These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /** |
||
4 | * Module: XoopsTube |
||
5 | * |
||
6 | * You may not change or alter any portion of this comment or credits |
||
7 | * of supporting developers from this source code or any supporting source code |
||
8 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
9 | * |
||
10 | * PHP version 5 |
||
11 | * |
||
12 | * @category Module |
||
13 | * @package Xoopstube |
||
14 | * @author XOOPS Development Team |
||
15 | * @copyright 2001-2013 The XOOPS Project |
||
16 | * @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html) |
||
17 | * @version $Id$ |
||
18 | * @link http://sourceforge.net/projects/xoops/ |
||
19 | * @since 1.0.6 |
||
20 | */ |
||
21 | |||
22 | include __DIR__ . '/header.php'; |
||
23 | |||
24 | global $xtubemyts, $xoTheme; |
||
25 | |||
26 | // Check if videoload POSTER is voting (UNLESS Anonymous users allowed to post) |
||
27 | $lid = xtubeCleanRequestVars($_REQUEST, 'lid', ''); |
||
28 | $lid = intval($lid); |
||
29 | |||
30 | $ip = getenv("REMOTE_ADDR"); |
||
31 | $ratinguser = (!is_object($xoopsUser)) ? 0 : $xoopsUser->getVar('uid'); |
||
32 | |||
33 | if ($xoopsModuleConfig['showrating'] == 0 || $lid == '') { |
||
34 | $ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN; |
||
35 | redirect_header('index.php', 4, $ratemessage); |
||
36 | exit(); |
||
37 | } |
||
38 | |||
39 | if ($ratinguser != 0) { |
||
40 | $result = $xoopsDB->query( |
||
41 | 'SELECT cid, submitter FROM ' . $xoopsDB->prefix('xoopstube_videos') . ' WHERE lid=' . intval($lid) |
||
42 | ); |
||
43 | View Code Duplication | while (list($cid, $ratinguserDB) = $xoopsDB->fetchRow($result)) { |
|
0 ignored issues
–
show
|
|||
44 | if ($ratinguserDB == $ratinguser) { |
||
45 | $ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN; |
||
46 | redirect_header('singlevideo.php?cid=' . intval($cid) . '&lid=' . intval($lid), 4, $ratemessage); |
||
47 | exit(); |
||
48 | } |
||
49 | } |
||
50 | // Check if REG user is trying to vote twice. |
||
51 | $result = $xoopsDB->query( |
||
52 | 'SELECT cid, ratinguser FROM ' . $xoopsDB->prefix('xoopstube_votedata') . ' WHERE lid=' . intval($lid) |
||
53 | ); |
||
54 | View Code Duplication | while (list($cid, $ratinguserDB) = $xoopsDB->fetchRow($result)) { |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
55 | if ($ratinguserDB == $ratinguser) { |
||
56 | $ratemessage = _MD_XOOPSTUBE_VOTEONCE; |
||
57 | redirect_header('singlevideo.php?cid=' . intval($cid) . '&lid=' . intval($lid), 4, $ratemessage); |
||
58 | exit(); |
||
59 | } |
||
60 | } |
||
61 | } else { |
||
62 | // Check if ANONYMOUS user is trying to vote more than once per day. |
||
63 | $yesterday = (time() - (86400 * $anonwaitdays)); |
||
64 | $result = $xoopsDB->query( |
||
65 | 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix('xoopstube_votedata') . ' WHERE lid=' . intval($lid) . ' AND ratinguser=0 AND ratinghostname=' . $ip . ' AND ratingtimestamp > ' . $yesterday |
||
66 | ); |
||
67 | list($anonvotecount) = $xoopsDB->fetchRow($result); |
||
68 | if ($anonvotecount >= 1) { |
||
69 | $ratemessage = _MD_XOOPSTUBE_VOTEONCE; |
||
70 | redirect_header('singlevideo.php?cid=' . intval($cid) . '&lid=' . intval($lid), 4, $ratemessage); |
||
71 | exit(); |
||
72 | } |
||
73 | } |
||
74 | |||
75 | if (!empty($_POST['submit'])) { |
||
76 | $ratinguser = (!is_object($xoopsUser)) ? 0 : $xoopsUser->getVar('uid'); |
||
77 | // Make sure only 1 anonymous from an IP in a single day. |
||
78 | $anonwaitdays = 1; |
||
79 | $ip = getenv('REMOTE_ADDR'); |
||
80 | $lid = xtubeCleanRequestVars($_REQUEST, 'lid', 0); |
||
81 | $cid = xtubeCleanRequestVars($_REQUEST, 'cid', 0); |
||
82 | $rating = xtubeCleanRequestVars($_REQUEST, 'rating', 0); |
||
83 | $title = $xtubemyts->addslashes(trim($_POST['title'])); |
||
84 | $lid = intval($lid); |
||
85 | $cid = intval($cid); |
||
86 | $rating = intval($rating); |
||
87 | // Check if Rating is Null |
||
88 | if ($rating == '--') { |
||
89 | $ratemessage = _MD_XOOPSTUBE_NORATING; |
||
90 | redirect_header('ratevideo.php?cid=' . intval($cid) . '&lid=' . intval($lid), 4, $ratemessage); |
||
91 | exit(); |
||
92 | } |
||
93 | // All is well. Add to Line Item Rate to DB. |
||
94 | $newid = $xoopsDB->genId($xoopsDB->prefix('xoopstube_votedata') . '_ratingid_seq'); |
||
95 | $datetime = time(); |
||
96 | $sql = sprintf( |
||
97 | "INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp, title) VALUES (%u, %u, %u, %u, %s, %u, %s)", |
||
98 | $xoopsDB->prefix('xoopstube_votedata'), |
||
99 | $newid, |
||
100 | intval($lid), |
||
101 | $ratinguser, |
||
102 | $rating, |
||
103 | $xoopsDB->quoteString($ip), |
||
104 | $datetime, |
||
105 | $xoopsDB->quoteString($title) |
||
106 | ); |
||
107 | if (!$result = $xoopsDB->query($sql)) { |
||
108 | $ratemessage = _MD_XOOPSTUBE_ERROR; |
||
109 | } else { |
||
110 | // All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB. |
||
111 | xtubeUpdateRating($lid); |
||
112 | $ratemessage = _MD_XOOPSTUBE_VOTEAPPRE . '<br />' . sprintf(_MD_XOOPSTUBE_THANKYOU, $xoopsConfig['sitename']); |
||
113 | } |
||
114 | redirect_header('singlevideo.php?cid=' . intval($cid) . '&lid=' . intval($lid), 4, $ratemessage); |
||
115 | exit(); |
||
116 | } else { |
||
117 | $xoopsOption['template_main'] = 'xoopstube_ratevideo.tpl'; |
||
118 | include XOOPS_ROOT_PATH . '/header.php'; |
||
119 | |||
120 | $catarray['imageheader'] = xtubeRenderImageHeader(); |
||
121 | $cid = xtubeCleanRequestVars($_REQUEST, 'cid', 0); |
||
122 | $cid = intval($cid); |
||
123 | |||
124 | $catarray['imageheader'] = xtubeRenderImageHeader(); |
||
125 | $xoopsTpl->assign('catarray', $catarray); |
||
126 | |||
127 | $result = $xoopsDB->query( |
||
128 | 'SELECT title FROM ' . $xoopsDB->prefix('xoopstube_videos') . ' WHERE lid=' . intval($lid) |
||
129 | ); |
||
130 | list($title) = $xoopsDB->fetchRow($result); |
||
131 | $xoopsTpl->assign( |
||
132 | 'video', |
||
133 | array( |
||
134 | 'id' => intval($lid), |
||
135 | 'cid' => intval($cid), |
||
136 | 'title' => $xtubemyts->htmlSpecialCharsStrip($title) |
||
137 | ) |
||
138 | ); |
||
139 | |||
140 | xtubeSetNoIndexNoFollow(); |
||
141 | |||
142 | $xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname')); |
||
143 | include XOOPS_ROOT_PATH . '/footer.php'; |
||
144 | } |
||
145 | |||
146 | xtubeSetNoIndexNoFollow(); |
||
147 | |||
148 | $xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname')); |
||
149 | include XOOPS_ROOT_PATH . '/footer.php'; |
||
150 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.