-
Notifications
You must be signed in to change notification settings - Fork 5
/
ratevideo.php
141 lines (125 loc) · 5.79 KB
/
ratevideo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<?php
/**
* Module: XoopsTube
*
* You may not change or alter any portion of this comment or credits
* of supporting developers from this source code or any supporting source code
* which is considered copyrighted (c) material of the original comment or credit authors.
*
* PHP version 5
*
* @category Module
* @package Xoopstube
* @author XOOPS Development Team
* @copyright 2001-2016 XOOPS Project (https://xoops.org)
* @license GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html)
* @link https://xoops.org/
* @since 1.0.6
*/
use Xmf\Request;
use XoopsModules\Xoopstube\{Utility
};
$GLOBALS['xoopsOption']['template_main'] = 'xoopstube_ratevideo.tpl';
require_once __DIR__ . '/header.php';
global $myts, $xoTheme;
// Check if videoload POSTER is voting (UNLESS Anonymous users allowed to post)
$lid = Request::getInt('lid', Request::getInt('lid', '', 'POST'), 'GET');
$ip = getenv('REMOTE_ADDR');
$ratinguser = (!is_object($GLOBALS['xoopsUser'])) ? 0 : $GLOBALS['xoopsUser']->getVar('uid');
if (0 == $GLOBALS['xoopsModuleConfig']['showrating'] || '' == $lid) {
$ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN;
redirect_header('index.php', 4, $ratemessage);
}
if (0 !== $ratinguser) {
$sql = 'SELECT cid, submitter FROM ' . $GLOBALS['xoopsDB']->prefix('xoopstube_videos') . ' WHERE lid=' . $lid;
$result = $GLOBALS['xoopsDB']->query($sql);
while (list($cid, $ratinguserDB) = $GLOBALS['xoopsDB']->fetchRow($result)) {
if ($ratinguserDB === $ratinguser) {
$ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN;
redirect_header('singlevideo.php?cid=' . (int)$cid . '&lid=' . $lid, 4, $ratemessage);
}
}
// Check if REG user is trying to vote twice.
$sql = 'SELECT cid, ratinguser FROM ' . $GLOBALS['xoopsDB']->prefix('xoopstube_votedata') . ' WHERE lid=' . $lid;
$result = $GLOBALS['xoopsDB']->query($sql);
if ($result) {
while (list($cid, $ratinguserDB) = $GLOBALS['xoopsDB']->fetchRow($result)) {
if ($ratinguserDB === $ratinguser) {
$ratemessage = _MD_XOOPSTUBE_VOTEONCE;
redirect_header('singlevideo.php?cid=' . (int)$cid . '&lid=' . $lid, 4, $ratemessage);
}
}
}
} else {
// Check if ANONYMOUS user is trying to vote more than once per day.
$yesterday = (time() - (86400 * $anonwaitdays));
$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['xoopsDB']->prefix('xoopstube_votedata') . ' WHERE lid=' . $lid . ' AND ratinguser=0 AND ratinghostname=' . $ip . ' AND ratingtimestamp > ' . $yesterday;
$result = $GLOBALS['xoopsDB']->query($sql);
[$anonvotecount] = $GLOBALS['xoopsDB']->fetchRow($result);
if ($anonvotecount >= 1) {
$ratemessage = _MD_XOOPSTUBE_VOTEONCE;
redirect_header('singlevideo.php?cid=' . (int)$cid . '&lid=' . $lid, 4, $ratemessage);
}
}
if (!empty(Request::getString('submit', ''))) {
$ratinguser = (!is_object($GLOBALS['xoopsUser'])) ? 0 : $GLOBALS['xoopsUser']->getVar('uid');
// Make sure only 1 anonymous from an IP in a single day.
$anonwaitdays = 1;
$ip = getenv('REMOTE_ADDR');
$lid = Request::getInt('lid', 0, 'POST');
$cid = Request::getInt('cid', 0, 'POST');
$rating = Request::getInt('rating', 0, 'POST');
// $title = $myts->addslashes(trim(Request::getString('title', '', 'POST')));
$title = Request::getString('title', '', 'POST');
// Check if Rating is Null
if (0 == $rating) {
$ratemessage = _MD_XOOPSTUBE_NORATING;
redirect_header('ratevideo.php?cid=' . $cid . '&lid=' . $lid, 4, $ratemessage);
}
// All is well. Add to Line Item Rate to DB.
$newid = $GLOBALS['xoopsDB']->genId($GLOBALS['xoopsDB']->prefix('xoopstube_votedata') . '_ratingid_seq');
$datetime = time();
$sql = sprintf(
'INSERT INTO `%s` (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp, title) VALUES (%u, %u, %u, %u, %s, %u, %s)',
$GLOBALS['xoopsDB']->prefix('xoopstube_votedata'),
$newid,
$lid,
$ratinguser,
$rating,
$GLOBALS['xoopsDB']->quoteString($ip),
$datetime,
$GLOBALS['xoopsDB']->quoteString($title)
);
if (!$result = $GLOBALS['xoopsDB']->query($sql)) {
$ratemessage = _MD_XOOPSTUBE_ERROR;
} else {
// All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
Utility::updateRating($lid);
$ratemessage = _MD_XOOPSTUBE_VOTEAPPRE . '<br>' . sprintf(_MD_XOOPSTUBE_THANKYOU, $GLOBALS['xoopsConfig']['sitename']);
}
redirect_header('singlevideo.php?cid=' . $cid . '&lid=' . $lid, 4, $ratemessage);
} else {
//TODO add
require_once XOOPS_ROOT_PATH . '/header.php';
$catarray['imageheader'] = Utility::renderImageHeader();
$cid = Request::getInt('cid', Request::getInt('cid', '', 'POST'), 'GET');
$catarray['imageheader'] = Utility::renderImageHeader();
$xoopsTpl->assign('catarray', $catarray);
$xoopsTpl->assign('mod_url', XOOPS_URL . '/modules/' . $moduleDirName);
$result = $GLOBALS['xoopsDB']->query('SELECT title FROM ' . $GLOBALS['xoopsDB']->prefix('xoopstube_videos') . ' WHERE lid=' . $lid);
[$title] = $GLOBALS['xoopsDB']->fetchRow($result);
$xoopsTpl->assign(
'video',
[
'id' => $lid,
'cid' => $cid,
'title' => htmlspecialchars($title, ENT_QUOTES | ENT_HTML5),
]
);
Utility::setNoIndexNoFollow();
$xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname'));
require_once XOOPS_ROOT_PATH . '/footer.php';
}
Utility::setNoIndexNoFollow();
$xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname'));
require_once XOOPS_ROOT_PATH . '/footer.php';