-
Notifications
You must be signed in to change notification settings - Fork 0
/
storyvote.php
48 lines (36 loc) · 1.2 KB
/
storyvote.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] != 'POST' || !isset($_SESSION['user_id'])) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
die();
}
include "connector.php";
$uid = $_SESSION['user_id'];
$sid = $_POST['sid'];
$positive = $_POST['positive'];
if ($positive <= 0) {
$positive = -1;
} else {
$positive = 1;
}
do {
$stmt = $db->prepare('INSERT INTO story_votes (uid, sid, positive) VALUES (?, ?, ?)');
$stmt->bind_param('sss', $uid, $sid, $positive);
if ($stmt->execute()) {
break;
}
$stmt2 = $db->prepare('SELECT positive FROM story_votes WHERE uid = ? AND sid = ?');
$stmt2->bind_param('ss', $uid, $sid);
$stmt2->execute();
$positiveCheck = mysqli_fetch_array($stmt2->get_result())['positive'];
if ($positive == $positiveCheck) {
$stmt3 = $db->prepare('DELETE FROM story_votes WHERE uid = ? AND sid = ?');
$stmt3->bind_param('ss', $uid, $sid);
$stmt3->execute();
break;
}
$stmt4 = $db->prepare('UPDATE story_votes SET positive = ? WHERE uid = ? AND sid = ?');
$stmt4->bind_param('sss', $positive, $uid, $sid);
$stmt4->execute();
} while(0);
header('Location: ' . $_SERVER['HTTP_REFERER']);