-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsubmit_vote.php
32 lines (32 loc) · 1.18 KB
/
submit_vote.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
<?php
include "connection.php";
session_start();
if(empty($_POST['lan'])){
$error="<center><h4><font color='#FF0000'>Please select a language to vote!</h4></center></font>";
include"voter.php";
exit();
}
$lan = $_POST['lan'];
$sess = $_SESSION['SESS_NAME'] ;
$lan = addslashes($_POST['lan']);
$lan = mysqli_real_escape_string($con, $lan);
$sql = mysqli_query($con, 'SELECT * FROM voters WHERE username="'.$_SESSION['SESS_NAME'].'" AND status="VOTED"');
if(mysqli_num_rows($sql) > 0 ) {
$msg="<center><h4><font color='#FF0000'>You have already been voted, No need to vote again</h4></center></font>";
include 'voter.php';
exit();
}
else{
$sql1 =mysqli_query($con, 'UPDATE languages SET votecount = votecount + 1 WHERE fullname = "'.$_POST['lan'].'"');
$sql2 =mysqli_query($con, 'UPDATE voters SET status="VOTED" WHERE username="'.$_SESSION['SESS_NAME'].'"');
$sql3 = mysqli_query($con, 'UPDATE voters SET voted= "'.$_POST['lan'].'" WHERE username="'.$_SESSION['SESS_NAME'].'"');
if(!$sql1 && !$sql2){
die("Error on mysql query".mysqli_error());
}
else{
$msg="<center><h4><font color='#FF0000'>Congratulation, you have made your vote.</h4></center></font>";
include 'voter.php';
exit();
}
}
?>