<?php
//****************************** Wichtige Variablen ************************************************** ***************
$vote = 1; // Voteskript aktiv (1 = Ja, Jede andere Zahl = Nein)
$timelimit = 43200; // Das Zeitlimit in Sekunden (12 Stunden = 43200 Sekunden)
$character = $_POST['Charakter']; // Charakter-ID für das Senden der Items
$ChoosedItem = $_POST['ChooseItem']; // Variable für die Auswahl der Items
$timestamp = time(); // Zeit, die zusammen mit $timelimit die Sperrzeit ergibt
$ip = $_SERVER['REMOTE_ADDR']; // IP (wird geloggt)
$datum = date("Y-m-d H:i:s",$timestamp); // Datum (wird geloggt)
if ($ChoosedItem == 1) { // Eigenschaften des ersten zu wählenden Items
$rewardName = "Scroll of Amplification ES (S)"; // Exakter Name des Items
$rewardId = '30148'; // ID des Items
$rewardAmount = '3';} // Anzahl des Items
elseif ($ChoosedItem == 2){ // Eigenschaften des zweiten zu wählenden Items
$rewardName = "Scroll of Element Change"; // Exakter Name des Items
$rewardId = '20037'; // ID des Items
$rewardAmount = '2';} // Anzahl des Items
elseif ($ChoosedItem == 3){ // Eigenschaften des dritten zu wählenden Items
$rewardName = "Scroll of Resurrection"; // Exakter Name des Items
$rewardId = '10431'; // ID des Items
$rewardAmount = '5';} // Anzahl des Items
else { // Eigenschaften des dritten zu wählenden Items
$rewardName = "Silver Battery"; // Exakter Name des Items
$rewardId = '26454'; // ID des Items
$rewardAmount = '1'; // Anzahl des Items
}
//************************************************** ************************************************** ***************
if ($vote == 1) {
$link = mssql_connect('NAME\SQLEXPRESS', 'sa', 'PW');
$db = @mssql_select_db('HOMEPAGE_DBF') or die ("Homepage-Error #00");
$result = mssql_fetch_row(mssql_query("SELECT top 1 character, ip, date, time FROM VOTE_TBL WHERE ip = '$ip' order by time DESC"));
$last = date('Y-m-d H:i:s',mktime(date('H'),date('i'),date('s'),date(' m'),date('d')-1,date('y')));
$lastday = mssql_fetch_row(mssql_query("SELECT count(*) FROM VOTE_TBL where [date] > '$last'"));
$alltime = mssql_fetch_row(mssql_query("SELECT count(*) FROM VOTE_TBL"));
if($ip == $result[1] and ($timestamp - $result[3] < $timelimit)){
$vote_allow = 0;
$votetime = $timelimit-($timestamp - $result[3]);
$Stunden = floor($votetime / 3600);
$Minuten = floor(($votetime / 3600 - $Stunden) * 60);
$Sekunden = floor((($votetime / 3600 - $Stunden) * 60 - $Minuten) * 60);
$votenotice = 'You can vote again in <b>'.$Stunden.'</b> hours, <b>'.$Minuten.'</b> minutes and <b>'.$Sekunden.'</b> seconds.';
mssql_close($link);
}
else {$vote_allow = 1; $votenotice = '<span id="OpenVoteWindow" onclick="OpenVoteWindow();">Click here to vote for Battle-For-Eternity.<br /><b>' .$lastday[0].'</b> People have vote in the last 24 hours!</span>';}
} else {$votenotice = 'The vote script is currently not available.'; mssql_close($link);}
if ($vote_allow == 1) {
if(isset($_POST['submitvote'])){
require_once("xinc_antisql.php");
$antisql = preg_replace($check,"",$_POST['Charakter'].$_POST['ChooseItem']);
if ($_POST['Charakter'].$_POST['ChooseItem'] != $antisql or $ChoosedItem == '0' or $ip == $result[0] and ($timestamp - $result[1] < $timelimit)) {$votenotice = '<b>Error #01:</b><br />Please select an <b>Item</ b> and/or wear a<b>valid character names</ b>.';}
else {
$link = mssql_connect('NAME\SQLEXPRESS', 'sa', 'PW');
$db = @mssql_select_db('CHARACTER_01_DBF') or die ("Homepage-Error #01");
$result = mssql_query("SELECT m_idPlayer, m_szName FROM CHARACTER_TBL WHERE m_szName = '$character';"); $sql_row = mssql_fetch_row($result); $character1 = $sql_row[0];
if($_POST['Charakter'] != $sql_row[1]) {$votenotice = '<b>Error:</b><br />A character with the name "<i>'.$_POST['Charakter'].'</i>" doesn´t exist.';}
else {
$db = @mssql_select_db('HOMEPAGE_DBF') or die ("Homepage-Error #03");
mssql_query("INSERT INTO VOTE_TBL (character, ip, date, time) VALUES ('$character', '$ip', '$datum', '$timestamp')");
$db = @mssql_select_db('CHARACTER_01_DBF') or die ("Homepage-Error #04");
mssql_query("INSERT INTO ITEM_SEND_TBL([m_idPlayer], [serverindex], [Item_Name], [Item_count], [idSender], [adwItemId0]) VALUES ('{$character1}', '01', '{$rewardName}', '{$rewardAmount}', '0000001', '{$rewardId}');");
$votenotice = 'Thank you very much, '.$_POST['Charakter'].'.

';}
mssql_close($link);
}
}
}
?>