[ Index ]

PHP Cross Reference of MyBB 1.8.12

title

Body

[close]

/ -> ratethread.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'ratethread.php');
  13  
  14  $templatelist = 'forumdisplay_password_wrongpass,forumdisplay_password';
  15  require_once  "./global.php";
  16  
  17  // Verify incoming POST request
  18  verify_post_check($mybb->get_input('my_post_key'));
  19  
  20  $lang->load("ratethread");
  21  
  22  $tid = $mybb->get_input('tid');
  23  $thread = get_thread($tid);
  24  if(!$thread)
  25  {
  26      error($lang->error_invalidthread);
  27  }
  28  
  29  // Is the currently logged in user a moderator of this forum?
  30  $ismod = is_moderator($thread['fid']);
  31  
  32  // Make sure we are looking at a real thread here.
  33  if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
  34  {
  35      error($lang->error_invalidthread);
  36  }
  37  
  38  if($thread['uid'] == $mybb->user['uid'])
  39  {
  40      error($lang->error_cannotrateownthread);
  41  }
  42  
  43  $forumpermissions = forum_permissions($thread['fid']);
  44  if($forumpermissions['canview'] == 0 || $forumpermissions['canratethreads'] == 0 || $mybb->usergroup['canratethreads'] == 0 || $mybb->settings['allowthreadratings'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0))
  45  {
  46      error_no_permission();
  47  }
  48  
  49  // Get forum info
  50  $fid = $thread['fid'];
  51  $forum = get_forum($fid);
  52  if(!$forum)
  53  {
  54      error($lang->error_invalidforum);
  55  }
  56  
  57  // Get forum info
  58  $forum = get_forum($fid);
  59  if(!$forum)
  60  {
  61      error($lang->error_invalidforum);
  62  }
  63  else
  64  {
  65      // Is our forum closed?
  66      if($forum['open'] == 0)
  67      {
  68          // Doesn't look like it is
  69          error($lang->error_closedinvalidforum);
  70      }
  71  }
  72  
  73  // Check if this forum is password protected and we have a valid password
  74  check_forum_password($forum['fid']);
  75  
  76  if($forum['allowtratings'] == 0)
  77  {
  78      error_no_permission();
  79  }
  80  $mybb->input['rating'] = $mybb->get_input('rating', MyBB::INPUT_INT);
  81  if($mybb->input['rating'] < 1 || $mybb->input['rating'] > 5)
  82  {
  83      error($lang->error_invalidrating);
  84  }
  85  $plugins->run_hooks("ratethread_start");
  86  
  87  if($mybb->user['uid'] != 0)
  88  {
  89      $whereclause = "uid='{$mybb->user['uid']}'";
  90  }
  91  else
  92  {
  93      $whereclause = "ipaddress=".$db->escape_binary($session->packedip);
  94  }
  95  $query = $db->simple_select("threadratings", "*", "{$whereclause} AND tid='{$tid}'");
  96  $ratecheck = $db->fetch_array($query);
  97  
  98  if($ratecheck['rid'] || isset($mybb->cookies['mybbratethread'][$tid]))
  99  {
 100      error($lang->error_alreadyratedthread);
 101  }
 102  else
 103  {
 104      $plugins->run_hooks("ratethread_process");
 105  
 106      $db->write_query("
 107          UPDATE ".TABLE_PREFIX."threads
 108          SET numratings=numratings+1, totalratings=totalratings+'{$mybb->input['rating']}'
 109          WHERE tid='{$tid}'
 110      ");
 111      if($mybb->user['uid'] != 0)
 112      {
 113          $insertarray = array(
 114              'tid' => $tid,
 115              'uid' => $mybb->user['uid'],
 116              'rating' => $mybb->input['rating'],
 117              'ipaddress' => $db->escape_binary($session->packedip)
 118          );
 119          $db->insert_query("threadratings", $insertarray);
 120      }
 121      else
 122      {
 123          $insertarray = array(
 124              'tid' => $tid,
 125              'rating' => $mybb->input['rating'],
 126              'ipaddress' => $db->escape_binary($session->packedip)
 127          );
 128          $db->insert_query("threadratings", $insertarray);
 129          $time = TIME_NOW;
 130          my_setcookie("mybbratethread[{$tid}]", $mybb->input['rating']);
 131      }
 132  }
 133  $plugins->run_hooks("ratethread_end");
 134  
 135  if(!empty($mybb->input['ajax']))
 136  {
 137      $json = array("success" => $lang->rating_added);
 138      $query = $db->simple_select("threads", "totalratings, numratings", "tid='$tid'", array('limit' => 1));
 139      $fetch = $db->fetch_array($query);
 140      $width = 0;
 141      if($fetch['numratings'] >= 0)
 142      {
 143          $averagerating = (float)round($fetch['totalratings']/$fetch['numratings'], 2);
 144          $width = (int)round($averagerating)*20;
 145          $fetch['numratings'] = (int)$fetch['numratings'];
 146          $ratingvotesav = $lang->sprintf($lang->rating_votes_average, $fetch['numratings'], $averagerating);
 147          $json = $json + array("average" => $ratingvotesav);
 148      }
 149      $json = $json + array("width" => $width);
 150  
 151      @header("Content-type: application/json; charset={$lang->settings['charset']}");
 152      echo json_encode($json);
 153      exit;
 154  }
 155  
 156  redirect(get_thread_link($thread['tid']), $lang->redirect_threadrated);


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1