1<?php 2$_SERVER['BASE_PAGE'] = 'manual/vote-note.php'; 3include_once __DIR__ . '/../include/prepend.inc'; 4include_once __DIR__ . '/../include/posttohost.inc'; 5include_once __DIR__ . '/../include/shared-manual.inc'; 6include_once __DIR__ . '/spam_challenge.php'; 7 8// Initialize global variables 9$error = false; 10$thankyou = false; 11$headerset = false; 12$BACKpage = htmlspecialchars($_REQUEST['page'] ?? ''); 13$BACKid = htmlspecialchars($_REQUEST['id'] ?? ''); 14$link = "/{$BACKpage}#{$BACKid}"; 15$master_url = "https://main.php.net/entry/user-notes-vote.php"; 16 17if ($_SERVER['REQUEST_METHOD'] == 'POST') { 18 if (isset($_SERVER['HTTP_X_JSON']) && $_SERVER['HTTP_X_JSON'] == 'On' && !empty($_REQUEST['id']) && !empty($_REQUEST['page']) && ($N = manual_notes_load($_REQUEST['page'])) && array_key_exists($_REQUEST['id'], $N) && !empty($_REQUEST['vote']) && ($_REQUEST['vote'] === 'up' || $_REQUEST['vote'] === 'down')) { 19 $response = []; 20 $hash = substr(md5($_REQUEST['page']), 0, 16); 21 $notes_file = $_SERVER['DOCUMENT_ROOT'] . "/backend/notes/" . substr($hash, 0, 2) . "/$hash"; 22 if (!file_exists($notes_file)) { 23 $response["success"] = false; 24 $response["msg"] = "Invalid request."; 25 } 26 else { 27 $data = [ 28 "noteid" => $_REQUEST['id'], 29 "sect" => $_REQUEST['page'], 30 "vote" => $_REQUEST['vote'], 31 "ip" => $_SERVER['REMOTE_ADDR'], 32 ]; 33 if (($r = posttohost($master_url, $data)) === null || strpos($r,"failed to open socket to") !== false) { 34 $response["success"] = false; 35 $response["msg"] = "Could not process your request at this time. Please try again later..."; 36 } 37 else { 38 $r = json_decode($r); 39 if (isset($r->status, $r->votes) && $r->status) { 40 $response["success"] = true; 41 $response["update"] = (int)$r->votes; 42 } elseif (isset($r->status, $r->message) && !$r->status) { 43 $response["success"] = false; 44 $response["msg"] = $r->message; 45 } else { 46 $response["success"] = false; 47 $response["msg"] = "The server did not respond properly. Please try again later..."; 48 } 49 } 50 } 51 echo json_encode($response); 52 exit; 53 } 54 if (!empty($_REQUEST['id']) && !empty($_REQUEST['page']) && ($N = manual_notes_load($_REQUEST['page'])) && array_key_exists($_REQUEST['id'], $N) && !empty($_REQUEST['vote']) && ($_REQUEST['vote'] === 'up' || $_REQUEST['vote'] === 'down')) { 55 if (!empty($_POST['challenge']) && !empty($_POST['func']) || empty($_POST['arga']) || empty($_POST['argb'])) { 56 if (!test_answer($_POST['func'], $_POST['arga'], $_POST['argb'], $_POST['challenge'])) { 57 $error = "Incorrect answer! Please try again."; 58 } 59 else { 60 if ($_REQUEST['vote'] === 'up') { 61 $N[$_REQUEST['id']]->upvotes++; 62 } 63 elseif ($_REQUEST['vote'] === 'down') { 64 $N[$_REQUEST['id']]->downvotes++; 65 } 66 $hash = substr(md5($_REQUEST['page']), 0, 16); 67 $notes_file = $_SERVER['DOCUMENT_ROOT'] . "/backend/notes/" . substr($hash, 0, 2) . "/$hash"; 68 if (file_exists($notes_file)) { 69 $data = [ 70 "noteid" => $_REQUEST['id'], 71 "sect" => $_REQUEST['page'], 72 "vote" => $_REQUEST['vote'], 73 "ip" => $_SERVER['REMOTE_ADDR'], 74 ]; 75 if (($r = posttohost($master_url, $data)) !== null && strpos($r,"failed to open socket to") === false) { 76 $r = json_decode($r); 77 if (isset($r->status, $r->votes) && $r->status) { 78 $thankyou = true; 79 } else { 80 $error = "Invalid request."; 81 } 82 } 83 else { 84 $error = "Invalid request."; 85 } 86 } 87 else { 88 $error = "Invalid request."; 89 } 90 } 91 } 92 else { 93 $error = "You did not answer the spam challenge question."; 94 } 95 } 96 else { 97 $error = "Invalid request."; 98 } 99} 100else { 101 // Site header 102 site_header("Vote On User Notes"); 103 $headerset = true; 104 105 if (!empty($_REQUEST['id']) && !empty($_REQUEST['page']) && ($N = manual_notes_load($_REQUEST['page'])) && array_key_exists($_REQUEST['id'], $N) && !empty($_REQUEST['vote']) && ($_REQUEST['vote'] === 'up' || $_REQUEST['vote'] === 'down')) { 106?