Untitled

<?

//////////////////////////////////////
// set these variables for your MySQL
$dbhost = 'localhost';	// usually localhost
$dbuser = 'root';	// database username
$dbpass = '';	// database password
//////////////////////////////////////

$db = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Could not connect to the database.');
mysql_select_db('final10sport');
die('gdhpdfoghdfopgh');
$survey = $_GET['s'];
$results = $_GET['r'];
$user = $_SERVER['REMOTE_ADDR'];
$cookie = $_COOKIE['survey'];
$msg = '<![CDATA[&nbsp;]]>';

$xml = '<?xml version="1.0" ?>';

if($survey != '' && $results != '') {
	$query = "SELECT `vid` FROM `voters` WHERE `ip`='".$user."' AND `qid`=".$survey." LIMIT 1";
	$result = mysql_query($query);

	if($cookie == $survey || mysql_num_rows($result) > 0) {
		$msg = "You already voted.";
	} else {
		$query2 = "UPDATE `responses` SET `votes`=`votes`+1 WHERE `rid`='".$results."' AND `qid`='".$survey."'";
		mysql_query($query2);

		$query3 = "INSERT INTO `voters` (`qid`,`ip`) VALUES ('".$survey."','".$user."')";
		mysql_query($query3);
	}
}

$stype = ($survey != '')? "2":"1";
$query = ($survey != '')? "SELECT `qid`,`subject`,`question`,DATE_FORMAT(`questions`.`date`,'%b %e, %Y') as date FROM `questions` WHERE `qid` = '".$survey."' LIMIT 1":"SELECT `qid`,`subject`,`question`,DATE_FORMAT(`questions`.`date`,'%b %e, %Y') as date FROM `questions` WHERE `show` = 1 LIMIT 1";
$result = mysql_query($query);
$row = mysql_fetch_array($result);

$xml .= "<survey type='".$stype."' id='".$row['qid']."'>
			<date>".$row['date']."</date>
			<subj>".$row['subject']."</subj>
			<ques><![CDATA[".$row['question']."]]></ques>
			<responses>";

$query2 = "SELECT `rid`,`response`,`votes` FROM `responses` WHERE `qid` = ".$row['qid']." ORDER BY `rid` ASC";
$result2 = mysql_query($query2);

while($row2 = mysql_fetch_array($result2)) {
	$xml .= "<resp id='".$row2['rid']."' votes='".$row2['votes']."'>".$row2['response']."</resp>";
	$tvotes += $row2['votes'];
}

$xml .= "	</responses>
			<votes>$tvotes</votes>
			<msg>$msg</msg>
		</survey>";

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header("Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" );
header("Cache-Control: no-cache, must-revalidate" );
header("Pragma: no-cache" );
header("Content-Type: text/xml; charset=utf-8");
if($survey != '' && $results != '') header("Set-Cookie: survey=".$survey."; expires=".gmdate("D, d M Y H:i:s",strtotime("+1 month"))." GMT; path=/;");

echo $xml;

/*****************************

<survey type='' id=''>
	<date></date>
	<subj></subj>
	<ques></ques>
	<responses>
		<resp id='' votes=''></resp>
		...
	</responses>
	<msg></msg>
</survey>

******************************/

?>