• Resolved dater

    (@dater)


    @natekinkead,
    what do you mean by “Visitors can only vote once on each topic or reply”?
    I set up a hidden, members only forum and each member still can vote endless.
    Is this wanted?
    Or am i the only one with this issue?

Viewing 15 replies - 1 through 15 (of 17 total)
  • Plugin Author natekinkead

    (@natekinkead)

    There are 2 ways someone can endlessly vote right now.

    1) The user has the “administrator” role. I use the code current_user_can('administrator') for that check.

    2) Users are clearing their cookies, using multiple browsers, or logging in an incognito window in order to vote again.

    I realize this plugin is still in an early stage because it could use some refinement like storing it in the usermeta if logged in, but it doesn’t really solve the problem of public visitors spamming the votes by clearing cookies between each vote.

    Thread Starter dater

    (@dater)

    Sorry @natekinkead,
    i registered a normal user (subscriber, participant) and he can vote own and admin posts endlessly.
    Do you need some help? This module is needed for my site, so i have a small budget for it.

    Plugin Author natekinkead

    (@natekinkead)

    Thanks for pointing out this issue. I was able to see the same issue. The good news is that the functionality that I was talking about was in place and preventing actual subsequent votes from happening, but the problem is that the javascript was unaware and was acting like the votes were happening.

    In other words, if you voted up 10 times on the same reply, you would see a “10” as the score, but then if you refreshed, you would see the actual score is “1”.

    Anyway, I fixed this issue and released a new version, 1.1.2.

    FYI, I integrated another requested feature which was to have labels for the up and down votes. You can change the text of the labels using filters like this…

    add_filter('bbp_voting_helpful', function() {
        return 'Thanks';
    });
    add_filter('bbp_voting_not_helpful', function() {
        return 'No Thanks';
    });
    Thread Starter dater

    (@dater)

    Now you have to reload or revisit the page to vote again.
    Statistics are only displayed before voting.
    I think i will remove the labels with your filters.

    Plugin Author natekinkead

    (@natekinkead)

    Just updated to 1.1.4 which removes unlimited voting from administrators and also added a filter to not just change the labels text, but to disable the labels.

    add_filter('bbp_voting_show_labels', '__return_false');

    Thread Starter dater

    (@dater)

    Thanks for removing the admin exception and adding the show_labels filter.
    But voting is still broken:
    – when reloading page the status resets.
    – when voted, arrows grey out and the cursor shows a symbol. But again i can vote endless.

    Plugin Author natekinkead

    (@natekinkead)

    The score should not be resetting. Do you have static page caching? If so, that might be the reason why it would be resetting. If you clear cache, you would see the new scores. I’ll do some testing later, but nobody should be able to vote endlessly anymore.

    Thread Starter dater

    (@dater)

    OK, i think i broke it with a security plugin setting. I found a working installation. I will check this later on. Can you tell in the meanwhile if there needs to be access to an interface like XML-RPC, admin-ajax.php or something like this?

    Plugin Author natekinkead

    (@natekinkead)

    It does use admin-ajax.php for standard WordPress AJAX functionality.

    Thread Starter dater

    (@dater)

    I investigated this further more and found 3 strange behaviors:

    1) I had a look at the ajax response, which is “Success!” for every vote on the broken systems. The working system responds with a “Not allowed to vote twice”.

    2) It runs on my self installed server, not at my hoster.

    3) On the broken systems the mouse arrow changes it’s symbol to a forbidden symbol when voted twice or more. The working one stays normal.

    I checked all security settings and deactivated or deinstalled every module. No change.

    Plugin Author natekinkead

    (@natekinkead)

    All the things you mentioned are features of the plugin that I purposely developed. What exactly is the problem you’re having?

    What do you mean by “self installed server” vs “hoster”?

    Thread Starter dater

    (@dater)

    I use two different servers, one is hosted by a company, the other one is a own LAMP system running in my LAN.

    Have a look here at my broken dev system hosted by a company. Unlimited voting is possible.

    Do you only base on cookies? For logged in users you should write the vote to the database. This solves the clearing cookies problem for members only sites.

    Additionally there should be an option to allow voting only when logged in. As you can see, you can’t reply, but vote.

    Plugin Author natekinkead

    (@natekinkead)

    Oh, that’s strange. I looked at your site and it is not allowing any cookies to be stored. That’s why it’s letting you repeat votes.

    I think the browser is not storing cookies because the site is not using SSL.

    I’ll look into a better solution to work around that issue as well as your other feature requests.

    Thread Starter dater

    (@dater)

    It works on my old debian 8 system so i think it is maybe a problem with the php version. SSL and cookies dont interfere IMHO.

    Thread Starter dater

    (@dater)

    It has something to do with the PHP from my hoster.
    I changed PHP from 7.2.11 to 5.6.38 and it works.
    I changed it back and it still works. I think i got the cookie now.
    After restarting my browser (deletes all cookies) its broken again.

Viewing 15 replies - 1 through 15 (of 17 total)
  • The topic ‘Voting broken’ is closed to new replies.