diff options
author | Dries Buytaert <dries@buytaert.net> | 2010-06-24 18:53:31 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2010-06-24 18:53:31 +0000 |
commit | 41abf46f07be1af6661f0aa4bed4cba2f36da429 (patch) | |
tree | 1340c95bee4885cda0469b4d3feb7155d3128d24 /modules/poll | |
parent | 65d3b5dd43a0690600dbb023b841e01efb8a5d38 (diff) | |
download | brdo-41abf46f07be1af6661f0aa4bed4cba2f36da429.tar.gz brdo-41abf46f07be1af6661f0aa4bed4cba2f36da429.tar.bz2 |
- Patch #702134 by grndlvl, aaronbauman: always store IP address for poll votes.
Diffstat (limited to 'modules/poll')
-rw-r--r-- | modules/poll/poll.module | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/modules/poll/poll.module b/modules/poll/poll.module index d698e0301..0ba52f6c6 100644 --- a/modules/poll/poll.module +++ b/modules/poll/poll.module @@ -492,6 +492,7 @@ function poll_load($nodes) { $poll->allowvotes = FALSE; if (user_access('vote on polls') && $poll->active) { if ($user->uid) { + // If authenticated, find existing vote based on uid. $poll->vote = db_query('SELECT chid FROM {poll_vote} WHERE nid = :nid AND uid = :uid', array(':nid' => $node->nid, ':uid' => $user->uid))->fetchField(); if (empty($poll->vote)) { $poll->vote = -1; @@ -499,10 +500,14 @@ function poll_load($nodes) { } } elseif (!empty($_SESSION['poll_vote'][$node->nid])) { + // Otherwise the user is anonymous. Look for an existing vote in the + // user's session. $poll->vote = $_SESSION['poll_vote'][$node->nid]; } else { - $poll->allowvotes = !db_query("SELECT 1 FROM {poll_vote} WHERE nid = :nid AND hostname = :hostname", array(':nid' => $node->nid, ':hostname' => ip_address()))->fetchField(); + // Finally, query the database for an existing vote based on anonymous + // user's hostname. + $poll->allowvotes = !db_query("SELECT 1 FROM {poll_vote} WHERE nid = :nid AND hostname = :hostname AND uid = 0", array(':nid' => $node->nid, ':hostname' => ip_address()))->fetchField(); } } foreach ($poll as $key => $value) { @@ -732,7 +737,7 @@ function poll_vote($form, &$form_state) { 'nid' => $node->nid, 'chid' => $choice, 'uid' => $user->uid, - 'hostname' => $user->uid ? '' : ip_address(), + 'hostname' => ip_address(), 'timestamp' => REQUEST_TIME, )) ->execute(); |