function add_vote($name, $intervals, $event_id, $account = 0, $hash = "") { global $db; $user = false; if ($hash == "") { $user = get_user_from_account($event_id, $account); } else { $db->Prepare("SELECT * FROM users WHERE id IN (SELECT completed FROM invites WHERE event_id='\$0' AND hash='\$1')"); $db->Execute($event_id, $hash); if ($db->RowCount() > 0) { $user = $db->Fetch(); } } if ($user !== false && ($hash != "" || $account != 0)) { $query = "UPDATE votes SET value = CASE interval_id "; foreach ($intervals as $i) { $query .= "WHEN '" . $i[0] . "' THEN '" . $i[1] . "' "; } $query .= "END WHERE user_id='\$0'"; $db->Prepare($query); $db->Execute($user["id"]); return $user["id"]; } else { $id = add_user($name, $event_id, $account); $query = "INSERT INTO votes (interval_id,user_id,value) VALUES "; foreach ($intervals as $i) { $query .= "(" . $i[0] . ",{$id}," . $i[1] . "),"; } $query = substr($query, 0, strlen($query) - 1); $db->Prepare($query); $db->Execute(); return $id; } }
$event = get_event($_GET["event"]); if ($event == null) { header("Location: /" . SITE_ROOT); } if ($event["public"] == 0 && $event["account"] != $account && !(isset($_GET["key"]) && validate_invite($event["id"], $_GET["key"])) && !($account !== false && validate_invite_account($event["id"], $account))) { header("Location: /" . SITE_ROOT); } $intervals = get_event_intervals($event["id"]); $ranked = $intervals; usort($ranked, "event_intervals_cmp"); $users = get_users($event["id"]); $comments = get_comments($event["id"]); $max = count($ranked) > 0 ? count($ranked[0][2]) : 0; $me = false; if ($account !== false) { $me = get_user_from_account($event["id"], $account); } if ($event["public"] == 0 && $account === false) { $me = get_invite_user($event["id"], $_GET["key"]); } $title = $event["name"]; require_once "header.php"; ?> <h2><?php echo $event["name"]; ?> </h2> <?php if ($event["type"] == "open") { require_once "viewopen.php"; } else {