Mercurial > hg > fapweb

<?
//
// FAPWeb Simple Demoparty System
// User actions page AJAX backend module
// (C) Copyright 2012-2013 Tecnic Software productions (TNSP)
//
$sessionType = "user";
require "mconfig.inc.php";
require "msite.inc.php";
require "msession.inc.php";


//
// "Submit" one vote into the database
//
function stSubmitOneVote($voter_id, $entry_id, $vote)
{
  // Check if the entry_id is actually valid
  $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id);
  if (($entry = stFetchSQL($sql)) === false)
    return FALSE;

  // Check if the compo is valid for the entry
  $sql = stPrepareSQL("SELECT * FROM compos WHERE id=%d", $entry["compo_id"]);
  if (($compo = stFetchSQL($sql)) === false || $compo["voting"] == 0)
    return FALSE;

  // Check if the vote already exists
  $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d",
    $voter_id, $entry_id);

  if (($res = stFetchSQLColumn($sql)) === false)
  {
    // Didn't exist, insert it
    $sql = stPrepareSQL(
      "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)",
      $voter_id, $entry_id, $vote);
  }
  else
  {
    // Existed, thusly update
    $sql = stPrepareSQL(
      "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d",
      $vote, $voter_id, $eid);
  }

  if (stExecSQL($sql) === false)
    return FALSE;
  else
    return TRUE;
}


// Check if we are allowed to execute
if (!stUserSessionAuth())
{
  stSetupCacheControl();

  stSessionEnd(SESS_USER);

  header("Location: ".stGetSetting("defaultPage"));
  exit;
}

//
// Initialize
//
stSetupCacheControl();

if (!stConnectSQLDB())
  die("Could not connect to SQL database.");

stReloadSettings();


//
// Handle the request
//
$action = "ERROR";
if (stChkRequestItem("action") && stChkRequestItem("type"))
{
  $action = $_REQUEST["action"];
  $type = $_REQUEST["type"];
}

switch ($action)
{
  case "get":
    //
    // Get specific data
    //
    switch ($type)
    {
      case "votes":
        $sql = "SELECT * FROM votes ORDER BY utime DESC";
        break;
    }

    //
    // Perform query if we need to, output results
    //
    if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE)
    {
      if ($type == "votes")
      {
      }
    }
    break;

  case "set":
    //
    // Set vote, if voting is enabled
    //
    if ($type == "votes" && stChkSetting("allowVoting") &&
      stChkRequestItem("votekey") &&
      stChkRequestItem("entry_id") &&
      stChkRequestItem("vote"))
    {
      // Check if voting is enabled on the compo and voter is valid
      $entry_id = stGetRequestItem("entry_id");

      $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetRequestItem("votekey"));
      if (($votekey = stFetchSQLColumn($sql)) !== false)
      {
      }


      $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id);
      if (($entry = stFetchSQL($sql)) !== false)
      {
        if (($compo = stFetchSQL("SELECT * FROM compos WHERE id=".$entry["compo_id"])) !== false
          && $compo["voting"] != 0)
        {
          stSubmitOneVote(stGetRequestItem("voter_id"), $entry_id, stGetRequestItem("vote"));
        }
        else
          stSetStatus(902, "Voting not enabled on that compo.");
      }
      else
        stSetStatus(902, "No such entry.");
    }
    else
      stSetStatus(902, "No data.");
    break;

  default:
    stSetStatus(404, "Not Found");
    break;
}

?>
author	Matti Hamalainen <ccr@tnsp.org>
date	Sun, 27 Oct 2013 03:21:17 +0200
parents	5b92f130ba87
children	cc02c1d6808c