HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/baretube.com.new/includes/
Upload Files
File: /home/httpd/html/baretube.com.new/includes/inc.add_favorites.php
<?
session_start();
include('mb.php');

if(!$_SESSION['userid']) {
    $info = 'You have to be logged in to add this content to your favorites.';    
}

if(!$info){
    if(!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        $info = 'Invalid content ID.';
    }
}

if(!$info){
    $result = dbQuery("SELECT record_num FROM content WHERE record_num = '".$_GET['id']."'",false);
    if(count($result) == 0){
        $info = "Provided content ID doesn't exist in our database.";
    }else{
        $checkFavs = dbQuery("SELECT record_num FROM favorites WHERE content = '".$_GET['id']."' AND user = '".$_SESSION['userid']."'",false);
        if(count($checkFavs) == 0){
            dbQuery("INSERT INTO favorites(user,content) VALUES('".$_SESSION['userid']."','".$_GET['id']."')",false);
            $info = 'You have successfully added this content to your favorites.';
        }else{
            $info = 'You already have this content in your favorites.';
        }
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link type="text/css" href="<? echo $template_url; ?>/css/style.css" rel="stylesheet" />
        <link type="text/css" href="<? echo $template_url; ?>/css/base.css" rel="stylesheet" />
    </head>
    <body>
        <div id="incFavs">
            <p style='font-weight: bold;'> 
                <? echo $info; ?>
            </p>
        </div>
    </body>
</html>
@ Telegram