<?php
/**
* mobiCMS (https://mobicms.org/)
* This file is part of mobiCMS Content Management System.
*
* @license https://opensource.org/licenses/GPL-3.0 GPL-3.0 (see the LICENSE.md file)
* @link http://mobicms.org mobiCMS Project
* @copyright Copyright (C) mobiCMS Community
*/
defined('MOBICMS') or die('Error: restricted access');
$mod = isset($_GET['mod']) ? trim($_GET['mod']) : '';
$ref = isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'index.php';
/** @var Psr\Container\ContainerInterface $container */
$container = App::getContainer();
/** @var PDO $db */
$db = $container->get(PDO::class);
/** @var Mobicms\Http\Response $response */
$response = $container->get(Mobicms\Http\Response::class);
/** @var Mobicms\Api\UserInterface $systemUser */
$systemUser = $container->get(Mobicms\Api\UserInterface::class);
/** @var Mobicms\Api\ToolsInterface $tools */
$tools = $container->get(Mobicms\Api\ToolsInterface::class);
// Голосуем за фотографию
if (!$img) {
echo $tools->displayError(_t('Wrong data'));
require ROOT_PATH . 'system/end.php';
exit;
}
$check = $db->query("SELECT * FROM `cms_album_votes` WHERE `user_id` = '" . $systemUser->id . "' AND `file_id` = '$img' LIMIT 1");
if ($check->rowCount()) {
$response->header('Location', $ref);
$response->send();
exit;
}
$req = $db->query("SELECT * FROM `cms_album_files` WHERE `id` = '$img' AND `user_id` != " . $systemUser->id);
if ($req->rowCount()) {
$res = $req->fetch();
switch ($mod) {
case 'plus':
/**
* Отдаем положительный голос
*/
$db->exec("INSERT INTO `cms_album_votes` SET
`user_id` = '" . $systemUser->id . "',
`file_id` = '$img',
`vote` = '1'
");
$db->exec("UPDATE `cms_album_files` SET `vote_plus` = '" . ($res['vote_plus'] + 1) . "' WHERE `id` = '$img'");
break;
case 'minus':
/**
* Отдаем отрицательный голос
*/
$db->exec("INSERT INTO `cms_album_votes` SET
`user_id` = '" . $systemUser->id . "',
`file_id` = '$img',
`vote` = '-1'
");
$db->exec("UPDATE `cms_album_files` SET `vote_minus` = '" . ($res['vote_minus'] + 1) . "' WHERE `id` = '$img'");
break;
}
$response->header('Location', $ref);
$response->send();
} else {
echo $tools->displayError(_t('Wrong data'));
}