Reputation: 6052
How to check if an IP is in the Database
How do I check if an ip is in the database?
I'm creating a little voting system and right now people can vote more than once.
So i put thier Ip in the database and if its already in the database dont want it to allow the upvote. I get the ips in the database using:
$check = mysql_query("SELECT `ip` FROM `voted`") or die(mysql_error());
I just don't know how to check if the ip that person is voting with is already entered.
Upvotes: 3
Views: 1623
Answers (4)
Reputation: 10537
If your going to stick with mysql_* then something like Andrew M advised will work fine. Like he and others suggest though, consider the PDO route (below) if you're just starting to learn PHP
MySQL
<?php
if (!$qry = mysql_query("SELECT COUNT(*) AS `daCount` FROM `voted` WHERE `ip` = '".mysql_escape_string($_SERVER['REMOTE_ADDR'])."'")) {
die('Whamm PoW! Oops, we made a boo boo!');
}
list($check) = mysql_fetch_row($qry);
if ($check > 0) {
echo 'Thanks but you already voted!';
}
else {
echo 'Please make your vote: Yes or No?';
}
PDO
<?php
try { // to connect to database
$db = new PDO('mysql:host=localhost;dbname=testdb;charset=UTF-8', 'username', 'password', array(
PDO::ATTR_EMULATE_PREPARES => false,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
} catch (PDOException $e) {
die('Bazinga! Oops, we made a boo boo!');
}
try { // to execute query and stuff
$stmt = $db->prepare('SELECT `ip` FROM `voted` WHERE `ip`=?');
$stmt->execute(array($_SERVER['REMOTE_ADDR']));
$row_count = $stmt->rowCount();
if ($row_count > 0) {
echo 'Thanks but you already voted!';
}
else {
echo 'Please make your vote: Yes or No?';
}
} catch(PDOException $e) {
die('Kaboom! Oops, we made a boo boo!');
}
Upvotes: 0
Reputation: 4288
Take a look at the WHERE clause in MySQL:
http://www.tizag.com/mysqlTutorial/mysqlwhere.php
$ip = mysql_real_escape_string([the IP address]);
$q = mysql_query("SELECT `ip` FROM `voted` WHERE `ip`= '$ip'");
if(mysql_num_rows($q) > 0){
// They already are in the database
}
Remember-- sanitize your inputs. Personally, I would use parameters and bindings, but if you are going plain-vanilla MySQL then just use the escaping function. But remember, the mysql_ functions are being deprecated, so I would avoid them if possible. (See PDO)
Upvotes: 2
Reputation: 4427
I should use something like:
SELECT count(*) INTO counter from `voted` WHERE ip = '0.0.0.0'
and in your php code you'll check if counter is more than 0.
Upvotes: 0
Reputation: 56769
I assume you already have a way to get the IP address (since you're inserting them into the database). So it's a matter of a WHERE clause to validate:
$check = mysql_query("SELECT `ip` FROM `voted` WHERE `ip` = '$theIP'")...
Then check if you get any results back. If you do, then refuse the vote.
Note, however, that validating entirely based on IP addresses will give you a lot of false negatives.
Upvotes: 2
Related Questions
- Ip address compare in database
- Check whether an IP address is stored in database
- Checking IP address using php
- Compare IP to SQL table values
- Searching in table to find if IP address exists for a set_id
- Block IP Address, Query IP from database
- How to query database for an IP - Error
- Compare ip address in php
- PHP & MySQL - Compare IPs that are stored
- Simple if IP address is already in the database