API tools faq
paste
Guest User

Untitled

a guest
Apr 21st, 2018
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.73 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $connection = mysqli_connect('localhost', 'root', '', 'test');
  3. mysqli_set_charset($connection, 'utf8');
  4. if (!$connection) {
  5. die("Database connection failed: " . mysqli_error());
  6. }
  7. $sql = "SELECT QuestionHeader, QuestionText, QuestionVotes FROM question ORDER BY QuestionVotes DESC LIMIT 3";
  8. $result = $connection->query($sql);
  9.  
  10. if ($result->num_rows > 0) {
  11. // output data of each row
  12. while($row = $result->fetch_assoc()) {
  13. echo "<div class="col-md-4"><h2>". $row["QuestionHeader"]. "</h2><p>". $row["QuestionText"]. "</p><p><a class="btn btn-success"> " . $row["QuestionVotes"] . "</a></p></div>";
  14. }
  15. } else {
  16. echo "0 results";
  17. }
  18.  
  19. $connection->close();
  20. ?>
  21.  
  22. $dbname = "DB HERE";
  23. $servername = "HOST HERE";
  24. $username = "DB USER HERE";
  25. $password = "DB PASSWORD HERE";
  26.  
  27. // Create connection
  28. $conn = mysqli_connect($servername, $username, $password, $dbname);
  29.  
  30. if(isset($_GET['id']))
  31. {
  32. ///Check to see if user already voted
  33. $result = $conn->query("SELECT * FROM User_Votes where user id = $session_id and question_id = $id");
  34. $row_cnt = $result->num_rows;
  35.  
  36. if($row_cnt < 1)
  37. {
  38. ///SQL to insert vote into Users Votes table
  39. }else
  40. {
  41. //Vote already exists
  42. }
  43.  
  44. }
  45.  
  46. // Loop through questions for voting
  47. $result = mysqli_query($conn,"select * from questions");
  48. while($db_questions = mysqli_fetch_object($result))
  49. {
  50. echo $db_questions->question_title;
  51. echo '- <a href="mypage.php?id=$db_questions->question_id">Click to Vote</a>;
  52. }
  53.  
  54. <?php
  55. // Need to assign the user's ID to a variable ($userID) to pass to the form.
  56. $userID = '123'; // this needs to be handled on your end.
  57.  
  58. // updated sql to include Id and voters
  59. $sql = "SELECT QuestionID, QuestionHeader, QuestionText, QuestionVotes, QuestionVoters FROM question ORDER BY QuestionVotes DESC LIMIT 3";
  60.  
  61. while($row = $result->fetch_assoc()) {
  62.  
  63. $voters = json_decode($row['QuestionVoters'], true); // array of userid's that have voted
  64. IF (in_array($userID, $voters)) {
  65. // user has voted
  66. echo "n
  67. <div class="col-md-4">
  68. <h2>". $row["QuestionHeader"]. "</h2>
  69. <p>". $row["QuestionText"]. "</p>
  70. <p>" . $row["QuestionVotes"] . "</p>
  71. </div>";
  72. }ELSE{
  73. // user has not voted
  74. echo "n
  75. <div class="col-md-4">
  76. <form action="vote_processing.php" name="voting" method="post">
  77. <input type="hidden" name="qid" value="".$row['QuestionID']."" />
  78. <input type="hidden" name="userid" value="".$userID."" />
  79. <h2>". $row["QuestionHeader"]. "</h2>
  80. <p>". $row["QuestionText"]. "</p>
  81. <p><button type="submit" value="Submit">" . $row["QuestionVotes"] . "</button></p>
  82. </form>
  83. </div>";
  84. }
  85.  
  86. }
  87. ?>
  88.  
  89. <?php
  90. IF (isset($_POST['qid'])) {
  91.  
  92. $qid = htmlspecialchars(strip_tags(trim($_POST['qid']))); // basic sanitization
  93. $userid = htmlspecialchars(strip_tags(trim($_POST['userid']))); // basic sanitization
  94.  
  95. IF ( (is_int($qid)) && (is_int($userid)) ) { // validate that both are integers
  96.  
  97. // db connection
  98. $connection = mysqli_connect('localhost', 'root', '', 'test');
  99. mysqli_set_charset($connection, 'utf8');
  100. if (!$connection) {
  101. die("Database connection failed: " . mysqli_error());
  102. }
  103.  
  104. // Get voters array
  105. $sql = "SELECT QuestionVoters FROM question WHERE QuestionID = '".$qid."'";
  106. $result = $connection->query($sql);
  107. if ($result->num_rows > 0) {
  108. while($row = $result->fetch_assoc()) {
  109. IF (!empty($row['QuestionVoters'])) {
  110. // decode users array
  111. $voters = json_decode($row['QuestionVoters'], true);
  112. }ELSE{
  113. $voters = array(); // create array
  114. }
  115. }
  116. mysqli_free_result($result);
  117.  
  118. // re-validate the userID "is not" in array
  119. IF (!in_array($userid, $voters)) { // note the ! [meaning NOT].
  120.  
  121. $voters[] = $userid; // add userid to voters array
  122. $qvoters = json_encode($voters); // encode voters array
  123.  
  124. // update vote
  125. $sql_upd = "UPDATE question SET QuestionVotes = QuestionVotes + 1, QuestionVoters = $qvoters WHERE QuestionID = '".$qid."'";
  126. $upd_result = $connection->query($sql_upd);
  127.  
  128. }
  129.  
  130. }
  131.  
  132. mysqli_close($connection);
  133.  
  134. }
  135.  
  136. }
  137.  
  138. // redirct back to previous page
  139. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!