corbeeresearch Posted September 4, 2010 Share Posted September 4, 2010 Hi, I found a tutorial in building a poll, however it detects IP, so people can't vote multiple times, so I dissected the code into sections while removing the IP blocking, while still inserting the IP address into the database, the problem is that I get: Access denied for user 'ODBC'@'localhost' for the second page, I don't know where I went wrong, could anyone help me? I also attached the code and .sql file so that people can hack it and check where it got wrong. Thanks here is the original poll code <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])){ $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid=(SELECT pid FROM questions WHERE id='".$_POST['questions']."' LIMIT 1)"); if(mysql_num_rows($query) == 0){ $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else { $error = 'You Already Voted'; } } else if(!isset($_POST['questions']) && isset($_POST['vote'])){ $error = 'Please select a response'; } ?> <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); //echo "SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"; $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> <?php } else { ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action=""> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php if(isset($error)){ ?> <tr> <td valign="top" colspan="2" align="center" style="padding: 0px 0px 10px 0px;"><?php echo $error; ?></td> </tr> <?php } ?> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> <?php } ?> </table> <?php } ?> Here are the sectioned codes insert.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php include('config.php'); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])) { //insert the vote to the database $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else if(!isset($_POST['questions']) && isset($_POST['vote'])) { echo 'Please select a response'; } include('results.php'); ?> results.php <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); //vote results ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> vote.php <?php include('config.php'); //vote starts here ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action="results.php"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> </table> config.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); $poll = mysql_fetch_array($query); $title = $poll['name']; ?> [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
eatfishy Posted September 4, 2010 Share Posted September 4, 2010 Are you sure that your MySQL database and .php pages are on the same server? Quote Link to comment Share on other sites More sharing options...
PaulRyan Posted September 4, 2010 Share Posted September 4, 2010 Im guessing the error comes on results.php? I think you may have missed out your database connection on that page include('config.php'); Try adding your config file to results.php near the top. Paul. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.