<?php
// require header for db connections
$include_mysqli = true;
require_once "_resources/header.inc.php";
if (!empty($_SESSION["user_key"])) {
$user_key = $_SESSION["user_key"];
if (valid_positive_integer(@$_GET["content_key"])) {
$content_key = $_GET["content_key"];
if (!empty($_GET["vote_value"])) {
$vote_value = $_GET["vote_value"];
if ($vote_value == -2 || $vote_value == -1 || $vote_value == 1) {
// BEGIN validation wrapper
// call the sql precedue to do the voting
$sql = "CALL create_vote(?,?,?)";
if (!($stmt = $mysqli_connection->prepare($sql))) {
echo "Prepare failed: (" . $mysqli_connection->errno . ") " . $mysqli_connection->error;
} else {
$stmt->bind_param('iii', $user_key, $content_key, $vote_value);
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") ";
} else {
$stmt->store_result();
$stmt->bind_result($response);
$stmt->fetch();
echo "{$response}";
}
}
// END validation wrapper
} else {
echo "ERROR: invalid vote value!";
<?php
$include_mysqli = true;
require_once "_resources/header.inc.php";
if (valid_positive_integer(@$_POST["parent_content_key"])) {
$parent_content_key = "{$_POST['parent_content_key']}";
} else {
$parent_content_key = NULL;
}
if (!empty($_SESSION["user_key"])) {
$user_key = $_SESSION["user_key"];
}
if (!empty($_POST["content_value"])) {
$content_value = htmlentities($_POST["content_value"]);
}
if (empty($_POST["content_title"])) {
$content_title = NULL;
} else {
$content_title = htmlentities($_POST["content_title"]);
}
if (!empty($user_key) && !empty($content_value) && !empty($mysqli_connected)) {
$stmt = $mysqli_connection->prepare("CALL create_content(?,?,?,?)") or die($mysqli_connection->error);
$stmt->bind_param('iiss', $user_key, $parent_content_key, $content_title, $content_value);
$stmt->execute();
$stmt->store_result();
// get variables from result.
$stmt->bind_result($new_content_key);
$stmt->fetch();
$stmt->close();
echo "<script>window.location = '?content_key={$new_content_key}'</script>";
} else {
