Location: PHPKode > scripts > Noostr > _engine/handlers/votes.php
<?php defined('SYSPATH') OR die('No direct access to this file is allowed.');
/**
 * Votes handler for URL-based voting.
 *
 * @package Noostr
 * @subpackage Handler_Votes
 */

$legal_votes = array('voteup', 'votedown');
if (isset($site->uri[1]) && isset($site->uri[2]) && in_array(strtolower($site->uri[2]), $legal_votes)) {
	$next = '';
	if ($acl->vote) {
		$next = $site->root.'/'.$site->startpage;
		$vote = false;
		$direction = 0;
		$op = null;
		switch (strtolower($site->uri[2])) {
			case 'voteup':
				$vote = true;
				$direction = 1;
				$op = '+';
				break;
			case 'votedown':
				$vote = true;
				$direction = -1;
				$op = '-';
				break;
			default:
				$next = '';
				break;
		}
		if ($vote) {
			$uid = array();
			// First make sure the story ID is legal
			$sql = 'select userid from '.PREFIX.'nodes where uid = ?';
			$uid = $db->query($sql, $site->uri[1]);
			if (isset($uid[0])) {
				$sql = 'select * from '.PREFIX.'users_votes where userid = ? and nodeid = ?';
				$data = array($user->uid, $site->uri[1]);
				$test = $db->query($sql, $data);
				if (count($test) == 0) {
					$sql = 'insert into '.PREFIX.'users_votes (userid,nodeid,direction) values (?,?,?)';
					$data = array($user->uid, $site->uri[1], $direction);
				} elseif (count($test) == 1) {
					$sql = 'update '.PREFIX.'users_votes set direction = direction '.$op.' 1 where userid = ? and nodeid = ?';
					$data = array($user->uid, $site->uri[1]);
				} else {
					set_error('v03');
				}
				$db->query($sql, $data);
				$sql = 'update '.PREFIX.'nodes set votes = votes '.$op.' 1 where uid = ?';
				$db->query($sql, $site->uri[1]);
				$sql = 'update '.PREFIX.'users set karma = karma '.$op.' 1 where uid = ?';
				$db->query($sql, $uid[0]['userid']);
			} else {
				set_error('v04');
			}
			$next = '';
		}
	} elseif ($user->uid == null) {
		// User must be logged in to vote.
		set_error('v01');
		$next = $site->root.'/'.$site->uri[0].'/'.$site->uri[1].'/';
	} elseif (!$acl->vote) {
		// User does not have permission to vote.
		set_error('v02');
		$next = $site->root.'/'.$site->uri[0].'/'.$site->uri[1].'/';
	}
	if ($next == '') {
		if ($site->referrer != '') {
			$next = $site->referrer;
		} else {
			$next = $site->root.'/'.$site->startpage;
		}
	}
	if ($next != '') {
		locate($next);
	}
}
Return current item: Noostr