93
|
1 <?
|
|
2 //
|
|
3 // AJAX request handler backend module
|
|
4 //
|
|
5 $sessionType = "user";
|
|
6 require "mconfig.inc.php";
|
|
7 require "msite.inc.php";
|
|
8 require "msession.inc.php";
|
|
9
|
|
10
|
|
11 function stSubmitOneVote($voter_id, $entry_id, $vote)
|
|
12 {
|
|
13 $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d",
|
|
14 $voter_id, $entry_id);
|
|
15
|
|
16 if (($res = stFetchSQLColumn($sql)) === false)
|
|
17 {
|
|
18 $sql = stPrepareSQL(
|
|
19 "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)",
|
|
20 $voter_id, $entry_id, $vote);
|
|
21
|
|
22 if (stExecSQL($sql) === false)
|
|
23 return FALSE;
|
|
24 }
|
|
25 else
|
|
26 {
|
|
27 $sql = stPrepareSQL(
|
|
28 "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d",
|
|
29 $vote, $voter_id, $eid);
|
|
30
|
|
31 if (stExecSQL($sql) === false)
|
|
32 return FALSE;
|
|
33 }
|
|
34
|
|
35 return TRUE;
|
|
36 }
|
|
37
|
|
38
|
|
39
|
|
40 // Check if we are allowed to execute
|
|
41 if (!stUserSessionAuth())
|
|
42 {
|
|
43 stSetupCacheControl();
|
|
44
|
|
45 stSessionEnd(SESS_USER);
|
|
46
|
|
47 header("Location: news");
|
|
48 exit;
|
|
49 }
|
|
50
|
|
51 stSetupCacheControl();
|
|
52
|
|
53 // Initiate SQL database connection
|
|
54 if (!stConnectSQLDB())
|
|
55 die("Could not connect to SQL database.");
|
|
56
|
|
57 // Fetch non-"hardcoded" settings from SQL database
|
|
58 stReloadSettings();
|
|
59
|
|
60
|
|
61 // XMLHttp responses
|
|
62 $action = "ERROR";
|
|
63 if (stChkRequestItem("action") && stChkRequestItem("type"))
|
|
64 {
|
|
65 $action = $_REQUEST["action"];
|
|
66 $type = $_REQUEST["type"];
|
|
67 }
|
|
68
|
|
69 switch ($action)
|
|
70 {
|
|
71 case "get":
|
|
72 //
|
|
73 // Get specific data
|
|
74 //
|
|
75 switch ($type)
|
|
76 {
|
|
77 case "votes":
|
|
78 $sql = "SELECT * FROM votes ORDER BY utime DESC";
|
|
79 break;
|
|
80 }
|
|
81
|
|
82 //
|
|
83 // Perform query if we need to, output results
|
|
84 //
|
|
85 if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE)
|
|
86 {
|
|
87 if ($type == "votes")
|
|
88 {
|
|
89 }
|
|
90 }
|
|
91 break;
|
|
92
|
|
93 case "set":
|
|
94 //
|
|
95 // Set vote
|
|
96 //
|
|
97 if ($type == "votes" && stChkRequestItem("voter_id") &&
|
|
98 stChkRequestItem("entry_id") && stChkRequestItem("vote"))
|
|
99 {
|
|
100 stGetCompoList(FALSE);
|
|
101
|
|
102 stSubmitOneVote(stGetRequestItem("voter_id"), stGetRequestItem("entry_id"), stGetRequestItem("vote"));
|
|
103 }
|
|
104 else
|
|
105 stSetStatus(902, "No data.");
|
|
106 break;
|
|
107
|
|
108 default:
|
|
109 stSetStatus(404, "Not Found");
|
|
110 break;
|
|
111 }
|
|
112
|
|
113 ?> |