3

i have a pretty basic voting system i have implemented on my site. using the following ajax when a user clicks on the link there vote is added to the database and the vote is updated +1.

this all works fine but i would like to check if the user is logged in before allowing them to vote if there not display an error pop up or redirect to the login page (eventually i will display a lightbox popup asking for them to login or register.

<script type="text/javascript">
    $(document).ready(function() {
        $(".voteup a").click(function() {
            var ID = <?php echo $moviedetails['id'] ?>
            //$("#vote").text();
            var rating = <?php echo $vote['vote_up'] ?>
            var queryString = 'id=' + ID + '&vote=' + rating;
            $("#voteup").text (rating + 1);
            $.ajax({
                type: "POST",
                url: "vote_up.php",
                data: queryString,
                cache: false,
                success: function(html) {
                    $("#votethanks").html('Thanks');
                    $("#votethanks").slideDown(200).delay(2000).fadeOut(2000);
                }
            });
        });
    });
</script>

and vote_up.php 

<?php
require_once("header.php");

$data = $_POST['id'];   

$updatevote = "UPDATE `vote` SET `vote_up` = vote_up +1 WHERE `movie_id` = '$data'";
mysqli_query($con, $updatevote);

?>

i have tried

if (!(isset($_SESSION['sess_user_id']) && $_SESSION['sess_user_id'] != '')) {
echo "<script>alert('Please login.')</script>";
}
else { //then the javascript

but it just checks the users logged in on page load, if there not it displays the please login error, but i need it to do this onclick of the javascript.

any help appreciated

thanks lee

Improve this question

4 Answers 4

Reset to default
2

You can consider doing the check with PHP in the vote_up.php and check the response in your ajax. Something like this:

$.ajax({
    type: "POST",
    url: "vote_up.php",
    data: queryString,
    cache: false,
    success: function(result) {
        if (result.error) {
            alert(result.msg);
        } else {
            $("#votethanks").html(result.msg);
            $("#votethanks").slideDown(200).delay(2000).fadeOut(2000);
        }
    }
});

in your vote_up.php:

<?php

if (!(isset($_SESSION['sess_user_id']) && $_SESSION['sess_user_id'] != '')) {

    // User is not logged in!
    $result = array(
        'error' => true,
        'msg' => 'Please login first!'
    );

} else {

    // write the needed code to save the vote to db here

    $result = array(
        'error' => false,
        'msg' => 'Thanks!'
    );
}

// Return JSON to ajax call
header('Content-type: application/json');
echo json_encode($result);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Why not use your PHP to insert into a authenticated variable, just as you do with vote and ID?

For example:

var authenticated = <?php !(isset($_SESSION['sess_user_id']) && $_SESSION['sess_user_id'] != '') ?>

Note: Completely untested. I just copied and pasted the php code from your "I have tried..."

Does this help?

Improve this answer

Comments

0

Add a boolean. Every time the user clicks on the voting, send an ajax call to check if the user is logged in.

$(document).ready(function()
{
    $(".voteup a").click(function()
    {
        var the_user_is_logged_in;
        the_user_is_logged_in = checkLoggedIn();
        if the_user_is_logged_in{
            // do ajax call
        }
        else{
            alert('Please log in!')
        }
     }
 }

 function checkLoggedIn(){
    $.get('getsession.php', function (data) {
        return data;
    });

And in getsession.php you should write

<?php
session_start();
print json_encode($_SESSION);

I didn't try the code, but it should work.

Improve this answer

1 Comment

the variable the_user_is_logged_in is always returned to UNDEFINED.
0

This is what worked for me in the end. I am only sharing this to help someone who my encounter the same problem and end up with a migraine.

The ajax script:

<script type="text/javascript">
function review_likes ( addresscommentid ) 
{ $.ajax( { type    : "POST",
async   : false,
data    : { "txt_sessionid" : addresscommentid }, 
url     : "functions/review_likes.php",
beforeSend: function() {
    // checking if user is logged in with beforeSend
   <?php if (!(isset($_SESSION['signed_in_uid']) && 
$_SESSION['signed_in_uid'] 
   != '')) { ?>        
       $(window.location.href = 'admin/index-signin.php');  
    <?php } ?>
    },
success : function ( sessionid )

{ 
$('#reviewlikes').removeClass('like-action'); 
$('#reviewlikes').load(document.URL +  ' #reviewlikes');       
},
error   : function ( xhr )
{ 
alert( "You are not Logged in" );
}
 });

 return false;

}
</script>

On the review_likes.php page header:

<?php 

$kj_authorizedUsers = "";
$kj_restrictGoTo = "../admin/index.php";
if (!((isset($_SESSION['kj_username'])) && 
(isAuthorized("",$kj_authorizedUsers, 
$_SESSION['kj_username'], $_SESSION['kj_authorized'])))) {   
$kj_qsChar = "?";
$kj_referrer = $_SERVER['PHP_SELF'];
if (strpos($kj_restrictGoTo, "?")) $kj_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 
$kj_referrer .= "?" . $_SERVER['QUERY_STRING'];
$kj_restrictGoTo = $kj_restrictGoTo. $kj_qsChar . "accesscheck=" . 
urlencode($MM_referrer);
header("Location: ". $kj_restrictGoTo); 
exit;
} 
?>

The above code is a bit overkill, but it helps to get the current URL and redirect the user to the requesting page after successful login.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.