function vote() { if($_GET['vote'] == "link1") { $Module = addslashes

1. function vote() {
2. if($_GET['vote'] == "link1")
3. {
4. $Module = addslashes($_POST['module']);
5. $Account = addslashes($_POST['account']);
6. $To = addslashes($_POST['to']);
7. $Ip = $_SERVER['REMOTE_ADDR'];
8.  
9.  
10. //$Con = mysql_connect(sql_host,sql_user,sql_pass);
11. //mysql_select_db(Cmsdb);
12.  
13. $mysql = new mysqli($this->game_host,$this->game_user,$this->game_pw);
14. $mysql->set_charset("utf8");
15. $id = $mysql->real_escape_string($_SESSION['ID']);
16.  
17. //redirect
18. echo "<meta http-equiv=refresh content=0;URL='{$To}'>";
19.  
20. //check that the module exists
21. if($mysql->result($mysql->query("SELECT COUNT(*) FROM au_server_ls.vote_links WHERE id='{$Module}'"),0) != 1)
22. return;
23.  
24. //check if the user or account has been accredited for a vote within the last 12 hrs.
25. if($mysql->result($mysql->query("SELECT COUNT(*) FROM au_server_ls.votes WHERE module='{$Module}' AND account = '{$_SESSION['name']}'"),0) != 0)
26. return;
27.  
28. //set cookie
29. $time = time()+12*60*60;
30. //add vote to timeout
31. $mysql->query("INSERT INTO au_server_ls.votes VALUES ('','{$Ip}','{$_SESSION['name']}','{$Module}','{$time}')");
32.  
33. if(isset($mysql)) {
34. $mysql->close();
35. }
36.  
37. //$Con = mysql_connect(sql_host,sql_user,sql_pass);
38. //mysql_select_db(Logindb);
39.  
40. $mysql = new mysqli($this->game_host,$this->game_user,$this->game_pw);
41.  
42. // +1 vote point
43. if($_SESSION['account'] == $Account)
44. {
45. (int)$_SESSION['points']+= 1; //RPPV1
46. }
47. $mysql->query("UPDATE au_server_ls.account_data SET credits = credits + ".RPPV1." WHERE name='{$_SESSION['name']}'");
48.  
49. if(isset($mysql)) {
50. $mysql->close();
51. }
52. }
53. else {
54. $mysql = new mysqli($this->game_host,$this->game_user,$this->game_pw);
55. $mysql->set_charset("utf8");
56. $id = $mysql->real_escape_string($_SESSION['ID']);
57. $mysql->query("DELETE FROM au_server_ls.votes WHERE time < ".(time()-12*60*60));
58. $result = $mysql->query("SELECT * FROM au_server_ls.vote_links WHERE id=1");
59. while($Row = $result->fetch_array()) {
60. $r = $mysql->query("SELECT v.time FROM au_server_ls.votes AS v INNER JOIN au_server_ls.account_data AS a ON v.account = a.`name` WHERE v.module = 1 AND v.account = '$id'");
61. if(!$R = $r->fetch_array()) {
62. $time = "Du kannst jetzt Voten!";
63. }
64. else {
65. $Expiretime = (int)$R['time'] + (12*60*60);
66. $Until = $Expiretime - time();
67. $time = ceil($Until/60/60);
68. }
69. if($time == 1) {
70. $time = "".$time." Stunde warten!";
71. }
72. elseif($time > 1) {
73. $time = "".$time." Stunden warten!";
74. }
75. $this->content .= '<form action="index.php?s=account&v=vote" target="'.$Row['name'].'" method="post">
76. <input name="module" type="hidden" value="'.$Row['id'].'" />
77. <input name="to" type="hidden" value="'.$Row['url'].'" />
78. <FORM METHOD="LINK" ACTION="index.php?s=account&v=vote">
79. <INPUT ALT="Click to Vote" title="Click to Vote!" TYPE="image" src="'.$Row['image'].'" name="account" VALUE="'.$id.'">
80. </FORM>
81. <br>
82. <b>AGCoins: <b>'.$Row['reward_points'].'<br><b>'.$time.'</b>
83. <br>
84. </form>';
85. if(isset($mysql)) {
86. $mysql->close();
87. }
88. }
89. }
90. }