| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'polls.php'); 14 15 $templatelist = "changeuserbox,loginbox,polls_newpoll_option,polls_newpoll,polls_editpoll_option,polls_editpoll,polls_showresults_resultbit,polls_showresults"; 16 require_once "./global.php"; 17 require_once MYBB_ROOT."inc/functions_post.php"; 18 require_once MYBB_ROOT."inc/class_parser.php"; 19 $parser = new postParser; 20 21 // Load global language phrases 22 $lang->load("polls"); 23 24 if($mybb->user['uid'] != 0) 25 { 26 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 27 } 28 else 29 { 30 eval("\$loginbox = \"".$templates->get("loginbox")."\";"); 31 } 32 33 if($mybb->input['preview'] || $mybb->input['updateoptions']) 34 { 35 if($mybb->input['action'] == "do_editpoll") 36 { 37 $mybb->input['action'] = "editpoll"; 38 } 39 else 40 { 41 $mybb->input['action'] = "newpoll"; 42 } 43 } 44 if($mybb->input['action'] == "newpoll") 45 { 46 // Form for new poll 47 $tid = intval($mybb->input['tid']); 48 49 $plugins->run_hooks("polls_newpoll_start"); 50 51 $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'"); 52 $thread = $db->fetch_array($query); 53 if(!$thread['tid']) 54 { 55 error($lang->error_invalidthread); 56 } 57 58 $fid = $thread['fid']; 59 $forumpermissions = forum_permissions($fid); 60 61 // Get forum info 62 $forum = get_forum($fid); 63 if(!$forum) 64 { 65 error($lang->error_invalidforum); 66 } 67 else 68 { 69 // Is our forum closed? 70 if($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) 71 { 72 // Doesn't look like it is 73 error($lang->error_closedinvalidforum); 74 } 75 } 76 // Make navigation 77 build_forum_breadcrumb($fid); 78 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 79 add_breadcrumb($lang->nav_postpoll); 80 81 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 82 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 83 { 84 error_no_permission(); 85 } 86 87 if($thread['poll']) 88 { 89 error($lang->error_pollalready); 90 } 91 92 // Sanitize number of poll options 93 if($mybb->input['numpolloptions'] > 0) 94 { 95 $mybb->input['polloptions'] = $mybb->input['numpolloptions']; 96 } 97 if($mybb->settings['maxpolloptions'] && $mybb->input['polloptions'] > $mybb->settings['maxpolloptions']) 98 { // Too big 99 $polloptions = $mybb->settings['maxpolloptions']; 100 } 101 elseif($mybb->input['polloptions'] < 2) 102 { // Too small 103 $polloptions = 2; 104 } 105 else 106 { // Just right 107 $polloptions = intval($mybb->input['polloptions']); 108 } 109 110 $question = htmlspecialchars_uni($mybb->input['question']); 111 112 $postoptions = $mybb->input['postoptions']; 113 if($postoptions['multiple'] == 1) 114 { 115 $postoptionschecked['multiple'] = 'checked="checked"'; 116 } 117 if($postoptions['public'] == 1) 118 { 119 $postoptionschecked['public'] = 'checked="checked"'; 120 } 121 122 $options = $mybb->input['options']; 123 $optionbits = ''; 124 for($i = 1; $i <= $polloptions; ++$i) 125 { 126 $option = $options[$i]; 127 $option = htmlspecialchars_uni($option); 128 eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); 129 $option = ""; 130 } 131 132 if($mybb->input['timeout'] > 0) 133 { 134 $timeout = intval($mybb->input['timeout']); 135 } 136 else 137 { 138 $timeout = 0; 139 } 140 141 $plugins->run_hooks("polls_newpoll_end"); 142 143 eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";"); 144 output_page($newpoll); 145 } 146 if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post") 147 { 148 // Verify incoming POST request 149 verify_post_check($mybb->input['my_post_key']); 150 151 $plugins->run_hooks("polls_do_newpoll_start"); 152 153 $query = $db->simple_select("threads", "*", "tid='".intval($mybb->input['tid'])."'"); 154 $thread = $db->fetch_array($query); 155 if(!