febbraio 15 2015febbraio 15 2015By AlessioIn SoftwareMultisite

Multisite WP-Postratings bug in cookie management

Multisite WP-Postratings plugin bug in cookie management

WP-Postratings plugin for WordPress has a bug in cookie management that inhibits to vote posts with same ID in a WordPress Multisite installation. Here, how to fix it.

When a user votes a post, WP-Postratings sets a cookie, which contains the post ID with the PHP function bool setcookie($key, $value). Then, when a user opens a post through the browser, WP-Postratings plugin checks if the user has the cookie. If the cookie is present, the plugin reads the post ID inside the cookie and it checks if the post ID read in the cookie is equal to the post ID of the post opened by the user. If they are equal it means that the user has already voted the post thus the plugin inhibits the possibility to vote again.

The problem is that in multisite installation the post ID of different blogs are NOT unique. Thus, user “X” in blog “A” can vote the post with ID:111 but user “X” can’t vote another post with ID:111 in blog “B”, “C” etc..

To fix the bug is sufficient to modify the file wp-postratings.php, which is in the plugin folder.

At row 300 the function check_rated_cookie must be changed from:

### Function: Check Rated By Cookie
function check_rated_cookie($post_id) {
	if(isset($_COOKIE["rated_$post_id"])) {
		return true;
	} else {
		return false;
	}
}

### Function: Check Rated By Cookie

function check_rated_cookie($post_id) {

if(isset($_COOKIE["rated_$post_id"])) {

return true;

} else {

return false;

}

to:

### Function: Check Rated By Cookie - Mod
function check_rated_cookie($post_id) {
    global $current_blog;
    $musite_id = $current_blog->blog_id;
    if($musite_id == 1)    { $musite_id = ''; }
    if(isset($_COOKIE["rated_".$musite_id."_".$post_id])) {
	if(isset($_COOKIE["rated_$post_id"])) {
		return true;
	} else {
		return false;
	}
}

### Function: Check Rated By Cookie - Mod

function check_rated_cookie($post_id) {

global $current_blog;

$musite_id = $current_blog->blog_id;

if($musite_id == 1) { $musite_id = ''; }

if(isset($_COOKIE["rated_".$musite_id."_".$post_id])) {

if(isset($_COOKIE["rated_$post_id"])) {

return true;

} else {

return false;

}

At row 640 the if section must be changed as it follows:

if($postratings_logging_method == 1 || $postratings_logging_method == 3) {
 global $current_blog;
 $musite_id = $current_blog->blog_id;
 if($musite_id == 1) { $musite_id = ''; }
  $rate_cookie = setcookie("rated_".$musite_id."_".$post_id, $ratings_value[$rate-1], time() + 30000000, apply_filters('wp_postratings_cookiepath', SITECOOKIEPATH));
 }

if($postratings_logging_method == 1 || $postratings_logging_method == 3) {

global $current_blog;

$musite_id = $current_blog->blog_id;

if($musite_id == 1) { $musite_id = ''; }

$rate_cookie = setcookie("rated_".$musite_id."_".$post_id, $ratings_value[$rate-1], time() + 30000000, apply_filters('wp_postratings_cookiepath', SITECOOKIEPATH));

}

Done. Now your plugin should work correctly.

See you soon.