Файл: ajax/media/comments/who.php
Строк: 127
<?php
/**
* who like|dislike|favorite media comments
*
* @package Sngine
* @author Zamblek
*/
// fetch kernal
$depth = '../../../';
require($depth.'kernal.php');
// check AJAX Request
if(!IsAJAX()) {
header('Location: '.SITE_URL);
}
// check user exist
if(!$userExist) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Not Logged In</div><div class="popupContent"><div class="pt5 pb5 pr5 pl5 fs12 white">Please log in to continue.</div></div>');
}
// check user verified
if($userArray['Verified'] == "N") {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Confirm Your Email Address</div><div class="popupContent"><div class="pt5 pb5 pr5 pl5"><p class="fs11 mb10 tjustify">Before you can interact with other users, you need to confirm your email address. A confirmation email has been sent to <span class="blue fwb">'.$userArray['UserEmail'].'</span>. Check your email to complete your account confirmation.</p><p><small>Don't see the confirmation email? <span class="uiButtonText blue resendEmail">Resend to '.$userArray['UserEmail'].'</span></small><br/><small>Don't have access to '.$userArray['UserEmail'].'? <span class="uiButtonText blue changeEmail">Change your contact email.</span></small></p></div></div>');
}
// check page parameters
if(!isset($_POST['id']) || !isset($_POST['view'])) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('parameters error[1] @/ajax/media/comments/who'.'</div>'));
}
// valid inputs
$valid['view'] = array('like', 'dislike');
if(!in_array($_POST['view'], $valid['view'])) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('parameters error[2] @/ajax/media/comments/who'.'</div>'));
}
// parse parameters
if(!preg_match('/^([0-9]+)$/', $_POST['id'])) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('parameters error[3] @/ajax/media/comments/who'.'</div>'));
}
// check if valid comment
$checkComment = $db->query(sprintf("SELECT * FROM posts_comments_media WHERE ID = %s", SafeSQL($_POST['id'], 'int') )) or die('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('sql error #1 @/ajax/media/comments/who'.'</div>'));
if($checkComment->num_rows == 0) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent"><div class="highlightContianer">This content is unavailable, It may be deleted by the author</div></div>');
}
// who like
if($_POST['view'] == "like") {
$getUsers = $db->query(sprintf("SELECT user.UserID, user.UserName, user.UserFirstName, user.UserLastName, user.UserAvatarPathMedium AS UserAvatarPath FROM users_comments_media_likes stats INNER JOIN users user ON stats.UserID = user.UserID WHERE stats.CommentID = %s AND stats.Liked = 'Y' LIMIT 0,".$systemSetting['MaxWho'], SafeSQL($_POST['id'], 'int') )) or die('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('sql error #2 @/ajax/media/comments/who'.'</div>'));
// who dislike
}elseif ($_POST['view'] == "dislike") {
$getUsers = $db->query(sprintf("SELECT user.UserID, user.UserName, user.UserFirstName, user.UserLastName, user.UserAvatarPathMedium AS UserAvatarPath FROM users_comments_media_likes stats INNER JOIN users user ON stats.UserID = user.UserID WHERE stats.CommentID = %s AND stats.Liked = 'N' LIMIT 0,".$systemSetting['MaxWho'], SafeSQL($_POST['id'], 'int') )) or die('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent">'.ReportError('sql error #3 @/ajax/media/comments/who'.'</div>'));
}
if($getUsers->num_rows == 0) {
exit('<div class="popupHeader"><div class="button-close popup right" onclick="$.popups._hide();"></div>Error</div><div class="popupContent"><div class="errorContianer">There is no one '.$_POST['view'].'s this comment right now.</div></div>');
}
while($userWho = $getUsers->fetch_array(MYSQLI_ASSOC)) {
// check if post writer in user followings
$userWho['FollowingHim'] = (in_array($userWho['UserID'], $userFollowings))? true: false;
$usersWho[] = $userWho;
}
// assign variables
$smarty->assign('usersWho', $usersWho);
$smarty->assign('usersWhoNums', count($usersWho));
$smarty->assign('view', $_POST['view']);
// page footer
PageFooter("popup.who");
?>