/**
* Shows poll editor
*
* Diplays the poll editor form
*
* @param string $pid ID of poll to edit
* @return string HTML for poll editor form
*
*/
function editpoll($pid = '')
{
global $_CONF, $_PO_CONF, $_GROUPS, $_TABLES, $_USER, $LANG25, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG_POLLS;
$retval = '';
if (!empty($pid)) {
$topic = DB_query("SELECT * FROM {$_TABLES['polltopics']} WHERE pid='{$pid}'");
$T = DB_fetchArray($topic);
// Get permissions for poll
$access = SEC_hasAccess($T['owner_id'], $T['group_id'], $T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']);
if ($access == 0 or $access == 2) {
// User doesn't have access...bail
$retval .= COM_startBlock($LANG25[21], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG25[22];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
return $retval;
}
}
// writing the menu on top
require_once $_CONF['path_system'] . 'lib-admin.php';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php', 'text' => $LANG_ADMIN['list_all']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$token = SEC_createToken();
$retval .= COM_startBlock($LANG25[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_POLLS['editinstructions'], plugin_geticon_polls());
$retval .= SEC_getTokenExpiryNotice($token);
$poll_templates = new Template($_CONF['path'] . 'plugins/polls/templates/admin/');
$poll_templates->set_file(array('editor' => 'polleditor.thtml', 'question' => 'pollquestions.thtml', 'answer' => 'pollansweroption.thtml'));
$poll_templates->set_var('xhtml', XHTML);
$poll_templates->set_var('site_url', $_CONF['site_url']);
$poll_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$poll_templates->set_var('layout_url', $_CONF['layout_url']);
if (!empty($pid) and $access == 3 and !empty($T['owner_id'])) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$poll_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$poll_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
} else {
$T['pid'] = COM_makeSid();
$T['topic'] = '';
$T['meta_description'] = '';
$T['meta_keywords'] = '';
$T['voters'] = 0;
$T['display'] = 1;
$T['is_open'] = 1;
$T['hideresults'] = 0;
$T['owner_id'] = $_USER['uid'];
if (isset($_GROUPS['Polls Admin'])) {
$T['group_id'] = $_GROUPS['Polls Admin'];
} else {
$T['group_id'] = SEC_getFeatureGroup('polls.edit');
}
SEC_setDefaultPermissions($T, $_PO_CONF['default_permissions']);
$T['statuscode'] = 0;
$T['commentcode'] = $_CONF['comment_code'];
$access = 3;
}
$poll_templates->set_var('lang_pollid', $LANG25[6]);
$poll_templates->set_var('poll_id', $T['pid']);
$poll_templates->set_var('lang_donotusespaces', $LANG25[7]);
$poll_templates->set_var('lang_topic', $LANG25[9]);
$poll_templates->set_var('poll_topic', htmlspecialchars($T['topic']));
$poll_templates->set_var('lang_mode', $LANG25[1]);
$poll_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$poll_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($T['meta_description'])) {
$poll_templates->set_var('meta_description', $T['meta_description']);
}
if (!empty($T['meta_keywords'])) {
$poll_templates->set_var('meta_keywords', $T['meta_keywords']);
}
$poll_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $T['statuscode']));
$poll_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $T['commentcode']));
$poll_templates->set_var('lang_appearsonhomepage', $LANG25[8]);
$poll_templates->set_var('lang_openforvoting', $LANG25[33]);
$poll_templates->set_var('lang_hideresults', $LANG25[37]);
$poll_templates->set_var('poll_hideresults_explain', $LANG25[38]);
$poll_templates->set_var('poll_topic_info', $LANG25[39]);
if ($T['display'] == 1) {
$poll_templates->set_var('poll_display', 'checked="checked"');
}
if ($T['is_open'] == 1) {
$poll_templates->set_var('poll_open', 'checked="checked"');
}
if ($T['hideresults'] == 1) {
$poll_templates->set_var('poll_hideresults', 'checked="checked"');
}
// user access info
$poll_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$poll_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($T['owner_id']);
$poll_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$T['owner_id']}"));
$poll_templates->set_var('owner_name', $ownername);
$poll_templates->set_var('owner', $ownername);
$poll_templates->set_var('owner_id', $T['owner_id']);
