uawdijnntqw1x1x1
IP : 216.73.216.39
Hostname : diefsweb003.fsit.ch
Kernel : Linux diefsweb003.fsit.ch 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
Disable Function : None :)
OS : Linux
PATH:
/
home
/
wirbesti
/
unwaehlbar.ch
/
DAO
/
vote.php
/
/
<?php class Vote { private $con; private $lookbackInMinutes = 15; // Database Connection public function __construct(DBConnection $database) { $this->con = $database; return $this->con; } private function getSubnet() { $ipaddress = getIPAddress(); if (strpos($ipaddress, ".") !== false) {// IP-V4 preg_match('/(?<ipsubnet>\d+.\d+.\d+).\d+/', $ipaddress, $matches); } if (strpos($ipaddress, ":") !== false) { // IP-V6 preg_match('/(?<ipsubnet>(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}))/', $ipaddress, $matches); } try { $subnet= isset($matches['ipsubnet']) ? $matches['ipsubnet'] : ''; } catch (exception $e) { return false; } if ($subnet == '') { return false; } return $subnet; } public function wasVotedOnInSameDomain($id, $database) { $startingWithSubnet = $this->getSubnet().'%'; $statement = $database->dbc->prepare("SELECT COUNT(*), created, TIMESTAMPDIFF(MINUTE,created, NOW()) `minutes` FROM `vote` WHERE `politicianid` = :politicianid AND `ipaddress` like :ipaddress HAVING `minutes` <= :lookbackinminutes"); $statement->bindParam(":politicianid", $id); $statement->bindParam(":ipaddress", $startingWithSubnet); $statement->bindParam(":lookbackinminutes", $this->lookbackInMinutes); $statement->execute(); $result = $statement->fetchColumn(); return $result > 0; } public function isBackVotingDisabled($id, $database) { $startingWithSubnet = $this->getSubnet().'%'; $popularityProvider = new PopularityProvider($database); $popularity = $popularityProvider->getPopularity([$id]); $statement = $database->dbc->prepare("SELECT COUNT(*), created, TIMESTAMPDIFF(MINUTE,created, NOW()) `minutes` FROM `vote` WHERE `politicianid` = :politicianid AND `ipaddress` like :ipaddress HAVING `minutes` <= :lookbackinminutes"); $statement->bindParam(":politicianid", $id); $statement->bindParam(":ipaddress", $startingWithSubnet); $statement->bindParam(":lookbackinminutes", $this->lookbackInMinutes); } public function getVoteCountWithSameIpAddress($id, $database) { // Check if already voted $ipaddress = getIPAddress(); $statement = $database->dbc->prepare( "SELECT COUNT(*) as total FROM `vote` v ". "WHERE `politicianid` = :politicianid AND `ipaddress` = :ipaddress " ); $statement->bindParam(":politicianid", $id); $statement->bindParam(":ipaddress", $ipaddress); $statement->execute(); $result = $statement->fetchColumn(); return $result; } public function getTotalVoteCount($id, $database) { $statement = $database->dbc->prepare( "SELECT (COUNT(v.aid) + p.seedup + p.seeddown) as total FROM `vote` v ". "JOIN politician p on p.aid = v.politicianid ". "WHERE `politicianid` = :politicianid " ); $statement->bindParam(":politicianid", $id); $statement->execute(); $result = $statement->fetchColumn(); return $result; } public function deactivateVotes($id, $kind, $database) { $fieldToUpdate = $kind == 'up' ? 'upVoteDeactivatedDate' : 'downVoteDeactivatedDate'; $statement = $database->dbc->prepare("UPDATE `politician` SET `modified` = NOW(), ".$fieldToUpdate." = NOW() WHERE `aid` = :id"); $statement->bindParam(":id", $id); $result = $statement->execute(); } public function isVoteDeactivated($direction, $id, $database) { $field = $direction == 'up' ? 'upVoteDeactivatedDate' : 'downVoteDeactivatedDate'; $statement = $database->dbc->prepare( "SELECT ".$field. " FROM `politician` p ". "WHERE `aid` = :politicianid " ); $statement->bindParam(":politicianid", $id); $statement->execute(); $result = $statement->fetchColumn(); return $result != null; } public function deactivateVotesIfFraudAttemptDetected( $id, $upvotes, $downvotes, $vote, $database ) { $totalVotes = $upvotes + $downvotes; $FRAUD_PROBE = 5; if ($upvotes > $downvotes && $vote == 1 || $downvotes > $upvotes && $vote == -1 ) { return; } if (($upvotes > $downvotes && $vote == -1 && $this->isVoteDeactivated('down', $id, $database)) || ($downvotes > $upvotes && $vote == 1 && $this->isVoteDeactivated('up', $id, $database)) ) { return; } $numberOfRecordsToCheck = ceil($totalVotes * $FRAUD_PROBE / 100); $statement = $database->dbc->prepare("SELECT * FROM `vote` v WHERE `politicianid` = :politicianid ORDER BY created desc LIMIT ".$numberOfRecordsToCheck); $statement->bindParam(":politicianid", $id); $statement->execute(); $result = $statement->fetchAll(); $counterVotes = 0; foreach ($result as $item) { if (($item['vote'] == 1 && $vote == 1 && $downvotes > $upvotes) || ($item['vote'] == -1 && $vote == -1 && $downvotes < $upvotes) ) { $counterVotes += 1; } } if ($counterVotes > ($numberOfRecordsToCheck * 90 / 100)) { if ($vote == 1) { $this->deactivateVotes($id, 'up', $database); } elseif ($vote == -1) { $this->deactivateVotes($id, 'down', $database); } } } public function reactivateVotesIfPossible($id, $upvotes, $downvotes, $vote, $database) { $totalVotes = $upvotes + $downvotes; $FRAUD_REACTIVATION = 2; if ($upvotes > $downvotes && $vote == 1) { $field = 'downVoteDeactivatedDate'; $voteClause = "vote > 0"; } elseif ($downvotes > $upvotes && $vote == -1) { $field = 'upVoteDeactivatedDate'; $voteClause = "vote < 0"; } else { return; } $statement = $database->dbc->prepare( "SELECT COUNT(*) as total FROM `vote` v ". "JOIN politician p on p.aid = v.politicianid ". "WHERE `politicianid` = :politicianid ". "AND ".$voteClause. " AND v.created > p.".$field. " ORDER BY v.created desc" ); $statement->bindParam(":politicianid", $id); $statement->execute(); $result = $statement->fetchColumn(); if (intval($result) >= ($totalVotes * $FRAUD_REACTIVATION / 100)) { $fieldToUpdate = $vote == 1 ? 'downVoteDeactivatedDate' : 'upVoteDeactivatedDate'; $statement = $database->dbc->prepare("UPDATE `politician` SET `modified` = NOW(), ".$fieldToUpdate." = NULL WHERE `aid` = :id"); $statement->bindParam(":id", $id); $result = $statement->execute(); } } }
/home/wirbesti/unwaehlbar.ch/DAO/vote.php