<?php
@session_start();
@error_reporting( 7 );
@ini_set( 'display_errors', true );
@ini_set( 'html_errors', false );

define( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', substr( dirname(  __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );

$go_rate = intval( $_REQUEST['go_rate'] );
$id = intval( $_REQUEST['id'] );
$type = intval( $_REQUEST['type'] );

if( $go_rate > 1 or $go_rate < -1 ) $go_rate = 0;
if( ! $go_rate or ! $id ) die( "Hacking attempt!" );

include SYSTEM_DIR . '/data/config.php';
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . '/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';

$_REQUEST['skin'] = totranslit($_REQUEST['skin'], false, false);
if( $_REQUEST['skin'] ) {if( @is_dir( ROOT_DIR . '/templates/' . $_REQUEST['skin'] ) ) {$config['skin'] = $_REQUEST['skin'];
} else {die( "Hacking attempt!" );}}

include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];

$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
	$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
	while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
		foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
	}
    $cache->set( "usergroup", $user_group );
	$db->free();
}

require_once SYSTEM_DIR . '/modules/sitelogin.php';

if( ! $user_group[$member_id['user_group']]['allow_rating'] ) die( "Hacking attempt!" );
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );

$member_id['name'] = $db->safesql($member_id['name']);
if( $is_logged ) $where = "member = '{$member_id['name']}'"; else $where = "ip ='{$_IP}'";

$row = $db->super_query( "SELECT type_id FROM " . PREFIX . "_rate where type_id ='$id' AND {$where} AND type='$type'" );

if( ! $row['type_id'] AND count( explode( ".", $_IP ) ) == 4 ) {
	if($type==1)$db->query( "UPDATE " . PREFIX . "_post set rating=rating+'$go_rate' where id ='$id'" );
    else $db->query("UPDATE " . PREFIX . "_comments set rating=rating+'$go_rate' where id ='$id'");

    if ($db->get_affected_rows()){
	if( $is_logged ) $user_name = $member_id['name']; else $user_name = "anonymous";
    $rate_date = time() + (0 * 60);

	$db->query( "INSERT INTO " . PREFIX . "_rate (type_id, ip, member, date, rating, type) values ('$id', '$_IP', '$user_name', '$rate_date', '$go_rate', '$type')" );
    $cache->clear( array('news_', 'comm_', 'rss') );
}}

if($type==1){
    $row = $db->super_query( "SELECT id, rating FROM " . PREFIX . "_post where id ='$id'" );
    $buffer = ShortRating( $row['id'], $row['rating'], false );
}else{
    $row = $db->super_query("SELECT * FROM " . PREFIX . "_comments where id ='$id'");
    $buffer = CommRating($row['id'], $row['rating'], false);
}
$db->close();

@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $buffer;
?>