[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> polls.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'polls.php');
  13  
  14  $templatelist = "changeuserbox,loginbox,polls_newpoll_option,polls_newpoll,polls_editpoll_option,polls_editpoll,polls_showresults_resultbit,polls_showresults";
  15  require_once  "./global.php";
  16  require_once  MYBB_ROOT."inc/functions_post.php";
  17  require_once  MYBB_ROOT."inc/class_parser.php";
  18  $parser = new postParser;
  19  
  20  // Load global language phrases
  21  $lang->load("polls");
  22  
  23  $plugins->run_hooks("polls_start");
  24  
  25  if($mybb->user['uid'] != 0)
  26  {
  27      $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
  28      eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
  29  }
  30  else
  31  {
  32      eval("\$loginbox = \"".$templates->get("loginbox")."\";");
  33  }
  34  
  35  $mybb->input['action'] = $mybb->get_input('action');
  36  if(!empty($mybb->input['updateoptions']))
  37  {
  38      if($mybb->input['action'] == "do_editpoll")
  39      {
  40          $mybb->input['action'] = "editpoll";
  41      }
  42      else
  43      {
  44          $mybb->input['action'] = "newpoll";
  45      }
  46  }
  47  if($mybb->input['action'] == "newpoll")
  48  {
  49      // Form for new poll
  50      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  51  
  52      $plugins->run_hooks("polls_newpoll_start");
  53  
  54      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
  55      if(!$thread || $thread['visible'] == -1)
  56      {
  57          error($lang->error_invalidthread);
  58      }
  59  
  60      // Is the currently logged in user a moderator of this forum?
  61      $ismod = is_moderator($thread['fid']);
  62  
  63      // Make sure we are looking at a real thread here.
  64      if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
  65      {
  66          error($lang->error_invalidthread);
  67      }
  68  
  69      $fid = $thread['fid'];
  70      $forumpermissions = forum_permissions($fid);
  71  
  72      // Get forum info
  73      $forum = get_forum($fid);
  74      if(!$forum)
  75      {
  76          error($lang->error_invalidforum);
  77      }
  78      else
  79      {
  80          // Is our forum closed?
  81          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
  82          {
  83              // Doesn't look like it is
  84              error($lang->error_closedinvalidforum);
  85          }
  86      }
  87      // Make navigation
  88      build_forum_breadcrumb($fid);
  89      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
  90      add_breadcrumb($lang->nav_postpoll);
  91  
  92      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
  93      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
  94      {
  95          error_no_permission();
  96      }
  97  
  98      if($thread['poll'])
  99      {
 100          error($lang->error_pollalready);
 101      }
 102  
 103      $time = TIME_NOW;
 104      if($thread['dateline'] < ($time-($mybb->settings['polltimelimit']*60*60)) && $mybb->settings['polltimelimit'] != 0 && $ismod == false)
 105      {
 106          $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']);
 107          error($lang->poll_time_limit);
 108      }
 109  
 110      // Sanitize number of poll options
 111      if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0)
 112      {
 113          $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
 114      }
 115      if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 116      {    // Too big
 117          $polloptions = $mybb->settings['maxpolloptions'];
 118      }
 119      elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2)
 120      {    // Too small
 121          $polloptions = 2;
 122      }
 123      else
 124      {    // Just right
 125          $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 126      }
 127  
 128      $question = htmlspecialchars_uni($mybb->get_input('question'));
 129  
 130      $postoptionschecked = array('public' => '', 'multiple' => '');
 131      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT);
 132      if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 133      {
 134          $postoptionschecked['multiple'] = 'checked="checked"';
 135      }
 136      if(isset($postoptions['public']) && $postoptions['public'] == 1)
 137      {
 138          $postoptionschecked['public'] = 'checked="checked"';
 139      }
 140  
 141      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 142      $optionbits = '';
 143      for($i = 1; $i <= $polloptions; ++$i)
 144      {
 145          if(!isset($options[$i]))
 146          {
 147              $options[$i] = '';
 148          }
 149          $option = $options[$i];
 150          $option = htmlspecialchars_uni($option);
 151          eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";");
 152          $option = "";
 153      }
 154  
 155      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 156      {
 157          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 158      }
 159      else
 160      {
 161          $timeout = 0;
 162      }
 163  
 164      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 165      {
 166          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 167      }
 168      else
 169      {
 170          $maxoptions = 0;
 171      }
 172  
 173      $plugins->run_hooks("polls_newpoll_end");
 174  
 175      eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";");
 176      output_page($newpoll);
 177  }
 178  if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post")
 179  {
 180      // Verify incoming POST request
 181      verify_post_check($mybb->get_input('my_post_key'));
 182  
 183      $plugins->run_hooks("polls_do_newpoll_start");
 184  
 185      $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
 186      if(!$thread)
 187      {
 188          error($lang->error_invalidthread);
 189      }
 190  
 191      $fid = $thread['fid'];
 192      $forumpermissions = forum_permissions($fid);
 193  
 194      // Get forum info
 195      $forum = get_forum($fid);
 196      if(!$forum)
 197      {
 198          error($lang->error_invalidforum);
 199      }
 200      else
 201      {
 202          // Is our forum closed?
 203          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 204          {
 205              // Doesn't look like it is
 206              error($lang->error_closedinvalidforum);
 207          }
 208      }
 209  
 210      // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls
 211      if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0))
 212      {
 213          error_no_permission();
 214      }
 215  
 216      if($thread['poll'])
 217      {
 218          error($lang->error_pollalready);
 219      }
 220  
 221      $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
 222      if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions'])
 223      {
 224          $polloptions = $mybb->settings['maxpolloptions'];
 225      }
 226  
 227      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 228      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 229      {
 230          $postoptions['multiple'] = 0;
 231      }
 232  
 233      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 234      {
 235          $postoptions['public'] = 0;
 236      }
 237  
 238      if($polloptions < 2)
 239      {
 240          $polloptions = "2";
 241      }
 242      $optioncount = "0";
 243      $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 244  
 245      for($i = 1; $i <= $polloptions; ++$i)
 246      {
 247          if(!isset($options[$i]))
 248          {
 249              $options[$i] = '';
 250          }
 251  
 252          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 253          {
 254              $lengtherror = 1;
 255              break;
 256          }
 257  
 258          if(strpos($options[$i], '||~|~||') !== false)
 259          {
 260              $sequenceerror = 1;
 261              break;
 262          }
 263          
 264          if(trim($options[$i]) != "")
 265          {
 266              $optioncount++;
 267          }
 268      }
 269  
 270      if(isset($lengtherror))
 271      {
 272          error($lang->error_polloptiontoolong);
 273      }
 274  
 275      if(isset($sequenceerror))
 276      {
 277          error($lang->error_polloptionsequence);
 278      }
 279      
 280      $mybb->input['question'] = $mybb->get_input('question');
 281  
 282      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 283      {
 284          error($lang->error_noquestionoptions);
 285      }
 286  
 287      $optionslist = '';
 288      $voteslist = '';
 289      for($i = 1; $i <= $polloptions; ++$i)
 290      {
 291          if(trim($options[$i]) != '')
 292          {
 293              if($optionslist != '')
 294              {
 295                  $optionslist .= '||~|~||';
 296                  $voteslist .= '||~|~||';
 297              }
 298              $optionslist .= trim($options[$i]);
 299              $voteslist .= '0';
 300          }
 301      }
 302  
 303      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 304      {
 305          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 306      }
 307      else
 308      {
 309          $timeout = 0;
 310      }
 311  
 312      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
 313      {
 314          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 315      }
 316      else
 317      {
 318          $maxoptions = 0;
 319      }
 320  
 321      $newpoll = array(
 322          "tid" => $thread['tid'],
 323          "question" => $db->escape_string($mybb->input['question']),
 324          "dateline" => TIME_NOW,
 325          "options" => $db->escape_string($optionslist),
 326          "votes" => $db->escape_string($voteslist),
 327          "numoptions" => (int)$optioncount,
 328          "numvotes" => 0,
 329          "timeout" => $timeout,
 330          "closed" => 0,
 331          "multiple" => $postoptions['multiple'],
 332          "public" => $postoptions['public'],
 333          "maxoptions" => $maxoptions
 334      );
 335  
 336      $plugins->run_hooks("polls_do_newpoll_process");
 337  
 338      $pid = $db->insert_query("polls", $newpoll);
 339  
 340      $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'");
 341  
 342      $plugins->run_hooks("polls_do_newpoll_end");
 343  
 344      if($thread['visible'] == 1)
 345      {
 346          redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted);
 347      }
 348      else
 349      {
 350          redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated);
 351      }
 352  }
 353  
 354  if($mybb->input['action'] == "editpoll")
 355  {
 356      $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 357  
 358      $plugins->run_hooks("polls_editpoll_start");
 359  
 360      $query = $db->simple_select("polls", "*", "pid='$pid'");
 361      $poll = $db->fetch_array($query);
 362  
 363      if(!$poll)
 364      {
 365          error($lang->error_invalidpoll);
 366      }
 367  
 368      $query = $db->simple_select("threads", "*", "poll='$pid'");
 369      $thread = $db->fetch_array($query);
 370      if(!$thread)
 371      {
 372          error($lang->error_invalidthread);
 373      }
 374  
 375      $tid = $thread['tid'];
 376      $fid = $thread['fid'];
 377  
 378      // Make navigation
 379      build_forum_breadcrumb($fid);
 380      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 381      add_breadcrumb($lang->nav_editpoll);
 382  
 383      $forumpermissions = forum_permissions($fid);
 384  
 385      // Get forum info
 386      $forum = get_forum($fid);
 387      if(!$forum)
 388      {
 389          error($lang->error_invalidforum);
 390      }
 391      else
 392      {
 393          // Is our forum closed?
 394          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 395          {
 396              // Doesn't look like it is
 397              error($lang->error_closedinvalidforum);
 398          }
 399      }
 400  
 401      if(!is_moderator($fid, "canmanagepolls"))
 402      {
 403          error_no_permission();
 404      }
 405  
 406      $postoptionschecked = array('closed' => '', 'multiple' => '', 'public' => '');
 407  
 408      $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']);
 409      if(empty($mybb->input['updateoptions']))
 410      {
 411          if($poll['closed'] == 1)
 412          {
 413              $postoptionschecked['closed'] = 'checked="checked"';
 414          }
 415  
 416          if($poll['multiple'] == 1)
 417          {
 418              $postoptionschecked['multiple'] = 'checked="checked"';
 419          }
 420  
 421          if($poll['public'] == 1)
 422          {
 423              $postoptionschecked['public'] = 'checked="checked"';
 424          }
 425  
 426          $optionsarray = explode("||~|~||", $poll['options']);
 427          $votesarray = explode("||~|~||", $poll['votes']);
 428  
 429          $poll['totvotes'] = 0;
 430          for($i = 1; $i <= $poll['numoptions']; ++$i)
 431          {
 432              $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 433          }
 434  
 435          $question = htmlspecialchars_uni($poll['question']);
 436          $numoptions = $poll['numoptions'];
 437          $optionbits = "";
 438          for($i = 0; $i < $numoptions; ++$i)
 439          {
 440              $counter = $i + 1;
 441              $option = $optionsarray[$i];
 442              $option = htmlspecialchars_uni($option);
 443              $optionvotes = (int)$votesarray[$i];
 444  
 445              if(!$optionvotes)
 446              {
 447                  $optionvotes = 0;
 448              }
 449  
 450              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 451              $option = "";
 452              $optionvotes = "";
 453          }
 454  
 455          if(!$poll['timeout'])
 456          {
 457              $timeout = 0;
 458          }
 459          else
 460          {
 461              $timeout = $poll['timeout'];
 462          }
 463  
 464          if(!$poll['maxoptions'])
 465          {
 466              $maxoptions = 0;
 467          }
 468          else
 469          {
 470              $maxoptions = $poll['maxoptions'];
 471          }
 472      }
 473      else
 474      {
 475          if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 476          {
 477              $numoptions = $mybb->settings['maxpolloptions'];
 478          }
 479          elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 480          {
 481              $numoptions = 2;
 482          }
 483          else
 484          {
 485              $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 486          }
 487          $question = htmlspecialchars_uni($mybb->input['question']);
 488  
 489          $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 490          if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
 491          {
 492              $postoptionschecked['multiple'] = 'checked="checked"';
 493          }
 494  
 495          if(isset($postoptions['public']) && $postoptions['public'] == 1)
 496          {
 497              $postoptionschecked['public'] = 'checked="checked"';
 498          }
 499  
 500          if(isset($postoptions['closed']) && $postoptions['closed'] == 1)
 501          {
 502              $postoptionschecked['closed'] = 'checked="checked"';
 503          }
 504  
 505          $options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
 506          $votes = $mybb->get_input('votes', MyBB::INPUT_ARRAY);
 507          $optionbits = '';
 508          for($i = 1; $i <= $numoptions; ++$i)
 509          {
 510              $counter = $i;
 511              if(!isset($options[$i]))
 512              {
 513                  $options[$i] = '';
 514              }
 515              $option = htmlspecialchars_uni($options[$i]);
 516              if(!isset($votes[$i]))
 517              {
 518                  $votes[$i] = 0;
 519              }
 520              $optionvotes = (int)$votes[$i];
 521  
 522              if(!$optionvotes)
 523              {
 524                  $optionvotes = 0;
 525              }
 526  
 527              eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
 528              $option = "";
 529          }
 530  
 531          if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 532          {
 533              $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 534          }
 535          else
 536          {
 537              $timeout = 0;
 538          }
 539  
 540          if(!$poll['maxoptions'])
 541          {
 542              $maxoptions = 0;
 543          }
 544          else
 545          {
 546              $maxoptions = $poll['maxoptions'];
 547          }
 548      }
 549  
 550      $plugins->run_hooks("polls_editpoll_end");
 551  
 552      eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");
 553      output_page($editpoll);
 554  }
 555  
 556  if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post")
 557  {
 558      // Verify incoming POST request
 559      verify_post_check($mybb->get_input('my_post_key'));
 560  
 561      $plugins->run_hooks("polls_do_editpoll_start");
 562  
 563      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 564      $poll = $db->fetch_array($query);
 565  
 566      if(!$poll)
 567      {
 568          error($lang->error_invalidpoll);
 569      }
 570  
 571      $query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 572      $thread = $db->fetch_array($query);
 573      if(!$thread)
 574      {
 575          error($lang->error_invalidthread);
 576      }
 577  
 578      $forumpermissions = forum_permissions($thread['fid']);
 579  
 580      // Get forum info
 581      $forum = get_forum($thread['fid']);
 582      $fid = $thread['fid'];
 583      if(!$forum)
 584      {
 585          error($lang->error_invalidforum);
 586      }
 587      else
 588      {
 589          // Is our forum closed?
 590          if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls"))
 591          {
 592              // Doesn't look like it is
 593              error($lang->error_closedinvalidforum);
 594          }
 595      }
 596  
 597      if(!is_moderator($thread['fid'], "canmanagepolls"))
 598      {
 599          error_no_permission();
 600      }
 601  
 602      if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
 603      {
 604          $numoptions = $mybb->settings['maxpolloptions'];
 605      }
 606      elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
 607      {
 608          $numoptions = 2;
 609      }
 610      else
 611      {
 612          $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
 613      }
 614  
 615      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 616      if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1')
 617      {
 618          $postoptions['multiple'] = 0;
 619      }
 620  
 621      if(!isset($postoptions['public']) || $postoptions['public'] != '1')
 622      {
 623          $postoptions['public'] = 0;
 624      }
 625  
 626      if(!isset($postoptions['closed']) || $postoptions['closed'] != '1')
 627      {
 628          $postoptions['closed'] = 0;
 629      }
 630      $optioncount = "0";
 631      $options = $mybb->input['options'];
 632  
 633      for($i = 1; $i <= $numoptions; ++$i)
 634      {
 635          if(!isset($options[$i]))
 636          {
 637              $options[$i] = '';
 638          }
 639  
 640          if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit'])
 641          {
 642              $lengtherror = 1;
 643              break;
 644          }
 645  
 646          if(strpos($options[$i], '||~|~||') !== false)
 647          {
 648              $sequenceerror = 1;
 649              break;
 650          }
 651          
 652          if(trim($options[$i]) != "")
 653          {
 654              $optioncount++;
 655          }
 656      }
 657  
 658      if(isset($lengtherror))
 659      {
 660          error($lang->error_polloptiontoolong);
 661      }
 662      
 663      if(isset($sequenceerror))
 664      {
 665          error($lang->error_polloptionsequence);
 666      }
 667  
 668      $mybb->input['question'] = $mybb->get_input('question');
 669      if(trim($mybb->input['question']) == '' || $optioncount < 2)
 670      {
 671          error($lang->error_noquestionoptions);
 672      }
 673  
 674      $optionslist = '';
 675      $voteslist = '';
 676      $numvotes = '';
 677      $votes = $mybb->input['votes'];
 678      for($i = 1; $i <= $numoptions; ++$i)
 679      {
 680          if(trim($options[$i]) != '')
 681          {
 682              if($optionslist != '')
 683              {
 684                  $optionslist .= "||~|~||";
 685                  $voteslist .= "||~|~||";
 686              }
 687  
 688              $optionslist .= trim($options[$i]);
 689              if(!isset($votes[$i]) || (int)$votes[$i] <= 0)
 690              {
 691                  $votes[$i] = "0";
 692              }
 693              $voteslist .= $votes[$i];
 694              $numvotes = (int)$numvotes + (int)$votes[$i];
 695          }
 696      }
 697  
 698      if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
 699      {
 700          $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
 701      }
 702      else
 703      {
 704          $timeout = 0;
 705      }
 706  
 707      if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)
 708      {
 709          $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
 710      }
 711      else
 712      {
 713          $maxoptions = 0;
 714      }
 715  
 716      $updatedpoll = array(
 717          "question" => $db->escape_string($mybb->input['question']),
 718          "options" => $db->escape_string($optionslist),
 719          "votes" => $db->escape_string($voteslist),
 720          "numoptions" => (int)$optioncount,
 721          "numvotes" => $numvotes,
 722          "timeout" => $timeout,
 723          "closed" => $postoptions['closed'],
 724          "multiple" => $postoptions['multiple'],
 725          "public" => $postoptions['public'],
 726          "maxoptions" => $maxoptions
 727      );
 728  
 729      $plugins->run_hooks("polls_do_editpoll_process");
 730  
 731      $db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 732  
 733      $plugins->run_hooks("polls_do_editpoll_end");
 734  
 735      $modlogdata['fid'] = $thread['fid'];
 736      $modlogdata['tid'] = $thread['tid'];
 737      log_moderator_action($modlogdata, $lang->poll_edited);
 738  
 739      redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated);
 740  }
 741  
 742  if($mybb->input['action'] == "showresults")
 743  {
 744      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 745      $poll = $db->fetch_array($query);
 746  
 747      if(!$poll)
 748      {
 749          error($lang->error_invalidpoll);
 750      }
 751  
 752      $tid = $poll['tid'];
 753      $thread = get_thread($tid);
 754      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
 755      {
 756          error($lang->error_invalidthread);
 757      }
 758  
 759      $fid = $thread['fid'];
 760  
 761      // Get forum info
 762      $forum = get_forum($fid);
 763      if(!$forum)
 764      {
 765          error($lang->error_invalidforum);
 766      }
 767  
 768      $forumpermissions = forum_permissions($forum['fid']);
 769  
 770      $plugins->run_hooks("polls_showresults_start");
 771  
 772      if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 773      {
 774          error_no_permission();
 775      }
 776  
 777      // Make navigation
 778      build_forum_breadcrumb($fid);
 779      add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
 780      add_breadcrumb($lang->nav_pollresults);
 781  
 782      $voters = $votedfor = array();
 783  
 784      // Calculate votes
 785      $query = $db->query("
 786          SELECT v.*, u.username
 787          FROM ".TABLE_PREFIX."pollvotes v
 788          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid)
 789          WHERE v.pid='{$poll['pid']}'
 790          ORDER BY u.username
 791      ");
 792      while($voter = $db->fetch_array($query))
 793      {
 794          // Mark for current user's vote
 795          if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid'])
 796          {
 797              $votedfor[$voter['voteoption']] = 1;
 798          }
 799  
 800          // Count number of guests and users without a username (assumes they've been deleted)
 801          if($voter['uid'] == 0 || $voter['username'] == '')
 802          {
 803              // Add one to the number of voters for guests
 804              ++$guest_voters[$voter['voteoption']];
 805          }
 806          else
 807          {
 808              $voters[$voter['voteoption']][$voter['uid']] = htmlspecialchars_uni($voter['username']);
 809          }
 810      }
 811  
 812      $optionsarray = explode("||~|~||", $poll['options']);
 813      $votesarray = explode("||~|~||", $poll['votes']);
 814      $poll['totvotes'] = 0;
 815      for($i = 1; $i <= $poll['numoptions']; ++$i)
 816      {
 817          $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1];
 818      }
 819  
 820      $polloptions = '';
 821      for($i = 1; $i <= $poll['numoptions']; ++$i)
 822      {
 823          $parser_options = array(
 824              "allow_html" => $forum['allowhtml'],
 825              "allow_mycode" => $forum['allowmycode'],
 826              "allow_smilies" => $forum['allowsmilies'],
 827              "allow_imgcode" => $forum['allowimgcode'],
 828              "allow_videocode" => $forum['allowvideocode'],
 829              "filter_badwords" => 1
 830          );
 831          $option = $parser->parse_message($optionsarray[$i-1], $parser_options);
 832  
 833          $votes = $votesarray[$i-1];
 834          $number = $i;
 835          // Make the mark for current user's voted option
 836          if(!empty($votedfor[$number]))
 837          {
 838              $optionbg = 'trow2';
 839              $votestar = '*';
 840          }
 841          else
 842          {
 843              $optionbg = 'trow1';
 844              $votestar = '';
 845          }
 846  
 847          if($votes == 0)
 848          {
 849              $percent = 0;
 850          }
 851          else
 852          {
 853              $percent = number_format($votes / $poll['totvotes'] * 100, 2);
 854          }
 855  
 856          $imagewidth = round($percent);
 857          $comma = '';
 858          $guest_comma = '';
 859          $userlist = '';
 860          $guest_count = 0;
 861          if($poll['public'] == 1 || is_moderator($fid, "canmanagepolls"))
 862          {
 863              if(isset($voters[$number]) && is_array($voters[$number]))
 864              {
 865                  foreach($voters[$number] as $uid => $username)
 866                  {
 867                      $userlist .= $comma.build_profile_link($username, $uid);
 868                      $comma = $guest_comma = $lang->comma;
 869                  }
 870              }
 871  
 872              if(isset($guest_voters[$number]) && $guest_voters[$number] > 0)
 873              {
 874                  if($guest_voters[$number] == 1)
 875                  {
 876                      $userlist .= $guest_comma.$lang->guest_count;
 877                  }
 878                  else
 879                  {
 880                      $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]);
 881                  }
 882              }
 883          }
 884          eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";");
 885      }
 886  
 887      if($poll['totvotes'])
 888      {
 889          $totpercent = '100%';
 890      }
 891      else
 892      {
 893          $totpercent = '0%';
 894      }
 895  
 896      $plugins->run_hooks("polls_showresults_end");
 897  
 898      $poll['question'] = htmlspecialchars_uni($poll['question']);
 899      eval("\$showresults = \"".$templates->get("polls_showresults")."\";");
 900      output_page($showresults);
 901  }
 902  
 903  if($mybb->input['action'] == "vote" && $mybb->request_method == "post")
 904  {
 905      // Verify incoming POST request
 906      verify_post_check($mybb->get_input('my_post_key'));
 907  
 908      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'");
 909      $poll = $db->fetch_array($query);
 910  
 911      if(!$poll)
 912      {
 913          error($lang->error_invalidpoll);
 914      }
 915  
 916      $plugins->run_hooks("polls_vote_start");
 917  
 918      $poll['timeout'] = $poll['timeout']*60*60*24;
 919  
 920      $query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'");
 921      $thread = $db->fetch_array($query);
 922  
 923      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
 924      {
 925          error($lang->error_invalidthread);
 926      }
 927  
 928      $fid = $thread['fid'];
 929      $forumpermissions = forum_permissions($fid);
 930      if($forumpermissions['canvotepolls'] == 0)
 931      {
 932          error_no_permission();
 933      }
 934  
 935      // Get forum info
 936      $forum = get_forum($fid);
 937      if(!$forum)
 938      {
 939          error($lang->error_invalidforum);
 940      }
 941      else
 942      {
 943          // Is our forum closed?
 944          if($forum['open'] == 0)
 945          {
 946              // Doesn't look like it is
 947              error($lang->error_closedinvalidforum);
 948          }
 949      }
 950  
 951      $expiretime = $poll['dateline'] + $poll['timeout'];
 952      $now = TIME_NOW;
 953      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
 954      {
 955          error($lang->error_pollclosed);
 956      }
 957  
 958      if(!isset($mybb->input['option']))
 959      {
 960          error($lang->error_nopolloptions);
 961      }
 962  
 963      // Check if the user has voted before...
 964      if($mybb->user['uid'])
 965      {
 966          $user_check = "uid='{$mybb->user['uid']}'";
 967      }
 968      else
 969      {
 970          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
 971      }
 972  
 973      $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'");
 974      $votecheck = $db->fetch_array($query);
 975  
 976      if($votecheck['vid'])
 977      {
 978          error($lang->error_alreadyvoted);
 979      }
 980  
 981      $votesql = array();
 982      $votesarray = explode("||~|~||", $poll['votes']);
 983      $option = $mybb->input['option'];
 984      $numvotes = (int)$poll['numvotes'];
 985      if($poll['multiple'] == 1)
 986      {
 987          if(is_array($option))
 988          {
 989              $total_options = 0;
 990  
 991              foreach($option as $voteoption => $vote)
 992              {
 993                  if($vote == 1 && isset($votesarray[$voteoption-1]))
 994                  {
 995                      $votesql[] = array(
 996                          "pid" => $poll['pid'],
 997                          "uid" => (int)$mybb->user['uid'],
 998                          "voteoption" => $db->escape_string($voteoption),
 999                          "dateline" => TIME_NOW,
1000                          "ipaddress" => $db->escape_binary($session->packedip)
1001                      );
1002  
1003                      $votesarray[$voteoption-1]++;
1004                      $numvotes = $numvotes+1;
1005                      $total_options++;
1006                  }
1007              }
1008  
1009              if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0)
1010              {
1011                  error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions']));
1012              }
1013          }
1014      }
1015      else
1016      {
1017          if(is_array($option) || !isset($votesarray[$option-1]))
1018          {
1019              error($lang->error_nopolloptions);
1020          }
1021  
1022          $votesql = array(
1023              "pid" => $poll['pid'],
1024              "uid" => (int)$mybb->user['uid'],
1025              "voteoption" => $db->escape_string($option),
1026              "dateline" => TIME_NOW,
1027              "ipaddress" => $db->escape_binary($session->packedip)
1028          );
1029  
1030          $votesarray[$option-1]++;
1031          $numvotes = $numvotes+1;
1032      }
1033  
1034      if(!$votesql)
1035      {
1036          error($lang->error_nopolloptions);
1037      }
1038  
1039      if($poll['multiple'] == 1)
1040      {
1041          $db->insert_query_multiple("pollvotes", $votesql);
1042      }
1043      else
1044      {
1045          $db->insert_query("pollvotes", $votesql);
1046      }
1047  
1048      $voteslist = '';
1049      for($i = 1; $i <= $poll['numoptions']; ++$i)
1050      {
1051          if($i > 1)
1052          {
1053              $voteslist .= "||~|~||";
1054          }
1055          $voteslist .= $votesarray[$i-1];
1056      }
1057      $updatedpoll = array(
1058          "votes" => $db->escape_string($voteslist),
1059          "numvotes" => (int)$numvotes,
1060      );
1061  
1062      $plugins->run_hooks("polls_vote_process");
1063  
1064      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1065  
1066      $plugins->run_hooks("polls_vote_end");
1067  
1068      redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);
1069  }
1070  
1071  if($mybb->input['action'] == "do_undovote")
1072  {
1073      verify_post_check($mybb->get_input('my_post_key'));
1074  
1075      if($mybb->usergroup['canundovotes'] != 1)
1076      {
1077          error_no_permission();
1078      }
1079  
1080      $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
1081      $poll = $db->fetch_array($query);
1082  
1083      if(!$poll['pid'])
1084      {
1085          error($lang->error_invalidpoll);
1086      }
1087  
1088      $plugins->run_hooks("polls_do_undovote_start");
1089  
1090      $poll['numvotes'] = (int)$poll['numvotes'];
1091  
1092      // We do not have $forum_cache available here since no forums permissions are checked in undo vote
1093      // Get thread ID and then get forum info
1094      $thread = get_thread($poll['tid']);
1095      if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
1096      {
1097          error($lang->error_invalidthread);
1098      }
1099  
1100      $fid = $thread['fid'];
1101  
1102      // Get forum info
1103      $forum = get_forum($fid);
1104      if(!$forum)
1105      {
1106          error($lang->error_invalidforum);
1107      }
1108      else
1109      {
1110          // Is our forum closed?
1111          if($forum['open'] == 0)
1112          {
1113              // Doesn't look like it is
1114              error($lang->error_closedinvalidforum);
1115          }
1116      }
1117  
1118      $poll['timeout'] = $poll['timeout']*60*60*24;
1119  
1120  
1121      $expiretime = $poll['dateline'] + $poll['timeout'];
1122      if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout']))
1123      {
1124          error($lang->error_pollclosed);
1125      }
1126  
1127      // Check if the user has voted before...
1128      $vote_options = array();
1129  
1130      if($mybb->user['uid'])
1131      {
1132          $user_check = "uid='{$mybb->user['uid']}'";
1133      }
1134      else
1135      {
1136          $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip);
1137      }
1138  
1139      $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'");
1140      while($voteoption = $db->fetch_array($query))
1141      {
1142          $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
1143      }
1144  
1145      if(empty($vote_options))
1146      {
1147          error($lang->error_notvoted);
1148      }
1149  
1150      // Note, this is not thread safe!
1151      $votesarray = explode("||~|~||", $poll['votes']);
1152      if(count($votesarray) > $poll['numoptions'])
1153      {
1154          $votesarray = array_slice(0, $poll['numoptions']);
1155      }
1156  
1157      if($poll['multiple'] == 1)
1158      {
1159          foreach($vote_options as $vote)
1160          {
1161              if(isset($votesarray[$vote-1]))
1162              {
1163                  --$votesarray[$vote-1];
1164                  --$poll['numvotes'];
1165              }
1166          }
1167      }
1168      else
1169      {
1170          $voteoption = reset($vote_options);
1171          if(isset($votesarray[$voteoption-1]))
1172          {
1173              --$votesarray[$voteoption-1];
1174              --$poll['numvotes'];
1175          }
1176      }
1177  
1178      // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>)
1179      if($poll['numvotes'] < 0)
1180      {
1181          $poll['numvotes'] = 0;
1182      }
1183  
1184      foreach($votesarray as $i => $votes)
1185      {
1186          if($votes < 0)
1187          {
1188              $votesarray[$i] = 0;
1189          }
1190      }
1191  
1192      $voteslist = implode("||~|~||", $votesarray);
1193      $updatedpoll = array(
1194          "votes" => $db->escape_string($voteslist),
1195          "numvotes" => (int)$poll['numvotes'],
1196      );
1197  
1198      $plugins->run_hooks("polls_do_undovote_process");
1199  
1200      $db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
1201      $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
1202  
1203      $plugins->run_hooks("polls_do_undovote_end");
1204  
1205      redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted);
1206  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1