Quote:
Originally Posted by Fynnon
|
PHP Code:
<?php
require_once( "global.php" );
gzip( );
dbconn( );
load( "poll" );
define( "P_VERSION", "v.0.1 by xam" );
$do = isset( $_GET['do'] ) ? $_GET['do'] : isset( $_POST['do'] ) ? $_POST['do'] : "";
if ( $do == "showresults" && is_valid_id( $_GET['pollid'] ) )
{
setcookie( "showpollresult", intval( $_GET['pollid'] ), time( ) + 30 );
redirect( "index.php#showtspoll" );
exit( );
}
if ( $do == "pollvote" )
{
$pollid = intval( $_POST['pollid'] );
if ( !( $Query = sql_query( "SELECT * FROM ".TSF_PREFIX."poll WHERE pollid = '".$pollid."' AND fortracker = '1'" ) ) )
{
}
$pollinfo = mysql_fetch_assoc( $Query );
if ( !$pollinfo['pollid'] )
{
stderr( $lang->global['error'], $lang->poll['invalid'] );
}
if ( 0 < $CURUSER['id'] && $usergroups['canvote'] != "yes" )
{
print_no_permission( );
}
if ( !$pollinfo['active'] || $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW && $pollinfo['timeout'] != 0 )
{
stderr( $lang->global['error'], $lang->poll['closed2'] );
}
if ( !empty( $_POST['optionnumber'] ) )
{
if ( !$CURUSER['id'] )
{
if ( isset( $_COOKIE["poll_voted_".$pollid] ) )
{
stderr( $lang->global['error'], $lang->poll['avoted'] );
if ( !( $Query = sql_query( "\r\n\t\t\tSELECT userid\r\n\t\t\tFROM ".TSF_PREFIX."pollvote\r\n\t\t\tWHERE userid = ".$CURUSER['id']."\r\n\t\t\t\tAND pollid = '{$pollid}'\r\n\t\t\t" ) ) )
{
}
}
}
else if ( 0 < mysql_num_rows( $Query ) )
{
stderr( $lang->global['error'], $lang->poll['avoted'] );
}
$totaloptions = substr_count( $pollinfo['options'], "~~~" ) + 1;
if ( $pollinfo['multiple'] )
{
$skip_voters = false;
foreach ( $_POST['optionnumber'] as $val => $vote )
{
$Queries = array( );
$val = intval( $val );
if ( $vote && 0 < $val && $val <= $totaloptions )
{
$Queries[] = "pollid = '".$pollid."'";
if ( !$CURUSER['id'] )
{
$Queries[] = "userid = '0'";
}
else
{
$Queries[] = "userid = '".$CURUSER['id']."'";
}
$Queries[] = "votedate = '".TIMENOW."'";
$Queries[] = "voteoption = '".$val."'";
$Queries[] = "votetype = '".$val."'";
if ( !( $Query = sql_query( "INSERT INTO ".TSF_PREFIX."pollvote SET ".implode( ",", $Queries ) ) ) )
{
}
if ( !$Query )
{
stderr( $lang->global['error'], $lang->poll['poll11'] );
}
if ( $skip_voters )
{
if ( !( $Query = sql_query( "SELECT * FROM ".TSF_PREFIX."poll WHERE pollid = '".$pollid."' AND fortracker = '1'" ) ) )
{
}
$pollinfo = mysql_fetch_assoc( $Query );
}
$old_votes_array = explode( "~~~", $pollinfo['votes'] );
++$old_votes_array[$val - 1];
$new_votes_array = implode( "~~~", $old_votes_array );
if ( !sql_query( "UPDATE ".TSF_PREFIX."poll SET ".( !$skip_voters ? "voters = voters + 1, lastvote = '".TIMENOW."', " : "" )."votes = ".sqlesc( $new_votes_array )." WHERE pollid = '{$pollid}' AND fortracker = '1'" ) )
{
}
$skip_voters = true;
}
}
}
else if ( is_valid_id( $_POST['optionnumber'] ) && 0 < $_POST['optionnumber'] && $_POST['optionnumber'] <= $totaloptions )
{
$Queries = array( );
$Queries[] = "pollid = '".$pollid."'";
if ( !$CURUSER['id'] )
{
$Queries[] = "userid = '0'";
}
else
{
$Queries[] = "userid = '".$CURUSER['id']."'";
}
$Queries[] = "votedate = '".TIMENOW."'";
$Queries[] = "voteoption = '".intval( $_POST['optionnumber'] )."'";
$Queries[] = "votetype = '0'";
if ( !( $Query = sql_query( "INSERT INTO ".TSF_PREFIX."pollvote SET ".implode( ",", $Queries ) ) ) )
{
}
if ( !$Query )
{
stderr( $lang->global['error'], $lang->poll['poll11'] );
}
$old_votes_array = explode( "~~~", $pollinfo['votes'] );
++$old_votes_array[intval( $_POST['optionnumber'] ) - 1];
$new_votes_array = implode( "~~~", $old_votes_array );
if ( !sql_query( "UPDATE ".TSF_PREFIX."poll SET voters = voters + 1, lastvote='".TIMENOW."', votes = ".sqlesc( $new_votes_array )." WHERE pollid = '{$pollid}' AND fortracker = '1'" ) )
{
}
}
if ( 0 < $CURUSER['id'] )
{
include_once( INC_PATH."/readconfig_kps.php" );
kps( "+", $kpspoll, $CURUSER['id'] );
}
setcookie( "poll_voted_".$pollid, $pollid, time( ) + 12 * 7 * 24 * 60 * 60 * 60 );
redirect( "index.php#showtspoll", $lang->poll['thx'] );
exit( );
}
else
{
stderr( $lang->global['error'], $lang->poll['nselected'] );
}
}
?>