safesql( $_SERVER['REMOTE_ADDR'] ); $pid = $db->safesql( $_REQUEST['pid'] ); $go_rate= $db->safesql( $_REQUEST['go_rate'] ); $row = $db->super_query( "SELECT pid FROM logs where pid ='$pid' AND id = '".$_IP."' LIMIT 1;" ); if( ! $row['pid'] AND count( explode( ".", $_IP ) ) == 4 ) { $db->query( "UPDATE catalogs_products set rating=rating+'$go_rate', vote_num=vote_num+1 where id ='$pid'" ); $db->query( "INSERT INTO logs (pid, id) values ('$pid', '$_IP')" ); } $row = $db->super_query( "SELECT id, rating, vote_num FROM catalogs_products where id ='$pid'" ); $buffer = ShowRating( $row['id'], $row['rating'], $row['vote_num'], false ); $db->close(); @header( "Content-type: text/css; charset=cp1251" ); echo $buffer; function ShowRating($id, $rating, $vote_num, $allow = true) { if( $rating ) $rating = round( ($rating / $vote_num), 0 ); else $rating = 0; $rating = $rating * 17; $rated = <<

• {$rating}

HTML; return $rated; } ?>