Index: sites/all/modules/extra_voting_forms/extra_voting_forms.module =================================================================== --- sites/all/modules/extra_voting_forms/extra_voting_forms.module (revision 56) +++ sites/all/modules/extra_voting_forms/extra_voting_forms.module (working copy) @@ -574,7 +574,7 @@ // Convert the limit into seconds... $limit_every *= 3600; - $result = db_result(db_query("SELECT COUNT(*) AS count FROM {votingapi_vote} WHERE uid = %d AND value_type = '%s' AND tag = '%s' AND timestamp > UNIX_TIMESTAMP(CURRENT_TIMESTAMP()) - %d", $account->uid, 'points', 'vote', $limit_every)); + $result = db_result(db_query("SELECT COUNT(*) AS count FROM {votingapi_vote} WHERE uid = %d AND value_type = '%s' AND tag = '%s' AND timestamp > UNIX_TIMESTAMP(CURRENT_TIMESTAMP()) - %d", _extra_voting_forms_get_uid(), 'points', 'vote', $limit_every)); // Over the limit: don't accept it! if ($result > $limit) { @@ -606,18 +606,18 @@ $total_points = variable_get('extra_voting_forms_abuse_total_points', ''); $total_every = variable_get('extra_voting_forms_abuse_total_every', ''); - + // If person_points is not set, don't bother if ($total_points == '') { return FALSE; } - + // Convert total_every into seconds... $total_every *= 3600; // Find out how many points were awarded over the last however long - $result = db_result(db_query("SELECT SUM(abs(value)) FROM {votingapi_vote} WHERE uid = %d AND value_type = '%s' AND tag = '%s' AND timestamp > UNIX_TIMESTAMP(CURRENT_TIMESTAMP()) - %d", $account->uid, 'points', 'vote', $total_every)); + $result = db_result(db_query("SELECT SUM(abs(value)) FROM {votingapi_vote} WHERE uid = %d AND value_type = '%s' AND tag = '%s' AND timestamp > UNIX_TIMESTAMP(CURRENT_TIMESTAMP()) - %d", _extra_voting_forms_get_uid(), 'points', 'vote', $total_every)); $result += abs($vote); @@ -692,7 +692,7 @@ * an error message or '' if all OK). And then, it returns that error/result * to the user "the right way" using extra_voting_forms_return() * To know what the "right way" is, see extra_voting_forms_return() - * + * * @return * The response. It might be just a string (no page template, or anything) * or it could be a full page. if ($form_type != 'ajax' && $form_type != 'form') { drupal_set_message(t('Error in the parameters!'), 'error'); drupal_goto('node/'. $o->nid); - } + } // It's a direct form, and the user doesn't // have voting rights! - if ($form_type != 'ajax' && $user->uid == 0) { + if ($form_type != 'ajax' && _extra_voting_forms_get_uid() == 0) { drupal_goto(extra_voting_forms_anonymous_url(), "destination=". extra_voting_forms_destination($o) ); } @@ -770,11 +770,13 @@ if ($account == NULL) { $account = $user; } - - // The user is not logged in: RETURN with error + + // The user is not logged in: RETURN with error + /* if ($account->uid == 0) { return array( t("Only logged in users can vote!"), 0 ); } +*/ #if($user->uid == 11061){ # drupal_set_message('o->sk_type '.$o->sk_type); @@ -785,7 +787,7 @@ // The user can't vote on his/her own comments, return error // (Note: admin and the karma admin can!) - if ($o->sk_type == 'c' && $account->uid == $o->uid && $account->uid != 1 & ! user_access('voting administrator', $account)) { + if ($o->sk_type == 'c' && _extra_voting_forms_get_uid() == $o->uid && _extra_voting_forms_get_uid() != 1 & ! user_access('voting administrator', $account)) { return array( t("You can't vote on your own comments!"), 0 ); } @@ -821,7 +823,7 @@ $criteria['content_id'] = $o->sk_id; $criteria['value_type'] = 'points'; $criteria['tag'] = 'vote'; - $criteria['uid'] = $account->uid; + $criteria['uid'] = _extra_voting_forms_get_uid(); $existing_vote_cast = votingapi_select_votes($criteria); $existing_vote = (int)$existing_vote_cast[0]['value']; @@ -860,11 +862,11 @@ } } - // Give the actual vote using the Voting API + // Give the actual vote using the Voting API $votes = array(); $votes['content_type'] = extra_voting_forms_c($o->sk_type); $votes['content_id'] = $o->sk_id; - $votes['uid'] = $account->uid; + $votes['uid'] = _extra_voting_forms_get_uid(); $votes['value_type'] = 'points'; $votes['value'] = $vote; $result = votingapi_set_votes($votes); @@ -881,7 +883,28 @@ $r = (int)$r[0]['value']; return array('', $r); } - + +function _extra_voting_forms_get_uid() { + global $user; + + if ($user->uid) { + $uid = $user->uid; + } + else if (variable_get('vote_up_down_anonymous_vote', 1)) { + // Fake uid for anonymous users. + // If the IP is valid turn it into a integer and add the number of the current day. + // The current day is what limit anonymous voting to one vote per day and IP address. + $hostname = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : ip_address(); + if ($long = ip2long($hostname)) { + $uid = abs($long) + date('z'); + } + } + else { + $uid = NULL; + } + + return $uid; +} function extra_voting_forms_c($sk_type) { return $sk_type == 'n' ? 'node' : 'comment'; } @@ -1035,9 +1058,6 @@ function extra_voting_forms_show_form($o, $force_type, $style = 1, $substyle = 'big') { global $user; - // Important so that the theme's default is not applied - $voting_not_allowed_flag = FALSE; - // Sets the right "extra sk variables" for the object according to the // forced type if ($force_type == 'c') { @@ -1048,7 +1068,7 @@ $o->sk_id = $o->nid; $o->sk_type = 'n'; } - + // Just a small sanity check on the form style if ($substyle != 'big' && $substyle != 'small') { $substyle = "big"; @@ -1064,10 +1084,10 @@ // Modules can actually turn off the displaying of any forms // global $extra_voting_forms_HIDE; - + if ($extra_voting_forms_HIDE) { return; - } + } // To avoid nested form not working in IE and Opera // we do not display karma comment voting on preview @@ -1080,17 +1100,17 @@ if ($o->sk_type == 'c' && !variable_get('extra_voting_forms_allow_karma_for_comments', FALSE)) { return ''; } - + // The module is set so that it doesn't give the ability to vote // based on this particulat note type. Don't return the form. $types = variable_get('extra_voting_forms_node_types_applied', array() ); if ($o->sk_type == 'n' && ! $types[$o->type] ) { return ''; } - + // Don't offer the form if the comment is the user's AND the user is not // a karma administrator or "admin" - if ($o->sk_type == 'c' && $user->uid == $o->uid && $user->uid != 1 && ! user_access('voting administrator')) { + if ($o->sk_type == 'c' && _extra_voting_forms_get_uid() == $o->uid && _extra_voting_forms_get_uid() != 1 && ! user_access('voting administrator')) { $voting_not_allowed_flag=TRUE; } @@ -1099,11 +1119,11 @@ // **************************************************************** // This will get the record. If != NULL, then a vote (even 0) WAS cast $criteria = array(); - $criteria['content_type'] = extra_voting_forms_c($o->sk_type); + $criteria['content_type'] = extra_voting_forms_c($o->sk_type); $criteria['content_id'] = $o->sk_id; $criteria['value_type'] = 'points'; $criteria['tag'] = 'vote'; - $criteria['uid'] = $user->uid; + $criteria['uid'] = _extra_voting_forms_get_uid(); $existing_vote_cast = votingapi_select_votes($criteria); // Integer representation of the vote @@ -1115,20 +1135,21 @@ if ($only_one_vote_allowed && ! user_access('voting administrator') && $existing_vote_cast) { $voting_not_allowed_flag = TRUE; } - + // The user does not have voting rights: RETURN with error if (!user_access('give points with extra voting forms')) { $voting_not_allowed_flag = TRUE; } - - // Voting is "sort of" allowed to anonymous...! + + // Voting is "sort of" allowed to anonymous...! // The voter will be redirected... - $draw_js_destination_variable_flag = FALSE; + $draw_js_destination_variable_flag = FALSE; + /* if ($user->uid == 0) { $voting_not_allowed_flag = FALSE; $draw_js_destination_variable_flag = TRUE; } - +*/ // Don't allow showing the form past its time limit if ($o->sk_type == 'c') { $t = $o->timestamp;