$getInfo->bind_param('s', $id); $getInfo->execute(); $getInfo->store_result(); $getInfo->bind_result($pid, $pname, $pcode, $padded, $ppl_id); $pos_rows = '<table class="table"><thead> <tr> <th> Name </th> <th> Added By</th> <th> Vote </th> </tr> </thead> '; while ($getInfo->fetch()) { // votes $pscore = get_percent_on_position($pid, $mysqli, $ppl_id); $res = check_vote($pid, $mysqli); if (!$res['voted']) { $vote_td = '<td>' . '<a href="#" onclick="vote_up_dn(\'' . $pid . '\');" ><span class="fa fa-arrow-up"></span></a> <b>' . $pscore * 100 . '%</b>' . '</td>'; } else { if ($res['voted'] == 1) { $vote_td = '<td>' . '<a href="#" onclick="vote_up_dn(\'' . $pid . '\');" ><span class="fa fa-arrow-down"></span></a> <b>' . $pscore * 100 . '%</b>' . '</td>'; } else { $vote_td = '<td><b>' . $pscore * 100 . '%</b></td>'; } } // check whether eligible $active = is_role_active($pid, $mysqli, $ppl_id); if ($active) { $tr = '<tr>'; } else { $tr = '<tr class="alert alert-warning">';
unset($_REQUEST['nickname']); unset($_REQUEST['region']); unset($_REQUEST['sex']); unset($_REQUEST['birthdatey']); unset($_REQUEST['marriage']); unset($_REQUEST['phone']); unset($_REQUEST['cellphone']); unset($_REQUEST['education']); unset($_REQUEST['email']); unset($_REQUEST['birthdatem']); unset($_REQUEST['birthdated']); check_vote($_REQUEST, $uid); } else { $sql = "select uid from web_members where username = '******'Moo_username']}'"; $uid = $db->getOne($sql); check_vote($_REQUEST, $uid); $sub = $_REQUEST; } sub_insert($_REQUEST, $uid['uid']); //获取投票结果资料 } else { if ($_REQUEST['action'] == 'result') { $sql = "select nick_name from vote_member where uid = '{$_REQUEST['uid']}'"; $nickname = $db->getOne($sql); $nickname = $nickname['nick_name']; $_REQUEST['sub'] = urldecode($_REQUEST['sub']); $arr = explode(',', $_REQUEST['sub']); array_pop($arr); foreach ($arr as $k => $v) { $array[] = explode('.', $v); }
echo do_sql('deletion', $send, 'delete', $mysqli, $where); // deleted entry } else { $send['deletion_tbl_id'] = $_POST['did']; $send['deletion_people_id'] = $_SESSION['id']; $send['deletion_tbl'] = $table; $where = ''; echo do_sql('deletion', $send, 'insert', $mysqli); // inserted entry } } break; case 'upDnVote': if ($_POST['pos'] != "" && ($_SESSION['topCode'] == 'EDC' || $_SESSION['topCode'] == 'EDT' || $_SESSION['topCode'] == 'DIR')) { $pos_id = $mysqli->real_escape_string($_POST['pos']); $vote_valid = check_vote($pos_id, $mysqli); // vote check if ($vote_valid['voted']) { if ($vote_valid['voted'] == 2) { echo 0; exit; } // deleting a vote $send = ''; $where['app_position_id'] = $pos_id; $where['app_people_id'] = $_SESSION['id']; do_sql('approval', $send, 'delete', $mysqli, $where); } else { // inserting a vote $send['app_position_id'] = $pos_id; $send['app_people_id'] = $_SESSION['id'];