diff --git a/sql/schema.sql b/sql/schema.sql index f47075c2..cb72ab0b 100644 --- a/sql/schema.sql +++ b/sql/schema.sql @@ -97,7 +97,7 @@ CREATE TABLE bugdb_subscribe ( CREATE TABLE bugdb_votes ( bug int(8) NOT NULL default '0', ts timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, - ip int(10) unsigned NOT NULL default '0', + ip varbinary(16) NOT NULL, score int(3) NOT NULL default '0', reproduced int(1) NOT NULL default '0', tried int(1) NOT NULL default '0', diff --git a/www/vote.php b/www/vote.php index 94df5fe0..de1a9f37 100644 --- a/www/vote.php +++ b/www/vote.php @@ -57,11 +57,11 @@ function get_real_ip () return ($ip ? $ip : $_SERVER['REMOTE_ADDR']); } -$ip = ip2long(get_real_ip()); +$ip = get_real_ip(); // TODO: check if ip address has been banned. hopefully this will never need to be implemented. // Check whether the user has already voted on this bug. -$bug_check = $dbh->prepare("SELECT bug, ip FROM bugdb_votes WHERE bug = ? AND ip = ? LIMIT 1") +$bug_check = $dbh->prepare("SELECT bug, ip FROM bugdb_votes WHERE bug = ? AND ip = INET6_ATON(?) LIMIT 1") ->execute([$id, $ip]) ->fetchRow(); @@ -70,13 +70,17 @@ function get_real_ip () $dbh->prepare(" INSERT INTO bugdb_votes (bug, ip, score, reproduced, tried, sameos, samever) VALUES ( - {$id}, {$ip}, {$score}, " . + ?, INET6_ATON(?), ?, " . ($reproduced == 1 ? "1," : "0,") . ($reproduced != 2 ? "1," : "0,") . ($reproduced ? "$sameos," : "NULL,") . ($reproduced ? "$samever" : "NULL") . ')' - )->execute(); + )->execute([ + $id, + $ip, + $score + ]); // redirect to the bug page (which will display the success message) redirect("bug.php?id=$id&thanks=6"); @@ -84,7 +88,7 @@ function get_real_ip () // As the user has already voted, just update their existing vote. $dbh->prepare("UPDATE bugdb_votes SET score = ?, reproduced = ? , tried = ?, sameos = ?, samever = ? - WHERE bug = ? AND ip = ?") + WHERE bug = ? AND ip = INET6_ATON(?)") ->execute([ $score, ($reproduced == 1 ? "1" : "0"),