Vergleich polls.php - 1.8.13 - 1.8.22

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 52	Zeile 52
$plugins->run_hooks("polls_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	$plugins->run_hooks("polls_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)	if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
Zeile 134	Zeile 134
$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1)	$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1)
{	{
$postoptionschecked['public'] = 'checked="checked"'; }	$postoptionschecked['public'] = 'checked="checked"'; }
Zeile 150	Zeile 150
$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";	$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";
}	}
if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) {	if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) {
Zeile 183	Zeile 183
$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)	if(!$thread)
{ error($lang->error_invalidthread);	{ error($lang->error_invalidthread);
}	}
$fid = $thread['fid']; $forumpermissions = forum_permissions($fid);	$fid = $thread['fid']; $forumpermissions = forum_permissions($fid);
Zeile 194	Zeile 194
// Get forum info $forum = get_forum($fid); if(!$forum)	// Get forum info $forum = get_forum($fid); if(!$forum)
{	{
error($lang->error_invalidforum);	error($lang->error_invalidforum);
} else {	} else {
// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }	// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }
}	}
// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {	// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {
Zeile 214	Zeile 214
} if($thread['poll'])	} if($thread['poll'])
{	{
error($lang->error_pollalready); }	error($lang->error_pollalready); }
Zeile 262	Zeile 262
} if(trim($options[$i]) != "")	} if(trim($options[$i]) != "")
{	{
$optioncount++; }	$optioncount++; }
}	}
if(isset($lengtherror)) { error($lang->error_polloptiontoolong);	if(isset($lengtherror)) { error($lang->error_polloptiontoolong);
}	}
if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');	if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');

if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);	if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);
Zeile 310	Zeile 310
} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)	} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else { $maxoptions = 0;	{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else { $maxoptions = 0;
} $newpoll = array(	} $newpoll = array(
Zeile 342	Zeile 342
$plugins->run_hooks("polls_do_newpoll_end"); if($thread['visible'] == 1)	$plugins->run_hooks("polls_do_newpoll_end"); if($thread['visible'] == 1)
{	{
redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); } else	redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); } else
Zeile 374	Zeile 374
$tid = $thread['tid']; $fid = $thread['fid'];	$tid = $thread['tid']; $fid = $thread['fid'];

// Make navigation build_forum_breadcrumb($fid); add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));	// Make navigation build_forum_breadcrumb($fid); add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
Zeile 440	Zeile 440
$counter = $i + 1; $option = $optionsarray[$i]; $option = htmlspecialchars_uni($option);	$counter = $i + 1; $option = $optionsarray[$i]; $option = htmlspecialchars_uni($option);
$optionvotes = (int)$votesarray[$i]; if(!$optionvotes) { $optionvotes = 0; } eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");	$optionvotes = (int)$votesarray[$i]; if(!$optionvotes) { $optionvotes = 0; } eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";");
$option = ""; $optionvotes = "";	$option = ""; $optionvotes = "";
}	}
if(!$poll['timeout']) {	if(!$poll['timeout']) {
Zeile 459	Zeile 459
else { $timeout = $poll['timeout'];	else { $timeout = $poll['timeout'];
} if(!$poll['maxoptions']) { $maxoptions = 0; } else	} if(!$poll['maxoptions']) { $maxoptions = 0; } else
{ $maxoptions = $poll['maxoptions'];	{ $maxoptions = $poll['maxoptions'];
}	}
} else {	} else {
Zeile 479	Zeile 479
elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) { $numoptions = 2;	elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) { $numoptions = 2;
} else	} else
{ $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT); }	{ $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT); }
Zeile 545	Zeile 545
{ $maxoptions = $poll['maxoptions']; }	{ $maxoptions = $poll['maxoptions']; }
}	}
$plugins->run_hooks("polls_editpoll_end"); eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");	$plugins->run_hooks("polls_editpoll_end"); eval("\$editpoll = \"".$templates->get("polls_editpoll")."\";");
Zeile 579	Zeile 579
// Get forum info $forum = get_forum($thread['fid']);	// Get forum info $forum = get_forum($thread['fid']);
$fid = $thread['fid'];	$fid = $thread['fid'];
if(!$forum)	if(!$forum)
{	{
error($lang->error_invalidforum);	error($lang->error_invalidforum);
}	}
else	else
{	{
// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) {	// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) {
Zeile 595	Zeile 595
} if(!is_moderator($thread['fid'], "canmanagepolls"))	} if(!is_moderator($thread['fid'], "canmanagepolls"))
{	{
error_no_permission();	error_no_permission();
}	}
if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])	if($mybb->settings['maxpolloptions'] && $mybb->get_input('numoptions', MyBB::INPUT_INT) > $mybb->settings['maxpolloptions'])
{	{
$numoptions = $mybb->settings['maxpolloptions'];	$numoptions = $mybb->settings['maxpolloptions'];
}	}
elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)	elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2)
{	{
$numoptions = 2;	$numoptions = 2;
}	}
else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);	else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
}	}
$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1') {	$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1') {
Zeile 644	Zeile 644
} if(strpos($options[$i], '\|\|~\|~\|\|') !== false)	} if(strpos($options[$i], '\|\|~\|~\|\|') !== false)
{	{
$sequenceerror = 1; break; }	$sequenceerror = 1; break; }
Zeile 691	Zeile 691
$votes[$i] = "0"; } $voteslist .= $votes[$i];	$votes[$i] = "0"; } $voteslist .= $votes[$i];
$numvotes = $numvotes + $votes[$i];	$numvotes = (int)$numvotes + (int)$votes[$i];
}	}
}	}
if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)	if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0)
{	{
$timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);	$timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
} else { $timeout = 0;	} else { $timeout = 0;
} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)	} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions)
Zeile 711	Zeile 711
else { $maxoptions = 0;	else { $maxoptions = 0;
}	}
$updatedpoll = array( "question" => $db->escape_string($mybb->input['question']), "options" => $db->escape_string($optionslist),	$updatedpoll = array( "question" => $db->escape_string($mybb->input['question']), "options" => $db->escape_string($optionslist),
Zeile 727	Zeile 727
); $plugins->run_hooks("polls_do_editpoll_process");	); $plugins->run_hooks("polls_do_editpoll_process");

