| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'polls.php'); 13 14 $templatelist = "changeuserbox,loginbox,polls_newpoll_option,polls_newpoll,polls_editpoll_option,polls_editpoll,polls_showresults_resultbit,polls_showresults"; 15 require_once "./global.php"; 16 require_once MYBB_ROOT."inc/functions_post.php"; 17 require_once MYBB_ROOT."inc/class_parser.php"; 18 $parser = new postParser; 19 20 // Load global language phrases 21 $lang->load("polls"); 22 23 $plugins->run_hooks("polls_start"); 24 25 if($mybb->user['uid'] != 0) 26 { 27 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 28 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 29 } 30 else 31 { 32 $username = ''; 33 eval("\$loginbox = \"".$templates->get("loginbox")."\";"); 34 } 35 36 $mybb->input['action'] = $mybb->get_input('action'); 37 if(!empty($mybb->input['updateoptions'])) 38 { 39 if($mybb->input['action'] == "do_editpoll") 40 { 41 $mybb->input['action'] = "editpoll"; 42 } 43 else 44 { 45 $mybb->input['action'] = "newpoll"; 46 } 47 } 48 if($mybb->input['action'] == "newpoll") 49 { 50 // Form for new poll 51 $tid = $mybb->get_input('tid', MyBB::INPUT_INT); 52 53 $plugins->run_hooks("polls_newpoll_start"); 54 55 $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); 56 if(!$thread || $thread['visible'] == -1) 57 { 58 error($lang->error_invalidthread); 59 } 60 61 // Is the currently logged in user a moderator of this forum? 62 $ismod = is_moderator($thread['fid']); 63 64 // Make sure we are looking at a real thread here. 65 if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true)) 66 { 67 error($lang->error_invalidthread); 68 } 69 70 $fid = $thread['fid']; 71 $forumpermissions = forum_permissions($fid); 72 73 // Get forum info 74 $forum = get_forum($fid); 75 if(!$forum) 76 { 77 error($lang->error_invalidforum); 78 } 79 else 80 { 81 // Is our forum closed? 82 if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) 83 { 84 // Doesn't look like it is 85 error($lang->error_closedinvalidforum); 86 } 87 } 88 // Make navigation 89 build_forum_breadcrumb($fid); 90 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 91 add_breadcrumb($lang->nav_postpoll); 92 93 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 94 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 95 { 96 error_no_permission(); 97 } 98 99 if($thread['poll']) 100 { 101 error($lang->error_pollalready); 102 } 103 104 $time = TIME_NOW; 105 if($thread['dateline'] < ($time-($mybb->settings['polltimelimit']*60*60)) && $mybb->settings['polltimelimit'] != 0 && $ismod == false) 106 { 107 $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']); 108 error($lang->poll_time_limit); 109 } 110 111 // Sanitize number of poll options 112 if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0) 113 { 114 $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT); 115 } 116 if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) 117 { // Too big 118 $polloptions = $mybb->settings['maxpolloptions']; 119 } 120 elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2) 121 { // Too small 122 $polloptions = 2; 123 } 124 else 125 { // Just right 126 $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT); 127 } 128 129 $question = htmlspecialchars_uni($mybb->get_input('question')); 130 131 $postoptionschecked = array('public' => '', 'multiple' => ''); 132 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT); 133 if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1) 134 { 135 $postoptionschecked['multiple'] = 'checked="checked"'; 136 } 137 if(isset($postoptions['public']) && $postoptions['public'] == 1) 138 { 139 $postoptionschecked['public'] = 'checked="checked"'; 140 } 141 142 $options = $mybb->get_input('options', MyBB::INPUT_ARRAY); 143 $optionbits = ''; 144 for($i = 1; $i <= $polloptions; ++$i) 145 { 146 if(!isset($options[$i])) 147 { 148 $options[$i] = ''; 149 } 150 $option = $options[$i]; 151 $option = htmlspecialchars_uni($option); 152 eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); 153 $option = ""; 154 } 155 156 if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) 157 { 158 $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT); 159 } 160 else 161 { 162 $timeout = 0; 163 } 164 165 if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions) 166 { 167 $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); 168 } 169 else 170 { 171 $maxoptions = 0; 172 } 173 174 $plugins->run_hooks("polls_newpoll_end"); 175 176 eval("\$newpoll = \"".$templates->get("polls_newpoll")."\";"); 177 output_page($newpoll); 178 } 179 if($mybb->input['action'] == "do_newpoll" && $mybb->request_method == "post") 180 { 181 // Verify incoming POST request 182 verify_post_check($mybb->get_input('my_post_key')); 183 184 $plugins->run_hooks("polls_do_newpoll_start"); 185 186 $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); 187 if(!$thread) 188 { 189 error($lang->error_invalidthread); 190 } 191 192 $fid = $thread['fid']; 193 $forumpermissions = forum_permissions($fid); 194 195 // Get forum info 196 $forum = get_forum($fid); 197 if(!$forum) 198 { 199 error($lang->error_invalidforum); 200 } 201 else 202 { 203 // Is our forum closed? 204 if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) 205 { 206 // Doesn't look like it is 207 error($lang->error_closedinvalidforum); 208 } 209 } 210 211 // No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls 212 if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) || ($forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $forumpermissions['canpostpolls'] == 0)) 213 { 214 error_no_permission(); 215 } 216 217 if($thread['poll']) 218 { 219 error($lang->error_pollalready); 220 } 221 222 $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT); 223 if($mybb->settings['maxpolloptions'] && $polloptions > $mybb->settings['maxpolloptions']) 224 { 225 $polloptions = $mybb->settings['maxpolloptions']; 226 } 227 228 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 229 if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1') 230 { 231 $postoptions['multiple'] = 0; 232 } 233 234 if(!isset($postoptions['public']) || $postoptions['public'] != '1') 235 { 236 $postoptions['public'] = 0; 237 } 238 239 if($polloptions < 2) 240 { 241 $polloptions = "2"; 242 } 243 $optioncount = "0"; 244 $options = $mybb->get_input('options', MyBB::INPUT_ARRAY); 245 246 for($i = 1; $i <= $polloptions; ++$i) 247 { 248 if(!isset($options[$i])) 249 { 250 $options[$i] = ''; 251 } 252 253 if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit']) 254 { 255 $lengtherror = 1; 256 break; 257 } 258 259 if(strpos($options[$i], '||~|~||') !== false) 260 { 261 $sequenceerror = 1; 262 break; 263 } 264 265 if(trim($options[$i]) != "") 266 { 267 $optioncount++; 268 } 269 } 270 271 if(isset($lengtherror)) 272 { 273 error($lang->error_polloptiontoolong); 274 } 275 276 if(isset($sequenceerror)) 277 { 278 error($lang->error_polloptionsequence); 279 } 280 281 $mybb->input['question'] = $mybb->get_input('question'); 282 283 if(trim($mybb->input['question']) == '' || $optioncount < 2) 284 { 285 error($lang->error_noquestionoptions); 286 } 287 288 $optionslist = ''; 289 $voteslist = ''; 290 for($i = 1; $i <= $polloptions; ++$i) 291 { 292 if(trim($options[$i]) != '') 293 { 294 if($optionslist != '') 295 { 296 $optionslist .= '||~|~||'; 297 $voteslist .= '||~|~||'; 298 } 299 $optionslist .