[Req] Vote script in the index.php

[silviosing]

i cant use this in my website i think that i need query of sql.

<?phpif($_SESSION['user_login'] != 'ok');




$ip = $_SERVER["REMOTE_ADDR"];
$time = time() + 43200;
$link = 'http://www.xtremetop100.com/in.php?site=1132295140';
$image = 'http://openmu.com/images/vote/votenew.jpg';


mssql_query("DELETE FROM Banner_Vote WHERE voteend<'".time()."'");
$account = mssql_fetch_array(mssql_query("SELECT * FROM Banner_Vote WHERE account='$user'"));
$ips = mssql_fetch_array(mssql_query("SELECT * FROM Banner_Vote WHERE ip='$ip'"));
$username = mssql_fetch_array(mssql_query("SELECT * FROM MEMB_CREDITS WHERE memb___id='$user'"));
$newcredits= $username['credits']+25;
$votetime = max($account['voteend'],$ips['voteend']);
$voteend = $votetime - time();


$proxy1 = $_SERVER['HTTP_X_FORWARDED_FOR'];
$proxy2 = $_SERVER['HTTP_VIA'];
$proxy3 = $_SERVER['HTTP_PROXY_CONNECTION'];
$proxy4 = $_SERVER['HTTP_CONNECTION']; 
if (!empty($proxy1) || !empty($proxy2) || !empty($proxy3) || empty($proxy4)) { include("modules/news.php"); } else {


if ($voteend > 0) { echo"<br><font color=red><b><center>You're already voted try again after <font color=blue><script src=\"index/clock.js\" type=\"text/javascript\"></script><b><div id=\"bxx\"></div></b><SCRIPT language=\"JavaScript\">pp='$voteend'; ps=''; t();</script></font></center></b></font>"; }


else {
if($_GET['v']==1) {
mssql_query("UPDATE MEMB_CREDITS SET credits='$newcredits' WHERE memb___id='$user'");
mssql_query("INSERT INTO Banner_Vote VALUES ('$user','$time','$ip')");
echo "<font color=green><center>Thanks <b>$user</b> you won 25 credits now you have <b>$newcredits</b> credits!</center></font>";
}
else { echo "<br><a href='?op=yes' OnClick=\"window.open('$link');\"><img src='$image'></a>"; }
}
}
?>

someone help me??

 

[varcush]

u need Banner_Vote table in MuOnline SQL Tables with columns account, voteend, ip and probably you need to change ur $_SESSION['user_login']

 

[dota-sdso]

Yes varcush is right. I have seen

<?phpif($_SESSION['user_login'] != 'ok');

in some web, do not remember which one exactly. But this check will do a problems because, no one can tell you what "ok" means and where it's coming from

So better use logged user -> existing account -> session check instead of this if you are not sure

P.S. And especially for Xtreeem there is an API implemented so you may use a feedback, because other ways nobody can be sure the user has voted or not. They may click on the vote link and do not do the whole process but you will still give them a credits which is pointless.

Just for an example you may use something like this:
http://darksteam.net/releases/[release]-xtreemetop100-vote-system-postback-21890.html