} else {
$speedlimiterror = 0;
}
if (!$voted && !$speedlimiterror) {
//if the user hasn't yet voted, then vote normally...
if ($vote_sent >= 1 && $vote_sent <= $units && $ip == $ip_num) {
// keep votes within range, make sure IP matches - no monkey business!
list($new_rating, $added) = RATING_addVote($plugin, $id_sent, $vote_sent, $uid, $ip);
COM_updateSpeedlimit('rate');
}
} else {
$added = $current_votes;
$new_rating = $current_rating;
}
} else {
list($rating_id, $current_rating, $cout) = RATING_getRating($plugin, $id_sent);
$added = $count;
$new_rating = $current_rating;
$status = 3;
}
$count = $added;
$current_rating = $new_rating;
$tense = $count == 1 ? $LANG13['vote'] : $LANG13['votes'];
// set message
if ($status == 1) {
// either IP or UID has already voted
$message = "<script>alert('" . $LANG13['ip_rated'] . "');</script>";
} elseif ($status == 2) {
$message = "<script>alert('" . sprintf($LANG13['rate_speedlimit'], $last, $_CONF['rating_speedlimit']) . "');</script>";
} elseif ($status == 3) {
// no permission to vote or your already own the item
/**
* Add a new rating to an item
*
* Adds a new rating for an item. This will calculate the new overall
* rating, update the vote table with the user / ip info and ask the
* plugin to update its records.
*
* @param string $type plugin name
* @param string $item_id item id
* @param int $rating rating sent by user
* @param int $uid user id of rater
* @param string $ip IP address of rater
* @return array an array with the new overall rating and total number
* of votes.
*
*/
function RATING_addVote($type, $item_id, $rating, $uid, $ip)
{
global $_TABLES;
$ratingdate = time();
list($rating_id, $current_rating, $current_votes) = RATING_getRating($type, $item_id);
if ($rating < 1) {
return array($current_rating, $current_votes);
}
$tresult = DB_query("SELECT SUM( rating ),COUNT( item_id ) FROM {$_TABLES['rating_votes']} WHERE item_id = '" . DB_escapeString($item_id) . "' AND type='" . DB_escapeString($type) . "'");
if (DB_numRows($tresult) > 0) {
list($total_rating, $total_votes) = DB_fetchArray($tresult);
} else {
$total_rating = 0;
$total_votes = 0;
}
$sum = $total_rating + $rating;
$votes = $total_votes + 1;
if ($sum > 0 && $votes > 0) {
$new_rating = $sum / $votes;
} else {
$new_rating = 0;
$sum = 0;
$votes = 0;
}
$new_rating = sprintf("%2.02f", $new_rating);
if ($rating_id != 0) {
$sql = "UPDATE {$_TABLES['rating']} SET votes=" . $votes . ", rating='" . DB_escapeString($new_rating) . "' WHERE id = " . $rating_id;
DB_query($sql);
} else {
$sql = "SELECT MAX(id) + 1 AS newid FROM " . $_TABLES['rating'];
$result = DB_query($sql);
$row = DB_fetchArray($result);
$newid = $row['newid'];
if ($newid < 1) {
$newid = 1;
}
$sql = "INSERT INTO {$_TABLES['rating']} (id,type,item_id,votes,rating) VALUES (" . $newid . ", '" . $type . "','" . DB_escapeString($item_id) . "'," . $votes . ",'" . DB_escapeString($new_rating) . "' )";
DB_query($sql);
}
$sql = "INSERT INTO {$_TABLES['rating_votes']} (type,item_id,rating,uid,ip_address,ratingdate) " . "VALUES ('" . DB_escapeString($type) . "','" . DB_escapeString($item_id) . "'," . $rating . "," . $uid . ",'" . DB_escapeString($ip) . "'," . $ratingdate . ");";
DB_query($sql);
PLG_itemRated($type, $item_id, $new_rating, $votes);
return array($new_rating, $votes);
}
/**
* Saves the story in it's final state to the database.
*
* Handles all the SID magic etc.
* @return Integer status result from a constant list.
