簡單投票系統[防刷程序刷新]
<?php
include_once("../inc/connect.php");
$value =$_SERVER['HTTP_HOST'];
if(empty($_COOKIE["cook"])){
if(sizeof($_POST)<9){ exit("<script>alert('對不起,你還有選項未選!');history.back();</script>");}
for($i=1;$i<=8;$i++){
$c =$_POST['r'.$i];
switch( intval($c) ){
case 0:
$word ='vote_r1';
break;
case 1:
$word ='vote_r2';
break;
case 2:
$word ='vote_r3';
break;
default:
exit('error');
}
$sql ="update gx_votes set $word=$word+1,vote_times=vote_times+1 where id=$i";
mysql_query($sql) or die(mysql_error());
}
if( !empty($_POST['r9']) || !empty($_POST['r10']) ){ sava_voteinfo();}
echo "<script>alert('感謝你的參與,你的報表己提交!');history.back();</script>";
setcookie("cook", $value, time()+7200, "/");
}else{
print "對不起,你己經投票了,<a href=# onclick=\"history.back();\">點擊返回</a>";
}
function sava_voteinfo(){
$vote_modi =addslashes(php_sava(isset($_POST['r9'])?$_POST['r9']:''));
$vote_info =addslashes(php_sava(isset($_POST['r10'])?$_POST['r10']:''));
$vote_ip =isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'未獲取到IP';
$vote_time =date("Y-m-d H:i:s");
$vote_sql ="Insert into ss(vote_ip,vote_modi,vote_info,vote_time) value('$vote_ip','$vote_modi','$vote_info','$vote_time')";
mysql_query($vote_sql) or die('error');
}
function php_sava($str)
{
$farr = array(
"/\s+/",
"/<(\/?)(script|i?frame|style|html|body|title|link|meta|\?|\%)([^>]*?)>/isU",
"/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU",
);
$tarr = array(
" ",
"<\\1\\2\\3>", //如果要直接清除不安全的標簽,這裡可以留空
"\\1\\2",
);
$str = preg_replace( $farr,$tarr,$str);
return $str;
}
?>
最新說一下,這種用cookie形式的程序可以清除cookie再刷,有一種辦法是我以前做過了,先是客戶端防刷然後再把用戶的IP保存到數據庫,這樣用戶刷時就會用php程序來檢查是否在我們規定的時間內操作喽這樣就可以實現真正的防刷喽.