= trim($options[$i]); 300 $voteslist .= '0'; 301 } 302 } 303 304 if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) 305 { 306 $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT); 307 } 308 else 309 { 310 $timeout = 0; 311 } 312 313 if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions) 314 { 315 $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); 316 } 317 else 318 { 319 $maxoptions = 0; 320 } 321 322 $newpoll = array( 323 "tid" => $thread['tid'], 324 "question" => $db->escape_string($mybb->input['question']), 325 "dateline" => TIME_NOW, 326 "options" => $db->escape_string($optionslist), 327 "votes" => $db->escape_string($voteslist), 328 "numoptions" => (int)$optioncount, 329 "numvotes" => 0, 330 "timeout" => $timeout, 331 "closed" => 0, 332 "multiple" => $postoptions['multiple'], 333 "public" => $postoptions['public'], 334 "maxoptions" => $maxoptions 335 ); 336 337 $plugins->run_hooks("polls_do_newpoll_process"); 338 339 $pid = $db->insert_query("polls", $newpoll); 340 341 $db->update_query("threads", array('poll' => $pid), "tid='".$thread['tid']."'"); 342 343 $plugins->run_hooks("polls_do_newpoll_end"); 344 345 if($thread['visible'] == 1) 346 { 347 redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); 348 } 349 else 350 { 351 redirect(get_forum_link($thread['fid']), $lang->redirect_pollpostedmoderated); 352 } 353 } 354 355 if($mybb->input['action'] == "editpoll") 356 { 357 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 358 359 $plugins->run_hooks("polls_editpoll_start"); 360 361 $query = $db->simple_select("polls", "*", "pid='$pid'"); 362 $poll = $db->fetch_array($query); 363 364 if(!$poll) 365 { 366 error($lang->error_invalidpoll); 367 } 368 369 $query = $db->simple_select("threads", "*", "poll='$pid'"); 370 $thread = $db->fetch_array($query); 371 if(!$thread) 372 { 373 error($lang->error_invalidthread); 374 } 375 376 $tid = $thread['tid']; 377 $fid = $thread['fid']; 378 379 // Make navigation 380 build_forum_breadcrumb($fid); 381 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 382 add_breadcrumb($lang->nav_editpoll); 383 384 $forumpermissions = forum_permissions($fid); 385 386 // Get forum info 387 $forum = get_forum($fid); 388 if(!$forum) 389 { 390 error($lang->error_invalidforum); 391 } 392 else 393 { 394 // Is our forum closed? 395 if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) 396 { 397 // Doesn't look like it is 398 error($lang->error_closedinvalidforum); 399 } 400 } 401 402 if(!is_moderator($fid, "canmanagepolls")) 403 { 404 error_no_permission(); 405 } 406 407 $postoptionschecked = array('closed' => '', 'multiple' => '', 'public' => ''); 408 409 $polldate = my_date($mybb->settings['dateformat'], $poll['dateline']); 410 if(empty($mybb->input['updateoptions'])) 411 { 412 if($poll['closed'] == 1) 413 { 414 $postoptionschecked['closed'] = 'checked="checked"'; 415 } 416 417 if($poll['multiple'] == 1) 418 { 419 $postoptionschecked['multiple'] = 'checked="checked"'; 420 } 421 422 if($poll['public'] == 1) 423 { 424 $postoptionschecked['public'] = 'checked="checked"'; 425 } 426 427 $optionsarray = explode("||~|~||", $poll['options']); 428 $votesarray = explode("||~|~||", $poll['votes']); 429 430 $poll['totvotes'] = 0; 431 for($i = 1; $i <= $poll['numoptions']; ++$i) 432 { 433 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 434 } 435 436 $question = htmlspecialchars_uni($poll['question']); 437 $numoptions = $poll['numoptions']; 438 $optionbits = ""; 439 for($i = 0; $i < $numoptions; ++$i) 440 { 441 $counter = $i + 1; 442 $option = $optionsarray[$i]; 443 $option = htmlspecialchars_uni($option); 444 $optionvotes = (int)$votesarray[$i]; 445 446 if(!