$thread['tid']) 156 { 157 error($lang->error_invalidthread); 158 } 159 160 $fid = $thread['fid']; 161 $forumpermissions = forum_permissions($fid); 162 163 // Get forum info 164 $forum = get_forum($fid); 165 if(!$forum) 166 { 167 error($lang->error_invalidforum); 168 } 169 else 170 { 171 // Is our forum closed? 172 if($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) 173 { 174 // Doesn't look like it is 175 error($lang->error_closedinvalidforum); 176 } 177 } 178 179 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 180 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid)) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 181 { 182 error_no_permission(); 183 } 184 185 if($thread['poll']) 186 { 187 error($lang->error_pollalready); 188 } 189 190 $polloptions = $mybb->input['polloptions']; 191 if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions']) 192 { 193 $polloptions = $mybb->settings['maxpolloptions']; 194 } 195 196 $postoptions = $mybb->input['postoptions']; 197 if($postoptions['multiple'] != '1') 198 { 199 $postoptions['multiple'] = 0; 200 } 201 202 if($postoptions['public'] != '1') 203 { 204 $postoptions['public'] = 0; 205 } 206 207 if($polloptions < 2) 208 { 209 $polloptions = "2"; 210 } 211 $optioncount = "0"; 212 $options = $mybb->input['options']; 213 214 for($i = 1; $i <= $polloptions; ++$i) 215 { 216 if(trim($options[$i]) != "") 217 { 218 $optioncount++; 219 } 220 221 if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0) 222 { 223 $lengtherror = 1; 224 break; 225 } 226 } 227 228 if($lengtherror) 229 { 230 error($lang->error_polloptiontoolong); 231 } 232 233 if(empty($mybb->input['question']) || $optioncount < 2) 234 { 235 error($lang->error_noquestionoptions); 236 } 237 238 $optionslist = ''; 239 $voteslist = ''; 240 for($i = 1; $i <= $polloptions; ++$i) 241 { 242 if(trim($options[$i]) != '') 243 { 244 if($optionslist != '') 245 { 246 $optionslist .= '||~|~||'; 247 $voteslist .= '||~|~||'; 248 } 249 $optionslist .= trim(utf8_handle_4byte_string($options[$i])); 250 $voteslist .= '0'; 251 } 252 } 253 254 if($mybb->input['timeout'] > 0) 255 { 256 $timeout = intval($mybb->input['timeout']); 257 } 258 else 259 { 260 $timeout = 0; 261 } 262 263 $mybb->input['question'] = utf8_handle_4byte_string($mybb->input['question']); 264 265 $newpoll = array( 266 "tid" => $thread['tid'], 267 "question" => $db->escape_string($mybb->input['question']), 268 "dateline" => TIME_NOW, 269 "options" => $db->escape_string($optionslist), 270 "votes" => $db->escape_string($voteslist), 271 "numoptions" => intval($optioncount), 272 "numvotes" => 0, 273 "timeout" => $timeout, 274 "closed" => 0, 275 "multiple" => $postoptions['multiple'], 276 "public" => $postoptions['public'] 277 ); 278 279 $plugins->run_hooks("polls_do_newpoll_process"); 280 281 $pid = $db->insert_query("polls", $newpoll); 282 283 $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'"); 284 285 $plugins->run_hooks("polls_do_newpoll_end"); 286 287 if($thread['visible'] == 1) 288 { 289 redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); 290 } 291 else 292 { 293 redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated); 294 } 295 } 296 297 if($mybb->input['action'] == "editpoll") 298 { 299 $pid = intval($mybb->input['pid']); 300 301 $plugins->run_hooks("polls_editpoll_start"); 302 303 $query = $db->simple_select("polls", "*", "pid='$pid'"); 304 $poll = $db->fetch_array($query); 305 306 if(!$poll['pid']) 307 { 308 error($lang->error_invalidpoll); 309 } 310 311 $query = $db->simple_select("threads", "*", "poll='$pid'"); 312 $thread = $db->fetch_array($query); 313 $tid = $thread['tid']; 314 if(!$tid) 315 { 316 error($lang->error_invalidthread); 317 } 318 319 $fid = $thread['fid']; 320 321 // Make navigation 322 build_forum_breadcrumb($fid); 323 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 324 add_breadcrumb($lang->nav_editpoll); 325 326 $forumpermissions = forum_permissions($fid); 327 328 // Get forum info 329 $forum = get_forum($fid); 330 if(!$forum) 331 { 332 error($lang->error_invalidforum); 333 } 334 else 335 { 336 // Is our forum closed? 337 if($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) 338 { 339 // Doesn't look like it is 340 error($lang->error_closedinvalidforum); 341 } 342 } 343 344 if(!is_moderator($fid, "caneditposts")) 345 { 346 error_no_permission(); 347 } 348 349 $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']); 350 if(!$mybb->input['preview'] && !$mybb->input['updateoptions']) 351 { 352 if($poll['closed'] == 1) 353 { 354 $postoptionschecked['closed'] = 'checked="checked"'; 355 } 356 357 if($poll['multiple'] == 1) 358 { 359 $postoptionschecked['multiple'] = 'checked="checked"'; 360 } 361 362 if($poll['public'] == 1) 363 { 364 $postoptionschecked['public'] = 'checked="checked"'; 365 } 366 367 $optionsarray = explode("||~|~||", $poll['options']); 368 $votesarray = explode("||~|~||", $poll['votes']); 369 370 371 for($i = 1; $i <= $poll['numoptions']; ++$i) 372 { 373 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 374 } 375 376 $question = htmlspecialchars_uni($poll['question']); 377 $numoptions = $poll['numoptions']; 378 $optionbits = ""; 379 for($i = 0; $i < $numoptions; ++$i) 380 { 381 $counter = $i + 1; 382 $option = $optionsarray[$i]; 383 $option = htmlspecialchars_uni($option); 384 $optionvotes = intval($votesarray[$i]); 385 386 if(!$optionvotes) 387 { 388 $optionvotes = 0; 389 } 390 391 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 392 $option = ""; 393 $optionvotes = ""; 394 } 395 396 if(!$poll['timeout']) 397 { 398 $timeout = 0; 399 } 400 else 401 { 402 $timeout = $poll['timeout']; 403 } 404 } 405 else 406 { 407 if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions']) 408 { 409 $numoptions = $mybb->settings['maxpolloptions']; 410 } 411 elseif($mybb->input['numoptions'] < 2) 412 { 413 $numoptions = "2"; 414 } 415 else 416 { 417 $numoptions = $mybb->input['numoptions']; 418 } 419 $question = htmlspecialchars_uni($mybb->input['question']); 420 421 $postoptions = $mybb->input['postoptions']; 422 if($postoptions['multiple'] == 1) 423 { 424 $postoptionschecked['multiple'] = 'checked="checked"'; 425 } 426 427 if($postoptions['public'] == 1) 428 { 429 $postoptionschecked['public'] = 'checked="checked"'; 430 } 431 432 if($postoptions['closed'] == 1) 433 { 434 $postoptionschecked['closed'] = 'checked="checked"'; 435 } 436 437 $options = $mybb->input['options']; 438 $votes = $mybb->input['votes']; 439 $optionbits = ''; 440 for($i = 1; $i <= $numoptions; ++$i) 441 { 442 $counter = $i; 443 $option = $options[$i]; 444 $option = htmlspecialchars_uni($option); 445 $optionvotes = $votes[$i]; 446 447 if(!$optionvotes) 448 { 449 $optionvotes = 0; 450 } 451 452 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 453 $option = ""; 454 } 455 456 if($mybb->input['timeout'] > 0) 457 { 458 $timeout = $mybb->input['timeout']; 459 } 460 else 461 { 462 $timeout = 0; 463 } 464 } 465 466 $plugins->run_hooks("polls_editpoll_end"); 467 468 eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";"); 469 output_page($editpoll); 470 } 471 472 if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post") 473 { 474 // Verify incoming POST request 475 verify_post_check($mybb->input['my_post_key']); 476 477 $plugins->run_hooks("polls_do_editpoll_start"); 478 479 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 480 $poll = $db->fetch_array($query); 481 482 if(!$poll['pid']) 483 { 484 error($lang->error_invalidpoll); 485 } 486 487 $query = $db->simple_select("threads", "*", "poll='".intval($mybb->input['pid'])."'"); 488 $thread = $db->fetch_array($query); 489 if(!$thread['tid']) 490 { 491 error($lang->error_invalidthread); 492 } 493 494 $forumpermissions = forum_permissions($thread['fid']); 495 496 // Get forum info 497 $forum = get_forum($thread['fid']); 498 if(!$forum) 499 { 500 error($lang->error_invalidforum); 501 } 502 else 503 { 504 // Is our forum closed? 505 if($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) 506 { 507 // Doesn't look like it is 508 error($lang->error_closedinvalidforum); 509 } 510 } 511 512 if(!is_moderator($thread['fid'], "caneditposts")) 513 { 514 error_no_permission(); 515 } 516 517 if($mybb->settings['maxpolloptions'] && $mybb->input['numoptions'] > $mybb->settings['maxpolloptions']) 518 { 519 $numoptions = $mybb->settings['maxpolloptions']; 520 } 521 elseif(!$mybb->input['numoptions']) 522 { 523 $numoptions = 2; 524 } 525 else 526 { 527 $numoptions = $mybb->input['numoptions']; 528 } 529 530 $postoptions = $mybb->input['postoptions']; 531 if($postoptions['multiple'] != '1') 532 { 533 $postoptions['multiple'] = 0; 534 } 535 536 if($postoptions['public'] != '1') 537 { 538 $postoptions['public'] = 0; 539 } 540 541 if($postoptions['closed'] != '1') 542 { 543 $postoptions['closed'] = 0; 544 } 545 $optioncount = "0"; 546 $options = $mybb->input['options']; 547 548 for($i = 1; $i <= $numoptions; ++$i) 549 { 550 if(trim($options[$i]) != '') 551 { 552 $optioncount++; 553 } 554 555 if(my_strlen($options[$i]) > $mybb->settings['polloptionlimit'] && $mybb->settings['polloptionlimit'] != 0) 556 { 557 $lengtherror = 1; 558 break; 559 } 560 } 561 562 if($lengtherror) 563 { 564 error($lang->error_polloptiontoolong); 565 } 566 567 if(trim($mybb->input['question']) == '' || $optioncount < 2) 568 { 569 error($lang->error_noquestionoptions); 570 } 571 572 $optionslist = ''; 573 $voteslist = ''; 574 $numvotes = ''; 575 $votes = $mybb->input['votes']; 576 for($i = 1; $i <= $numoptions; ++$i) 577 { 578 if(trim($options[$i]) != '') 579 { 580 if($optionslist != '') 581 { 582 $optionslist .= "||~|~||"; 583 $voteslist .= "||~|~||"; 584 } 585 586 $optionslist .= trim(utf8_handle_4byte_string($options[$i])); 587 if(intval($votes[$i]) <= 0) 588 { 589 $votes[$i] = "0"; 590 } 591 $voteslist .= $votes[$i]; 592 $numvotes = $numvotes + $votes[$i]; 593 } 594 } 595 596 if($mybb->input['timeout'] > 0) 597 { 598 $timeout = intval($mybb->input['timeout']); 599 } 600 else 601 { 602 $timeout = 0; 603 } 604 605 $mybb->input['question'] = utf8_handle_4byte_string($mybb->input['question']); 606 607 $updatedpoll = array( 608 "question" => $db->escape_string($mybb->input['question']), 609 "options" => $db->escape_string($optionslist), 610 "votes" => $db->escape_string($voteslist), 611 "numoptions" => intval($optioncount), 612 "numvotes" => $numvotes, 613 "timeout" => $timeout, 614 "closed" => $postoptions['closed'], 615 "multiple" => $postoptions['multiple'], 616 "public" => $postoptions['public'] 617 ); 618 619 $plugins->run_hooks("polls_do_editpoll_process"); 620 621 $db->update_query("polls", $updatedpoll, "pid='".intval($mybb->input['pid'])."'"); 622 623 $plugins->run_hooks("polls_do_editpoll_end"); 624 625 $modlogdata['fid'] = $thread['fid']; 626 $modlogdata['tid'] = $thread['tid']; 627 log_moderator_action($modlogdata, $lang->poll_edited); 628 629 redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated); 630 } 631 632 if($mybb->input['action'] == "showresults") 633 { 634 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 635 $poll = $db->fetch_array($query); 636 637 if(!