vote.php source

1. <html>
2. <head>
3. <title>Vote Now!</title>
4. <style>
5. body { background-color: #202020;
6. color: yellow;
7. }
8. </style>
9. </head>
10. <body>
11. <?php
12. // Report all PHP errors (see changelog)
13. error_reporting(E_ALL);
14.  
15. // for gedimazs
16.  
17. include ("config.php");
18.  
19.  
20. //---DO NOT EDIT ANYTHING BELOW HERE UNLESS YOU KNOW WHAT YOU ARE DOING!! ---
21.  
22. function clean($str){
23. return is_array($str) ? array_map('clean', $str) : str_replace("\\", "\\\\", htmlspecialchars((get_magic_quotes_gpc() ? stripslashes($str) : $str), ENT_QUOTES));
24. }
25.  
26.  
27. $data_acc = odbc_connect("account","vote","own3dVOT3");
28. $data_cas = odbc_connect("cash","vote","own3dVOT3");
29.  
30. $ip = $_SERVER['REMOTE_ADDR'] ;
31. $account = clean($_POST['account']);
32. $date = date("Y-m-d G:i");
33.  
34. if (empty($account)){
35.  
36. echo '<SCRIPT LANGUAGE="JavaScript">alert("You didnt enter a account name! \n Please try again.")</script>';
37. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
38. exit();
39.  
40.  
41. } elseif(!preg_match("/[0-9a-zA-Z]?/", $account)) {
42.  
43. echo '<SCRIPT LANGUAGE="JavaScript">alert("Incorrect account name format. \n Please try again.")</script>';
44. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
45. exit();
46.  
47.  
48. } else {
49.  
50. $result1 = odbc_exec("SELECT * FROM user_profile WHERE user_id = '".$account."' ",$data_acc);
51. $count1 = odbc_num_rows($result1);
52. $row1 = odbc_fetch_row($result1);
53.  
54.  
55.  
56. if($count1 == '0') {
57.  
58. echo '<SCRIPT LANGUAGE="JavaScript">alert("Account not found. \n Please try again.")</script>';
59. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
60. exit();
61.  
62.  
63. } else {
64.  
65.  
66. // account found, check for dshop
67. $get_coins = odbc_exec("SELECT * FROM cash.dbo.user_cash WHERE user_no = '".$row1[0]."'",$data_cas);
68. $count_coins = odbc_num_rows($get_coins);
69.  
70.  
71. if($count_coins == '0') {
72. // didnt visit dhop
73. echo '<SCRIPT LANGUAGE="JavaScript">alert("This account didnt visit the D-shop yet. \n You cannot recive your coins. \n Please login into the server, and visit the D-shop.")</script>';
74. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
75. exit();
76.  
77. } else {
78.  
79. // he visted the dshop.. contiue
80. // found account found in votes, get his info
81. $result2 = odbc_exec("SELECT * FROM account.dbo.user_votes WHERE account = '".$account."' ",$data_acc);
82. $row2 = odbc_fetch_row($result2);
83. $count2 = odbc_num_rows($result2);
84.  
85.  
86. $voted_ip = $row2[2];
87. $voted_date = $row2[3];
88. $voted_id = $row2[0];
89. $voted_account = $row2[1];
90. $to_time = strtotime($voted_date);
91. $from_time = strtotime($date);
92.  
93. //
94. if($count2 == 1){
95. //i found account in votes
96.  
97.  
98. // check if time has expired
99. if (round(abs($to_time - $from_time) / 60,2) > $time_needed) {
100. // time expired,delete his info and add new one
101. $amount = $coins;
102.  
103. odbc_exec("DELETE FROM account.dbo.user_votes WHERE account = '".$row1[1]."'",data_acc);
104. odbc_exec("INSERT INTO account.dbo.user_votes (account,ip,date) VALUES ('".$account."','".$ip."','".$date."' ) ",$data_acc);
105. odbc_exec("UPDATE cash.dbo.user_cash SET amount = amount+".$amount." WHERE user_no = '".$row1[0]."'",$data_cas);
106. echo '<SCRIPT LANGUAGE="JavaScript">alert("Thank you for you vote!")</script>';
107. echo "<script type='text/javascript'>window.location='$votesite';</script>";
108. exit();
109.  
110. } else {
111. // time not expired
112. echo '<SCRIPT LANGUAGE="JavaScript">alert("You cant vote anymore! \n Vote time did not expire yet. \n Please try again later.")</script>';
113. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
114. exit();
115.  
116. }
117.  
118.  
119.  
120. } else {
121.  
122. // check is new account have voted IP
123. $q = "SELECT * FROM account.dbo.user_votes WHERE ip = '".$ip."' ";
124. $result3 = odbc_exec($data_acc,$q);;
125. $count3 = odbc_num_rows($result3);
126.  
127.  
128. if($count3 == 1){
129.  
130. echo '<SCRIPT LANGUAGE="JavaScript">alert("You cannot vote anymore with this IP! \n Please wait until you time has expired.")</script>';
131. echo "<script type='text/javascript'>window.location='votenow.php';</script>";
132. exit();
133.  
134. } else {
135.  
136. $amount = $coins;
137. odbc_exec("INSERT INTO account.dbo.user_votes (account,ip,date) VALUES ('".$account."','".$ip."','".$date."' ) ",$data_acc);
138. odbc_exec("UPDATE cash.dbo.user_cash SET amount = amount+".$amount." WHERE user_no = '".$row1[0]."'",$data_cas);
139. echo '<SCRIPT LANGUAGE="JavaScript">alert("Thank you for you vote!")</script>';
140. echo "<script type='text/javascript'>window.location='$votesite';</script>";
141. exit();
142.  
143. }
144.  
145.  
146. }
147. }
148. }
149. }
150. odbc_close($data_acc,data_cas
151. );
152. ?>
153. </body>
154. </html>