| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: polls.php 5538 2011-08-08 09:46:13Z PirataNervo $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'polls.php'); 14 15 $templatelist = "poll_newpoll,redirect_pollposted,redirect_pollupdated,redirect_votethanks"; 16 require_once "./global.php"; 17 require_once MYBB_ROOT."inc/functions_post.php"; 18 require_once MYBB_ROOT."inc/class_parser.php"; 19 $parser = new postParser; 20 21 // Load global language phrases 22 $lang->load("polls"); 23 24 if($mybb->user['uid'] != 0) 25 { 26 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 27 } 28 else 29 { 30 eval("\$loginbox = \"".$templates->get("loginbox")."\";"); 31 } 32 33 if($mybb->input['preview'] || $mybb->input['updateoptions']) 34 { 35 if($mybb->input['action'] == "do_editpoll") 36 { 37 $mybb->input['action'] = "editpoll"; 38 } 39 else 40 { 41 $mybb->input['action'] = "newpoll"; 42 } 43 } 44 if($mybb->input['action'] == "newpoll") 45 { 46 // Form for new poll 47 $tid = intval($mybb->input['tid']); 48 49 $plugins->run_hooks("polls_newpoll_start"); 50 51 $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'"); 52 $thread = $db->fetch_array($query); 53 $fid = $thread['fid']; 54 $forumpermissions = forum_permissions($fid); 55 56 // Get forum info 57 $forum = get_forum($fid); 58 if(!$forum) 59 { 60 error($lang->error_invalidforum); 61 } 62 else 63 { 64 // Is our forum closed? 65 if ($forum['open'] == 0) 66 { 67 // Doesn't look like it is 68 error($lang->error_closedinvalidforum); 69 } 70 } 71 72 if(!$thread['tid']) 73 { 74 error($lang->error_invalidthread); 75 } 76 // Make navigation 77 build_forum_breadcrumb($fid); 78 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 79 add_breadcrumb($lang->nav_postpoll); 80 81 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 82 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 83 { 84 error_no_permission(); 85 } 86 87 if($thread['poll']) 88 { 89 error($lang->error_pollalready); 90 } 91 92 // Sanitize number of poll options 93 if($mybb->input['numpolloptions'] > 0) 94 { 95 $mybb->input['polloptions'] = $mybb->input['numpolloptions']; 96 } 97 if($mybb->settings['maxpolloptions'] && $mybb->input['polloptions'] > $mybb->settings['maxpolloptions']) 98 { // Too big 99 $polloptions = $mybb->settings['maxpolloptions']; 100 } 101 elseif($mybb->input['polloptions'] < 2) 102 { // Too small 103 $polloptions = 2; 104 } 105 else 106 { // Just right 107 $polloptions = intval($mybb->input['polloptions']); 108 } 109 110 $question = htmlspecialchars_uni($mybb->input['question']); 111 112 $postoptions = $mybb->input['postoptions']; 113 if($postoptions['multiple'] == 1) 114 { 115 $postoptionschecked['multiple'] = 'checked="checked"'; 116 } 117 if($postoptions['public'] == 1) 118 { 119 $postoptionschecked['public'] = 'checked="checked"'; 120 } 121 122 $options = $mybb->input['options']; 123 $optionbits = ''; 124 for($i = 1; $i <= $polloptions; ++$i) 125 { 126 $option = $options[$i]; 127 $option = htmlspecialchars_uni($option); 128 eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); 129 $option = ""; 130 } 131 132 if($mybb->input['timeout'] > 0) 133 { 134 $timeout = intval($mybb->input['timeout']); 135 } 136 else 137 { 138 $timeout = 0; 139 } 140 141 $plugins->run_hooks("polls_newpoll_end"); 142 143 eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";"); 144 output_page($newpoll); 145 } 146 if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post") 147 { 148 // Verify incoming POST request 149 verify_post_check($mybb->input['my_post_key']); 150 151 $plugins->run_hooks("polls_do_newpoll_start"); 152 153 $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'"); 154 $thread = $db->fetch_array($query); 155 $fid = $thread['fid']; 156 $forumpermissions = forum_permissions($fid); 157 158 // Get forum info 159 $forum = get_forum($fid); 160 if(!$forum) 161 { 162 error($lang->error_invalidforum); 163 } 164 else 165 { 166 // Is our forum closed? 167 if ($forum['open'] == 0) 168 { 169 // Doesn't look like it is 170 error($lang->error_closedinvalidforum); 171 } 172 } 173 174 if(!$thread['tid']) 175 { 176 error($lang->error_invalidthread); 177 } 178 179 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 180 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 181 { 182 error_no_permission(); 183 } 184 185 if($thread['poll']) 186 { 187 error($lang->error_pollalready); 188 } 189 190 $polloptions = $mybb->input['polloptions']; 191 if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions']) 192 { 193 $polloptions = $mybb->settings['maxpolloptions']; 194 } 195 196 $postoptions = $mybb->input['postoptions']; 197 if($postoptions['multiple'] != '1') 198 { 199 $postoptions['multiple'] = 0; 200 } 201 202 if($postoptions['public'] != '1') 203 { 204 $postoptions['public'] = 0; 205 } 206 207 if($polloptions < 2) 208 { 209 $polloptions = "2"; 210 } 211 $optioncount = "0"; 212 $options = $mybb->input['options']; 213 214 for($i = 1; $i <= $polloptions; ++$i) 215 { 216 if(trim($options[$i]) != "") 217 { 218 $optioncount++; 219 } 220 221 if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0) 222 { 223 $lengtherror = 1; 224 break; 225 } 226 } 227 228 if($lengtherror) 229 { 230 error($lang->error_polloptiontoolong); 231 } 232 233 if(empty($mybb->input['question']) || $optioncount < 2) 234 { 235 error($lang->error_noquestionoptions); 236 } 237 238 $optionslist = ''; 239 $voteslist = ''; 240 for($i = 1; $i <= $optioncount; ++$i) 241 { 242 if(trim($options[$i]) != '') 243 { 244 if($i > 1) 245 { 246 $optionslist .= '||~|~||'; 247 $voteslist .= '||~|~||'; 248 } 249 $optionslist .= $options[$i]; 250 $voteslist .= '0'; 251 } 252 } 253 254 if($mybb->input['timeout'] > 0) 255 { 256 $timeout = intval($mybb->input['timeout']); 257 } 258 else 259 { 260 $timeout = 0; 261 } 262 263 $newpoll = array( 264 "tid" => $thread['tid'], 265 "question" => $db->escape_string($mybb->input['question']), 266 "dateline" => TIME_NOW, 267 "options" => $db->escape_string($optionslist), 268 "votes" => $db->escape_string($voteslist), 269 "numoptions" => intval($optioncount), 270 "numvotes" => 0, 271 "timeout" => $timeout, 272 "closed" => 0, 273 "multiple" => $postoptions['multiple'], 274 "public" => $postoptions['public'] 275 ); 276 277 $plugins->run_hooks("polls_do_newpoll_process"); 278 279 $pid = $db->insert_query("polls", $newpoll); 280 281 $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'"); 282 283 $plugins->run_hooks("polls_do_newpoll_end"); 284 285 if($thread['visible'] == 1) 286 { 287 redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); 288 } 289 else 290 { 291 redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated); 292 } 293 } 294 295 if($mybb->input['action'] == "editpoll") 296 { 297 $pid = intval($mybb->input['pid']); 298 299 $plugins->run_hooks("polls_editpoll_start"); 300 301 $query = $db->simple_select("polls", "*", "pid='$pid'"); 302 $poll = $db->fetch_array($query); 303 304 $query = $db->simple_select("threads", "*", "poll='$pid'"); 305 $thread = $db->fetch_array($query); 306 $tid = $thread['tid']; 307 $fid = $thread['fid']; 308 309 // Make navigation 310 build_forum_breadcrumb($fid); 311 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 312 add_breadcrumb($lang->nav_editpoll); 313 314 $forumpermissions = forum_permissions($fid); 315 316 // Get forum info 317 $forum = get_forum($fid); 318 if(!