diff --git a/public/js/rateit-uncompressed.js b/public/js/rateit-uncompressed.js index 5c58005..0c5d6fa 100644 --- a/public/js/rateit-uncompressed.js +++ b/public/js/rateit-uncompressed.js @@ -271,7 +271,7 @@ function doRateIt() { }); window.addEvent('domready', function(e) { - RateItRating = new RateItRatings({url:'SimpleAjax.php'}); + RateItRating = new RateItRatings({url:'SimpleAjax.php?do=rateit'}); }); } else if (window.jQuery) { // the rateit plugin as an Object @@ -579,7 +579,7 @@ function doRateIt() { async: false, cache: true }); - RateItRating = Object.create(RateItRatings).initialize({url:'SimpleAjax.php'}); + RateItRating = Object.create(RateItRatings).initialize({url:'SimpleAjax.php?do=rateit'}); }); var jEscape = function(jquery) { diff --git a/public/js/rateit.js b/public/js/rateit.js index f5549ff..40b6c25 100644 --- a/public/js/rateit.js +++ b/public/js/rateit.js @@ -9,7 +9,7 @@ var votePercent=this.getVotePercent(el.newFill);if(this.options.url!=null){new R el.textEl.set('text',text);if(typeof($('.mbrateItRating'))!='undefined'&&el.id.indexOf('mb')==0){var mbid=el.getAttribute('id');mbid=mbid.replace('mb','');if(typeof(arrRatings)=='object'){for(var ri=0;ri100){el.newFill=this.getFillPercent(100);} -el.selected.setStyle('width',el.newFill);},getStarPercent:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);if(stars!=null){var score=stars[3].toFloat();var scale=stars[4].toFloat();var percent=(score/scale)*100;return percent;}else{return 0;}},getFillPercent:function(starPercent){return(starPercent/100)*(this.options.starwidth*this.options.max);},getVotePercent:function(actVote){var starsWidth=this.options.starwidth*this.options.max;var percent=(actVote/starsWidth*100).round(2);return percent;},getRatableId:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[1]:'';},getRatableType:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[2]:'';},getRatableMaxValue:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[4].toInt():0;},setBackgroundPosition:function(el,pos){el.setStyle('background-position','0% '+pos+'px');},getBackgroundImagePath:function(el){return el.getStyle('background-image');},getBackgroundImage:function(el){var reg_imgFile=/url\s*\(["']?(.*)["']?\)/i;var dummy=document.createElement('img');var string=this.getBackgroundImagePath(el);string=string.match(reg_imgFile)[1];string=string.replace('\"','');dummy.src=string;return dummy;}});window.addEvent('domready',function(e){RateItRating=new RateItRatings({url:'SimpleAjax.php'});});}else if(window.jQuery){(function(){RateItRatings={options:{step:0.1,readonly:false,resetable:false},initialize:function(options){if(typeof options=='object'&&typeof options['url']!='undefined') +el.selected.setStyle('width',el.newFill);},getStarPercent:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);if(stars!=null){var score=stars[3].toFloat();var scale=stars[4].toFloat();var percent=(score/scale)*100;return percent;}else{return 0;}},getFillPercent:function(starPercent){return(starPercent/100)*(this.options.starwidth*this.options.max);},getVotePercent:function(actVote){var starsWidth=this.options.starwidth*this.options.max;var percent=(actVote/starsWidth*100).round(2);return percent;},getRatableId:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[1]:'';},getRatableType:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[2]:'';},getRatableMaxValue:function(id){var stars=id.match(/(\d*\|?\d*)-(page|article|ce|module|news|faq|galpic|news4ward)-(\d*\.?\d+)_(\d*\.?\d+)$/);return stars!=null?stars[4].toInt():0;},setBackgroundPosition:function(el,pos){el.setStyle('background-position','0% '+pos+'px');},getBackgroundImagePath:function(el){return el.getStyle('background-image');},getBackgroundImage:function(el){var reg_imgFile=/url\s*\(["']?(.*)["']?\)/i;var dummy=document.createElement('img');var string=this.getBackgroundImagePath(el);string=string.match(reg_imgFile)[1];string=string.replace('\"','');dummy.src=string;return dummy;}});window.addEvent('domready',function(e){RateItRating=new RateItRatings({url:'SimpleAjax.php?do=rateit'});});}else if(window.jQuery){(function(){RateItRatings={options:{step:0.1,readonly:false,resetable:false},initialize:function(options){if(typeof options=='object'&&typeof options['url']!='undefined') this.options.url=options['url'];var self=this;jQuery('.rateItRating').each(function(i,element){self.initMe(element);});return this;},initMe:function(element){var self=this;if(!Browser.Engine.trident4){var el=jQuery(element);el.data('id',el.attr('id'));el.data('rateable',el.attr('rel')=='not-rateable'?false:true);el.data('wrapper',el.find('.wrapper'));el.data('textEl',el.find('.ratingText'));el.data('selected',el.find('.rateItRating-selected'));el.data('hover',el.find('.rateItRating-hover'));jQuery.when(self.getBackgroundImage(el.data('wrapper'))).done(function(backgroundImageSize){self.options.starwidth=backgroundImageSize[0];self.options.starheight=backgroundImageSize[1]/3;});if(self.options.starwidth===undefined||self.options.starwidth<16){self.options.starwidth=16;} if(self.options.starheight===undefined||self.options.starheight<16){self.options.starheight=16;} self.setBackgroundPosition(el.data('selected'),-1*self.options.starheight);self.setBackgroundPosition(el.data('hover'),-1*2*self.options.starheight);el.data('starPercent',self.getStarPercent(el.data('id')));el.data('ratableId',self.getRatableId(el.data('id')));el.data('ratableType',self.getRatableType(el.data('id')));self.options.max=self.getRatableMaxValue(el.data('id'));el.data('selected').css('height',self.options.starheight);el.data('hover').css('height',self.options.starheight);el.data('wrapper').css('width',self.options.starwidth*self.options.max);el.data('wrapper').css('height',self.options.starheight);self.fillVote(el.data('starPercent'),el);el.data('currentFill',self.getFillPercent(el.data('starPercent')));if(el.data('rateable')){el.data('wrapper').mouseenter(function(event){el.data('selected').hide(500,"easeInOutQuad");el.data('hover').show();el.data('wrapper').mousemove({'el':el,'self':self},self.mouseCrap);});el.data('wrapper').mouseleave(function(event){el.data('wrapper').unbind('mousemove');el.data('hover').hide();el.data('selected').show();el.data('selected').animate({width:el.data('currentFill')},500);});el.data('wrapper').click(function(event){el.data('currentFill',el.data('newFill'));el.data('wrapper').unbind();el.data('oldTxt',el.data('textEl').text());el.data('textEl').html('          ');el.data('textEl').addClass('loading');if(typeof(jQuery('.mbrateItRating'))!='undefined'&&el.data('id').indexOf('mb')==0){var mbid=el.data('id');mbid=mbid.replace('mb','');if(typeof(arrRatings)=='object'){for(var ri=0;ri').attr('src',string).load(function(){backgroundImageSize.push(this.width);backgroundImageSize.push(this.height);dfd.resolve(backgroundImageSize);});return dfd.promise();},updateText:function(el,text){error=text.split('ERROR:')[1];el.data('textEl').removeClass('loading');if(error){this.RateItRating.showError(el,error);return false;} el.data('textEl').text(text);if(typeof(jQuery('.mbrateItRating'))!='undefined'&&el.data('id').indexOf('mb')==0){var mbid=el.attr('id');mbid=mbid.replace('mb','');if(typeof(arrRatings)=='object'){for(var ri=0;riInput->get('do') == 'rateit') { + $ip = $_SERVER['REMOTE_ADDR']; + + $rkey = $this->Input->post('id'); + $percent = $this->Input->post('vote'); + $type = $this->Input->post('type'); + + //Make sure that the ratable ID is a number and not something crazy. + if (strstr($rkey, '|')) { + $arrRkey = explode('|', $rkey); + foreach ($arrRkey as $key) { + if (!is_numeric($key)) { + header(RETURN_AJAX_HEADER); + echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_rating']; + exit; + } + $id = $rkey; + } + } else { + if (is_numeric($rkey)) { + $id = $rkey; + } else { header(RETURN_AJAX_HEADER); echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_rating']; exit; } - $id = $rkey; - } - } else { - if (is_numeric($rkey)) { - $id = $rkey; + } + + //Make sure the percent is a number and under 100. + if (is_numeric($percent) && $percent < 101) { + $rating = $percent; } else { header(RETURN_AJAX_HEADER); echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_rating']; exit; } - } - - //Make sure the percent is a number and under 100. - if (is_numeric($percent) && $percent < 101) { - $rating = $percent; - } else { - header(RETURN_AJAX_HEADER); - echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_rating']; - exit; - } - - //Make sure that the ratable type is 'page' or 'ce' or 'module' - if (!($type === 'page' || $type === 'article' || $type === 'ce' || $type === 'module' || $type === 'news' || $type === 'faq' || $type === 'galpic' || $type === 'news4ward')) { - header(RETURN_AJAX_HEADER); - echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_type']; - exit; - } - - $strHash = sha1(session_id() . (!$GLOBALS['TL_CONFIG']['disableIpCheck'] ? \Environment::get('ip') : '') . 