<?php
/*
*****************************************************************
Mod_PollsManagement.php
*****************************************************************
This file and all of Poll Blocks and Polls Management are a
direct derivitive of the SMF Polls code since this feature
is an extension of the existing SMF Polls features
*****************************************************************
LSP: Lunabyte Systems Portal
Open-Source Project Inspired by Zef Hemel (hide@address.com)
*****************************************************************
Software Version: LSP 2.0 "Enigma 2"
Software by: Lunabyte Systems (http://www.lunabyte.net)
Copyright 2002-2005 by: Lunabyte Systems (http://www.lunabyte.net)
Support, News, Updates at: http://www.lunabyte.net
*****************************************************************
This program is free software; you may redistribute it and/or modify it
under the terms of the provided license as published by Lunabyte Systems.
This program is distributed in the hope that it is and will be useful,
but WITHOUT ANY WARRANTIES; without even any implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the "LSP_license.txt" file for details of the LSP license.
The latest version can always be found at http://www.lunabyte.net.
*****************************************************************
*/
if (!defined('ENIGMA'))
die('<b>Access Violation</b><br />Direct Access to this location is not allowed.');
else
AdminPollsHub();
function AdminPollsHub()
{
global $context, $txt, $user_info;
isAllowedTo('manage_polls');
// Load the common admin stuff... select 'Polls_Management'.
if ($user_info['is_admin'])
adminIndex('Polls_Management');
loadMTemplate('modules');
loadMLanguage('PollsManagement');
$context['sub_template'] = 'rawdata';
if (!isset($context['page_title']))
$context['page_title'] = &$txt['polls_title'];
$sa = !empty($_REQUEST['sa']) ? $_REQUEST['sa'] : NULL;
$subActions = array(
'AddPoll2',
'RemovePoll',
'LockVoting',
'pollpref',
'EditPoll',
'EditPoll2',
);
if (in_array($sa, $subActions))
$sa();
elseif (isset($subActions[$sa]))
$subActions[$sa]();
else
PollManage();
unset($subActions);
}
function PollManage()
{
global $db_prefix, $txt, $context, $modSettings, $scripturl;
isAllowedTo('poll_post'); // is this user allowed to add polls? If not, they definitely can't edit them!
loadLanguage('Post');
if (allowedTo('manage_polls')) // if user is allowed to manage polls, show the options
{
// setup some variables for the main poll block options, based on the current settings
$random = (isset($modSettings['polls_display']) && $modSettings['polls_display'] == -1) ? 'selected="selected"': '';
$latest = (isset($modSettings['polls_display']) && $modSettings['polls_display'] == -2) ? 'selected="selected"': '';
// if the main options were never created in the db, we need to make sure they get created when they're set
$notset = (isset($modSettings['polls_display'])) ? '' : '<input type="hidden" name="notset" value="1" />';
// if polls are disabled, we need to let someone know
$pollsDisabled = ($modSettings['pollMode'] != '1') ? '<p style="font-weight: bold">** ' . $txt['polls_25'] . '</p>' : '';
// display the main poll block options form
$context['raw_data'] = $pollsDisabled . '
<form name="pollpref" method="POST" action="' . $scripturl . '?module=PollsManagement;sa=pollpref">
<table width="100%" border="0" class="bordercolor" cellspacing="1" cellpadding="0" align="center">
<tr>
<td class="windowbg">
<table width="100%" border="0" cellspacing="0" cellpadding="4" align="center">
<tr>
<td class="titlebg" colspan="2">' . $txt['polls_11'] . '</td>
</tr>
<tr>
<td class="windowbg2">' . $txt['polls_display'] . '
<select name="showpoll">
<option value="-1" ' . $random . '>' . $txt['polls_random'] . '</option>
<option value="-2" ' . $latest . '>' . $txt['polls_latest'] . '</option>
<optgroup label="' . $txt['polls_14'] . '">';
$pollnames = db_query("
SELECT ID_POLL, question
FROM {$db_prefix}polls
ORDER BY ID_POLL", __FILE__, __LINE__);
while ($options = mysql_fetch_array($pollnames))
{
$selected = ($options['ID_POLL'] == $modSettings['polls_display']) ? $selected = 'selected="selected"' : '';
$context['raw_data'] .= '<option value="' . $options['ID_POLL'] . '" ' . $selected . '>' . $options['question'] . '</option>';
}
mysql_free_result($pollnames);
$context['raw_data'] .= '
</optgroup>
</select>
' . $notset . '
</td>
<td class="windowbg2" align="center"><input type="submit" name="submit" value="' . $txt['polls_update'] . '" /></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
<br />';
}
if (allowedTo('poll_edit')) // if user is allowed to edit polls, show the edit info
{
// now start displaying any existing polls in the database with options for changing them
$context['raw_data'] .= '
<table class="bordercolor" width="100%" border="0" cellspacing="1" cellpadding="4">
<tr>
<td class="catbg" colspan="2">' . $txt['polls_1'] . '</td>
<td class="catbg">' . $txt['polls_2'] . '</td>
<td class="catbg">' . $txt['polls_3'] . '</td>
<td class="catbg" align="center"></td>
</tr>
';
// load the current polls
$request = db_query("
SELECT p.*, t.ID_TOPIC
FROM ({$db_prefix}polls AS p)
LEFT JOIN {$db_prefix}topics AS t ON (t.ID_POLL = p.ID_POLL)
ORDER BY p.ID_POLL", __FILE__, __LINE__);
while ($result = mysql_fetch_assoc($request))
{
$options = '';
$votes = '';
// setup a link to Lock/Unlock a poll, based on it's current status
$locked = ($result['votingLocked'] != 0) ? '<a href="' . $scripturl . '?module=PollsManagement;sa=LockVoting;ID_POLL=' . $result['ID_POLL'] . ';sub=unlock"> ' . $txt['polls_unlock'] . '</a>'
: '<a href="' . $scripturl . '?module=PollsManagement;sa=LockVoting;ID_POLL=' . $result['ID_POLL'] . ';sub=lock">' . $txt['polls_lock'] . '</a>';
// calculate the number of days left if an expiration was set
$expiration = empty($result['expireTime']) ? '' : ceil($result['expireTime'] <= time() ? -1 : ($result['expireTime'] - time()) / (3600 * 24));
// can a user change their vote on this poll
$changeVote = ($result['changeVote'] != 0) ? $txt['polls_6'] : $txt['polls_7'];
// is this a poll from the forums? Then mark it that way and display a link to the topic
$forumPoll = (empty($result['ID_TOPIC'])) ? '' : '**';
$topic = (empty($result['ID_TOPIC'])) ? '' : ' | <a href="' . $scripturl . '?topic=' . $result['ID_TOPIC'] . '">' . $txt['polls_24'] . '</a>';
// display the current results status
if ($result['hideResults'] == 1)
$hideResults = $txt['polls_21'];
elseif ($result['hideResults'] == 2)
$hideResults = $txt['polls_22'];
else
$hideResults = $txt['polls_20'];
// start the actual display now
$context['raw_data'] .= '
<tr>
<td class="windowbg2" colspan="2">' . $forumPoll . $result['question'] . '</td>';
$request2 = db_query("
SELECT *
FROM {$db_prefix}poll_choices
WHERE ID_POLL='$result[ID_POLL]'
ORDER BY ID_CHOICE ASC", __FILE__, __LINE__);
$choices = '';
$votes = '';
while ($row = mysql_fetch_assoc($request2))
{
if ($row['label'] != '')
{
$choices .= $row['label'] . '<br />';
$votes .= $row['votes'] . '<br />';
}
}
$context['raw_data'] .= '
<td class="windowbg2">' . $choices . '</td>
<td class="windowbg2">' . $votes . '</td>
<td class="windowbg2" align="center"><a href="' . $scripturl . '?module=PollsManagement;sa=EditPoll;ID_POLL=' . $result['ID_POLL'] . '">' . $txt['polls_8'] . '</a>
| <a href="' . $scripturl . '?module=PollsManagement;sa=RemovePoll;ID_POLL=' . $result['ID_POLL'] . '">' . $txt['polls_9'] . '</a><br />
' . $locked . $topic . '</td>
</tr>
<tr>
<td class="catbg">' . $txt['polls_5'] . ':</td>
<td class="windowbg2"><span style="font-weight: bold">' . $txt['polls_16'] . ':</span> ' . $result['maxVotes'] . '</td>
<td class="windowbg2"><span style="font-weight: bold">' . $txt['polls_17'] . ':</span> ' . $expiration . '</td>
<td class="windowbg2"><span style="font-weight: bold">' . $txt['polls_18'] . ':</span> ' . $changeVote . '</td>
<td class="windowbg2"><span style="font-weight: bold">' . $txt['polls_19'] . ':</span> ' . $hideResults . '</td>
</tr>';
}
mysql_free_result($request);
if (!empty($request2)) mysql_free_result($request2);
$context['raw_data'] .= '
</table></form>';
}
// start the add poll portion of the page
// Set up the poll options.
