Vergleich polls.php - 1.8.6 - 1.8.15

Zeile 24	Zeile 24
if($mybb->user['uid'] != 0) {	if($mybb->user['uid'] != 0) {
	$mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); } else	eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); } else
Zeile 57	Zeile 58
} // Is the currently logged in user a moderator of this forum?	} // Is the currently logged in user a moderator of this forum?
if(is_moderator($thread['fid'])) { $ismod = true; } else { $ismod = false; }	$ismod = is_moderator($thread['fid']);
// Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))	// Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))
{	{
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 80	Zeile 74
if(!$forum) { error($lang->error_invalidforum);	if(!$forum) { error($lang->error_invalidforum);
}	}
else { // Is our forum closed?	else { // Is our forum closed?
Zeile 111	Zeile 105
{ $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']); error($lang->poll_time_limit);	{ $lang->poll_time_limit = $lang->sprintf($lang->poll_time_limit, $mybb->settings['polltimelimit']); error($lang->poll_time_limit);
}	}
// Sanitize number of poll options if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0) { $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);	// Sanitize number of poll options if($mybb->get_input('numpolloptions', MyBB::INPUT_INT) > 0) { $mybb->input['polloptions'] = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
}	}
if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) { // Too big $polloptions = $mybb->settings['maxpolloptions'];	if($mybb->settings['maxpolloptions'] && $mybb->get_input('polloptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) { // Too big $polloptions = $mybb->settings['maxpolloptions'];
}	}
elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2) { // Too small $polloptions = 2;	elseif($mybb->get_input('polloptions', MyBB::INPUT_INT) < 2) { // Too small $polloptions = 2;
} else	} else
{ // Just right $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);	{ // Just right $polloptions = $mybb->get_input('polloptions', MyBB::INPUT_INT);
}	}
$question = htmlspecialchars_uni($mybb->get_input('question')); $postoptionschecked = array('public' => '', 'multiple' => ''); $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT); if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)	$question = htmlspecialchars_uni($mybb->get_input('question')); $postoptionschecked = array('public' => '', 'multiple' => ''); $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_INT); if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
{	{
$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1) { $postoptionschecked['public'] = 'checked="checked"';	$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1) { $postoptionschecked['public'] = 'checked="checked"';
}	}
$options = $mybb->get_input('options', MyBB::INPUT_ARRAY); $optionbits = ''; for($i = 1; $i <= $polloptions; ++$i)	$options = $mybb->get_input('options', MyBB::INPUT_ARRAY); $optionbits = ''; for($i = 1; $i <= $polloptions; ++$i)
Zeile 156	Zeile 150
$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";	$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";
}	}
if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)	if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
{	{
$timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);	$timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
}	}
else { $timeout = 0; }	else { $timeout = 0; }

if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions) { $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);	if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions) { $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
Zeile 189	Zeile 183
$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread) { error($lang->error_invalidthread); }	if(!$thread) { error($lang->error_invalidthread); }
$fid = $thread['fid']; $forumpermissions = forum_permissions($fid); // Get forum info $forum = get_forum($fid); if(!$forum)	$fid = $thread['fid']; $forumpermissions = forum_permissions($fid); // Get forum info $forum = get_forum($fid); if(!$forum)
{	{
error($lang->error_invalidforum);	error($lang->error_invalidforum);
} else {	} else {
// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }	// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }
}	}
// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {	// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {
Zeile 220	Zeile 214
} if($thread['poll'])	} if($thread['poll'])
{	{
error($lang->error_pollalready); }	error($lang->error_pollalready); }
Zeile 268	Zeile 262
} if(trim($options[$i]) != "")	} if(trim($options[$i]) != "")
{	{
$optioncount++; }	$optioncount++; }
}	}
if(isset($lengtherror)) { error($lang->error_polloptiontoolong);	if(isset($lengtherror)) { error($lang->error_polloptiontoolong);
}	}
if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');	if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');

if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);	if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);
Zeile 316	Zeile 310
} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)	} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else { $maxoptions = 0; }	{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else { $maxoptions = 0; }
$newpoll = array( "tid" => $thread['tid'], "question" => $db->escape_string($mybb->input['question']),	$newpoll = array( "tid" => $thread['tid'], "question" => $db->escape_string($mybb->input['question']),
Zeile 466	Zeile 460
{ $timeout = $poll['timeout']; }	{ $timeout = $poll['timeout']; }

