Просмотр файла golos/index.php

Размер файла: 4.92Kb
<?php
###########################################################################
##                         -=Lesnik=-                                    ##
##                       ---------------                                 ##
##                   http://wenz.net.ru                                  ##
##                           *-*-*-*                                     ##
##                                                                       ##
##                      ICQ: 366-244-181                                 ##
##                          - - - - -                                    ##
##                 Скрипт: Голосований для игры ГТА                      ##
##                          - - - - -                                    ##
###########################################################################

//START TIMER
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;



//MySQL
include "./../ini3.php";
include "./../includes/header2.php";
include "./../includes/inc_online.php";
include("cfg.php");
echo '<small>';

$id=cyr(htmlspecialchars(stripslashes(trim($id))));
$pass=cyr(htmlspecialchars(stripslashes(trim($pass))));

if(!empty($id))
{
$q = mysql_query("select secur,golod,voodoo,nums,guns,cars,id,login,pass,money,level,police,health,zav,lsd,ban from users where id='".$id."';");
}
else
{
die ($lang['empty_login']."</small></body></html>");
}

$data = mysql_fetch_array($q);

$id=$data['id'];
$login=$data['login'];
$money=$data['money'];
$level=$data['level'];
$police=$data['police'];
$stage=$data['stage'];
$health=$data['health'];
$cars=$data['cars'];
$guns=$data['guns'];
$nums=$data['nums'];
$voo_por=$data['voodoo'];
$golod=$data['golod'];
$secur=$data['secur'];
$zav=$data['zav'];
$lsd=$data['lsd'];
$ban=$data['ban'];

if($pass!=$data['pass'])
{
die ($lang['empty_login']."</small></body></html>");
}

mysql_query("update users set last='".time()."',city='1' where id='".$id."';");

//TITLE


@$dbid = intval($_GET['dbid']);
@$mod = $_GET['mod'];
$REMOTE_ADDR = htmlspecialchars(addslashes(trim(getenv("REMOTE_ADDR"))));
$HTTP_USER_AGENT = htmlspecialchars(addslashes(trim(getenv("HTTP_USER_AGENT"))));
///////////////////////////////////////////////////////
//WML VERSION
///////////////////////////////////////////////////////



if (empty($mod)) $mod="index";
switch ($mod) {
case "index";

echo "<b>Отдай свой голос!</b><br/>";
echo "<u>Список кандидатов</u>:<br/><br/>";

$sql = mysql_query("SELECT * FROM `".$opros."` ORDER BY `dbid` ASC, `dbid` ASC;");
if(mysql_affected_rows() == 0)
{
echo "Кантендентов нет!<br/>\n";
}
while($opr = mysql_fetch_array($sql))
{

$id=$data['id'];
$name = $opr['name'];
$dbid = $opr['dbid'];

echo "<a href=\"./index.php?id=$id&amp;pass=$pass&amp;mod=golos&amp;dbid=".$dbid."\">".$name."</a><br/>";
}
echo "- - -<br/><a href=\"./rating.php?id=$id&amp;pass=$pass\">Рейтинг</a><br/>";
echo "<a href=\"./../city1/mer.php?id=$id&amp;pass=$pass\">Мэрия</a><br/>";
break;

///////////////////////////////////////////////////////
///////////////////////////////////////////////////////
case "golos";

$sql = mysql_query("SELECT * FROM `".$opros."` WHERE `dbid`='".$dbid."';");
if(mysql_affected_rows() == 0)
{
echo "Ошибка!<br/>\n";
//STOP TIMER
list($msec, $sec) = explode(chr(32), microtime());
echo "<small>[".round(($sec + $msec) - $headtime, 5)."]</small><br/>\n";
echo "</small></body></html>";
exit();
}
///////////////////////////////////////////////////////

$sql = mysql_query("SELECT * FROM `".$gols."` WHERE `ip` = INET_ATON('".$REMOTE_ADDR."') AND `time` > '".(time() - 3600)."';");
if(mysql_affected_rows() == 0)
{
mysql_query("UPDATE `".$opros."` SET `golos` = `golos` + 1 WHERE `dbid` = ".$dbid.";");
mysql_query("INSERT INTO `".$gols."` SET `ip` = INET_ATON('".$REMOTE_ADDR."'), `time` = '".time()."', `browser` = '".$HTTP_USER_AGENT."', `dbid` = '".$dbid."';");
echo "Ваш голос учтён!<br/>- - -<br/>\n";
}else{
echo "Ваш голос учтён ранее!<br/>- - -<br/>\n";
}


///////////////////////////////////////////////////////
$sql2 = mysql_query("SELECT * FROM `".$opros."` ORDER BY `golos` DESC;");
$sql3 = mysql_query("SELECT SUM(`golos`) FROM `".$opros."`;");
$a = mysql_result($sql3, 0);

if(mysql_affected_rows() == 0)
{
echo "Кандидатовтов нет!<br/>\n";
}
while($opr2 = mysql_fetch_array($sql2))
{
$name = $opr2['name'];
$gl = $opr2['golos'];
$pro = $gl/$a*100;
$pro = round($pro, 1);

echo "<u>".$name."</u>: <b>".$gl."</b> / <b>".$pro."%</b><br/>";
}
echo "- - -<br/><a href=\"./index.php?id=$id&amp;pass=$pass\">Назад</a><br/>";
break;
}
//STOP TIMER
list($msec, $sec) = explode(chr(32), microtime());
echo "<small>[".round(($sec + $msec) - $headtime, 5)."]</small><br/>\n";
echo "</small></body></html>";
?>