php-e107/rate.php

<?php
/*
+ ----------------------------------------------------------------------------+
| 
|     e107 website system
|     Copyright (C) 2008-2016 e107 Inc (e107.org)
|     Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt)
|
+ ----------------------------------------------------------------------------+
*/

// DIRTY - needs input validation, streaky

require_once("class2.php");
e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);


if(!e_AJAX_REQUEST) // Legacy method. 
{	
	$qs = explode("^", str_replace('&amp;', '&', e_QUERY));
	
	if (!$qs[0] || USER == FALSE || $qs[3] > 10 || $qs[3] < 1 || strpos($qs[2], '://') !== false)
	{
		e107::redirect();
		exit;
	}
	
	$table = $tp -> toDB($qs[0]);
	$itemid = (int) $qs[1];
	$returnurl = $tp -> toDB($qs[2]);
	$rate = (int) $qs[3];
	e107::getRate()->submitVote($table,$itemid,$rate);
	e107::redirect($returnurl);
	exit;
}
else // Ajax Used. 
{	
	if($_POST['mode'] == 'thumb')
	{
		if(vartrue($_GET['type']) !== 'up' && vartrue($_GET['type']) !== 'down')
		{
			exit;	
		}

		$table 		= $tp->toDB($_GET['table']);
		$itemid		= intval($_GET['id']);
		$type		= $_GET['type'];
		
		if($result = e107::getRate()->submitLike($table,$itemid,$type))
		{
			echo $result;
		}
		else // already liked/disliked 
		{
			exit;
		}	
	
	}
	elseif($_POST['table'])
	{
		$table 		= $tp->toDB($_POST['table']);
		$itemid		= intval($_POST['id']);
		$rate		= intval($_POST['score']) * 2;
		echo 		e107::getRate()->submitVote($table,$itemid,$rate);
	}
	
exit;
}
new module creation 2006-12-02 04:36:16 +00:00			`<?php`
			`/*`
			`+ ----------------------------------------------------------------------------+`
Text To LANS #6 - Rate Text To LANS #6 - Rate 2016-12-30 15:18:03 +00:00			`\|`
new module creation 2006-12-02 04:36:16 +00:00			`\| e107 website system`
Text To LANS #6 - Rate Text To LANS #6 - Rate 2016-12-30 15:18:03 +00:00			`\| Copyright (C) 2008-2016 e107 Inc (e107.org)`
			`\| Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt)`
new module creation 2006-12-02 04:36:16 +00:00			`\|`
Text To LANS #6 - Rate Text To LANS #6 - Rate 2016-12-30 15:18:03 +00:00			`+ ----------------------------------------------------------------------------+`
new module creation 2006-12-02 04:36:16 +00:00			`*/`

			`// DIRTY - needs input validation, streaky`

			`require_once("class2.php");`
Code cleanup: deprecated include_lan() 2017-01-23 09:41:23 -08:00			`e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);`
new module creation 2006-12-02 04:36:16 +00:00

Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`if(!e_AJAX_REQUEST) // Legacy method.`
			`{`
Fix ampersand handling in the legacy rating method 2018-09-04 03:28:36 +02:00			`$qs = explode("^", str_replace('&', '&', e_QUERY));`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00
			`if (!$qs[0] \|\| USER == FALSE \|\| $qs[3] > 10 \|\| $qs[3] < 1 \|\| strpos($qs[2], '://') !== false)`
			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`exit;`
			`}`

			`$table = $tp -> toDB($qs[0]);`
Issue #4283 - Update deprecated sql method usage. Removed old code. 2020-12-17 05:52:54 -08:00			`$itemid = (int) $qs[1];`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`$returnurl = $tp -> toDB($qs[2]);`
Issue #4283 - Update deprecated sql method usage. Removed old code. 2020-12-17 05:52:54 -08:00			`$rate = (int) $qs[3];`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`e107::getRate()->submitVote($table,$itemid,$rate);`
Closes #1801 Code cleanup. Deprecated method errors added. 2020-12-22 14:48:28 -08:00			`e107::redirect($returnurl);`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`else // Ajax Used.`
Rating and Comments. Like and Dislike buttons are now functional. 2012-06-16 05:04:22 +00:00			`{`
			`if($_POST['mode'] == 'thumb')`
			`{`
Issue #4283 - Update deprecated sql method usage. Removed old code. 2020-12-17 05:52:54 -08:00			`if(vartrue($_GET['type']) !== 'up' && vartrue($_GET['type']) !== 'down')`
Rating and Comments. Like and Dislike buttons are now functional. 2012-06-16 05:04:22 +00:00			`{`
			`exit;`
			`}`

			`$table = $tp->toDB($_GET['table']);`
			`$itemid = intval($_GET['id']);`
			`$type = $_GET['type'];`

			`if($result = e107::getRate()->submitLike($table,$itemid,$type))`
			`{`
			`echo $result;`
			`}`
			`else // already liked/disliked`
			`{`
			`exit;`
			`}`

			`}`
			`elseif($_POST['table'])`
			`{`
			`$table = $tp->toDB($_POST['table']);`
			`$itemid = intval($_POST['id']);`
			`$rate = intval($_POST['score']) * 2;`
			`echo e107::getRate()->submitVote($table,$itemid,$rate);`
			`}`

Frontend scripts tests. (may break some things) 2021-01-19 18:52:56 -08:00			`exit;`
Rating system re-work and cleanup. 2012-05-27 10:42:16 +00:00			`}`
new module creation 2006-12-02 04:36:16 +00:00