Mercurial > hg > fapweb
view usrajax.php @ 294:efba5a51f8fa
Fix some 10L's ... durr.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Mon, 25 Nov 2013 03:19:58 +0200 |
parents | bb96aef874a9 |
children | 8098b5b80f8c |
line wrap: on
line source
<? // // FAPWeb Simple Demoparty System // User actions page AJAX backend module // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) // $sessionType = "user"; require_once "mconfig.inc.php"; require_once "msite.inc.php"; require_once "msession.inc.php"; // // "Submit" one vote into the database // function stSubmitOneVote($voter_id, $entry_id, $vote) { // Check if the entry_id is actually valid $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id); if (($entry = stFetchSQL($sql)) === false) return FALSE; // Check if the compo is valid for the entry $sql = stPrepareSQL("SELECT * FROM compos WHERE id=%d", $entry["compo_id"]); if (($compo = stFetchSQL($sql)) === false || $compo["voting"] == 0) return FALSE; // Check if the vote already exists $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d", $voter_id, $entry_id); if (($res = stFetchSQLColumn($sql)) === false) { // Didn't exist, insert it $sql = stPrepareSQL( "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)", $voter_id, $entry_id, $vote); } else { // Existed, thusly update $sql = stPrepareSQL( "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d", $vote, $voter_id, $eid); } return stExecSQL($sql); } // // Initialize // if (!stUserSessionAuth()) { stSetupCacheControl(); stSessionEnd(SESS_USER); header("Location: ".stGetSetting("defaultPage")); exit; } stSetupCacheControl(); if (!stConnectSQLDB()) die("Could not connect to SQL database."); stReloadSettings(); $userKeyLen = stGetSetting("userKeyLength"); $voteMin = stGetSetting("voteMin"); $voteMax = stGetSetting("voteMax"); // // Handle the request // switch (stGetRequestItem("action")) { case "set": // // Set vote, if voting is enabled // if (!stChkSetting("allowVoting")) stError("Voting is not enabled."); else if (stChkRequestItem("entry_id", $entry_id, array(CHK_TYPE, VT_INT, "Invalid data.")) && stChkRequestItem("vote", $vote, array(CHK_TYPE, VT_INT, "Invalid data."), array(CHK_RANGE, VT_INT, array($voteMin, $voteMax), "Invalid vote value."))) { // Check if voting is enabled on the compo and voter is valid $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetSessionItem("key")); if (($votekey = stFetchSQL($sql)) !== false) { } else stError("Invalid data."); } break; case "submit": if (!stChkSetting("allowVoting")) stError("Voting is not enabled."); else { $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", stGetSessionItem("key")); if (($votekey = stFetchSQL($sql)) !== false) { } else stError("Invalid data."); } break; default: stSetStatus(404, "Not Found"); break; } stDumpAJAXStatusErrors(); ?>