Mercurial > hg > fapweb
view usrajax.php @ 216:bcc3c4696b3e
Some more work.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sun, 17 Nov 2013 22:28:48 +0200 |
parents | 5bae42020034 |
children | 1bb4f4bcb027 |
line wrap: on
line source
<? // // FAPWeb Simple Demoparty System // User actions page AJAX backend module // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) // $sessionType = "user"; require_once "mconfig.inc.php"; require_once "msite.inc.php"; require_once "msession.inc.php"; // // "Submit" one vote into the database // function stSubmitOneVote($voter_id, $entry_id, $vote) { // Check if the entry_id is actually valid $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id); if (($entry = stFetchSQL($sql)) === false) return FALSE; // Check if the compo is valid for the entry $sql = stPrepareSQL("SELECT * FROM compos WHERE id=%d", $entry["compo_id"]); if (($compo = stFetchSQL($sql)) === false || $compo["voting"] == 0) return FALSE; // Check if the vote already exists $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d", $voter_id, $entry_id); if (($res = stFetchSQLColumn($sql)) === false) { // Didn't exist, insert it $sql = stPrepareSQL( "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)", $voter_id, $entry_id, $vote); } else { // Existed, thusly update $sql = stPrepareSQL( "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d", $vote, $voter_id, $eid); } if (stExecSQL($sql) === false) return FALSE; else return TRUE; } // // Initialize // if (!stUserSessionAuth()) { stSetupCacheControl(); stSessionEnd(SESS_USER); header("Location: ".stGetSetting("defaultPage")); exit; } stSetupCacheControl(); if (!stConnectSQLDB()) die("Could not connect to SQL database."); stReloadSettings(); // // Handle the request // switch (stGetRequestItem("action")) { case "set": // // Set vote, if voting is enabled // if (stChkSetting("allowVoting") && stChkRequestItem("votekey") && stChkRequestItem("entry_id") && stChkRequestItem("vote")) { // Check if voting is enabled on the compo and voter is valid $entry_id = stGetRequestItem("entry_id"); $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetRequestItem("votekey")); if (($votekey = stFetchSQLColumn($sql)) !== false) { } } else stSetStatus(902, "No data."); break; default: stSetStatus(404, "Not Found"); break; } stDumpAJAXStatusErrors(); ?>