API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2015
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.55 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. if(basename($_SERVER["PHP_SELF"]) == "vote.php"){
  3. die("403 - Access Forbidden");
  4. }
  5. ?>
  6. <h2 class="text-left">Vote</h2><hr/>
  7. <?php
  8. $earnedpoints = false;
  9. $insertnew = false;
  10. $time = time();
  11. $redirect = "";
  12. $account = $mysqli->real_escape_string(preg_replace("/[^A-Za-z0-9 ]/", '', @$_POST['name']));
  13. $siteid = $mysqli->real_escape_string(@$_POST['votingsite']);
  14. $checkacc = $mysqli->query("SELECT * FROM accounts WHERE name = '$account'");
  15. $countcheckacc = $checkacc->num_rows;
  16. if($countcheckacc == 0 && isset($_POST['submit'])) { $funct_error = "This account doesn't exist!";}
  17. elseif ($account == '' && isset($_POST['submit'])) {$funct_error = 'You need to put in a username!';}
  18. elseif(empty($_POST['votingsite']) && isset($_POST['submit'])){
  19. $funct_error = "Please select a voting site";
  20. }
  21. elseif(isset($_POST['submit'])) {
  22. $checksite = $mysqli->query("SELECT * FROM ".$prefix."vote WHERE id = ".$siteid."");
  23. $countchecksite = $checksite->num_rows;
  24. if($countchecksite == 0 && isset($_POST['submit'])) {
  25. $funct_error = "Invalid voting site.";
  26. }
  27. else {
  28. $result = $mysqli->query("SELECT *, SUM(times) as amount FROM ".$prefix."votingrecords WHERE NOT account='' AND NOT account='0' AND account='".$account."' AND siteid = '".$siteid."'") or die('Error - Could not look up vote record!');
  29. $row = $result->fetch_assoc();
  30. $sitequery = $mysqli->query("SELECT * FROM ".$prefix."vote WHERE id = '".$siteid."'");
  31. $vsite = $sitequery->fetch_assoc();
  32. $gvp = $vsite['gvp'];
  33. $gnx = $vsite['gnx'];
  34. $timecalc = $time - $row['date'];
  35. if ($row['amount'] == '' || $timecalc > $vsite['waittime']) {
  36. if($row['amount'] == '') {
  37. $result = $mysqli->query("INSERT INTO ".$prefix."votingrecords (siteid, ip, account, date, times) VALUES ('".$siteid."', '".$ipaddress."', '".$account."', '".$time."', '1')") or die ('Error - Could not insert vote records!');
  38. }
  39. else {
  40. $result = $mysqli->query("UPDATE ".$prefix."votingrecords SET siteid = '".$siteid."', ip='".$ipaddress."', account='".$account."', date='".$time."', times='1' WHERE account='".$account."' AND siteid = '".$siteid."'") or die ('Error - Could not update vote records!');
  41. }
  42. $earnedpoints = true;
  43. if ($earnedpoints == true) {
  44. if ($account != '') {$result = $mysqli->query("UPDATE accounts SET $colvp = $colvp + $gvp, $colnx = $colnx + $gnx WHERE name='".$account."'") or die ('Error - Could not give rewards. Your site administrator needs to configure the NX and VP settings.');}
  45. $funct_msg = '<meta http-equiv="refresh" content="0; url='.$vsite['link'].'">';
  46. $redirect = true;
  47. }
  48. }
  49. elseif($timecalc < $vsite['waittime'] && $row['amount'] != '') {
  50. $funct_msg = 'You\'ve already voted for '.$vsite['name'].' within the last '.round($vsite['waittime']/3600).' hours!';
  51. $funct_msg .= '<br />Vote time: '. date('M d\, h:i A', $row['date']);
  52. }
  53. else {
  54. $funct_error = 'Unknown Error';
  55. }
  56. }
  57. }
  58. if($redirect == true) {
  59. echo $funct_msg;
  60. }
  61.  
  62. else { ?>
  63. <form method="post">
  64. <?php
  65. if(isset($funct_msg)) {echo '<div class="alert alert-danger">'.$funct_msg.'</div>';}
  66. if(isset($funct_error)) {echo '<div class="alert alert-danger">'.$funct_error.'</div>';}
  67. $query = $mysqli->query("SELECT * from ".$prefix."vote");
  68. if($query->num_rows == 0){
  69. echo "<div class=\"alert alert-danger\">Your administrator has not added any voting sites yet!</div>";
  70. }
  71. echo "
  72. <div class=\"form-group\">
  73. <label for=\"voteSite\">Select Site:</label>
  74. <select name=\"votingsite\" class=\"form-control\" id=\"voteSite\" required>
  75. <option value=\"\" disabled selected>Select Site...</option>";
  76. while($row = $query->fetch_assoc()){
  77. echo "<option value=\"".$row['id']."\">".$row['name']."</option>";
  78. }
  79. echo "</select>
  80. </div>";
  81. if(!isset($_SESSION['id'])) {
  82. echo "<input type=\"text\" name=\"name\" maxlength=\"15\" class=\"form-control\" placeholder=\"Username\" required autocomplete=\"off\"/><br/>";
  83. } else {
  84. echo "<input type=\"text\" name=\"name\" maxlength=\"15\" class=\"form-control\" placeholder=\"".$_SESSION['name']."\" value=\"".$_SESSION['name']."\"required autocomplete=\"off\"/><br/>";
  85. }
  86. ?>
  87.  
  88. <input type="submit" name="submit" value="Submit &raquo;" class="btn btn-primary"/>
  89. </form>
  90. <br/>
  91. <?php } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!