[ Index ]

PHP Cross Reference of MyBB 1.8.28

title

Body

[close]

/ -> polls.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'polls.php');
  13  
  14  $templatelist = "changeuserbox,loginbox,polls_newpoll_option,polls_newpoll,polls_editpoll_option,polls_editpoll,polls_showresults_resultbit,polls_showresults";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT."inc/functions_post.php";
  17  require_once  MYBB_ROOT."inc/class_parser.php";
  18  $parser = new postParser;
  19  
  20  // Load global language phrases
  21  $lang->load("polls");
  22  
  23  $plugins->run_hooks("polls_start");
  24  
  25  if($mybb->user['uid'] != 0)
  26  {
  27      $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
  28      eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
  29  }
  30  else
  31  {
  32      $username = '';
  33      eval("\$loginbox = \"".$templates->get("loginbox")."\";");
  34  }
  35  
  36  $mybb->input['action'] = $mybb->get_input('action');
  37  if(!empty($mybb->input['updateoptions']))
  38  {
  39      if($mybb->input['action'] == "do_editpoll")
  40      {
  41          $mybb->input['action'] = "editpoll";
  42      }
  43      else
  44      {
  45          $mybb->input['action'] = "newpoll";
  46      }
  47  }
  48  if($mybb->input['action'] == "newpoll")
  49  {
  50      // Form for new poll
  51      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  52  
  53      $plugins->run_hooks("polls_newpoll_start");
  54  
  55      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
  56      if(!$thread || $thread['visible'] == -1)
  57      {
  58          error($lang->error_invalidthread);
  59      }
  60  
  61      // Is the currently logged in user a moderator of this forum?
  62      $ismod = is_moderator($thread['fid']);
  63  
  64      // Make sure we are looking at a real thread here.
  65      if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
  66      {
  67          error($lang->error_invalidthread);
  68      }
  69  
  70      $fid = $thread['fid'];
  71      $forumpermissions = forum_permissions($fid);
  72  
  73      // Get forum info
  74      $forum = get_forum($fid);
  75      if(!$forum)
  76      {
  77          error($lang->error_invalidforum);
  78      }
  79      else
  80      {
  81          // Is our forum closed?
  82          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
  83          {
  84              // Doesn't look like it is
  85              error($lang->error_closedinvalidforum);
  86          }
  87      }
  88      // Make navigation
  89      build_forum_breadcrumb($fid);
  90      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
  91      add_breadcrumb($lang->nav_postpoll);
  92  
  93      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
  94      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
  95      {
  96          error_no_permission();
  97      }
  98  
  99      if($thread['poll'])
 100      {
 101          error($lang->error_pollalready);
 102      }
 103  
 104      $time = TIME_NOW;
 105      if($thread['dateline'] < ($time-($mybb->settings['polltimelimit']*60*60)) && $mybb->settings['polltimelimit'] != 0 && $ismod == false)
 106      {
 107          $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']);
 108          error($lang->poll_time_limit);
 109      }
 110  
 111      // Sanitize number of poll options
 112      if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0)
 113      {
 114          $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
 115      }
 116      if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 117      {    // Too big
 118          $polloptions = $mybb->settings['maxpolloptions'];
 119      }
 120      elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2)
 121      {    // Too small
 122          $polloptions = 2;
 123      }
 124      else
 125      {    // Just right
 126          $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 127      }
 128  
 129      $question = htmlspecialchars_uni($mybb->get_input('question'));
 130  
 131      $postoptionschecked = array('public' => '', 'multiple' => '');
 132      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT);
 133      if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 134      {
 135          $postoptionschecked['multiple'] = 'checked="checked"';
 136      }
 137      if(isset($postoptions['public']) && $postoptions['public'] == 1)
 138      {
 139          $postoptionschecked['public'] = 'checked="checked"';
 140      }
 141  
 142      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 143      $optionbits = '';
 144      for($i = 1; $i <= $polloptions; ++$i)
 145      {
 146          if(!isset($options[$i]))
 147          {
 148              $options[$i] = '';
 149          }
 150          $option = $options[$i];
 151          $option = htmlspecialchars_uni($option);
 152          eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";");
 153          $option = "";
 154      }
 155  
 156      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 157      {
 158          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 159      }
 160      else
 161      {
 162          $timeout = 0;
 163      }
 164  
 165      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 166      {
 167          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 168      }
 169      else
 170      {
 171          $maxoptions = 0;
 172      }
 173  
 174      $plugins->run_hooks("polls_newpoll_end");
 175  
 176      eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";");
 177      output_page($newpoll);
 178  }
 179  if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post")
 180  {
 181      // Verify incoming POST request
 182      verify_post_check($mybb->get_input('my_post_key'));
 183  
 184      $plugins->run_hooks("polls_do_newpoll_start");
 185  
 186      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
 187      if(!$thread)
 188      {
 189          error($lang->error_invalidthread);
 190      }
 191  
 192      $fid = $thread['fid'];
 193      $forumpermissions = forum_permissions($fid);
 194  
 195      // Get forum info
 196      $forum = get_forum($fid);
 197      if(!$forum)
 198      {
 199          error($lang->error_invalidforum);
 200      }
 201      else
 202      {
 203          // Is our forum closed?
