[ Index ]

PHP Cross Reference of MyBB 1.6.5

title

Body

[close]

/ -> polls.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.6
   4   * Copyright 2010 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://mybb.com
   7   * License: http://mybb.com/about/license
   8   *
   9   * $Id: polls.php 5538 2011-08-08 09:46:13Z PirataNervo $
  10   */
  11  
  12  define("IN_MYBB", 1);
  13  define('THIS_SCRIPT', 'polls.php');
  14  
  15  $templatelist = "poll_newpoll,redirect_pollposted,redirect_pollupdated,redirect_votethanks";
  16  require_once  "./global.php";
  17  require_once  MYBB_ROOT."inc/functions_post.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("polls");
  23  
  24  if($mybb->user['uid'] != 0)
  25  {
  26      eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
  27  }
  28  else
  29  {
  30      eval("\$loginbox = \"".$templates->get("loginbox")."\";");
  31  }
  32  
  33  if($mybb->input['preview'] || $mybb->input['updateoptions'])
  34  {
  35      if($mybb->input['action'] == "do_editpoll")
  36      {
  37          $mybb->input['action'] = "editpoll";
  38      }
  39      else
  40      {
  41          $mybb->input['action'] = "newpoll";
  42      }
  43  }
  44  if($mybb->input['action'] == "newpoll")
  45  {
  46      // Form for new poll
  47      $tid = intval($mybb->input['tid']);
  48  
  49      $plugins->run_hooks("polls_newpoll_start");
  50  
  51      $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'");
  52      $thread = $db->fetch_array($query);
  53      $fid = $thread['fid'];
  54      $forumpermissions = forum_permissions($fid);
  55      
  56      // Get forum info
  57      $forum = get_forum($fid);
  58      if(!$forum)
  59      {
  60          error($lang->error_invalidforum);
  61      }
  62      else
  63      {
  64          // Is our forum closed?
  65          if ($forum['open'] == 0)
  66          {
  67              // Doesn't look like it is
  68              error($lang->error_closedinvalidforum);
  69          }
  70      }
  71  
  72      if(!$thread['tid'])
  73      {
  74          error($lang->error_invalidthread);
  75      }
  76      // Make navigation
  77      build_forum_breadcrumb($fid);
  78      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
  79      add_breadcrumb($lang->nav_postpoll);
  80  
  81      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
  82      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
  83      {
  84          error_no_permission();
  85      }
  86  
  87      if($thread['poll'])
  88      {
  89          error($lang->error_pollalready);
  90      }
  91  
  92      // Sanitize number of poll options
  93      if($mybb->input['numpolloptions'] > 0)
  94      {
  95          $mybb->input['polloptions'] = $mybb->input['numpolloptions'];
  96      }
  97      if($mybb->settings['maxpolloptions'] && $mybb->input['polloptions'] > $mybb->settings['maxpolloptions'])
  98      {    // Too big
  99          $polloptions = $mybb->settings['maxpolloptions'];
 100      }
 101      elseif($mybb->input['polloptions'] < 2)
 102      {    // Too small
 103          $polloptions = 2;
 104      }
 105      else
 106      {    // Just right
 107          $polloptions = intval($mybb->input['polloptions']);
 108      }
 109  
 110      $question = htmlspecialchars_uni($mybb->input['question']);
 111  
 112      $postoptions = $mybb->input['postoptions'];
 113      if($postoptions['multiple'] == 1)
 114      {
 115          $postoptionschecked['multiple'] = 'checked="checked"';
 116      }
 117      if($postoptions['public'] == 1)
 118      {
 119          $postoptionschecked['public'] = 'checked="checked"';
 120      }
 121  
 122      $options = $mybb->input['options'];
 123      $optionbits = '';
 124      for($i = 1; $i <= $polloptions; ++$i)
 125      {
 126          $option = $options[$i];
 127          $option = htmlspecialchars_uni($option);
 128          eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";");
 129          $option = "";
 130      }
 131  
 132      if($mybb->input['timeout'] > 0)
 133      {
 134          $timeout = intval($mybb->input['timeout']);
 135      }
 136      else
 137      {
 138          $timeout = 0;
 139      }
 140  
 141      $plugins->run_hooks("polls_newpoll_end");
 142  
 143      eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";");
 144      output_page($newpoll);
 145  }
 146  if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post")
 147  {
 148      // Verify incoming POST request
 149      verify_post_check($mybb->input['my_post_key']);
 150  
 151      $plugins->run_hooks("polls_do_newpoll_start");
 152  
 153      $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'");
 154      $thread = $db->fetch_array($query);
 155      $fid = $thread['fid'];
 156      $forumpermissions = forum_permissions($fid);
 157      
 158      // Get forum info
 159      $forum = get_forum($fid);
 160      if(!$forum)
 161      {
 162          error($lang->error_invalidforum);
 163      }
 164      else
 165      {
 166          // Is our forum closed?
 167          if ($forum['open'] == 0)
 168          {
 169              // Doesn't look like it is
 170              error($lang->error_closedinvalidforum);
 171          }
 172      }
 173  
 174      if(!$thread['tid'])
 175      {
 176          error($lang->error_invalidthread);
 177      }
 178  
 179      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
 180      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
 181      {
 182          error_no_permission();
 183      }
 184  
 185      if($thread['poll'])
 186      {
 187          error($lang->error_pollalready);
 188      }
 189  
 190      $polloptions = $mybb->input['polloptions'];
 191      if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions'])
 192      {
 193          $polloptions = $mybb->settings['maxpolloptions'];
 194      }
 195  
 196      $postoptions = $mybb->input['postoptions'];
 197      if($postoptions['multiple'] != '1')
 198      {
 199          $postoptions['multiple'] = 0;
 200      }
 201  
 202      if($postoptions['public'] != '1')
 203      {
 204          $postoptions['public'] = 0;
 205      }
 206      
 207      if($polloptions < 2)
 208      {
 209          $polloptions = "2";
 210      }
 211      $optioncount = "0";
 212      $options = $mybb->input['options'];
 213      
 214      for($i = 1; $i <= $polloptions; ++$i)
 215      {
 216          if(trim($options[$i]) != "")
 217          {
 218              $optioncount++;
 219          }
 220          
 221          if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0)
 222          {
 223              $lengtherror = 1;
 224              break;
 225          }
 226      }
 227      
 228      if($lengtherror)
 229      {
 230          error($lang->error_polloptiontoolong);
 231      }
 232      
 233      if(empty($mybb->input['question']) || $optioncount < 2)
 234      {
 235          error($lang->error_noquestionoptions);
 236      }
 237      
 238      $optionslist = '';
 239      $voteslist = '';
 240      for($i = 1; $i <= $optioncount; ++$i)
 241      {
 242          if(trim($options[$i]) != '')
 243          {
 244              if($i > 1)
 245              {
 246                  $optionslist .= '||~|~||';
 247                  $voteslist .= '||~|~||';
 248              }
 249              $optionslist .= $options[$i];
 250              $voteslist .= '0';
 251          }
 252      }
 253      
 254      if($mybb->input['timeout'] > 0)
 255      {
 256          $timeout = intval($mybb->input['timeout']);
 257      }
 258      else
 259      {
 260          $timeout = 0;
 261      }
 262      
 263      $newpoll = array(
 264          "tid" => $thread['tid'],
 265          "question" => $db->escape_string($mybb->input['question']),
 266          "dateline" => TIME_NOW,
 267          "options" => $db->escape_string($optionslist),
 268          "votes" => $db->escape_string($voteslist),
 269          "numoptions" => intval($optioncount),
 270          "numvotes" => 0,
 271          "timeout" => $timeout,
 272          "closed" => 0,
 273          "multiple" => $postoptions['multiple'],
 274          "public" => $postoptions['public']
 275      );
 276  
 277      $plugins->run_hooks("polls_do_newpoll_process");
 278  
 279      $pid = $db->insert_query("polls", $newpoll);
 280  
 281      $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'");
 282  
 283      $plugins->run_hooks("polls_do_newpoll_end");
 284  
 285      if($thread['visible'] == 1)
 286      {
 287          redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted);
 288      }
 289      else
 290      {
 291          redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated);
 292      }
 293  }
 294  
 295  if($mybb->input['action'] == "editpoll")
 296  {
 297      $pid = intval($mybb->input['pid']);
 298  
 299      $plugins->run_hooks("polls_editpoll_start");
 300  
 301      $query = $db->simple_select("polls", "*", "pid='$pid'");
 302      $poll = $db->fetch_array($query);
 303  
 304      $query = $db->simple_select("threads", "*", "poll='$pid'");
 305      $thread = $db->fetch_array($query);
 306      $tid = $thread['tid'];
 307      $fid = $thread['fid'];
 308  
 309      // Make navigation
 310      build_forum_breadcrumb($fid);
 311      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 312      add_breadcrumb($lang->nav_editpoll);
 313  
 314      $forumpermissions = forum_permissions($fid);
 315      
 316      // Get forum info
 317      $forum = get_forum($fid);
 318      if(!$forum)
 319      {
 320          error($lang->error_invalidforum);
 321      }
 322      else
 323      {
 324          // Is our forum closed?
 325          if ($forum['open'] == 0)
 326          {
 327              // Doesn't look like it is
 328              error($lang->error_closedinvalidforum);
 329          }
 330      }
 331  
 332      $query = $db->simple_select("forums", "*", "fid='$fid'");
 333      $forum = $db->fetch_array($query);
 334  
 335  
 336      if(!$tid)
 337      {
 338          error($lang->error_invalidthread);
 339      }
 340      
 341      if(!is_moderator($fid, "caneditposts"))
 342      {
 343          error_no_permission();
 344      }
 345      
 346      $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']);
 347      if(!$mybb->input['preview'] && !$mybb->input['updateoptions'])
 348      {
 349          if($poll['closed'] == 1)
 350          {
 351              $postoptionschecked['closed'] = 'checked="checked"';
 352          }
 353          
 354          if($poll['multiple'] == 1)
 355          {
 356              $postoptionschecked['multiple'] = 'checked="checked"';
 357          }
 358          
 359          if($poll['public'] == 1)
 360          {
 361              $postoptionschecked['public'] = 'checked="checked"';
 362          }
 363  
 364          $optionsarray = explode("||~|~||", $poll['options']);
 365          $votesarray = explode("||~|~||", $poll['votes']);
 366  
 367  
 368          for($i = 1; $i <= $poll['numoptions']; ++$i)
 369          {
 370              $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 371          }
 372          
 373          $question = htmlspecialchars_uni($poll['question']);
 374          $numoptions = $poll['numoptions'];
 375          $optionbits = "";
 376          for($i = 0; $i < $numoptions; ++$i)
 377          {
 378              $counter = $i + 1;
 379              $option = $optionsarray[$i];
 380              $option = htmlspecialchars_uni($option);
 381              $optionvotes = intval($votesarray[$i]);
 382              
 383              if(!$optionvotes)
 384              {
 385                  $optionvotes = 0;
 386              }
 387              
 388              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 389              $option = "";
 390              $optionvotes = "";
 391          }
 392          
 393          if(!$poll['timeout'])
 394          {
 395              $timeout = 0;
 396          }
 397          else
 398          {
 399              $timeout = $poll['timeout'];
 400          }
 401      }
 402      else
 403      {
 404          if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions'])
 405          {
 406              $numoptions = $mybb->settings['maxpolloptions'];
 407          }
 408          elseif($mybb->input['numoptions'] < 2)
 409          {
 410              $numoptions = "2";
 411          }
 412          else
 413          {
 414              $numoptions = $mybb->input['numoptions'];
 415          }
 416          $question = htmlspecialchars_uni($mybb->input['question']);
 417  
 418          $postoptions = $mybb->input['postoptions'];
 419          if($postoptions['multiple'] == 1)
 420          {
 421              $postoptionschecked['multiple'] = 'checked="checked"';
 422          }
 423          
 424          if($postoptions['public'] == 1)
 425          {
 426              $postoptionschecked['public'] = 'checked="checked"';
 427          }
 428          
 429          if($postoptions['closed'] == 1)
 430          {
 431              $postoptionschecked['closed'] = 'checked="checked"';
 432          }
 433  
 434          $options = $mybb->input['options'];
 435          $votes = $mybb->input['votes'];
 436          $optionbits = '';
 437          for($i = 1; $i <= $numoptions; ++$i)
 438          {
 439              $counter = $i;
 440              $option = $options[$i];
 441              $option = htmlspecialchars_uni($option);
 442              $optionvotes = $votes[$i];
 443              
 444              if(!$optionvotes)
 445              {
 446                  $optionvotes = 0;
 447              }
 448              
 449              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 450              $option = "";
 451          }
 452  
 453          if($mybb->input['timeout'] > 0)
 454          {
 455              $timeout = $mybb->input['timeout'];
 456          }
 457          else
 458          {
 459              $timeout = 0;
 460          }
 461      }
 462  
 463      $plugins->run_hooks("polls_editpoll_end");
 464  
 465      eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");
 466      output_page($editpoll);
 467  }
 468  
 469  if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post")
 470  {
 471      // Verify incoming POST request
 472      verify_post_check($mybb->input['my_post_key']);
 473  
 474      $plugins->run_hooks("polls_do_editpoll_start");
 475  
 476      $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'");
 477      $poll = $db->fetch_array($query);
 478  
 479      $query = $db->simple_select("threads", "*", "poll='".intval($mybb->input['pid'])."'");
 480      $thread = $db->fetch_array($query);
 481  
 482      $forumpermissions = forum_permissions($thread['fid']);
 483      
 484      // Get forum info
 485      $forum = get_forum($thread['fid']);
 486      if(!$forum)
 487      {
 488          error($lang->error_invalidforum);
 489      }
 490      else
 491      {
 492          // Is our forum closed?
 493          if ($forum['open'] == 0)
 494          {
 495              // Doesn't look like it is
 496              error($lang->error_closedinvalidforum);
 497          }
 498      }
 499  
 500      $query = $db->simple_select("forums", "*", "fid='".$thread['fid']."'");
 501      $forum = $db->fetch_array($query);
 502  
 503      if($thread['visible'] == 0 || !$thread['tid'])
 504      {
 505          error($lang->error_invalidthread);
 506      }
 507      
 508      if(!is_moderator($thread['fid'], "caneditposts"))
 509      {
 510          error_no_permission();
 511      }
 512  
 513      if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions'])
 514      {
 515          $numoptions = $mybb->settings['maxpolloptions'];
 516      }
 517      elseif(!$mybb->input['numoptions'])
 518      {
 519          $numoptions = 2;
 520      }
 521      else
 522      {
 523          $numoptions = $mybb->input['numoptions'];
 524      }
 525  
 526      $postoptions = $mybb->input['postoptions'];
 527      if($postoptions['multiple'] != '1')
 528      {
 529          $postoptions['multiple'] = 0;
 530      }
 531      
 532      if($postoptions['public'] != '1')
 533      {
 534          $postoptions['public'] = 0;
 535      }
 536      
 537      if($postoptions['closed'] != '1')
 538      {
 539          $postoptions['closed'] = 0;
 540      }
 541      $optioncount = "0";
 542      $options = $mybb->input['options'];
 543  
 544      for($i = 1; $i <= $numoptions; ++$i)
 545      {
 546          if(trim($options[$i]) != '')
 547          {
 548              $optioncount++;
 549          }
 550          
 551          if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0)
 552          {
 553              $lengtherror = 1;
 554              break;
 555          }
 556      }
 557      
 558      if($lengtherror)
 559      {
 560          error($lang->error_polloptiontoolong);
 561      }
 562  
 563      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 564      {
 565          error($lang->error_noquestionoptions);
 566      }
 567      
 568      $optionslist = '';
 569      $voteslist = '';
 570      $numvotes = '';
 571      $votes = $mybb->input['votes'];
 572      for($i = 1; $i <= $optioncount; ++$i)
 573      {
 574          if(trim($options[$i]) != '')
 575          {
 576              if($i > 1)
 577              {
 578                  $optionslist .= "||~|~||";
 579                  $voteslist .= "||~|~||";
 580              }
 581              
 582              $optionslist .= $options[$i];
 583              if(intval($votes[$i]) <= 0)
 584              {
 585                  $votes[$i] = "0";
 586              }
 587              $voteslist .= $votes[$i];
 588              $numvotes = $numvotes + $votes[$i];
 589          }
 590      }
 591      
 592      if($mybb->input['timeout'] > 0)
 593      {
 594          $timeout = intval($mybb->input['timeout']);
 595      }
 596      else
 597      {
 598          $timeout = 0;
 599      }
 600      
 601      $updatedpoll = array(
 602          "question" => $db->escape_string($mybb->input['question']),
 603          "options" => $db->escape_string($optionslist),
 604          "votes" => $db->escape_string($voteslist),
 605          "numoptions" => intval($numoptions),
 606          "numvotes" => $numvotes,
 607          "timeout" => $timeout,
 608          "closed" => $postoptions['closed'],
 609          "multiple" => $postoptions['multiple'],
 610          "public" => $postoptions['public']
 611      );
 612  
 613      $plugins->run_hooks("polls_do_editpoll_process");
 614  
 615      $db->update_query("polls", $updatedpoll, "pid='".intval($mybb->input['pid'])."'");
 616  
 617      $plugins->run_hooks("polls_do_editpoll_end");
 618      
 619      $modlogdata['fid'] = $thread['fid'];
 620      $modlogdata['tid'] = $thread['tid'];
 621      log_moderator_action($modlogdata, $lang->poll_edited);
 622  
 623      redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated);
 624  }
 625  
 626  if($mybb->input['action'] == "showresults")
 627  {
 628      $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'");
 629      $poll = $db->fetch_array($query);
 630      $tid = $poll['tid'];
 631      $query = $db->simple_select("threads", "*", "tid='$tid'");
 632      $thread = $db->fetch_array($query);
 633      $fid = $thread['fid'];
 634  
 635      // Get forum info
 636      $forum = get_forum($fid);
 637      if(!$forum)
 638      {
 639          error($lang->error_invalidforum);
 640      }
 641  
 642      $forumpermissions = forum_permissions($forum['fid']);
 643  
 644      $plugins->run_hooks("polls_showresults_start");
 645  
 646      if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0)
 647      {
 648          error($lang->error_pollpermissions);
 649      }
 650      
 651      if(!$poll['pid'])
 652      {
 653          error($lang->error_invalidpoll);
 654      }
 655      
 656      if(!$thread['tid'])
 657      {
 658          error($lang->error_invalidthread);
 659      }
 660  
 661      // Make navigation
 662      build_forum_breadcrumb($fid);
 663      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 664      add_breadcrumb($lang->nav_pollresults);
 665  
 666      $voters = array();
 667  
 668      // Calculate votes
 669      $query = $db->query("
 670          SELECT v.*, u.username 
 671          FROM ".TABLE_PREFIX."pollvotes v 
 672          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid) 
 673          WHERE v.pid='{$poll['pid']}' 
 674          ORDER BY u.username
 675      ");
 676      while($voter = $db->fetch_array($query))
 677      {
 678          // Mark for current user's vote
 679          if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid'])
 680          {
 681              $votedfor[$voter['voteoption']] = 1;
 682          }
 683  
 684          // Count number of guests and users without a username (assumes they've been deleted)
 685          if($voter['uid'] == 0 || $voter['username'] == '')
 686          {
 687              // Add one to the number of voters for guests
 688              ++$guest_voters[$voter['voteoption']];
 689          }
 690          else
 691          {
 692              $voters[$voter['voteoption']][$voter['uid']] = $voter['username'];
 693          }
 694      }
 695      
 696      $optionsarray = explode("||~|~||", $poll['options']);
 697      $votesarray = explode("||~|~||", $poll['votes']);
 698      for($i = 1; $i <= $poll['numoptions']; ++$i)
 699      {
 700          $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 701      }
 702      
 703      $polloptions = '';
 704      for($i = 1; $i <= $poll['numoptions']; ++$i)
 705      {
 706          $parser_options = array(
 707              "allow_html" => $forum['allowhtml'],
 708              "allow_mycode" => $forum['allowmycode'],
 709              "allow_smilies" => $forum['allowsmilies'],
 710              "allow_imgcode" => $forum['allowimgcode'],
 711              "allow_videocode" => $forum['allowvideocode'],
 712              "filter_badwords" => 1
 713          );
 714          $option = $parser->parse_message($optionsarray[$i-1], $parser_options);
 715  
 716          $votes = $votesarray[$i-1];
 717          $number = $i;
 718          // Make the mark for current user's voted option
 719          if($votedfor[$number])
 720          {
 721              $optionbg = 'trow2';
 722              $votestar = '*';
 723          }
 724          else
 725          {
 726              $optionbg = 'trow1';
 727              $votestar = '';
 728          }
 729          
 730          if($votes == '0')
 731          {
 732              $percent = '0';
 733          }
 734          else
 735          {
 736              $percent = number_format($votes / $poll['totvotes'] * 100, 2);
 737          }
 738          
 739          $imagewidth = round($percent/3) * 5;
 740          $comma = '';
 741          $guest_comma = '';
 742          $userlist = '';
 743          $guest_count = 0;
 744          if($poll['public'] == 1 || is_moderator($fid))
 745          {
 746              if(is_array($voters[$number]))
 747              {
 748                  foreach($voters[$number] as $uid => $username)
 749                  {
 750                      $userlist .= $comma.build_profile_link($username, $uid);
 751                      $comma = $guest_comma = $lang->comma;
 752                  }
 753              }
 754  
 755              if($guest_voters[$number] > 0)
 756              {
 757                  if($guest_voters[$number] == 1)
 758                  {
 759                      $userlist .= $guest_comma.$lang->guest_count;
 760                  }
 761                  else
 762                  {
 763                      $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]);
 764                  }
 765              }
 766          }
 767          eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";");
 768      }
 769      
 770      if($poll['totvotes'])
 771      {
 772          $totpercent = '100%';
 773      }
 774      else
 775      {
 776          $totpercent = '0%';
 777      }
 778  
 779      $plugins->run_hooks("polls_showresults_end");
 780  
 781      $poll['question'] = htmlspecialchars_uni($poll['question']);
 782      eval("\$showresults = \"".$templates->get("polls_showresults")."\";");
 783      output_page($showresults);
 784  }
 785  if($mybb->input['action'] == "vote" && $mybb->request_method == "post")
 786  {
 787      // Verify incoming POST request
 788      verify_post_check($mybb->input['my_post_key']);
 789      
 790      $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'");
 791      $poll = $db->fetch_array($query);
 792      $poll['timeout'] = $poll['timeout']*60*60*24;
 793  
 794      $plugins->run_hooks("polls_vote_start");
 795  
 796      if(!$poll['pid'])
 797      {
 798          error($lang->error_invalidpoll);
 799      }
 800  
 801      $query = $db->simple_select("threads", "*", "poll='".$poll['pid']."'");
 802      $thread = $db->fetch_array($query);
 803  
 804      if(!$thread['tid'])
 805      {
 806          error($lang->error_invalidthread);
 807      }
 808      
 809      $fid = $thread['fid'];
 810      $forumpermissions = forum_permissions($fid);
 811      if($forumpermissions['canvotepolls'] == 0)
 812      {
 813          error_no_permission();
 814      }
 815      
 816      // Get forum info
 817      $forum = get_forum($fid);
 818      if(!$forum)
 819      {
 820          error($lang->error_invalidforum);
 821      }
 822      else
 823      {
 824          // Is our forum closed?