$context['poll_options'] = array(
'max_votes' => 1,
'hide' => 0,
'expire' => '',
'change_vote' => ''
);
// need some javascript for the 'add option' link
$context['raw_data'] .= '
<span style="font-weight: bold">' . $txt['polls_23'] . '</span><br />
<br />
<script language="JavaScript1.2" type="text/javascript"><!--
function pollOptions()
{
var expireTime = document.getElementById("poll_expire");
if (isEmptyText(expireTime) || expireTime.value == 0)
{
document.addpoll.poll_hide[2].disabled = true;
if (document.addpoll.poll_hide[2].checked)
document.addpoll.poll_hide[1].checked = true;
}
else
document.addpoll.poll_hide[2].disabled = false;
}
var pollOptionNum = 0;
function addPollOption()
{
if (pollOptionNum == 0)
{
for (var i = 0; i < document.addpoll.elements.length; i++)
if (document.addpoll.elements[i].id.substr(0, 8) == "options[")
pollOptionNum++;
}
pollOptionNum++
setOuterHTML(document.getElementById("pollMoreOptions"), \'<br /><label for="options[\' + pollOptionNum + \']">' . $txt['polls_12'] . ' \' + pollOptionNum + \'</label>: <input type="text" name="options[\' + pollOptionNum + \']" id="options[\' + pollOptionNum + \']" value="" size="25" /><span id="pollMoreOptions"></span>\');
}
// --></script>
<form name="addpoll" method="POST" action="' . $scripturl . '?module=PollsManagement;sa=AddPoll2">
<table class="bordercolor" cellspacing="1" cellpadding="0" align="center" border="0">
<tr>
<td>
<table cellspacing="0" cellpadding="4" align="center" border="0">
<tr>
<td class="titlebg" colspan="2">' . $txt['polls_10'] . '</td>
</tr>
<tr>
<td class="windowbg2"><strong>' . $txt['polls_1'] . '</strong></td>
<td class="windowbg2"><input type="text" size="80" name="question" /></td>
</tr>
<tr>
<td class="windowbg2" align="right"> </td>
<td class="windowbg2">
';
for ($i = 1; $i < 6; $i++)
{
$context['raw_data'] .= '
<label for="option[' . $i . ']">' . $txt['polls_12'] . ' ' . $i . '</label>: <input type="text" name="options[' . $i . ']" id="options[' . $i . ']" value="" size="25" />';
$context['raw_data'] .= ($i == 5) ? '
<span id="pollMoreOptions"></span> <a href="javascript:addPollOption(); void(0);">(' . $txt['polls_addchoice'] . ')</a>'
: '<br />';
}
$context['raw_data'] .= '
</td>
</tr>
<tr>
<td align="right"><b>' . $txt['poll_options'] . ':</b></td>
<td class="smalltext"><input type="text" name="poll_max_votes" size="2" value="' . $context['poll_options']['max_votes'] . '" /> ' . $txt['poll_options5'] . '</td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext">' . $txt['poll_options1a'] . ' <input type="text" id="poll_expire" name="poll_expire" size="2" value="' . $context['poll_options']['expire'] . '" onchange="pollOptions();" /> ' . $txt['poll_options1b'] . '</td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext"><label for="poll_change_vote"><input type="checkbox" id="poll_change_vote" name="poll_change_vote" class="check" /> ' . $txt['poll_options7'] . '</label></td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext">
<input type="radio" id="poll_hide" name="poll_hide" value="0" checked="checked" class="check" /> ' . $txt['poll_options2'] . '<br />
<input type="radio" id="poll_hide" name="poll_hide" value="1" class="check" /> ' . $txt['poll_options3'] . '<br />
<input type="radio" id="poll_hide" name="poll_hide" value="2" class="check" disabled="disabled" /> ' . $txt['poll_options4'] . '<br />
<br />
</td>
</tr>
<tr>
<td class="windowbg2" colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['polls_13'] . '" /></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
';
}
function AddPoll2()
{
global $db_prefix, $scripturl, $user_info, $ID_MEMBER;
isAllowedTo('poll_post'); // is this user allowed to add polls?
// there has to be a question entered
if (!isset($_POST['question']) || trim($_POST['question']) == '')
fatal_lang_error ('polls_no_question');
$_POST['options'] = empty($_POST['options']) ? array() : htmltrim__recursive($_POST['options']);
// Get rid of empty ones.
foreach ($_POST['options'] as $k => $option)
if ($option == '')
unset($_POST['options'][$k]);
// What are you going to vote between with one choice?!?
if (count($_POST['options']) < 2)
fatal_lang_error ('polls_too_few');
// Make the poll...
// Make sure that the user has not entered a ridiculous number of options..
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0)
$_POST['poll_max_votes'] = 1;
elseif ($_POST['poll_max_votes'] > count($_POST['options']))
$_POST['poll_max_votes'] = count($_POST['options']);
else
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
// Just set it to zero if it's not there..
if (!isset($_POST['poll_hide']))
$_POST['poll_hide'] = 0;
else
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
// If the user tries to set the poll too far in advance, don't let them.
if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1)
fatal_lang_error('poll_range_error', false);
// Don't allow them to select option 2 for hidden results if it's not time limited.
elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2)
$_POST['poll_hide'] = 1;
// Clean up the question and answers.
$_POST['question'] = htmlspecialchars($_POST['question']);
$_POST['question'] = preg_replace('~&#(\d{4,5}|[3-9]\d{2,4}|2[6-9]\d);~', '&#$1;', $_POST['question']);
$_POST['options'] = htmlspecialchars__recursive($_POST['options']);
// Create the poll.
db_query("
INSERT INTO {$db_prefix}polls
(question, hideResults, maxVotes, expireTime, changeVote, ID_MEMBER, posterName)
VALUES ('$_POST[question]', $_POST[poll_hide], $_POST[poll_max_votes],
" . (empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24) . ", $_POST[poll_change_vote], $ID_MEMBER, '$user_info[username]')", __FILE__, __LINE__);
$ID_POLL = db_insert_id();
// Create each answer choice.
$i = 0;
$setString = '';
foreach ($_POST['options'] as $option)
{
$option = preg_replace('~&#(\d{4,5}|[3-9]\d{2,4}|2[6-9]\d);~', '&#$1;', $option);
$setString .= "
($ID_POLL, $i, '$option'),";
$i++;
}
$setString = substr($setString, 0, -1);
db_query("
INSERT INTO {$db_prefix}poll_choices
(ID_POLL, ID_CHOICE, label)
VALUES$setString", __FILE__, __LINE__);
redirectexit('module=PollsManagement');
}
// Set the poll block preferences
function pollpref()
{
global $db_prefix;
// verify permissions
isAllowedTo('manage_polls');
if (isset($_POST['notset']))
db_query("INSERT INTO {$db_prefix}settings (variable, value) VALUES ('polls_display', '$_POST[showpoll]')", __FILE__, __LINE__);
else
db_query("UPDATE {$db_prefix}settings SET value='$_POST[showpoll]' WHERE (variable='polls_display')", __FILE__, __LINE__);
redirectexit('module=PollsManagement');
}
// Lock the voting for a poll.
function LockVoting()
{
global $db_prefix;
// verify permissions
isAllowedTo('poll_lock_any');
// set it to either locked/unlocked according to the request
$votingLocked = ($_REQUEST['sub'] == 'unlock') ? 0 : 2;
// Lock! *Poof* - no one can vote.
db_query("
UPDATE {$db_prefix}polls
SET votingLocked = $votingLocked
WHERE ID_POLL = $_REQUEST[ID_POLL]
LIMIT 1", __FILE__, __LINE__);
redirectexit('module=PollsManagement');
}
function EditPoll()
{
global $txt, $ID_MEMBER, $db_prefix;
global $user_info, $context, $scripturl;
isAllowedTo('poll_edit'); // make sure the user can edit
loadLanguage('Post');
// Get the question, id.
$request = db_query("
SELECT ID_POLL, question, hideResults, expireTime, maxVotes, changeVote
FROM {$db_prefix}polls
WHERE ID_POLL = '$_REQUEST[ID_POLL]'
LIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0)
fatal_lang_error('smf232');
$pollinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
// Basic theme info...
$context['poll'] = array(
'id' => $pollinfo['ID_POLL'],
'question' => $pollinfo['question'],
'hide_results' => $pollinfo['hideResults'],
'max_votes' => $pollinfo['maxVotes'],
'change_vote' => !empty($pollinfo['changeVote']),
);
// setup up this polls options
$pollhide0 = ($context['poll']['hide_results'] == 0) ? 'checked="checked"' : '';
$pollhide1 = ($context['poll']['hide_results'] == 1) ? 'checked="checked"' : '';
$pollhide2 = ($context['poll']['hide_results'] == 2) ? 'checked="checked"' : '';
$pollchange = (!empty($context['poll']['change_vote'])) ? 'checked="checked"' : '';
// setup the current expiration info
$context['poll']['expiration'] = empty($pollinfo['expireTime']) ? '' : ceil($pollinfo['expireTime'] <= time() ? -1 : ($pollinfo['expireTime'] - time()) / (3600 * 24));
$pollexpire = (empty($context['poll']['expiration'])) ? 'disabled="disabled"' : '';
// Get all the choices.
$request = db_query("
SELECT label, votes, ID_CHOICE
FROM {$db_prefix}poll_choices
WHERE ID_POLL = $pollinfo[ID_POLL]", __FILE__, __LINE__);
$context['choices'] = array();
$number = 1;
while ($row = mysql_fetch_assoc($request))
{
$context['choices'][$row['ID_CHOICE']] = array(
'id' => $row['ID_CHOICE'],
'number' => $number++,
'votes' => $row['votes'],
'label' => $row['label'],
'is_last' => false
);
}
mysql_free_result($request);
$last_id = max(array_keys($context['choices'])) + 1;
$context['page_title'] = $txt['polls_15'];
$context['choices'][] = array(
'id' => $last_id,
'number' => $number,
'votes' => -1,
'label' => '',
'is_last' => true
);
// Build the link tree.
$context['linktree'][] = array(
'name' => $txt['polls_15']
);
// display the poll and the edit form
$context['raw_data'] = '
<script language="JavaScript1.2" type="text/javascript"><!--
function pollOptions()
{
var expireTime = document.getElementById("poll_expire");
if (isEmptyText(expireTime) || expireTime.value == 0)
{
document.addpoll.poll_hide[2].disabled = true;
if (document.addpoll.poll_hide[2].checked)
document.addpoll.poll_hide[1].checked = true;
}
else
document.addpoll.poll_hide[2].disabled = false;
}
var pollOptionNum = 0;
function addPollOption()
{
if (pollOptionNum == 0)
{
for (var i = 0; i < document.addpoll.elements.length; i++)
if (document.addpoll.elements[i].id.substr(0, 8) == "options[")
pollOptionNum++;
}
pollOptionNum++
setOuterHTML(document.getElementById("pollMoreOptions"), \'<br /><label for="options[\' + pollOptionNum + \']">' . $txt['polls_12'] . ' \' + pollOptionNum + \'</label>: <input type="text" name="options[\' + pollOptionNum + \']" id="options[\' + pollOptionNum + \']" value="" size="25" /><span id="pollMoreOptions"></span>\');
}
// --></script>
<form name="addpoll" method="POST" action="' . $scripturl . '?module=PollsManagement;sa=EditPoll2">
<table class="bordercolor" cellspacing="1" cellpadding="0" align="center" border="0">
<tr>
<td>
<table cellspacing="0" cellpadding="4" align="center" border="0">
<tr>
<td class="titlebg" colspan="2">' . $txt['polls_15'] . '</td>
</tr>
<tr>
<td class="windowbg2"><strong>' . $txt['polls_1'] . '</strong></td>
<td class="windowbg2"><input type="text" size="80" name="question" value="' . $context['poll']['question'] . '" /></td>
</tr>
<tr>
<td class="windowbg2" align="right"> </td>
<td class="windowbg2">
';
foreach ($context['choices'] as $choice)
{
$context['raw_data'] .= '
<label for="options[' . $choice['id'] . ']">' . $txt['polls_12'] . ' ' . $choice['number'] . '</label>: <input type="text" name="options[' . $choice['id'] . ']" id="options[' . $choice['id'] . ']" size="25" value="' . $choice['label'] . '" />';
// Does this option have a vote count yet, or is it new?
if ($choice['votes'] != -1)
$context['raw_data'] .= ' (' . $choice['votes'] . ' ' . $txt['polls_3'] . ')';
if (!$choice['is_last'])
$context['raw_data'] .= '<br />';
}
$context['raw_data'] .= '
<span id="pollMoreOptions"></span> <a href="javascript:addPollOption(); void(0);">(' . $txt['poll_add_option'] . ')</a>
<input type="hidden" name="ID_POLL" value="' . $context['poll']['id'] . '" />
</td>
</tr>
<tr>
<td align="right"><b>' . $txt['poll_options'] . ':</b></td>
<td class="smalltext"><input type="text" name="poll_max_votes" size="2" value="' . $context['poll']['max_votes'] . '" /> ' . $txt['poll_options5'] . '</td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext">' . $txt['poll_options1a'] . ' <input type="text" id="poll_expire" name="poll_expire" size="2" value="' . $context['poll']['expiration'] . '" onchange="pollOptions();" /> ' . $txt['poll_options1b'] . '</td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext"><label for="poll_change_vote"><input type="checkbox" id="poll_change_vote" name="poll_change_vote" ' . $pollchange . ' class="check" /> ' . $txt['poll_options7'] . '</label></td>
</tr>
<tr>
<td align="right"></td>
<td class="smalltext">
<input type="radio" id="poll_hide" name="poll_hide" value="0" ' . $pollhide0 . ' class="check" /> ' . $txt['poll_options2'] . '<br />
<input type="radio" id="poll_hide" name="poll_hide" value="1" ' . $pollhide1 . ' class="check" /> ' . $txt['poll_options3'] . '<br />
<input type="radio" id="poll_hide" name="poll_hide" value="2" ' . $pollhide2 . $pollexpire . ' class="check" /> ' . $txt['poll_options4'] . '<br />
<br />
</td>
</tr>
<tr>
<td class="windowbg2" colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['polls_15'] . '" /></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
';
}
// Change a poll...
function EditPoll2()
{
global $txt, $ID_MEMBER, $db_prefix;
global $modSettings, $user_info;
isAllowedTo('poll_edit'); // make sure the user can edit
// Get all the choices. (no better way to remove all emptied and add previously non-existent ones.)
$request = db_query("
SELECT ID_CHOICE
FROM {$db_prefix}poll_choices
WHERE ID_POLL = $_POST[ID_POLL]", __FILE__, __LINE__);
$choices = array();
while ($row = mysql_fetch_assoc($request))
$choices[] = $row['ID_CHOICE'];
mysql_free_result($request);
$optionCount = 0;
// Ensure the user isn't removing all the options - there must be at least two.
foreach ($_POST['options'] as $k => $option)
{
if (trim($option) != '')
$optionCount++;
}
if ($optionCount < 2)
fatal_lang_error('poll_few', false);
// Also - ensure they are not removing the question.
if (!isset($_POST['question']) || trim($_POST['question']) == '')
fatal_lang_error ('polls_no_question');
foreach ($_POST['options'] as $k => $option)
{
// Make sure the key is numeric for sanity's sake.
$k = (int) $k;
$option = preg_replace('~&#(\d{4,5}|[3-9]\d{2,4}|2[6-9]\d);~', '&#$1;', $option);
// They've cleared the box. Either they want it deleted, or it never existed.
if (trim($option) == '')
{
// They want it deleted. Bye.
if (in_array($k, $choices))
{
db_query("
DELETE FROM {$db_prefix}log_polls
WHERE ID_POLL = $_POST[ID_POLL]
AND ID_CHOICE = $k", __FILE__, __LINE__);
db_query("
DELETE FROM {$db_prefix}poll_choices
WHERE ID_POLL = $b_POST[ID_POLL]
AND ID_CHOICE = $k", __FILE__, __LINE__);
}
// Skip the rest...
continue;
}
// Dress the option up for its big date with the database.
$option = htmlspecialchars($option);
// If it's already there, update it. If it's not... add it.
if (in_array($k, $choices))
db_query("
UPDATE {$db_prefix}poll_choices
SET label = '$option'
WHERE ID_POLL = $_POST[ID_POLL]
AND ID_CHOICE = $k
LIMIT 1", __FILE__, __LINE__);
else
db_query("
INSERT INTO {$db_prefix}poll_choices
(ID_POLL, ID_CHOICE, label, votes)
VALUES ($_POST[ID_POLL], $k, '$option', 0)", __FILE__, __LINE__);
}
// Shall I reset the vote count, sir?
if (isset($_POST['resetVoteCount']))
{
db_query("
UPDATE {$db_prefix}poll_choices
SET votes = 0
WHERE ID_POLL = $_POST[ID_POLL]", __FILE__, __LINE__);
db_query("
DELETE FROM {$db_prefix}log_polls
WHERE ID_POLL = $_POST[ID_POLL]", __FILE__, __LINE__);
}
// And finally... change the poll question, etc.
$_POST['question'] = htmlspecialchars($_POST['question']);
$_POST['question'] = preg_replace('~&#(\d{4,5}|[3-9]\d{2,4}|2[6-9]\d);~', '&#$1;', $_POST['question']);
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
// Ensure that the number options allowed makes sense, and the expiration date is valid.
if (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2)
$_POST['poll_hide'] = 1;
else
$_POST['poll_expire'] = empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24;
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0)
$_POST['poll_max_votes'] = 1;
else
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
db_query("
UPDATE {$db_prefix}polls
SET question = '$_POST[question]', changeVote = $_POST[poll_change_vote]," . (allowedTo('moderate_board') ? "
hideResults = $_POST[poll_hide], expireTime = $_POST[poll_expire], maxVotes = $_POST[poll_max_votes]" : "
hideResults = IF(expireTime = 0 AND $_POST[poll_hide] = 2, 1, $_POST[poll_hide])") . "
WHERE ID_POLL = $_POST[ID_POLL]
LIMIT 1", __FILE__, __LINE__);
// Off we go.
redirectexit('module=PollsManagement');
}
// Remove a poll from a topic without removing the topic.
function RemovePoll()
{
global $db_prefix;
isAllowedTo('poll_remove'); // check permissions to do this
// Remove all user logs for this poll.
db_query("
DELETE FROM {$db_prefix}log_polls
WHERE ID_POLL = '$_REQUEST[ID_POLL]'", __FILE__, __LINE__);
// Remove all poll choices.
db_query("
DELETE FROM {$db_prefix}poll_choices
WHERE ID_POLL = '$_REQUEST[ID_POLL]'", __FILE__, __LINE__);
// Remove the poll itself.
db_query("
DELETE FROM {$db_prefix}polls
WHERE ID_POLL = '$_REQUEST[ID_POLL]'
LIMIT 1", __FILE__, __LINE__);
redirectexit('module=PollsManagement');
}
?>