 204          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 205          {
 206              // Doesn't look like it is
 207              error($lang->error_closedinvalidforum);
 208          }
 209      }
 210  
 211      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
 212      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
 213      {
 214          error_no_permission();
 215      }
 216  
 217      if($thread['poll'])
 218      {
 219          error($lang->error_pollalready);
 220      }
 221  
 222      $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 223      if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions'])
 224      {
 225          $polloptions = $mybb->settings['maxpolloptions'];
 226      }
 227  
 228      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 229      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 230      {
 231          $postoptions['multiple'] = 0;
 232      }
 233  
 234      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 235      {
 236          $postoptions['public'] = 0;
 237      }
 238  
 239      if($polloptions < 2)
 240      {
 241          $polloptions = "2";
 242      }
 243      $optioncount = "0";
 244      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 245  
 246      for($i = 1; $i <= $polloptions; ++$i)
 247      {
 248          if(!isset($options[$i]))
 249          {
 250              $options[$i] = '';
 251          }
 252  
 253          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 254          {
 255              $lengtherror = 1;
 256              break;
 257          }
 258  
 259          if(strpos($options[$i], '||~|~||') !== false)
 260          {
 261              $sequenceerror = 1;
 262              break;
 263          }
 264          
 265          if(trim($options[$i]) != "")
 266          {
 267              $optioncount++;
 268          }
 269      }
 270  
 271      if(isset($lengtherror))
 272      {
 273          error($lang->error_polloptiontoolong);
 274      }
 275  
 276      if(isset($sequenceerror))
 277      {
 278          error($lang->error_polloptionsequence);
 279      }
 280      
 281      $mybb->input['question'] = $mybb->get_input('question');
 282  
 283      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 284      {
 285          error($lang->error_noquestionoptions);
 286      }
 287  
 288      $optionslist = '';
 289      $voteslist = '';
 290      for($i = 1; $i <= $polloptions; ++$i)
 291      {
 292          if(trim($options[$i]) != '')
 293          {
 294              if($optionslist != '')
 295              {
 296                  $optionslist .= '||~|~||';
 297                  $voteslist .= '||~|~||';
 298              }
 299              $optionslist .= trim($options[$i]);
 300              $voteslist .= '0';
 301          }
 302      }
 303  
 304      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 305      {
 306          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 307      }
 308      else
 309      {
 310          $timeout = 0;
 311      }
 312  
 313      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 314      {
 315          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 316      }
 317      else
 318      {
 319          $maxoptions = 0;
 320      }
 321  
 322      $newpoll = array(
 323          "tid" => $thread['tid'],
 324          "question" => $db->escape_string($mybb->input['question']),
 325          "dateline" => TIME_NOW,
 326          "options" => $db->escape_string($optionslist),
 327          "votes" => $db->escape_string($voteslist),
 328          "numoptions" => (int)$optioncount,
 329          "numvotes" => 0,
 330          "timeout" => $timeout,
 331          "closed" => 0,
 332          "multiple" => $postoptions['multiple'],
 333          "public" => $postoptions['public'],
 334          "maxoptions" => $maxoptions
 335      );
 336  
 337      $plugins->run_hooks("polls_do_newpoll_process");
 338  
 339      $pid = $db->insert_query("polls", $newpoll);
 340  
 341      $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'");
 342  
 343      $plugins->run_hooks("polls_do_newpoll_end");
 344  
 345      if($thread['visible'] == 1)
 346      {
 347          redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted);
 348      }
 349      else
 350      {
 351          redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated);
 352      }
 353  }
 354  
 355  if($mybb->input['action'] == "editpoll")
 356  {
 357      $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 358  
 359      $plugins->run_hooks("polls_editpoll_start");
 360  
 361      $query = $db->simple_select("polls", "*", "pid='$pid'");
 362      $poll = $db->fetch_array($query);
 363  
 364      if(!$poll)
 365      {
 366          error($lang->error_invalidpoll);
 367      }
 368  
 369      $query = $db->simple_select("threads", "*", "poll='$pid'");
 370      $thread = $db->fetch_array($query);
 371      if(!$thread)
 372      {
 373          error($lang->error_invalidthread);
 374      }
 375  
 376      $tid = $thread['tid'];
 377      $fid = $thread['fid'];
 378  
 379      // Make navigation
 380      build_forum_breadcrumb($fid);
 381      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 382      add_breadcrumb($lang->nav_editpoll);
 383  
 384      $forumpermissions = forum_permissions($fid);
 385  
 386      // Get forum info
 387      $forum = get_forum($fid);
 388      if(!$forum)
 389      {
 390          error($lang->error_invalidforum);
 391      }
 392      else
 393      {
 394          // Is our forum closed?
 395          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 396          {
 397              // Doesn't look like it is
 398              error($lang->error_closedinvalidforum);
 399          }
 400      }
 401  
 402      if(!is_moderator($fid, "canmanagepolls"))
 403      {
 404          error_no_permission();
 405      }
 406  
 407      $postoptionschecked = array('closed' => '', 'multiple' => '', 'public' => '');
 408  
 409      $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']);
 410      if(empty($mybb->input['updateoptions']))
 411      {
 412          if($poll['closed'] == 1)
 413          {
 414              $postoptionschecked['closed'] = 'checked="checked"';
 415          }
 416  
 417          if($poll['multiple'] == 1)
 418          {
 419              $postoptionschecked['multiple'] = 'checked="checked"';
 420          }
 421  
 422          if($poll['public'] == 1)
 423          {
 424              $postoptionschecked['public'] = 'checked="checked"';
 425          }
 426  
 427          $optionsarray = explode("||~|~||", $poll['options']);
 428          $votesarray = explode("||~|~||", $poll['votes']);
 429  
 430          $poll['totvotes'] = 0;
 431          for($i = 1; $i <= $poll['numoptions']; ++$i)
 432          {
 433              $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 434          }
 435  
 436          $question = htmlspecialchars_uni($poll['question']);
 437          $numoptions = $poll['numoptions'];
 438          $optionbits = "";
 439          for($i = 0; $i < $numoptions; ++$i)
 440          {
 441              $counter = $i + 1;
 442              $option = $optionsarray[$i];
 443              $option = htmlspecialchars_uni($option);
 444              $optionvotes = (int)$votesarray[$i];
 445  
 446              if(!$optionvotes)
 447              {
 448                  $optionvotes = 0;
 449              }
 450  
 451              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 452              $option = "";
 453              $optionvotes = "";
 454          }
 455  
 456          if(!$poll['timeout'])
 457          {
 458              $timeout = 0;
 459          }
 460          else
 461          {
 462              $timeout = $poll['timeout'];
 463          }
 464  
 465          if(!$poll['maxoptions'])
 466          {
 467              $maxoptions = 0;
 468          }
 469          else
 470          {
 471              $maxoptions = $poll['maxoptions'];
 472          }
 473      }
 474      else
 475      {
 476          if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 477          {
 478              $numoptions = $mybb->settings['maxpolloptions'];
 479          }
 480          elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 481          {
 482              $numoptions = 2;
 483          }
 484          else
 485          {
 486              $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 487          }
 488          $question = htmlspecialchars_uni($mybb->input['question']);
 489  
 490          $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 491          if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 492          {
 493              $postoptionschecked['multiple'] = 'checked="checked"';
 494          }
 495  
 496          if(isset($postoptions['public']) && $postoptions['public'] == 1)
 497          {
 498              $postoptionschecked['public'] = 'checked="checked"';
 499          }
 500  
 501          if(isset($postoptions['closed']) && $postoptions['closed'] == 1)
 502          {
 503              $postoptionschecked['closed'] = 'checked="checked"';
 504          }
 505  
 506          $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 507          $votes = $mybb->get_input('votes', MyBB::INPUT_ARRAY);
 508          $optionbits = '';
 509          for($i = 1; $i <= $numoptions; ++$i)
 510          {
 511              $counter = $i;
 512              if(!isset($options[$i]))
 513              {
 514                  $options[$i] = '';
 515              }
 516              $option = htmlspecialchars_uni($options[$i]);
 517              if(!isset($votes[$i]))
 518              {
 519                  $votes[$i] = 0;
 520              }
 521              $optionvotes = (int)$votes[$i];
 522  
 523              if(!$optionvotes)
 524              {
 525                  $optionvotes = 0;
 526              }
 527  
 528              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 529              $option = "";
 530          }
 531  
 532          if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 533          {
 534              $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 535          }
 536          else
 537          {
 538              $timeout = 0;
 539          }
 540  
 541          if(!$poll['maxoptions'])
 542          {
 543              $maxoptions = 0;
 544          }
 545          else
 546          {
 547              $maxoptions = $poll['maxoptions'];
 548          }
 549      }
 550  
 551      $plugins->run_hooks("polls_editpoll_end");
 552  
 553      eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");
 554      output_page($editpoll);
 555  }
 556  
 557  if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post")
 558  {
 559      // Verify incoming POST request
 560      verify_post_check($mybb->get_input('my_post_key'));
 561  
 562      $plugins->run_hooks("polls_do_editpoll_start");
 563  
 564      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 565      $poll = $db->fetch_array($query);
 566  
 567      if(!$poll)
 568      {
 569          error($lang->error_invalidpoll);
 570      }
 571  
 572      $query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 573      $thread = $db->fetch_array($query);
 574      if(!$thread)
 575      {
 576          error($lang->error_invalidthread);
 577      }
 578  
 579      $forumpermissions = forum_permissions($thread['fid']);
 580  
 581      // Get forum info
 582      $forum = get_forum($thread['fid']);
 583      $fid = $thread['fid'];
 584      if(!$forum)
 585      {
 586          error($lang->error_invalidforum);
 587      }
 588      else
 589      {
 590          // Is our forum closed?
 591          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 592          {
 593              // Doesn't look like it is
 594              error($lang->error_closedinvalidforum);
 595          }
 596      }
 597  
 598      if(!is_moderator($thread['fid'], "canmanagepolls"))
 599      {
 600          error_no_permission();
 601      }
 602  
 603      if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 604      {
 605          $numoptions = $mybb->settings['maxpolloptions'];
 606      }
 607      elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 608      {
 609          $numoptions = 2;
 610      }
 611      else
 612      {
 613          $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 614      }
 615  
 616      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 617      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 618      {
 619          $postoptions['multiple'] = 0;
 620      }
 621  
 622      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 623      {
 624          $postoptions['public'] = 0;
 625      }
 626  
 627      if(!isset($postoptions['closed']) || $postoptions['closed'] != '1')
 628      {
 629          $postoptions['closed'] = 0;
 630      }
 631      $optioncount = "0";
 632      $options = $mybb->input['options'];
 633  
 634      for($i = 1; $i <= $numoptions; ++$i)
 635      {
 636          if(!isset($options[$i]))
 637          {
 638              $options[$i] = '';
 639          }
 640  
 641          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 642          {
 643              $lengtherror = 1;
 644              break;
 645          }
 646  
 647          if(strpos($options[$i], '||~|~||') !== false)
 648          {
 649              $sequenceerror = 1;
 650              break;
 651          }
 652          
 653          if(trim($options[$i]) != "")
 654          {
 655              $optioncount++;
 656          }
 657      }
 658  
 659      if(isset($lengtherror))
 660      {
 661          error($lang->error_polloptiontoolong);
 662      }
 663      
 664      if(isset($sequenceerror))
 665      {
 666          error($lang->error_polloptionsequence);
 667      }
 668  
 669      $mybb->input['question'] = $mybb->get_input('question');
 670      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 671      {
 672          error($lang->error_noquestionoptions);
 673      }
 674  
 675      $optionslist = '';
 676      $voteslist = '';
 677      $numvotes = '';
 678      $votes = $mybb->input['votes'];
 679      for($i = 1; $i <= $numoptions; ++$i)
 680      {
 681          if(trim($options[$i]) != '')
 682          {
 683              if($optionslist != '')
 684              {
 685                  $optionslist .= "||~|~||";
 686                  $voteslist .= "||~|~||";
 687              }
 688  
 689              $optionslist .= trim($options[$i]);
 690              if(!isset($votes[$i]) || (int)$votes[$i] <= 0)
 691              {
 692                  $votes[$i] = "0";
 693              }
 694              $voteslist .= (int)$votes[$i];
 695              $numvotes = (int)$numvotes + (int)$votes[$i];
 696          }
 697      }
 698  
 699      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 700      {
 701          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 702      }
 703      else
 704      {
 705          $timeout = 0;
 706      }
 707  
 708      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)
 709      {
 710          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 711      }
 712      else
 713      {
 714          $maxoptions = 0;
 715      }
 716  
 717      $updatedpoll = array(
 718          "question" => $db->escape_string($mybb->input['question']),
 719          "options" => $db->escape_string($optionslist),
 720          "votes" => $db->escape_string($voteslist),
 721          "numoptions" => (int)$optioncount,
 722          "numvotes" => $numvotes,
 723          "timeout" => $timeout,
 724          "closed" => $postoptions['closed'],
 725          "multiple" => $postoptions['multiple'],
 726          "public" => $postoptions['public'],
 727          "maxoptions" => $maxoptions
 728      );
 729  
 730      $plugins->run_hooks("polls_do_editpoll_process");
 731  
 732      $db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 733  
 734      $plugins->run_hooks("polls_do_editpoll_end");
 735  
 736      $modlogdata['fid'] = $thread['fid'];
 737      $modlogdata['tid'] = $thread['tid'];
 738      log_moderator_action($modlogdata, $lang->poll_edited);
 739  
 740      redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated);
 741  }
 742  
 743  if($mybb->input['action'] == "showresults")
 744  {
 745      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 746      $poll = $db->fetch_array($query);
 747  
 748      if(!$poll)
 749      {
 750          error($lang->error_invalidpoll);
 751      }
 752  
 753      $tid = $poll['tid'];
 754      $thread = get_thread($tid);
 755      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
 756      {
 757          error($lang->error_invalidthread);
 758      }
 759  
 760      $fid = $thread['fid'];
 761  
 762      // Get forum info
 763      $forum = get_forum($fid);
 764      if(!$forum)
 765      {
 766          error($lang->error_invalidforum);
 767      }
 768  
 769      $forumpermissions = forum_permissions($forum['fid']);
 770  
 771      $plugins->run_hooks("polls_showresults_start");
 772  
 773      if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 774      {
 775          error_no_permission();
 776      }
 777  
 778      // Make navigation
 779      build_forum_breadcrumb($fid);
 780      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 781      add_breadcrumb($lang->nav_pollresults);
 782  
 783      $voters = $votedfor = $guest_voters = array();
 784  
 785      // Calculate votes
 786      $query = $db->query("
 787          SELECT v.*, u.username
 788          FROM ".TABLE_PREFIX."pollvotes v
 789          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid)
 790          WHERE v.pid='{$poll['pid']}'
 791          ORDER BY u.username
 792      ");
 793      while($voter = $db->fetch_array($query))
 794      {
 795          // Mark for current user's vote
 796          if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid'])
 797          {
 798              $votedfor[$voter['voteoption']] = 1;
 799          }
 800  
 801          // Count number of guests and users without a username (assumes they've been deleted)
 802          if($voter['uid'] == 0 || $voter['username'] == '')
 803          {
 804              // Add one to the number of voters for guests
 805              if(isset($guest_voters[$voter['voteoption']]))
 806              {
 807                  ++$guest_voters[$voter['voteoption']];
 808              }
 809              else
 810              {
 811                  $guest_voters[$voter['voteoption']] = 1;
 812              }
 813          }
 814          else
 815          {
 816              $voters[$voter['voteoption']][$voter['uid']] = htmlspecialchars_uni($voter['username']);
 817          }
 818      }
 819  
 820      $optionsarray = explode("||~|~||", $poll['options']);
 821      $votesarray = explode("||~|~||", $poll['votes']);
 822      $poll['totvotes'] = 0;
 823      for($i = 1; $i <= $poll['numoptions']; ++$i)
 824      {
 825          $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 826      }
 827  
 828      $polloptions = '';
 829      for($i = 1; $i <= $poll['numoptions']; ++$i)
 830      {
 831          $parser_options = array(
 832              "allow_html" => $forum['allowhtml'],
