25'ten fazla konu seçemezsiniz Konular bir harf veya rakamla başlamalı, kısa çizgiler ('-') içerebilir ve en fazla 35 karakter uzunluğunda olabilir.
 
 
 
 
 
 

145 satır
4.3 KiB

<?php
/**
* Mempersiapkan session. session.use_trans_sid digunakan untuk menghindari
* penyantuman Session ID pada setiap URL.
*
* Ref: https://stackoverflow.com/questions/1745984/php-session-use-trans-sid
*/
ini_set('session.use_only_cookies', TRUE );
ini_set('session.use_trans_sid', FALSE );
session_start();
require_once("conn/db.php");
require_once('utils/helper.php');
/**
* Cek session serta token. Kemudian menyimpan nilai NIM dari session.
*/
if (!isset($_SESSION['nim']) && !isset($_SESSION['token'])) {
header('location:login.php');
} else {
$nim = $_SESSION['nim'];
}
/**
* Di file ini ada 2 proses, yakni submit dari form voting
* dan submit dari form login. Form login akan dihapus nanti.
*/
if ($_POST['formSubmit'] == "Submit") {
/**
* Cek jika token pada $_POST ada.
*/
if (!empty($_POST['token_'])) {
if (hash_equals($_SESSION['token'], $_POST['token_'])) {
/**
* Menyipakan data yang akan diinput ke DB
*/
$senat = $_POST['senat'];
$balma = $_POST['balma'];
// Ada yang kosong.
if (!isset($senat) || !isset($balma) || empty($senat) || empty($balma)) {
$_SESSION['get'] = 1;
header('location:index.php?get=1');
} else {
$pecah = explode('-', $senat);
$pecah2 = explode('-', $balma);
$id_cln_senat = $pecah[0];
$id_sts_senat = $pecah[1];
$id_cln_balma = $pecah2[0];
$id_sts_balma = $pecah2[1];
if (empty($id_cln_senat) && empty($id_cln_balma) && empty($id_sts_senat) && empty($id_sts_balma)) {
$_SESSION['get'] = 4;
header('location:index.php?get=4');
} else {
$queryCheckSenat = "SELECT * FROM tb_calon WHERE id_calon='$id_cln_senat' AND id_status='$id_sts_senat'";
$queryCheckBalma = "SELECT * FROM tb_calon WHERE id_calon='$id_cln_balma' AND id_status='$id_sts_balma'";
$isCandidateSenat = odbc_num_rows(odbc_exec($koneksi, $queryCheckSenat));
$isCandidateBalma = odbc_num_rows(odbc_exec($koneksi, $queryCheckBalma));
//cek jika hasil pecah terdapat di db
if ($isCandidateSenat == 1 && $isCandidateBalma == 1) {
$a = "SELECT * FROM tb_pemilu WHERE nim_mhs = '".$nim."'";
$b = odbc_exec($koneksi,$a);
$c = odbc_num_rows($b);
$ipaddr = getRealIpAddr();
if ($c == 0) { // Cek jika dia belum voting sebelumnya
// Menyiapkan query, proses ini sudah pakai Transaction
odbc_autocommit($koneksi, FALSE);
$stmt1 = odbc_prepare($koneksi, 'INSERT INTO tb_pemilu (id_calon,id_status,nim_mhs,ip) values (?, ?, ?, ?)');
$stmt2 = odbc_prepare($koneksi, 'INSERT INTO tb_pemilu (id_calon,id_status,nim_mhs,ip) values (?, ?, ?, ?)');
$values1 = array($id_cln_senat, $id_sts_senat, $nim, $ipaddr);
$values2 = array($id_cln_balma, $id_sts_balma, $nim, $ipaddr);
$exec0 = odbc_execute($stmt1, $values1);
$exec1 = odbc_execute($stmt2, $values2);
if (!odbc_error()) {
odbc_commit($koneksi);
} else{
odbc_rollback($koneksi);
}
odbc_close($koneksi);
// Voting selesai
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
session_destroy();
header('location:login.php');
} else {
// Udah voting sebelumnya, logout.
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
session_destroy();
header('location:login.php');
}
} else {
//jika tidak terdapat di db
$_SESSION['get'] = 1;
header('location:index.php?get=1');
}
}
}
} else {
// Token beda, logout.
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
session_destroy();
header('location:login.php');
}
} else {
// Token kosong, logout.
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
session_destroy();
header('location:login.php');
}
}