Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (@$_POST["doVote"] != "1") {
- ?>
- <center><br />
- <div id="message-yellow">Not interested in any rewards, but still wanna vote? <a href="<?php echo $votelink; ?>" target="_blank">Click Here</a></div><br />
- <b>Welcome to the Vote Page!</b><br />
- You can vote for us every <u>6 hours</u>, and get rewards for voting.<br /><br />
- <b>Attention: Once transferred to vote page, please type the word you read in the captcha image and click "Submit".</b><br /><br />
- Also, once you click submit, your Account and IP Address will be <u>logged</u>.<br /><b><font color="red">Please don't try to fool us with fake votes, bypasses, ect.<br>You may get suspended/banned.</font></b><br /><br />
- <b>Below, please fill in your login credentials.</b><br />Click submit once filled out to get confirmed.<br />
- 10k Maplepoint and 1 Vote Points will be added to your account
- <br /><br />
- <form action="?page=vote" method="POST"><br>
- <table border="0" cellspacing="10" cellpadding="0">
- <tr>
- <td width="30%" align="right">Username :</td>
- <td align="left"><input type="text" name="name" maxlength="12" /></td>
- </tr>
- <tr>
- <td width="30%" align="right">Password :</td>
- <td align="left"><input type="password" name="password" maxlength="12" /></td>
- </tr>
- <tr></tr>
- <tr>
- <td align="right" colspan="2">
- <center>
- <input type="submit" name="doVote" value="Submit" class="doVote">
- <input type="hidden" name="doVote" value="1">
- </center>
- </td>
- </tr>
- </table>
- </form>
- </center>
- <?php
- } else {
- $earnednx = false;
- $account = $_POST['name'];
- $account = mysql_real_escape_string($account);
- mysql_select_db($host['database']);
- $query=mysql_query("SELECT * FROM accounts WHERE name='" . mysql_real_escape_string($_POST["name"]) . "'");
- $info=mysql_fetch_assoc($query);
- if($_POST["name"] == "") {
- echo '<div id="message-yellow">Please fill in the correct account credentials.</div>';
- } elseif($_POST["password"] == "") {
- echo '<div id="message-yellow">Please fill in the correct account credentials.</div>';
- } elseif(mysql_num_rows($query) < 1) {
- echo '<div id="message-yellow">Please fill in the correct account credentials.</div>';
- } elseif(($info["password"] != hash('sha512',$_POST["password"].$info["salt"]) && sha1($_POST["password"])) && $info["password"] != sha1($_POST["password"])) {
- echo '<div id="message-yellow">Please fill in the correct account credentials.</div>';
- } elseif($info["loggedin"] > 0) {
- echo '<div id="message-yellow">You must be logged out to vote for rewards.</div>';
- } else {
- $ip = $_SERVER['REMOTE_ADDR'];
- $time = time();
- $get = "SELECT *, SUM(`times`) as amount FROM voterecords WHERE account='$account'";
- $query1 = mysql_query($get);
- $lasttime = mysql_fetch_array($query1);
- $amount = $lasttime['amount'];
- $insertnew = false;
- if ($amount == "") {
- $insertnew = true;
- }
- $timecalc = $time - $lasttime['date'];
- if (!$insertnew) {
- if ($timecalc < 43200) { // 43200 ms is 12 hours
- date_default_timezone_set(''.$timezone.'');
- $_SESSION['vote_date'] = date('M d\, h:i:s A', $lasttime['date']);
- echo '<div id="message-yellow">You\'ve already voted with this account in the past 6 hours!<br />Last time you voted was on: '.$_SESSION['vote_date'].'!</div>';
- } else {
- $update = mysql_query("SELECT * from voterecords WHERE ip='$ip' AND account = '$account'");
- if ($update) {
- mysql_query("UPDATE voterecords SET account='$account', date='$time', times=times+1 WHERE account='$account'");
- mysql_query("UPDATE voterecords SET account='$account', date='$time', times=times+1 WHERE ip='$ip'");
- $earnednx = true;
- } elseif (!$update) {
- $ipinsert = mysql_query("INSERT INTO voterecords (`account`, `ip`, `date`, `times`) VALUES ('$account', '$ip', '$time', 1)");
- if (!$ipinsert) {
- $message = 'Invalid query: ' . mysql_error() . "\n";
- $message .= 'Whole query: ' . $ipinsert;
- die($message);
- } else {
- $earnednx = true;
- }
- } else {
- $message = 'Invalid query: ' . mysql_error() . "\n";
- $message .= 'Whole query: ' . $update;
- die($message);
- }
- }
- } else {
- $success = mysql_query("INSERT INTO voterecords (`account`, `ip`, `date`, `times`) VALUES ('$account', '$ip', '$time', 1)");
- if (!$success) {
- $message = 'Invalid query: ' . mysql_error() . "\n";
- $message .= 'Whole query: ' . $success;
- die($message);
- } else {
- $earnednx = true;
- }
- }
- // Insert the NX into the db now
- if ($earnednx) {
- mysql_query("UPDATE accounts SET votepoints = votepoints + '1' WHERE name='" . mysql_real_escape_string($_POST["name"]) . "'");
- mysql_query("UPDATE accounts SET mPoints = maplePoint + '10000' WHERE name='" .mysql_real_escape_string($_POST["name"]) . "'");
- mysql_query("UPDATE accounts SET lastvote='" .time(). "' WHERE name='" . mysql_real_escape_string($_POST["name"]) . "'");
- mysql_close();
- echo '<html>';
- echo '<head>';
- unset($_SESSION['vote_err']);
- echo '<meta HTTP-EQUIV="REFRESH" content="0; url='.$votelink.'">';
- echo '</head>';
- echo '</html>';
- }
- }
- }
- ?><!-- END VOTE SCRIPT -->
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement