Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- header('P3P: CP="CAO PSA OUR"');
- //require_once 'config.php';
- require_once 'facebook/facebook.php';
- $facebook = new Facebook(array(
- 'appId' => '138686456312470',
- 'secret' => 'f0d8d3bc8f575bc68f6a580b61a0c3f6',
- 'cookie' => true,
- "oauth" => true
- ));
- //$request = $facebook->getSignedRequest();
- $request=$_SESSION['signedRequest'] ;
- /*if(isset($request)){
- $_SESSION['signedRequest'] = $request;
- }
- else $request = $_SESSION['signedRequest']; */
- //var_dump($request);
- if($_GET["usl"] != null && isset($_GET["usl"]))
- {
- $liked = $_GET["usl"];
- }
- else
- { //echo "asdsadsadasdsad";
- if( $request['page']['liked'] == 1 )
- {
- $liked = 1;
- // Get User ID
- $user = $facebook->getUser();
- if ($user) {
- try {
- $user_profile = $facebook->api('/me');
- } catch (FacebookApiException $e) {
- error_log($e);
- $user = null;
- }
- }
- //https://www.facebook.com/pages/BritishCouncilLebanon/335428453222155?sk=app_169635233185732
- if ($user) {
- } else {
- $loginUrl = $facebook->getLoginUrl(array(
- 'canvas'=> 1,
- 'fbconnect'=>1,
- "scope"=>"email,publish_stream,status_update,user_birthday,user_location,user_work_history",
- "next"=>'https://www.facebook.com/BritishCouncilLebanon/app_138686456312470')
- );
- echo "<script type='text/javascript'>top.location.href = '$loginUrl'</script>";
- exit;
- }
- }
- else
- {
- $liked = 0;
- }
- }
- if ($user){
- mysql_connect("localhost", "yasserc" , "Qkjf7v1&pcHj");
- mysql_set_charset("utf8");
- mysql_select_db("yasserc_britishcouncil");
- if($_GET["partid"] != null && isset($_GET["partid"]))
- {
- $partid = $_GET["partid"];
- }
- $countquery = "SELECT COUNT(*) AS num FROM voter WHERE voter_id = $user";
- $res = mysql_query($countquery);
- $countRow = mysql_fetch_array($res);
- if($countRow["num"] == 0)
- {
- $voterInsertQuery = "INSERT INTO voter VALUES( '$user',NOW())";
- mysql_query($voterInsertQuery);
- //Mysql Update -- Add One Vote
- $mysqlUpdateQuery = "UPDATE participants SET votes = votes+1 WHERE id = ".$partid;
- mysql_query($mysqlUpdateQuery);
- //Redirect to thank you for voting page
- header("Location: thankyouvote.php");
- }
- else
- {
- $mysqlselectQuery = "SELECT * FROM voter WHERE voter_id = $user";
- $result = mysql_query($mysqlselectQuery);
- $row = mysql_fetch_array($result);
- //Check time limitations
- $atoms = explode('-',$row["voter_time_last_voted"]);
- $lastVotedYear = intval($atoms[0]);
- $lastVotedMonth = intval($atoms[1]);
- $lastVotedDay = intval($atoms[2]);
- $currentDate = date("Y-m-d");
- $curdate = explode('-', $currentDate);
- $curYear = intval($curdate[0]);
- $curMonth = intval($curdate[1]);
- $curDay = intval($curdate[2]);
- $valid = 0;
- if($curYear >= $lastVotedYear && $curMonth >= $lastVotedMonth)
- {
- if ( $curMonth > $lastVotedMonth)
- {
- $valid = 1;
- }
- else if ($curMonth == $lastVotedMonth)
- {
- if ($curDay > $lastVotedDay)
- {
- $valid = 1;
- }
- else
- {
- $valid = 0;
- }
- }
- else
- {
- $valid = 0;
- }
- }
- else
- {
- $valid = 0;
- }
- //Add TO voter table to check 24 hour restriction
- if ($valid == 1 && $facebook->api('/me'))
- {
- //Mysql Update -- Add One Vote
- $mysqlUpdateQuery = "UPDATE participants SET votes = votes+1 WHERE id = ".$partid;
- mysql_query($mysqlUpdateQuery);
- echo mysql_error();
- //Mysql UPDATE time last voted
- $mysqlUpdateQuery = "UPDATE voter SET voter_time_last_voted = NOW() WHERE voter_id = ".$user;
- mysql_query($mysqlUpdateQuery);
- echo mysql_error();
- //check Fraud
- honeypot();
- $mysqlInsertQuery = "INSERT INTO vote_transaction VALUES ('$user','$username',$partid,NOW())";
- mysql_query($mysqlInsertQuery);
- echo mysql_error();
- mysql_select_db("yasserc_mailing");
- $mysqlInsertToMailListQuery = "INSERT IGNORE INTO list VALUES ('$user', '$username', '$usermail', 'BritishCouncilApp', NOW())";
- mysql_query($mysqlInsertToMailListQuery);
- echo mysql_error();
- //Redirect to thank you for voting page
- header("Location: thankyouvote.php");
- }
- else
- {
- header("Location: youhavealreadyvoted.php");
- }
- }
- }
- else {
- echo '<script>window.top.location.href = "https://www.facebook.com/BritishCouncilLebanon/app_138686456312470"</script>';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement