Mercurial > hg > fapweb

view usrajax.php @ 153:aecf145e7c70

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Some work on the voting backend.
author Matti Hamalainen <ccr@tnsp.org>
date Fri, 25 Oct 2013 15:07:43 +0300
parents 5837b9333964
children 5b92f130ba87
line wrap: on
line source

<?
//
// User-level AJAX request handler backend module
//
$sessionType = "user";
require "mconfig.inc.php";
require "msite.inc.php";
require "msession.inc.php";


function stSubmitOneVote($voter_id, $entry_id, $vote)
{
  $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d",
    $voter_id, $entry_id);

  if (($res = stFetchSQLColumn($sql)) === false)
  {
    $sql = stPrepareSQL(
      "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)",
      $voter_id, $entry_id, $vote);

    if (stExecSQL($sql) === false)
      return FALSE;
  }
  else
  {
    $sql = stPrepareSQL(
      "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d",
      $vote, $voter_id, $eid);

    if (stExecSQL($sql) === false)
      return FALSE;
  }

  return TRUE;
}



// Check if we are allowed to execute
if (!stUserSessionAuth())
{
  stSetupCacheControl();

  stSessionEnd(SESS_USER);

  header("Location: ".stGetSetting("defaultPage"));
  exit;
}

stSetupCacheControl();

// Initiate SQL database connection
if (!stConnectSQLDB())
  die("Could not connect to SQL database.");

// Fetch non-"hardcoded" settings from SQL database
stReloadSettings();


// XMLHttp responses
$action = "ERROR";
if (stChkRequestItem("action") && stChkRequestItem("type"))
{
  $action = $_REQUEST["action"];
  $type = $_REQUEST["type"];
}

switch ($action)
{
  case "get":
    //
    // Get specific data
    //
    switch ($type)
    {
      case "votes":
        $sql = "SELECT * FROM votes ORDER BY utime DESC";
        break;
    }
    
    //
    // Perform query if we need to, output results
    //
    if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE)
    {
      if ($type == "votes")
      {
      }
    }
    break;

  case "set":
    //
    // Set vote, if voting is enabled
    //
    if ($type == "votes" && stChkSetting("allowVoting") &&
      stChkRequestItem("votekey") &&
      stChkRequestItem("entry_id") &&
      stChkRequestItem("vote"))
    {
      // Check if voting is enabled on the compo and voter is valid
      $entry_id = stGetRequestItem("entry_id");

      $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetRequestItem("votekey"));
      if (($votekey = stFetchSQLColumn($sql)) !== false)
      {
      }
      

      $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id);
      if (($entry = stFetchSQL($sql)) !== false)
      {
        if (($compo = stFetchSQL("SELECT * FROM compos WHERE id=".$entry["compo_id"])) !== false
          && $compo["voting"] != 0)
        {
          stSubmitOneVote(stGetRequestItem("voter_id"), $entry_id, stGetRequestItem("vote"));
        }
        else
          stSetStatus(902, "Voting not enabled on that compo.");
      }
      else
        stSetStatus(902, "No such entry.");
    }
    else
      stSetStatus(902, "No data.");
    break;

  default:
    stSetStatus(404, "Not Found");
    break;
}

?>