Completed
Branch master (954431)
by Michael
06:30 queued 03:05
created

ratevideo.php (2 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/**
4
 * Module: XoopsTube
5
 *
6
 * You may not change or alter any portion of this comment or credits
7
 * of supporting developers from this source code or any supporting source code
8
 * which is considered copyrighted (c) material of the original comment or credit authors.
9
 *
10
 * PHP version 5
11
 *
12
 * @category        Module
13
 * @package         Xoopstube
14
 * @author          XOOPS Development Team
15
 * @copyright       2001-2013 The XOOPS Project
16
 * @license         GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
17
 * @version         $Id$
18
 * @link            http://sourceforge.net/projects/xoops/
19
 * @since           1.0.6
20
 */
21
22
include __DIR__ . '/header.php';
23
24
global $xtubemyts, $xoTheme;
25
26
// Check if videoload POSTER is voting (UNLESS Anonymous users allowed to post)
27
$lid = xtubeCleanRequestVars($_REQUEST, 'lid', '');
28
$lid = intval($lid);
29
30
$ip         = getenv("REMOTE_ADDR");
31
$ratinguser = (!is_object($xoopsUser)) ? 0 : $xoopsUser->getVar('uid');
32
33
if ($xoopsModuleConfig['showrating'] == 0 || $lid == '') {
34
    $ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN;
35
    redirect_header('index.php', 4, $ratemessage);
36
    exit();
37
}
38
39
if ($ratinguser != 0) {
40
    $result = $xoopsDB->query(
41
        'SELECT cid, submitter FROM ' . $xoopsDB->prefix('xoopstube_videos') . ' WHERE lid=' . intval($lid)
42
    );
43 View Code Duplication
    while (list($cid, $ratinguserDB) = $xoopsDB->fetchRow($result)) {
0 ignored issues
show
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
44
        if ($ratinguserDB == $ratinguser) {
45
            $ratemessage = _MD_XOOPSTUBE_CANTVOTEOWN;
46
            redirect_header('singlevideo.php?cid=' . intval($cid) . '&amp;lid=' . intval($lid), 4, $ratemessage);
47
            exit();
48
        }
49
    }
50
    // Check if REG user is trying to vote twice.
51
    $result = $xoopsDB->query(
52
        'SELECT cid, ratinguser FROM ' . $xoopsDB->prefix('xoopstube_votedata') . ' WHERE lid=' . intval($lid)
53
    );
54 View Code Duplication
    while (list($cid, $ratinguserDB) = $xoopsDB->fetchRow($result)) {
0 ignored issues
show
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
55
        if ($ratinguserDB == $ratinguser) {
56
            $ratemessage = _MD_XOOPSTUBE_VOTEONCE;
57
            redirect_header('singlevideo.php?cid=' . intval($cid) . '&amp;lid=' . intval($lid), 4, $ratemessage);
58
            exit();
59
        }
60
    }
61
} else {
62
    // Check if ANONYMOUS user is trying to vote more than once per day.
63
    $yesterday = (time() - (86400 * $anonwaitdays));
64
    $result    = $xoopsDB->query(
65
        'SELECT COUNT(*) FROM ' . $xoopsDB->prefix('xoopstube_votedata') . ' WHERE lid=' . intval($lid) . ' AND ratinguser=0 AND ratinghostname=' . $ip . '  AND ratingtimestamp > ' . $yesterday
66
    );
67
    list($anonvotecount) = $xoopsDB->fetchRow($result);
68
    if ($anonvotecount >= 1) {
69
        $ratemessage = _MD_XOOPSTUBE_VOTEONCE;
70
        redirect_header('singlevideo.php?cid=' . intval($cid) . '&amp;lid=' . intval($lid), 4, $ratemessage);
71
        exit();
72
    }
73
}
74
75
if (!empty($_POST['submit'])) {
76
    $ratinguser = (!is_object($xoopsUser)) ? 0 : $xoopsUser->getVar('uid');
77
    // Make sure only 1 anonymous from an IP in a single day.
78
    $anonwaitdays = 1;
79
    $ip           = getenv('REMOTE_ADDR');
80
    $lid          = xtubeCleanRequestVars($_REQUEST, 'lid', 0);
81
    $cid          = xtubeCleanRequestVars($_REQUEST, 'cid', 0);
82
    $rating       = xtubeCleanRequestVars($_REQUEST, 'rating', 0);
83
    $title        = $xtubemyts->addslashes(trim($_POST['title']));
84
    $lid          = intval($lid);
85
    $cid          = intval($cid);
86
    $rating       = intval($rating);
87
    // Check if Rating is Null
88
    if ($rating == '--') {
89
        $ratemessage = _MD_XOOPSTUBE_NORATING;
90
        redirect_header('ratevideo.php?cid=' . intval($cid) . '&amp;lid=' . intval($lid), 4, $ratemessage);
91
        exit();
92
    }
93
    // All is well.  Add to Line Item Rate to DB.
94
    $newid    = $xoopsDB->genId($xoopsDB->prefix('xoopstube_votedata') . '_ratingid_seq');
95
    $datetime = time();
96
    $sql      = sprintf(
97
        "INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp, title) VALUES (%u, %u, %u, %u, %s, %u, %s)",
98
        $xoopsDB->prefix('xoopstube_votedata'),
99
        $newid,
100
        intval($lid),
101
        $ratinguser,
102
        $rating,
103
        $xoopsDB->quoteString($ip),
104
        $datetime,
105
        $xoopsDB->quoteString($title)
106
    );
107
    if (!$result = $xoopsDB->query($sql)) {
108
        $ratemessage = _MD_XOOPSTUBE_ERROR;
109
    } else {
110
        // All is well.  Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
111
        xtubeUpdateRating($lid);
112
        $ratemessage = _MD_XOOPSTUBE_VOTEAPPRE . '<br />' . sprintf(_MD_XOOPSTUBE_THANKYOU, $xoopsConfig['sitename']);
113
    }
114
    redirect_header('singlevideo.php?cid=' . intval($cid) . '&amp;lid=' . intval($lid), 4, $ratemessage);
115
    exit();
116
} else {
117
    $xoopsOption['template_main'] = 'xoopstube_ratevideo.tpl';
118
    include XOOPS_ROOT_PATH . '/header.php';
119
120
    $catarray['imageheader'] = xtubeRenderImageHeader();
121
    $cid                     = xtubeCleanRequestVars($_REQUEST, 'cid', 0);
122
    $cid                     = intval($cid);
123
124
    $catarray['imageheader'] = xtubeRenderImageHeader();
125
    $xoopsTpl->assign('catarray', $catarray);
126
127
    $result = $xoopsDB->query(
128
        'SELECT title FROM ' . $xoopsDB->prefix('xoopstube_videos') . ' WHERE lid=' . intval($lid)
129
    );
130
    list($title) = $xoopsDB->fetchRow($result);
131
    $xoopsTpl->assign(
132
        'video',
133
        array(
134
            'id'    => intval($lid),
135
            'cid'   => intval($cid),
136
            'title' => $xtubemyts->htmlSpecialCharsStrip($title)
137
        )
138
    );
139
140
    xtubeSetNoIndexNoFollow();
141
142
    $xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname'));
143
    include XOOPS_ROOT_PATH . '/footer.php';
144
}
145
146
xtubeSetNoIndexNoFollow();
147
148
$xoopsTpl->assign('module_dir', $xoopsModule->getVar('dirname'));
149
include XOOPS_ROOT_PATH . '/footer.php';
150