<?php require_once('Connections/MDCP2009.php'); ?>
<?php include("login/include.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO vote (id, kuenstler, email, vorname, nachname, strasse, plz, ort) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['id'], "int"),
GetSQLValueString($_POST['kuenstler'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['vorname'], "text"),
GetSQLValueString($_POST['nachname'], "text"),
GetSQLValueString($_POST['strasse'], "text"),
GetSQLValueString($_POST['plz'], "text"),
GetSQLValueString($_POST['ort'], "text"));
mysql_select_db($database_MDCP2009, $MDCP2009);
$Result1 = mysql_query($insertSQL, $MDCP2009) or die(mysql_error());
$insertGoTo = "danke.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
mysql_select_db($database_MDCP2009, $MDCP2009);
$query_MDCP2009 = "SELECT kuenstler, email, vorname, nachname, strasse, plz, ort FROM vote";
$MDCP2009 = mysql_query($query_MDCP2009, $MDCP2009) or die(mysql_error());
$row_MDCP2009 = mysql_fetch_assoc($MDCP2009);
$totalRows_MDCP2009 = mysql_num_rows($MDCP2009);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Unbenanntes Dokument</title>
</head>
<body>
{restricted}
<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
<table align="center">
<tr valign="baseline">
<td nowrap="nowrap" align="right">Id:</td>
<td><input type="text" name="id" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Kuenstler:</td>
<td><input type="text" name="kuenstler" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Email:</td>
<td><input type="text" name="email" value="{email}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Vorname:</td>
<td><input type="text" name="vorname" value="{vname}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Nachname:</td>
<td><input type="text" name="nachname" value="{nname}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Strasse:</td>
<td><input type="text" name="strasse" value="{strasse}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Plz:</td>
<td><input type="text" name="plz" value="{plz}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Ort:</td>
<td><input type="text" name="ort" value="{ort}" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"> </td>
<td><input type="submit" value="Datensatz einfügen" /></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1" />
</form>
<div align="center">{logout}
<?php
$email = "{email}";
$sql = "SELECT * FROM stimmen WHERE email = '{email}'";
$result = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($result)) {
echo ("is da");// E-Mail ist enthalten
} else {
echo ("is nicht da");// E-Mail ist nicht enthalten
}
?>
<br /><br />
<?php
$sql="SELECT email FROM stimmen WHERE email='$email'";
$query=mysql_query($sql);
$num_rows = mysql_num_rows($query);
if ($num_rows==1)
{
echo "yes";
}
else
{
echo "no";
} ?>
<br /><br />
<?php echo "$email"; ?>
<br /><br />
<?php echo "{email}"; ?>
<?php
$sql = @mysql_query("SELECT COUNT(`id`) AS `count` FROM `stimmen` WHERE `email`='$email';");
$res = @mysql_fetch_assoc($sql);
if($res['count'] > 0)
{
echo "Vorhanden.";
}
?>
{/restricted}</div>
<p>{unrestricted}
Bitte einloggen: </p>
<p>{loginbox}</p>
<p>Wenn Sie noch kein Benutzer haben dann bitte hier Anmelden: </p>
<p>{register} {/unrestricted}</p>
</body>
</html>
<?php
mysql_free_result($MDCP2009);
?>