Location: PHPKode > scripts > Tapps > tapps/poll.php
<?php

/************************************************************************
 *									*
 *	Tapps - poll.php						*
 *									*
 *	description	: advanced PHP poll system			*
 *	copyright	: (c) 2001,2002 by Stephan Uhlman		*
 *	email		: hide@address.com				*
 *									*
 ************************************************************************/

/************************************************************************
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 ************************************************************************/


// all settings made there are trusted values
// they are not checked for validity
// the check for config_private.inc.php is just to seperate my own development
// config from the published default config (included in releases)
if (file_exists(dirname(__FILE__) . "/config_private.inc.php"))
	include(dirname(__FILE__) . "/config_private.inc.php");
else
	include(dirname(__FILE__) . "/config.inc.php");


include(dirname(__FILE__) . "/functions.inc.php");



//
// main()
//


// some browsers do a HTTP HEAD to get the mimetype of the data, but we don't
// want any code executed then (which could already modify data in the db)
// so just sent a newline to force php to send the headers _now_
if ($HTTP_SERVER_VARS['REQUEST_METHOD']=="HEAD")
{
	echo "\n";
}

// start output buffer (we can't just echo out from beginning because it
// might that we want to set a cookie later)
ob_start();

// when called directly include header
if (substr($HTTP_SERVER_VARS['PHP_SELF'],-8) == "poll.php")
	include(dirname(__FILE__) . "/header.php");

// establish database connection
db_connect();


// check if incoming data (GET, POST, COOKIE_VARS) is valid

$mode=getVar("mode","");
if ((is_string($mode)==FALSE) || (in_array($mode,array("","results","activate","vote","poll","list"))==FALSE))
{
	die("Invalid mode.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}

$poll_id=0;
$s=getVar("poll_id","0");
if (is_numeric($s)==FALSE)
{
	die("Invalid poll_id.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}
$poll_id = (int)$s;

$pending_id="";
if (isset($HTTP_GET_VARS['pending_id'])) $pending_id=$HTTP_GET_VARS['pending_id'];
if (is_string($pending_id)==FALSE || (strlen($pending_id)!=32 && strlen($pending_id)!=0))
{
	die("Invalid pending_id.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}

$options=array();
if (isset($HTTP_POST_VARS['options'])) $options=$HTTP_POST_VARS['options'];
if (is_array($options) == FALSE)
{
	die("Invalid options.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}

foreach ($options as $option_id)
{
	if (is_numeric($option_id) == FALSE)
	{
		die("Invalid option_id.<br>(Don't mess with the input. I don't trust you!)<br>\n");
	}
	$option_id = (int)$option_id;
}


// verify cookie data
if (isset($tapps_cookie) && $tapps_cookie==TRUE)
{
	$already_voted = array();
	if (isset($HTTP_COOKIE_VARS["$tapps_cookie_name"]))
	{
		$already_voted = unserialize(stripslashes($HTTP_COOKIE_VARS["$tapps_cookie_name"]));

		if (is_array($already_voted) == FALSE)
		{
			die("Invalid cookie data.<br>(Don't mess with the input. I don't trust you!)<br>\n");
		}
		foreach ($already_voted as $option_id)
		{
			if (is_numeric($option_id) == FALSE)
			{
				die("Invalid cookie data.<br>(Don't mess with the input. I don't trust you!)<br>\n");
			}
			$option_id = (int)$option_id;
		}

	}
}

$voter_email="";
if (isset($HTTP_POST_VARS['voter_email'])) $voter_email=$HTTP_POST_VARS['voter_email'];
if (is_string($voter_email)==FALSE)
{
	die("Invalid voter_email.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}

// verify some config settings
if (isset($tapps_dir) && $tapps_dir!="")
{
	if ($tapps_dir[strlen($tapps_dir)-1]!="/")
		$tapps_dir = $tapps_dir ."/";
}

// code

if (($mode == "results") && ($poll_id != 0))
{
	print_results($poll_id);
} else
if (($mode == "activate") && ($pending_id != ""))
{
	activate_vote($pending_id);
} else
if (($mode == "vote") && ($poll_id!=0) && (sizeof($options)>0))
{
	check_vote($poll_id,$options);
	do_vote($poll_id,$options);
} else
if (($mode == "poll") && ($poll_id!=0))
{
	if (poll_over($poll_id)==TRUE)
	{
		print_results($poll_id);
		echo "Voting for this poll is over.<br>\n";
	}
	else
	{
		print_vote_form($poll_id);
	}
} else
if ($mode == "list")
{
	print_poll_list();
} else
{
	default_action();
}

// when called directly include footer
if (substr($HTTP_SERVER_VARS['PHP_SELF'],-8) == "poll.php")
	include(dirname(__FILE__) . "/footer.php");

// finally flush the output buffer and send everything to the browser
ob_end_flush();

// end

?>
Web-based Email Marketing Software for sending email newsletters
Return current item: Tapps