Mercurial > hg > fapweb
annotate usrajax.php @ 1087:4c76b4994414
Somewhat refactor usrajax and voting.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Thu, 26 Jan 2017 00:38:06 +0200 |
| parents | 7da8bde9b7be |
| children | 95b74632cfe2 |
| rev | line source |
|---|---|
|
1069
5f92fa5e683a
Refactor how the "AJAX" stuff works.
Matti Hamalainen <ccr@tnsp.org>
parents:
1001
diff
changeset
|
1 <?php |
| 93 | 2 // |
|
571
ce11ea112a65
Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents:
565
diff
changeset
|
3 // FAPWeb - Simple Web-based Demoparty Management System |
|
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
153
diff
changeset
|
4 // User actions page AJAX backend module |
| 1072 | 5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP) |
| 93 | 6 // |
| 7 $sessionType = "user"; | |
|
175
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
8 require_once "mconfig.inc.php"; |
|
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
9 require_once "msite.inc.php"; |
|
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
10 require_once "msession.inc.php"; |
| 93 | 11 |
| 161 | 12 // |
| 316 | 13 // Update one vote (prevalidated) |
| 161 | 14 // |
| 316 | 15 function stUpdateVote($key_id, $entry_id, $vote) |
| 93 | 16 { |
| 161 | 17 // Check if the vote already exists |
| 316 | 18 $sql = stPrepareSQL("SELECT id FROM votes WHERE key_id=%d AND entry_id=%d", |
| 19 $key_id, $entry_id); | |
| 93 | 20 |
| 21 if (($res = stFetchSQLColumn($sql)) === false) | |
| 22 { | |
| 161 | 23 // Didn't exist, insert it |
| 93 | 24 $sql = stPrepareSQL( |
|
762
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
25 "INSERT INTO votes (key_id,entry_id,value,utime) VALUES (%d,%d,%d,%d)", |
|
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
26 $key_id, $entry_id, $vote, time()); |
| 93 | 27 } |
| 28 else | |
| 29 { | |
| 161 | 30 // Existed, thusly update |
|
775
62a98cb255f7
Oops, 100L .. a remnant of SQL code change experiment. Fixed.
Matti Hamalainen <ccr@tnsp.org>
parents:
762
diff
changeset
|
31 $sql = stPrepareSQL( |
|
762
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
32 "UPDATE votes SET value=%d,utime=%d WHERE key_id=%d AND entry_id=%d", |
|
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
33 $vote, time(), $key_id, $entry_id); |
| 93 | 34 } |
| 35 | |
| 225 | 36 return stExecSQL($sql); |
| 93 | 37 } |
| 38 | |
| 39 | |
| 739 | 40 function stCheckVoteValue($id, &$value) |
| 41 { | |
| 42 return | |
| 43 stChkRequestItem($id, $value, | |
| 44 array(CHK_TYPE, VT_INT, "Invalid entry vote value data."), | |
| 45 array(CHK_RANGE, VT_INT, array(stGetSetting("voteMin"), stGetSetting("voteMax")), "Invalid vote value, not in range.")); | |
| 46 } | |
| 47 | |
| 48 | |
| 165 | 49 // |
| 50 // Initialize | |
| 51 // | |
|
360
2af8458058ab
Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents:
332
diff
changeset
|
52 if (!stUserSessionAuth() || !stCSRFCheck()) |
| 93 | 53 { |
| 54 stSetupCacheControl(); | |
| 55 | |
| 56 stSessionEnd(SESS_USER); | |
| 57 | |
|
789
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
58 switch (stGetRequestItem("action")) |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
59 { |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
60 case "submit": |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
61 header("Location: ".stGetRequestItem("onerror", stGetSetting("defaultPage"))); |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
62 break; |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
63 |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
64 default: |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
65 stError("You are not authenticated currently. Try to login again."); |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
66 stSetStatus(902, "Not authenticated."); |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
67 stDumpAJAXStatusErrors(FALSE); |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
68 break; |
|
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
69 } |
| 93 | 70 exit; |
| 71 } | |
| 72 | |
| 544 | 73 ob_start(); |
| 74 | |
| 93 | 75 stSetupCacheControl(); |
| 76 | |
| 77 if (!stConnectSQLDB()) | |
| 78 die("Could not connect to SQL database."); | |
| 79 | |
| 80 stReloadSettings(); | |
| 81 | |
|
310
8098b5b80f8c
We won't be checking key validity while session is in progress, thus get rid
Matti Hamalainen <ccr@tnsp.org>
parents:
294
diff
changeset
|
82 $voteKeyId = stGetSessionItem("key_id"); |
| 93 | 83 |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
84 // |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
85 // Check vote key validity |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
86 // |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
87 $sql = stPrepareSQL("SELECT * FROM votekeys WHERE id=%d", $voteKeyId); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
88 if (($key = stFetchSQL($sql)) === false) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
89 { |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
90 stError("Votekey does not exist."); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
91 } |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
92 else |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
93 { |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
94 // Validate login based on current vote key mode |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
95 switch (stGetSetting("voteKeyMode")) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
96 { |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
97 case VOTE_ACTIVATE: |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
