require_once("script/connect.php"); $id = htmlspecialchars($_GET["id"]); if(is_numeric($id) && $id > 0 && $id == round($id, 0)){ $dotaz = $pdo->prepare("SELECT * FROM nominace WHERE id = ?"); $dotaz->execute(array($id)); $uzivatel = $dotaz->fetch(); if($uzivatel["img"] == '') $foto = "img/male.png"; else $foto = "files/a{$uzivatel['id']}.{$uzivatel['img']}"; if (!$uzivatel) header("Location: /"); else { } } else header("Location: /"); if($_POST) { if ($_POST["email"] != '') { require_once('script/connect.php'); require_once('mail/class.phpmailer.php'); $hash = md5(uniqid(rand(), true)); // oveřit, jestli už nehlasoval $dotaz = $pdo->prepare("SELECT * FROM hlasy WHERE email = ? AND stav = 2"); $dotaz->execute(array($_POST["email"])); $existuje = $dotaz->fetch(); if($existuje) $messageSent = "
Jej... Zdá se, že z tohoto e-mailu jste již hlasovali.
"; else { $dotaz = $pdo->prepare("INSERT INTO hlasy (email, parent, hash) VALUES (:email, :parent, :hash)"); $vysledek = $dotaz->execute(array( ":email" => $_POST["email"], ":parent" => $_POST["id"], ":hash" => $hash )); $idParent = $pdo->lastInsertId(); $bodytext ="presmerovat
"; } //oveření zda nehlasoval } else { $messageSent = "Nezdařilo se. Vyplnili jste email?
"; } } ?>