Is this lil script coded right? PHP...

[Ryan]

<?
include("admin/config.php");
include("admin/mysql.php");
$username = $_GET['username'];
   $sql="select count(*) as num_votes FROM votes WHERE username='$username'";
   $r = mysql_query($sql);
   $row = mysql_fetch_array($r);
    $tmpp = $row['num_votes'];
   {
    if tmpp == "0" => $img = "0.gif"
    if $tmpp == "1" => $img = "1.gif"
    if $tmpp == "10" => $img = "2.gif"
    if $tmpp == "20" => $img = "3.gif"
    if $tmpp == "30" => $img = "3.gif"   
    if $tmpp == "40" => $img = "4.gif"
    if $tmpp == "50" => $img = "5.gif"
    return $img;
   }
?>
or this one look better
<?
include("admin/config.php");
include("admin/mysql.php");
$username = $_GET['username'];
   $sql="select count(*) as num_votes FROM votes WHERE username='$username'";
   $r = mysql_query($sql);
   $row = mysql_fetch_array($r);
    $tmpp = $row['num_votes'];
    if ($tmpp == "0") { $img = "0.gif" }
    if ($tmpp == "1") { $img = "1.gif" }
    if ($tmpp == "10") { $img = "2.gif" }
    if ($tmpp == "20") { $img = "3.gif" }
    if ($tmpp == "30") { $img = "3.gif" }   
    if ($tmpp == "40") { $img = "4.gif" }
    if ($tmpp == "50") { $img = "5.gif" }
    return $img;
?>

[Thantos]

Never take something stright from $_GET and put it into a query without first validating it.  It opens you up to all kinds of bad things.

Also you are not freeing the resources used by the storing of the result.

As far as style goes I'd go with the second version.

Also generally speaking most people captalize the mysql commands and functions.  So:
SELECT COUNT(*) AS num_votes FROM votes WHERE

Edit:  Oh and what happens if they have say 21 votes?