[ Index ]

PHP Cross Reference of MyBB 1.8.12

title

Body

[close]

/ -> polls.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'polls.php');
  13  
  14  $templatelist = "changeuserbox,loginbox,polls_newpoll_option,polls_newpoll,polls_editpoll_option,polls_editpoll,polls_showresults_resultbit,polls_showresults";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT."inc/functions_post.php";
  17  require_once  MYBB_ROOT."inc/class_parser.php";
  18  $parser = new postParser;
  19  
  20  // Load global language phrases
  21  $lang->load("polls");
  22  
  23  $plugins->run_hooks("polls_start");
  24  
  25  if($mybb->user['uid'] != 0)
  26  {
  27      $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
  28      eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
  29  }
  30  else
  31  {
  32      eval("\$loginbox = \"".$templates->get("loginbox")."\";");
  33  }
  34  
  35  $mybb->input['action'] = $mybb->get_input('action');
  36  if(!empty($mybb->input['updateoptions']))
  37  {
  38      if($mybb->input['action'] == "do_editpoll")
  39      {
  40          $mybb->input['action'] = "editpoll";
  41      }
  42      else
  43      {
  44          $mybb->input['action'] = "newpoll";
  45      }
  46  }
  47  if($mybb->input['action'] == "newpoll")
  48  {
  49      // Form for new poll
  50      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  51  
  52      $plugins->run_hooks("polls_newpoll_start");
  53  
  54      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
  55      if(!$thread)
  56      {
  57          error($lang->error_invalidthread);
  58      }
  59  
  60      // Is the currently logged in user a moderator of this forum?
  61      $ismod = is_moderator($thread['fid']);
  62  
  63      // Make sure we are looking at a real thread here.
  64      if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
  65      {
  66          error($lang->error_invalidthread);
  67      }
  68  
  69      $fid = $thread['fid'];
  70      $forumpermissions = forum_permissions($fid);
  71  
  72      // Get forum info
  73      $forum = get_forum($fid);
  74      if(!$forum)
  75      {
  76          error($lang->error_invalidforum);
  77      }
  78      else
  79      {
  80          // Is our forum closed?
  81          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
  82          {
  83              // Doesn't look like it is
  84              error($lang->error_closedinvalidforum);
  85          }
  86      }
  87      // Make navigation
  88      build_forum_breadcrumb($fid);
  89      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
  90      add_breadcrumb($lang->nav_postpoll);
  91  
  92      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
  93      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
  94      {
  95          error_no_permission();
  96      }
  97  
  98      if($thread['poll'])
  99      {
 100          error($lang->error_pollalready);
 101      }
 102  
 103      $time = TIME_NOW;
 104      if($thread['dateline'] < ($time-($mybb->settings['polltimelimit']*60*60)) && $mybb->settings['polltimelimit'] != 0 && $ismod == false)
 105      {
 106          $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']);
 107          error($lang->poll_time_limit);
 108      }
 109  
 110      // Sanitize number of poll options
 111      if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0)
 112      {
 113          $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
 114      }
 115      if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 116      {    // Too big
 117          $polloptions = $mybb->settings['maxpolloptions'];
 118      }
 119      elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2)
 120      {    // Too small
 121          $polloptions = 2;
 122      }
 123      else
 124      {    // Just right
 125          $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 126      }
 127  
 128      $question = htmlspecialchars_uni($mybb->get_input('question'));
 129  
 130      $postoptionschecked = array('public' => '', 'multiple' => '');
 131      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT);
 132      if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 133      {
 134          $postoptionschecked['multiple'] = 'checked="checked"';
 135      }
 136      if(isset($postoptions['public']) && $postoptions['public'] == 1)
 137      {
 138          $postoptionschecked['public'] = 'checked="checked"';
 139      }
 140  
 141      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 142      $optionbits = '';
 143      for($i = 1; $i <= $polloptions; ++$i)
 144      {
 145          if(!isset($options[$i]))
 146          {
 147              $options[$i] = '';
 148          }
 149          $option = $options[$i];
 150          $option = htmlspecialchars_uni($option);
 151          eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";");
 152          $option = "";
 153      }
 154  
 155      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 156      {
 157          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 158      }
 159      else
 160      {
 161          $timeout = 0;
 162      }
 163  
 164      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 165      {
 166          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 167      }
 168      else
 169      {
 170          $maxoptions = 0;
 171      }
 172  
 173      $plugins->run_hooks("polls_newpoll_end");
 174  
 175      eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";");
 176      output_page($newpoll);
 177  }
 178  if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post")
 179  {
 180      // Verify incoming POST request
 181      verify_post_check($mybb->get_input('my_post_key'));
 182  
 183      $plugins->run_hooks("polls_do_newpoll_start");
 184  
 185      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
 186      if(!$thread)
 187      {
 188          error($lang->error_invalidthread);
 189      }
 190  
 191      $fid = $thread['fid'];
 192      $forumpermissions = forum_permissions($fid);
 193  
 194      // Get forum info
 195      $forum = get_forum($fid);
 196      if(!$forum)
 197      {
 198          error($lang->error_invalidforum);
 199      }
 200      else
 201      {
 202          // Is our forum closed?
 203          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 204          {
 205              // Doesn't look like it is
 206              error($lang->error_closedinvalidforum);
 207          }
 208      }
 209  
 210      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
 211      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
 212      {
 213          error_no_permission();
 214      }
 215  
 216      if($thread['poll'])
 217      {
 218          error($lang->error_pollalready);
 219      }
 220  
 221      $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 222      if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions'])
 223      {
 224          $polloptions = $mybb->settings['maxpolloptions'];
 225      }
 226  
 227      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 228      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 229      {
 230          $postoptions['multiple'] = 0;
 231      }
 232  
 233      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 234      {
 235          $postoptions['public'] = 0;
 236      }
 237  
 238      if($polloptions < 2)
 239      {
 240          $polloptions = "2";
 241      }
 242      $optioncount = "0";
 243      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 244  
 245      for($i = 1; $i <= $polloptions; ++$i)
 246      {
 247          if(!isset($options[$i]))
 248          {
 249              $options[$i] = '';
 250          }
 251  
 252          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 253          {
 254              $lengtherror = 1;
 255              break;
 256          }
 257  
 258          if(strpos($options[$i], '||~|~||') !== false)
 259          {
 260              $sequenceerror = 1;
 261              break;
 262          }
 263          
 264          if(trim($options[$i]) != "")
 265          {
 266              $optioncount++;
 267          }
 268      }
 269  
 270      if(isset($lengtherror))
 271      {
 272          error($lang->error_polloptiontoolong);
 273      }
 274  
 275      if(isset($sequenceerror))
 276      {
 277          error($lang->error_polloptionsequence);
 278      }
 279      
 280      $mybb->input['question'] = $mybb->get_input('question');
 281  
 282      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 283      {
 284          error($lang->error_noquestionoptions);
 285      }
 286  
 287      $optionslist = '';
 288      $voteslist = '';
 289      for($i = 1; $i <= $polloptions; ++$i)
 290      {
 291          if(trim($options[$i]) != '')
 292          {
 293              if($optionslist != '')
 294              {
 295                  $optionslist .= '||~|~||';
 296                  $voteslist .= '||~|~||';
 297              }
 298              $optionslist .= trim($options[$i]);
 299              $voteslist .= '0';
 300          }
 301      }
 302  
 303      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 304      {
 305          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 306      }
 307      else
 308      {
 309          $timeout = 0;
 310      }
 311  
 312      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 313      {
 314          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 315      }
 316      else
 317      {
 318          $maxoptions = 0;
 319      }
 320  
 321      $newpoll = array(
 322          "tid" => $thread['tid'],
 323          "question" => $db->escape_string($mybb->input['question']),
 324          "dateline" => TIME_NOW,
 325          "options" => $db->escape_string($optionslist),
 326          "votes" => $db->escape_string($voteslist),
 327          "numoptions" => (int)$optioncount,
 328          "numvotes" => 0,
 329          "timeout" => $timeout,
 330          "closed" => 0,
 331          "multiple" => $postoptions['multiple'],
 332          "public" => $postoptions['public'],
 333          "maxoptions" => $maxoptions
 334      );
 335  
 336      $plugins->run_hooks("polls_do_newpoll_process");
 337  
 338      $pid = $db->insert_query("polls", $newpoll);
 339  
 340      $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'");
 341  
 342      $plugins->run_hooks("polls_do_newpoll_end");
 343  
 344      if($thread['visible'] == 1)
 345      {
 346          redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted);
 347      }
 348      else
 349      {
 350          redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated);
 351      }
 352  }
 353  
 354  if($mybb->input['action'] == "editpoll")
 355  {
 356      $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 357  
 358      $plugins->run_hooks("polls_editpoll_start");
 359  
 360      $query = $db->simple_select("polls", "*", "pid='$pid'");
 361      $poll = $db->fetch_array($query);
 362  
 363      if(!$poll)
 364      {
 365          error($lang->error_invalidpoll);
 366      }
 367  
 368      $query = $db->simple_select("threads", "*", "poll='$pid'");
 369      $thread = $db->fetch_array($query);
 370      if(!$thread)
 371      {
 372          error($lang->error_invalidthread);
 373      }
 374  
 375      $tid = $thread['tid'];
 376      $fid = $thread['fid'];
 377  
 378      // Make navigation
 379      build_forum_breadcrumb($fid);
 380      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 381      add_breadcrumb($lang->nav_editpoll);
 382  
 383      $forumpermissions = forum_permissions($fid);
 384  
 385      // Get forum info
 386      $forum = get_forum($fid);
 387      if(!$forum)
 388      {
 389          error($lang->error_invalidforum);
 390      }
 391      else
 392      {
 393          // Is our forum closed?
 394          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 395          {
 396              // Doesn't look like it is
 397              error($lang->error_closedinvalidforum);
 398          }
 399      }
 400  
 401      if(!is_moderator($fid, "canmanagepolls"))
 402      {
 403          error_no_permission();
 404      }
 405  
 406      $postoptionschecked = array('closed' => '', 'multiple' => '', 'public' => '');
 407  
 408      $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']);
 409      if(empty($mybb->input['updateoptions']))
 410      {
 411          if($poll['closed'] == 1)
 412          {
 413              $postoptionschecked['closed'] = 'checked="checked"';
 414          }
 415  
 416          if($poll['multiple'] == 1)
 417          {
 418              $postoptionschecked['multiple'] = 'checked="checked"';
 419          }
 420  
 421          if($poll['public'] == 1)
 422          {
 423              $postoptionschecked['public'] = 'checked="checked"';
 424          }
 425  
 426          $optionsarray = explode("||~|~||", $poll['options']);
 427          $votesarray = explode("||~|~||", $poll['votes']);
 428  
 429          $poll['totvotes'] = 0;
 430          for($i = 1; $i <= $poll['numoptions']; ++$i)
 431          {
 432              $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 433          }
 434  
 435          $question = htmlspecialchars_uni($poll['question']);
 436          $numoptions = $poll['numoptions'];
 437          $optionbits = "";
 438          for($i = 0; $i < $numoptions; ++$i)
 439          {
 440              $counter = $i + 1;
 441              $option = $optionsarray[$i];
 442              $option = htmlspecialchars_uni($option);
 443              $optionvotes = (int)$votesarray[$i];
 444  
 445              if(!$optionvotes)
 446              {
 447                  $optionvotes = 0;
 448              }
 449  
 450              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 451              $option = "";
 452              $optionvotes = "";
 453          }
 454  
 455          if(!$poll['timeout'])
 456          {
 457              $timeout = 0;
 458          }
 459          else
 460          {
 461              $timeout = $poll['timeout'];
 462          }
 463  
 464          if(!$poll['maxoptions'])
 465          {
 466              $maxoptions = 0;
 467          }
 468          else
 469          {
 470              $maxoptions = $poll['maxoptions'];
 471          }
 472      }
 473      else
 474      {
 475          if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 476          {
 477              $numoptions = $mybb->settings['maxpolloptions'];
 478          }
 479          elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 480          {
 481              $numoptions = 2;
 482          }
 483          else
 484          {
 485              $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 486          }
 487          $question = htmlspecialchars_uni($mybb->input['question']);
 488  
 489          $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 490          if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 491          {
 492              $postoptionschecked['multiple'] = 'checked="checked"';
 493          }
 494  
 495          if(isset($postoptions['public']) && $postoptions['public'] == 1)
 496          {
 497              $postoptionschecked['public'] = 'checked="checked"';
 498          }
 499  
 500          if(isset($postoptions['closed']) && $postoptions['closed'] == 1)
 501          {
 502              $postoptionschecked['closed'] = 'checked="checked"';
 503          }
 504  
 505          $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 506          $votes = $mybb->get_input('votes', MyBB::INPUT_ARRAY);
 507          $optionbits = '';
 508          for($i = 1; $i <= $numoptions; ++$i)
 509          {
 510              $counter = $i;
 511              if(!isset($options[$i]))
 512              {
 513                  $options[$i] = '';
 514              }
 515              $option = htmlspecialchars_uni($options[$i]);
 516              if(!isset($votes[$i]))
 517              {
 518                  $votes[$i] = 0;
 519              }
 520              $optionvotes = (int)$votes[$i];
 521  
 522              if(!$optionvotes)
 523              {
 524                  $optionvotes = 0;
 525              }
 526  
 527              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 528              $option = "";
 529          }
 530  
 531          if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 532          {
 533              $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 534          }
 535          else
 536          {
 537              $timeout = 0;
 538          }
 539  
 540          if(!$poll['maxoptions'])
 541          {
 542              $maxoptions = 0;
 543          }
 544          else
 545          {
 546              $maxoptions = $poll['maxoptions'];
 547          }
 548      }
 549  
 550      $plugins->run_hooks("polls_editpoll_end");
 551  
 552      eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");
 553      output_page($editpoll);
 554  }
 555  
 556  if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post")
 557  {
 558      // Verify incoming POST request
 559      verify_post_check($mybb->get_input('my_post_key'));
 560  
 561      $plugins->run_hooks("polls_do_editpoll_start");
 562  
 563      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 564      $poll = $db->fetch_array($query);
 565  
 566      if(!$poll)
 567      {
 568          error($lang->error_invalidpoll);
 569      }
 570  
 571      $query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 572      $thread = $db->fetch_array($query);
 573      if(!$thread)
 574      {
 575          error($lang->error_invalidthread);
 576      }
 577  
 578      $forumpermissions = forum_permissions($thread['fid']);
 579  
 580      // Get forum info
 581      $forum = get_forum($thread['fid']);
 582      $fid = $thread['fid'];
 583      if(!$forum)
 584      {
 585          error($lang->error_invalidforum);
 586      }
 587      else
 588      {
 589          // Is our forum closed?