$forum) 319 { 320 error($lang->error_invalidforum); 321 } 322 else 323 { 324 // Is our forum closed? 325 if ($forum['open'] == 0) 326 { 327 // Doesn't look like it is 328 error($lang->error_closedinvalidforum); 329 } 330 } 331 332 $query = $db->simple_select("forums", "*", "fid='$fid'"); 333 $forum = $db->fetch_array($query); 334 335 336 if(!$tid) 337 { 338 error($lang->error_invalidthread); 339 } 340 341 if(!is_moderator($fid, "caneditposts")) 342 { 343 error_no_permission(); 344 } 345 346 $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']); 347 if(!$mybb->input['preview'] && !$mybb->input['updateoptions']) 348 { 349 if($poll['closed'] == 1) 350 { 351 $postoptionschecked['closed'] = 'checked="checked"'; 352 } 353 354 if($poll['multiple'] == 1) 355 { 356 $postoptionschecked['multiple'] = 'checked="checked"'; 357 } 358 359 if($poll['public'] == 1) 360 { 361 $postoptionschecked['public'] = 'checked="checked"'; 362 } 363 364 $optionsarray = explode("||~|~||", $poll['options']); 365 $votesarray = explode("||~|~||", $poll['votes']); 366 367 368 for($i = 1; $i <= $poll['numoptions']; ++$i) 369 { 370 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 371 } 372 373 $question = htmlspecialchars_uni($poll['question']); 374 $numoptions = $poll['numoptions']; 375 $optionbits = ""; 376 for($i = 0; $i < $numoptions; ++$i) 377 { 378 $counter = $i + 1; 379 $option = $optionsarray[$i]; 380 $option = htmlspecialchars_uni($option); 381 $optionvotes = intval($votesarray[$i]); 382 383 if(!$optionvotes) 384 { 385 $optionvotes = 0; 386 } 387 388 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 389 $option = ""; 390 $optionvotes = ""; 391 } 392 393 if(!$poll['timeout']) 394 { 395 $timeout = 0; 396 } 397 else 398 { 399 $timeout = $poll['timeout']; 400 } 401 } 402 else 403 { 404 if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions']) 405 { 406 $numoptions = $mybb->settings['maxpolloptions']; 407 } 408 elseif($mybb->input['numoptions'] < 2) 409 { 410 $numoptions = "2"; 411 } 412 else 413 { 414 $numoptions = $mybb->input['numoptions']; 415 } 416 $question = htmlspecialchars_uni($mybb->input['question']); 417 418 $postoptions = $mybb->input['postoptions']; 419 if($postoptions['multiple'] == 1) 420 { 421 $postoptionschecked['multiple'] = 'checked="checked"'; 422 } 423 424 if($postoptions['public'] == 1) 425 { 426 $postoptionschecked['public'] = 'checked="checked"'; 427 } 428 429 if($postoptions['closed'] == 1) 430 { 431 $postoptionschecked['closed'] = 'checked="checked"'; 432 } 433 434 $options = $mybb->input['options']; 435 $votes = $mybb->input['votes']; 436 $optionbits = ''; 437 for($i = 1; $i <= $numoptions; ++$i) 438 { 439 $counter = $i; 440 $option = $options[$i]; 441 $option = htmlspecialchars_uni($option); 442 $optionvotes = $votes[$i]; 443 444 if(!$optionvotes) 445 { 446 $optionvotes = 0; 447 } 448 449 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 450 $option = ""; 451 } 452 453 if($mybb->input['timeout'] > 0) 454 { 455 $timeout = $mybb->input['timeout']; 456 } 457 else 458 { 459 $timeout = 0; 460 } 461 } 462 463 $plugins->run_hooks("polls_editpoll_end"); 464 465 eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";"); 466 output_page($editpoll); 467 } 468 469 if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post") 470 { 471 // Verify incoming POST request 472 verify_post_check($mybb->input['my_post_key']); 473 474 $plugins->run_hooks("polls_do_editpoll_start"); 475 476 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 477 $poll = $db->fetch_array($query); 478 479 $query = $db->simple_select("threads", "*", "poll='".intval($mybb->input['pid'])."'"); 480 $thread = $db->fetch_array($query); 481 482 $forumpermissions = forum_permissions($thread['fid']); 483 484 // Get forum info 485 $forum = get_forum($thread['fid']); 486 if(!$forum) 487 { 488 error($lang->error_invalidforum); 489 } 490 else 491 { 492 // Is our forum closed? 493 if ($forum['open'] == 0) 494 { 495 // Doesn't look like it is 496 error($lang->error_closedinvalidforum); 497 } 498 } 499 500 $query = $db->simple_select("forums", "*", "fid='".$thread['fid']."'"); 501 $forum = $db->fetch_array($query); 502 503 if($thread['visible'] == 0 || !$thread['tid']) 504 { 505 error($lang->error_invalidthread); 506 } 507 508 if(!is_moderator($thread['fid'], "caneditposts")) 509 { 510 error_no_permission(); 511 } 512 513 if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions']) 514 { 515 $numoptions = $mybb->settings['maxpolloptions']; 516 } 517 elseif(!$mybb->input['numoptions']) 518 { 519 $numoptions = 2; 520 } 521 else 522 { 523 $numoptions = $mybb->input['numoptions']; 524 } 525 526 $postoptions = $mybb->input['postoptions']; 527 if($postoptions['multiple'] != '1') 528 { 529 $postoptions['multiple'] = 0; 530 } 531 532 if($postoptions['public'] != '1') 533 { 534 $postoptions['public'] = 0; 535 } 536 537 if($postoptions['closed'] != '1') 538 { 539 $postoptions['closed'] = 0; 540 } 541 $optioncount = "0"; 542 $options = $mybb->input['options']; 543 544 for($i = 1; $i <= $numoptions; ++$i) 545 { 546 if(trim($options[$i]) != '') 547 { 548 $optioncount++; 549 } 550 551 if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0) 552 { 553 $lengtherror = 1; 554 break; 555 } 556 } 557 558 if($lengtherror) 559 { 560 error($lang->error_polloptiontoolong); 561 } 562 563 if(trim($mybb->input['question']) == '' || $optioncount < 2) 564 { 565 error($lang->error_noquestionoptions); 566 } 567 568 $optionslist = ''; 569 $voteslist = ''; 570 $numvotes = ''; 571 $votes = $mybb->input['votes']; 572 for($i = 1; $i <= $optioncount; ++$i) 573 { 574 if(trim($options[$i]) != '') 575 { 576 if($i > 1) 577 { 578 $optionslist .= "||~|~||"; 579 $voteslist .= "||~|~||"; 580 } 581 582 $optionslist .= $options[$i]; 583 if(intval($votes[$i]) <= 0) 584 { 585 $votes[$i] = "0"; 586 } 587 $voteslist .= $votes[$i]; 588 $numvotes = $numvotes + $votes[$i]; 589 } 590 } 591 592 if($mybb->input['timeout'] > 0) 593 { 594 $timeout = intval($mybb->input['timeout']); 595 } 596 else 597 { 598 $timeout = 0; 599 } 600 601 $updatedpoll = array( 602 "question" => $db->escape_string($mybb->input['question']), 603 "options" => $db->escape_string($optionslist), 604 "votes" => $db->escape_string($voteslist), 605 "numoptions" => intval($numoptions), 606 "numvotes" => $numvotes, 607 "timeout" => $timeout, 608 "closed" => $postoptions['closed'], 609 "multiple" => $postoptions['multiple'], 610 "public" => $postoptions['public'] 611 ); 612 613 $plugins->run_hooks("polls_do_editpoll_process"); 614 615 $db->update_query("polls", $updatedpoll, "pid='".intval($mybb->input['pid'])."'"); 616 617 $plugins->run_hooks("polls_do_editpoll_end"); 618 619 $modlogdata['fid'] = $thread['fid']; 620 $modlogdata['tid'] = $thread['tid']; 621 log_moderator_action($modlogdata, $lang->poll_edited); 622 623 redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated); 624 } 625 626 if($mybb->input['action'] == "showresults") 627 { 628 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 629 $poll = $db->fetch_array($query); 630 $tid = $poll['tid']; 631 $query = $db->simple_select("threads", "*", "tid='$tid'"); 632 $thread = $db->fetch_array($query); 633 $fid = $thread['fid']; 634 635 // Get forum info 636 $forum = get_forum($fid); 637 if(!