Mercurial > hg > fapweb
view usrajax.php @ 153:aecf145e7c70
Some work on the voting backend.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Fri, 25 Oct 2013 15:07:43 +0300 |
parents | 5837b9333964 |
children | 5b92f130ba87 |
line wrap: on
line source
<? // // User-level AJAX request handler backend module // $sessionType = "user"; require "mconfig.inc.php"; require "msite.inc.php"; require "msession.inc.php"; function stSubmitOneVote($voter_id, $entry_id, $vote) { $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d", $voter_id, $entry_id); if (($res = stFetchSQLColumn($sql)) === false) { $sql = stPrepareSQL( "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)", $voter_id, $entry_id, $vote); if (stExecSQL($sql) === false) return FALSE; } else { $sql = stPrepareSQL( "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d", $vote, $voter_id, $eid); if (stExecSQL($sql) === false) return FALSE; } return TRUE; } // Check if we are allowed to execute if (!stUserSessionAuth()) { stSetupCacheControl(); stSessionEnd(SESS_USER); header("Location: ".stGetSetting("defaultPage")); exit; } stSetupCacheControl(); // Initiate SQL database connection if (!stConnectSQLDB()) die("Could not connect to SQL database."); // Fetch non-"hardcoded" settings from SQL database stReloadSettings(); // XMLHttp responses $action = "ERROR"; if (stChkRequestItem("action") && stChkRequestItem("type")) { $action = $_REQUEST["action"]; $type = $_REQUEST["type"]; } switch ($action) { case "get": // // Get specific data // switch ($type) { case "votes": $sql = "SELECT * FROM votes ORDER BY utime DESC"; break; } // // Perform query if we need to, output results // if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE) { if ($type == "votes") { } } break; case "set": // // Set vote, if voting is enabled // if ($type == "votes" && stChkSetting("allowVoting") && stChkRequestItem("votekey") && stChkRequestItem("entry_id") && stChkRequestItem("vote")) { // Check if voting is enabled on the compo and voter is valid $entry_id = stGetRequestItem("entry_id"); $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetRequestItem("votekey")); if (($votekey = stFetchSQLColumn($sql)) !== false) { } $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id); if (($entry = stFetchSQL($sql)) !== false) { if (($compo = stFetchSQL("SELECT * FROM compos WHERE id=".$entry["compo_id"])) !== false && $compo["voting"] != 0) { stSubmitOneVote(stGetRequestItem("voter_id"), $entry_id, stGetRequestItem("vote")); } else stSetStatus(902, "Voting not enabled on that compo."); } else stSetStatus(902, "No such entry."); } else stSetStatus(902, "No data."); break; default: stSetStatus(404, "Not Found"); break; } ?>