- Joined
- Oct 11, 2012
- Location
- The Netherlands
Hi,
I have a problem, when trying to cast a vote using this vote script some people can vote e.g. naam = Rob and leerlingnummer = 132348 but name = Rhea and leerlingnummer = 132772 can't vote and gets the error on line 54 (Dit leerlingennummer hoort niet bij deze leerling).
How do I fix this?
Page here http://informatica.pvanhorne.nl/~lsd2013/
Please help, this needs to be working on monday...
I have a problem, when trying to cast a vote using this vote script some people can vote e.g. naam = Rob and leerlingnummer = 132348 but name = Rhea and leerlingnummer = 132772 can't vote and gets the error on line 54 (Dit leerlingennummer hoort niet bij deze leerling).
How do I fix this?
Page here http://informatica.pvanhorne.nl/~lsd2013/
PHP:
<?php
$melding = '';
$melding2 = '';
$error = 0;
//if (date('W') != '48') {
// header('Location: novote.php');
//}
if(isset($_POST['submit']))
{
if(empty($_POST['firstname']) OR empty($_POST['username']))
{
$error = 1;
$melding .= 'Wel alles invullen slimbo!';
}
else
{
$_POST['firstname'] = str_replace('é','e',$_POST['firstname']);
$_POST['firstname'] = str_replace('á','a',$_POST['firstname']);
$_POST['firstname'] = str_replace('ë','e',$_POST['firstname']);
$_POST['firstname'] = str_replace('è','e',$_POST['firstname']);
$_POST['firstname'] = str_replace('ö','o',$_POST['firstname']);
$_POST['firstname'] = str_replace(' ','',$_POST['firstname']);
$_POST['username'] = str_replace(' ','',$_POST['username']);
$_POST['firstname'] = ucfirst($_POST['firstname']);
$mys=mysql_connect("//u no see my password!//") or die (mysql_error());
mysql_select_db("db_lsd2013",$mys) or die (mysql_error());
$query = mysql_query("SELECT username FROM stemmen WHERE username = ".mysql_real_escape_string($_POST['username']));
if(mysql_num_rows($query) > 0)
{
$error = 1;
$melding .= 'Je mag maar één keer stemmen.<br/>';
}
$sql = "SELECT username, firstname FROM students WHERE username = ".mysql_real_escape_string($_POST['username']);
$query = mysql_query($sql);
if(mysql_num_rows($query) > 0)
{
$get = mysql_fetch_assoc($query);
if($_POST['keuze1'] == 0)
{
$error = 1;
$melding .= 'Wel een thema kiezen slimbo...<br/>';
}
if($get['firstname'] != $_POST['firstname'])
{
$error = 1;
$melding .= 'Dit leerlingennummer hoort niet bij deze leerling.<br/>';
}
}
else
{
$error = 1;
$melding .= 'Alleen leerlingen van HAVO 5 en VWO 6 mogen stemmen.<br/>';
}
if($error == 0)
{
$melding2 = 'Je hebt gestemd!';
$ip = $_SERVER['REMOTE_ADDR'].':'.$_SERVER['REMOTE_PORT'];
$datijd = date("m-d-y H:i:s");
$query = mysql_query("INSERT INTO stemmen VALUES ('".mysql_real_escape_string($_POST['username'])."','".mysql_real_escape_string($_POST['firstname'])."','".$_POST['keuze1']."','".$ip."','".$datijd."')");
}
}
}
?>
Last edited: