Changeset 1486 for plugins/rateIt/inc/class.rateit.php
- Timestamp:
- 09/23/09 17:29:51 (14 years ago)
- File:
-
- 1 edited
-
plugins/rateIt/inc/class.rateit.php (modified) (15 diffs)
Legend:
- Unmodified
- Added
- Removed
-
plugins/rateIt/inc/class.rateit.php
r1458 r1486 17 17 { 18 18 public $core; 19 public $con; 20 private $blog; 19 21 private $table; 20 22 private $quotient; … … 27 29 { 28 30 $this->core =& $core; 31 $this->con = $core->con; 32 $this->blog = $core->con->escape($core->blog->id); 29 33 $this->table = $core->prefix.'rateit'; 30 34 $this->quotient = $core->blog->settings->rateit_quotient; … … 58 62 return false; 59 63 60 $cur = $this->co re->con->openCursor($this->table);61 $this->co re->con->writeLock($this->table);62 63 $cur->blog_id = $this-> core->blog->id;64 $cur = $this->con->openCursor($this->table); 65 $this->con->writeLock($this->table); 66 67 $cur->blog_id = $this->blog; 64 68 $cur->rateit_type = (string) $type; 65 69 $cur->rateit_id = (string) $id; … … 75 79 76 80 $cur->insert(); 77 $this->co re->con->unlock();81 $this->con->unlock(); 78 82 $this->core->blog->triggerBlog(); 79 83 … … 93 97 $req= 94 98 'SELECT rateit_note, rateit_quotient '. 95 'FROM '.$this->table.' WHERE blog_id=\''.$this-> core->con->escape($this->core->blog->id).'\' ';99 'FROM '.$this->table.' WHERE blog_id=\''.$this->blog.'\' '; 96 100 if ($type!=null) 97 $req .= 'AND rateit_type=\''.$this->co re->con->escape($type).'\' ';101 $req .= 'AND rateit_type=\''.$this->con->escape($type).'\' '; 98 102 if ($id!=null) 99 $req .= 'AND rateit_id=\''.$this->co re->con->escape($id).'\' ';103 $req .= 'AND rateit_id=\''.$this->con->escape($id).'\' '; 100 104 if ($ip!=null) 101 $req .= 'AND rateit_ip=\''.$this->co re->con->escape($ip).'\' ';102 103 $rs = $this->co re->con->select($req);105 $req .= 'AND rateit_ip=\''.$this->con->escape($ip).'\' '; 106 107 $rs = $this->con->select($req); 104 108 $rs->toStatic(); 105 109 … … 135 139 public function voted($type=null,$id=null) 136 140 { 137 $rs = $this->co re->con->select(141 $rs = $this->con->select( 138 142 'SELECT COUNT(*) '. 139 143 'FROM '.$this->table.' '. 140 'WHERE blog_id=\''.$this-> core->con->escape($this->core->blog->id).'\' '.141 'AND rateit_ip=\''.$this->co re->con->escape($this->ip).'\' '.144 'WHERE blog_id=\''.$this->blog.'\' '. 145 'AND rateit_ip=\''.$this->con->escape($this->ip).'\' '. 142 146 ($type!=null ? 143 'AND rateit_type=\''.$this->co re->con->escape($type).'\' ' : '').147 'AND rateit_type=\''.$this->con->escape($type).'\' ' : ''). 144 148 ($id!=null ? 145 'AND rateit_id=\''.$this->co re->con->escape($id).'\' ' : '')149 'AND rateit_id=\''.$this->con->escape($id).'\' ' : '') 146 150 ); 147 151 $sql = (boolean) $rs->f(0); … … 157 161 $req = 158 162 'DELETE FROM '.$this->table.' '. 159 'WHERE blog_id=\''.$this-> core->con->escape($this->core->blog->id).'\' ';163 'WHERE blog_id=\''.$this->blog.'\' '; 160 164 if (null !== $type) 161 $req .= 'AND rateit_type=\''.$this->co re->con->escape($type).'\' ';165 $req .= 'AND rateit_type=\''.$this->con->escape($type).'\' '; 162 166 if (null !== $id) 163 $req .= 'AND rateit_id=\''.$this->co re->con->escape($id).'\' ';167 $req .= 'AND rateit_id=\''.$this->con->escape($id).'\' '; 164 168 if (null !== $ip) 165 $req .= 'AND rateit_ip=\''.$this->co re->con->escape($ip).'\' ';166 167 $rs = $this->co re->con->select($req);169 $req .