function Html_catalog_ratings()
{
$getRatings = getRatings();
?>
<style>
html.wp-toolbar {
padding:0px !important;
}
#wpadminbar,#adminmenuback,#screen-meta, .update-nag,#dolly {
display:none;
}
#wpbody-content {
padding-bottom:30px;
}
#adminmenuwrap {display:none !important;}
.auto-fold #wpcontent, .auto-fold #wpfooter {
margin-left: 0px;
}
#wpfooter {display:none;}
iframe {height:250px !important;}
#TB_window {height:250px !important;}
</style>
<script type="text/javascript">
jQuery(document).ready(function() {
jQuery('#check_all_ratings').click(function() {
if(jQuery("#check_all_ratings").is(':checked'))
jQuery(".del_one_rating").each(function(){
jQuery(this).attr('checked',true);
});
else
jQuery(".del_one_rating").each(function(){
jQuery(this).attr('checked',false);
});
});
jQuery(".del_one_rating").click(function() {
if(jQuery("#check_all_ratings").is(':checked')) {
jQuery("#check_all_ratings").attr('checked',false);
}
});
jQuery('.del_few_ratings').on('click',function(){
del_few_ratings();
});
function del_few_ratings() {
var ratings_for_delete = [];
jQuery(".del_one_rating").each(function(){
if(jQuery(this).is(':checked')) {
ratings_for_delete.push(jQuery(this).val());
}
});
// alert(ratings_for_delete);
var data = {
action: 'my_action',
post: 'delanyratings',
ratings_for_delete: ratings_for_delete
};
jQuery.post(ajaxurl, data, function(response) { // alert(response);
if(response == 1) { // alert(reviews_for_delete);
var forEach = Function.prototype.call.bind( Array.prototype.forEach );
forEach( ratings_for_delete, function( node ) { // alert( node );
var class_for_delete = "." + node; // alert(jQuery(class_for_delete).val());
jQuery(class_for_delete).parent().parent().remove();
});
}
});
}
jQuery('.edit_rating_ip').on('change',function(){
var rating_new_id = jQuery(this).parent().siblings(':first-child').find("input[name='rating_values_for_delete']").val(); // alert(rating_new_id);
var rating_new_ip = jQuery(this).val(); // alert(com_new_name);
var data = {
action: 'my_action',
post: 'editratingip',
rating_new_ip: rating_new_ip,
rating_new_id: rating_new_id
};
jQuery.post(ajaxurl, data, function(response) { // alert(response);
if(response == 1) { // alert(reviews_for_delete);
jQuery('input').blur(); // alert("ay des vor uzum es karum es.");
}
});
});
jQuery('.edit_rating_value').on('change',function(){
var rating_new_id = jQuery(this).parent().siblings(':first-child').find("input[name='rating_values_for_delete']").val(); // alert(com_new_id);
var rating_new_value = jQuery(this).val(); // alert(rating_new_value);
var data = {
action: 'my_action',
post: 'editratingvalue',
rating_new_value: rating_new_value,
rating_new_id: rating_new_id
};
jQuery.post(ajaxurl, data, function(response) { // alert(response);
if(response == 1) { // alert(reviews_for_delete);
jQuery('input').blur(); // alert("ay des vor uzum es karum es.");
}
else {
// alert("Ajax Error.");
}
});
});
jQuery("#huge_it_view_ratings_wrap .manager-link").click(function(){
self.parent.tb_remove();
self.parent.location.assign('admin.php?page=huge_it_catalog_ratings_page');
});
});
</script>
<div id="huge_it_view_ratings">
<div id="huge_it_view_ratings_wrap">
<h2><?php
echo __("Product Ratings", "product-catalog");
?>
</h2>
<a class="manager-link button"><?php
echo __("All Ratings Manager", "product-catalog");
?>
</a>
<div class="huge_it_prod_ratings_container">
<table>
<tr><th><input type="checkbox" id="check_all_ratings"/></th><th>IP <?php
echo __("Adress", "product-catalog");
?>
</th><th><?php
echo __("Value", "product-catalog");
?>
</th><th class="del_few_ratings"><a class=""><?php
echo __("Delete", "product-catalog");
?>
</a></th></tr>
</table>
<table style="border-collapse: collapse;">
<?php
foreach ($getRatings as $rating) {
?>
<tr style="border-bottom: 1pt solid #eee;">
<td><input type="checkbox" class="del_one_rating <?php
echo $rating->id;
?>
" value="<?php
echo $rating->id;
?>
" name="rating_values_for_delete" /></td>
<td><input type="text" value="<?php
echo $rating->ip;
?>
" style="text-align: center; border: none;" class="edit_rating_ip" /></td>
<td><input type="text" value="<?php
echo $rating->value;
?>
" style="text-align: center; border: none;" class="edit_rating_value" /></td>
<td class="del_rating"><a href="admin.php?page=catalogs_huge_it_catalog&id=<?php
echo $_GET['id'];
?>
&task=ratings&prod_id=<?php
echo $rating->prod_id;
?>
&del_id=<?php
echo $rating->id;
?>
"><?php
echo __("Delete", "product-catalog");
?>
</a></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</div>
<?php
}
<option value="-1">Choose A Genre</option>
<?php
$movieGenres = getGenres();
foreach ($movieGenres as $genre) {
echo "<option value='" . $genre['genre'] . "'>" . $genre['genre'] . "</option>";
}
?>
</select>
</td>
<td>
<h3>Rating</h3>
<select size="1" name="rating">
<option value="-1">Choose A Rating</option>
<?php
$movieRatings = getRatings();
foreach ($movieRatings as $rating) {
echo "<option value='" . $rating['rating'] . "'>" . $rating['rating'] . "</option>";
}
?>
</select>
</td>
<td style="vertical-align: bottom;">
<input type="submit" value="Search" size="50"><img src="popcorn-icon.png">
</form>
</td></tr>
</table>
<table id="results">
}
*/
if (!isset($_SESSION['FBID'])) {
$_SESSION['FBID'] = "notfblogin";
/*OLD CODE
$_SESSION['visitor_name']=$_POST['visitor_name'];
$_SESSION['visitor_email']=$_POST['visitor_email'];
$_SESSION['visitor_location']=$_POST['visitor_location'];
$_SESSION['company_name']=$_POST['company_name'];*/
//NEW CODE WITH FILTERING INPUT
// By Jay Shah On 21st July, 2015 at 14:18:31
$_SESSION['visitor_name'] = filter_input(INPUT_POST, 'visitor_name', FILTER_SANITIZE_STRING);
$_SESSION['visitor_email'] = filter_input(INPUT_POST, 'visitor_email', FILTER_VALIDATE_EMAIL);
$_SESSION['visitor_location'] = filter_input(INPUT_POST, 'visitor_location', FILTER_SANITIZE_STRING);
$_SESSION['company_name'] = filter_input(INPUT_POST, 'company_name', FILTER_SANITIZE_STRING);
} else {
$_SESSION['visitor_name'] = $_SESSION['FULLNAME'];
$_SESSION['visitor_email'] = $_SESSION['EMAIL'];
$_SESSION['visitor_location'] = $_SESSION['LOCATION'];
$_SESSION['company_name'] = "fblogin";
}
include_once "../../../thfl-admin/model/functions.php";
include_once "../../../thfl-admin/model/db_config.php";
$xml = simplexml_load_file("../../../thfl-admin/config.xml") or die("Error: Cannot load configuration file");
$_SESSION['hash'] = hash("md5", time());
$sql_query = "INSERT INTO " . RESULT_TABLE . " SET name='" . $_SESSION['visitor_name'] . "', email='" . $_SESSION['visitor_email'] . "', location='" . $_SESSION['visitor_location'] . "',companyName='" . $_SESSION['company_name'] . "', quizName='" . $xml->Configuration->NameofActivity . "',hashtag='" . $_SESSION['hash'] . "',field1='" . $_SESSION['FBID'] . "',session_id='" . session_id() . "',ip_address='" . get_client_ip() . "',user_agent='" . $_SERVER['HTTP_USER_AGENT'] . "'";
runQuery($sql_query);
$_SESSION['ratings'] = getRatings($_SESSION['visitor_email']);
unset($_SESSION['form_token']);
$_SESSION['isLoggedIn'] = true;
echo "Login Successful";
