daily pastebin goal
22%
SHARE
TWEET

Untitled

a guest Apr 21st, 2018 79 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.     $connection = mysqli_connect('localhost', 'root', '', 'test');
  3.     mysqli_set_charset($connection, 'utf8');
  4.     if (!$connection) {
  5.         die("Database connection failed: " . mysqli_error());
  6.     }
  7.     $sql = "SELECT QuestionHeader, QuestionText, QuestionVotes FROM question ORDER BY QuestionVotes DESC LIMIT 3";
  8.     $result = $connection->query($sql);
  9.  
  10.     if ($result->num_rows > 0) {
  11.          // output data of each row
  12.          while($row = $result->fetch_assoc()) {
  13.              echo "<div class="col-md-4"><h2>". $row["QuestionHeader"]. "</h2><p>". $row["QuestionText"]. "</p><p><a class="btn btn-success"> " . $row["QuestionVotes"] . "</a></p></div>";
  14.          }
  15.     } else {
  16.          echo "0 results";
  17.     }
  18.  
  19.     $connection->close();
  20. ?>
  21.    
  22. $dbname = "DB HERE";
  23.  $servername = "HOST HERE";
  24.  $username = "DB USER HERE";
  25.  $password = "DB PASSWORD HERE";
  26.  
  27.   // Create connection
  28.   $conn = mysqli_connect($servername, $username, $password, $dbname);
  29.  
  30.                  if(isset($_GET['id']))
  31.             {
  32.                 ///Check to see if user already voted
  33.                 $result = $conn->query("SELECT * FROM User_Votes where user id = $session_id and question_id = $id");
  34.                 $row_cnt = $result->num_rows;
  35.  
  36.                 if($row_cnt < 1)
  37.                 {
  38.                     ///SQL to insert vote into Users Votes table
  39.                 }else
  40.                 {
  41.                     //Vote already exists
  42.                 }
  43.  
  44.             }
  45.  
  46.             // Loop through questions for voting
  47.             $result = mysqli_query($conn,"select * from questions");
  48.             while($db_questions = mysqli_fetch_object($result))
  49.             {  
  50.                 echo $db_questions->question_title;
  51.                 echo '- <a href="mypage.php?id=$db_questions->question_id">Click to Vote</a>;
  52.             }
  53.    
  54. <?php
  55. // Need to assign the user's ID to a variable ($userID) to pass to the form.
  56. $userID = '123'; // this needs to be handled on your end.
  57.  
  58. // updated sql to include Id and voters
  59. $sql = "SELECT QuestionID, QuestionHeader, QuestionText, QuestionVotes, QuestionVoters FROM question ORDER BY QuestionVotes DESC LIMIT 3";
  60.  
  61. while($row = $result->fetch_assoc()) {
  62.  
  63.     $voters = json_decode($row['QuestionVoters'], true); // array of userid's that have voted
  64.     IF (in_array($userID, $voters)) {
  65.         // user has voted
  66.         echo "n
  67.         <div class="col-md-4">
  68.             <h2>". $row["QuestionHeader"]. "</h2>
  69.             <p>". $row["QuestionText"]. "</p>
  70.             <p>" . $row["QuestionVotes"] . "</p>
  71.         </div>";
  72.     }ELSE{
  73.         // user has not voted
  74.         echo "n
  75.         <div class="col-md-4">
  76.             <form action="vote_processing.php" name="voting" method="post">
  77.             <input type="hidden" name="qid" value="".$row['QuestionID']."" />
  78.             <input type="hidden" name="userid" value="".$userID."" />
  79.             <h2>". $row["QuestionHeader"]. "</h2>
  80.             <p>". $row["QuestionText"]. "</p>
  81.             <p><button type="submit" value="Submit">" . $row["QuestionVotes"] . "</button></p>
  82.             </form>
  83.         </div>";
  84.     }
  85.  
  86. }
  87. ?>
  88.    
  89. <?php
  90. IF (isset($_POST['qid'])) {
  91.  
  92.     $qid = htmlspecialchars(strip_tags(trim($_POST['qid']))); // basic sanitization
  93.     $userid = htmlspecialchars(strip_tags(trim($_POST['userid']))); // basic sanitization
  94.  
  95.     IF ( (is_int($qid)) && (is_int($userid)) ) { // validate that both are integers
  96.  
  97.         // db connection
  98.         $connection = mysqli_connect('localhost', 'root', '', 'test');
  99.         mysqli_set_charset($connection, 'utf8');
  100.         if (!$connection) {
  101.             die("Database connection failed: " . mysqli_error());
  102.         }
  103.  
  104.         // Get voters array
  105.         $sql = "SELECT QuestionVoters FROM question WHERE QuestionID = '".$qid."'";
  106.         $result = $connection->query($sql);
  107.         if ($result->num_rows > 0) {
  108.             while($row = $result->fetch_assoc()) {
  109.                 IF (!empty($row['QuestionVoters'])) {
  110.                   // decode users array
  111.                   $voters = json_decode($row['QuestionVoters'], true);
  112.                 }ELSE{
  113.                   $voters = array(); // create array
  114.                 }
  115.             }
  116.             mysqli_free_result($result);
  117.  
  118.             // re-validate the userID "is not" in array
  119.             IF (!in_array($userid, $voters)) { // note the ! [meaning NOT].
  120.  
  121.                 $voters[] = $userid; // add userid to voters array
  122.                 $qvoters = json_encode($voters); // encode voters array
  123.  
  124.                 // update vote
  125.                 $sql_upd = "UPDATE question SET QuestionVotes = QuestionVotes + 1, QuestionVoters = $qvoters WHERE QuestionID = '".$qid."'";
  126.                 $upd_result = $connection->query($sql_upd);
  127.  
  128.             }
  129.  
  130.         }
  131.  
  132.         mysqli_close($connection);
  133.  
  134.     }
  135.  
  136. }
  137.  
  138. // redirct back to previous page
  139. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand