claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Argument checks and use include/db.php

Browse Source
This commit is contained in:
Paul van Schayck
2005-01-05 05:26:33 +00:00
committed by WineHQ
parent 98938b4e64
commit 6aa5c76994
1 changed files with 58 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
include/rating.php
View File

@@ -11,7 +11,7 @@ function rating_current_for_user($versionId, $system)
$userId = $_SESSION['current']->userid;
$result = mysql_query("SELECT score FROM appRating WHERE versionId = $versionId AND system = '$system' AND userId = $userId");
$result = query_appdb("SELECT score FROM appRating WHERE versionId = $versionId AND system = '$system' AND userId = $userId");
if(!$result)
return 0;
$ob = mysql_fetch_object($result);
@@ -80,7 +80,7 @@ function rating_menu()
*/
function rating_for_version($versionId, $system)
{
$result = mysql_query("SELECT avg(score) as rating, count(id) as hits FROM appRating ".
$result = query_appdb("SELECT avg(score) as rating, count(id) as hits FROM appRating ".
"WHERE versionId = $versionId and system = '$system'");
if(!$result)
return 0;
@@ -155,40 +155,66 @@ function rating_update($vars)
}
$userId = $_SESSION['current']->userid;
if(is_numeric($vars['versionId']))
$versionId = $vars["versionId"];
else
return;
if(is_numeric($vars['score_w']))
$score_w = $vars["score_w"];
else
return;
if(is_numeric($vars['score_f']))
$score_f = $vars["score_f"];
else
return;
if($score_w)
{
$result = mysql_query("SELECT * FROM appRating WHERE versionId = $versionId AND ".
$result = query_appdb("SELECT * FROM appRating WHERE versionId = $versionId AND ".
"userId = $userId AND system = 'windows'");
if($result && mysql_num_rows($result))
{
$ob = mysql_fetch_object($result);
mysql_query("UPDATE appRating SET score = $score_w WHERE id = $ob->id");
query_appdb("UPDATE appRating SET score = $score_w WHERE id = $ob->id");
}
else
mysql_query("INSERT INTO appRating VALUES (null, null, $versionId, $userId, 'windows', $score_w)");
{
$aInsert = compile_insert_string( array( 'versionId' => $versionId,
'userId' => $userId,
'system' => 'windows',
'score' => $score_w));
query_appdb("INSERT INTO appRating ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})");
}
$r = rating_for_version($versionId, "windows");
mysql_query("UPDATE appVersion SET rating_windows = $r->rating WHERE versionId = $versionId");
query_appdb("UPDATE appVersion SET rating_windows = $r->rating WHERE versionId = $versionId");
}
if($score_f)
{
$result = mysql_query("SELECT * FROM appRating WHERE versionId = $versionId AND ".
$result = query_appdb("SELECT * FROM appRating WHERE versionId = $versionId AND ".
"userId = $userId AND system = 'fake'");
if($result && mysql_num_rows($result))
{
$ob = mysql_fetch_object($result);
mysql_query("UPDATE appRating SET score = $score_f WHERE id = $ob->id");
query_appdb("UPDATE appRating SET score = $score_f WHERE id = $ob->id");
}
else
mysql_query("INSERT INTO appRating VALUES (null, null, $versionId, $userId, 'fake', $score_f)");
{
$aInsert = compile_insert_string( array( 'versionId' => $versionId,
'userId' => $userId,
'system' => 'fake',
'score' => $score_f));
query_appdb("UPDATE appVersion SET rating_windows = $r->rating WHERE versionId = $versionId");
}
$r = rating_for_version($versionId, "fake");
mysql_query("UPDATE appVersion SET rating_fake = $r->rating WHERE versionId = $versionId");
query_appdb("UPDATE appVersion SET rating_fake = $r->rating WHERE versionId = $versionId");
}
}