<?php
include'dataedit/sql.php';
function mailjim($title, $error){
	$subject = "vote $title error";
	$headers = "From: \"Information Britain\"<info@information-britain.co.uk>\r\n";
	mail('jim.rolt@googlemail.com', $subject, $error, $headers);
}

$up = mysql_query("DELETE FROM voters WHERE stamp <= SUBTIME(NOW(), '00:00:30.0000000')")or mailjim("up", mysql_error());
$ch = mysql_query("SELECT * FROM voters WHERE ip = '".$_SERVER['REMOTE_ADDR']."'")or mailjim("ch", mysql_error());
if(mysql_num_rows($ch) == 0){
	if(isset($_POST['brit'])){
		$brit = intval($_POST['brit']);
		$up = mysql_query("INSERT INTO Britvotes (placeID, votes, dateadded)
		VALUES($brit, 1, NOW())
		ON DUPLICATE KEY UPDATE votes = votes+1")or mailjim("britup", mysql_error());
		$nc = mysql_query("SELECT name FROM famous WHERE id = $brit")or mailjim("nc", mysql_error());
		$tn = mysql_fetch_object($nc);
		$name = $tn->name;
	}
	elseif(isset($_POST['event'])){
		$place = intval($_POST['event']);
		$up = mysql_query("INSERT INTO Eventvotes (placeID, votes, dateadded)
		VALUES($place, 1, NOW())
		ON DUPLICATE KEY UPDATE votes = votes+1")or mailjim("eventup", mysql_error());
		$ev = mysql_query("SELECT event FROM events WHERE eventid = $place")or mailjim("ev", mysql_error());
		$tn = mysql_fetch_object($ev);
		$name = $tn->event;
	}
	elseif(isset($_REQUEST['townbox'])){
		$tid = mysql_real_escape_string($_REQUEST['townbox']);
		$sql = "SELECT CountryID FROM CountyDetails
		INNER JOIN Towns ON Towns.County = CountyDetails.RecordID
		AND Towns.Name = '$tid'";
		if(isset($_REQUEST['county'])){$sql .= " AND Towns.County = '".intval($_REQUEST['county'])."'";}
		$check = mysql_query($sql)or mailjim("check", mysql_error());
		$ch = mysql_fetch_object($check);
		if($ch->CountryID != 4){
		$sql = "INSERT INTO townvotes (townid, votes, dateadded)
			SELECT ID, '1', NOW() FROM Towns WHERE Name = '$tid'";
			if(isset($_REQUEST['county'])){$sql .= " AND County = '".intval($_REQUEST['county'])."' ";}
			$sql .= " ON DUPLICATE KEY UPDATE townvotes.votes = townvotes.votes+1";
			$up = mysql_query($sql)or mailjim("up", mysql_error());
			/*$message = "Favourite Town voted for: vote for $tid\n";
			$headers = "From: Information Britan <info@information-britain.co.uk>\n";
			mail('simonwaite555@gmail.com', 'Town Vote', $message, $headers);
			$sql = "SELECT votes FROM townvotes
			INNER JOIN Towns ON Towns.ID = townvotes.townid AND Name = '$tid' ";
			if(isset($_POST['county'])){$sql .= "AND Towns.County = ".intval($_POST['county']);}
			$tv =  mysql_query($sql)or mailjim("tv", mysql_error());
			$tvote = mysql_fetch_object($tv); */
			$name = $_REQUEST['townbox'];
		}
	}
	elseif(isset($_POST['placeid'])){
		$place = intval($_POST['placeid']);
		$up = mysql_query("INSERT INTO Estvotes (placeID, votes, dateadded)
		VALUES($place, 1, NOW())
		ON DUPLICATE KEY UPDATE votes = votes+1")or mailjim("up", mysql_error());
		$nc = mysql_query("SELECT Name, votes FROM EstDetails
		INNER JOIN Estvotes ON Estvotes.placeID = EstDetails.RecordID
		WHERE RecordID = $place")or mailjim("nc", mysql_error());
		$tn = mysql_fetch_object($nc);
		$name = $tn->Name;
		/*
		$message = "Favourite Place voted for: vote for recordID $place, $tn->Name\n";
		$headers = "From: Information Britan <info@information-britain.co.uk>\n";
		echo"$type Vote, $message, $headers";
		mail('simonwaite555@gmail.com', "$type Vote", $message, $headers);
		*/
	}
	elseif(isset($_GET['filmbox'])){
		$detail = mysql_real_escape_string(urldecode($_GET['filmbox']));
		$q = mysql_query("SELECT SQL_CACHE * FROM films WHERE title = '$detail'")or die(mysql_error());
		if(mysql_num_rows($q) == 0){
			$filmname = $_GET['filmbox'];
			$message = "A vote for a new film: $filmname\n";
			$headers = "From: Information Britan <info@information-britain.co.uk>\n";
			mail('simonwaite555@gmail.com', 'New Film Vote', $message, $headers);
		}
		else{
			$film = mysql_fetch_object($q);
			$u = mysql_query("UPDATE films SET votes = votes+1 WHERE filmid = $film->filmid")or die(mysql_error());
			/*$c = mysql_query("SELECT SUM(votes) AS total FROM films WHERE filmid = $film->filmid")or die(mysql_error());
			$vn = mysql_fetch_object($c);
			$message = "Film voted for: vote for $film->title, id number $film->filmid, vote is registered\n";
			*/
			$name = $film->title;
		}
		//$headers = "From: Information Britan <info@information-britain.co.uk>\n";
	}
	
	elseif(!empty($_GET)){
		if(key($_GET) == 'type'){
			$type =  current($_GET);
		}
		else{
			$get = current($_GET);
			$type = mysql_real_escape_string(str_replace('_', ' ', key($_GET)));
			$place = intval(current($_GET));
			$up = mysql_query("INSERT INTO Shopvotes (placeID, votes, dateadded)
			VALUES($place, 1, NOW())
			ON DUPLICATE KEY UPDATE votes = votes+1")or mailjim("up", mysql_error());
			$nc = mysql_query("SELECT Name, votes FROM Shops
			INNER JOIN Shopvotes ON Shopvotes.placeID = Shops.ID
			WHERE ID = $place")or mailjim("nc", mysql_error());
			$tn = mysql_fetch_object($nc);
			$name = $tn->Name;
			/*$message = "Favourite Shop voted for: vote for ID $place, $tn->Name\n";
			$headers = "From: Information Britan <info@information-britain.co.uk>\n";
			mail('simonwaite555@gmail.com', "$type shop Vote", $message, $headers);
			*/
		}
	}


}
$new = mysql_query("INSERT INTO voters VALUES('".$_SERVER['REMOTE_ADDR']."', NOW())")or mailjim("new", mysql_error());
header("HTTP/1.1 303 See Other");
header("Location: favouritebritain.php?name=$name");
?>