/**
* Helper function to create the URL for an admin page.
*
* @param mixed string or array containing query string contents
* @param boolean automatically add existing GET parameters again
* @return string complete url
*/
public static function url($params = NULL, $preserve_get = TRUE)
{
$url = ThumbsUp::config('url') . 'admin/';
// Convert to params to an array
if (!is_array($params)) {
parse_str((string) $params, $params);
}
// Add existing GET params to the query string
if ($preserve_get) {
$params += $_GET;
}
// Only prepend "?" if the query string is not empty
$query = rtrim('?' . http_build_query($params, '', '&'), '?');
return $url . $query;
}
<link rel="stylesheet" href="<?php
echo ThumbsUp::config('url') . 'admin/css/admin.css';
?>
" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script>
$(document).ready(function() {
// Total items found count
var $total_items = $('#total_items');
// Spinner image
var spinner = '<img class="spinner" alt="" src="<?php
echo ThumbsUp::config('url') . 'images/spinner_small.gif';
?>
" />';
// Auto-submit pagination forms
$('#page, #items_per_page').change(function() {
$(this).closest('form').submit();
});
// Delete an item
$('a.delete').click(function() {
var $this = $(this),
$row = $this.closest('tr');
// Show a spinner
$this.html(spinner);
/**
* Generates and executes the query.
*
* @return array array of items
*/
public function get()
{
// Start building the query
$sql = 'SELECT id, name, closed, date, votes_up, votes_down, ';
$sql .= 'votes_up - votes_down AS votes_balance, ';
$sql .= 'votes_up + votes_down AS votes_total, ';
$sql .= 'votes_up / (votes_up + votes_down) * 100 AS votes_pct_up, ';
$sql .= 'votes_down / (votes_up + votes_down) * 100 AS votes_pct_down ';
$sql .= 'FROM ' . ThumbsUp::config('database_table_prefix') . 'items ';
// Select only either open or closed items
if ($this->closed !== NULL) {
$where[] = 'closed = ' . (int) $this->closed;
}
// Select only either open or closed items
if ($this->name !== NULL) {
// Note: substr() is used to chop off the wrapping quotes
$where[] = 'name LIKE "%' . substr(ThumbsUp::db()->quote($this->name), 1, -1) . '%"';
}
// Append all query conditions if any
if (!empty($where)) {
$sql .= ' WHERE ' . implode(' AND ', $where);
}
// We need to order the results
if ($this->orderby) {
$sql .= ' ORDER BY ' . $this->orderby;
} else {
// Default order
$sql .= ' ORDER BY name ';
}
// A limit has been set
if ($this->limit) {
$sql .= ' LIMIT ' . (int) $this->limit;
}
// Wrap this in an try/catch block just in case something goes wrong
try {
// Execute the query
$sth = ThumbsUp::db()->prepare($sql);
$sth->execute(array($this->name));
} catch (PDOException $e) {
// Rethrow the exception in debug mode
if (ThumbsUp::config('debug')) {
throw $e;
}
// Otherwise, fail silently and just return an empty item array
return array();
}
// Initialize the items array that will be returned
$items = array();
// Fetch all results
while ($row = $sth->fetch(PDO::FETCH_OBJ)) {
// Return an item_id => item_name array
$items[] = array('id' => (int) $row->id, 'name' => $row->name, 'closed' => (bool) $row->closed, 'date' => (int) $row->date, 'votes_up' => (int) $row->votes_up, 'votes_down' => (int) $row->votes_down, 'votes_pct_up' => (double) $row->votes_pct_up, 'votes_pct_down' => (double) $row->votes_pct_down, 'votes_balance' => (int) $row->votes_balance, 'votes_total' => (int) $row->votes_total);
}
return $items;
}
/**
* Deletes the item and all votes for it.