$forum) 638 { 639 error($lang->error_invalidforum); 640 } 641 642 $forumpermissions = forum_permissions($forum['fid']); 643 644 $plugins->run_hooks("polls_showresults_start"); 645 646 if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0) 647 { 648 error($lang->error_pollpermissions); 649 } 650 651 if(!$poll['pid']) 652 { 653 error($lang->error_invalidpoll); 654 } 655 656 if(!$thread['tid']) 657 { 658 error($lang->error_invalidthread); 659 } 660 661 // Make navigation 662 build_forum_breadcrumb($fid); 663 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 664 add_breadcrumb($lang->nav_pollresults); 665 666 $voters = array(); 667 668 // Calculate votes 669 $query = $db->query(" 670 SELECT v.*, u.username 671 FROM ".TABLE_PREFIX."pollvotes v 672 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid) 673 WHERE v.pid='{$poll['pid']}' 674 ORDER BY u.username 675 "); 676 while($voter = $db->fetch_array($query)) 677 { 678 // Mark for current user's vote 679 if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid']) 680 { 681 $votedfor[$voter['voteoption']] = 1; 682 } 683 684 // Count number of guests and users without a username (assumes they've been deleted) 685 if($voter['uid'] == 0 || $voter['username'] == '') 686 { 687 // Add one to the number of voters for guests 688 ++$guest_voters[$voter['voteoption']]; 689 } 690 else 691 { 692 $voters[$voter['voteoption']][$voter['uid']] = $voter['username']; 693 } 694 } 695 696 $optionsarray = explode("||~|~||", $poll['options']); 697 $votesarray = explode("||~|~||", $poll['votes']); 698 for($i = 1; $i <= $poll['numoptions']; ++$i) 699 { 700 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 701 } 702 703 $polloptions = ''; 704 for($i = 1; $i <= $poll['numoptions']; ++$i) 705 { 706 $parser_options = array( 707 "allow_html" => $forum['allowhtml'], 708 "allow_mycode" => $forum['allowmycode'], 709 "allow_smilies" => $forum['allowsmilies'], 710 "allow_imgcode" => $forum['allowimgcode'], 711 "allow_videocode" => $forum['allowvideocode'], 712 "filter_badwords" => 1 713 ); 714 $option = $parser->parse_message($optionsarray[$i-1], $parser_options); 715 716 $votes = $votesarray[$i-1]; 717 $number = $i; 718 // Make the mark for current user's voted option 719 if($votedfor[$number]) 720 { 721 $optionbg = 'trow2'; 722 $votestar = '*'; 723 } 724 else 725 { 726 $optionbg = 'trow1'; 727 $votestar = ''; 728 } 729 730 if($votes == '0') 731 { 732 $percent = '0'; 733 } 734 else 735 { 736 $percent = number_format($votes / $poll['totvotes'] * 100, 2); 737 } 738 739 $imagewidth = round($percent/3) * 5; 740 $comma = ''; 741 $guest_comma = ''; 742 $userlist = ''; 743 $guest_count = 0; 744 if($poll['public'] == 1 || is_moderator($fid)) 745 { 746 if(is_array($voters[$number])) 747 { 748 foreach($voters[$number] as $uid => $username) 749 { 750 $userlist .= $comma.build_profile_link($username, $uid); 751 $comma = $guest_comma = $lang->comma; 752 } 753 } 754 755 if($guest_voters[$number] > 0) 756 { 757 if($guest_voters[$number] == 1) 758 { 759 $userlist .= $guest_comma.