/**
 * Function responsible for actually displaying an uncompleted poll.
 *
 * @param int $poll_id
 * @return string
 */
function poll_display($poll_id = 0)
{
    global $db;
    $output = "";
    if ($poll_id = (int) $poll_id) {
        $query = "SELECT `poll_question` FROM `poll_questions` WHERE `poll_id`=" . $db->qstr($poll_id);
        $poll_question = $db->GetRow($query);
        if ($poll_question) {
            if (!poll_prevote_check($poll_id)) {
                $output = poll_results($poll_id);
            } else {
                $query = "SELECT `answer_id`, `answer_text` FROM `poll_answers` WHERE `poll_id`=" . $db->qstr($poll_id) . " ORDER BY `answer_order` ASC";
                $poll_answers = $db->GetAll($query);
                $total_votes = poll_responses($poll_id);
                $output .= "<div id=\"poll\">\n";
                $output .= "<form action=\"" . ENTRADA_URL . "/serve-polls.php?pollSend&nojs\" method=\"post\" id=\"pollForm\" onsubmit=\"return ReadVote();\">\n";
                $output .= html_encode($poll_question["poll_question"]);
                $output .= "\t<div style=\"padding-top: 5px; padding-left: 3px; padding-bottom: 5px\">\n";
                foreach ($poll_answers as $poll_answer) {
                    if (trim($poll_answer["answer_text"]) != "") {
                        $output .= "<label for=\"choice_" . $poll_answer["answer_id"] . "\" style=\"font-size: 11px\">\n";
                        $output .= "\t<input type=\"radio\" id=\"choice_" . $poll_answer["answer_id"] . "\" value=\"" . $poll_answer["answer_id"] . "\" name=\"poll_answer_id\" />\n";
                        $output .= html_encode($poll_answer["answer_text"]);
                        $output .= "</label><br />\n";
                    }
                }
                $output .= "\t</div>\n";
                $output .= "\t<input type=\"hidden\" id=\"poll_id\" name=\"poll_id\" value=\"" . $poll_id . "\" />\n";
                $output .= "\t<div style=\"text-align: right\"><input type=\"submit\" class=\"btn btn-primary\" name=\"vote\" value=\"Vote\" /></div>\n";
                $output .= "</form>\n";
                $output .= "</div>\n";
            }
        }
    }
    return $output;
}
    $POLL_ID = 0;
    if (isset($_GET["poll_id"]) && (int) trim($_GET["poll_id"])) {
        $POLL_ID = (int) trim($_GET["poll_id"]);
    } elseif (isset($_POST["poll_id"]) && (int) trim($_POST["poll_id"])) {
        $POLL_ID = (int) trim($_POST["poll_id"]);
    }
    if ($POLL_ID) {
        if (isset($_GET["pollSend"])) {
            if (poll_prevote_check($POLL_ID)) {
                $PROCESSED = array();
                $PROCESSED["poll_id"] = $POLL_ID;
                $PROCESSED["answer_id"] = (int) trim($_POST["poll_answer_id"]);
                $PROCESSED["proxy_id"] = (int) $ENTRADA_USER->getID();
                $PROCESSED["ip"] = $_SERVER["REMOTE_ADDR"];
                $PROCESSED["timestamp"] = time();
                if ($db->AutoExecute("poll_results", $PROCESSED, "INSERT")) {
                    application_log("success", "Successfully recorded result for poll [" . $POLL_ID . "]");
                } else {
                    application_log("error", "Unable to store poll results.");
                }
            }
            echo poll_results($POLL_ID);
        } elseif (isset($_GET["pollGet"])) {
            echo poll_results($POLL_ID);
        }
    } else {
        echo poll_display(0);
    }
} else {
    application_log("notice", "Unauthorised access to the serve-polls.php file.");
}