basic voting system works; but layout is missing

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@432 b3834d28-1941-0410-a4f8-b48e95affb8f
2009-10-26 21:55:43 +00:00 · 2009-10-26 21:55:43 +00:00 · af157c6bb7
commit af157c6bb7
parent 44fd0e29f4
4 changed files with 120 additions and 0 deletions
--- a/data/templates/bookmarks-vote.inc.tpl.php
+++ b/data/templates/bookmarks-vote.inc.tpl.php
@ -0,0 +1,26 @@
+<?php
+/**
+ * Bookmark voting badge.
+ * Shows the number of votes and buttons to vote for or
+ * against a bookmark.
+ * Expects a $row variable with bookmark data
+ */
+if (!$GLOBALS['enableVoting']) {
+    return;
+}
+echo '<span class="vote-badge">';
+if (!$row['hasVoted']) {
+    echo '<a class="vote-for" href="'
+        . createVoteURL(true, $row['bId']) . '">+</a>';
+} else {
+    echo '<span class="vote-against-i">+</span>';
+}
+echo '<span class="voting">' . $row['bVoting'] . '</span>';
+if (!$row['hasVoted']) {
+    echo '<a class="vote-against" href="'
+        . createVoteURL(false, $row['bId']) . '">-</a>';
+} else {
+    echo '<span class="vote-against-i">-</span>';
+}
+echo '</span>';
+?>
--- a/data/templates/bookmarks.tpl.php
+++ b/data/templates/bookmarks.tpl.php
@ -301,6 +301,7 @@ if($currenttag!= '') {
 			//echo '<a href="'. $address .'"'. $rel .' ><img class="thumbnail" src="http://www.artviper.net/screenshots/screener.php?url='.$address.'&w=120&sdx=1280&userID='.$GLOBALS['thumbnailsUserId'].'&hash='.$thumbnailHash.'" />';
 			echo '<img class="thumbnail" onclick="window.location.href=\''.$address.'\'" src="http://www.artviper.net/screenshots/screener.php?url='.$address.'&w=120&sdx=1280&userID='.$GLOBALS['thumbnailsUserId'].'&hash='.$thumbnailHash.'" />';
 		}
+        include 'bookmarks-vote.inc.tpl.php';
 		
 		echo '<div '.$adminBgClass.' >';;

--- a/src/SemanticScuttle/functions.php
+++ b/src/SemanticScuttle/functions.php
@ -92,6 +92,30 @@ function createURL($page = '', $ending = '') {
 		return ROOT . $page;
 	}
 }
+/**
+ * Creates a "vote for/against this bookmark" URL.
+ * Also runs htmlspecialchars() on them to prevent XSS.
+ * We need to use ENT_QUOTES since otherwise we would not be
+ * protected when the attribute is used in single quotes.
+ *
+ * @param boolean $for For the bookmark (true) or against (false)
+ * @param integer $bId Bookmark ID
+ *
+ * @return string URL to use
+ */
+function createVoteURL($for, $bId)
+{
+    //FIXME: we need a "current url" variable that is
+    //filled with a safe version of the current url.
+    //all this specialchars stuff is bit of a hack.
+    return htmlspecialchars(
+        createURL(
+            'vote',
+            ($for ? 'for' : 'against') . '/' . $bId
+        ) . '?from=' . urlencode($_SERVER['REQUEST_URI']),
+        ENT_QUOTES
+    );
+}

 /* Shorten a string like a URL for example by cutting the middle of it */
 function shortenString($string, $maxSize=75) {
--- a/www/vote.php
+++ b/www/vote.php
@ -0,0 +1,69 @@
+<?php
+/**
+ * We do expect three parameters:
+ * - type (for/against)
+ * - bookmark id
+ * - url we shall redirect to (?from=)
+ *
+ * vote/for/123?from=xyz
+ */
+require_once '../src/SemanticScuttle/header.php';
+
+if (!$GLOBALS['enableVoting']) {
+    header('HTTP/1.0 501 Not implemented');
+    echo 'voting is disabled';
+    exit(1);
+}
+
+
+$us = SemanticScuttle_Service_Factory::get('User');
+$vs = SemanticScuttle_Service_Factory::get('Vote');
+
+if (!$us->isLoggedOn()) {
+    header('HTTP/1.0 400 Bad Request');
+    echo 'need a logged on user';
+    exit(1);
+}
+$user = $us->getCurrentUser();
+$user = $user['uId'];
+
+if (!isset($_SERVER['PATH_INFO'])) {
+    //we got a problem
+    header('HTTP/1.0 500 Internal Server Error');
+    echo 'PATH_INFO not found';
+    exit(2);
+}
+
+//we should really use net_url_mapper here
+list($url, $type, $bookmark) = explode('/', $_SERVER['PATH_INFO']);
+
+if ($type != 'for' && $type != 'against') {
+    header('HTTP/1.0 400 Bad Request');
+    echo 'type has to be "for" or "against"';
+    exit(3);
+}
+if (!is_numeric($bookmark)) {
+    header('HTTP/1.0 400 Bad Request');
+    echo 'Bookmark must be numeric';
+    exit(4);
+}
+$bookmark = (int)$bookmark;
+
+if (!isset($_GET['from']) || $_GET['from'] == '') {
+    header('HTTP/1.0 400 Bad Request');
+    echo 'Missing "from" parameter';
+    exit(5);
+}
+$from = $_GET['from'];
+
+
+if ($vs->hasVoted($bookmark, $user)) {
+    //already voted
+    header('HTTP/1.0 412 Precondition failed');
+    echo 'Bookmark has been already voted for';
+    exit(6);
+}
+
+$vs->vote($bookmark, $user, $type == 'for' ? 1 : -1);
+header('Location: ' . $from);
+?>