Zeile 691 | Zeile 691 |
---|
$votes[$i] = "0"; } $voteslist .= $votes[$i];
|
$votes[$i] = "0"; } $voteslist .= $votes[$i];
|
$numvotes = $numvotes + $votes[$i];
| $numvotes = (int)$numvotes + (int)$votes[$i];
|
} }
| } }
|
Zeile 751 | Zeile 751 |
---|
$tid = $poll['tid']; $thread = get_thread($tid);
|
$tid = $poll['tid']; $thread = get_thread($tid);
|
if(!$thread)
| if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
|
{ error($lang->error_invalidthread); }
| { error($lang->error_invalidthread); }
|
Zeile 899 | Zeile 899 |
---|
eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }
|
eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }
|
|
|
if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request
| if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request
|
Zeile 919 | Zeile 920 |
---|
$query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'"); $thread = $db->fetch_array($query);
|
$query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'"); $thread = $db->fetch_array($query);
|
if(!$thread || $thread['visible'] == 0)
| if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
|
{ error($lang->error_invalidthread); }
| { error($lang->error_invalidthread); }
|
Zeile 950 | Zeile 951 |
---|
$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
|
$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 || $thread['closed'] == 1 || ($expiretime < $now && $poll['timeout']))
|
{ error($lang->error_pollclosed); }
| { error($lang->error_pollclosed); }
|
if(!isset($mybb->input['option']))
|
if(!isset($mybb->input['option']))
|
{
| {
|
error($lang->error_nopolloptions);
|
error($lang->error_nopolloptions);
|
}
| }
|
// Check if the user has voted before... if($mybb->user['uid']) {
|
// Check if the user has voted before... if($mybb->user['uid']) {
|
$query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query);
| $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "ipaddress=".$db->escape_binary($session->packedip);
|
}
|
}
|
if($votecheck['vid'] || (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== "")) { error($lang->error_alreadyvoted); } elseif(!$mybb->user['uid'])
| $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query);
if($votecheck['vid'])
|
{
|
{
|
// Give a cookie to guests to inhibit revotes if(is_array($mybb->input['option'])) { // We have multiple options here... $votes_cookie = implode(',', array_keys($mybb->input['option'])); } else { $votes_cookie = $mybb->input['option']; }
my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
| error($lang->error_alreadyvoted);
|
}
|
}
|
$votesql = ''; $now = TIME_NOW;
| $votesql = array();
|
$votesarray = explode("||~|~||", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];
| $votesarray = explode("||~|~||", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];
|
Zeile 1001 | Zeile 992 |
---|
{ if($vote == 1 && isset($votesarray[$voteoption-1])) {
|
{ if($vote == 1 && isset($votesarray[$voteoption-1])) {
|
if($votesql) { $votesql .= ","; } $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";
| $votesql[] = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($voteoption), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
|
$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;
| $votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;
|
Zeile 1021 | Zeile 1015 |
---|
else { if(is_array($option) || !isset($votesarray[$option-1]))
|
else { if(is_array($option) || !isset($votesarray[$option-1]))
|
{
| {
|
error($lang->error_nopolloptions); }
|
error($lang->error_nopolloptions); }
|
$votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";
| $votesql = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($option), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
|
$votesarray[$option-1]++; $numvotes = $numvotes+1; }
| $votesarray[$option-1]++; $numvotes = $numvotes+1; }
|
Zeile 1032 | Zeile 1034 |
---|
if(!$votesql) { error($lang->error_nopolloptions);
|
if(!$votesql) { error($lang->error_nopolloptions);
|
}
| }
if($poll['multiple'] == 1) { $db->insert_query_multiple("pollvotes", $votesql); } else { $db->insert_query("pollvotes", $votesql); }
|
|
|
$db->write_query(" INSERT INTO ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) VALUES $votesql ");
| |
$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {
| $voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {
|
Zeile 1052 | Zeile 1058 |
---|
"votes" => $db->escape_string($voteslist), "numvotes" => (int)$numvotes, );
|
"votes" => $db->escape_string($voteslist), "numvotes" => (int)$numvotes, );
|
|
|
$plugins->run_hooks("polls_vote_process");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
$plugins->run_hooks("polls_vote_end");
|
$plugins->run_hooks("polls_vote_process");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
$plugins->run_hooks("polls_vote_end");
|
|
|
redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); }
|
redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); }
|
|
|
if($mybb->input['action'] == "do_undovote") { verify_post_check($mybb->get_input('my_post_key'));
if($mybb->usergroup['canundovotes'] != 1)
|
if($mybb->input['action'] == "do_undovote") { verify_post_check($mybb->get_input('my_post_key'));
if($mybb->usergroup['canundovotes'] != 1)
|
{
| {
|
error_no_permission();
|
error_no_permission();
|
}
| }
|
$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);
|
$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);
|
|
|
if(!$poll['pid']) { error($lang->error_invalidpoll);
|
if(!$poll['pid']) { error($lang->error_invalidpoll);
|
}
$plugins->run_hooks("polls_do_undovote_start");
| }
$plugins->run_hooks("polls_do_undovote_start");
|
$poll['numvotes'] = (int)$poll['numvotes'];
// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);
|
$poll['numvotes'] = (int)$poll['numvotes'];
// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);
|
if(!$thread || $thread['visible'] == 0)
| if(!$thread || ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
|
{ error($lang->error_invalidthread); }
| { error($lang->error_invalidthread); }
|
Zeile 1120 | Zeile 1126 |
---|
// Check if the user has voted before... $vote_options = array();
|
// Check if the user has voted before... $vote_options = array();
|
|
|
if($mybb->user['uid']) {
|
if($mybb->user['uid']) {
|
$query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption']; } } elseif(isset($mybb->cookies['pollvotes'][$poll['pid']])) { // for Guests, we simply see if they've got the cookie $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);
| $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); }
$query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
|
}
if(empty($vote_options)) { error($lang->error_notvoted);
|
}
if(empty($vote_options)) { error($lang->error_notvoted);
|
} else if(!$mybb->user['uid']) { // clear cookie for Guests my_setcookie("pollvotes[{$poll['pid']}]", "");
| |
}
// Note, this is not thread safe!
| }
// Note, this is not thread safe!
|
Zeile 1194 | Zeile 1197 |
---|
$plugins->run_hooks("polls_do_undovote_process");
|
$plugins->run_hooks("polls_do_undovote_process");
|
$db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");
| $db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
|
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
$plugins->run_hooks("polls_do_undovote_end");
| $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");
$plugins->run_hooks("polls_do_undovote_end");
|