98 if ($key["active"] == 0) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
99 stError("Votekey is not active."); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
100 break; |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
101 |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
102 case VOTE_ASSIGN: |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
103 $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
104 if (stFetchSQL($sql) === false) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
105 stError("Votekey is not assigned to any user."); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
106 break; |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
107 } |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
108 } |
|
310
8098b5b80f8c
We won't be checking key validity while session is in progress, thus get rid
Matti Hamalainen <ccr@tnsp.org>
parents:
294
diff
changeset
|
109 |
| 161 | 110 // |
| 111 // Handle the request | |
| 112 // | |
| 216 | 113 switch (stGetRequestItem("action")) |
| 93 | 114 { |
| 115 case "set": | |
| 116 // | |
|
153
aecf145e7c70
Some work on the voting backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
123
diff
changeset
|
117 // Set vote, if voting is enabled |
| 93 | 118 // |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
119 $ajax = TRUE; |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
120 if (!stChkSetting("allowVoting")) |
| 294 | 121 stError("Voting is not enabled."); |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
122 else |
|
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
123 if (stChkRequestItem("entry_id", $entry_id, |
|
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
124 array(CHK_TYPE, VT_INT, "Invalid data.")) && |
| 739 | 125 stCheckVoteValue("vote", $vote)) |
| 93 | 126 { |
| 316 | 127 // Check if the entry_id is actually valid |
|
580
3929a5a87815
Use the new transaction functions here as well.
Matti Hamalainen <ccr@tnsp.org>
parents:
571
diff
changeset
|
128 stDBBeginTransaction(); |
| 316 | 129 $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id); |
| 130 if (($entry = stFetchSQL($sql)) !== false) | |
| 131 { | |
| 132 // Check if the compo is valid for the entry | |
| 133 $sql = stPrepareSQL("SELECT * FROM compos WHERE id=%d", $entry["compo_id"]); | |
| 134 if (($compo = stFetchSQL($sql)) !== false && $compo["voting"] != 0) | |
| 135 stUpdateVote($voteKeyId, $entry_id, $vote); | |
| 136 } | |
|
580
3929a5a87815
Use the new transaction functions here as well.
Matti Hamalainen <ccr@tnsp.org>
parents:
571
diff
changeset
|
137 stDBCommitTransaction(); |
| 93 | 138 } |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
139 break; |
|
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
140 |
|
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
141 case "submit": |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
142 // |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
143 // Submit all votes, if voting is enabled |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
144 // |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
145 $ajax = FALSE; |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
146 if (!stChkSetting("allowVoting")) |
| 294 | 147 stError("Voting is not enabled."); |
| 93 | 148 else |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
149 foreach (stExecSQL("SELECT * FROM compos WHERE visible<>0 AND voting<>0") as $compo) |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
150 { |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
151 stDBBeginTransaction(); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
152 foreach (stExecSQL("SELECT * FROM entries WHERE compo_id=".$compo["id"]) as $entry) |
| 316 | 153 { |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
154 if (stCheckVoteValue("ventry".$entry["id"], $value)) |
| 316 | 155 { |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
156 if (!stUpdateVote($voteKeyId, $entry["id"], $value)) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
157 stError("Could not set vote for compo #".$compo["id"].", entry #".$entry["id"]); |
| 316 | 158 } |
| 159 } | |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
160 stDBCommitTransaction(); |
|
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
161 } |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
162 stSetSessionItem("mode", "done"); |
| 93 | 163 break; |
| 164 | |
| 165 default: | |
| 787 | 166 stSetStatus(902, "Operation not supported."); |
| 93 | 167 break; |
| 168 } | |
| 169 | |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
170 |
| 544 | 171 if ($errorSet) |
| 172 { | |
| 173 ob_clean(); | |
|
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
174 stSetSessionItem("mode", "error"); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
175 stSetSessionItem("error", $errorMsgs); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
176 } |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
177 |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
178 if ($ajax) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
179 { |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
180 if ($errorSet) |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
181 stDumpAJAXStatusErrors(); |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
182 } |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
183 else |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
184 { |
|
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
185 header("Location: ".stGetRequestItem("goto", "vote")); |
| 544 | 186 } |
| 187 | |
| 188 ob_end_flush(); | |
| 93 | 189 ?> |