'FE_USER_AUTH'); - - // FrontendUser auslesen - if (FE_USER_LOGGED_IN) { - $objUser = $this->Database->prepare("SELECT pid FROM tl_session WHERE hash=?") - ->limit(1) - ->execute($strHash); - - if ($objUser->numRows) { - $userId = $objUser->pid; + + //Make sure that the ratable type is 'page' or 'ce' or 'module' + if (!($type === 'page' || $type === 'article' || $type === 'ce' || $type === 'module' || $type === 'news' || $type === 'faq' || $type === 'galpic' || $type === 'news4ward')) { + header(RETURN_AJAX_HEADER); + echo $GLOBALS['TL_LANG']['rateit']['error']['invalid_type']; + exit; } - } - - - $ratableKeyId = $this->Database->prepare('SELECT id FROM tl_rateit_items WHERE rkey=? and typ=?') - ->execute($id, $type) - ->fetchAssoc(); - - $canVote = false; - if (isset($userId)) { - $countUser = $this->Database->prepare('SELECT * FROM tl_rateit_ratings WHERE pid=? and memberid=?') - ->execute($ratableKeyId['id'], $userId) - ->count(); - } - $countIp = $this->Database->prepare('SELECT * FROM tl_rateit_ratings WHERE pid=? and ip_address=?') - ->execute($ratableKeyId['id'], $ip) - ->count(); - - // Die with an error if the insert fails (duplicate IP or duplicate member id for a vote). - if ((!$this->allowDuplicatesForMembers && (isset($countUser) ? $countUser == 0 : false)) || ($this->allowDuplicatesForMembers && isset($userId))) { - // Insert the data. - $arrSet = array('pid' => $ratableKeyId['id'], - 'tstamp' => time(), - 'ip_address' => $ip, - 'memberid' => isset($userId) ? $userId : null, - 'rating' => $rating, - 'createdat'=> time() - ); - $this->Database->prepare('INSERT INTO tl_rateit_ratings %s') - ->set($arrSet) - ->execute(); - } elseif (!isset($countUser) && ((!$this->allowDuplicates && $countIp == 0) || $this->allowDuplicates)) { - // Insert the data. - $arrSet = array('pid' => $ratableKeyId['id'], - 'tstamp' => time(), - 'ip_address' => $ip, - 'memberid' => isset($userId) ? $userId : null, - 'rating' => $rating, - 'createdat'=> time() - ); - $this->Database->prepare('INSERT INTO tl_rateit_ratings %s') - ->set($arrSet) - ->execute(); - } else { - header(RETURN_AJAX_HEADER); - echo $GLOBALS['TL_LANG']['rateit']['error']['duplicate_vote']; + + $strHash = sha1(session_id() . (!$GLOBALS['TL_CONFIG']['disableIpCheck'] ? \Environment::get('ip') : '') . 'FE_USER_AUTH'); + + // FrontendUser auslesen + if (FE_USER_LOGGED_IN) { + $objUser = $this->Database->prepare("SELECT pid FROM tl_session WHERE hash=?") + ->limit(1) + ->execute($strHash); + + if ($objUser->numRows) { + $userId = $objUser->pid; + } + } + + + $ratableKeyId = $this->Database->prepare('SELECT id FROM tl_rateit_items WHERE rkey=? and typ=?') + ->execute($id, $type) + ->fetchAssoc(); + + $canVote = false; + if (isset($userId)) { + $countUser = $this->Database->prepare('SELECT * FROM tl_rateit_ratings WHERE pid=? and memberid=?') + ->execute($ratableKeyId['id'], $userId) + ->count(); + } + $countIp = $this->Database->prepare('SELECT * FROM tl_rateit_ratings WHERE pid=? and ip_address=?') + ->execute($ratableKeyId['id'], $ip) + ->count(); + + // Die with an error if the insert fails (duplicate IP or duplicate member id for a vote). + if ((!$this->allowDuplicatesForMembers && (isset($countUser) ? $countUser == 0 : false)) || ($this->allowDuplicatesForMembers && isset($userId))) { + // Insert the data. + $arrSet = array('pid' => $ratableKeyId['id'], + 'tstamp' => time(), + 'ip_address' => $ip, + 'memberid' => isset($userId) ? $userId : null, + 'rating' => $rating, + 'createdat'=> time() + ); + $this->Database->prepare('INSERT INTO tl_rateit_ratings %s') + ->set($arrSet) + ->execute(); + } elseif (!isset($countUser) && ((!$this->allowDuplicates && $countIp == 0) || $this->allowDuplicates)) { + // Insert the data. + $arrSet = array('pid' => $ratableKeyId['id'], + 'tstamp' => time(), + 'ip_address' => $ip, + 'memberid' => isset($userId) ? $userId : null, + 'rating' => $rating, + 'createdat'=> time() + ); + $this->Database->prepare('INSERT INTO tl_rateit_ratings %s') + ->set($arrSet) + ->execute(); + } else { + header(RETURN_AJAX_HEADER); + echo $GLOBALS['TL_LANG']['rateit']['error']['duplicate_vote']; + exit; + } + + $this->import('rateit\\RateItFrontend', 'RateItFrontend'); + $rating = $this->RateItFrontend->loadRating($id, $type); + + header(RETURN_AJAX_HEADER); + echo $this->RateItFrontend->getStarMessage($rating); exit; - } - - $this->import('rateit\\RateItFrontend', 'RateItFrontend'); - $rating = $this->RateItFrontend->loadRating($id, $type); - - header(RETURN_AJAX_HEADER); - echo $this->RateItFrontend->getStarMessage($rating); - exit; + } } }