$optionvotes) 447 { 448 $optionvotes = 0; 449 } 450 451 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 452 $option = ""; 453 $optionvotes = ""; 454 } 455 456 if(!$poll['timeout']) 457 { 458 $timeout = 0; 459 } 460 else 461 { 462 $timeout = $poll['timeout']; 463 } 464 465 if(!$poll['maxoptions']) 466 { 467 $maxoptions = 0; 468 } 469 else 470 { 471 $maxoptions = $poll['maxoptions']; 472 } 473 } 474 else 475 { 476 if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) 477 { 478 $numoptions = $mybb->settings['maxpolloptions']; 479 } 480 elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) 481 { 482 $numoptions = 2; 483 } 484 else 485 { 486 $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT); 487 } 488 $question = htmlspecialchars_uni($mybb->input['question']); 489 490 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 491 if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1) 492 { 493 $postoptionschecked['multiple'] = 'checked="checked"'; 494 } 495 496 if(isset($postoptions['public']) && $postoptions['public'] == 1) 497 { 498 $postoptionschecked['public'] = 'checked="checked"'; 499 } 500 501 if(isset($postoptions['closed']) && $postoptions['closed'] == 1) 502 { 503 $postoptionschecked['closed'] = 'checked="checked"'; 504 } 505 506 $options = $mybb->get_input('options', MyBB::INPUT_ARRAY); 507 $votes = $mybb->get_input('votes', MyBB::INPUT_ARRAY); 508 $optionbits = ''; 509 for($i = 1; $i <= $numoptions; ++$i) 510 { 511 $counter = $i; 512 if(!isset($options[$i])) 513 { 514 $options[$i] = ''; 515 } 516 $option = htmlspecialchars_uni($options[$i]); 517 if(!isset($votes[$i])) 518 { 519 $votes[$i] = 0; 520 } 521 $optionvotes = (int)$votes[$i]; 522 523 if(!$optionvotes) 524 { 525 $optionvotes = 0; 526 } 527 528 eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); 529 $option = ""; 530 } 531 532 if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) 533 { 534 $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT); 535 } 536 else 537 { 538 $timeout = 0; 539 } 540 541 if(!$poll['maxoptions']) 542 { 543 $maxoptions = 0; 544 } 545 else 546 { 547 $maxoptions = $poll['maxoptions']; 548 } 549 } 550 551 $plugins->run_hooks("polls_editpoll_end"); 552 553 eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";"); 554 output_page($editpoll); 555 } 556 557 if($mybb->input['action'] == "do_editpoll" && $mybb->request_method == "post") 558 { 559 // Verify incoming POST request 560 verify_post_check($mybb->get_input('my_post_key')); 561 562 $plugins->run_hooks("polls_do_editpoll_start"); 563 564 $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); 565 $poll = $db->fetch_array($query); 566 567 if(!$poll) 568 { 569 error($lang->error_invalidpoll); 570 } 571 572 $query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); 573 $thread = $db->fetch_array($query); 574 if(!$thread) 575 { 576 error($lang->error_invalidthread); 577 } 578 579 $forumpermissions = forum_permissions($thread['fid']); 580 581 // Get forum info 582 $forum = get_forum($thread['fid']); 583 $fid = $thread['fid']; 584 if(!$forum) 585 { 586 error($lang->error_invalidforum); 587 } 588 else 589 { 590 // Is our forum closed? 591 if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) 592 { 593 // Doesn't look like it is 594 error($lang->error_closedinvalidforum); 595 } 596 } 597 598 if(!is_moderator($thread['fid'], "canmanagepolls")) 599 { 600 error_no_permission(); 601 } 602 603 if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) 604 { 605 $numoptions = $mybb->settings['maxpolloptions']; 606 } 607 elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) 608 { 609 $numoptions = 2; 610 } 611 else 612 { 613 $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT); 614 } 615 616 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 617 if(!isset($postoptions['multiple']) || $postoptions['multiple'] != '1') 618 { 619 $postoptions['multiple'] = 0; 620 } 621 622 if(!isset($postoptions['public']) || $postoptions['public'] != '1') 623 { 624 $postoptions['public'] = 0; 625 } 626 627 if(!isset($postoptions['closed']) || $postoptions['closed'] != '1') 628 { 629 $postoptions['closed'] = 0; 630 } 631 $optioncount = "0"; 632 $options = $mybb->input['options']; 633 634 for($i = 1; $i <= $numoptions; ++$i) 635 { 636 if(!isset($options[$i])) 637 { 638 $options[$i] = ''; 639 } 640 641 if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit']) 642 { 643 $lengtherror = 1; 644 break; 645 } 646 647 if(strpos($options[$i], '||~|~||') !== false) 648 { 649 $sequenceerror = 1; 650 break; 651 } 652 653 if(trim($options[$i]) != "") 654 { 655 $optioncount++; 656 } 657 } 658 659 if(isset($lengtherror)) 660 { 661 error($lang->error_polloptiontoolong); 662 } 663 664 if(isset($sequenceerror)) 665 { 666 error($lang->error_polloptionsequence); 667 } 668 669 $mybb->input['question'] = $mybb->get_input('question'); 670 if(trim($mybb->input['question']) == '' || $optioncount < 2) 671 { 672 error($lang->error_noquestionoptions); 673 } 674 675 $optionslist = ''; 676 $voteslist = ''; 677 $numvotes = ''; 678 $votes = $mybb->input['votes']; 679 for($i = 1; $i <= $numoptions; ++$i) 680 { 681 if(trim($options[$i]) != '') 682 { 683 if($optionslist != '') 684 { 685 $optionslist .= "||~|~||"; 686 $voteslist .= "||~|~||"; 687 } 688 689 $optionslist .= trim($options[$i]); 690 if(!isset($votes[$i]) || (int)$votes[$i] <= 0) 691 { 692 $votes[$i] = "0"; 693 } 694 $voteslist .= (int)$votes[$i]; 695 $numvotes = (int)$numvotes + (int)$votes[$i]; 696 } 697 } 698 699 if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) 700 { 701 $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT); 702 } 703 else 704 { 705 $timeout = 0; 706 } 707 708 if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions) 709 { 710 $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); 711 } 712 else 713 { 714 $maxoptions = 0; 715 } 716 717 $updatedpoll = array( 718 "question" => $db->escape_string($mybb->input['question']), 719 "options" => $db->escape_string($optionslist), 720 "votes" => $db->escape_string($voteslist), 721 "numoptions" => (int)$optioncount, 722 "numvotes" => $numvotes, 723 "timeout" => $timeout, 724 "closed" => $postoptions['closed'], 725 "multiple" => $postoptions['multiple'], 726 "public" => $postoptions['public'], 727 "maxoptions" => $maxoptions 728 ); 729 730 $plugins->run_hooks("polls_do_editpoll_process"); 731 732 $db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); 733 734 $plugins->run_hooks("polls_do_editpoll_end"); 735 736 $modlogdata['fid'] = $thread['fid']; 737 $modlogdata['tid'] = $thread['tid']; 738 log_moderator_action($modlogdata, $lang->poll_edited); 739 740 redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated); 741 } 742 743 if($mybb->input['action'] == "showresults") 744 { 745 $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); 746 $poll = $db->fetch_array($query); 747 748 if(!$poll) 749 { 750 error($lang->error_invalidpoll); 751 } 752 753 $tid = $poll['tid']; 754 $thread = get_thread($tid); 755 if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")))) 756 { 757 error($lang->error_invalidthread); 758 } 759 760 $fid = $thread['fid']; 761 762 // Get forum info 763 $forum = get_forum($fid); 764 if(!$forum) 765 { 766 error($lang->error_invalidforum); 767 } 768 769 $forumpermissions = forum_permissions($forum['fid']); 770 771 $plugins->run_hooks("polls_showresults_start"); 772 773 if($forumpermissions['canviewthreads'] == 0 || $forumpermissions['canview'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 774 { 775 error_no_permission(); 776 } 777 778 // Make navigation 779 build_forum_breadcrumb($fid); 780 add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); 781 add_breadcrumb($lang->nav_pollresults); 782 783 $voters = $votedfor = $guest_voters = array(); 784 785 // Calculate votes 786 $query = $db->query(" 787 SELECT v.*, u.username 788 FROM ".TABLE_PREFIX."pollvotes v 789 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=v.uid) 790 WHERE v.pid='{$poll['pid']}' 791 ORDER BY u.username 792 "); 793 while($voter = $db->fetch_array($query)) 794 { 795 // Mark for current user's vote 796 if($mybb->user['uid'] == $voter['uid'] && $mybb->user['uid']) 797 { 798 $votedfor[$voter['voteoption']] = 1; 799 } 800 801 // Count number of guests and users without a username (assumes they've been deleted) 802 if($voter['uid'] == 0 || $voter['username'] == '') 803 { 804 // Add one to the number of voters for guests 805 if(isset($guest_voters[$voter['voteoption']])) 806 { 807 ++$guest_voters[$voter['voteoption']]; 808 } 809 else 810 { 811 $guest_voters[$voter['voteoption']] = 1; 812 } 813 } 814 else 815 { 816 $voters[$voter['voteoption']][$voter['uid']] = htmlspecialchars_uni($voter['username']); 817 } 818 } 819 820 $optionsarray = explode("||~|~||", $poll['options']); 821 $votesarray = explode("||~|~||", $poll['votes']); 822 $poll['totvotes'] = 0; 823 for($i = 1; $i <= $poll['numoptions']; ++$i) 824 { 825 $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i-1]; 826 } 827 828 $polloptions = ''; 829 for($i = 1; $i <= $poll['numoptions']; ++$i) 830 { 831 $parser_options = array( 832 "allow_html" => $forum['allowhtml'], 833 "allow_mycode" => $forum['allowmycode'], 834 "allow_smilies" => $forum['allowsmilies'], 835 "allow_imgcode" => $forum['allowimgcode'], 836 "allow_videocode" => $forum['allowvideocode'], 837 "filter_badwords" => 1 838 ); 839 $option = $parser->parse_message($optionsarray[$i-1], $parser_options); 840 841 $votes = $votesarray[$i-1]; 842 $number = $i; 843 // Make the mark for current user's voted option 844 if(!empty($votedfor[$number])) 845 { 846 $optionbg = 'trow2'; 847 $votestar = '*'; 848 } 849 else 850 { 851 $optionbg = 'trow1'; 852 $votestar = ''; 853 } 854 855 if($votes == 0) 856 { 857 $percent = 0; 858 } 859 else 860 { 861 $percent = number_format($votes / $poll['totvotes'] * 100, 2); 862 } 863 864 $imagewidth = round($percent); 865 $comma = ''; 866 $guest_comma = ''; 867 $userlist = ''; 868 $guest_count = 0; 869 if($poll['public'] == 1 || is_moderator($fid, "canmanagepolls")) 870 { 871 if(isset($voters[$number]) && is_array($voters[$number])) 872 { 873 foreach($voters[$number] as $uid => $username) 874 { 875 $userlist .= $comma.build_profile_link($username, $uid); 876 $comma = $guest_comma = $lang->comma; 877 } 878 } 879 880 if(isset($guest_voters[$number]) && $guest_voters[$number] > 0) 881 { 882 if($guest_voters[$number] == 1) 883 { 884 $userlist .= $guest_comma.$lang->guest_count; 885 } 886 else 887 { 888 $userlist .= $guest_comma.$lang->sprintf($lang->guest_count_multiple, $guest_voters[$number]); 889 } 890 } 891 } 892 eval("\$polloptions .= \"".$templates->get("polls_showresults_resultbit")."\";"); 893 } 894 895 if($poll['totvotes']) 896 { 897 $totpercent = '100%'; 898 } 899 else 900 { 901 $totpercent = '0%'; 902 } 903 904 $plugins->run_hooks("polls_showresults_end"); 905 906 $poll['question'] = htmlspecialchars_uni($poll['question']); 907 eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); 908 output_page($showresults); 909 } 910 911 if($mybb->input['action'] == "vote" && $mybb->request_method == "post") 912 { 913 // Verify incoming POST request 914 verify_post_check($mybb->get_input('my_post_key')); 915 916 $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'"); 917 $poll = $db->fetch_array($query); 918 919 if(!$poll) 920 { 921 error($lang->error_invalidpoll); 922 } 923 924 $plugins->run_hooks("polls_vote_start"); 925 926 $poll['timeout'] = $poll['timeout']*60*60*24; 927 928 $thread = get_thread($poll['tid']); 929 930 if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")))) 931 { 932 error($lang->error_invalidthread); 933 } 934 935 $fid = $thread['fid']; 936 $forumpermissions = forum_permissions($fid); 937 if($forumpermissions['canvotepolls'] == 0) 938 { 939 error_no_permission(); 940 } 941 942 // Get forum info 943 $forum = get_forum($fid); 944 if(!$forum) 945 { 946 error($lang->error_invalidforum); 947 } 948 else 949 { 950 // Is our forum closed? 951 if($forum['open'] == 0) 952 { 953 // Doesn't look like it is 954 error($lang->error_closedinvalidforum); 955 } 956 } 957 958 $expiretime = $poll['dateline'] + $poll['timeout']; 959 $now = TIME_NOW; 960 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout'])) 961 { 962 error($lang->error_pollclosed); 963 } 964 965 if(!isset($mybb->input['option'])) 966 { 967 error($lang->error_nopolloptions); 968 } 969 970 // Check if the user has voted before... 971 if($mybb->user['uid']) 972 { 973 $user_check = "uid='{$mybb->user['uid']}'"; 974 } 975 else 976 { 977 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 978 } 979 980 $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'"); 981 $votecheck = $db->fetch_array($query); 982 983 if($votecheck) 984 { 985 error($lang->error_alreadyvoted); 986 } 987 988 $votesql = array(); 989 $votesarray = explode("||~|~||", $poll['votes']); 990 $option = $mybb->input['option']; 991 $numvotes = (int)$poll['numvotes']; 992 if($poll['multiple'] == 1) 993 { 994 if(is_array($option)) 995 { 996 $total_options = 0; 997 998 foreach($option as $voteoption => $vote) 999 { 1000 if($vote == 1 && isset($votesarray[$voteoption-1])) 1001 { 1002 $votesql[] = array( 1003 "pid" => $poll['pid'], 1004 "uid" => (int)$mybb->user['uid'], 1005 "voteoption" => $db->escape_string($voteoption), 1006 "dateline" => TIME_NOW, 1007 "ipaddress" => $db->escape_binary($session->packedip) 1008 ); 1009 1010 $votesarray[$voteoption-1]++; 1011 $numvotes = $numvotes+1; 1012 $total_options++; 1013 } 1014 } 1015 1016 if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0) 1017 { 1018 error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions'])); 1019 } 1020 } 1021 } 1022 else 1023 { 1024 if(is_array($option) || !isset($votesarray[$option-1])) 1025 { 1026 error($lang->error_nopolloptions); 1027 } 1028 1029 $votesql = array( 1030 "pid" => $poll['pid'], 1031 "uid" => (int)$mybb->user['uid'], 1032 "voteoption" => $db->escape_string($option), 1033 "dateline" => TIME_NOW, 1034 "ipaddress" => $db->escape_binary($session->packedip) 1035 ); 1036 1037 $votesarray[$option-1]++; 1038 $numvotes = $numvotes+1; 1039 } 1040 1041 if(!$votesql) 1042 { 1043 error($lang->error_nopolloptions); 1044 } 1045 1046 if($poll['multiple'] == 1) 1047 { 1048 $db->insert_query_multiple("pollvotes", $votesql); 1049 } 1050 else 1051 { 1052 $db->insert_query("pollvotes", $votesql); 1053 } 1054 1055 $voteslist = ''; 1056 for($i = 1; $i <= $poll['numoptions']; ++$i) 1057 { 1058 if($i > 1) 1059 { 1060 $voteslist .= "||~|~||"; 1061 } 1062 $voteslist .= $votesarray[$i-1]; 1063 } 1064 $updatedpoll = array( 1065 "votes" => $db->escape_string($voteslist), 1066 "numvotes" => (int)$numvotes, 1067 ); 1068 1069 $plugins->run_hooks("polls_vote_process"); 1070 1071 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 1072 1073 $plugins->run_hooks("polls_vote_end"); 1074 1075 redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); 1076 } 1077 1078 if($mybb->input['action'] == "do_undovote") 1079 { 1080 verify_post_check($mybb->get_input('my_post_key')); 1081 1082 if($mybb->usergroup['canundovotes'] != 1) 1083 { 1084 error_no_permission(); 1085 } 1086 1087 $query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); 1088 $poll = $db->fetch_array($query); 1089 1090 if(!$poll) 1091 { 1092 error($lang->error_invalidpoll); 1093 } 1094 1095 $plugins->run_hooks("polls_do_undovote_start"); 1096 1097 $poll['numvotes'] = (int)$poll['numvotes']; 1098 1099 // We do not have $forum_cache available here since no forums permissions are checked in undo vote 1100 // Get thread ID and then get forum info 1101 $thread = get_thread($poll['tid']); 1102 if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")))) 1103 { 1104 error($lang->error_invalidthread); 1105 } 1106 1107 $fid = $thread['fid']; 1108 1109 // Get forum info 1110 $forum = get_forum($fid); 1111 if(!$forum) 1112 { 1113 error($lang->error_invalidforum); 1114 } 1115 else 1116 { 1117 // Is our forum closed? 1118 if($forum['open'] == 0) 1119 { 1120 // Doesn't look like it is 1121 error($lang->error_closedinvalidforum); 1122 } 1123 } 1124 1125 $poll['timeout'] = $poll['timeout']*60*60*24; 1126 1127 1128 $expiretime = $poll['dateline'] + $poll['timeout']; 1129 if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < TIME_NOW && $poll['timeout'])) 1130 { 1131 error($lang->error_pollclosed); 1132 } 1133 1134 // Check if the user has voted before... 1135 $vote_options = array(); 1136 1137 if($mybb->user['uid']) 1138 { 1139 $user_check = "uid='{$mybb->user['uid']}'"; 1140 } 1141 else 1142 { 1143 $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1144 } 1145 1146 $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'"); 1147 while($voteoption = $db->fetch_array($query)) 1148 { 1149 $vote_options[$voteoption['vid']] = $voteoption['voteoption']; 1150 } 1151 1152 if(empty($vote_options)) 1153 { 1154 error($lang->error_notvoted); 1155 } 1156 1157 // Note, this is not thread safe! 1158 $votesarray = explode("||~|~||", $poll['votes']); 1159 if(count($votesarray) > $poll['numoptions']) 1160 { 1161 $votesarray = array_slice($votesarray, 0, $poll['numoptions']); 1162 } 1163 1164 if($poll['multiple'] == 1) 1165 { 1166 foreach($vote_options as $vote) 1167 { 1168 if(isset($votesarray[$vote-1])) 1169 { 1170 --$votesarray[$vote-1]; 1171 --$poll['numvotes']; 1172 } 1173 } 1174 } 1175 else 1176 { 1177 $voteoption = reset($vote_options); 1178 if(isset($votesarray[$voteoption-1])) 1179 { 1180 --$votesarray[$voteoption-1]; 1181 --$poll['numvotes']; 1182 } 1183 } 1184 1185 // check if anything < 0 - possible if Guest vote undoing is allowed (generally Guest unvoting should be disabled >_>) 1186 if($poll['numvotes'] < 0) 1187 { 1188 $poll['numvotes'] = 0; 1189 } 1190 1191 foreach($votesarray as $i => $votes) 1192 { 1193 if($votes < 0) 1194 { 1195 $votesarray[$i] = 0; 1196 } 1197 } 1198 1199 $voteslist = implode("||~|~||", $votesarray); 1200 $updatedpoll = array( 1201 "votes" => $db->escape_string($voteslist), 1202 "numvotes" => (int)$poll['numvotes'], 1203 ); 1204 1205 $plugins->run_hooks("polls_do_undovote_process"); 1206 1207 $db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'"); 1208 $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); 1209 1210 $plugins->run_hooks("polls_do_undovote_end"); 1211 1212 redirect(get_thread_link($poll['tid']), $lang->redirect_unvoted); 1213 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |