18 Part I: Core Ideas
}
else
die('Failed to read file');$filehandle = fopen($totalsFile, "w+");
if ($filehandle)
{
fwrite($filehandle,"$votes\t$total\n");
fclose($filehandle);
}
else
die('Failed to write file');/* send the right headers */
header("Cache-Control: no-cache");
header("Pragma: no-cache");
header("HTTP/1.1 204 No Content\n\n");
exit();
?>Note that the server-side program adds a time stamp and the IP address as well as
places the record at the top of the file so that it is easier to find your particular ratings, as
shown in Figure 2-1.
Given that it is possible to type in the URL directly to trigger the rating to be saved; it
should be easy enough to figure out a way using script to do the same thing. In fact, there
are multiple ways to do this.One-way Image Object Technique
In the course of inserting images into Web pages, the src attribute of an <img> tag is often
set to an image file such as: <img src="logo.gif" />. It is just as legitimate to set this
not to a static image file, but to a script, like so: <img src= "http://ajaxref.com/ch2/
setrating.php?rating=3&transport=image" />. In this particular case, observe thatFIGURE 2-1 Snippet of saved user ratings