function insert_rating($rating, $article_id) { if(mysql_num_rows(mysql_query("SELECT ID FROM articles_ratings WHERE rater_ip='".mysql_real_escape_string(getIP())."' AND ID='".mysql_real_escape_string($article_id)."'"))==0) { if(mysql_query("INSERT INTO articles_ratings (`article_id`, `rating_value`, `rater_ip`) VALUES ('".mysql_real_escape_string($article_id)."', '".mysql_real_escape_string($rating)."', '".mysql_real_escape_string(getIP())."')")) { $response = 'Thank you for voting this article!'; } else { $response = 'Ups. A problem. I was unable to save your rating!'; } } else { $response = 'Sorry but you can only rate once'; } $objResponse = new xajaxResponse(); $objResponse->addAssign("response","innerHTML", $response); return $objResponse; }