投票系统--自己写很失败,遭大多数人鄙视。

这个投票系统  看上去很严密 实际用了 我才知道它是不堪一击的  投票也加了验证码但是还是很失败 

public   string  toupiao( int  id)
    
{

        DateTime d 
= (DateTime)LiTianPing.DBUtility.DbHelperSQL.GetSingle("select max(datatime) from per_ip_temp");
        DateTime dd 
= d.AddDays(1);
        
if (dd.Day == DateTime.Now.Day)
        
{
            DataSet ds12 
= LiTianPing.DBUtility.DbHelperSQL.Query("select * from per_ip_temp");
            
string path = System.Web.HttpContext.Current.Server.MapPath("ip/"+ System.DateTime.Now.ToString("yyyyMMddHHmmss"+ ".xml";
            ds12.WriteXml(path);
            LiTianPing.DBUtility.DbHelperSQL.ExecuteSql(
"delete from per_ip_temp");

        }

        
int count = 1;
        
try
        
{
            
string ip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"].ToString(); ;
            
if (LiTianPing.DBUtility.DbHelperSQL.Exists("select count(*) from per_ip_temp where ip='" + ip + "'"))
            
{
                count 
= (int)LiTianPing.DBUtility.DbHelperSQL.GetSingle("select ipcount from per_ip_temp where ip='" + ip + "'");
            }

            
else
            
{
                LiTianPing.DBUtility.DbHelperSQL.ExecuteSql(
"insert into per_ip_temp (ip,per_id) values('" + ip + "','" + System.Web.HttpContext.Current.Request.QueryString.Get("id"+ "')");
            }

            
if (count <= 5)
            
{


                
if (Convert.ToInt32(panduan_cook()) >= 5)
                
{

                    
return "失败:每个人24小时内只能投五次";
                }

                
else
                
{

                    write_cook(Convert.ToInt32(panduan_cook()) 
+ 1);
                    toupioa(ip, count);
                    
return "投票成功:你今天第" + count + "次票";
                }



            }

            
else
            
{
                
return " 失败:每个人24小时内能投五次";
            }

        }

        
catch
        
{
            
return "你没有请选择";
        }

    }

    
protected   void  toupioa( string  ip,  int  count)
    
{
        
string sql = "update per_info set per_nuber=per_nuber+1 where id=" + System.Web.HttpContext.Current.Request.QueryString.Get("id");
        
string sql1 = "update per_ip_temp set ipcount=ipcount+1 where ip='" + ip + "'";
        LiTianPing.DBUtility.DbHelperSQL.ExecuteSql(sql);
        LiTianPing.DBUtility.DbHelperSQL.ExecuteSql(sql1);

    }

    
private   void  write_cook( int  i)
    
{
        HttpCookie hc 
= new HttpCookie("user");
        hc.Value 
= i.ToString();
        hc.Expires 
= System.DateTime.Now.AddDays(1);

        System.Web.HttpContext.Current.Response.Cookies.Add(hc);
    }

    
private   string  panduan_cook()
    
{
        HttpCookie hc 
= System.Web.HttpContext.Current.Request.Cookies["user"];
        
if (!Object.Equals(hc, null))
        
{
            
return hc.Value;
        }

        
else
        
{
            
return "";
        }

    }

你可能感兴趣的:(投票系统--自己写很失败,遭大多数人鄙视。)