-
-
Notifications
You must be signed in to change notification settings - Fork 214
/
rate.php
70 lines (58 loc) · 1.48 KB
/
rate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
/*
+ ----------------------------------------------------------------------------+
|
| e107 website system
| Copyright (C) 2008-2016 e107 Inc (e107.org)
| Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt)
|
+ ----------------------------------------------------------------------------+
*/
// DIRTY - needs input validation, streaky
require_once("class2.php");
e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
if(!e_AJAX_REQUEST) // Legacy method.
{
$qs = explode("^", str_replace('&', '&', e_QUERY));
if (!$qs[0] || USER == FALSE || $qs[3] > 10 || $qs[3] < 1 || strpos($qs[2], '://') !== false)
{
e107::redirect();
exit;
}
$table = $tp -> toDB($qs[0]);
$itemid = (int) $qs[1];
$returnurl = $tp -> toDB($qs[2]);
$rate = (int) $qs[3];
e107::getRate()->submitVote($table,$itemid,$rate);
e107::redirect($returnurl);
exit;
}
else // Ajax Used.
{
if($_POST['mode'] == 'thumb')
{
if(vartrue($_GET['type']) !== 'up' && vartrue($_GET['type']) !== 'down')
{
exit;
}
$table = $tp->toDB($_GET['table']);
$itemid = intval($_GET['id']);
$type = $_GET['type'];
if($result = e107::getRate()->submitLike($table,$itemid,$type))
{
echo $result;
}
else // already liked/disliked
{
exit;
}
}
elseif($_POST['table'])
{
$table = $tp->toDB($_POST['table']);
$itemid = intval($_POST['id']);
$rate = intval($_POST['score']) * 2;
echo e107::getRate()->submitVote($table,$itemid,$rate);
}
exit;
}