MyBB PHP Cross Reference Discussion Forums

Source: /ratethread.php - 142 lines - 3828 bytes - Summary - Text - Print

Description: MyBB 1.6 Copyright 2010 MyBB Group, All Rights Reserved

   1  <?php
   2  /**

   3   * MyBB 1.6

   4   * Copyright 2010 MyBB Group, All Rights Reserved

   5   *

   6   * Website: http://mybb.com

   7   * License: http://mybb.com/about/license

   8   *

   9   * $Id$

  10   */
  11  
  12  define("IN_MYBB", 1);
  13  define('THIS_SCRIPT', 'ratethread.php');
  14  
  15  $templatelist = 'forumdisplay_password_wrongpass,forumdisplay_password';
  16  require_once  "./global.php";
  17  
  18  // Verify incoming POST request

  19  verify_post_check($mybb->input['my_post_key']);
  20  
  21  $lang->load("ratethread");
  22  
  23  $tid = intval($mybb->input['tid']);
  24  $query = $db->simple_select("threads", "*", "tid='{$tid}'");
  25  $thread = $db->fetch_array($query);
  26  if(!$thread['tid'])
  27  {
  28      error($lang->error_invalidthread);
  29  }
  30  
  31  $forumpermissions = forum_permissions($thread['fid']);
  32  if($forumpermissions['canview'] == 0 || $forumpermissions['canratethreads'] == 0 || $mybb->usergroup['canratethreads'] == 0 || $mybb->settings['allowthreadratings'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  33  {
  34      error_no_permission();
  35  }
  36  
  37  // Get forum info

  38  $fid = $thread['fid'];
  39  $forum = get_forum($fid);
  40  if(!$forum)
  41  {
  42      error($lang->error_invalidforum);
  43  }
  44  
  45  // Get forum info

  46  $forum = get_forum($fid);
  47  if(!$forum)
  48  {
  49      error($lang->error_invalidforum);
  50  }
  51  else
  52  {
  53      // Is our forum closed?

  54      if($forum['open'] == 0)
  55      {
  56          // Doesn't look like it is

  57          error($lang->error_closedinvalidforum);
  58      }
  59  }
  60  
  61  // Check if this forum is password protected and we have a valid password

  62  check_forum_password($forum['fid']);
  63  
  64  if($forum['allowtratings'] == 0)
  65  {
  66      error_no_permission();
  67  }
  68  $mybb->input['rating'] = intval($mybb->input['rating']);
  69  if($mybb->input['rating'] < 1 || $mybb->input['rating'] > 5)
  70  {
  71      error($lang->error_invalidrating);
  72  }
  73  $plugins->run_hooks("ratethread_start");
  74  
  75  if($mybb->user['uid'] != 0)
  76  {
  77      $whereclause = "uid='{$mybb->user['uid']}'";
  78  }
  79  else
  80  {
  81      $whereclause = "ipaddress='".$db->escape_string($session->ipaddress)."'";
  82  }
  83  $query = $db->simple_select("threadratings", "*", "{$whereclause} AND tid='{$tid}'");
  84  $ratecheck = $db->fetch_array($query);
  85  
  86  if($ratecheck['rid'] || $mybb->cookies['mybbratethread'][$tid])
  87  {
  88      error($lang->error_alreadyratedthread);
  89  }
  90  else
  91  {
  92      $plugins->run_hooks("ratethread_process");
  93  
  94      $db->write_query("
  95          UPDATE ".TABLE_PREFIX."threads
  96          SET numratings=numratings+1, totalratings=totalratings+'{$mybb->input['rating']}'
  97          WHERE tid='{$tid}'
  98      ");
  99      if($mybb->user['uid'] != 0)
 100      {
 101          $insertarray = array(
 102              'tid' => $tid,
 103              'uid' => $mybb->user['uid'],
 104              'rating' => $mybb->input['rating'],
 105              'ipaddress' => $db->escape_string($session->ipaddress)
 106          );
 107          $db->insert_query("threadratings", $insertarray);
 108      }
 109      else
 110      {
 111          $insertarray = array(
 112              'tid' => $tid,
 113              'rating' => $mybb->input['rating'],
 114              'ipaddress' => $db->escape_string($session->ipaddress)
 115          );
 116          $db->insert_query("threadratings", $insertarray);
 117          $time = TIME_NOW;
 118          my_setcookie("mybbratethread[{$tid}]", $mybb->input['rating']);
 119      }
 120  }
 121  $plugins->run_hooks("ratethread_end");
 122  
 123  if($mybb->input['ajax'])
 124  {
 125      echo "<success>{$lang->rating_added}</success>\n";
 126      $query = $db->simple_select("threads", "totalratings, numratings", "tid='$tid'", array('limit' => 1));
 127      $fetch = $db->fetch_array($query);
 128      $width = 0;
 129      if($fetch['numratings'] >= 0)
 130      {
 131          $averagerating = floatval(round($fetch['totalratings']/$fetch['numratings'], 2));
 132          $width = intval(round($averagerating))*20;
 133          $fetch['numratings'] = intval($fetch['numratings']);
 134          $ratingvotesav = $lang->sprintf($lang->rating_votes_average, $fetch['numratings'], $averagerating);
 135          echo "<average>{$ratingvotesav}</average>\n";
 136      }
 137      echo "<width>{$width}</width>";
 138      exit;
 139  }
 140  
 141  redirect(get_thread_link($thread['tid']), $lang->redirect_threadrated);
 142  ?>

title

Description

title

Description

title

Description

title

title

Body