if(!$poll['maxoptions'])	if(!$poll['maxoptions'])
{	{
$maxoptions = 0;	$maxoptions = 0;
}	}
else	else
{	{
$maxoptions = $poll['maxoptions']; } } else	$maxoptions = $poll['maxoptions']; } } else
{ if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) { $numoptions = $mybb->settings['maxpolloptions'];	{ if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions']) { $numoptions = $mybb->settings['maxpolloptions'];
} elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) {	} elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) {
Zeile 542	Zeile 536
{ $timeout = 0; }	{ $timeout = 0; }

if(!$poll['maxoptions']) { $maxoptions = 0;	if(!$poll['maxoptions']) { $maxoptions = 0;
Zeile 570	Zeile 564
$poll = $db->fetch_array($query); if(!$poll)	$poll = $db->fetch_array($query); if(!$poll)
{	{
error($lang->error_invalidpoll);	error($lang->error_invalidpoll);
}	}
$query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $thread = $db->fetch_array($query); if(!$thread)	$query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $thread = $db->fetch_array($query); if(!$thread)
{	{
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 585	Zeile 579
// Get forum info $forum = get_forum($thread['fid']);	// Get forum info $forum = get_forum($thread['fid']);
$fid = $thread['fid']; if(!$forum) {	$fid = $thread['fid']; if(!$forum) {
error($lang->error_invalidforum); } else	error($lang->error_invalidforum); } else
Zeile 603	Zeile 597
if(!is_moderator($thread['fid'], "canmanagepolls")) { error_no_permission();	if(!is_moderator($thread['fid'], "canmanagepolls")) { error_no_permission();
}	}
if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])	if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
{	{
$numoptions = $mybb->settings['maxpolloptions'];	$numoptions = $mybb->settings['maxpolloptions'];
}	}
elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)	elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
{	{
$numoptions = 2;	$numoptions = 2;
}	}
else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);	else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
Zeile 620	Zeile 614
$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1')	$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1')
{	{
$postoptions['multiple'] = 0;	$postoptions['multiple'] = 0;
}	}
if(!isset($postoptions['public']) \|\| $postoptions['public'] != '1')	if(!isset($postoptions['public']) \|\| $postoptions['public'] != '1')
{	{
$postoptions['public'] = 0;	$postoptions['public'] = 0;
}	}
if(!isset($postoptions['closed']) \|\| $postoptions['closed'] != '1') {	if(!isset($postoptions['closed']) \|\| $postoptions['closed'] != '1') {
Zeile 635	Zeile 629
} $optioncount = "0"; $options = $mybb->input['options'];	} $optioncount = "0"; $options = $mybb->input['options'];
for($i = 1; $i <= $numoptions; ++$i) {	for($i = 1; $i <= $numoptions; ++$i) {
if(!isset($options[$i]))	if(!isset($options[$i]))
{	{
$options[$i] = '';	$options[$i] = '';
}	}
if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit']) {	if($mybb->settings['polloptionlimit'] != 0 && my_strlen($options[$i]) > $mybb->settings['polloptionlimit']) {
Zeile 653	Zeile 647
{ $sequenceerror = 1; break;	{ $sequenceerror = 1; break;
}	}
if(trim($options[$i]) != "") { $optioncount++; }	if(trim($options[$i]) != "") { $optioncount++; }
}	}
if(isset($lengtherror))	if(isset($lengtherror))
{	{
error($lang->error_polloptiontoolong);	error($lang->error_polloptiontoolong);
}	}
if(isset($sequenceerror)) { error($lang->error_polloptionsequence);	if(isset($sequenceerror)) { error($lang->error_polloptionsequence);
}	}
$mybb->input['question'] = $mybb->get_input('question'); if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) {	$mybb->input['question'] = $mybb->get_input('question'); if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) {
Zeile 686	Zeile 680
if(trim($options[$i]) != '') { if($optionslist != '')	if(trim($options[$i]) != '') { if($optionslist != '')
{	{
$optionslist .= "\|\|~\|~\|\|"; $voteslist .= "\|\|~\|~\|\|"; }	$optionslist .= "\|\|~\|~\|\|"; $voteslist .= "\|\|~\|~\|\|"; }
Zeile 709	Zeile 703
{ $timeout = 0; }	{ $timeout = 0; }

if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)	if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)
{	{
$maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);	$maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
}	}
else { $maxoptions = 0;	else { $maxoptions = 0;
} $updatedpoll = array(	} $updatedpoll = array(
"question" => $db->escape_string($mybb->input['question']), "options" => $db->escape_string($optionslist), "votes" => $db->escape_string($voteslist),	"question" => $db->escape_string($mybb->input['question']), "options" => $db->escape_string($optionslist), "votes" => $db->escape_string($voteslist),
Zeile 811	Zeile 805
} else {	} else {
$voters[$voter['voteoption']][$voter['uid']] = $voter['username'];	$voters[$voter['voteoption']][$voter['uid']] = htmlspecialchars_uni($voter['username']);
} }	} }
Zeile 968	Zeile 962
// Check if the user has voted before... if($mybb->user['uid']) {	// Check if the user has voted before... if($mybb->user['uid']) {
$query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query);	$user_check = "uid='{$mybb->user['uid']}'";
}	}
if($votecheck['vid'] \|\| (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== ""))	else { $user_check = "ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query); if($votecheck['vid'])
{ error($lang->error_alreadyvoted);	{ error($lang->error_alreadyvoted);
} elseif(!$mybb->user['uid']) { // Give a cookie to guests to inhibit revotes if(is_array($mybb->input['option'])) { // We have multiple options here... $votes_cookie = implode(',', array_keys($mybb->input['option'])); } else { $votes_cookie = $mybb->input['option']; } my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
}	}
$votesql = ''; $now = TIME_NOW;	$votesql = array();
$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];	$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];
Zeile 1002	Zeile 986
if(is_array($option)) { $total_options = 0;	if(is_array($option)) { $total_options = 0;

foreach($option as $voteoption => $vote) { if($vote == 1 && isset($votesarray[$voteoption-1])) {	foreach($option as $voteoption => $vote) { if($vote == 1 && isset($votesarray[$voteoption-1])) {
if($votesql) { $votesql .= ","; } $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";	$votesql[] = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($voteoption), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++; }	$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++; }
}	}
if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0) { error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions'])); }	if($total_options > $poll['maxoptions'] && $poll['maxoptions'] != 0) { error($lang->sprintf($lang->error_maxpolloptions, $poll['maxoptions'])); }
} }	} }
else	else
{	{
if(is_array($option) \|\| !isset($votesarray[$option-1])) { error($lang->error_nopolloptions); }	if(is_array($option) \|\| !isset($votesarray[$option-1])) { error($lang->error_nopolloptions); }
$votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";	$votesql = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($option), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$option-1]++; $numvotes = $numvotes+1; }	$votesarray[$option-1]++; $numvotes = $numvotes+1; }
Zeile 1038	Zeile 1033
if(!$votesql) { error($lang->error_nopolloptions);	if(!$votesql) { error($lang->error_nopolloptions);
} $db->write_query(" INSERT INTO ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) VALUES $votesql ");	} if($poll['multiple'] == 1) { $db->insert_query_multiple("pollvotes", $votesql); } else { $db->insert_query("pollvotes", $votesql); }
$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {	$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {
Zeile 1061	Zeile 1060
$plugins->run_hooks("polls_vote_process");	$plugins->run_hooks("polls_vote_process");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_vote_end");	$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_vote_end");
redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); }	redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks); }
Zeile 1075	Zeile 1074
if($mybb->usergroup['canundovotes'] != 1) { error_no_permission();	if($mybb->usergroup['canundovotes'] != 1) { error_no_permission();
}	}
$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);	$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);
Zeile 1122	Zeile 1121
if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);	if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);
}	}
// Check if the user has voted before... $vote_options = array();	// Check if the user has voted before... $vote_options = array();

if($mybb->user['uid'])	if($mybb->user['uid'])
{ $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption']; } } elseif(isset($mybb->cookies['pollvotes'][$poll['pid']])) { // for Guests, we simply see if they've got the cookie $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);	{ $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
} if(empty($vote_options)) { error($lang->error_notvoted);	} if(empty($vote_options)) { error($lang->error_notvoted);
} else if(!$mybb->user['uid']) { // clear cookie for Guests my_setcookie("pollvotes[{$poll['pid']}]", "");
} // Note, this is not thread safe!	} // Note, this is not thread safe!
Zeile 1200	Zeile 1196
$plugins->run_hooks("polls_do_undovote_process");	$plugins->run_hooks("polls_do_undovote_process");
$db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");	$db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");	$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");