guest3297
06.06.2007, 07:36
//This is the first step checking to see if the query string info is contact
$revid = (isset($_POST['revid']) && $_POST['revid'] != '')? $_POST['revid']:0;
if(!preg_match("/^\d+$/",$revid)) $revid = 0;
$ipaddr = $_SERVER['REMOTE_ADDR'];
if($ipaddr == '') $ipaddr = 0;
$forms = array();
foreach($_POST as $key=>$val){
if(preg_match('/^(\d+)_(\d+)$/',$key,$match)) $forms[$match[1]][] = $match[2];
if(preg_match('/^(\d+)$/',$key,$match)) $forms[$match[1]][] = $val;
}
if(count($forms) <=0) err("Wrong URL request. Need a valid survey ID");
# This is to setup the DB connection
$dblink = mysql_connect('10.10.10.10','acc','fhdskhjfkjshdkf ');
mysql_select_db('test',$dblink);
//--- If we have get the cookie, we will use the cookie info, otherwise, we will search the database to find if there is any match
if(isset($_COOKIE['survey_cookie']) && $_COOKIE['survey_cookie'] != ''){
if($revid <=1000 && (!isset($_POST['myaction']) || $_POST['myaction'] < 1)) err("You've already voted");
elseif(isset($_COOKIE['survey_revid']) && $_COOKIE['survey_revid'] == $revid) err("Webmaster $revid, you've already voted");
}
else {
if($ipaddr != 0) $pcheck = " or ipaddr=inet_aton('$ipaddr') ";
else $pcheck = '';
if($revid <=1000) $query = "SELECT * FROM test.votes WHERE ipaddr=inet_aton('$ipaddr') and question_id in(".implode(",",array_keys($forms)).") limit 1";
else $query = "SELECT * FROM test.votes WHERE (revid = '$revid' $pcheck ) and question_id in(".implode(",",array_keys($forms)).") limit 1";
//Or, the other option is that we do not allow users to vote several times even if they have the same account
$result = mysql_query($query);
if(mysql_num_rows($result) > 0) err("You've already voted with the same revid or from the same IP");
}
// Now we have eliminated the duplicated votes
foreach($forms as $key=>$val){
$prep = array();
foreach($val as $vote){
$prep[] ="('$key',inet_aton('$ipaddr'),'$revid','$vote')";
}
$query = "INSERT INTO test.votes (question_id,ipaddr,revid,vote) VALUES ".implode(" , ",$prep);
mysql_query($query);
}
//For now, updating the database is done, we need to set the cookies, and some of the header files
$time = time() + 90*24*60*60;
setcookie('survey_cookie','1',"$time");
setcookie('survey_revid',"$revid","$time");
Survey Resultecho "<html>";
//If display option is set, we are going to display the result
if(isset($_POST['myaction']) && $_POST['myaction'] == 1) {
$query = "SELECT question_id,vote,count(*) as cc FROM test.votes WHERE question_id in(".implode(",",array_keys($forms)).") group by question_id,vote";
$result = mysql_query($query);
$qstats = array();
$totalvotes = array();;
while($row = mysql_fetch_assoc($result)){
$qstats[$row['question_id']][$row['vote']] = $row['cc'];
$totalvotes[$row['question_id']] += $row['cc'];
}
mysql_free_result($result);
Вообщем что то не вдуплю что надо передать в revid что бы авторизоваться?
$revid = (isset($_POST['revid']) && $_POST['revid'] != '')? $_POST['revid']:0;
if(!preg_match("/^\d+$/",$revid)) $revid = 0;
$ipaddr = $_SERVER['REMOTE_ADDR'];
if($ipaddr == '') $ipaddr = 0;
$forms = array();
foreach($_POST as $key=>$val){
if(preg_match('/^(\d+)_(\d+)$/',$key,$match)) $forms[$match[1]][] = $match[2];
if(preg_match('/^(\d+)$/',$key,$match)) $forms[$match[1]][] = $val;
}
if(count($forms) <=0) err("Wrong URL request. Need a valid survey ID");
# This is to setup the DB connection
$dblink = mysql_connect('10.10.10.10','acc','fhdskhjfkjshdkf ');
mysql_select_db('test',$dblink);
//--- If we have get the cookie, we will use the cookie info, otherwise, we will search the database to find if there is any match
if(isset($_COOKIE['survey_cookie']) && $_COOKIE['survey_cookie'] != ''){
if($revid <=1000 && (!isset($_POST['myaction']) || $_POST['myaction'] < 1)) err("You've already voted");
elseif(isset($_COOKIE['survey_revid']) && $_COOKIE['survey_revid'] == $revid) err("Webmaster $revid, you've already voted");
}
else {
if($ipaddr != 0) $pcheck = " or ipaddr=inet_aton('$ipaddr') ";
else $pcheck = '';
if($revid <=1000) $query = "SELECT * FROM test.votes WHERE ipaddr=inet_aton('$ipaddr') and question_id in(".implode(",",array_keys($forms)).") limit 1";
else $query = "SELECT * FROM test.votes WHERE (revid = '$revid' $pcheck ) and question_id in(".implode(",",array_keys($forms)).") limit 1";
//Or, the other option is that we do not allow users to vote several times even if they have the same account
$result = mysql_query($query);
if(mysql_num_rows($result) > 0) err("You've already voted with the same revid or from the same IP");
}
// Now we have eliminated the duplicated votes
foreach($forms as $key=>$val){
$prep = array();
foreach($val as $vote){
$prep[] ="('$key',inet_aton('$ipaddr'),'$revid','$vote')";
}
$query = "INSERT INTO test.votes (question_id,ipaddr,revid,vote) VALUES ".implode(" , ",$prep);
mysql_query($query);
}
//For now, updating the database is done, we need to set the cookies, and some of the header files
$time = time() + 90*24*60*60;
setcookie('survey_cookie','1',"$time");
setcookie('survey_revid',"$revid","$time");
Survey Resultecho "<html>";
//If display option is set, we are going to display the result
if(isset($_POST['myaction']) && $_POST['myaction'] == 1) {
$query = "SELECT question_id,vote,count(*) as cc FROM test.votes WHERE question_id in(".implode(",",array_keys($forms)).") group by question_id,vote";
$result = mysql_query($query);
$qstats = array();
$totalvotes = array();;
while($row = mysql_fetch_assoc($result)){
$qstats[$row['question_id']][$row['vote']] = $row['cc'];
$totalvotes[$row['question_id']] += $row['cc'];
}
mysql_free_result($result);
Вообщем что то не вдуплю что надо передать в revid что бы авторизоваться?