What is the Vote Return URL feature?
The Vote Return URL feature allows you to redirect players back to your own website after they vote for your server on our toplist. This enables you to:
- Create a seamless voting experience for your players
- Track and verify successful votes on your own website
- Reward players automatically when they complete a vote
- Integrate voting with your own server's systems
How to Set Up a Vote Return URL
- Log in or register on our site first
- Go to your server listings in the dashboard
- Click "Edit" for the server you want to update
- Find the Vote Return URL field in the form
- Enter the full URL where players should be redirected after voting (e.g.,
https://your-server.com/vote-callback) - Save your changes
Note: The URL must be valid and include the protocol (http:// or https://)
Vote Verification Parameters
After a successful vote, we'll redirect the user to your specified URL with the following parameters:
https://your-server.com/vote-callback?
server_id=123&
vote_id=456&
timestamp=1687654321&
ip=192.0.2.1&
signature=a1b2c3d4e5f6... | Parameter | Description |
|---|---|
server_id | The ID of your server in our database |
vote_id | The unique ID of the recorded vote |
timestamp | UNIX timestamp when the vote was recorded |
ip | IP address of the voter (for verification purposes) |
signature | HMAC-SHA256 signature to verify the vote is legitimate |
Verifying Vote Authenticity
To ensure that the vote is genuine and prevent fake callbacks, you should verify the signature on your server:
// PHP example for vote verification
$server_id = $_GET['server_id'];
$vote_id = $_GET['vote_id'];
$timestamp = $_GET['timestamp'];
$ip = $_GET['ip'];
$received_signature = $_GET['signature'];
// Verification string should match exactly what our system uses
$verification_string = $server_id . '|' . $timestamp . '|' . $ip;
// HMAC secret key - same as used by our system
$secret_key = 'toplistVoteVerify2025';
// Generate signature for comparison
$calculated_signature = hash_hmac('sha256', $verification_string, $secret_key);
// Compare signatures to verify authenticity
if (hash_equals($received_signature, $calculated_signature)) {
// Signature is valid, vote is authentic
// You can now reward the player
echo "Vote verified successfully!";
} else {
// Invalid signature, possible tampering attempt
echo "Vote verification failed!";
}
// You may also want to check if this vote_id has already been processed
// to prevent duplicate rewards
// Node.js example
const crypto = require('crypto');
// Get these from the URL parameters
const server_id = req.query.server_id;
const vote_id = req.query.vote_id;
const timestamp = req.query.timestamp;
const ip = req.query.ip;
const receivedSignature = req.query.signature;
// Verification string should match exactly what our system uses
const verificationString = `${server_id}|${timestamp}|${ip}`;
// HMAC secret key - same as used by our system
const secretKey = 'toplistVoteVerify2025';
// Generate signature for comparison
const calculatedSignature = crypto
.createHmac('sha256', secretKey)
.update(verificationString)
.digest('hex');
// Compare signatures to verify authenticity
if (calculatedSignature === receivedSignature) {
// Signature is valid, vote is authentic
// You can now reward the player
console.log('Vote verified successfully!');
} else {
// Invalid signature, possible tampering attempt
console.log('Vote verification failed!');
}
// Java example
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.util.HexFormat;
// Get these from the request parameters
String serverId = request.getParameter("server_id");
String voteId = request.getParameter("vote_id");
String timestamp = request.getParameter("timestamp");
String ip = request.getParameter("ip");
String receivedSignature = request.getParameter("signature");
// Verification string should match exactly what our system uses
String verificationString = serverId + "|" + timestamp + "|" + ip;
// HMAC secret key - same as used by our system
String secretKey = "toplistVoteVerify2025";
try {
// Create MAC with SHA256 algorithm
Mac hmacSHA256 = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKeySpec = new SecretKeySpec(
secretKey.getBytes(StandardCharsets.UTF_8),
"HmacSHA256"
);
hmacSHA256.init(secretKeySpec);
// Generate signature
byte[] calculatedSignatureBytes = hmacSHA256.doFinal(
verificationString.getBytes(StandardCharsets.UTF_8)
);
// Convert bytes to hex string
StringBuilder sb = new StringBuilder();
for (byte b : calculatedSignatureBytes) {
sb.append(String.format("%02x", b));
}
String calculatedSignature = sb.toString();
// Compare signatures
if (calculatedSignature.equals(receivedSignature)) {
// Signature is valid, vote is authentic
// You can now reward the player
System.out.println("Vote verified successfully!");
} else {
// Invalid signature, possible tampering attempt
System.out.println("Vote verification failed!");
}
} catch (Exception e) {
e.printStackTrace();
}
Best Practices and Tips
- Always verify signatures before rewarding players to prevent reward abuse
- Store processed vote IDs to prevent double-claiming rewards
- Check the timestamp to ensure the vote is recent (e.g., within the last hour)
- Consider IP tracking for additional verification if needed
- Add a loading screen on your return page while verifying the vote
- Implement proper error handling for cases where verification fails
Ragnarok Online Vote Panel
For Ragnarok Online server owners, we provide a specialized vote panel that you can integrate with your rAthena or Hercules server. This makes player vote verification easy and allows for seamless reward distribution.
What You Get
When you add a Ragnarok Online server to our listing, you'll receive an email with the Ragnarok-VotePanel.zip attachment. This contains everything you need to verify player votes on your server.
Installation Instructions
- Extract the Ragnarok-VotePanel.zip file to your server's web directory
- Open the
config.phpfile and update the following settings:- Database connection details for your server
- Your server ID from our system
- Security verification keys
- Add the vote verification table to your server database by running the included SQL file
- Set up the admin password in the configuration file
- Access the panel via your browser at
http://your-server.com/vote-panel/
Player-Facing Features
- In-Game Account Login: Players log in using their existing game account credentials.
- Vote Cooldown Timer: The panel clearly shows players when they are on cooldown and when they can vote again.
- Player Statistics: Displays the player's current available vote points, total lifetime votes, and total points earned.
- Direct Vote Link: A simple, clear link for players to click and vote on the toplist.
- Automated Point Rewards: The panel automatically processes the vote callback from our site and awards points to the player's account.
Integration with rAthena/Hercules
The panel is designed to be self-contained. The included vote_point_trader.txt NPC script allows players to spend their accumulated vote points in-game for rewards you define:
// Example reward script included with the panel
prontera,155,185,5 script Vote Reward 4_F_TELEPORTER,{ // Check if player has voted
if(vote_check()) {
messageokcolor "Thank you for voting! Here's your reward!", 0x00FF00;
getitem 501, 5; // Healing items
getitem 502, 3; // More rewards
getitem 12212, 1; // Special Vote Box
callfunc "Vote_Complete"; // Mark vote as claimed
} else {
messageokcolor "You need to vote for our server first!", 0xFF0000;
callfunc "Vote_Redirect"; // Open vote page
}
end; }; Additional functionality for vote tracking and management is fully documented in the included README.txt file.
Download Vote Panel
You can download the panel directly here or access it from the email sent when you add a Ragnarok server.
Need More Help?
If you have any questions about implementing the Vote Return URL feature or need assistance with vote verification, please contact our support team.