Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
There's an issue in the radioactivity module - #739980: VotingAPI resets votes but adds unlimited energy when a user votes multiple times - that I think needs to be solved by the votingAPI widgets.
If someone has already voted (either up or down) then this module should prevent them from voting again.
Comment | File | Size | Author |
---|---|---|---|
#10 | 0001-feature-966658-by-marvil07-greggles-Prevent-multiple.patch | 10.63 KB | marvil07 |
#3 | avoid-links-to-non-valid-votes-v2.patch | 5.81 KB | marvil07 |
#1 | 0001-Two-more-variables-to-specify-vote-link-statuses.patch | 1009 bytes | marvil07 |
Comments
Comment #1
marvil07 CreditAttribution: marvil07 commentedSounds reasonable, we need to change the widget templates to add this patch two new variables.
BTW please note that this would not prevent the user to vote up, then vote down, then vote up, etc.
Comment #2
marvil07 CreditAttribution: marvil07 commentedupps.. too much metadata tweaking :-p
Comment #3
marvil07 CreditAttribution: marvil07 commentedupdated patch with changed widgets, but still missing the upanddown widget
Comment #4
oranjer CreditAttribution: oranjer commentedsubscribed
Comment #5
marvil07 CreditAttribution: marvil07 commented@greggles: it would be great to know your opinion about the last patch. I will complete this if you are ok with it for 2.x, in other way I will just move it to 3.x
Comment #6
gregglesThanks for the ping, marvil07. I think this looks acceptable but a more thorough approach would also check in the callback whether or not the user should be allowed to do this.
Comment #7
marvil07 CreditAttribution: marvil07 commentedThe voting ajax callback(that is the only place from where
vud_vote()
is call) is passed throughhook_menu()
, where use vote up/down permission is checked.So if I am not missing something this is the check you are asking for(if not, it would be great if you can elaborate about why it should be checked again on
vud_vote()
or maybe where would be a better place for that check).Comment #8
marvil07 CreditAttribution: marvil07 commented@greggles: I think I get what you mean: you are referring to vote in the same direction check. I see one one problem, but in order to do explode it you need to manually generate the link, that includes a token, but yes, actually is possible(but not too easy for a noob :-p) to generate the link from code, and naturally you need to have the vote permission.
I will try to add a check on
vud_vote()
for that ;-) (so one more query per vote casting)Comment #9
gregglesThanks, marvil07. Maybe it's not worth it since they would need to figure out the token but if, for example, they look at the URL before voting, use it to vote, and use it again and again it would let them vote up many times until their session changes.
Comment #10
marvil07 CreditAttribution: marvil07 commentedFinally I got this finished :-), thanks for the feedback!
I committed this patch to 3.x and 2.x.