Location: PHPKode > projects > H-tracker > simpaty.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require "backend/functions.php";
dbconn();
loggedinonly();

$return = $_SERVER['HTTP_REFERER'];
$valid_actions = array('add', 'addforum','delete');
$action = ( in_array($_GET['action'], $valid_actions) ? $_GET['action'] : '');

// action: add -------------------------------------------------------------
if ($action == 'add') {
        if ($CURUSER["warned"] == 'yes') {
                show_error_msg("Error", "In you warning and you cannot place to people the respects.");
        }
        $current_time = get_date_time();
        $targetid = intval($_GET['targetid']);
        $resp_type = (isset($_GET['good'])?1:0);
        $type = $_GET['type'];
        if (!is_valid_id($targetid)) {
                show_error_msg("ERROR","Thats not a valid ID",1);  
        }
        if ($CURUSER["id"] == $targetid) {
                show_error_msg("Error", "You cannot give respect or anti-respect to yourselves.");
        }

        $r = mysql_query('SELECT id FROM simpaty WHERE touserid=' . $targetid . ' AND type = ' . sqlesc($type) . ' AND fromuserid = ' . $CURUSER['id']) or sqlerr(__FILE__, __LINE__);
        if (mysql_num_rows($r) == 1) {
                show_error_msg("Error", "You already gave respect for this action to this user.");
        }

        if (isset($_POST["description"]) && trim($_POST["description"]) == '') {
                show_error_msg("Error", "Commentary cannot be empty.");
        }
        if (!isset($_POST["description"])) {
        show_error_msg("Warning","Write the reason, for which you issue" . ($resp_type == 1?"respect":"antirespect") . " to the user<form action=\"" . $_SERVER["PHP_SELF"] . "?action=add&amp;" . ($resp_type == 1?'good':'bad') . "&amp;type=$type&amp;targetid=$targetid\" method=\"post\"<input type=text name=description maxlength=300 size=70></textarea>".(isset($_GET["returnto"]) ? "<input type=\"hidden\" name=\"returnto\" value=\"" . htmlspecialchars($_GET["returnto"]) . "\" />\n" : "")."<input type=submit value=".($resp_type == 1?"Respect":"Anti-respect")."></form>");
        }
        mysql_query ('INSERT INTO simpaty VALUES (0, ' . $targetid . ', ' . $CURUSER['id'] . ', ' . sqlesc($CURUSER['username']) . ', ' . ($resp_type==0?1:0) . ', ' . ($resp_type==1?1:0) . ', ' . sqlesc($type) . ', ' . sqlesc($current_time) . ', ' . sqlesc($_POST["description"]) . ')') or sqlerr();
        if ($resp_type == 1) {
                mysql_query('UPDATE users SET simpaty = simpaty + 1 WHERE id = ' . $targetid) or sqlerr();
        }
        else {
                mysql_query('UPDATE users SET simpaty = simpaty - 1 WHERE id = ' . $targetid) or sqlerr();
        }
        // mod by StirolXXX (Yuna Scatari)
            $fromusername = $arr["fromusername"];
		$msg = sqlesc("" . $CURUSER['username'] . "  it placed to you" . ($resp_type == 1?'the respect':'the anti-respect') . " in the reputation with the following message: \n[quote]" . $_POST["description"] . "[/quote]"); 
		mysql_query("INSERT INTO messages (sender, receiver, added, msg, poster, subject) VALUES (0, $targetid, NOW(), $msg, 0, \"Information about a change in the reputation\")");
        // mod by StirolXXX (Yuna Scatari)
		if (isset($_POST["returnto"])) {
			$returl = $_POST["returnto"];
			header("Refresh: 5; url=$returl");
		}
        stdhead(($resp_type == 1?"Respect":"Anti-respect") . " it is added");
        show_success_msg("Successfully", "<p>User successfully obtained " . ($resp_type == 1?"the respect":"the anti-respect") . " from you.</p>".(isset($_POST["returnto"]) ? "Now you will be re-addressed to the page, from where you arrived." : ""));        if (isset($_POST["returnto"])) {
        	print("<p><a href=\"".htmlspecialchars($_POST["returnto"])."\">Press here, if you not were re-addressed</a></p>");
        }
}

if ($action == 'delete') {
        if(get_user_class() < 7) {
                show_error_msg("Warning", "You do not have rights to the removal of the respects.");
        }
        $respect_id = intval($_GET['respect_id']);
        $respect_type = $_GET['respect_type'];
        $touserid = intval($_GET['touserid']);
        mysql_query ('DELETE FROM simpaty WHERE id = ' . $respect_id) or sqlerr(__LINE__,__FILE__);
        mysql_query ('UPDATE users SET simpaty = simpaty ' .($respect_type=='bad'?'+1':'-1') . ' WHERE id = ' . $touserid) or sqlerr(__LINE__,__FILE__);
        /*if (mysql_affected_rows != 1) {
        	show_error_msg("Error", "I cannot move away".($respect_type == 'good'?"the respect":"the anti-respect").".");
        }*/
        if (isset($_GET["returnto"])) {
        	$returl = $_GET["returnto"];
			header("Refresh: 5; url=$returl");
        };
        stdhead();
        show_success_msg("Successfully", "<p>".($respect_type == 'good'?"Respect":"Anti-respect")." it is removed successfully.</p>".(isset($_GET["returnto"]) ? "Now you will be re-addressed to the page, from where you arrived." : ""));
        if (isset($_GET["returnto"])) {
        	print("<p><a href=\"".htmlspecialchars($_GET["returnto"])."\">Press here, if you not were re-addressed</a></p>");
        }
        stdfoot();
        die();
}
?>
Return current item: H-tracker