 590          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 591          {
 592              // Doesn't look like it is
 593              error($lang->error_closedinvalidforum);
 594          }
 595      }
 596  
 597      if(!is_moderator($thread['fid'], "canmanagepolls"))
 598      {
 599          error_no_permission();
 600      }
 601  
 602      if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 603      {
 604          $numoptions = $mybb->settings['maxpolloptions'];
 605      }
 606      elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 607      {
 608          $numoptions = 2;
 609      }
 610      else
 611      {
 612          $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 613      }
 614  
 615      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 616      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 617      {
 618          $postoptions['multiple'] = 0;
 619      }
 620  
 621      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 622      {
 623          $postoptions['public'] = 0;
 624      }
 625  
 626      if(!isset($postoptions['closed']) || $postoptions['closed'] != '1')
 627      {
 628          $postoptions['closed'] = 0;
 629      }
 630      $optioncount = "0";
 631      $options = $mybb->input['options'];
 632  
 633      for($i = 1; $i <= $numoptions; ++$i)
 634      {
 635          if(!isset($options[$i]))
 636          {
 637              $options[$i] = '';
 638          }
 639  
 640          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 641          {
 642              $lengtherror = 1;
 643              break;
 644          }
 645  
 646          if(strpos($options[$i], '||~|~||') !== false)
 647          {
 648              $sequenceerror = 1;
 649              break;
 650          }
 651          
 652          if(trim($options[$i]) != "")
 653          {
 654              $optioncount++;
 655          }
 656      }
 657  
 658      if(isset($lengtherror))
 659      {
 660          error($lang->error_polloptiontoolong);
 661      }
 662      
 663      if(isset($sequenceerror))
 664      {
 665          error($lang->error_polloptionsequence);
 666      }
 667  
 668      $mybb->input['question'] = $mybb->get_input('question');
 669      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 670      {
 671          error($lang->error_noquestionoptions);
 672      }
 673  
 674      $optionslist = '';
 675      $voteslist = '';
 676      $numvotes = '';
 677      $votes = $mybb->input['votes'];
 678      for($i = 1; $i <= $numoptions; ++$i)
 679      {
 680          if(trim($options[$i]) != '')
 681          {
 682              if($optionslist != '')
 683              {
 684                  $optionslist .= "||~|~||";
 685                  $voteslist .= "||~|~||";
 686              }
 687  
 688              $optionslist .= trim($options[$i]);
 689              if(!isset($votes[$i]) || (int)$votes[$i] <= 0)
 690              {
 691                  $votes[$i] = "0";
 692              }
 693              $voteslist .= $votes[$i];
 694              $numvotes = $numvotes + $votes[$i];
 695          }
 696      }
 697  
 698      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 699      {
 700          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 701      }
 702      else
 703      {
 704          $timeout = 0;
 705      }
 706  
 707      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)
 708      {
 709          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 710      }
 711      else
 712      {
 713          $maxoptions = 0;
 714      }
 715  
 716      $updatedpoll = array(
 717          "question" => $db->escape_string($mybb->input['question']),
 718          "options" => $db->escape_string($optionslist),