$poll['pid']) 638 { 639 error($lang->error_invalidpoll); 640 } 641 642 $tid = $poll['tid']; 643 $query = $db->simple_select("threads", "*", "tid='$tid'"); 644 $thread = $db->fetch_array($query); 645 if(!$thread['tid']) 646 { 647 error($lang->error_invalidthread); 648 } 649 650 $fid = $thread['fid']; 651 652 // Get forum info 653 $forum = get_forum($fid); 654 if(!$forum) 655 { 656 error($lang->error_invalidforum); 657 } 658 659 $forumpermissions = forum_permissions($forum['fid']); 660 661 $plugins->run_hooks("polls_showresults_start"); 662 663 if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0 || ($forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 664 { 665 error_no_permission(); 666 } 667 668 // Make navigation 669 build_forum_breadcrumb($fid); 670 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 671 add_breadcrumb($lang->nav_pollresults); 672 673 $voters = array(); 674 675 // Calculate votes 676 $query = $db->query(" 677 SELECT v.*, u.username 678 FROM ".TABLE_PREFIX."pollvotes v 679 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid) 680 WHERE v.pid='{$poll['pid']}' 681 ORDER BY u.username 682 "); 683 while($voter = $db->fetch_array($query)) 684 { 685 // Mark for current user's vote 686 if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid']) 687 { 688 $votedfor[$voter['voteoption']] = 1; 689 } 690 691 // Count number of guests and users without a username (assumes they've been deleted) 692 if($voter['uid'] == 0 || $voter['username'] == '') 693 { 694 // Add one to the number of voters for guests 695 ++$guest_voters[$voter['voteoption']]; 696 } 697 else 698 { 699 $voters[$voter['voteoption']][$voter['uid']] = $voter['username']; 700 } 701 } 702 703 $optionsarray = explode("||~|~||", $poll['options']); 704 $votesarray = explode("||~|~||", $poll['votes']); 705 for($i = 1; $i <= $poll['numoptions']; ++$i) 706 { 707 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 708 } 709 710 $polloptions = ''; 711 for($i = 1; $i <= $poll['numoptions']; ++$i) 712 { 713 $parser_options = array( 714 "allow_html" => $forum['allowhtml'], 715 "allow_mycode" => $forum['allowmycode'], 716 "allow_smilies" => $forum['allowsmilies'], 717 "allow_imgcode" => $forum['allowimgcode'], 718 "allow_videocode" => $forum['allowvideocode'], 719 "filter_badwords" => 1 720 ); 721 $option = $parser->parse_message($optionsarray[$i-1], $parser_options); 722 723 $votes = $votesarray[$i-1]; 724 $number = $i; 725 // Make the mark for current user's voted option 726 if($votedfor[$number]) 727 { 728 $optionbg = 'trow2'; 729 $votestar = '*'; 730 } 731 else 732 { 733 $optionbg = 'trow1'; 734 $votestar = ''; 735 } 736 737 if($votes == '0') 738 { 739 $percent = '0'; 740 } 741 else 742 { 743 $percent = number_format($votes / $poll['totvotes'] * 100, 2); 744 } 745 746 $imagewidth = round($percent/3) * 5; 747 $comma = ''; 748 $guest_comma = ''; 749 $userlist = ''; 750 $guest_count = 0; 751 if($poll['public'] == 1 || is_moderator($fid)) 752 { 753 if(is_array($voters[$number])) 754 { 755 foreach($voters[$number] as $uid => $username) 756 { 757 $userlist .= $comma.build_profile_link($username, $uid); 758 $comma = $guest_comma = $lang->comma; 759 } 760 } 761 762 if($guest_voters[$number] > 0) 763 { 764 if($guest_voters[$number] == 1) 765 { 766 $userlist .= $guest_comma.$lang->guest_count; 767 } 768 else 769 { 770 $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]); 771 } 772 } 773 } 774 eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";"); 775 } 776 777 if($poll['totvotes']) 778 { 779 $totpercent = '100%'; 780 } 781 else 782 { 783 $totpercent = '0%'; 784 } 785 786 $plugins->run_hooks("polls_showresults_end"); 787 788 $poll['question'] = htmlspecialchars_uni($poll['question']); 789 eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); 790 output_page($showresults); 791 } 792 if($mybb->input['action'] == "vote" && $mybb->request_method == "post") 793 { 794 // Verify incoming POST request 795 verify_post_check($mybb->input['my_post_key']); 796 797 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 798 $poll = $db->fetch_array($query); 799 $poll['timeout'] = $poll['timeout']*60*60*24; 800 801 $plugins->run_hooks("polls_vote_start"); 802 803 if(!$poll['pid']) 804 { 805 error($lang->error_invalidpoll); 806 } 807 808 $query = $db->simple_select("threads", "*", "poll='".$poll['pid']."'"); 809 $thread = $db->fetch_array($query); 810 811 if(!$thread['tid'] || $thread['visible'] == 0) 812 { 813 error($lang->error_invalidthread); 814 } 815 816 $fid = $thread['fid']; 817 $forumpermissions = forum_permissions($fid); 818 if($forumpermissions['canvotepolls'] == 0) 819 { 820 error_no_permission(); 821 } 822 823 // Get forum info 824 $forum = get_forum($fid); 825 if(!$forum) 826 { 827 error($lang->error_invalidforum); 828 } 829 else 830 { 831 // Is our forum closed? 832 if ($forum['open'] == 0) 833 { 834 // Doesn't look like it is 835 error($lang->error_closedinvalidforum); 836 } 837 } 838 839 $expiretime = $poll['dateline'] + $poll['timeout']; 840 $now = TIME_NOW; 841 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout'])) 842 { 843 error($lang->error_pollclosed); 844 } 845 846 if(!isset($mybb->input['option'])) 847 { 848 error($lang->error_nopolloptions); 849 } 850 851 // Check if the user has voted before... 852 if($mybb->user['uid']) 853 { 854 $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 855 $votecheck = $db->fetch_array($query); 856 } 857 858 if($votecheck['vid'] || (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== "")) 859 { 860 error($lang->error_alreadyvoted); 861 } 862 elseif(!$mybb->user['uid']) 863 { 864 // Give a cookie to guests to inhibit revotes 865 if(is_array($mybb->input['option'])) 866 { 867 // We have multiple options here... 868 $votes_cookie = implode(',', array_keys($mybb->input['option'])); 869 } 870 else 871 { 872 $votes_cookie = $mybb->input['option']; 873 } 874 875 my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie); 876 } 877 878 $votesql = ''; 879 $now = TIME_NOW; 880 $votesarray = explode("||~|~||", $poll['votes']); 881 $option = $mybb->input['option']; 882 $numvotes = (int)$poll['numvotes']; 883 if($poll['multiple'] == 1) 884 { 885 if(is_array($option)) 886 { 887 foreach($option as $voteoption => $vote) 888 { 889 if($vote == 1 && isset($votesarray[$voteoption-1])) 890 { 891 if($votesql) 892 { 893 $votesql .= ","; 894 } 895 $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')"; 896 $votesarray[$voteoption-1]++; 897 $numvotes = $numvotes+1; 898 } 899 } 900 } 901 } 902 else 903 { 904 if(is_array($option) || !isset($votesarray[$option-1])) 905 { 906 error($lang->error_nopolloptions); 907 } 908 $votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')"; 909 $votesarray[$option-1]++; 910 $numvotes = $numvotes+1; 911 } 912 913 if(!$votesql) 914 { 915 error($lang->error_nopolloptions); 916 } 917 918 $db->write_query(" 919 INSERT INTO 920 ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) 921 VALUES $votesql 922 "); 923 $voteslist = ''; 924 for($i = 1; $i <= $poll['numoptions']; ++$i) 925 { 926 if($i > 1) 927 { 928 $voteslist .= "||~|~||"; 929 } 930 $voteslist .= $votesarray[$i-1]; 931 } 932 $updatedpoll = array( 933 "votes" => $db->escape_string($voteslist), 934 "numvotes" => intval($numvotes), 935 ); 936 937 $plugins->run_hooks("polls_vote_process"); 938 939 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 940 941 $plugins->run_hooks("polls_vote_end"); 942 943 redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); 944 } 945 946 if($mybb->input['action'] == "do_undovote") 947 { 948 verify_post_check($mybb->input['my_post_key']); 949 950 $plugins->run_hooks("polls_do_undovote_start"); 951 if($mybb->usergroup['canundovotes'] != 1) 952 { 953 error_no_permission(); 954 } 955 956 $query = $db->simple_select("polls", "*", "pid='".intval($mybb->input['pid'])."'"); 957 $poll = $db->fetch_array($query); 958 $poll['numvotes'] = (int)$poll['numvotes']; 959 960 if(!$poll['pid']) 961 { 962 error($lang->error_invalidpoll); 963 } 964 965 // We do not have $forum_cache available here since no forums permissions are checked in undo vote 966 // Get thread ID and then get forum info 967 $query = $db->simple_select("threads", "*", "tid='".intval($poll['tid'])."'"); 968 $thread = $db->fetch_array($query); 969 if(!$thread['tid'] || $thread['visible'] == 0) 970 { 971 error($lang->error_invalidthread); 972 } 973 974 $fid = $thread['fid']; 975 976 // Get forum info 977 $forum = get_forum($fid); 978 if(!$forum) 979 { 980 error($lang->error_invalidforum); 981 } 982 else 983 { 984 // Is our forum closed? 985 if ($forum['open'] == 0) 986 { 987 // Doesn't look like it is 988 error($lang->error_closedinvalidforum); 989 } 990 } 991 992 $poll['timeout'] = $poll['timeout']*60*60*24; 993 994 995 $expiretime = $poll['dateline'] + $poll['timeout']; 996 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout'])) 997 { 998 error($lang->error_pollclosed); 999 } 1000 1001 // Check if the user has voted before... 1002 $vote_options = array(); 1003 if($mybb->user['uid']) 1004 { 1005 $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 1006 while($voteoption = $db->fetch_array($query)) 1007 { 1008 $vote_options[$voteoption['vid']] = $voteoption['voteoption']; 1009 } 1010 } 1011 else 1012 { 1013 // for Guests, we simply see if they've got the cookie 1014 $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]); 1015 } 1016 $votecheck = !empty($vote_options); 1017 1018 if(!$votecheck) 1019 { 1020 error($lang->error_notvoted); 1021 } 1022 else if(!$mybb->user['uid']) 1023 { 1024 // clear cookie for Guests 1025 my_setcookie("pollvotes[{$poll['pid']}]", ""); 1026 } 1027 1028 // Note, this is not thread safe! 1029 $votesarray = explode("||~|~||", $poll['votes']); 1030 if(count($votesarray) > $poll['numoptions']) 1031 { 1032 $votesarray = array_slice(0, $poll['numoptions']); 1033 } 1034 1035 if($poll['multiple'] == 1) 1036 { 1037 foreach($vote_options as $vote) 1038 { 1039 if(isset($votesarray[$vote-1])) 1040 { 1041 --$votesarray[$vote-1]; 1042 --$poll['numvotes']; 1043 } 1044 } 1045 } 1046 else 1047 { 1048 $voteoption = reset($vote_options); 1049 if(isset($votesarray[$voteoption-1])) 1050 { 1051 --$votesarray[$voteoption-1]; 1052 --$poll['numvotes']; 1053 } 1054 } 1055 1056 // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>) 1057 if($poll['numvotes'] < 0) 1058 { 1059 $poll['numvotes'] = 0; 1060 } 1061 1062 foreach($votesarray as $i => $votes) 1063 { 1064 if($votes < 0) 1065 { 1066 $votesarray[$i] = 0; 1067 } 1068 } 1069 1070 $voteslist = implode("||~|~||", $votesarray); 1071 $updatedpoll = array( 1072 "votes" => $db->escape_string($voteslist), 1073 "numvotes" => intval($poll['numvotes']), 1074 ); 1075 1076 $plugins->run_hooks("polls_do_undovote_process"); 1077 1078 $db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); 1079 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 1080 1081 $plugins->run_hooks("polls_do_undovote_end"); 1082 1083 redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted); 1084 } 1085 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |