Vergleich polls.php - 1.8.11 - 1.8.37

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 29	Zeile 29
} else {	} else {
	$username = '';
eval("\$loginbox = \"".$templates->get("loginbox")."\";"); }	eval("\$loginbox = \"".$templates->get("loginbox")."\";"); }
Zeile 52	Zeile 53
$plugins->run_hooks("polls_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	$plugins->run_hooks("polls_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)	if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
Zeile 134	Zeile 135
$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1)	$postoptionschecked['multiple'] = 'checked="checked"'; } if(isset($postoptions['public']) && $postoptions['public'] == 1)
{	{
$postoptionschecked['public'] = 'checked="checked"'; }	$postoptionschecked['public'] = 'checked="checked"'; }
Zeile 150	Zeile 151
$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";	$option = htmlspecialchars_uni($option); eval("\$optionbits .= \"".$templates->get("polls_newpoll_option")."\";"); $option = "";
}	}
if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) {	if($mybb->get_input('timeout', MyBB::INPUT_INT) > 0) {
Zeile 183	Zeile 184
$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	$plugins->run_hooks("polls_do_newpoll_start"); $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)	if(!$thread)
{ error($lang->error_invalidthread);	{ error($lang->error_invalidthread);
}	}
$fid = $thread['fid']; $forumpermissions = forum_permissions($fid);	$fid = $thread['fid']; $forumpermissions = forum_permissions($fid);
Zeile 194	Zeile 195
// Get forum info $forum = get_forum($fid); if(!$forum)	// Get forum info $forum = get_forum($fid); if(!$forum)
{	{
error($lang->error_invalidforum);	error($lang->error_invalidforum);
} else {	} else {
// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }	// Is our forum closed? if($forum['open'] == 0 && !is_moderator($fid, "canmanagepolls")) { // Doesn't look like it is error($lang->error_closedinvalidforum); }
}	}
// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {	// No permission if: Not thread author; not moderator; no forum perms to view, post threads, post polls if(($thread['uid'] != $mybb->user['uid'] && !is_moderator($fid, "canmanagepolls")) \|\| ($forumpermissions['canview'] == 0 \|\| $forumpermissions['canpostthreads'] == 0 \|\| $forumpermissions['canpostpolls'] == 0)) {
Zeile 214	Zeile 215
} if($thread['poll'])	} if($thread['poll'])
{	{
error($lang->error_pollalready); }	error($lang->error_pollalready); }
Zeile 262	Zeile 263
} if(trim($options[$i]) != "")	} if(trim($options[$i]) != "")
{	{
$optioncount++; }	$optioncount++; }
}	}
if(isset($lengtherror)) { error($lang->error_polloptiontoolong);	if(isset($lengtherror)) { error($lang->error_polloptiontoolong);
}	}
if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');	if(isset($sequenceerror)) { error($lang->error_polloptionsequence); } $mybb->input['question'] = $mybb->get_input('question');

if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);	if(trim($mybb->input['question']) == '' \|\| $optioncount < 2) { error($lang->error_noquestionoptions);
Zeile 310	Zeile 311
} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)	} if($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $polloptions)
{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else {	{ $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT); } else {
$maxoptions = 0; }	$maxoptions = 0; }
Zeile 342	Zeile 343
$plugins->run_hooks("polls_do_newpoll_end"); if($thread['visible'] == 1)	$plugins->run_hooks("polls_do_newpoll_end"); if($thread['visible'] == 1)
{	{
redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); } else	redirect(get_thread_link($thread['tid']), $lang->redirect_pollposted); } else
Zeile 374	Zeile 375
$tid = $thread['tid']; $fid = $thread['fid'];	$tid = $thread['tid']; $fid = $thread['fid'];

