/**
* Allow the user to vote.
* It is called to register a vote in a poll.
* Must be called with a topic and option specified.
* Requires the poll_vote permission.
* Upon successful completion of action will direct user back to topic.
* Accessed via ?action=poll;sa=vote.
*
* @uses Post language file.
*/
public function action_vote()
{
global $topic, $user_info, $modSettings;
require_once SUBSDIR . '/Poll.subs.php';
// Make sure you can vote.
isAllowedTo('poll_vote');
loadLanguage('Post');
// Check if they have already voted, or voting is locked.
$row = checkVote($topic);
if (empty($row)) {
fatal_lang_error('poll_error', false);
}
// If this is a guest can they vote?
if ($user_info['is_guest']) {
// Guest voting disabled?
if (!$row['guest_vote']) {
fatal_lang_error('guest_vote_disabled');
} elseif (!empty($_COOKIE['guest_poll_vote']) && preg_match('~^[0-9,;]+$~', $_COOKIE['guest_poll_vote']) && strpos($_COOKIE['guest_poll_vote'], ';' . $row['id_poll'] . ',') !== false) {
// ;id,timestamp,[vote,vote...]; etc
$guestinfo = explode(';', $_COOKIE['guest_poll_vote']);
// Find the poll we're after.
foreach ($guestinfo as $i => $guestvoted) {
$guestvoted = explode(',', $guestvoted);
if ($guestvoted[0] == $row['id_poll']) {
break;
}
}
// Has the poll been reset since guest voted?
if (isset($guestvoted[1]) && $row['reset_poll'] > $guestvoted[1]) {
// Remove the poll info from the cookie to allow guest to vote again
unset($guestinfo[$i]);
if (!empty($guestinfo)) {
$_COOKIE['guest_poll_vote'] = ';' . implode(';', $guestinfo);
} else {
unset($_COOKIE['guest_poll_vote']);
}
} else {
fatal_lang_error('poll_error', false);
}
unset($guestinfo, $guestvoted, $i);
}
}
// Is voting locked or has it expired?
if (!empty($row['voting_locked']) || !empty($row['expire_time']) && time() > $row['expire_time']) {
fatal_lang_error('poll_error', false);
}
// If they have already voted and aren't allowed to change their vote - hence they are outta here!
if (!$user_info['is_guest'] && $row['selected'] != -1 && empty($row['change_vote'])) {
fatal_lang_error('poll_error', false);
} elseif (!empty($row['change_vote']) && !$user_info['is_guest'] && empty($_POST['options'])) {
checkSession('request');
// Find out what they voted for before.
$pollOptions = determineVote($user_info['id'], $row['id_poll']);
// Just skip it if they had voted for nothing before.
if (!empty($pollOptions)) {
// Update the poll totals.
decreaseVoteCounter($row['id_poll'], $pollOptions);
// Delete off the log.
removeVote($user_info['id'], $row['id_poll']);
}
// Redirect back to the topic so the user can vote again!
if (empty($_POST['options'])) {
redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
}
checkSession('request');
// Make sure the option(s) are valid.
if (empty($_POST['options'])) {
fatal_lang_error('didnt_select_vote', false);
}
// Too many options checked!
if (count($_REQUEST['options']) > $row['max_votes']) {
fatal_lang_error('poll_too_many_votes', false, array($row['max_votes']));
}
$pollOptions = array();
$inserts = array();
foreach ($_REQUEST['options'] as $id) {
$id = (int) $id;
$pollOptions[] = $id;
$inserts[] = array($row['id_poll'], $user_info['id'], $id);
}
// Add their vote to the tally.
addVote($inserts);
increaseVoteCounter($row['id_poll'], $pollOptions);
// If it's a guest don't let them vote again.
if ($user_info['is_guest'] && count($pollOptions) > 0) {
// Time is stored in case the poll is reset later, plus what they voted for.
$_COOKIE['guest_poll_vote'] = empty($_COOKIE['guest_poll_vote']) ? '' : $_COOKIE['guest_poll_vote'];
// ;id,timestamp,[vote,vote...]; etc
$_COOKIE['guest_poll_vote'] .= ';' . $row['id_poll'] . ',' . time() . ',' . (count($pollOptions) > 1 ? implode(',', $pollOptions) : $pollOptions[0]);
// Increase num guest voters count by 1
increaseGuestVote($row['id_poll']);
require_once SUBSDIR . '/Auth.subs.php';
$cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
elk_setcookie('guest_poll_vote', $_COOKIE['guest_poll_vote'], time() + 2500000, $cookie_url[1], $cookie_url[0], false, false);
}
// Maybe let a social networking mod log this, or something?
call_integration_hook('integrate_poll_vote', array(&$row['id_poll'], &$pollOptions));
// Return to the post...
redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
$message = '';
try {
$conn = new PDO('mysql:host=' . $servername . ';dbname=' . $database, $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if ($_POST['type'] == "login") {
$message = "Login successful";
} else {
if ($_POST['type'] == 'getCurrentPolls') {
$polls = readCurrentPolls($conn, $username);
} else {
if ($_POST['type'] == 'getOldPolls') {
$polls = readOldPolls($conn, $username);
} else {
if ($_POST['type'] == 'addVote') {
$message = addVote($conn, $username);
} else {
$message = "Site error. Action not recognized.";
$success = false;
}
}
}
}
$conn = null;
} catch (PDOException $e) {
$success = false;
if ($e->getCode() == 1044) {
$message = 'Incorrect password.';
} else {
if ($e->getCode() == 1045) {
$message = 'Failed to login.';
$sql = "SELECT id, film_id FROM selections WHERE filmnight_id = {$filmnight_id}";
$result = query($sql);
$selectedFilms = [];
$num_rows = $result->num_rows;
if ($num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$selectedFilms[$row['film_id']] = $row['id'];
}
}
error_log(print_r($selectedFilms, TRUE));
error_log(print_r($jsonVote, TRUE));
$idVote = [];
if (sort(array_keys($jsonVote)) != sort(array_keys($selectedFilms))) {
$continue = FALSE;
$_SESSION['ERROR'] = "Error: Failed to validate your vote.<br>Your list of films doesn't match our list of films<br>{$vote}";
echo "Error: Failed to validate your vote: bad films";
}
if (sort(array_values($jsonVote)) != range(1, $num_rows)) {
$continue = FALSE;
$_SESSION['ERROR'] = "Error: Failed to validate your vote.<br>You didn't give the correct positions.<br>{$vote}";
echo "Error: Failed to validate your vote: bad position";
}
foreach ($selectedFilms as $film => $filmid) {
$idVote[$filmid] = $jsonVote[$film];
}
if ($continue) {
addVote($filmnight_id, $_SESSION['ID'], $idVote);
}
}
}
}
