You are here

Home » API reference » Fivestar 5 » fivestar.module

function _fivestar_cast_vote in Fivestar 5

Same name and namespace in other branches
  1. 6.2 fivestar.module \_fivestar_cast_vote()
  2. 6 fivestar.module \_fivestar_cast_vote()
  3. 7.2 fivestar.module \_fivestar_cast_vote()

Internal function to handle vote casting, flood control, XSS, IP based voting, etc...

5 calls to _fivestar_cast_vote()
fivestar_comment_insert in ./fivestar_comment.module
Insert a fivestar comment value.
fivestar_comment_update in ./fivestar_comment.module
Update a fivestar comment value.
fivestar_field in ./fivestar_field.inc
Implementation of hook_field().
fivestar_form_submit in ./fivestar.module
Submit handler for the above form (non-javascript version).
fivestar_vote in ./fivestar.module
Callback function for fivestar/vote.

File

./fivestar.module, line 704
A simple n-star voting widget, usable in other forms.

Code

function _fivestar_cast_vote($type, $cid, $value, $tag = NULL, $uid = NULL, $skip_validation = FALSE) {
  global $user;
  $tag = empty($tag) ? 'vote' : $tag;

  // Bail out if the user's trying to vote on an invalid object.
  if (!$skip_validation && !fivestar_validate_target($type, $cid, $uid)) {
    return array();
  }

  // Prep variables for anonymous vs. registered voting.
  if (!isset($uid)) {
    $uid = $user->uid;
  }
  $anon_interval = variable_get('fivestar_anonymous_vote_interval', 86400);

  // Sanity-check the incoming values.
  if (is_numeric($cid) && is_numeric($value)) {
    if ($value > 100) {
      $value = 100;
    }
    if ($uid) {

      // If the user is logged in, we'll look for votes from that uid.
      $sql = "SELECT vote_id FROM {votingapi_vote} WHERE content_type='%s' AND content_id=%d AND value_type='percent' AND uid=%d AND tag = '%s'";
      $result = db_query($sql, $type, $cid, $uid, $tag);
    }
    else {

      // Otherwise, we'll look for votes from the same IP address within the anonymous interval.
      $hostname = $_SERVER['REMOTE_ADDR'];
      if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $hostname .= '-' . $_SERVER['HTTP_X_FORWARDED_FOR'];
      }
      $sql = "SELECT vote_id FROM {votingapi_vote} WHERE content_type='%s' AND content_id=%d AND value_type='percent' AND uid=%d AND tag = '%s' AND hostname='%s'";
      $sql .= $anon_interval != -1 ? " AND timestamp > %d" : '';
      $result = db_query($sql, $type, $cid, $uid, $tag, $hostname, time() - $anon_interval);
    }

    // If the old vote exists, either delete it (if the new one is zero)
    // or change it. If it doesn't exist and the vote is non-zero, cast
    // it and recalculate.
    if ($old_vote = db_fetch_object($result)) {
      if ($value == 0) {
        votingapi_delete_vote($old_vote);
      }
      else {
        $vote = votingapi_change_vote($old_vote, $value);
      }
    }
    elseif ($value != 0) {
      $vote = votingapi_add_vote($type, $cid, $value, 'percent', $tag, $uid);
    }
    return $vote;
  }
  else {
    return array();
  }
}