*/
function saveToDatabase()
{
global $_TABLES, $_CONF;
if (DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1") == $this->_tid) {
$this->_featured = 0;
$this->_frontpage = 0;
$this->_statuscode = STORY_ARCHIVE_ON_EXPIRE;
}
if ($this->_featured != 1) {
$this->_featured = 0;
}
if ($this->_statuscode == '') {
$this->_statuscode = 0;
}
if ($this->_owner_id == '') {
$this->_owner_id = 1;
}
/* if a featured, non-draft, that goes live straight away, unfeature
* other stories in same topic:
*/
if ($this->_featured == '1') {
// there can only be one non-draft featured story
if ($this->_draft_flag == 0 and $this->_date <= time()) {
if ($this->_frontpage == 1) {
// un-feature any featured frontpage story
DB_query("UPDATE {$_TABLES['stories']} SET featured = 0 WHERE featured = 1 AND draft_flag = 0 AND frontpage = 1 AND date <= NOW()");
}
// un-feature any featured story in the same topic
DB_query("UPDATE {$_TABLES['stories']} SET featured = 0 WHERE featured = 1 AND draft_flag = 0 AND tid = '{$this->_tid}' AND date <= NOW()");
}
}
$oldArticleExists = false;
$currentSidExists = false;
/* Fix up old sid => new sid stuff */
if ($this->_sid != $this->_originalSid) {
/* The sid has changed. Load from request will have
* ensured that if the new sid exists an error has
* been thrown, but we need to know if the old sid
* actually existed (as opposed to being a generated
* sid that was then thrown away) to reduce the sheer
* number of SQL queries we do.
*/
$checksid = DB_escapeString($this->_originalSid);
$newsid = DB_escapeString($this->_sid);
$sql = "SELECT 1 FROM {$_TABLES['stories']} WHERE sid='{$checksid}'";
$result = DB_query($sql);
if ($result && DB_numRows($result) > 0) {
$oldArticleExists = true;
}
if ($oldArticleExists) {
/* Move Comments */
$sql = "UPDATE {$_TABLES['comments']} SET sid='{$newsid}' WHERE type='article' AND sid='{$checksid}'";
DB_query($sql);
/* Move Images */
$sql = "UPDATE {$_TABLES['article_images']} SET ai_sid = '{$newsid}' WHERE ai_sid = '{$checksid}'";
DB_query($sql);
/* Move trackbacks */
$sql = "UPDATE {$_TABLES['trackback']} SET sid='{$newsid}' WHERE sid='{$checksid}' AND type='article'";
DB_query($sql);
/* Move ratings */
$sql = "UPDATE {$_TABLES['rating']} SET item_id='{$newsid}' WHERE item_id='{$checksid}' AND type='article'";
DB_query($sql);
$sql = "UPDATE {$_TABLES['rating_votes']} SET item_id='{$newsid}' WHERE item_id='{$checksid}' AND type='article'";
DB_query($sql);
CACHE_remove_instance('story_' . $this->_originalSid);
}
}
/* Acquire Comment Count */
$sql = "SELECT count(1) FROM {$_TABLES['comments']} WHERE type='article' AND sid='" . DB_escapeString($this->_sid) . "'";
$result = DB_query($sql);
if ($result && DB_numRows($result) == 1) {
$array = DB_fetchArray($result);
$this->_comments = $array[0];
} else {
$this->_comments = 0;
}
/* Acquire Rating / Votes */
list($rating_id, $rating, $votes) = RATING_getRating('article', $this->_sid);
$this->_rating = $rating;
$this->_votes = $votes;
//@TODO - remove this call on save
// Get the related URLs
$this->_related = implode("\n", STORY_extractLinks("{$this->_introtext} {$this->_bodytext}"));
$sql = 'REPLACE INTO ' . $_TABLES['stories'] . ' (';
$values = ' VALUES (';
$fields = '';
reset($this->_dbFields);
/* This uses the database field array to generate a SQL Statement. This
* means that when adding new fields to save and load, all we need to do
* is add the field name to the array, and the code will magically cope.
*/
while (list($fieldname, $save) = each($this->_dbFields)) {
if ($save === 1) {
$varname = '_' . $fieldname;
$sql .= $fieldname . ', ';
if ($fieldname == 'date' || $fieldname == 'expire' || $fieldname == 'comment_expire') {
// let the DB server do this conversion
if (!empty($this->{$varname})) {
$values .= 'FROM_UNIXTIME(' . $this->{$varname} . '), ';
} else {
$values .= "'0000-00-00 00:00:00', ";
}
} else {
$values .= '\'' . DB_escapeString($this->{$varname}) . '\', ';
}
}
}
$sql = substr($sql, 0, strlen($sql) - 2);
$values = substr($values, 0, strlen($values) - 2);
$sql .= ') ' . $values . ')';
DB_query($sql);
CACHE_remove_instance('story_' . $this->_sid);
/* Clean up the old story */
if ($oldArticleExists && !empty($checksid)) {
$sql = "DELETE FROM {$_TABLES['stories']} WHERE sid='{$checksid}'";
DB_query($sql);
CACHE_remove_instance('story_' . $this->_originalSid);
}
if ($this->type == 'submission') {
if (!empty($checksid)) {
DB_delete($_TABLES['storysubmission'], 'sid', $checksid);
} else {
DB_delete($_TABLES['storysubmission'], 'sid', DB_escapeString($this->_sid));
}
}
CACHE_remove_instance('whatsnew');
CACHE_remove_instance('stmenu');
return STORY_SAVED;
}
