function wpv_voting_vote($post_ID, $user_ID, $author_ID, $user_IP) { global $wpdb, $current_user; $result = FALSE; ###Prevents SQL injection $p_ID = $wpdb->escape($post_ID); $u_ID = $wpdb->escape($user_ID); $a_ID = $wpdb->escape($author_ID); $u_IP = $wpdb->escape($user_IP); //$dt = date('Y-m-d H:i:s'); ###Prevents fake userID if (is_user_logged_in()) { get_currentuserinfo(); if ($current_user->ID != $u_ID) { return $result; } } wpv_voting_set_post($p_ID, $a_ID); $curr_count = $wpdb->get_var($wpdb->prepare("SELECT vote_count FROM " . $wpdb->prefix . "wpv_voting WHERE post_id = %d AND author_id = %d", $p_ID, $a_ID)); if (!wpv_voting_user_voted($p_ID, $u_ID, $a_ID, $u_IP)) { $new_count = $curr_count + 1; $wpdb->query($wpdb->prepare("UPDATE " . $wpdb->prefix . "wpv_voting SET vote_count = %d WHERE post_id = %d AND author_id = %d", $new_count, $p_ID, $a_ID)); $wpdb->query($wpdb->prepare("INSERT INTO " . $wpdb->prefix . "wpv_voting_meta (post_id, voter_id, vote_date, voter_ip) VALUES (%d, %d, NOW(), %s)", array($p_ID, $u_ID, $u_IP))); $result = TRUE; } else { $result = FALSE; } return $result; }
function wpv_voting_get_display_vote($postID) { global $user_ID, $user_login; $output = ''; $user_IP = wpv_get_the_ip(); $author_ID = get_the_author_meta('ID'); ### Get current vote count $curr_votes = wpv_voting_get_vote($postID, $author_ID); ### Allow or disallow post author to vote his own posts $allow_author_vote = get_option('wpv-allow-author-vote'); if (empty($allow_author_vote) || $allow_author_vote == null || $allow_author_vote == 'No') { $allow_author_vote = false; } else { $allow_author_vote = true; } ### Allow or disallow public vote check $allow_public_vote = get_option('wpv-allow-public-vote'); if (empty($allow_public_vote) || $allow_public_vote == null || $allow_public_vote == 'No') { $allow_public_vote = false; } else { $allow_public_vote = true; } ### Get custom vote count text $voted_custom_txt = get_option('wpv-voted-custom-txt'); if (empty($voted_custom_txt)) { $voted_custom_txt = 'voted'; } ### Get custom vote button text $vote_btn_custom_txt = get_option('wpv-vote-btn-custom-txt'); if (empty($vote_btn_custom_txt)) { $vote_btn_custom_txt = 'vote'; } ### Voting feature in On if (get_option('wpv-voting-onoff') == 'On') { ### Registered user if (is_user_logged_in() || $allow_public_vote) { ### Unlogged in if (!is_user_logged_in() && $allow_public_vote) { $user_ID = 0; } ### Cannot vote their own post (Voting is disallowed) and show vote count and voted btn if ($user_ID == $author_ID && !$allow_author_vote) { $output .= '<div class="wpv_postvote">' . '<span class="wpv_votewidget" id="wpvvotewidget' . get_the_ID() . '">' . '<span class="wpv_votecount" id="wpvvotecount' . get_the_ID() . '">' . '<span class="wpv_vcount">' . $curr_votes . ' </span>' . $voted_custom_txt . '</span>' . '<span class="wpv_votebtncon">' . '<span class="wpv_votebtn" id="wpvvoteid' . get_the_ID() . '">' . '<span class="wpv_voted_icon"></span>' . '<span class="wpv_votebtn_txt wpv_votedbtn_txt">' . $vote_btn_custom_txt . '</span>' . '</span>' . '</span>' . '</span>' . '</div>'; } else { ### New vote, so allowed and show vote count and vote btn if (!wpv_voting_user_voted($postID, $user_ID, $author_ID, $user_IP)) { $output .= '<div class="wpv_postvote">' . '<span class="wpv_votewidget" id="wpvvotewidget' . get_the_ID() . '">' . '<span class="wpv_votecount" id="wpvvotecount' . get_the_ID() . '">' . '<img title="Loading" alt="Loading" src="' . get_bloginfo('url') . '/wp-content/plugins/wp-voting/images/ajax-loader.gif" class="loadingimage" style="visibility: hidden; display: none;"/>' . '<span class="wpv_vcount">' . $curr_votes . ' </span>' . $voted_custom_txt . '</span>' . '<span class="wpv_votebtncon">' . '<span class="wpv_votebtn" id="wpvvoteid' . get_the_ID() . '">' . '<a title="vote" class="wpv_voting" href="javascript:void(0)" >' . '<span class="wpv_vote_icon"></span>' . '<span class="wpv_votebtn_txt">' . $vote_btn_custom_txt . '</span>' . '<input type="hidden" class="postID" value="' . $postID . '" />' . '<input type="hidden" class="userID" value="' . $user_ID . '" />' . '<input type="hidden" class="authorID" value="' . $author_ID . '" />' . '</a>' . '<span class="wpv_voted_icon" style="display: none;"></span>' . '<span class="wpv_votebtn_txt wpv_votedbtn_txt" style="display: none;">' . $vote_btn_custom_txt . '</span>' . '</span>' . '</span>' . '</span>' . '</div>'; } else { $output .= '<div class="wpv_postvote">' . '<span class="wpv_votewidget" id="wpvvotewidget' . get_the_ID() . '">' . '<span class="wpv_votecount" id="wpvvotecount' . get_the_ID() . '">' . '<span class="wpv_vcount">' . $curr_votes . ' </span>' . $voted_custom_txt . '</span>' . '<span class="wpv_votebtncon">' . '<span class="wpv_votebtn" id="wpvvoteid' . get_the_ID() . '">' . '<span class="wpv_voted_icon"></span>' . '<span class="wpv_votebtn_txt wpv_votedbtn_txt">' . $vote_btn_custom_txt . '</span>' . '</span>' . '</span>' . '</span>' . '</div>'; } } } else { $output .= '<div class="wpv_postvote">' . '<span class="wpv_votewidget" id="wpvvotewidget' . get_the_ID() . '">' . '<span class="wpv_votecount" id="wpvvotecount' . get_the_ID() . '">' . '<span class="wpv_vcount">' . $curr_votes . ' </span>' . $voted_custom_txt . '</span>' . '<span class="wpv_votebtncon">' . '<span class="wpv_votebtn" id="wpvvoteid' . get_the_ID() . '">' . '<a title="vote" href="javascript:wpv_regopen();">' . '<span class="wpv_vote_icon"></span>' . '<span class="wpv_votebtn_txt">' . $vote_btn_custom_txt . '</span>' . '</a>' . '</span>' . '</span>' . '</span>' . '</div>'; } } else { $output .= '<div class="wpv_postvote">' . '<span class="wpv_votewidget" id="wpvvotewidget' . get_the_ID() . '">' . '<span class="wpv_votecount" id="wpvvotecount' . get_the_ID() . '">' . '<span class="wpv_vcount">' . $curr_votes . ' </span>' . $voted_custom_txt . '</span>' . '</span>' . '</div>'; } return $output; }