*
* @return void
*/
public function delete()
{
// Delete all registered votes for this item
$sth = ThumbsUp::db()->prepare('DELETE FROM ' . ThumbsUp::config('database_table_prefix') . 'votes WHERE item_id = ?');
$sth->execute(array($this->id));
// Delete the item itself
$sth = ThumbsUp::db()->prepare('DELETE FROM ' . ThumbsUp::config('database_table_prefix') . 'items WHERE id = ?');
$sth->execute(array($this->id));
}
*
* @author Geert De Deckere <*****@*****.**>
* @link http://geertdedeckere.be/shop/thumbsup/
* @copyright Copyright 2009-2010
*/
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>ThumbsUp Admin</title>
<link rel="stylesheet" href="<?php
echo ThumbsUp::config('url') . 'admin/css/admin.css';
?>
" />
</head>
<body class="login">
<noscript>
<p class="center"><strong>The ThumbsUp admin area requires JavaScript to be enabled.</strong></p>
</noscript>
<form id="login" method="post">
<h1>ThumbsUp Admin</h1>
<?php
<?php
/**
* ThumbsUp
*
* @author Geert De Deckere <*****@*****.**>
* @link http://geertdedeckere.be/shop/thumbsup/
* @copyright Copyright 2009-2010
*/
sleep(1);
// The path pointing to the thumbsup directory.
// We chop off the "admin" part here.
define('THUMBSUP_DOCROOT', substr(realpath(dirname(__FILE__)), 0, -5));
// Load the required ThumbsUp classes
require THUMBSUP_DOCROOT . 'classes/thumbsup.php';
require THUMBSUP_DOCROOT . 'classes/thumbsup_cookie.php';
require THUMBSUP_DOCROOT . 'classes/thumbsup_admin.php';
require THUMBSUP_DOCROOT . 'classes/thumbsup_item.php';
require THUMBSUP_DOCROOT . 'classes/thumbsup_template.php';
// Debug mode is enabled
if (ThumbsUp::config('debug')) {
// Enable all error reporting
ThumbsUp::debug_mode();
}
// Enable support for json functions
ThumbsUp::json_support();
// Power to the admin class!
new ThumbsUp_Admin(empty($_GET['action']) ? NULL : (string) $_GET['action']);
/**
* Looks at the POST data to catch a possible new vote. If one, the vote is
* completely validated first before being registered.
*
* @return boolean TRUE if a new vote was cast; FALSE otherwise
*/
public static function catch_vote()
{
// Immediately get out of here if no valid vote was cast.
// All required POST keys must be present.
if (!isset($_POST['thumbsup_id']) or !isset($_POST['thumbsup_vote']) or !isset($_POST['thumbsup_format'])) {
return FALSE;
}
// Has somebody been messing with the form?
// Well, we won't let them mess with us!
if (!preg_match('/^[0-9]++$/D', (string) $_POST['thumbsup_id']) or !is_string($format = $_POST['thumbsup_format'])) {
return FALSE;
}
// Clean form input
$id = (int) $_POST['thumbsup_id'];
$vote = (int) $_POST['thumbsup_vote'];
// Attempt to load the relevant ThumbsUp item.
// If the item doesn't exist, the id is invalid.
if (!($item = ThumbsUp_Item::load($id))) {
$error = 'invalid_id';
} elseif ($item->closed) {
$error = 'closed';
} elseif ($item->user_voted) {
$error = 'already_voted';
} elseif (ThumbsUp::config('user_login_required') and !self::get_user_id()) {
$error = 'login_required';
}
// All checks passed, yay!
if (empty($error)) {
// Update the vote count in the items table, and recalculate the vote results
$item->cast_vote($vote);
}
// Send an ajax response
if (self::is_ajax()) {
// Send the item back in JSON format
header('Content-Type: application/json; charset=utf-8');
if (!empty($error)) {
// Send back the error
echo json_encode(array('error' => $error));
} else {
// Format the result using the same format the item was created with
$item->format($format);
// Send back the updated item.
// Note: all the public properties of $item will be included.
echo json_encode(array('item' => $item));
}
}
// A new vote has been cast successfully
return empty($error);
}
/**
* Deletes the cookie completely.
*
* @return boolean was setcookie() successful or not?
*/
public static function delete()
{
// Delete cookie contents
self::$cookie = '';
unset($_COOKIE[ThumbsUp::config('cookie_name')]);
// If any output has been sent, setcookie() will fail.
// If we're not in debug mode, we'll fail silently.
if (headers_sent() and !ThumbsUp::config('debug')) {
return FALSE;
}
// Setting a cookie with a value of FALSE will try to delete it
return setcookie(ThumbsUp::config('cookie_name'), FALSE, time() - 86400, ThumbsUp::config('cookie_path'), ThumbsUp::config('cookie_domain'));
}
