Subversion Repositories svnkaklik

Rev

Details | Last modification | View Log

Rev Author Line No. Line
6 kaklik 1 
<?php
2 
/*************************
3 
  Coppermine Photo Gallery
4 
  ************************
5 
  Copyright (c) 2003-2005 Coppermine Dev Team
6 
  v1.1 originaly written by Gregory DEMAR
7 
 
8 
  This program is free software; you can redistribute it and/or modify
9 
  it under the terms of the GNU General Public License as published by
10 
  the Free Software Foundation; either version 2 of the License, or
11 
  (at your option) any later version.
12 
  ********************************************
13 
  Coppermine version: 1.3.3
14 
  $Source: /cvsroot/coppermine/stable/ratepic.php,v $
15 
  $Revision: 1.6 $
16 
  $Author: gaugau $
17 
  $Date: 2005/04/19 03:17:11 $
18 
**********************************************/
19 
 
20 
define('IN_COPPERMINE', true);
21 
define('RATEPIC_PHP', true);
22 
 
23 
require('include/init.inc.php');
24 
// Check if required parameters are present
25 
if (!isset($HTTP_GET_VARS['pic']) || !isset($HTTP_GET_VARS['rate'])) cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
26 
 
27 
$pic = (int)$HTTP_GET_VARS['pic'];
28 
$rate = (int)$HTTP_GET_VARS['rate'];
29 
 
30 
$rate = min($rate, 5);
31 
$rate = max($rate, 0);
32 
 
33 
// If user does not accept script's cookies, we don't accept the vote
34 
if (!isset($HTTP_COOKIE_VARS[$CONFIG['cookie_name'] . '_data'])) {
35 
    header('Location: displayimage.php?pos=' . (- $pic));
36 
    exit;
37 
}
38 
// Retrieve picture/album information & check if user can rate picture
39 
$sql = "SELECT a.votes as votes_allowed, p.votes as votes, pic_rating, owner_id " . "FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a " . "WHERE p.aid = a.aid AND pid = '$pic' LIMIT 1";
40 
$result = db_query($sql);
41 
if (!mysql_num_rows($result)) cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
42 
$row = mysql_fetch_array($result);
43 
mysql_free_result($result);
44 
if (!USER_CAN_RATE_PICTURES || $row['votes_allowed'] == 'NO') cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
45 
// Clean votes older votes
46 
$curr_time = time();
47 
$clean_before = $curr_time - $CONFIG['keep_votes_time'] * 86400;
48 
$sql = "DELETE " . "FROM {$CONFIG['TABLE_VOTES']} " . "WHERE vote_time < $clean_before";
49 
$result = db_query($sql);
50 
// Check if user already rated this picture
51 
$user_md5_id = USER_ID ? md5(USER_ID) : $USER['ID'];
52 
$sql = "SELECT * " . "FROM {$CONFIG['TABLE_VOTES']} " . "WHERE pic_id = '$pic' AND user_md5_id = '$user_md5_id'";
53 
$result = db_query($sql);
54 
if (mysql_num_rows($result)) cpg_die(ERROR, $lang_rate_pic_php['already_rated'], __FILE__, __LINE__);
55 
//Test for Self-Rating
56 
$user=USER_ID;
57 
$owner=$row['owner_id'];
58 
 
59 
if (!empty($user) && $user==$owner && !USER_IS_ADMIN) cpg_die(ERROR, $lang_rate_pic_php['forbidden'], __FILE__, __LINE__);
60 
// Update picture rating
61 
$new_rating = round(($row['votes'] * $row['pic_rating'] + $rate * 2000) / ($row['votes'] + 1));
62 
$sql = "UPDATE {$CONFIG['TABLE_PICTURES']} " . "SET pic_rating = '$new_rating', votes = votes + 1 " . "WHERE pid = '$pic' LIMIT 1";
63 
$result = db_query($sql);
64 
// Update the votes table
65 
$sql = "INSERT INTO {$CONFIG['TABLE_VOTES']} " . "VALUES ('$pic', '$user_md5_id', '$curr_time')";
66 
$result = db_query($sql);
67 
 
68 
$location = "displayimage.php?pos=" . (- $pic);
69 
$header_location = (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) ? 'Refresh: 0; URL=' : 'Location: ';
70 
header($header_location . $location);
71 
pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"1;url=$location\">");
72 
msg_box($lang_info, $lang_rate_pic_php['rate_ok'], $lang_continue, $location);
73 
pagefooter();
74 
ob_end_flush();
75 
 
76 
?>