= 'AND rateit_ip=\''.$this->con->escape($ip).'\' '; 170 171 $rs = $this->con->select($req); 168 172 $this->core->blog->triggerBlog(); 169 173 } … … 183 187 184 188 if (!empty($params['rateit_type'])) { 185 $params['sql'] .= "AND rateit_type = '".$this->co re->con->escape($params['rateit_type'])."' ";189 $params['sql'] .= "AND rateit_type = '".$this->con->escape($params['rateit_type'])."' "; 186 190 unset($params['rateit_type']); 187 191 } 188 192 189 193 if (!empty($params['post_type'])) { 190 $params['sql'] .= "AND post_type = '".$this->co re->con->escape($params['post_type'])."' ";194 $params['sql'] .= "AND post_type = '".$this->con->escape($params['post_type'])."' "; 191 195 unset($params['post_type']); 192 196 } … … 253 257 254 258 $strReq .= 255 " WHERE RI.blog_id = '".$this-> core->con->escape($this->core->blog->id)."' ";259 " WHERE RI.blog_id = '".$this->blog."' "; 256 260 257 261 # rate type … … 259 263 260 264 if (is_array($params['rateit_type']) && !empty($params['rateit_type'])) 261 $strReq .= 'AND RI.rateit_type '.$this->co re->con->in($params['rateit_type']);265 $strReq .= 'AND RI.rateit_type '.$this->con->in($params['rateit_type']); 262 266 elseif ($params['rateit_type'] != '') 263 $strReq .= "AND RI.rateit_type = '".$this->co re->con->escape($params['rateit_type'])."' ";267 $strReq .= "AND RI.rateit_type = '".$this->con->escape($params['rateit_type'])."' "; 264 268 } else 265 269 $strReq .= "AND RI.rateit_type = 'post' "; … … 273 277 $params['rateit_id'] = array((integer) $params['rateit_id']); 274 278 275 $strReq .= 'AND RI.rateit_id '.$this->co re->con->in($params['rateit_id']);279 $strReq .= 'AND RI.rateit_id '.$this->con->in($params['rateit_id']); 276 280 } 277 281 … … 284 288 $params['rateit_ip'] = array((integer) $params['rateit_ip']); 285 289 286 $strReq .= 'AND RI.rateit_ip '.$this->co re->con->in($params['rateit_ip']);290 $strReq .= 'AND RI.rateit_ip '.$this->con->in($params['rateit_ip']); 287 291 } 288 292 … … 296 300 297 301 if (!empty($params['order'])) 298 $strReq .= 'ORDER BY '.$this->co re->con->escape($params['order']).' ';302 $strReq .= 'ORDER BY '.$this->con->escape($params['order']).' '; 299 303 else 300 304 $strReq .= 'ORDER BY rateit_time DESC '; … … 302 306 303 307 if (!$count_only && !empty($params['limit'])) 304 $strReq .= $this->co re->con->limit($params['limit']);308 $strReq .= $this->con->limit($params['limit']); 305 309 306 310 $rs = $this->core->con->select($strReq); … … 322 326 $req .= 'rateit_id,rateit_type,rateit_note,rateit_quotient,rateit_ip,rateit_time '; 323 327 324 $req .= 'FROM '.$this->table.' WHERE blog_id=\''.$this-> core->blog->id.'\' ';328 $req .= 'FROM '.$this->table.' WHERE blog_id=\''.$this->blog.'\' '; 325 329 326 330 if (null !== $type) 327 $req .= 'AND rateit_type=\''.$this->co re->con->escape($type).'\' ';331 $req .= 'AND rateit_type=\''.$this->con->escape($type).'\' '; 328 332 if (null !== $id) 329 $req .= 'AND rateit_id=\''.$this->co re->con->escape($id).'\' ';333 $req .= 'AND rateit_id=\''.$this->con->escape($id).'\' '; 330 334 if (null !== $ip) 331 $req .= 'AND rateit_ip=\''.$this->co re->con->escape($ip).'\' ';332 333 $rs = $this->co re->con->select($req);335 $req .= 'AND rateit_ip=\''.$this->con->escape($ip).'\' '; 336 337 $rs = $this->con->select($req); 334 338 335 339 if ($count_only)
Note: See TracChangeset
for help on using the changeset viewer.