Размер файла: 1.02Kb
<?php
require_once('../wu_init.php');
if (!wu_token()) { exit('wu-error'); }
if (!USER_LOGGED) { exit('3'); }
if(isset($_POST['id']) && isset($_POST['val'])){
if(!empty($_POST['id']) && !empty($_POST['val'])){
$id = intval($_POST['id']);
$val = intval($_POST['val']);
if ($val < 1 || $val > 5) { exit('3'); }
$qu = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id,vo,va,u FROM ".DB_PREFIX."_es WHERE id='$id' LIMIT 1"));
if (empty($qu['id'])) { exit('3'); }
$dtusr = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT uid,rat FROM ".DB_PREFIX."_users WHERE uid='$u_id' LIMIT 1"));
if ($dtusr['rat'] < 1) { exit('4'); }
$rated = explode("|",$qu['u']);
if(in_array($u_id,$rated)) { exit('0'); }
$rat = $qu['u'].'|'.$u_id;
mysqli_query($connect_db, "UPDATE ".DB_PREFIX."_es SET `vo` = `vo` + '1', `va` = `va` + '$val', `u` = '$rat' WHERE id='$id' LIMIT 1");
if ($val <= 2) {
mysqli_query($connect_db, "UPDATE ".DB_PREFIX."_users SET rat=rat-0.2 WHERE uid='$u_id' LIMIT 1");
}
exit('1');
} else { exit('3'); }
} else { exit('3'); }
?>