Here we will show you both which ip's that successfully voted and which ones that voted but failed, you will also be able know what went wrong.
With our pingback system you will know each time a voter has voted and which ip and/or username they have used.
A lot of things can go wrong when you vote, so all votes might not count, i have listed below the two most common things that result in a failed vote even when you enter the captcha and vote correctly:
Make sure that cookies and javascript is enabled in your browser!
If you are using the old in.php voting link, dont forget to login to you account and fetch the new voting code, otherwise this wont work!
To verify voters using pingUsername, on your site details page on gtop100 where you vote, add
?vote=1&pingUsername=xyz to the url (replace xyz with the pingUsername of your choice)
You are NOT allowed to use email addresses in the "&pingUsername" field.
Below is an example code in PHP how your pingback file could look like.
<?php
// This example is compatable with PHP 8.
// It is important to use prepared statements to prevent SQL injection.
// Also, proper error handling should be implemented.
// The mysqli extension is used instead of the deprecated mysql extension.
// The "mysqli_real_escape_string" function is used for escaping strings,
// but using prepared statements is a better practice to prevent SQL injection.
// Make sure you always return one of these http response codes:
// 200, 201, 202, 203 or 204
// This will prevent extra unnecessary requests to your server.
// voter ip address
// You should validate and sanitize all input.
$voterIP = $_POST["VoterIP"] ?? null;
// 1 for error, 0 for successful
$success = abs((int)($_POST["Successful"] ?? 1));
// log reason the vote failed
$reason = $_POST["Reason"] ?? null;
// Retrieve the ping username if provided
$pingUsername = $_POST["pingUsername"] ?? null;
// Pingbackkey is used to verify that the request is coming from a trusted source.
$pingbackkey = $_POST["pingbackkey"] ?? null;
if ($pingbackkey !== "ENTER-YOUR-PINGBACKKEY-HERE") {
// If the pingback key does not match, exit the script.
http_response_code(403); // Forbidden
exit("Invalid pingback key.");
}
// Establish a new database connection using mysqli
$link = mysqli_connect("localhost", "user", "password", "db");
if (!$link) {
// Handle error - notify administrator, log to a file, show an error screen, etc.
http_response_code(500); // Internal Server Error
exit("Database connection error.");
}
// Prepared statement to prevent SQL injection
$query = "SELECT Username FROM UserTbl WHERE username = ?";
$stmt = mysqli_prepare($link, $query);
// Check if the statement was prepared correctly
if ($stmt) {
// Bind the IP parameter to the statement
mysqli_stmt_bind_param($stmt, "s", $pingUsername);
// Execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
$result = mysqli_stmt_get_result($stmt);
// Check if there are any rows returned
if ($row = mysqli_fetch_assoc($result)) {
if ($success == 0) {
// send reward to $row["Username"]
}
// Log reason here (optional)
} else {
// Handle the case where no user was found
}
// Free the result set
mysqli_free_result($result);
} else {
// Handle SQL execution error
http_response_code(500); // Internal Server Error
exit("Failed to execute the query.");
}
// Close the prepared statement
mysqli_stmt_close($stmt);
} else {
// Handle SQL preparation error
http_response_code(500); // Internal Server Error
exit("Failed to prepare the SQL query.");
}
// Close the database connection
mysqli_close($link);
// If everything was successful, you may want to send a success response code
http_response_code(200); // OK
// End of Example code compatable with PHP 8.
<?php
// This example is compatable with PHP 5.
// Make sure you always return one of these http response codes:
// 200, 201, 202, 203 or 204
// This will prevent extra unnecessary requests to your server.
//
// authorized ips to prevent exploitation.
// do not use this, use pingbackkey instead!
//$authorized = array("IP-1","IP-2");
//if(!in_array($_SERVER["REMOTE_ADDR"],$authorized))
// exit();
// voter ip address
$voterIP = mysql_real_escape_string($_POST["VoterIP"]);
// 1 for error, 0 for successful
$success = abs($_POST["Successful"]);
// log reason the vote failed
$reason = $_POST["Reason"];
// $pingUsername is a custom field you can use to track
// your players, username or id number.
//
// You can do this by changing your votebutton code link
// to whatever your players username or id is.
//
// Simply add this line to the end
// of your voting url where yyy is your
// players unique username or id ( &pingUsername=yyy ).
//
// Below is an example url of how it should look.
// Example: [YourSiteDetailsPageURL]?vote=1&pingUsername=yyy
$pingUsername = $_POST["pingUsername"];
// Pingbackkey is used to verify that the request is coming from us.
// Use A-Z, a-z, 0-9 and max 49 characters.
$pingbackkey = $_POST["pingbackkey"];
if ($pingbackkey === "ENTER-YOUR-PINGBACKKEY-HERE") {
$link = mysqli_connect("localhost", "user", "password", "db");
// if successfull vote reward your user, use your own database!
$result = mysqli_query(
$link, "SELECT Username FROM UserTbl WHERE username="{$pingUsername}"
);
if($result !== FALSE) {
$row = mysqli_fetch_row($result);
if(is_array($row)) {
if($success == 0) {
// send reward to $row["Username"]
}
// Log reason here(optional)
}
mysqli_free_result($result);
}
mysqli_close($link);
}
?>