Rearrange ratings tab

1 files changed, 2 insertions, 1 deletions

diff --git a/dash/headless.php b/dash/headless.php
index 0312f5d..ac20748 100644
--- a/dash/headless.php
+++ b/dash/headless.php
@@ -33,10 +33,11 @@ if (isset($_GET['clicks'])) {
   $uid = intval($_GET['rate']);
   $jid = intval($_GET['jid']);
   $val = intval($_GET['val']);
+  $txt = $db->escape_string($_GET['txt']);
   if ($uid < 1 || $jid < 1 || $val < 1) die('NOK');
   $result = $db->query('SELECT ads.id FROM ads INNER JOIN responses ON responses.adid = ads.id AND responses.matched = 1 INNER JOIN users ON users.id = responses.uid LEFT JOIN ratings ON ratings.rated = users.id WHERE ads.id = '.$jid.' AND (ads.uid = '.$b_user['id'].' OR responses.uid = '.$b_user['id'].') AND NOT EXISTS (SELECT ratings.id FROM ratings WHERE ratings.rated = responses.uid AND ratings.job = ads.id AND ratings.rater = '.$b_user['id'].') GROUP BY responses.id LIMIT 1') or die('ERR');
   if ($result->num_rows < 1) die('NOK');
-  $db->query('INSERT INTO ratings (rated, rater, job, stars) VALUES ('.$uid.', '.$b_user['id'].', '.$jid.', '.$val.')') or die('ERR');
+  $db->query('INSERT INTO ratings (rated, rater, job, stars, comment) VALUES ('.$uid.', '.$b_user['id'].', '.$jid.', '.$val.', \''.$txt.'\')') or die('ERR');
   if ($db->affected_rows < 1) die('NOK');
   die('OK');
 }