OneCore/likeGJItem.php at main · Wubba-jpeg/OneCore · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
include "incl/lib/connection.php";
require_once "incl/lib/injectionlibpatch.php";

// check if secret exists
if (!isset($_POST["secret"]) || $_POST["secret"] !== "Wmfd2893gb7") {
exit("-1");
}

// get values
$levelID = injectpatch::number($_POST["itemID"]);
$isLike = injectpatch::number($_POST["like"]);
$type = injectpatch::number($_POST["type"]);

// get user ip
$userIP = $_SERVER['REMOTE_ADDR'];

// Only comment and level likes for now
if ($type == 1) {
$table = "levels";
$column = "levelID";
} elseif ($type == 2) {
$table = "comments";
$column = "ID";
} else {
exit("-1");
}

// see if it is a dislike or a like
if ($isLike == 1) {
$query = $db->prepare("UPDATE $table SET likes = likes + 1 WHERE $column = :levelID");
} else {
$query = $db->prepare("UPDATE $table SET likes = likes - 1 WHERE $column = :levelID");
}

// Change likes
$query->execute([':levelID' => $levelID]);

// log in actions table
$logQuery = $db->prepare("INSERT INTO actions (actionType, ip, levelID) VALUES (2, :ip, :levelID)");
$logQuery->execute([':ip' => $userIP, ':levelID' => $levelID]);

// return 1 to gd
echo "1";
?>