forked from Kliqqi-CMS/Kliqqi-CMS
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cvote.php
58 lines (44 loc) · 1.62 KB
/
cvote.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
if(isset($_POST['id'])){
include_once('internal/Smarty.class.php');
$main_smarty = new Smarty;
include('config.php');
include(mnminclude.'comment.php');
include(mnminclude.'html1.php');
include(mnminclude.'smartyvariables.php');
check_referrer();
$comment = new Comment;
$comment->id=sanitize($_POST['id'], 3);
if(!is_numeric($comment->id)){die();}
$comment->read();
if ($current_user->user_id == 0 && !anonnymous_vote) {
error($main_smarty->get_config_vars('PLIGG_Visual_Vote_NoAnon'));
}
if($current_user->user_id != sanitize($_POST['user'], 3)) {
error($main_smarty->get_config_vars('PLIGG_Visual_Vote_BadUser'). $current_user->user_id . '-'. sanitize($_POST['user'], 3));
}
$md5=md5(sanitize($_POST['user'], 3).$comment->randkey);
if($md5 !== sanitize($_POST['md5'], 3)){
error($main_smarty->get_config_vars('PLIGG_Visual_Vote_BadKey'));
}
$value = sanitize($_POST['value'], 3);
if(sanitize($_POST['unvote'], 3) == 'true') {
$comment->remove_vote($current_user->user_id, $value);
} else {
if($comment->votes($current_user->user_id, $value<0 ? '<0' : '>0') <> 0 ||
// DB 11/10/08
(votes_per_ip > 0 && $comment->votes_from_ip() >= votes_per_ip)) {
/////
error($main_smarty->get_config_vars('PLIGG_Visual_Vote_AlreadyVoted'));
}
if($value < -10 || $value > 10){
error('Invalid vote value');
}
$comment->remove_vote($current_user->user_id, -$value);
$comment->insert_vote($current_user->user_id, $value);
}
$comment->store();
$count=$comment->votes;
echo "$count ~--~".sanitize($_POST['id'], 3);
}
?>