 719          "votes" => $db->escape_string($voteslist),
 720          "numoptions" => (int)$optioncount,
 721          "numvotes" => $numvotes,
 722          "timeout" => $timeout,
 723          "closed" => $postoptions['closed'],
 724          "multiple" => $postoptions['multiple'],
 725          "public" => $postoptions['public'],
 726          "maxoptions" => $maxoptions
 727      );
 728  
 729      $plugins->run_hooks("polls_do_editpoll_process");
 730  
 731      $db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 732  
 733      $plugins->run_hooks("polls_do_editpoll_end");
 734  
 735      $modlogdata['fid'] = $thread['fid'];
 736      $modlogdata['tid'] = $thread['tid'];
 737      log_moderator_action($modlogdata, $lang->poll_edited);
 738  
 739      redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated);
 740  }
 741  
 742  if($mybb->input['action'] == "showresults")
 743  {
 744      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 745      $poll = $db->fetch_array($query);
 746  
 747      if(!$poll)
 748      {
 749          error($lang->error_invalidpoll);
 750      }
 751  
 752      $tid = $poll['tid'];
 753      $thread = get_thread($tid);
 754      if(!$thread)
 755      {
 756          error($lang->error_invalidthread);
 757      }
 758  
 759      $fid = $thread['fid'];
 760  
 761      // Get forum info
 762      $forum = get_forum($fid);
 763      if(!$forum)
 764      {
 765          error($lang->error_invalidforum);
 766      }
 767  
 768      $forumpermissions = forum_permissions($forum['fid']);
 769  
 770      $plugins->run_hooks("polls_showresults_start");
 771  
 772      if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 773      {
 774          error_no_permission();
 775      }
 776  
 777      // Make navigation
 778      build_forum_breadcrumb($fid);
 779      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 780      add_breadcrumb($lang->nav_pollresults);
 781  
 782      $voters = $votedfor = array();
 783  
 784      // Calculate votes
 785      $query = $db->query("
 786          SELECT v.*, u.username
 787          FROM ".TABLE_PREFIX."pollvotes v
 788          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid)
 789          WHERE v.pid='{$poll['pid']}'
 790          ORDER BY u.username
 791      ");
 792      while($voter = $db->fetch_array($query))
 793      {
 794          // Mark for current user's vote
 795          if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid'])
 796          {
 797              $votedfor[$voter['voteoption']] = 1;
 798          }
 799  
 800          // Count number of guests and users without a username (assumes they've been deleted)
 801          if($voter['uid'] == 0 || $voter['username'] == '')
 802          {
 803              // Add one to the number of voters for guests
 804              ++$guest_voters[$voter['voteoption']];
 805          }
 806          else
 807          {
 808              $voters[$voter['voteoption']][$voter['uid']] = htmlspecialchars_uni($voter['username']);
 809          }
 810      }
 811  
 812      $optionsarray = explode("||~|~||", $poll['options']);
 813      $votesarray = explode("||~|~||", $poll['votes']);
 814      $poll['totvotes'] = 0;
 815      for($i = 1; $i <= $poll['numoptions']; ++$i)
 816      {
 817          $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 818      }
 819  
 820      $polloptions = '';
 821      for($i = 1; $i <= $poll['numoptions']; ++$i)
 822      {
 823          $parser_options = array(
 824              "allow_html" => $forum['allowhtml'],
 825              "allow_mycode" => $forum['allowmycode'],
 826              "allow_smilies" => $forum['allowsmilies'],
 827              "allow_imgcode" => $forum['allowimgcode'],
 828              "allow_videocode" => $forum['allowvideocode'],
 829              "filter_badwords" => 1
 830          );
 831          $option = $parser->parse_message($optionsarray[$i-1], $parser_options);
 832  
 833          $votes = $votesarray[$i-1];
 834          $number = $i;
 835          // Make the mark for current user's voted option
 836          if(!empty($votedfor[$number]))
 837          {
 838              $optionbg = 'trow2';
 839              $votestar = '*';
 840          }
 841          else
 842          {
 843              $optionbg = 'trow1';
 844              $votestar = '';
 845          }
 846  
 847          if($votes == 0)
 848          {
 849              $percent = 0;
 850          }
 851          else
 852          {
 853              $percent = number_format($votes / $poll['totvotes'] * 100, 2);
 854          }
 855  
 856          $imagewidth = round($percent);
 857          $comma = '';
 858          $guest_comma = '';
 859          $userlist = '';
 860          $guest_count = 0;
 861          if($poll['public'] == 1 || is_moderator($fid, "canmanagepolls"))
 862          {
 863              if(isset($voters[$number]) && is_array($voters[$number]))
 864              {
 865                  foreach($voters[$number] as $uid => $username)
 866                  {
 867                      $userlist .= $comma.build_profile_link($username, $uid);
 868                      $comma = $guest_comma = $lang->comma;
 869                  }
 870              }
 871  
 872              if(isset($guest_voters[$number]) && $guest_voters[$number] > 0)
 873              {
 874                  if($guest_voters[$number] == 1)
 875                  {
 876                      $userlist .= $guest_comma.$lang->guest_count;
 877                  }
 878                  else
 879                  {
 880                      $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]);
 881                  }
 882              }
 883          }
 884          eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";");
 885      }
 886  
 887      if($poll['totvotes'])
 888      {
 889          $totpercent = '100%';
 890      }
 891      else
 892      {
 893          $totpercent = '0%';
 894      }
 895  
 896      $plugins->run_hooks("polls_showresults_end");
 897  
 898      $poll['question'] = htmlspecialchars_uni($poll['question']);
 899      eval("\$showresults = \"".$templates->get("polls_showresults")."\";");
 900      output_page($showresults);
 901  }
 902  if($mybb->input['action'] == "vote" && $mybb->request_method == "post")
 903  {
 904      // Verify incoming POST request
 905      verify_post_check($mybb->get_input('my_post_key'));
 906  
 907      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'");
 908      $poll = $db->fetch_array($query);
 909  
 910      if(!$poll)
 911      {
 912          error($lang->error_invalidpoll);
 913      }
 914  
 915      $plugins->run_hooks("polls_vote_start");
 916  
 917      $poll['timeout'] = $poll['timeout']*60*60*24;
 918  
 919      $query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'");
 920      $thread = $db->fetch_array($query);
 921  
 922      if(!$thread || $thread['visible'] == 0)
 923      {
 924          error($lang->error_invalidthread);
 925      }
 926  
 927      $fid = $thread['fid'];
 928      $forumpermissions = forum_permissions($fid);
 929      if($forumpermissions['canvotepolls'] == 0)
 930      {
 931          error_no_permission();
 932      }
 933  
 934      // Get forum info
 935      $forum = get_forum($fid);
 936      if(!$forum)
 937      {
 938          error($lang->error_invalidforum);
 939      }
 940      else
 941      {
 942          // Is our forum closed?
 943          if($forum['open'] == 0)
 944          {
 945              // Doesn't look like it is
 946              error($lang->error_closedinvalidforum);
 947          }
 948      }
 949  
 950      $expiretime = $poll['dateline'] + $poll['timeout'];
 951      $now = TIME_NOW;
 952      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
 953      {
 954          error($lang->error_pollclosed);
 955      }
 956  
 957      if(!isset($mybb->input['option']))
 958      {
 959          error($lang->error_nopolloptions);
 960      }
 961  
 962      // Check if the user has voted before...
 963      if($mybb->user['uid'])
 964      {
 965          $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
 966          $votecheck = $db->fetch_array($query);
 967      }
 968  
 969      if($votecheck['vid'] || (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== ""))
 970      {
 971          error($lang->error_alreadyvoted);
 972      }
 973      elseif(!$mybb->user['uid'])
 974      {
 975          // Give a cookie to guests to inhibit revotes
 976          if(is_array($mybb->input['option']))
 977          {
 978              // We have multiple options here...
 979              $votes_cookie = implode(',', array_keys($mybb->input['option']));
 980          }
 981          else
 982          {
 983              $votes_cookie = $mybb->input['option'];
 984          }
 985  
 986          my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
 987      }
 988  
 989      $votesql = '';
 990      $now = TIME_NOW;
 991      $votesarray = explode("||~|~||", $poll['votes']);
 992      $option = $mybb->input['option'];
 993      $numvotes = (int)$poll['numvotes'];
 994      if($poll['multiple'] == 1)
 995      {
 996          if(is_array($option))
 997          {
 998              $total_options = 0;
 999  
1000              foreach($option as $voteoption => $vote)
1001              {
1002                  if($vote == 1 && isset($votesarray[$voteoption-1]))
1003                  {
1004                      if($votesql)
1005                      {
1006                          $votesql .= ",";
1007                      }
1008                      $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";
1009                      $votesarray[$voteoption-1]++;
1010                      $numvotes = $numvotes+1;
1011                      $total_options++;
1012                  }
1013              }
1014  
1015              if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0)
1016              {
1017                  error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions']));
1018              }
1019          }
1020      }
1021      else
1022      {
1023          if(is_array($option) || !isset($votesarray[$option-1]))
1024          {
1025              error($lang->error_nopolloptions);
1026          }
1027          $votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";
1028          $votesarray[$option-1]++;
1029          $numvotes = $numvotes+1;
1030      }
1031  
1032      if(!$votesql)
1033      {
1034          error($lang->error_nopolloptions);
1035      }
1036  
1037      $db->write_query("
1038          INSERT INTO
1039          ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline)
1040          VALUES $votesql
1041      ");
1042      $voteslist = '';
1043      for($i = 1; $i <= $poll['numoptions']; ++$i)
1044      {
1045          if($i > 1)
1046          {
1047              $voteslist .= "||~|~||";
1048          }
1049          $voteslist .= $votesarray[$i-1];
1050      }
1051      $updatedpoll = array(
1052          "votes" => $db->escape_string($voteslist),
1053          "numvotes" => (int)$numvotes,
1054      );
1055  
1056      $plugins->run_hooks("polls_vote_process");
1057  
1058      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1059  
1060      $plugins->run_hooks("polls_vote_end");
1061  
1062      redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);
1063  }
1064  
1065  if($mybb->input['action'] == "do_undovote")
1066  {
1067      verify_post_check($mybb->get_input('my_post_key'));
1068  
1069      if($mybb->usergroup['canundovotes'] != 1)
1070      {
1071          error_no_permission();
1072      }
1073  
1074      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
1075      $poll = $db->fetch_array($query);
1076  
1077      if(!$poll['pid'])
1078      {
1079          error($lang->error_invalidpoll);
1080      }
1081  
1082      $plugins->run_hooks("polls_do_undovote_start");
1083  
1084      $poll['numvotes'] = (int)$poll['numvotes'];
1085  
1086      // We do not have $forum_cache available here since no forums permissions are checked in undo vote
1087      // Get thread ID and then get forum info
1088      $thread = get_thread($poll['tid']);
1089      if(!$thread || $thread['visible'] == 0)
1090      {
1091          error($lang->error_invalidthread);
1092      }
1093  
1094      $fid = $thread['fid'];
1095  
1096      // Get forum info
1097      $forum = get_forum($fid);
1098      if(!$forum)
1099      {
1100          error($lang->error_invalidforum);
1101      }
1102      else
1103      {
1104          // Is our forum closed?
1105          if($forum['open'] == 0)
1106          {
1107              // Doesn't look like it is
1108              error($lang->error_closedinvalidforum);
1109          }
1110      }
1111  
1112      $poll['timeout'] = $poll['timeout']*60*60*24;
1113  
1114  
1115      $expiretime = $poll['dateline'] + $poll['timeout'];
1116      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout']))
1117      {
1118          error($lang->error_pollclosed);
1119      }
1120  
1121      // Check if the user has voted before...
1122      $vote_options = array();
1123      if($mybb->user['uid'])
1124      {
1125          $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
1126          while($voteoption = $db->fetch_array($query))
1127          {
1128              $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
1129          }
1130      }
1131      elseif(isset($mybb->cookies['pollvotes'][$poll['pid']]))
1132      {
1133          // for Guests, we simply see if they've got the cookie
1134          $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);
1135      }
1136  
1137      if(empty($vote_options))
1138      {
1139          error($lang->error_notvoted);
1140      }
1141      else if(!$mybb->user['uid'])
1142      {
1143          // clear cookie for Guests
1144          my_setcookie("pollvotes[{$poll['pid']}]", "");
1145      }
1146  
1147      // Note, this is not thread safe!
1148      $votesarray = explode("||~|~||", $poll['votes']);
1149      if(count($votesarray) > $poll['numoptions'])
1150      {
1151          $votesarray = array_slice(0, $poll['numoptions']);
1152      }
1153  
1154      if($poll['multiple'] == 1)
1155      {
1156          foreach($vote_options as $vote)
1157          {
1158              if(isset($votesarray[$vote-1]))
1159              {
1160                  --$votesarray[$vote-1];
1161                  --$poll['numvotes'];
1162              }
1163          }
1164      }
1165      else
1166      {
1167          $voteoption = reset($vote_options);
1168          if(isset($votesarray[$voteoption-1]))
1169          {
1170              --$votesarray[$voteoption-1];
1171              --$poll['numvotes'];
1172          }
1173      }
1174  
1175      // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>)
1176      if($poll['numvotes'] < 0)
1177      {
1178          $poll['numvotes'] = 0;
1179      }
1180  
1181      foreach($votesarray as $i => $votes)
1182      {
1183          if($votes < 0)
1184          {
1185              $votesarray[$i] = 0;
1186          }
1187      }
1188  
1189      $voteslist = implode("||~|~||", $votesarray);
1190      $updatedpoll = array(
1191          "votes" => $db->escape_string($voteslist),
1192          "numvotes" => (int)$poll['numvotes'],
1193      );
1194  
1195      $plugins->run_hooks("polls_do_undovote_process");
1196  
1197      $db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
1198      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1199  
1200      $plugins->run_hooks("polls_do_undovote_end");
1201  
1202      redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted);
1203  }
1204  


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1