From f3bc9fd394e9efc8cc9c6408c6e94d539f05c452 Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Tue, 22 Apr 2025 14:16:52 +0500
Subject: feat: ratings

---
 public/emotes/index.php | 51 ++++++++++++++++++++++++++---------------------
 public/emotes/rate.php  | 53 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 81 insertions(+), 23 deletions(-)
 create mode 100644 public/emotes/rate.php

(limited to 'public/emotes')

diff --git a/public/emotes/index.php b/public/emotes/index.php
index 5224433..4cddc47 100644
--- a/public/emotes/index.php
+++ b/public/emotes/index.php
@@ -8,12 +8,13 @@ include "../../src/alert.php";
 
 authorize_user();
 
-function display_list_emotes(int $page, int $limit): array
+$db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+function display_list_emotes(PDO &$db, int $page, int $limit): array
 {
     $search = $_GET["q"] ?? "";
     $user_id = $_SESSION["user_id"] ?? "-1";
     $offset = $page * $limit;
-    $db = new PDO(DB_URL, DB_USER, DB_PASS);
     $stmt = $db->prepare("SELECT e.*,
     CASE WHEN EXISTS (
         SELECT 1
@@ -61,9 +62,8 @@ function display_list_emotes(int $page, int $limit): array
     return $emotes;
 }
 
-function display_emote(int $id)
+function display_emote(PDO &$db, int $id)
 {
-    $db = new PDO(DB_URL, DB_USER, DB_PASS);
     $stmt = $db->prepare("SELECT * FROM emotes WHERE id = ?");
     $stmt->execute([$id]);
 
@@ -93,12 +93,14 @@ $emote = null;
 
 $id = $_GET["id"] ?? "";
 
+$db = new PDO(DB_URL, DB_USER, DB_PASS);
+
 if ($id == "" || !is_numeric($id)) {
     $page = intval($_GET["p"] ?? "0");
     $limit = 50;
-    $emotes = display_list_emotes($page, $limit);
+    $emotes = display_list_emotes($db, $page, $limit);
 } else {
-    $emote = display_emote(intval($id));
+    $emote = display_emote($db, intval($id));
 }
 ?>
 
@@ -144,7 +146,6 @@ if ($id == "" || !is_numeric($id)) {
                                 echo '' ?>
                                 <div class="items row left full">
                                     <?php
-                                    $db = new PDO(DB_URL, DB_USER, DB_PASS);
                                     $added = false;
 
                                     if (isset($_SESSION["user_emote_set_id"])) {
@@ -152,8 +153,6 @@ if ($id == "" || !is_numeric($id)) {
                                         $stmt->execute([$_SESSION["user_emote_set_id"], $emote->get_id()]);
                                         $added = $stmt->rowCount() > 0;
                                     }
-
-                                    $db = null;
                                     ?>
                                     <form action="/emotes/setmanip.php" method="POST">
                                         <input type="text" name="id" value="<?php echo $emote->get_id() ?>"
@@ -172,20 +171,26 @@ if ($id == "" || !is_numeric($id)) {
                                     </form>
                                 </div>
                                 <div class="items row right full">
-                                    <form action="/emotes/rate.php" method="POST">
-                                        <input type="text" name="id" value="<?php echo $emote->get_id() ?>"
-                                            style="display: none;">
-                                        <input type="text" name="rate" value="5" style="display:none;">
-                                        <button type="submit" class="transparent gem"><img src="/static/img/icons/gem.png"
-                                                alt="GEM!" title="IT'S A GEM!"></button>
-                                    </form>
-                                    <form action="/emotes/rate.php" method="POST">
-                                        <input type="text" name="id" value="<?php echo $emote->get_id() ?>"
-                                            style="display: none;">
-                                        <input type="text" name="rate" value="1" style="display:none;">
-                                        <button type="submit" class="transparent coal"><img src="/static/img/icons/coal.png"
-                                                alt="COAL!" title="IT'S A COAL!"></button>
-                                    </form>
+                                    <?php
+                                    $stmt = $db->prepare("SELECT rate FROM ratings WHERE user_id = ? AND emote_id = ?");
+                                    $stmt->execute([$_SESSION["user_id"], $id]);
+
+                                    if ($row = $stmt->fetch()) {
+                                        echo 'You gave <img src="/static/img/icons/ratings/' . $row["rate"] . '.png" width="16" height="16"';
+                                        echo 'title="' . RATING_NAMES[$row["rate"]] . '">';
+                                    } else {
+                                        foreach (RATING_NAMES as $key => $value) {
+                                            echo '<form action="/emotes/rate.php" method="POST">';
+                                            echo '<input type="text" name="id" value="' . $emote->get_id() . '"style="display: none;">';
+                                            echo "<input type=\"text\" name=\"rate\" value=\"$key\" style=\"display:none;\">";
+                                            echo '<button type="submit" class="transparent">';
+                                            echo "<img
+                                                    src=\"/static/img/icons/ratings/$key.png\" alt=\"$value!\"
+                                                    title=\"IT'S A $value!\">";
+                                            echo '</button></form>';
+                                        }
+                                    }
+                                    ?>
                                     <a class="button red" href="/emotes/report.php?id=<?php echo $emote->get_id() ?>">Report
                                         emote</a>
                                 </div>
diff --git a/public/emotes/rate.php b/public/emotes/rate.php
new file mode 100644
index 0000000..3cc3e01
--- /dev/null
+++ b/public/emotes/rate.php
@@ -0,0 +1,53 @@
+<?php
+include_once "../../src/alert.php";
+include_once "../../src/utils.php";
+include_once "../../src/config.php";
+include_once "../../src/accounts.php";
+
+if (!authorize_user(true)) {
+    exit;
+}
+
+$id = intval(str_safe($_POST["id"] ?? "0", 10));
+$rate = intval(str_safe($_POST["rate"] ?? "0", 2));
+
+if ($id == 0 || $rate == 0) {
+    generate_alert("/emotes" . (isset($_POST["id"]) ? "?id=" . $_POST["id"] : ""), "Not enough POST fields");
+    exit;
+}
+
+$db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+// checking if emote exists
+$stmt = $db->prepare("SELECT id FROM emotes WHERE id = ?");
+$stmt->execute([$id]);
+if ($stmt->rowCount() != 1) {
+    generate_alert("/emotes", "Emote ID $id does not exist", 404);
+    exit;
+}
+
+// checking if user has already given a rate
+$stmt = $db->prepare("SELECT id FROM ratings WHERE user_id = ? AND emote_id = ?");
+$stmt->execute([$_SESSION["user_id"], $id]);
+if ($stmt->rowCount() != 0) {
+    generate_alert("/emotes?id=$id", "You have already given a rate for this emote!", 403);
+    exit;
+}
+
+// giving a rate
+$stmt = $db->prepare("INSERT INTO ratings(user_id, emote_id, rate) VALUES (?, ?, ?)");
+$stmt->execute([$_SESSION["user_id"], $id, clamp($rate, -2, 2)]);
+
+if (CLIENT_REQUIRES_JSON) {
+    $stmt = $db->prepare("SELECT * FROM ratings WHERE id = ?");
+    $stmt->execute([$db->lastInsertId()]);
+
+    json_response([
+        "status_code" => 200,
+        "message" => "Rated!",
+        "data" => $stmt->fetch(PDO::FETCH_ASSOC)
+    ]);
+    exit;
+}
+
+generate_alert("/emotes?id=$id", "Rated!", 200);
-- 
cgit v1.2.3