Файл: region_clean/votes.php
Строк: 193
<?
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header("Cache-Control: no-cache");
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
$times = getmicrotime();
mysql_query ("Update users set onl='".$times."', room='opros' where id ='".$id."'");
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>n
<card id="send" title="Голосования">n
<p align="center">";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Голосования</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="left">n
<form method="POST" action="votes.php?$ses&mode=add" name="auth">n";
}
$level = $row["level"];
$avtor = $row["user"];
$date = date("j.m.Y");
echo '<div class="c4">Голосования</div><br/>';
switch($mode) {
default:
$a = mysql_query("SELECT * FROM `votes`");
while($arr = mysql_fetch_array($a)) {
$nazv = $arr['nazv'];
$date = $arr['date'];
$bid = $arr['id'];
$bid = intval($bid);
$votes = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$bid."'"));
echo "<div class='d1'><a href="votes.php?$ses&mode=view&mid=$bid">".$nazv."</a> (<b>".$votes[0]."</b> | ".$date.")";
if ($level > 6)
echo " [<a href="votes.php?$ses&mode=del&mid=$bid">Уд.</a>]</div><br/>";
}
if (mysql_affected_rows() == 0) {
echo 'Голосований пока нет!<br/><br/>';
}
if ($level > 6) {
echo "• <a href="votes.php?$ses&mode=add&ref=$ref">Добавить опрос</a><br/>n";
}
break;
case 'view':
$mid = intval($mid);
$q = mysql_query("select * from votes where id='".$mid."'");
if (mysql_affected_rows() == 0) {
echo 'Нет такой записи!<br/>';
} else {
$arr = mysql_fetch_array($q);
$mid = $arr['id'];
$nazv = $arr['nazv'];
$avtor = $arr['avtor'];
$vopros = $arr['vopros'];
$v1 = $arr['v1'];
$v2 = $arr['v2'];
$v3 = $arr['v3'];
$v4 = $arr['v4'];
$v5 = $arr['v5'];
$who_is = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `user`='".mysql_real_escape_string($avtor)."'"));
$who_us = $who_is['id'];
echo "<div class='d1'><b>".$nazv."</b><br/>".$vopros." <u>Автор: </u><b>
<a href="search.php?$ses&go=view&nick=$who_us">".col_n($avtor)."</a></b></div><br/>";
echo "<div class='d1'>";
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."' and var='1'"));
echo "• <a href="votes.php?$ses&mode=vote&mid=$mid&v=1">".$v1."</a> (<a href="votes.php?$ses&mode=who&mid=$mid&v=1">".$a[0]."</a>)<br/>";
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."' and var='2'"));
echo "• <a href="votes.php?$ses&mode=vote&mid=$mid&v=2">".$v2."</a> (<a href="votes.php?$ses&mode=who&mid=$mid&v=2">".$a[0]."</a>)<br/>";
if (!empty($v3)) {
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."' and var='3'"));
echo "• <a href="votes.php?$ses&mode=vote&mid=$mid&v=3">".$v3."</a> (<a href="votes.php?$ses&mode=who&mid=$mid&v=3">".$a[0]."</a>)<br/>";
}
if (!empty($v4)) {
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."' and var='4'"));
echo "• <a href="votes.php?$ses&mode=vote&mid=$mid&v=4">".$v4."</a> (<a href="votes.php?$ses&mode=who&mid=$mid&v=4">".$a[0]."</a>)<br/>";
}
if (!empty($v5)) {
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."' and var='5'"));
echo "• <a href="votes.php?$ses&mode=vote&mid=$mid&v=5">".$v5."</a> (<a href="votes.php?$ses&mode=who&mid=$mid&v=5">".$a[0]."</a>)<br/>";
}
echo '</div>';
$a = mysql_fetch_array(mysql_query("select count(klu4) as num from voting where vote='".$mid."'"));
echo 'Голосов: '.$a[0].'<br/>';
}
break;
case 'add':
if ($level < 7) die('У тебя нет прав доступа!'.$fsize2.'');
if (!$nazv) {
echo '<b>Добавление Опроса:</b><br/><br/>';
echo '<div class="d1">
Тема:<br/>
<input name="nazv" maxlength="50" value="'.$row['nazv'].'" title="infa" emptyok="false"/><br/>
Вопрос:<br/>
<input name="vopros" maxlength="100" value="'.$row['vopros'].'" title="infa" emptyok="false"/><br/>
Вариант 1:<br/>
<input name="v1" maxlength="50" value="'.$row['v1'].'" title="infa" emptyok="false"/><br/>
Вариант 2:<br/>
<input name="v2" maxlength="50" value="'.$row['v2'].'" title="infa" emptyok="false"/><br/>
Вариант 3:<br/>
<input name="v3" maxlength="50" value="'.$row['v3'].'" title="infa" emptyok="false"/><br/>
Вариант 4:<br/>
<input name="v4" maxlength="50" value="'.$row['v4'].'" title="infa" emptyok="false"/><br/>
Вариант 5:<br/>
<input name="v5" maxlength="50" value="'.$row['v5'].'" title="infa" emptyok="false"/><br/>';
echo '</div>';
if ($ver == "wml") {
echo '<anchor title="go">Добавить<go href="votes.php?$ses&mode=add&ref=$ref" method="post">
<postfield name="nazv" value="$(nazv)"/>
<postfield name="vopros" value="$(vopros)"/>
<postfield name="v1" value="$(v1)"/>
<postfield name="v2" value="$(v2)"/>
<postfield name="v3" value="$(v3)"/>
<postfield name="v4" value="$(v4)"/>
<postfield name="v5" value="$(v5)"/>
</go></anchor><br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
$nazv = substr(check($nazv),0,100);
$vopros = substr(check($vopros),0,200);
$v1 = substr(check($v1),0,100);
$v2 = substr(check($v2),0,100);
$v3 = substr(check($v3),0,100);
$v4 = substr(check($v4),0,100);
$v5 = substr(check($v5),0,100);
if ($row["translit"] == 1) {
$nazv = trun_to_rus($nazv);
$vopros = trun_to_rus($vopros);
$v1 = trun_to_rus($v1);
$v2 = trun_to_rus($v2);
$v3 = trun_to_rus($v3);
$v4 = trun_to_rus($v4);
$v5 = trun_to_rus($v5);
}
$nazv = mysql_real_escape_string(check($nazv));
$v1 = mysql_real_escape_string(check($v1));
$v2 = mysql_real_escape_string(check($v2));
$v3 = mysql_real_escape_string(check($v3));
$v4 = mysql_real_escape_string(check($v4));
$v5 = mysql_real_escape_string(check($v5));
$avtor = mysql_real_escape_string(check($avtor));
$vopros = mysql_real_escape_string(check($vopros));
if (!$vopros or !$v1 or !$v2) {
echo 'Не введён вопрос, или опрос содержит менее двух вариантов ответов!<br/>';
} else {
mysql_query("Insert into votes set nazv ='".$nazv."', avtor ='".$avtor."', date ='".$date."', vopros = '".$vopros."', v1 = '".$v1."', v2 = '".$v2."', v3 = '".$v3."', v4 = '".$v4."', v5 = '".$v5."'");
echo 'Опрос успешно добавлен!<br/>';
$adm = mysql_query ("Select user from users where id='1' LIMIT 1;");
$z = mysql_fetch_array ($adm);
$administration = $z["user"];
$administration = check($administration);
$time = time();
$rnd = mt_rand(0,99999999);
$today = date ("H:i");
$time = time();
$txt = "<b>ВНИМАНИЕ!!!</b> <u>Добавлен новый опрос! Отдай свой голос, ведь он может быть очень важен для чата</u> ;)";
for ($num = 0; $num <= 22; $num++) {
$room = "room" . $num;
mysql_query ("Insert into $room set klu4= '".$rnd."', time='".$today."', who='".$administration."', message='".$txt."', id='".$time."', towhom='', hid='0', usid='1', komu=''");
}
}
}
break;
case 'del':
if ($level < 7) die('Нет прав!'.$fsize2.'');
if (!$act) {
echo 'Удалить опрос?<br/>';
echo "<a href="votes.php?$ses&mode=del&act=go&mid=$mid">Да</a> |
<a href="votes.php?$ses&ref=$ref">Нет</a><br/>";
} else {
$mid = intval($mid);
$zapros = "delete from votes where id = '".$mid."'";
$zapros2 = "delete from voting where vote = '".$mid."'";
if (mysql_query($zapros) and mysql_query($zapros2)) {
echo 'Опрос успешно удален!<br/>';
} else {
echo 'Ошибка при удалении!<br/>';
}
}
break;
case 'vote':
$v = intval($v);
$mid = intval($mid);
$date = date("j.m.Y");
if ($v < 1 or $v > 5) die();
mysql_query ("Select * from voting where vote='".$mid."' and who='".$id."'");
if (mysql_affected_rows() == 0) {
$mid = intval($mid);
mysql_query("INSERT INTO voting SET vote = '".$mid."', date = '$date', who = '".$id."', var = '".$v."'");
echo 'Твой голос принят!<br/>';
} else {
echo 'Зачем дважды голосовать?<br/>';
}
break;
case 'who':
$mid = intval($mid);
$v = intval($v);
$query = mysql_query("select who,date from voting where vote = '".$mid."' and var = '".$v."'");
if (mysql_affected_rows() == 0) {
echo 'Ещё не голосовали!<br/>';
mysql_close ($link);
exit;
} else {
echo '<b>Кто отдал голос:</b><br/>';
$i = 1;
while($arr = mysql_fetch_assoc($query)) {
$r = mysql_fetch_array(mysql_query ("SELECT `user` FROM `users` WHERE `id`='".$arr['who']."' LIMIT 1"));
echo ($i++).') ';
if (!empty($r[0])) {
echo col_n($r[0]).' - '.$arr['date'];
} else {
echo 'Юзер удален';
}
echo '<br/>';
}
}
break;
}
if (!empty($mode)) {
echo "<div class='d1'>
<a href="votes.php?$ses&ref=$ref">Голосование</a></div>n";
}
echo "<div class='d1'><a href="enter.php?$ses&ref=$ref">Прихожая</a></div>n";
include_once "foot.php";
?>