the name of the cookie and change the "if" statement that checks for it.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

'Also I don't see the point of the mod because rate.cgi already logs the IP of the person submitting the rating.'

It could be useful as of course IP logging does not stop repeat ratings being submitted. ie. the next time a user connects to the internet they can vote for themselves again unless they have a static ip address. So using a cookie offers a little bit more protection.


Yeah I didn't define $cdat instead you could change:

@cookies = split(/;/,$cdat);

To:

@cookies = split(/;/,$ENV{HTTP_COOKIE});


'There is no need to use regex'

Yep I meant to change it a while back but didn't get round to it.

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml

...i'm still stucked :)) it's not working :(
i have cookies enable if that should be problem

Gregor
www.vstopnice.com
www.balonarstvo.com
www.e-nepremicnine.com

I see your point about someone just being able to log off and then back on and then being able to vote again but it is the same with cookies. You can just delete your cookies and vote again. Ah well..I suppose there is always a way to get around something if you are determined enough....

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

Yeah there's always seems to be a way round for the determined. I remember on my old site, I found one site in about 2 months had managed to get:

over 300 votes all with a rating of 10

Of course there's one way to put a stop to it, so I deleted his site. He was not happy and said that the visitors did all those votes, however I do Statistics and know the chances of that happening are pretty slim!

Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml

Thank you all. I'll give this a try. I appreciate your help.

DT

LOL - yeah as if they all gave his site 10/10

However I think an even better way would be to log the remote host rather than IP. Now although the remote host will change occasionally, it is still a better way than logging the IP....although thinking about it, you would end up blocking all other visitors from the same host..

But I suppose you could log the IP, host and time like:

222.222.222.222|proxy-1.aol.com|12:53:45

...and that should hopefully work even better.

You could then check the IP against the time as well as the remote host and stop them voting if either match within say 6 hours of the last vote

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

And codes for LOGGING IP Address from the RATE script has already been posted in this forum about six months ago.

Regards,

Eliot Lee

Eliot,

rate.cgi logs IP's by default.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

This must be the right rate.cgi but the cookies do not work :(


----

eval {
($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX /
($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \

require "admin/links.cfg"; # Change this to full path to links.cfg if you have problems.
require "$db_lib_path/db_utils.pl";
require "$db_lib_path/links.def";
$build_use_templates ?
require "$db_lib_path/site_html_templates.pl" :
require "$db_lib_path/site_html.pl";
};
if ($@) {
print "Content-type: text/plain\n\n";
print "Error including libraries: $@\n";
print "Make sure they exist, permissions are set properly, and paths are set correctly.";
exit;
}

# ========================================================

eval { &main; }; # Trap any fatal errors so the program hopefully
if ($@) { &cgierr("fatal error: $@"); } # never produces that nasty 500 server error page.
exit; # There are only two exit calls in the script, here and in in &cgierr.

sub main {
# --------------------------------------------------------
local (%in) = &parse_form;

if ($in{'rate'}) {
$cdat = $ENV{HTTP_COOKIE};



if ($ENV{HTTP_COOKIE}){
@cookies = split(/;/,$cdat);
foreach $i (@cookies) {
($name1,$ci1) = split(/=/,$i);
if (($name1 eq "rated") and ($ci1 == $in{'ID'})) {
&site_html_rate_failure ("Sorry, you've already rated for this resource once recently.");
return;
}
}
}
&rate_it;
}
elsif ($in{$db_key} =~ /^\d+$/) {
my (%rec) = &get_record ($in{$db_key});
($rec{$db_key} eq $in{$db_key}) ?
&site_html_rate_form (%rec) :
&site_html_rate_failure ("Unkown Link ID: $in{$db_key}");
}
else {
print "Location: $build_ratings_url/\n\n";
}
}

sub rate_it {
# --------------------------------------------------------
my $rated = "rated";
my $id = $in{$db_key};
my $delim = quotemeta($db_delim);
my $time = time();
my $rating = $in{'rate'};

# Make sure we have a valid rating.
unless (($rating =~ /^\d\d?/) and ($rating >= 1) and ($rating <= 10)) {
&site_html_rate_failure ("Your rating '$rating' is invalid.");
return;
}

# Let's get the link information.
my %rec = &get_record ($id);
($rec{$db_key} eq $id) or (&site_html_rate_failure ("Unable to find link with ID '$id'.") and return);

# Increase the rating.

if (open (HIT, "<$db_rates_path/$id")) {
my $input = <HIT>; chomp $input;
($votes, $old_rating) = split /\s/, $input;
chomp ($old_time = <HIT>);
chomp (@IP = <HIT>);
(($time - $old_time) > 31600) and (@IP = ());
foreach $ip (@IP) {
$ip eq $ENV{'REMOTE_ADDR'} and ($visited++ and last);
}
close HIT;

if (!$visited) {
push (@IP, $ENV{'REMOTE_ADDR'});
$votes = $votes + 1;
$rating = $rating + $old_rating;
open (HIT, ">$db_rates_path/$id") or &cgierr ("Can't open for output counter file. Reason: $!");
if ($db_use_flock) { flock (HIT, 2) or &cgierr ("Can't get file lock. Reason: $!"); }
local $" = "\n";
print HIT "$votes $rating\n$time\n@IP";
close HIT;
print "Set-Cookie: $rated=$id; path=/; expires=+1m\n";
&site_html_rate_success;
}
else {
&site_html_rate_failure ("Sorry, you've already rated for this resource once recently.");
}
}
else {
open (HIT, ">$db_rates_path/$id") or &cgierr ("Can't increment counter file '$db_rates_path/$id'. Reason: $!");
print HIT "1 $rating\n$time\n$ENV{'REMOTE_ADDR'}";
close HIT;
print "Set-Cookie: $rated=$id; path=/; expires=+1m\n";
&site_html_rate_success;
}
}
-----

Hi,

I have the same problem: `Installed Glennu´s Mod and checked it over and over again - but couldn´t find anything wrong. No cookie is beeing created to prevent rate-fraud. Here´s my code in rate.cgi:

sub main {
# --------------------------------------------------------
local (%in) = &parse_form;

if ($in{'rate'}) {
if ($ENV{HTTP_COOKIE}){
@cookies = split(/;/,$ENV{HTTP_COOKIE});
foreach $i (@cookies) {
($name1,$ci1) = split(/=/,$i);
if (($name1 eq "rated") and ($ci1 == $in{'ID'})) {
&site_html_rate_failure ("Sie haben erst kürzlich für diese Seite abgestimmt.");
return;
}
}
}

then

sub rate_it {
# --------------------------------------------------------
my $id = $in{$db_key};
my $delim = quotemeta($db_delim);
my $time = time();
my $rating = $in{'rate'};
my $rated ="rated";

and at the end twice

print "Set-Cookie: $rated=$id; path=/; expires=+3m\n";
&site_html_rate_success;


Can anybody see something wrong or missing?

Thanks for the replies.

RoadRunner

Nobody any advice for me ? Really would appreciate any hint.

Thanks

RoadRunner