Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $question=htmlspecialchars($_POST['question'],ENT_QUOTES);
- $options=$_POST['options'];
- $servername = "localhost";
- $username = "DB";
- $password = "pass";
- $dbname = "DB";
- try
- {
- $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $sql = "INSERT INTO poll (question) VALUES ('". $question ."')";
- $conn->exec($sql);
- $poll_id=$conn->lastInsertId();
- $stmt = $conn->prepare("INSERT INTO poll_options (option_id, option_string, poll_id) VALUES (?, ?, ?)");
- $stmt->bindParam(1, $opt_id);
- $stmt->bindParam(2, $opt_string);
- $stmt->bindParam(3, $poll_id);
- for($i=0;$i<count($options);++$i)
- {
- $opt_id=$i+1;
- $opt_string=htmlspecialchars($options[$i],ENT_QUOTES);
- $stmt->execute();
- }
- echo $poll_id;
- }
- catch(PDOException $e)
- {
- echo $sql . "<br>" . $e->getMessage();
- }
- $conn = null;
- $pid=$_POST["pId"];
- $option=htmlspecialchars($_POST["option"],ENT_QUOTES);
- $ip_addr=ip2long($_SERVER["REMOTE_ADDR"]);
- $servername = "localhost";
- $username = "DB";
- $password = "pass";
- $dbname = "DB";
- try
- {
- $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $nRows = $conn->query("SELECT count(*) FROM poll_responses WHERE ip_addr='$ip_addr' AND poll_id='$pid' ")->fetchColumn();
- if($nRows==0 OR $ip_addr==0)
- {
- $sql = "INSERT INTO poll_responses (poll_id, option_id, ip_addr) VALUES ('$pid', '$option', '$ip_addr')";
- $conn->exec($sql);
- echo "Voted";
- }
- else
- {
- echo "You have already voted on this poll";
- }
- }
- catch(PDOException $e)
- {
- echo " Error:" . $e->getMessage()." ".$pid."boo";
- }
- $conn = null;
- if(isset($_GET['p'])&&!empty($_GET['p'])&&is_numeric($_GET['p']))
- {
- $pid=$_GET['p'];
- $servername = "localhost";
- $username = "DB";
- $password = "pass";
- $dbname = "DB";
- $totalvotes=0;
- $totalvotesfordivision=0;
- try
- {
- $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $stmt = $conn->prepare("SELECT question FROM poll WHERE poll_id=$pid");
- $stmt->execute();
- $question = $stmt->setFetchMode(PDO::FETCH_OBJ);
- $question= $stmt->fetch();
- if(empty($question))
- {
- echo '<div ng-show="err" class="well-lg text-danger bg-danger text-center lead">Poll does not exist.</div></body></html>';
- die();
- }
- $stmt = $conn->prepare("SELECT option_id AS oid, option_string AS ostr, (SELECT count(option_id) FROM poll_responses WHERE option_id=oid AND poll_id=$pid ) AS count FROM poll_options WHERE poll_id=$pid");
- $stmt->execute();
- $options = $stmt->setFetchMode(PDO::FETCH_OBJ);
- if(isset($_GET['p'])&&!empty($_GET['p'])&&is_numeric($_GET['p']))
- {
- $pid=$_GET['p'];
- $servername = "localhost";
- $username = "DB";
- $password = "pass";
- $dbname = "DB";
- try
- {
- $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $stmt = $conn->prepare("SELECT question FROM poll WHERE poll_id=$pid");
- $stmt->execute();
- $question = $stmt->setFetchMode(PDO::FETCH_OBJ);
- $question= $stmt->fetch();
- if(empty($question))
- {
- echo '<div ng-show="err" class="well-lg text-danger bg-danger text-center lead">Poll does not exist.</div></body></html>';
- die();
- }
- $stmt = $conn->prepare("SELECT option_id as oid, option_string as ostr FROM poll_options WHERE poll_id=$pid");
- $stmt->execute();
- $options = $stmt->setFetchMode(PDO::FETCH_OBJ);
- $options= $stmt->fetchAll();
Add Comment
Please, Sign In to add comment