$db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $plugins->run_hooks("polls_do_editpoll_end");	$db->update_query("polls", $updatedpoll, "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $plugins->run_hooks("polls_do_editpoll_end");
Zeile 751	Zeile 751
$tid = $poll['tid']; $thread = get_thread($tid);	$tid = $poll['tid']; $thread = get_thread($tid);
if(!$thread)	if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
Zeile 899	Zeile 899
eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }	eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }

if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'"); $poll = $db->fetch_array($query);	$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'"); $poll = $db->fetch_array($query);

if(!$poll) { error($lang->error_invalidpoll); }	if(!$poll) { error($lang->error_invalidpoll); }

$plugins->run_hooks("polls_vote_start");	$plugins->run_hooks("polls_vote_start");

$poll['timeout'] = $poll['timeout']6060*24;	$poll['timeout'] = $poll['timeout']6060*24;
$query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'"); $thread = $db->fetch_array($query); if(!$thread \|\| $thread['visible'] == 0)	$thread = get_thread($poll['tid']); if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
Zeile 944	Zeile 944
{ // Doesn't look like it is error($lang->error_closedinvalidforum);	{ // Doesn't look like it is error($lang->error_closedinvalidforum);
} }	} }
$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < $now && $poll['timeout'])) { error($lang->error_pollclosed);	$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < $now && $poll['timeout'])) { error($lang->error_pollclosed);
}	}
if(!isset($mybb->input['option']))	if(!isset($mybb->input['option']))
{	{
error($lang->error_nopolloptions);	error($lang->error_nopolloptions);
}	}
// Check if the user has voted before... if($mybb->user['uid'])	// Check if the user has voted before... if($mybb->user['uid'])
{ $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query); } if($votecheck['vid'] \|\| (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== ""))	{ $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query); if($votecheck['vid'])
{ error($lang->error_alreadyvoted);	{ error($lang->error_alreadyvoted);
} elseif(!$mybb->user['uid']) { // Give a cookie to guests to inhibit revotes if(is_array($mybb->input['option'])) { // We have multiple options here... $votes_cookie = implode(',', array_keys($mybb->input['option'])); } else { $votes_cookie = $mybb->input['option']; } my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
}	}
$votesql = ''; $now = TIME_NOW;	$votesql = array();
$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];	$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];
Zeile 1001	Zeile 991
{ if($vote == 1 && isset($votesarray[$voteoption-1])) {	{ if($vote == 1 && isset($votesarray[$voteoption-1])) {
if($votesql) { $votesql .= ","; } $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";	$votesql[] = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($voteoption), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;	$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;
Zeile 1021	Zeile 1014
else { if(is_array($option) \|\| !isset($votesarray[$option-1]))	else { if(is_array($option) \|\| !isset($votesarray[$option-1]))
{	{
error($lang->error_nopolloptions); }	error($lang->error_nopolloptions); }
$votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";	$votesql = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($option), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$option-1]++; $numvotes = $numvotes+1;	$votesarray[$option-1]++; $numvotes = $numvotes+1;
}	}
if(!$votesql)	if(!$votesql)
{	{
error($lang->error_nopolloptions); }	error($lang->error_nopolloptions); }
$db->write_query(" INSERT INTO ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) VALUES $votesql ");	if($poll['multiple'] == 1) { $db->insert_query_multiple("pollvotes", $votesql); } else { $db->insert_query("pollvotes", $votesql); }
$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i)	$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i)
{	{
if($i > 1) { $voteslist .= "\|\|~\|~\|\|";	if($i > 1) { $voteslist .= "\|\|~\|~\|\|";
Zeile 1056	Zeile 1061
$plugins->run_hooks("polls_vote_process"); $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");	$plugins->run_hooks("polls_vote_process"); $db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'");

$plugins->run_hooks("polls_vote_end"); redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);	$plugins->run_hooks("polls_vote_end"); redirect(get_thread_link($poll['tid']), $lang->redirect_votethanks);
Zeile 1086	Zeile 1091
// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);	// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);
if(!$thread \|\| $thread['visible'] == 0) {	if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")))) {
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 1116	Zeile 1121
if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);	if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);
}	}
// Check if the user has voted before... $vote_options = array();	// Check if the user has voted before... $vote_options = array();

if($mybb->user['uid'])	if($mybb->user['uid'])
{ $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption']; } } elseif(isset($mybb->cookies['pollvotes'][$poll['pid']])) { // for Guests, we simply see if they've got the cookie $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);	{ $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
} if(empty($vote_options)) { error($lang->error_notvoted);	} if(empty($vote_options)) { error($lang->error_notvoted);
} else if(!$mybb->user['uid']) { // clear cookie for Guests my_setcookie("pollvotes[{$poll['pid']}]", "");
} // Note, this is not thread safe!	} // Note, this is not thread safe!
Zeile 1194	Zeile 1196
$plugins->run_hooks("polls_do_undovote_process");	$plugins->run_hooks("polls_do_undovote_process");
$db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");	$db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");	$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");