 833              "allow_mycode" => $forum['allowmycode'],
 834              "allow_smilies" => $forum['allowsmilies'],
 835              "allow_imgcode" => $forum['allowimgcode'],
 836              "allow_videocode" => $forum['allowvideocode'],
 837              "filter_badwords" => 1
 838          );
 839          $option = $parser->parse_message($optionsarray[$i-1], $parser_options);
 840  
 841          $votes = $votesarray[$i-1];
 842          $number = $i;
 843          // Make the mark for current user's voted option
 844          if(!empty($votedfor[$number]))
 845          {
 846              $optionbg = 'trow2';
 847              $votestar = '*';
 848          }
 849          else
 850          {
 851              $optionbg = 'trow1';
 852              $votestar = '';
 853          }
 854  
 855          if($votes == 0)
 856          {
 857              $percent = 0;
 858          }
 859          else
 860          {
 861              $percent = number_format($votes / $poll['totvotes'] * 100, 2);
 862          }
 863  
 864          $imagewidth = round($percent);
 865          $comma = '';
 866          $guest_comma = '';
 867          $userlist = '';
 868          $guest_count = 0;
 869          if($poll['public'] == 1 || is_moderator($fid, "canmanagepolls"))
 870          {
 871              if(isset($voters[$number]) && is_array($voters[$number]))
 872              {
 873                  foreach($voters[$number] as $uid => $username)
 874                  {
 875                      $userlist .= $comma.build_profile_link($username, $uid);
 876                      $comma = $guest_comma = $lang->comma;
 877                  }
 878              }
 879  
 880              if(isset($guest_voters[$number]) && $guest_voters[$number] > 0)
 881              {
 882                  if($guest_voters[$number] == 1)
 883                  {
 884                      $userlist .= $guest_comma.$lang->guest_count;
 885                  }
 886                  else
 887                  {
 888                      $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]);
 889                  }
 890              }
 891          }
 892          eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";");
 893      }
 894  
 895      if($poll['totvotes'])
 896      {
 897          $totpercent = '100%';
 898      }
 899      else
 900      {
 901          $totpercent = '0%';
 902      }
 903  
 904      $plugins->run_hooks("polls_showresults_end");
 905  
 906      $poll['question'] = htmlspecialchars_uni($poll['question']);
 907      eval("\$showresults = \"".$templates->get("polls_showresults")."\";");
 908      output_page($showresults);
 909  }
 910  
 911  if($mybb->input['action'] == "vote" && $mybb->request_method == "post")
 912  {
 913      // Verify incoming POST request
 914      verify_post_check($mybb->get_input('my_post_key'));
 915  
 916      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'");
 917      $poll = $db->fetch_array($query);
 918  
 919      if(!$poll)
 920      {
 921          error($lang->error_invalidpoll);
 922      }
 923  
 924      $plugins->run_hooks("polls_vote_start");
 925  
 926      $poll['timeout'] = $poll['timeout']*60*60*24;
 927  
 928      $thread = get_thread($poll['tid']);
 929  
 930      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
 931      {
 932          error($lang->error_invalidthread);
 933      }
 934  
 935      $fid = $thread['fid'];
 936      $forumpermissions = forum_permissions($fid);
 937      if($forumpermissions['canvotepolls'] == 0)
 938      {
 939          error_no_permission();
 940      }
 941  
 942      // Get forum info
 943      $forum = get_forum($fid);
 944      if(!$forum)
 945      {
 946          error($lang->error_invalidforum);
 947      }
 948      else
 949      {
 950          // Is our forum closed?
 951          if($forum['open'] == 0)
 952          {
 953              // Doesn't look like it is
 954              error($lang->error_closedinvalidforum);
 955          }
 956      }
 957  
 958      $expiretime = $poll['dateline'] + $poll['timeout'];
 959      $now = TIME_NOW;
 960      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
 961      {
 962          error($lang->error_pollclosed);
 963      }
 964  
 965      if(!isset($mybb->input['option']))
 966      {
 967          error($lang->error_nopolloptions);
 968      }
 969  
 970      // Check if the user has voted before...
 971      if($mybb->user['uid'])
 972      {
 973          $user_check = "uid='{$mybb->user['uid']}'";
 974      }
 975      else
 976      {
 977          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
 978      }
 979  
 980      $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'");
 981      $votecheck = $db->fetch_array($query);
 982  
 983      if($votecheck['vid'])
 984      {
 985          error($lang->error_alreadyvoted);
 986      }
 987  
 988      $votesql = array();
 989      $votesarray = explode("||~|~||", $poll['votes']);
 990      $option = $mybb->input['option'];
 991      $numvotes = (int)$poll['numvotes'];
 992      if($poll['multiple'] == 1)
 993      {
 994          if(is_array($option))
 995          {
 996              $total_options = 0;
 997  
 998              foreach($option as $voteoption => $vote)
 999              {
1000                  if($vote == 1 && isset($votesarray[$voteoption-1]))
1001                  {
1002                      $votesql[] = array(
1003                          "pid" => $poll['pid'],
1004                          "uid" => (int)$mybb->user['uid'],
1005                          "voteoption" => $db->escape_string($voteoption),
1006                          "dateline" => TIME_NOW,
1007                          "ipaddress" => $db->escape_binary($session->packedip)
1008                      );
1009  
1010                      $votesarray[$voteoption-1]++;
1011                      $numvotes = $numvotes+1;
1012                      $total_options++;
1013                  }
1014              }
1015  
1016              if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0)
1017              {
1018                  error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions']));
1019              }
1020          }
1021      }
1022      else
1023      {
1024          if(is_array($option) || !isset($votesarray[$option-1]))
1025          {
1026              error($lang->error_nopolloptions);
1027          }
1028  
1029          $votesql = array(
1030              "pid" => $poll['pid'],
1031              "uid" => (int)$mybb->user['uid'],
1032              "voteoption" => $db->escape_string($option),
1033              "dateline" => TIME_NOW,
1034              "ipaddress" => $db->escape_binary($session->packedip)
1035          );
1036  
1037          $votesarray[$option-1]++;
1038          $numvotes = $numvotes+1;
1039      }
1040  
1041      if(!$votesql)
1042      {
1043          error($lang->error_nopolloptions);
1044      }
1045  
1046      if($poll['multiple'] == 1)
1047      {
1048          $db->insert_query_multiple("pollvotes", $votesql);
1049      }
1050      else
1051      {
1052          $db->insert_query("pollvotes", $votesql);
1053      }
1054  
1055      $voteslist = '';
1056      for($i = 1; $i <= $poll['numoptions']; ++$i)
1057      {
1058          if($i > 1)
1059          {
1060              $voteslist .= "||~|~||";
1061          }
1062          $voteslist .= $votesarray[$i-1];
1063      }
1064      $updatedpoll = array(
1065          "votes" => $db->escape_string($voteslist),
1066          "numvotes" => (int)$numvotes,
1067      );
1068  
1069      $plugins->run_hooks("polls_vote_process");
1070  
1071      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1072  
1073      $plugins->run_hooks("polls_vote_end");
1074  
1075      redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);
1076  }
1077  
1078  if($mybb->input['action'] == "do_undovote")
1079  {
1080      verify_post_check($mybb->get_input('my_post_key'));
1081  
1082      if($mybb->usergroup['canundovotes'] != 1)
1083      {
1084          error_no_permission();
1085      }
1086  
1087      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
1088      $poll = $db->fetch_array($query);
1089  
1090      if(!$poll['pid'])
1091      {
1092          error($lang->error_invalidpoll);
1093      }
1094  
1095      $plugins->run_hooks("polls_do_undovote_start");
1096  
1097      $poll['numvotes'] = (int)$poll['numvotes'];
1098  
1099      // We do not have $forum_cache available here since no forums permissions are checked in undo vote
1100      // Get thread ID and then get forum info
1101      $thread = get_thread($poll['tid']);
1102      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
1103      {
1104          error($lang->error_invalidthread);
1105      }
1106  
1107      $fid = $thread['fid'];
1108  
1109      // Get forum info
1110      $forum = get_forum($fid);
1111      if(!$forum)
1112      {
1113          error($lang->error_invalidforum);
1114      }
1115      else
1116      {
1117          // Is our forum closed?
1118          if($forum['open'] == 0)
1119          {
1120              // Doesn't look like it is
1121              error($lang->error_closedinvalidforum);
1122          }
1123      }
1124  
1125      $poll['timeout'] = $poll['timeout']*60*60*24;
1126  
1127  
1128      $expiretime = $poll['dateline'] + $poll['timeout'];
1129      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout']))
1130      {
1131          error($lang->error_pollclosed);
1132      }
1133  
1134      // Check if the user has voted before...
1135      $vote_options = array();
1136  
1137      if($mybb->user['uid'])
1138      {
1139          $user_check = "uid='{$mybb->user['uid']}'";
1140      }
1141      else
1142      {
1143          $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip);
1144      }
1145  
1146      $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'");
1147      while($voteoption = $db->fetch_array($query))
1148      {
1149          $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
1150      }
1151  
1152      if(empty($vote_options))
1153      {
1154          error($lang->error_notvoted);
1155      }
1156  
1157      // Note, this is not thread safe!
1158      $votesarray = explode("||~|~||", $poll['votes']);
1159      if(count($votesarray) > $poll['numoptions'])
1160      {
1161          $votesarray = array_slice($votesarray, 0, $poll['numoptions']);
1162      }
1163  
1164      if($poll['multiple'] == 1)
1165      {
1166          foreach($vote_options as $vote)
1167          {
1168              if(isset($votesarray[$vote-1]))
1169              {
1170                  --$votesarray[$vote-1];
1171                  --$poll['numvotes'];
1172              }
1173          }
1174      }
1175      else
1176      {
1177          $voteoption = reset($vote_options);
1178          if(isset($votesarray[$voteoption-1]))
1179          {
1180              --$votesarray[$voteoption-1];
1181              --$poll['numvotes'];
1182          }
1183      }
1184  
1185      // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>)
1186      if($poll['numvotes'] < 0)
1187      {
1188          $poll['numvotes'] = 0;
1189      }
1190  
1191      foreach($votesarray as $i => $votes)
1192      {
1193          if($votes < 0)
1194          {
1195              $votesarray[$i] = 0;
1196          }
1197      }
1198  
1199      $voteslist = implode("||~|~||", $votesarray);
1200      $updatedpoll = array(
1201          "votes" => $db->escape_string($voteslist),
1202          "numvotes" => (int)$poll['numvotes'],
1203      );
1204  
1205      $plugins->run_hooks("polls_do_undovote_process");
1206  
1207      $db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
1208      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1209  
1210      $plugins->run_hooks("polls_do_undovote_end");
1211  
1212      redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted);
1213  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref