Файл: public_html/modules/forum/post_evaluation.php
Строк: 20
<?php
if($db->query("SELECT * FROM `forum_pt` WHERE `id` = '".abs(intval($_GET['id']))."'")->rowCount() == 0) {
go('/forum/');
exit;
}
$post = $db->query("SELECT * FROM `forum_pt` WHERE `id` = '".abs(intval($_GET['id']))."'")->fetch();
$top = $db->query("SELECT * FROM `forum_evaluation` WHERE `topic_id` = '". $post['topic_id'] ."' AND `user_id` = '". $user['id'] ."' AND `user_post` = '". $post['user_id'] ."'")->rowCount();
$user_post = $db->query("SELECT * FROM `users` WHERE `id` = '".$post['user_id']."'")->fetch();
if (isset($user) && $top <= 0 && $post['user_id'] != $user['id']) {
if ($_GET['act'] == plus or $_GET['act'] == minus) {
$post = $db->query("SELECT * FROM `forum_pt` WHERE `id` = '".abs(intval($_GET['id']))."'")->fetch();
$db->query("INSERT INTO `forum_evaluation`(`user_post`, `user_id`, `topic_id`, `post_id`, `status`) VALUES('". $post['user_id'] ."', '". $user['id'] ."', '". $post['topic_id'] ."', '". $post['id'] ."', '".$_GET['act']."')");
if ($_GET['act'] == plus) {
$db->query("UPDATE `users` SET `reit` = '".($user_post['reit']+0.01)."' WHERE `id` = '".$user_post['id'] . "'");
$db->query("INSERT INTO `notify` SET `user_id` = '". $user_post['id'] ."', `from_id` ='". $user['id'] ."', `request_id` = '".$post['topic_id']."', `type` = 'notify_topic_plus', `read` = '0', `time` = '". time() ."'");
} elseif ($_GET['act'] == minus) {
$db->query("UPDATE `users` SET `reit` = '".($user_post['reit']-0.01)."' WHERE `id` = '".$user_post['id'] . "'");
}
$locate = 'in_forum';
$title = $lang->word('forum');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('forum'));
$tpl->div('menu', 'Оценка поставлена!<br /><a href="javascript:history.back(-1);">Продолжить</a>');
$tpl->div('block', NAV.' <a href="/forum/">'. $lang->word('forum') .'</a><br/>' . HICO .' <a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
exit;
} else {
go('/forum/');
exit;
}
} else {
go('/forum/');
exit;
}
?>