 825          if ($forum['open'] == 0)
 826          {
 827              // Doesn't look like it is
 828              error($lang->error_closedinvalidforum);
 829          }
 830      }
 831  
 832      $expiretime = $poll['dateline'] + $poll['timeout'];
 833      $now = TIME_NOW;
 834      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
 835      {
 836          error($lang->error_pollclosed);
 837      }
 838      
 839      if(!isset($mybb->input['option']))
 840      {
 841          error($lang->error_nopolloptions);
 842      }
 843      
 844      // Check if the user has voted before...
 845      if($mybb->user['uid'])
 846      {
 847          $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
 848          $votecheck = $db->fetch_array($query);
 849      }
 850      
 851      if($votecheck['vid'] || (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== ""))
 852      {
 853          error($lang->error_alreadyvoted);
 854      }
 855      elseif(!$mybb->user['uid'])
 856      {
 857          // Give a cookie to guests to inhibit revotes
 858          if(is_array($mybb->input['option']))
 859          {
 860              // We have multiple options here...
 861              $votes_cookie = implode(',', array_keys($mybb->input['option']));
 862          }
 863          else
 864          {
 865              $votes_cookie = $mybb->input['option'];
 866          }
 867  
 868          my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
 869      }
 870      
 871      $votesql = '';
 872      $now = TIME_NOW;
 873      $votesarray = explode("||~|~||", $poll['votes']);
 874      $option = $mybb->input['option'];
 875      $numvotes = $poll['numvotes'];
 876      if($poll['multiple'] == 1)
 877      {
 878          foreach($option as $voteoption => $vote)
 879          {
 880              if($vote == 1 && isset($votesarray[$voteoption-1]))
 881              {
 882                  if($votesql)
 883                  {
 884                      $votesql .= ",";
 885                  }
 886                  $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";
 887                  $votesarray[$voteoption-1]++;
 888                  $numvotes = $numvotes+1;
 889              }
 890          }
 891      }
 892      else
 893      {
 894          if(!isset($votesarray[$option-1]))
 895          {
 896              error($lang->error_nopolloptions);
 897          }
 898          $votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";
 899          $votesarray[$option-1]++;
 900          $numvotes = $numvotes+1;
 901      }
 902  
 903      $db->write_query("
 904          INSERT INTO 
 905          ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) 
 906          VALUES $votesql
 907      ");
 908      $voteslist = '';
 909      for($i = 1; $i <= $poll['numoptions']; ++$i)
 910      {
 911          if($i > 1)
 912          {
 913              $voteslist .= "||~|~||";
 914          }
 915          $voteslist .= $votesarray[$i-1];
 916      }
 917      $updatedpoll = array(
 918          "votes" => $db->escape_string($voteslist),
 919          "numvotes" => intval($numvotes),
 920      );
 921  
 922      $plugins->run_hooks("polls_vote_process");
 923  
 924      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
 925  
 926      $plugins->run_hooks("polls_vote_end");
 927  
 928      redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);
 929  }
 930  
 931  if($mybb->input['action'] == "do_undovote")
 932  {
 933      verify_post_check($mybb->input['my_post_key']);
 934      
 935      $plugins->run_hooks("polls_do_undovote_start");
 936      if($mybb->usergroup['canundovotes'] != 1)
 937      {
 938          error_no_permission();
 939      }
 940      
 941      $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'");
 942      $poll = $db->fetch_array($query);
 943      
 944      if(!$poll['pid'])
 945      {
 946          error($lang->error_invalidpoll);
 947      }
 948      
 949      // We do not have $forum_cache available here since no forums permissions are checked in undo vote
 950      // Get thread ID and then get forum info
 951      $query = $db->simple_select("threads", "*", "tid='".intval($poll['tid'])."'");
 952      $thread = $db->fetch_array($query);
 953      $fid = $thread['fid'];
 954      
 955      // Get forum info
 956      $forum = get_forum($fid);
 957      if(!$forum)
 958      {
 959          error($lang->error_invalidforum);
 960      }
 961      else
 962      {
 963          // Is our forum closed?
 964          if ($forum['open'] == 0)
 965          {
 966              // Doesn't look like it is
 967              error($lang->error_closedinvalidforum);
 968          }
 969      }
 970      
 971      $poll['timeout'] = $poll['timeout']*60*60*24;
 972      
 973  
 974      $expiretime = $poll['dateline'] + $poll['timeout'];
 975      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout']))
 976      {
 977          error($lang->error_pollclosed);
 978      }
 979      
 980      // Check if the user has voted before...
 981      $vote_options = array();
 982      if($mybb->user['uid'])
 983      {
 984          $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
 985          while($voteoption = $db->fetch_array($query))
 986          {
 987              $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
 988          }
 989      }
 990      else
 991      {
 992          // for Guests, we simply see if they've got the cookie
 993          $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);
 994      }
 995      $votecheck = !empty($vote_options);
 996      
 997      if(!$votecheck)
 998      {
 999          error($lang->error_notvoted);
1000      }
1001      else if(!$mybb->user['uid'])
1002      {
1003          // clear cookie for Guests
1004          my_setcookie("pollvotes[{$poll['pid']}]", "");
1005      }    
1006      
1007      // Note, this is not thread safe!
1008      $votesarray = explode("||~|~||", $poll['votes']);
1009      if(count($votesarray) > $poll['numoptions'])
1010      {
1011          $votesarray = array_slice(0, $poll['numoptions']);
1012      }
1013      
1014      if($poll['multiple'] == 1)
1015      {
1016          foreach($vote_options as $vote)
1017          {
1018              if(isset($votesarray[$vote-1]))
1019              {
1020                  --$votesarray[$vote-1];
1021                  --$poll['numvotes'];
1022              }
1023          }
1024      }
1025      else
1026      {
1027          $voteoption = reset($vote_options);
1028          if(isset($votesarray[$voteoption-1]))
1029          {
1030              --$votesarray[$voteoption-1];
1031              --$poll['numvotes'];
1032          }
1033      }
1034      
1035      // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>)
1036      if($poll['numvotes'] < 0)
1037      {
1038          $poll['numvotes'] = 0;
1039      }
1040      
1041      foreach($votesarray as $i => $votes)
1042      {
1043          if($votes < 0)
1044          {
1045              $votesarray[$i] = 0;
1046          }
1047      }
1048      
1049      $voteslist = implode("||~|~||", $votesarray);
1050      $updatedpoll = array(
1051          "votes" => $db->escape_string($voteslist),
1052          "numvotes" => intval($poll['numvotes']),
1053      );
1054  
1055      $plugins->run_hooks("polls_do_undovote_process");
1056  
1057      $db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
1058      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1059  
1060      $plugins->run_hooks("polls_do_undovote_end");
1061  
1062      redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted);
1063  }
1064  
1065  ?>


Generated: Sun Dec 11 14:16:27 2011 Cross-referenced by PHPXref 0.7.1