// Make navigation build_forum_breadcrumb($fid); add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));	// Make navigation build_forum_breadcrumb($fid); add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid']));
Zeile 440	Zeile 441
$counter = $i + 1; $option = $optionsarray[$i]; $option = htmlspecialchars_uni($option);	$counter = $i + 1; $option = $optionsarray[$i]; $option = htmlspecialchars_uni($option);
$optionvotes = (int)$votesarray[$i]; if(!$optionvotes) { $optionvotes = 0; }	$optionvotes = (int)$votesarray[$i]; if(!$optionvotes) { $optionvotes = 0; }
eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); $option = ""; $optionvotes = ""; } if(!$poll['timeout'])	eval("\$optionbits .= \"".$templates->get("polls_editpoll_option")."\";"); $option = ""; $optionvotes = ""; } if(!$poll['timeout'])
{	{
$timeout = 0; } else { $timeout = $poll['timeout']; }	$timeout = 0; } else { $timeout = $poll['timeout']; }
if(!$poll['maxoptions']) { $maxoptions = 0; } else	if(!$poll['maxoptions']) { $maxoptions = 0; } else
{ $maxoptions = $poll['maxoptions'];	{ $maxoptions = $poll['maxoptions'];
}	}
} else {	} else {
Zeile 479	Zeile 480
elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) { $numoptions = 2;	elseif($mybb->get_input('numoptions', MyBB::INPUT_INT) < 2) { $numoptions = 2;
}	}
else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);	else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
Zeile 488	Zeile 489
$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)	$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(isset($postoptions['multiple']) && $postoptions['multiple'] == 1)
{	{
$postoptionschecked['multiple'] = 'checked="checked"';	$postoptionschecked['multiple'] = 'checked="checked"';
}	}
if(isset($postoptions['public']) && $postoptions['public'] == 1) { $postoptionschecked['public'] = 'checked="checked"';	if(isset($postoptions['public']) && $postoptions['public'] == 1) { $postoptionschecked['public'] = 'checked="checked"';
}	}
if(isset($postoptions['closed']) && $postoptions['closed'] == 1) { $postoptionschecked['closed'] = 'checked="checked"';	if(isset($postoptions['closed']) && $postoptions['closed'] == 1) { $postoptionschecked['closed'] = 'checked="checked"';
Zeile 545	Zeile 546
{ $maxoptions = $poll['maxoptions']; }	{ $maxoptions = $poll['maxoptions']; }
}	}
$plugins->run_hooks("polls_editpoll_end");	$plugins->run_hooks("polls_editpoll_end");
Zeile 571	Zeile 572
$query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $thread = $db->fetch_array($query); if(!$thread)	$query = $db->simple_select("threads", "*", "poll='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $thread = $db->fetch_array($query); if(!$thread)
{ error($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); // Get forum info	{ error($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); // Get forum info
$forum = get_forum($thread['fid']); $fid = $thread['fid']; if(!$forum)	$forum = get_forum($thread['fid']); $fid = $thread['fid']; if(!$forum)
Zeile 610	Zeile 611
else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);	else { $numoptions = $mybb->get_input('numoptions', MyBB::INPUT_INT);
}	}
$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1')	$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(!isset($postoptions['multiple']) \|\| $postoptions['multiple'] != '1')
Zeile 676	Zeile 677
$numvotes = ''; $votes = $mybb->input['votes']; for($i = 1; $i <= $numoptions; ++$i)	$numvotes = ''; $votes = $mybb->input['votes']; for($i = 1; $i <= $numoptions; ++$i)
{	{
if(trim($options[$i]) != '') { if($optionslist != '')	if(trim($options[$i]) != '') { if($optionslist != '')
Zeile 690	Zeile 691
{ $votes[$i] = "0"; }	{ $votes[$i] = "0"; }
$voteslist .= $votes[$i]; $numvotes = $numvotes + $votes[$i];	$voteslist .= (int)$votes[$i]; $numvotes = (int)$numvotes + (int)$votes[$i];
} }	} }
Zeile 711	Zeile 712
else { $maxoptions = 0;	else { $maxoptions = 0;
}	}
$updatedpoll = array( "question" => $db->escape_string($mybb->input['question']),	$updatedpoll = array( "question" => $db->escape_string($mybb->input['question']),
Zeile 751	Zeile 752
$tid = $poll['tid']; $thread = get_thread($tid);	$tid = $poll['tid']; $thread = get_thread($tid);
if(!$thread)	if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
{ error($lang->error_invalidthread);	{ error($lang->error_invalidthread);
} $fid = $thread['fid'];	} $fid = $thread['fid'];
// Get forum info $forum = get_forum($fid); if(!$forum) { error($lang->error_invalidforum);	// Get forum info $forum = get_forum($fid); if(!$forum) { error($lang->error_invalidforum);
} $forumpermissions = forum_permissions($forum['fid']);	} $forumpermissions = forum_permissions($forum['fid']);
$plugins->run_hooks("polls_showresults_start"); if($forumpermissions['canviewthreads'] == 0 \|\| $forumpermissions['canview'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))	$plugins->run_hooks("polls_showresults_start"); if($forumpermissions['canviewthreads'] == 0 \|\| $forumpermissions['canview'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
Zeile 779	Zeile 780
add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); add_breadcrumb($lang->nav_pollresults);	add_breadcrumb(htmlspecialchars_uni($thread['subject']), get_thread_link($thread['tid'])); add_breadcrumb($lang->nav_pollresults);
$voters = $votedfor = array();	$voters = $votedfor = $guest_voters = array();
// Calculate votes $query = $db->query("	// Calculate votes $query = $db->query("
Zeile 801	Zeile 802
if($voter['uid'] == 0 \|\| $voter['username'] == '') { // Add one to the number of voters for guests	if($voter['uid'] == 0 \|\| $voter['username'] == '') { // Add one to the number of voters for guests
++$guest_voters[$voter['voteoption']];	if(isset($guest_voters[$voter['voteoption']])) { ++$guest_voters[$voter['voteoption']]; } else { $guest_voters[$voter['voteoption']] = 1; }
} else {	} else {
Zeile 899	Zeile 907
eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }	eval("\$showresults = \"".$templates->get("polls_showresults")."\";"); output_page($showresults); }

if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	if($mybb->input['action'] == "vote" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'"); $poll = $db->fetch_array($query);	$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid')."'"); $poll = $db->fetch_array($query);

if(!$poll) { error($lang->error_invalidpoll); }	if(!$poll) { error($lang->error_invalidpoll); }

$plugins->run_hooks("polls_vote_start");	$plugins->run_hooks("polls_vote_start");

$poll['timeout'] = $poll['timeout']6060*24;	$poll['timeout'] = $poll['timeout']6060*24;
$query = $db->simple_select("threads", "*", "poll='".(int)$poll['pid']."'"); $thread = $db->fetch_array($query); if(!$thread \|\| $thread['visible'] == 0)	$thread = get_thread($poll['tid']); if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted"))))
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
Zeile 944	Zeile 952
{ // Doesn't look like it is error($lang->error_closedinvalidforum);	{ // Doesn't look like it is error($lang->error_closedinvalidforum);
} }	} }
$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < $now && $poll['timeout'])) { error($lang->error_pollclosed);	$expiretime = $poll['dateline'] + $poll['timeout']; $now = TIME_NOW; if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < $now && $poll['timeout'])) { error($lang->error_pollclosed);
}	}
if(!isset($mybb->input['option']))	if(!isset($mybb->input['option']))
{	{
error($lang->error_nopolloptions);	error($lang->error_nopolloptions);
}	}
// Check if the user has voted before... if($mybb->user['uid'])	// Check if the user has voted before... if($mybb->user['uid'])
{ $query = $db->simple_select("pollvotes", "*", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query); } if($votecheck['vid'] \|\| (isset($mybb->cookies['pollvotes'][$poll['pid']]) && $mybb->cookies['pollvotes'][$poll['pid']] !== ""))	{ $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "*", "{$user_check} AND pid='".$poll['pid']."'"); $votecheck = $db->fetch_array($query); if($votecheck)
{ error($lang->error_alreadyvoted);	{ error($lang->error_alreadyvoted);
} elseif(!$mybb->user['uid']) { // Give a cookie to guests to inhibit revotes if(is_array($mybb->input['option'])) { // We have multiple options here... $votes_cookie = implode(',', array_keys($mybb->input['option'])); } else { $votes_cookie = $mybb->input['option']; } my_setcookie("pollvotes[{$poll['pid']}]", $votes_cookie);
}	}
$votesql = ''; $now = TIME_NOW;	$votesql = array();
$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];	$votesarray = explode("\|\|~\|~\|\|", $poll['votes']); $option = $mybb->input['option']; $numvotes = (int)$poll['numvotes'];
Zeile 1001	Zeile 999
{ if($vote == 1 && isset($votesarray[$voteoption-1])) {	{ if($vote == 1 && isset($votesarray[$voteoption-1])) {
if($votesql) { $votesql .= ","; } $votesql .= "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($voteoption)."','$now')";	$votesql[] = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($voteoption), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;	$votesarray[$voteoption-1]++; $numvotes = $numvotes+1; $total_options++;
Zeile 1024	Zeile 1025
{ error($lang->error_nopolloptions); }	{ error($lang->error_nopolloptions); }
$votesql = "('".$poll['pid']."','".$mybb->user['uid']."','".$db->escape_string($option)."','$now')";	$votesql = array( "pid" => $poll['pid'], "uid" => (int)$mybb->user['uid'], "voteoption" => $db->escape_string($option), "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip) );
