referral link isn't being locked to one ip

60 views Asked by At

I took a referral system off a website and started to fix it up a bit. I converted mysql to mysqli I finished that but I ran into a problem and not sure how to fix it.

There should only be one referral link per ip. Here's the thing that's not happening whenever I refresh a page a new referral link gets created.

Logging the referral link

<? 
include "config.php"; 
if(isset($_COOKIE['ref_link'])){ 
    $ref = $_COOKIE['ref_link']; 
}else{ 
    $ref = rand(1,9).date('Y').date('m').date('d').date('h').date('i').date('s'); 
    $ref = rand_uniqid($ref); 
    setcookie("ref_link",$ref, 9999999999);   

    $insert = "insert into cookie_ref(REF_val) values('".$ref."');"; 
    @mysqli_query($GLOBALS["___mysqli_ston"], $insert); 

} 
$error = ''; //used for checking if ip has been re used 
if(isset($_GET['ref'])){ 
    $getip = "select * from cookie_ref_ips where IP_address = '".getRealIpAddr()."' and REF_val = '".$_GET['ref']."'"; 
    $getip_query = @mysqli_query($GLOBALS["___mysqli_ston"], $getip); 
    if(@mysqli_num_rows($getip_query) < 1){ 
    $update = "update cookie_ref set REF_hits = REF_hits + 1 where REF_val = '".$_GET['ref']."'"; 
    @mysqli_query($GLOBALS["___mysqli_ston"], $update); 

    $insertip = "insert into cookie_ref_ips(IP_address,REF_val) values('".getRealIpAddr()."','".$_GET['ref']."')"; 
    @mysqli_query($GLOBALS["___mysqli_ston"], $insertip); 
    }else{ 
        $error = "<h1>You already used this refferal link!</h1>"; 
    } 
} 
?>


    <? // Logging the referral count
  echo $error; 
  $select = "select * from cookie_ref where REF_val = '".$ref."';"; 
  $selectQuery = @mysqli_query($GLOBALS["___mysqli_ston"], $select); 
  $selectArray = @mysqli_fetch_array($selectQuery); 
  $hits = $selectArray['REF_hits']; 
  echo "<div class='container'>
        <h1>".$hits."</h1>";
  echo "</div>";
  ?>

<?

<? // Getting the real ip
function rand_uniqid($in, $to_num = false, $pad_up = false, $passKey = null)
{
    $index = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
    if ($passKey !== null) {
        // Although this function's purpose is to just make the
        // ID short - and not so much secure,
        // you can optionally supply a password to make it harder
        // to calculate the corresponding numeric ID

        for ($n = 0; $n<strlen($index); $n++) {
            $i[] = substr( $index,$n ,1);
        }

        $passhash = hash('sha256',$passKey);
        $passhash = (strlen($passhash) < strlen($index))
            ? hash('sha512',$passKey)
            : $passhash;

        for ($n=0; $n < strlen($index); $n++) {
            $p[] =  substr($passhash, $n ,1);
        }

        array_multisort($p,  SORT_DESC, $i);
        $index = implode($i);
    }

    $base  = strlen($index);

    if ($to_num) {
        // Digital number  <<--  alphabet letter code
        $in  = strrev($in);
        $out = 0;
        $len = strlen($in) - 1;
        for ($t = 0; $t <= $len; $t++) {
            $bcpow = bcpow($base, $len - $t);
            $out   = $out + strpos($index, substr($in, $t, 1)) * $bcpow;
        }

        if (is_numeric($pad_up)) {
            $pad_up--;
            if ($pad_up > 0) {
                $out -= pow($base, $pad_up);
            }
        }
        $out = sprintf('%F', $out);
        $out = substr($out, 0, strpos($out, '.'));
    } else {
        // Digital number  -->>  alphabet letter code
        if (is_numeric($pad_up)) {
            $pad_up--;
            if ($pad_up > 0) {
                $in += pow($base, $pad_up);
            }
        }

        $out = "";
        for ($t = floor(log($in, $base)); $t >= 0; $t--) {
            $bcp = bcpow($base, $t);
            $a   = floor($in / $bcp) % $base;
            $out = $out . substr($index, $a, 1);
            $in  = $in - ($a * $bcp);
        }
        $out = strrev($out); // reverse
    }

    return $out;
}
function getRealIpAddr()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}
?>
0

There are 0 answers