$poll_templates->set_var('lang_group', $LANG_ACCESS['group']);
$poll_templates->set_var('group_dropdown', SEC_getGroupDropdown($T['group_id'], $access));
$poll_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$poll_templates->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
$poll_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$poll_templates->set_var('permissions_editor', SEC_getPermissionsHTML($T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']));
$poll_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$poll_templates->set_var('lang_answersvotes', $LANG25[10]);
$poll_templates->set_var('lang_save', $LANG_ADMIN['save']);
$poll_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
// repeat for several questions
$question_sql = "SELECT question,qid " . "FROM {$_TABLES['pollquestions']} WHERE pid='{$pid}' ORDER BY qid;";
$questions = DB_query($question_sql);
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
for ($j = 0; $j < $_PO_CONF['maxquestions']; $j++) {
$display_id = $j + 1;
if ($j > 0) {
$poll_templates->set_var('style', 'style="display:none;"');
} else {
$poll_templates->set_var('style', '');
}
$navbar->add_menuitem($LANG25[31] . " {$display_id}", "showhidePollsEditorDiv(\"{$j}\",{$j},{$_PO_CONF['maxquestions']});return false;", true);
$Q = DB_fetchArray($questions);
$poll_templates->set_var('question_text', $Q['question']);
$poll_templates->set_var('question_id', $j);
$poll_templates->set_var('lang_question', $LANG25[31] . " {$display_id}");
$poll_templates->set_var('lang_saveaddnew', $LANG25[32]);
// answers
$answer_sql = "SELECT answer,aid,votes,remark " . "FROM {$_TABLES['pollanswers']} WHERE qid='{$j}' AND pid='{$pid}' ORDER BY aid";
$answers = DB_query($answer_sql);
for ($i = 0; $i < $_PO_CONF['maxanswers']; $i++) {
if (isset($answers)) {
$A = DB_fetchArray($answers);
$poll_templates->set_var('answer_text', htmlspecialchars($A['answer']));
$poll_templates->set_var('answer_votes', $A['votes']);
$poll_templates->set_var('remark_text', $A['remark']);
} else {
$poll_templates->set_var('answer_text', '');
$poll_templates->set_var('answer_votes', '');
$poll_templates->set_var('remark_text', '');
}
$poll_templates->parse('answer_option', 'answer', true);
}
$poll_templates->parse('question_list', 'question', true);
$poll_templates->clear_var('answer_option');
}
$navbar->set_selected($LANG25[31] . " 1");
$poll_templates->set_var('navbar', $navbar->generate());
$poll_templates->set_var('gltoken_name', CSRF_TOKEN);
$poll_templates->set_var('gltoken', $token);
$poll_templates->parse('output', 'editor');
$retval .= $poll_templates->finish($poll_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function POLLS_list()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG25, $LANG_ACCESS;
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php?edit=x', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG25[18], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG25[19], plugin_geticon_polls());
// writing the actual list
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false, 'align' => 'center', 'width' => '25px'), array('text' => $LANG25[9], 'field' => 'topic', 'sort' => true), array('text' => $LANG25[20], 'field' => 'voters', 'sort' => true, 'align' => 'center'), array('text' => $LANG_ACCESS['access'], 'field' => 'access', 'sort' => false, 'align' => 'center'), array('text' => $LANG25[3], 'field' => 'unixdate', 'sort' => true, 'align' => 'center'), array('text' => $LANG25[33], 'field' => 'is_open', 'sort' => true, 'align' => 'center', 'width' => '35px'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'sort' => false, 'align' => 'center', 'width' => '35px'));
$defsort_arr = array('field' => 'unixdate', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'instructions' => $LANG25[19], 'form_url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php');
$query_arr = array('table' => 'polltopics', 'sql' => "SELECT *,UNIX_TIMESTAMP(date) AS unixdate " . "FROM {$_TABLES['polltopics']} WHERE 1=1", 'query_fields' => array('topic'), 'default_filter' => COM_getPermSql('AND'));
$token = SEC_createToken();
$retval .= ADMIN_list('polls', 'POLLS_getListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