$lang->guest_count; 760 } 761 else 762 { 763 $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]); 764 } 765 } 766 } 767 eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";"); 768 } 769 770 if($poll['totvotes']) 771 { 772 $totpercent = '100%'; 773 } 774 else 775 { 776 $totpercent = '0%'; 777 } 778 779 $plugins->run_hooks("polls_showresults_end"); 780 781 $poll['question'] = htmlspecialchars_uni($poll['question']); 782 eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); 783 output_page($showresults); 784 } 785 if($mybb->input['action'] == "vote" && $mybb->request_method == "post") 786 { 787 // Verify incoming POST request 788 verify_post_check($mybb->input['my_post_key']); 789 790 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 791 $poll = $db->fetch_array($query); 792 $poll['timeout'] = $poll['timeout']*60*60*24; 793 794 $plugins->run_hooks("polls_vote_start"); 795 796 if(!$poll['pid']) 797 { 798 error($lang->error_invalidpoll); 799 } 800 801 $query = $db->simple_select("threads", "*", "poll='".$poll['pid']."'"); 802 $thread = $db->fetch_array($query); 803 804 if(!$thread['tid']) 805 { 806 error($lang->error_invalidthread); 807 } 808 809 $fid = $thread['fid']; 810 $forumpermissions = forum_permissions($fid); 811 if($forumpermissions['canvotepolls'] == 0) 812 { 813 error_no_permission(); 814 } 815 816 // Get forum info 817 $forum = get_forum($fid); 818 if(!$forum) 819 { 820 error($lang->error_invalidforum); 821 } 822 else 823 { 824 // Is our forum closed? 825 if ($forum['open'] == 0) 826 { 827 // Doesn't look like it is 828 error($lang->error_closedinvalidforum); 829 } 830 } 831 832 $expiretime = $poll['dateline'] + $poll['timeout']; 833 $now = TIME_NOW; 834 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout'])) 835 { 836 error($lang->error_pollclosed); 837 } 838 839 if(!isset($mybb->input['option'])) 840 { 841 error($lang->error_nopolloptions); 842 } 843 844 // Check if the user has voted before... 845 if($mybb->user['uid']) 846 { 847 $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 848 $votecheck = $db->fetch_array($query); 849 } 850 851 if($votecheck['vid'] || (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== "")) 852 { 853 error($lang->error_alreadyvoted); 854 } 855 elseif(!$mybb->user['uid']) 856 { 857 // Give a cookie to guests to inhibit revotes 858 if(is_array($mybb->input['option'])) 859 { 860 // We have multiple options here... 861 $votes_cookie = implode(',', array_keys($mybb->input['option'])); 862 } 863 else 864 { 865 $votes_cookie = $mybb->input['option']; 866 } 867 868 my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie); 869 } 870 871 $votesql = ''; 872 $now = TIME_NOW; 873 $votesarray = explode("||~|~||", $poll['votes']); 874 $option = $mybb->input['option']; 875 $numvotes = $poll['numvotes']; 876 if($poll['multiple'] == 1) 877 { 878 foreach($option as $voteoption => $vote) 879 { 880 if($vote == 1 && isset($votesarray[$voteoption-1])) 881 { 882 if($votesql) 883 { 884 $votesql .= ","; 885 } 886 $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')"; 887 $votesarray[$voteoption-1]++; 888 $numvotes = $numvotes+1; 889 } 890 } 891 } 892 else 893 { 894 if(!isset($votesarray[$option-1])) 895 { 896 error($lang->error_nopolloptions); 897 } 898 $votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')"; 899 $votesarray[$option-1]++; 900 $numvotes = $numvotes+1; 901 } 902 903 $db->write_query(" 904 INSERT INTO 905 ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) 906 VALUES $votesql 907 "); 908 $voteslist = ''; 909 for($i = 1; $i <= $poll['numoptions']; ++$i) 910 { 911 if($i > 1) 912 { 913 $voteslist .= "||~|~||"; 914 } 915 $voteslist .= $votesarray[$i-1]; 916 } 917 $updatedpoll = array( 918 "votes" => $db->escape_string($voteslist), 919 "numvotes" => intval($numvotes), 920 ); 921 922 $plugins->run_hooks("polls_vote_process"); 923 924 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 925 926 $plugins->run_hooks("polls_vote_end"); 927 928 redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); 929 } 930 931 if($mybb->input['action'] == "do_undovote") 932 { 933 verify_post_check($mybb->input['my_post_key']); 934 935 $plugins->run_hooks("polls_do_undovote_start"); 936 if($mybb->usergroup['canundovotes'] != 1) 937 { 938 error_no_permission(); 939 } 940 941 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 942 $poll = $db->fetch_array($query); 943 944 if(!$poll['pid']) 945 { 946 error($lang->error_invalidpoll); 947 } 948 949 // We do not have $forum_cache available here since no forums permissions are checked in undo vote 950 // Get thread ID and then get forum info 951 $query = $db->simple_select("threads", "*", "tid='".intval($poll['tid'])."'"); 952 $thread = $db->fetch_array($query); 953 $fid = $thread['fid']; 954 955 // Get forum info 956 $forum = get_forum($fid); 957 if(!$forum) 958 { 959 error($lang->error_invalidforum); 960 } 961 else 962 { 963 // Is our forum closed? 964 if ($forum['open'] == 0) 965 { 966 // Doesn't look like it is 967 error($lang->error_closedinvalidforum); 968 } 969 } 970 971 $poll['timeout'] = $poll['timeout']*60*60*24; 972 973 974 $expiretime = $poll['dateline'] + $poll['timeout']; 975 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout'])) 976 { 977 error($lang->error_pollclosed); 978 } 979 980 // Check if the user has voted before... 981 $vote_options = array(); 982 if($mybb->user['uid']) 983 { 984 $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 985 while($voteoption = $db->fetch_array($query)) 986 { 987 $vote_options[$voteoption['vid']] = $voteoption['voteoption']; 988 } 989 } 990 else 991 { 992 // for Guests, we simply see if they've got the cookie 993 $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]); 994 } 995 $votecheck = !empty($vote_options); 996 997 if(!$votecheck) 998 { 999 error($lang->error_notvoted); 1000 } 1001 else if(!$mybb->user['uid']) 1002 { 1003 // clear cookie for Guests 1004 my_setcookie("pollvotes[{$poll['pid']}]", ""); 1005 } 1006 1007 // Note, this is not thread safe! 1008 $votesarray = explode("||~|~||", $poll['votes']); 1009 if(count($votesarray) > $poll['numoptions']) 1010 { 1011 $votesarray = array_slice(0, $poll['numoptions']); 1012 } 1013 1014 if($poll['multiple'] == 1) 1015 { 1016 foreach($vote_options as $vote) 1017 { 1018 if(isset($votesarray[$vote-1])) 1019 { 1020 --$votesarray[$vote-1]; 1021 --$poll['numvotes']; 1022 } 1023 } 1024 } 1025 else 1026 { 1027 $voteoption = reset($vote_options); 1028 if(isset($votesarray[$voteoption-1])) 1029 { 1030 --$votesarray[$voteoption-1]; 1031 --$poll['numvotes']; 1032 } 1033 } 1034 1035 // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>) 1036 if($poll['numvotes'] < 0) 1037 { 1038 $poll['numvotes'] = 0; 1039 } 1040 1041 foreach($votesarray as $i => $votes) 1042 { 1043 if($votes < 0) 1044 { 1045 $votesarray[$i] = 0; 1046 } 1047 } 1048 1049 $voteslist = implode("||~|~||", $votesarray); 1050 $updatedpoll = array( 1051 "votes" => $db->escape_string($voteslist), 1052 "numvotes" => intval($poll['numvotes']), 1053 ); 1054 1055 $plugins->run_hooks("polls_do_undovote_process"); 1056 1057 $db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 1058 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 1059 1060 $plugins->run_hooks("polls_do_undovote_end"); 1061 1062 redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted); 1063 } 1064 1065 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |