Initial import of quotes db

.gitignore

@@ -0,0 +1,2 @@
+/openid/keycache.php
+/inc/*.private.php

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "openid"]
+	path = openid
+	url = git://chris.smith.name/~chris/poidsy

.htaccess

@@ -0,0 +1,6 @@
+RewriteEngine On
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule ^/?(quotes/)?(.*)$ /quotes/$2.php [L]
+

best.php

@@ -0,0 +1,52 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ define('TITLE', 'Best');
+
+ require_once('inc/header.php');
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ORDER BY quote_rating DESC LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Best quotes</h2>
+<?PHP
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

browse.php

@@ -0,0 +1,131 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ define('TITLE', 'Browse quotes');
+
+ require_once('inc/header.php');
+
+ if (isset($_GET['q']) && ctype_digit($_GET['q'])) {
+
+  $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes WHERE quote_id = '.m($_GET['q']);
+  $res = mysql_query($sql);
+  
+  if (mysql_num_rows($res) == 0) {
+   echo '<h2>Error</h2><p>That quote wasn\'t found. Try <a href="?">browsing</a> for it?</p>';
+  } else {
+
+ echo '<h2>Viewing quote</h2>';
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote #<?PHP echo $row['quote_id']; ?>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+
+  }
+
+
+ } else {
+
+  $offset = 0;
+  if (isset($_GET['o']) && ctype_digit($_GET['o'])) {
+   $offset = $_GET['o'];
+  }
+
+ $sql = 'SELECT COUNT(*) FROM quotes';
+ $res = mysql_query($sql);
+ $row = mysql_fetch_array($res);
+ define('QUOTES', $row[0]);
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ORDER BY quote_id LIMIT '.$offset.',25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Browse quotes</h2>
+<?PHP
+
+ echo '<div class="nav">';
+ if ($offset > 0) {
+  echo '<a href="browse?o='.($offset-25).'">&lt;&lt; Previous</a> |';
+ }
+ if ($offset + 25 > QUOTES) { $max = QUOTES; } else { $max = $offset + 25; }
+ echo ' Viewing quotes '.(1+$offset).' to '.$max.' of '.QUOTES.'.';
+ if ($max < QUOTES) {
+  echo ' | <a href="browse?o='.$max.'">Next &gt;&gt;</a>';
+ }
+ echo '</div>';
+
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>. 
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+ echo '<div class="nav">';
+ if ($offset > 0) {
+  echo '<a href="browse?o='.($offset-25).'">&lt;&lt; Previous</a> |';
+ }
+ if ($offset + 25 > QUOTES) { $max = QUOTES; } else { $max = $offset + 25; }
+ echo ' Viewing quotes '.(1+$offset).' to '.$max.' of '.QUOTES.'.';
+ if ($max < QUOTES) {
+  echo ' | <a href="browse?o='.$max.'">Next &gt;&gt;</a>';
+ }
+ echo '</div>';
+
+?>
+</div>
+<?PHP
+}
+ require_once('inc/footer.php');
+
+?>

dostanding.php

@@ -0,0 +1,20 @@
+<?PHP
+
+/* require_once('inc/database.php');
+
+ $users = array();
+
+ $sql = 'SELECT user_id, quote_rating FROM quotes WHERE quote_rated > 0';
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_array($res)) {
+  $user =& $users[($row['user_id'])];
+  $user += (($row['quote_rating']-1)/50) * (10 - $user);
+ }
+
+ foreach ($users as $uid=>$st) {
+  mysql_query('UPDATE users SET user_standing = '.$st.' WHERE user_id = '.$uid);
+ }*/
+
+ require('dostandingbeta.php');
+
+?>

dostandingbeta.php

@@ -0,0 +1,151 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ $users = array();
+ $quotes = array();
+
+ $sql = 'SELECT COUNT(*), user_id FROM quotes GROUP BY user_id';
+ $res = mysql_query($sql);
+ $max = 0;
+ while ($row = mysql_fetch_array($res)) {
+  if ($row[0] > $max) { $max = $row[0]; }
+  $quotes[($row[1])] = $row[0];
+ }
+
+ $sql = 'SELECT u.user_id, r.rating_change, r.quote_id, r.user_id AS rater FROM ratings AS r, quotes AS u WHERE u.quote_id = r.quote_id';
+
+ $qr = array();
+
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_array($res)) {
+  if (!isset($qr[($row['quote_id'])])) {
+   $qr[($row['quote_id'])] = array('for'=>array(),'against'=>array());
+  }
+  $user =& $users[($row['user_id'])];
+  if ($row['rating_change'] == 0) {
+   $user += 0;
+  } elseif ($row['rating_change'] > 0) {
+   $user += 1;
+   $qr[($row['quote_id'])]['for'][] = $row['rater'];
+  } else {
+   $user -= 1;
+   $qr[($row['quote_id'])]['against'][] = $row['rater'];
+  }
+ }
+
+ foreach ($qr as $quote => $rankings) {
+  $for = count($rankings['for']);
+  $against = count($rankings['against']);
+  $total = $for + $against;
+  if ($for == 0) {
+   foreach ($rankings['against'] as $uid) {
+    $users[$uid] += 0.5;
+   }
+  } elseif ($against == 0) {
+   foreach ($rankings['for'] as $uid) {
+    $users[$uid] += 0.5;
+   }
+  } else {
+   $forscore = $for/$total - 0.5;
+   $againstscore = $against/$total - 0.5;
+   foreach ($rankings['for'] as $uid) {
+    $users[$uid] += $forscore;
+   }
+   foreach ($rankings['against'] as $uid) {
+    $users[$uid] -= $againstscore;
+   }
+  }
+ }
+
+ foreach ($users as $uid => $user) {
+  #echo $uid.' ==&gt; '.$user.' == &gt; '.(10*$user*(1+$quotes[$uid])/pow($max,2)).'<br>';
+ }
+
+ $nusers = array();
+
+ $sql = 'SELECT u.user_id, r.rating_change FROM ratings AS r, quotes AS u WHERE u.quote_id = r.quote_id';
+
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_array($res)) {
+  $user =& $nusers[($row['user_id'])];
+  if ($row['rating_change'] == 0) {
+   $base = 0;
+  } elseif ($row['rating_change'] > 0) {
+   $base = 1;
+  } else {
+   $base = -1;
+  }
+  $base *= ($users[($row['user_id'])]+10)/10;
+  $user += $base; 
+ }
+
+ $sql = 'SELECT COUNT(*) FROM users';
+ $res = mysql_query($sql);
+ $row = mysql_fetch_array($res);
+ $cusers = $row[0];
+
+ foreach ($qr as $quote => $rankings) {
+  $for = count($rankings['for']);
+  $against = count($rankings['against']);
+  $total = $for + $against;
+  if ($for == 0) {
+   foreach ($rankings['against'] as $uid) {
+    $nusers[$uid] += 0.5;
+   }
+  } elseif ($against == 0) {
+   foreach ($rankings['for'] as $uid) {
+    $nusers[$uid] += 0.5;
+   }
+  } else {
+   $forscore = $for/$total - 0.5;
+   $againstscore = $against/$total - 0.5;
+   foreach ($rankings['for'] as $uid) {
+    $nusers[$uid] += $forscore;
+   }
+   foreach ($rankings['against'] as $uid) {
+    $nusers[$uid] -= $againstscore;
+   }
+  }
+ }
+
+
+ #echo '<hr>';
+ foreach ($nusers as $uid => $user) {
+  #echo $uid.' ==&gt; '.(10*$user*(1+$quotes[$uid])/(pow($max,2)*$cusers*2)).'<br>';
+  $nusers[$uid] = (10*$user*(1+$quotes[$uid])/(pow($max,2)*$cusers*2));
+  $sql = 'UPDATE users SET user_standing = '.$nusers[$uid].' WHERE user_id = '.$uid;
+  mysql_query($sql);
+ }
+
+ #echo '<hr>';
+
+ $quotes = array();
+ 
+ $sql = 'SELECT quote_id, user_id, rating_change FROM ratings';
+
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_array($res)) {
+  if (isset($nusers[($row['user_id'])])) {
+   $user = $nusers[($row['user_id'])];
+  } else {
+   $user = 0;
+  }
+  if ($row['rating_change'] == 0) {
+   $base = 0;
+  } elseif ($row['rating_change'] > 0) {
+   $base = 1;
+  } else {
+   $base = -1;
+  }
+  $base *= ($user+10)/10;
+  $quotes[($row['quote_id'])] += $base;
+ }
+
+ foreach ($quotes as $qid => $score) {
+  $sql = 'UPDATE quotes SET quote_rating = '.$score.' WHERE quote_id = '.$qid;
+  mysql_query($sql);
+  #echo "$qid ==&gt; $score<br>";
+ }
+
+?>

dostandinggamma.php

@@ -0,0 +1,97 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ class quote {
+  public $id;
+  public $owner;
+  public $good = array();
+  public $neutral = array();
+  public $bad = array();
+ }
+
+ $quotes = array();
+ $users = array();
+
+ // Read the quotes into an array
+
+ $sql = 'SELECT quote_id, user_id FROM quotes';
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_assoc($res)) {
+  if (!isset($users[($row['user_id'])])) {
+   $users[($row['user_id'])] = 0;
+  }
+
+  $quotes[($row['quote_id'])] = new quote;
+  $quotes[($row['quote_id'])]->id = $row['quote_id'];
+  $quotes[($row['quote_id'])]->owner = $row['user_id'];
+ }
+
+ // And read the ratings in
+
+ $sql = 'SELECT user_id, quote_id, rating_change FROM ratings';
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_assoc($res)) {
+  $q =& $quotes[($row['quote_id'])];
+  $u =  $row['user_id'];
+
+  if (!isset($users[$u])) { $users[$u] = 0; }
+  
+  if ($row['rating_change'] > 0) {
+   $q->good[] = $u;
+  } elseif ($row['rating_change'] < 0) {
+   $q->bad[] = $u;
+  } else {
+   $q->neutral[] = $u;
+  }
+ }
+
+ define('USERS', count($users));
+ define('QUOTES', count($quotes));
+
+ // First pass: standings based on rating agreement
+
+ foreach ($quotes as $quote) {
+  $num = count($quote->good) + count($quote->bad);
+
+  if ($num == 0) { continue; }
+
+  $off = (1/QUOTES) * ($num/USERS);
+  $bad = $bad / $num;
+
+  foreach ($quote->bad as $uid) {
+   $users[$uid] += $off * $bad;
+  }
+  foreach ($quote->good as $uid) {
+   $users[$uid] += $off * (1 - $bad);
+  }
+  foreach ($quote->neutral as $uid) {
+   $users[$uid] += $off * 0.5;
+  } 
+ }
+
+ $fstanding = 0;
+ foreach ($users as $stand) { $fstanding += $stand; }
+ define('FSTANDING', $fstanding);
+
+ // Second pass: quote ratings
+
+ foreach ($quotes as $quote) {
+  $score = 0;
+
+  $off = 10/FSTANDING;
+
+  foreach ($quote->bad as $uid) {
+   $score -= $off * $users[$uid];
+  }
+  foreach ($quote->good as $uid) {
+   $score += $off * $users[$uid]; 
+  }
+  echo "Quote: ".$quote->id.' scores '.$score.'<br>';
+ }
+
+ echo "<hr>";
+
+ // Third pass: user standings
+ 
+?>

inc/account.php

@@ -0,0 +1,61 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ session_name('qdb');
+ session_start();
+
+ if (!isset($_SESSION['uid']) && isset($_COOKIE['quotedbperm'])) {
+  $sql = 'SELECT user_id, user_standing, user_name FROM users WHERE user_hash = \''.m($_COOKIE['quotedbperm']).'\'';
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 1) {
+   $row = mysql_fetch_array($res);
+   $_SESSION['uid'] = $row['user_id'];
+   $_SESSION['uname'] = $row['user_name'];
+   $_SESSION['standing'] = $row['user_standing'];
+  }
+ }
+
+ if (isset($_SESSION['standing'])) {
+  $sql = 'SELECT user_standing FROM users WHERE user_id = '.$_SESSION['uid'];
+  $res = mysql_query($sql);
+  $row = mysql_fetch_array($res);
+  $_SESSION['standing'] = $row[0];
+ }
+
+ function doRate($id, $div = true) {
+  $sql = 'SELECT rating_change FROM ratings WHERE user_id = '.$_SESSION['uid'].' AND quote_id = '.$id;
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   if ($div) {
+    echo '<div class="rate" id="rate'.$id.'">';
+   }
+   echo '<form action="'.BASE.'rate" method="post">';
+   echo ' <input type="hidden" name="ref" value="'.$_SERVER['REQUEST_URI'].'">';
+   echo ' <input type="hidden" name="quote" value="'.$id.'">';
+   echo ' <input type="image" name="rateup" src="'.BASE.'res/plus.png" value="up" alt="Good" title="This is a good quote" onClick="return doRate(\'rateup\', '.$id.');">';
+   echo ' <input type="image" name="rateneutral" src="'.BASE.'res/neutral.png" value="neutral" alt="Neutral" title="This is an average quote" onClick="return doRate(\'rateneutral\', '.$id.');">';
+   echo ' <input type="image" name="ratedown" src="'.BASE.'res/minus.png" value="down" alt="Bad" title="This is a bad quote" onClick="return doRate(\'ratedown\', '.$id.');">';
+   echo '</form>';
+   if ($div) {
+    echo '</div>';
+   }
+  } else {
+   $row = mysql_fetch_array($res);
+   if ($div) {
+    echo '<div class="rate">';
+   }
+   if ($row['rating_change'] > 0) {
+    echo 'You rated this quote as good.';
+   } elseif ($row['rating_change'] == 0) {
+    echo 'You rated this quote as average.';
+   } else {
+    echo 'You rated this quote as bad.';
+   }
+   if ($div) {
+    echo '</div>';
+   }
+  }
+ }
+
+?>

inc/database.php

@@ -0,0 +1,11 @@
+<?PHP
+
+ require_once('inc/settings.php');
+
+ mysql_connect(MYSQL_SERVER, MYSQL_USER, MYSQL_PASS);
+ mysql_select_db(MYSQL_DB);
+
+ function m ($t) { return mysql_real_escape_string($t); }
+
+
+?>

inc/footer.php

@@ -0,0 +1,3 @@
+  </div>
+ </body>
+</html>

inc/header.php

@@ -0,0 +1,68 @@
+<?PHP
+
+require_once('inc/settings.php');
+require_once('inc/account.php');
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+ <head>
+  <title>Quote db<?PHP if (defined('TITLE')) { echo ' : ' .TITLE; } ?></title>
+  <link rel="stylesheet" href="res/style.css" type="text/css">
+  <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="<?PHP echo BASE; ?>rss">
+  <script type="text/javascript" src="<?PHP echo BASE; ?>res/ajax.js">
+  </script>
+  <script type="text/javascript">
+   function stateChange (id) {
+    if (xmlhttp.readyState == 4) {
+     document.getElementById('rate'+id).innerHTML = xmlhttp.responseText;
+    }
+   }
+
+   function doRate (value, id) {
+    if (!xmlhttp) { return true; }
+
+    xmlhttp.open("GET", '<?PHP echo BASE; ?>rateajax?quote='+id+'&'+value, true);
+    xmlhttp.onreadystatechange = function () { stateChange(id); };
+    xmlhttp.send(null);
+
+    document.getElementById('rate'+id).innerHTML = 'Submitting...';
+
+    return false;
+   }
+  </script>
+ </head>
+ <body>
+  <h1>Quote db</h1>
+  <div id="menu">
+   <img src="<?PHP echo BASE; ?>res/bl.png" alt="Corner">
+   <span id="links">
+    <a href="<?PHP echo BASE; ?>">Overview</a> |
+    <a href="<?PHP echo BASE; ?>latest">Latest</a> |
+    <a href="<?PHP echo BASE; ?>best">Best</a> |
+    <a href="<?PHP echo BASE; ?>browse">Browse</a> |
+    <a href="<?PHP echo BASE; ?>random">Random</a>
+   </span>
+   <span id="rlinks">
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+
+?>
+    <a href="<?PHP echo BASE; ?>login">Login</a> |
+    <a href="<?PHP echo BASE; ?>register">Register</a>
+<?PHP
+ } else {
+?>
+    <!--<a href="<?PHP echo BASE; ?>account">My account</a> |-->
+    <!--<a href="<?PHP echo BASE; ?>standing">-->
+    <a href="<?PHP echo BASE; ?>login">Logged in as <?PHP echo htmlentities($_SESSION['uname']); ?></a>
+    <!--</a>--> |
+    <a href="<?PHP echo BASE; ?>unrated">Unrated quotes</a> |
+    <a href="<?PHP echo BASE; ?>submit">Add quote</a>
+<?PHP
+ }
+?>    
+   </span>
+  </div>
+  <div id="content">

inc/settings.php

@@ -0,0 +1,21 @@
+<?PHP
+
+ /* This is the settings file for the quotes database.
+  *
+  * You can either alter the constants below to configure the db,
+  * or you can copy them to settings.private.php (which is excluded
+  * from the VCS, if you're interested in developing the db further)
+  */
+
+ if (file_exists(dirname(__FILE__) . '/settings.private.php')) {
+  require_once(dirname(__FILE__) . '/settings.private.php');
+ } else {
+  define('BASE', '/quotes/'); // Absolute path to the quotes db
+
+  define('MYSQL_SERVER', 'localhost'); // MySQL server
+  define('MYSQL_USER', '');            // MySQL user
+  define('MYSQL_PASS', '');            // MySQL password
+  define('MYSQL_DB', '');              // MySQL db name
+ }
+
+?>

index.php

@@ -0,0 +1,94 @@
+<?PHP
+
+require_once('inc/database.php');
+
+require_once('inc/header.php');
+
+?>
+<div class="oneThird right stats">
+ <h2>Statistics</h2>
+<?PHP
+
+ $sql = 'SELECT COUNT(*), AVG(quote_rating) FROM quotes';
+ $res = mysql_query($sql) or print(mysql_error());
+ $row = mysql_fetch_array($res); $quotes = $row[0];
+
+ echo '<p>We have <em>'.$row[0].'</em> quotes, with an average rating of <em>';
+ echo round($row[1],2).'</em>. These quotes were contributed by some of our ';
+
+ $sql = 'SELECT COUNT(*) FROM users';
+ $res = mysql_query($sql) or print(mysql_error());
+ $row = mysql_fetch_array($res); $users = $row[0];
+
+ echo '<em>'.$row[0].'</em> users, who have made a total of <em>';
+
+ $sql = 'SELECT COUNT(*) FROM ratings';
+ $res = mysql_query($sql) or print(mysql_error());
+ $row = mysql_fetch_array($res);
+
+ echo $row[0].'</em> individual ratings, an average of <em>';
+ echo round($row[0]/$users,1).'</em> quotes rated per user.</p>';
+
+ if (isset($_SESSION['uid'])) { 
+ 
+  echo '<h2>Your stats</h2>';
+  echo '<p>';
+ 
+  $sql = 'SELECT COUNT(*), AVG(quote_rating) FROM quotes WHERE user_id = '.$_SESSION['uid'];
+  $res = mysql_query($sql) or print(mysql_error());
+  $row = mysql_fetch_array($res);
+
+  echo 'You have submitted <em>'.$row[0].'</em> quote';
+  echo ($row[0] != 1 ? 's' : '').' that have an average rating of <em>';
+  echo round($row[1],2).'</em>.';
+
+  $sql = 'SELECT COUNT(*) FROM ratings WHERE user_id = '.$_SESSION['uid'];
+  $res = mysql_query($sql) or print(mysql_error());
+  $row = mysql_fetch_array($res);
+
+  echo ' You have rated <em>'.$row[0].'</em> quote';
+  if ($row[0] != 1) { echo 's'; }
+  echo '.';
+
+  if ($row[0] < $quotes) {
+   echo ' Why not rate <a href="'.BASE.'unrated">some more</a>?.';
+  } else {
+   echo ' Wow, that\'s all of them. Why not <a href="'.BASE.'submit">add a new quote</a>?';
+  }
+ }
+?>
+</div>
+<div>
+ <h2>Welcome</h2>
+ <p>Welcome to the quote db. You might think that this is just another bash
+ clone, and you'd be partly right. But the quote db has some key differences.
+ First off, we don't have any moderators. Every person starts with the same
+ access to the site. When you submit a quote, it appears instantly on the 
+ <a href="<?PHP echo BASE; ?>latest">latest quotes</a> page, where other users
+ can rate it as good, bad or neutral. 
+ </p>
+ <p>
+  If the quotes you submit get a poor rating, this will reflect on you and your
+  <em>standing</em> will decrease. Your standing is displayed on the right of
+  the menu bar when you're logged in, and operates on a scale of -10 to +10.
+  If your standing drops too low, your ability to add quotes will be suspended.
+  Conversely, if your quotes are met with a standing ovation (and good ratings),
+  your standing will increase. This, in turn, affects how much your opinion is
+  taken into account when you rate quotes. The higher standing you have, the
+  more of an impact your ratings will have.
+ </p>
+ <p>
+  The Quote DB now supports OpenID. Simply enter your
+  OpenID identifier on the <a href="<?PHP echo BASE; ?>login">login</a>
+  page.
+ </p>
+ <p>
+  <strong>New!</strong> The Quote DB now fully supports Unicode (UTF-8) quotes
+ </p>
+</div>
+
+<?PHP
+
+require_once('inc/footer.php');
+
+?>

latest.php

@@ -0,0 +1,52 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ define('TITLE', 'Latest');
+
+ require_once('inc/header.php');
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ORDER BY quote_id DESC LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Latest quotes</h2>
+<?PHP
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

login.php

@@ -0,0 +1,146 @@
+<?PHP
+
+ require_once('inc/database.php');
+ require_once('inc/account.php');
+ require_once('inc/settings.php');
+
+
+
+ if (isset($_POST['openid_url']) || isset($_REQUEST['openid_mode'])) {
+  // OpenID login in progress
+
+  require_once('openid/processor.php');
+ } else if (isset($_SESSION['openid']) && $_SESSION['openid']['validated']) {
+  // OpenID login succeeded
+
+  $sql  = 'SELECT user_id, user_name, user_standing FROM users WHERE user_name = ';
+  $sql .= '\'' . m($_SESSION['openid']['identity']) . '\'';
+  $res  = mysql_query($sql);
+
+  if (mysql_num_rows($res) == 0) {
+   $sql  = 'INSERT INTO users (user_name, user_pass) VALUES (\'' . m($_SESSION['openid']['identity']);
+   $sql .= '\', \'openid user\')';
+   $res  = mysql_query($sql);
+
+   $_SESSION['uid'] = mysql_insert_id();
+   $_SESSION['uname'] = $_SESSION['openid']['identity'];
+   $_SESSION['standing'] = 0;
+  } else {
+   $row = mysql_fetch_assoc($res);
+ 
+   $_SESSION['uid'] = $row['user_id'];
+   $_SESSION['uname'] = $row['user_name'];
+   $_SESSION['standing'] = $row['user_standing'];
+  }
+
+  unset($_SESSION['openid']);
+  if (isset($_POST['remember'])) {
+   $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));
+   if (strlen($row[0]) != 32) {
+    $row[0] = md5(uniqid($_SESSION['uid']).time());
+    mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);
+   }
+   setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);
+  }
+  header('Location: '.BASE);
+  exit;
+ } else if (isset($_SESSION['openid']['error'])) {
+  // OpenID login failed
+
+  define('MESSAGE', $_SESSION['openid']['error']);
+  unset($_SESSION['openid']['error']);
+ } else if (isset($_POST['user']) && isset($_POST['pass'])) {
+  // Normal login
+
+  $sql  = 'SELECT user_id, user_name, user_standing FROM users ';
+  $sql .= 'WHERE user_name = \''.m($_POST['user']).'\' AND user_pass = \''.m(md5($_POST['user'].$_POST['pass'])).'\'';
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   define('MESSAGE', 'Login failed. Please check your username and password.');
+  } else {
+   $row = mysql_fetch_array($res);
+   $_SESSION['uid'] = $row['user_id'];
+   $_SESSION['uname'] = $row['user_name'];
+   $_SESSION['standing'] = $row['user_standing'];
+   if (isset($_POST['remember'])) {
+    $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));
+    if (strlen($row[0]) != 32) {
+     $row[0] = md5(uniqid($row['user_id']).time());
+     mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);
+    }
+    setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);
+   }
+   header('Location: '.BASE);
+   exit;
+  }
+ }
+
+ define('TITLE', 'Login');
+
+ require_once('inc/header.php');
+
+?>
+ <div class="oneThird right">
+  <h2>Why login?</h2>
+  <p>
+   Because of the public nature of this quotes database (there are no
+   moderators or admins, just users), and the way we reward good users
+   and punish bad ones (standings), we require that you be logged in in
+   order to rate a quote or add a new one.
+  </p>
+  <p>
+   You can still browse quotes without being logged in, but to contribute
+   to the site at all you'll have to login.
+  </p>
+ </div>
+ <div>
+  <h2>Login</h2>
+<?PHP
+
+ if (defined('MESSAGE')) {
+  echo '<div id="message">'.MESSAGE.'</div>';
+ }
+
+
+?>
+  <p>
+   If you don't have an account, <a href="<?PHP echo BASE; ?>register">
+   register one</a> in a few seconds.
+  </p>
+  <form action="<?PHP echo BASE; ?>login" method="post">
+   <table class="form">
+    <tr>
+     <th>Username</th>
+     <td><input type="text" name="user"></td>
+    </tr>
+    <tr>
+     <th>Password</th>
+     <td><input type="password" name="pass"></td>
+    </tr>
+    <tr>
+     <th>Remember?</th>
+     <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>
+    </tr>
+   </table>
+   <input type="submit" value="Login">
+  </form>
+  <p>Alternatively, you can log in using OpenID:</p>
+  <form action="<?PHP echo BASE; ?>login" method="post">
+   <table class="form">
+    <tr><th>Identifier</th>
+        <td>
+    <input type="text" name="openid_url" id="openid_url" style="background: url('openid/openid.gif') no-repeat; padding-left: 20px;">
+    </td></tr>
+    <tr>
+     <th>Remember?</th>
+     <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>
+    </tr>
+   </table>
+   <input type="submit" value="Login">
+  </form>
+ </div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

openid

@@ -0,0 +1 @@
+Subproject commit dce9787dab059f4270c0506c307dc7dbd8cdc5ea

random.php

@@ -0,0 +1,52 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ define('TITLE', 'Random');
+
+ require_once('inc/header.php');
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ORDER BY RAND() DESC LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Random quotes</h2>
+<?PHP
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

rate.php

@@ -0,0 +1,33 @@
+<?PHP
+
+ require_once('inc/account.php');
+ require_once('inc/settings.php');
+ require_once('inc/database.php');
+
+ if (!isset($_SESSION['uid'])) {
+  header('Location: '.BASE.'login');
+  exit;
+ }
+
+ if (isset($_POST['quote']) && ctype_digit($_POST['quote'])) {
+  if (isset($_POST['rateup'])) { $base = 1; } elseif (isset($_POST['ratedown'])) { $base = -1; } else { $base = 0; }
+  $base *= (($_SESSION['standing'] + 10) / 10);
+  $sql = 'SELECT rating_change FROM ratings WHERE user_id = '.$_SESSION['uid'].' AND quote_id = '.m($_POST['quote']);
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   if ($_POST['quote'] != 62) {
+    mysql_query('INSERT INTO ratings (user_id, quote_id, rating_change) VALUES ('.$_SESSION['uid'].', '.m($_POST['quote']).', '.$base.')');
+    mysql_query('UPDATE quotes SET quote_rating = quote_rating + '.$base.', quote_rated = quote_rated + 1 WHERE quote_id = '.m($_POST['quote']));
+    require('dostanding.php');
+   }
+   header('Location: '.$_POST['ref']);
+   exit;
+  } else {
+   header('Location: '.$_POST['ref']);
+   exit;  
+  }
+ } else {
+  die('Invalid quote');
+ }
+
+?>

rateajax.php

@@ -0,0 +1,29 @@
+<?PHP
+
+ require_once('inc/account.php');
+ require_once('inc/settings.php');
+ require_once('inc/database.php');
+
+ if (!isset($_SESSION['uid'])) {
+  header('Location: '.BASE.'login');
+  exit;
+ }
+
+ if (isset($_GET['quote']) && ctype_digit($_GET['quote'])) {
+  if (isset($_GET['rateup'])) { $base = 1; } elseif (isset($_GET['ratedown'])) { $base = -1; } else { $base = 0; }
+  $base *= (($_SESSION['standing'] + 10) / 10);
+  $sql = 'SELECT rating_change FROM ratings WHERE user_id = '.$_SESSION['uid'].' AND quote_id = '.m($_GET['quote']);
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   if ($_GET['quote'] != 62) {
+    mysql_query('INSERT INTO ratings (user_id, quote_id, rating_change) VALUES ('.$_SESSION['uid'].', '.m($_GET['quote']).', '.$base.')');
+    mysql_query('UPDATE quotes SET quote_rating = quote_rating + '.$base.', quote_rated = quote_rated + 1 WHERE quote_id = '.m($_GET['quote']));
+    require('dostanding.php');
+   }
+  }
+  doRate($_GET['quote'], false);
+ } else {
+  die('Invalid quote');
+ }
+
+?>

register.php

@@ -0,0 +1,119 @@
+<?PHP
+
+ require_once('inc/database.php');
+ require_once('inc/settings.php');
+ require_once('inc/account.php');
+
+ function oink() {
+  if (isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['pass2'])) {
+   if ($_POST['pass2'] != $_POST['pass']) {
+    define('MESSAGE', 'Your passwords do not match.');
+    return;
+   }
+
+   if (strlen($_POST['pass']) < 5) {
+    define('MESSAGE', 'Your password must be at least 5 characters.');
+    return;
+   }
+
+   if (strlen($_POST['user']) < 3) {
+    define('MESSAGE', 'Your username must be at least 3 characters.');
+    return;
+   }
+
+   if (strlen($_POST['user']) > 20) {
+    define('MESSAGE', 'Your username must be at most 20 characters.');
+    return;
+   }
+
+   if (!preg_match('/^[a-zA-Z0-9\-]+$/', $_POST['user'])) {
+    define('MESSAGE', 'Your username may only contain letters, numbers and hyphens.');
+    return;
+   }
+
+   $sql = 'SELECT user_id FROM users WHERE user_name LIKE \''.m($_POST['user']).'\'';
+   $res = mysql_query($sql);
+   if (mysql_num_rows($res) > 0) {
+    define('MESSAGE', 'That username is in use. Please try another.');
+    return;
+   }
+
+   $sql = 'INSERT INTO users (user_name, user_pass) VALUES (\''.m($_POST['user']).'\', \''.m(md5($_POST['user'].$_POST['pass'])).'\')';
+   $res = mysql_query($sql);
+   $id = mysql_insert_id();
+   
+   $_SESSION['uid'] = $id;
+   $_SESSION['uname'] = $_POST['user'];
+   $_SESSION['standing'] = 0;
+
+   if (isset($_POST['remember'])) {
+    $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));
+    if (strlen($row[0]) != 32) {
+     $row[0] = md5(uniqid($row['user_id']).time());
+     mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '
+.$_SESSION['uid']);
+    }
+    setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);
+   }
+  
+   header('Location: '.BASE);
+   exit;
+  }
+ }
+
+ oink();
+
+ define('TITLE', 'Register');
+
+ require_once('inc/header.php');
+
+?>
+ <div class="oneThird right">
+  <h2>Why register?</h2>
+  <p>
+   Because of the public nature of this quotes database (there are no
+   moderators or admins, just users), and the way we reward good users
+   and punish bad ones (standings), we require that you be logged in in
+   order to rate a quote or add a new one.
+  </p>
+  <p>
+   In order to log in to the site, you first need a user account. To obtain
+   an account, simply fill out the form to the left. 
+  </p>
+ </div>
+ <div>
+  <h2>Register</h2>
+<?PHP
+ if (defined('MESSAGE')) { echo '<div id="message">'.MESSAGE.'</div>'; }
+?>
+  <p>
+   If you already have an account, you should 
+   <a href="<?PHP echo BASE; ?>login">login</a> instead.
+  </p>
+  <form action="<?PHP echo BASE; ?>register" method="post">
+   <table class="form">
+    <tr>
+     <th>Username</th>
+     <td><input type="text" name="user"></td>
+    </tr>
+    <tr>
+     <th>Password</th>
+     <td><input type="password" name="pass"></td>
+    </tr>
+    <tr>
+     <th>Confirm password</th>
+     <td><input type="password" name="pass2"></td>
+    </tr>
+    <tr>
+     <th>Remember?</th>
+     <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>
+    </tr>
+   </table>
+   <input type="submit" value="Login">
+  </form>
+ </div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

res/ajax.js

@@ -0,0 +1,33 @@
+var xmlhttp=false;
+
+/*@cc_on @*/
+/*@if (@_jscript_version >= 5)
+// JScript gives us Conditional compilation, we can cope with old IE versions.
+// and security blocked creation of the objects.
+try {
+ xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
+} catch (e) {
+ try {
+  xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
+ } catch (E) {
+  xmlhttp = false;
+ }
+}
+@end @*/
+
+if (!xmlhttp && typeof XMLHttpRequest!='undefined') {
+ try {
+  xmlhttp = new XMLHttpRequest();
+ } catch (e) {
+  xmlhttp = false;
+ }
+}
+
+if (!xmlhttp && window.createRequest) {
+ try {
+  xmlhttp = window.createRequest();
+ } catch (e) {
+  xmlhttp = false;
+ }
+}
+

res/style.css

@@ -0,0 +1,113 @@
+body {
+ margin: 0px 50px;
+ padding: 0px;
+ font-family: tahoma, arial, sans-serif;
+}
+
+h1 {
+ margin: 0px;
+ padding: 3px 10px;
+ color: #fff;
+ background-color: #006;
+ font-size: 2em;
+ font-family: serif;
+}
+
+div#menu {
+ background-color: #ccc;
+ padding: 0px; 
+ background-image: url('br.png');
+ background-position: bottom right;
+ background-repeat: no-repeat;
+ height: 40px;
+}
+
+div#menu img {
+ float: left;
+}
+
+div#menu a {
+ color: #339;
+ padding: 0px 10px;
+}
+
+div#menu a:visited {
+ color: #333;
+}
+
+span#links {
+ float: left;
+ padding-top: 10px;
+}
+
+span#rlinks {
+ float: right;
+ padding-top: 10px;
+ padding-right: 25px;
+}
+
+div#content {
+ padding: 5px 10px;
+ line-height: 150%;
+}
+
+div.oneThird {
+ width: 30%;
+}
+
+div.right {
+ float: right;
+ padding-left: 20px;
+}
+
+table.form  {
+ border-collapse: collapse;
+ margin: 0px 0px 10px 0px;
+}
+
+table.form td, table.form th {
+ border: 1px solid #666;
+ padding: 5px;
+}
+
+table.form th {
+ background-color: #ccc;
+ text-align: right;
+}
+
+table.form input {
+ border: 0px;
+ width: 200px;
+}
+
+div.quote {
+ margin: 0px 10px;
+ padding: 5px 10px 5px;
+}
+
+div.quote p { margin: 0px 0px 5px 0px; }
+
+div.odd {
+ background-color: #ddd;
+ border-top: 10px solid #fff;
+ border-bottom: 10px solid #fff;
+}
+
+div.quotebody {
+ font-size: small;
+}
+
+.rate {
+ float: right;
+}
+
+div.stats em {
+ font-style: normal;
+ font-weight: bold;
+}
+
+div.nav {
+ margin: 10px;
+ padding-left: 10px;
+ padding-bottom: 20px; 
+}

rss.php

@@ -0,0 +1,34 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ header('Content-type: text/xml');
+
+
+ $sql  = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ';
+
+ if (isset($_GET['id'])) {
+  $sql .= 'WHERE quote_id = ' . ((int) $_GET['id']) . ' ';
+ }
+
+ $sql .= 'ORDER BY quote_id DESC LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<?PHP echo '<?xml version="1.0" encoding="UTF-8"?>'; ?>
+<rss version="2.0">
+<channel>
+ <title>Quote db</title>
+ <link>http://apps.MD87.co.uk/quotes/</link>
+ <description>Latest quotes from the quote database</description>
+<?PHP
+ while ($row = mysql_fetch_array($res)) {
+   echo '<item><title>Quote '.$row['quote_id'].'</title>';
+   echo '<guid isPermaLink="true">http://apps.MD87.co.uk/quotes/browse?q='.$row['quote_id'].'</guid><description><![CDATA[';
+   echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); 
+   echo ']]></description></item>';
+ }
+
+?>
+</channel>
+</rss>

submit.php

@@ -0,0 +1,66 @@
+<?PHP
+
+ require_once('inc/account.php');
+ require_once('inc/database.php');
+ require_once('inc/settings.php');
+
+ if (!isset($_SESSION['uid'])) {
+  header('Location: '.BASE);
+  exit('Must be logged in');
+ }
+
+ if (isset($_POST['quote']) && $_SESSION['standing'] > -2) {
+  if (get_magic_quotes_gpc()) {
+   $_POST['quote'] = stripslashes($_POST['quote']);
+  }
+  $sql = 'INSERT INTO quotes (quote_quote, quote_time, user_id) VALUES (\''.m($_POST['quote']).'\', '.time().', '.$_SESSION['uid'].')';
+  mysql_query($sql);
+  header('Location: '.BASE.'latest');
+  exit;
+ }
+
+ define('TITLE', 'Add quote');
+
+ require_once('inc/header.php');
+
+
+?>
+<div class="oneThird right">
+ <h2>Quote guidelines</h2>
+ <p>
+  The usual quote-site rules apply: don't include anything that's not 
+  neccessary, such as timestamps, hostmasks, twenty 'lol's after the funny
+  part, etc. Try to avoid injokes if possible.
+ </p>
+ <p>
+  <em>Quotes go live as soon as you submit them</em>. There is no moderation.
+  If you submit a rubbish quote, people will rate it down, and your standing
+  will fall.
+ </p>
+ <p>
+  Try to stick to standard notation. Enclose nicks in angle brackets
+  (&lt;nick&gt; hi!), and prefix actions with an asterisk (* nick waves).
+  Remove mode prefixes (@, +, etc) that don't directly add to the humour.
+ </p>
+</div>
+<div>
+<?PHP if ($_SESSION['standing'] > -2) { ?>
+ <h2>Add a quote</h2>
+ <p>Enter your quote in the text area below. Please read the guidelines to
+ the right if you haven't done so before.</p>
+ <form action="submit" method="post">
+  <textarea name="quote" cols="80" rows="10"></textarea>
+  <br>
+  <input type="submit" value="Add">
+ </form>
+<?PHP } else { ?>
+ <h2>Error</h2>
+ <p>You do not have sufficient standing to submit a new quote. Please try
+ <a href="unrated">rating some quotes</a> to increase your standings. </p>
+<?PHP } ?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

unrated.php

@@ -0,0 +1,68 @@
+<?PHP
+
+ require_once('inc/database.php');
+ require_once('inc/account.php');
+ require_once('inc/settings.php');
+
+ if (!isset($_SESSION['uid'])) { header('Location: '.BASE.'latest'); exit; }
+
+ define('TITLE', 'Unrated');
+
+ require_once('inc/header.php');
+
+ $sql = 'SELECT quote_id FROM ratings WHERE user_id = '.$_SESSION['uid'];
+ $res = mysql_query($sql);
+ $s = '(1';
+ while ($row = mysql_fetch_array($res)) {
+  $s .= ' AND quote_id <> '.$row[0];
+ }
+ $s .= ')';
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes WHERE '.$s.' ORDER BY quote_id DESC LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Unrated quotes</h2>
+<?PHP
+
+ if (mysql_num_rows($res) == 0) {
+  echo '<p>You\'ve rated every quote in the database! Why not <a href="'.BASE.'"submit">add a new one?</a></p>';
+ }
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'])); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>

worst.php

@@ -0,0 +1,52 @@
+<?PHP
+
+ require_once('inc/database.php');
+
+ define('TITLE', 'Worst');
+
+ require_once('inc/header.php');
+
+ $sql = 'SELECT quote_id, quote_quote, quote_rating FROM quotes ORDER BY quote_rating LIMIT 0,25';
+ $res = mysql_query($sql)
+
+?>
+<div>
+ <h2>Worst quotes</h2>
+<?PHP
+
+ $i = 0;
+ while ($row = mysql_fetch_array($res)) {
+  $i = 1 - $i;
+  if ($i == 1) { $e = 'even'; } else { $e = 'odd'; }
+?>
+ <div class="quote <?PHP echo $e; ?>">
+<?PHP
+ if (isset($_SESSION['uid'])) {
+  doRate($row['quote_id']);
+ }
+?>
+  <p>
+   Quote <a href="<?PHP echo BASE; ?>browse?q=<?PHP echo $row['quote_id']; ?>">#<?PHP echo $row['quote_id']; ?></a>.
+   Rating <?PHP echo round($row['quote_rating'],2); ?>.
+<?PHP
+
+ if (!isset($_SESSION['uid'])) {
+  echo ' <a href="'.BASE.'login">Login to rate</a>.';
+ }
+
+?>
+  </p>
+  <div class="quotebody">
+   <?PHP echo nl2br(htmlentities($row['quote_quote'], ENT_QUOTES, 'UTF-8')); ?>
+  </div>
+ </div>
+<?PHP
+ }
+
+?>
+</div>
+<?PHP
+
+ require_once('inc/footer.php');
+
+?>