> 107 <div class="container" id="notes-dialog" style="width: 100%; padding-bottom: 15px; margin: auto;"> 108 <div style="width: 100%; margin: auto;"><h1>Voting</h1></div> 109 <div style="background-color: #f5f5ff; border: 1px solid black; padding: 15px; width: 90%; margin: auto;"> 110 <form action="" method="post"> 111 <div> 112 <p><label for="form-challenge">Please answer this simple SPAM challenge</label>: <strong><?php $c = gen_challenge(); echo $c[3]; ?></strong>?<br> 113 <input id="form-challenge" type="text" name="challenge" maxlength="10" required> (Example: nine)</p> 114 <p><input type="submit" value="Vote" name="votenote"></p> 115 </div> 116 <input type="hidden" name="func" value="<?php echo $c[0]; ?>"> 117 <input type="hidden" name="arga" value="<?php echo $c[1]; ?>"> 118 <input type="hidden" name="argb" value="<?php echo $c[2]; ?>"> 119 </form> 120 </div> 121 </div> 122 <div style="width: 100%; margin: auto;"><h1>The Note You're Voting On</h1></div> 123 <div style="width: 90%; margin: auto; padding: 15px; background-color: lightgray; border: 1px dashed gray;"> 124<?php 125 $backID = htmlspecialchars($_REQUEST['id']); 126 $backPAGE = htmlspecialchars($_REQUEST['page']); 127 manual_note_display($N[$_REQUEST['id']], false); 128?> 129 </div> 130 <div style="width: 90%; margin: auto;"><p><a href="<?php echo "/{$backPAGE}#{$backID}"; ?>"><< Back to user notes page</a></p></div> 131<?php 132 } 133 else { 134 $error = "Invalid request."; 135 } 136} 137if ($error) { 138 $error_div = <<<EOL 139 <div style="width: 90%; padding: 15px; margin: auto; border: 1px dotted red; background-color: #9999cc; color: white;"> 140 <div style="float: left; padding: 15px;"> 141 <img src="/images/docs-warning.png"> 142 </div> 143 <p> 144 <strong>There was an error with your request!</strong> 145 </p> 146 </p> 147 $error 148 </p> 149 </div> 150EOL; 151if (!$headerset) { 152 site_header("Error - Voting"); 153 $headerset = true; 154} 155?> 156 <div class="container" id="notes-dialog" style="width: 100%; padding-bottom: 15px; margin: auto;"> 157 <div style="width: 100%; margin: auto;"><h1>Voting</h1></div> 158 <div style="background-color: #f5f5ff; border: 1px solid black; padding: 15px; width: 90%; margin: auto;"> 159 <form action="" method="post"> 160 <div> 161 <p><label for="form-challenge">Please answer this simple SPAM challenge</label>: <strong><?php $c = gen_challenge(); echo $c[3]; ?></strong>?<br> 162 <input id="form-challenge" type="text" name="challenge" maxlength="10" required> (Example: nine)</p> 163 <p><input type="submit" value="Vote" name="votenote"></p> 164 </div> 165 <input type="hidden" name="func" value="<?php echo $c[0]; ?>"> 166 <input type="hidden" name="arga" value="<?php echo $c[1]; ?>"> 167 <input type="hidden" name="argb" value="<?php echo $c[2]; ?>"> 168 </form> 169 <?php echo $error_div; ?> 170 </div> 171 </div> 172<?php 173 if ($error != "Invalid request.") { 174?> 175 <div style="width: 100%; margin: auto;"><h1>The Note You're Voting On</h1></div> 176 <div style="width: 90%; margin: auto; padding: 15px; background-color: lightgray; border: 1px dashed gray;"> 177<?php 178 $backID = htmlspecialchars($_REQUEST['id']); 179 $backPAGE = htmlspecialchars($_REQUEST['page']); 180 manual_note_display($N[$_REQUEST['id']], false); 181?> 182 </div> 183 <div style="width: 90%; margin: auto;"><p><a href="<?php echo "/{$backPAGE}#{$backID}"; ?>"><< Back to user notes page</a></p></div> 184<?php 185 } 186} 187if ($thankyou) { 188 site_header("Thank you for voting!"); 189 $headerset = true; 190?> 191 <div class="container" id="notes-dialog" style="width: 100%; padding: 15px; margin: auto;"> 192 <h1>Thanks for voting!</h1> 193 <p>To go back to the user notes page <a href="<?php echo $link; ?>">click here</a>.</p> 194 </div> 195<?php 196} 197 198// Print out common footer 199site_footer(); 200
