diff options
| author | ilotterytea <iltsu@alright.party> | 2025-12-08 21:53:36 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-12-08 21:53:36 +0500 |
| commit | 57472eab3c7b035392c6a5aa240593ecaa7d1ccf (patch) | |
| tree | 9da30829290f225be2dab3d383549cbfda82ed19 /public/emotes/rate.php | |
| parent | 6541d0f3888862ab049055fd418b700f73eed367 (diff) | |
upd: moved all /public/ files to the root folder
Diffstat (limited to 'public/emotes/rate.php')
| -rw-r--r-- | public/emotes/rate.php | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/public/emotes/rate.php b/public/emotes/rate.php deleted file mode 100644 index 1e8eb67..0000000 --- a/public/emotes/rate.php +++ /dev/null @@ -1,63 +0,0 @@ -<?php -include_once "../../src/alert.php"; -include_once "../../src/utils.php"; -include_once "../../src/config.php"; -include_once "../../src/accounts.php"; - -if (!RATING_ENABLE) { - generate_alert("/404.php", "Emote ratings are disabled", 403); - exit; -} - -if (!authorize_user(true)) { - exit; -} - -if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_rate"]) { - generate_alert("/404.php", "Not enough permissions", 403); - exit; -} - -$id = str_safe($_POST["id"] ?? "0", 32); -$rate = intval(str_safe($_POST["rate"] ?? "0", 2)); - -if ($id == 0 || $rate == 0) { - generate_alert("/emotes" . (isset($_POST["id"]) ? "?id=" . $_POST["id"] : ""), "Not enough POST fields"); - exit; -} - -$db = new PDO(DB_URL, DB_USER, DB_PASS); - -// checking if emote exists -$stmt = $db->prepare("SELECT id FROM emotes WHERE id = ?"); -$stmt->execute([$id]); -if ($stmt->rowCount() != 1) { - generate_alert("/emotes", "Emote ID $id does not exist", 404); - exit; -} - -// checking if user has already given a rate -$stmt = $db->prepare("SELECT id FROM ratings WHERE user_id = ? AND emote_id = ?"); -$stmt->execute([$_SESSION["user_id"], $id]); -if ($stmt->rowCount() != 0) { - generate_alert("/emotes?id=$id", "You have already given a rate for this emote!", 403); - exit; -} - -// giving a rate -$stmt = $db->prepare("INSERT INTO ratings(user_id, emote_id, rate) VALUES (?, ?, ?)"); -$stmt->execute([$_SESSION["user_id"], $id, clamp($rate, -2, 2)]); - -if (CLIENT_REQUIRES_JSON) { - $stmt = $db->prepare("SELECT * FROM ratings WHERE id = ?"); - $stmt->execute([$db->lastInsertId()]); - - json_response([ - "status_code" => 200, - "message" => "Rated!", - "data" => $stmt->fetch(PDO::FETCH_ASSOC) - ]); - exit; -} - -generate_alert("/emotes?id=$id", "Rated!", 200); |