| [ Index ] |
|
Code source de e107 0.7.8 |
1 <?php 2 /* 3 + ----------------------------------------------------------------------------+ 4 | e107 website system 5 | 6 | ©Steve Dunstan 2001-2002 7 | http://e107.org 8 | jalist@e107.org 9 | 10 | Released under the terms and conditions of the 11 | GNU General Public License (http://gnu.org). 12 | 13 | $Source: /cvsroot/e107/e107_0.7/rate.php,v $ 14 | $Revision: 1.9 $ 15 | $Date: 2007/01/10 21:30:34 $ 16 | $Author: e107steved $ 17 +----------------------------------------------------------------------------+ 18 */ 19 20 // DIRTY - needs input validation, streaky 21 22 require_once ("class2.php"); 23 24 $qs = explode("^", e_QUERY); 25 26 if (!$qs[0] || USER == FALSE || $qs[3] > 10 || $qs[3] < 1 || strpos($qs[2], '://') !== false) 27 { 28 header("location:".e_BASE."index.php"); 29 exit; 30 } 31 32 $table = $tp -> toDB($qs[0]); 33 $itemid = intval($qs[1]); 34 $returnurl = $tp -> toDB($qs[2]); 35 $rate = intval($qs[3]); 36 37 if ($sql -> db_Select("rate", "*", "rate_table='{$table}' AND rate_itemid='{$itemid}'")) 38 { 39 $row = $sql -> db_Fetch(); 40 if(strpos($row['rate_voters'], ".".USERID.".") === FALSE) 41 { 42 $rate_voters = $row['rate_voters'].".".USERID."."; 43 $new_rating = $row['rate_rating']+$rate; 44 $sql -> db_Update("rate", "rate_votes=rate_votes+1, rate_rating='{$new_rating}', rate_voters='{$rate_voters}' WHERE rate_id='{$row['rate_id']}' "); 45 } 46 else 47 { 48 header("location:".e_BASE."index.php"); 49 exit; 50 } 51 } 52 else 53 { 54 $sql->db_Insert("rate", " 0, '{$table}', '{$itemid}', '{$rate}', '1', '.".USERID.".' "); 55 } 56 57 header("location:".$returnurl); 58 exit; 59 60 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 01:23:32 2007 | par Balluche grâce à PHPXref 0.7 |