$votesarray[$option-1]++; $numvotes = $numvotes+1;	$votesarray[$option-1]++; $numvotes = $numvotes+1;
}	}
if(!$votesql) { error($lang->error_nopolloptions); }	if(!$votesql) { error($lang->error_nopolloptions); }
$db->write_query(" INSERT INTO ".TABLE_PREFIX."pollvotes (pid,uid,voteoption,dateline) VALUES $votesql ");	if($poll['multiple'] == 1) { $db->insert_query_multiple("pollvotes", $votesql); } else { $db->insert_query("pollvotes", $votesql); }
$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {	$voteslist = ''; for($i = 1; $i <= $poll['numoptions']; ++$i) {
Zeile 1069	Zeile 1082
if($mybb->usergroup['canundovotes'] != 1) { error_no_permission();	if($mybb->usergroup['canundovotes'] != 1) { error_no_permission();
}	}
$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);	$query = $db->simple_select("polls", "*", "pid='".$mybb->get_input('pid', MyBB::INPUT_INT)."'"); $poll = $db->fetch_array($query);
if(!$poll['pid'])	if(!$poll)
{ error($lang->error_invalidpoll); }	{ error($lang->error_invalidpoll); }
Zeile 1086	Zeile 1099
// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);	// We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']);
if(!$thread \|\| $thread['visible'] == 0) {	if(!$thread \|\| ($thread['visible'] != 1 && ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) \|\| ($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")))) {
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 1116	Zeile 1129
if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);	if($poll['closed'] == 1 \|\| $thread['closed'] == 1 \|\| ($expiretime < TIME_NOW && $poll['timeout'])) { error($lang->error_pollclosed);
}	}
// Check if the user has voted before... $vote_options = array();	// Check if the user has voted before... $vote_options = array();

if($mybb->user['uid'])	if($mybb->user['uid'])
{ $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption']; } } elseif(isset($mybb->cookies['pollvotes'][$poll['pid']])) { // for Guests, we simply see if they've got the cookie $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);	{ $user_check = "uid='{$mybb->user['uid']}'"; } else { $user_check = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); } $query = $db->simple_select("pollvotes", "vid,voteoption", "{$user_check} AND pid='".$poll['pid']."'"); while($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption'];
} if(empty($vote_options)) { error($lang->error_notvoted);	} if(empty($vote_options)) { error($lang->error_notvoted);
} else if(!$mybb->user['uid']) { // clear cookie for Guests my_setcookie("pollvotes[{$poll['pid']}]", "");
} // Note, this is not thread safe! $votesarray = explode("\|\|~\|~\|\|", $poll['votes']); if(count($votesarray) > $poll['numoptions']) {	} // Note, this is not thread safe! $votesarray = explode("\|\|~\|~\|\|", $poll['votes']); if(count($votesarray) > $poll['numoptions']) {
$votesarray = array_slice(0, $poll['numoptions']);	$votesarray = array_slice($votesarray, 0, $poll['numoptions']);
} if($poll['multiple'] == 1)	} if($poll['multiple'] == 1)
Zeile 1194	Zeile 1204
$plugins->run_hooks("polls_do_undovote_process");	$plugins->run_hooks("polls_do_undovote_process");
$db->delete_query("pollvotes", "uid='".$mybb->user['uid']."' AND pid='".$poll['pid']."'");	$db->delete_query("pollvotes", "{$user_check} AND pid='".$poll['pid']."'");
$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");	$db->update_query("polls", $updatedpoll, "pid='".$poll['pid']."'"); $plugins->run_hooks("polls_do_undovote_end");