/**
* @param template $template
* @param string $query_where
* @param int $query_limit
*/
function nws_render(&$template, $query_where = '', $query_limit = 20)
{
global $config, $user;
$announce_list = doquery("SELECT a.*, UNIX_TIMESTAMP(`tsTimeStamp`) AS unix_time, u.authlevel, s.*\n FROM\n {{announce}} AS a\n LEFT JOIN {{survey}} AS s ON s.survey_announce_id = a.idAnnounce\n LEFT JOIN {{users}} AS u ON u.id = a.user_id\n {$query_where}\n ORDER BY `tsTimeStamp` DESC, idAnnounce" . ($query_limit ? " LIMIT {$query_limit}" : ''));
$template->assign_var('NEWS_COUNT', db_num_rows($announce_list));
$users = array();
while ($announce = db_fetch($announce_list)) {
if ($announce['user_id'] && !isset($users[$announce['user_id']])) {
$users[$announce['user_id']] = db_user_by_id($announce['user_id']);
}
$survey_vote = array('survey_vote_id' => 1);
$survey_complete = strtotime($announce['survey_until']) < SN_TIME_NOW;
if ($announce['survey_id'] && !empty($user['id'])) {
$survey_vote = !$survey_complete ? $survey_vote = doquery("SELECT `survey_vote_id` FROM `{{survey_votes}}` WHERE survey_parent_id = {$announce['survey_id']} AND survey_vote_user_id = {$user['id']} LIMIT 1;", true) : array();
}
$announce_exploded = explode("<br /><br />", cht_message_parse($announce['strAnnounce'], false, intval($announce['authlevel'])));
$template->assign_block_vars('announces', array('ID' => $announce['idAnnounce'], 'TIME' => date(FMT_DATE_TIME, $announce['unix_time'] + SN_CLIENT_TIME_DIFF), 'ANNOUNCE' => cht_message_parse($announce['strAnnounce'], false, intval($announce['authlevel'])), 'DETAIL_URL' => $announce['detail_url'], 'USER_NAME' => isset($users[$announce['user_id']]) && $users[$announce['user_id']] ? player_nick_render_to_html($users[$announce['user_id']], array('color' => true)) : js_safe_string($announce['user_name']), 'NEW' => $announce['unix_time'] + $config->game_news_actual >= SN_TIME_NOW, 'FUTURE' => $announce['unix_time'] > SN_TIME_NOW, 'SURVEY_ID' => $announce['survey_id'], 'SURVEY_TEXT' => $announce['survey_question'], 'SURVEY_CAN_VOTE' => empty($survey_vote) && !$survey_complete, 'SURVEY_COMPLETE' => $survey_complete, 'SURVEY_UNTIL' => $announce['survey_until']));
foreach ($announce_exploded as $announce_paragraph) {
$template->assign_block_vars('announces.paragraph', array('TEXT' => $announce_paragraph));
}
if ($announce['survey_id']) {
$survey_query = doquery("SELECT survey_answer_text AS `TEXT`, count(DISTINCT survey_vote_id) AS `VOTES`\n FROM `{{survey_answers}}` AS sa\n LEFT JOIN `{{survey_votes}}` AS sv ON sv.survey_parent_answer_id = sa.survey_answer_id\n WHERE sa.survey_parent_id = {$announce['survey_id']}\n GROUP BY survey_answer_id\n ORDER BY survey_answer_id;");
$survey_vote_result = array();
$total_votes = 0;
while ($row = db_fetch($survey_query)) {
$survey_vote_result[] = $row;
$total_votes += $row['VOTES'];
}
if (empty($survey_vote) && !$survey_complete) {
// Can vote
$survey_query = doquery("SELECT * FROM {{survey_answers}} WHERE survey_parent_id = {$announce['survey_id']} ORDER BY survey_answer_id;");
while ($row = db_fetch($survey_query)) {
$template->assign_block_vars('announces.survey_answers', array('ID' => $row['survey_answer_id'], 'TEXT' => $row['survey_answer_text']));
}
} else {
// Show result
foreach ($survey_vote_result as &$vote_result) {
$vote_percent = $total_votes ? $vote_result['VOTES'] / $total_votes * 100 : 0;
$vote_result['PERCENT'] = $vote_percent;
$vote_result['PERCENT_TEXT'] = round($vote_percent, 1);
$vote_result['VOTES'] = pretty_number($vote_result['VOTES']);
$template->assign_block_vars('announces.survey_votes', $vote_result);
}
}
// Dirty hack
$template->assign_block_vars('announces.total_votes', array('TOTAL_VOTES' => $total_votes));
}
}
}
static function mp_list_arrived($page = 1)
{
global $t;
$p = plugins::getinst();
$msg_for_page = 10;
$limit = ($page - 1) * $msg_for_page;
$t = new template('template/mp_list.tpl');
$msgs = $p->d->getresults('SELECT * FROM messaggi WHERE dest="' . $_SESSION['datiuser']['id'] . '" ORDER BY id DESC LIMIT ' . $limit . ',' . $msg_for_page . ';');
if ($msgs) {
$t->start_block('if_messages');
foreach ($msgs as $msg) {
$t->start_block('messaggio');
$t->assign_block_vars(array('TIME' => $msg->time, 'TO' => $_SESSION['datiuser']['name'], 'FROM' => $p->d->getvar('SELECT name FROM users WHERE id="' . $msg->mittente . '";'), 'ID' => $msg->id));
$t->end_block('messaggio');
}
$t->end_block('if_messages');
$num_mess = $p->d->getvar('SELECT COUNT(`id`) FROM messaggi WHERE dest="' . $_SESSION['datiuser']['id'] . '";');
for ($i = 1; $i <= $num_mess / $msg_for_page + 1; $i++) {
$t->to_comp['if_pages'][0]['link_page'][] = array('TYPE' => 'arrived', 'PAGE' => $i);
}
} else {
$t->to_comp['if_not_messages'][] = array();
}
$p->action('mp_list_arrived');
@$t->out();
}
static function get_chat($last_time = NULL)
{
$p = plugins::getinst();
$t = new template('template/chat_messages.tpl');
$chat_id = $_SESSION['stanza'];
$query = 'SELECT * FROM messaggi_chat WHERE time > "' . $last_time . '" AND chat_id="' . $chat_id . '" ORDER BY time DESC;';
if (empty($last_time)) {
$query = 'SELECT * FROM messaggi_chat WHERE time > ' . (time() * 1000 - 30 * 60 * 1000) . ' AND chat_id="' . $chat_id . '" ORDER BY time DESC;';
}
$messages = $p->d->getresults($query);
if ($messages) {
foreach ($messages as $mess) {
$time = date('H:i', $mess->time / 1000);
$t->start_block('message');
$message = array('HOUR' => $time, 'USERNAME' => $mess->user, 'TEXT' => stripslashes($mess->text));
switch ($mess->text[0]) {
//in base al primo carattere del messaggio
//se è un + il messaggio è in terza persona
case '+':
$t->start_block('third_person');
$message['TEXT'] = substr($message['TEXT'], 1);
$t->assign_block_vars($message);
//assegno l'array message preparato prima
$t->end_block('third_person');
break;
//se è * è del master, ma controllo che chi l'ha scritto sia realmente un master prima
//se è * è del master, ma controllo che chi l'ha scritto sia realmente un master prima
case '*':
$master = $p->d->getvar('SELECT master FROM accounts WHERE id=(SELECT account_id FROM users WHERE name="' . $mess->user . '");');
if ($master == 1) {
$t->start_block('master');
$message['TEXT'] = substr($message['TEXT'], 1);
$t->assign_block_vars($message);
//assegno l'array message preparato prima
$t->end_block('master');
} else {
$t->to_comp['message'][]['normal'][] = $message;
}
break;
//altrimenti è un messaggio normale
//altrimenti è un messaggio normale
default:
$t->start_block('normal');
$t->assign_block_vars($message);
//assegno l'array message preparato prima
$t->end_block('normal');
break;
}
$t->end_block('message');
}
}
//$p->action('chat_body');
@$t->out();
}
static function news_list()
{
$p = plugins::getinst();
$t = new template('template/news_list.tpl');
$messages = $p->d->getresults('SELECT * FROM news ORDER BY id DESC;');
foreach ($messages as $news) {
$t->start_block('news_row');
$t->assign_block_vars(array('AUTHOR' => $news->author, 'DATE' => $news->date, 'TEXT' => stripslashes($news->text)));
$t->end_block('news_row');
}
$t->out();
}
function online()
{
$p = plugins::getinst();
$t = new template('template/online.tpl');
//seleziono distintamente le stanze dove si trovano i pg
$stanze = $p->d->getresults('SELECT DISTINCT chat_name,chat_id FROM sessioni GROUP BY chat_id ASC;');
//per ogni stanza aggiungo al template i pg presenti
for ($i = 0; $i < count($stanze); $i++) {
$chat = $stanze[$i];
$t->start_block('online_chat');
$t->assign_block_vars(array('CHAT_ID' => $chat->chat_id, 'CHAT_NAME' => $chat->chat_name));
$users = $p->d->getcol('SELECT pg_id FROM sessioni WHERE chat_id="' . $chat->chat_id . '";');
foreach ($users as $user) {
$username = $p->d->getvar('SELECT name FROM users WHERE id="' . $user . '";');
$t->start_block('online_row');
$t->assign_block_var('USERNAME', $username);
$t->end_block('online_row');
}
$t->end_block('online_chat');
}
@$t->out();
}
session_start();
include "class_lib.php";
include "template.php";
$template = new template('html');
//=========
if (!$_POST['login'] && !$_SESSION['islogin']) {
$template->set_filenames(array('login' => 'login.html'));
$template->pparse('login');
} else {
if ($_POST['login']) {
include "classes/login.php";
$login = new login();
$test = $login->logger($_POST['log'], $_POST['pass']);
if (!$test) {
$template->set_filenames(array('login' => 'login.html'));
$template->assign_block_vars('switch_login_fails', array());
$template->pparse('login');
$template->set_filenames(array('footer' => 'footer.html'));
$template->pparse('footer');
exit;
}
if ($test) {
$_SESSION['islogin'] = $login->islogin;
$_SESSION['access'] = $login->access;
$_SESSION['emp'] = $login->EMP;
$_SESSION['zone'] = $login->zone;
$session = new session_info();
$page = new layout();
$page->call_info($_GET['pageload'], $session->access);
}
} else {
if ($width_source > $height_source) {
$ratio = $width_source / $height_source;
$width = $width_max;
$height = $width / $ratio;
} else {
$ratio = $height_source / $width_source;
$height = $height_max;
$width = $height / $ratio;
}
} else {
$width = $width_source;
$height = $height_source;
}
$img = '<img src="' . PATH_TO_ROOT . '/images/smileys/' . $url_smile . '" height="' . $height . '" width="' . $width . '" alt="' . $code_smile . '" title="' . $code_smile . '" />';
$multiple_x = $j / $smile_by_line;
$tr_start = is_int($multiple_x) ? '<tr>' : '';
$j++;
$multiple_x = $j / $smile_by_line;
$tr_end = is_int($multiple_x) ? '</tr>' : '';
if ($nbr_smile == $j) {
$tr_end = '</tr>';
}
$tpl_smileys->assign_block_vars('smiley', array('IMG' => $img, 'CODE' => addslashes($code_smile), 'TR_START' => $tr_start, 'TR_END' => $tr_end));
if ($nbr_smile == $j && $nbr_smile > $smile_by_line) {
while (!is_int($j / $smile_by_line)) {
$tpl_smileys->assign_block_vars('smiley.td', array('TD' => '<td> </td>'));
$j++;
}
}
}
$tpl_smileys->parse();
static function account_switch($action = '')
{
/* prendo l'istanza della classe plugin dal singleton | Call Singleton Plugin */
$p = plugins::getinst();
/* prendo l'id dell'account | gain account id
* TODO Fix filtraggio input
*/
$account_id = $_SESSION['datiaccount']['id'];
$t = new template('template/account_switch.tpl');
/* se si vuole usare un utente | "Use a User Profile" Action */
if ($action == 'use_user') {
/* vedo se esiste l'utente selezionato e se è dell'account che lo ha selezionato | Check existance and proprietary account on selected one
* TODO Fix filtraggio input
*/
$cond = $p->d->getrow('SELECT COUNT(id) AS count, account_id FROM users WHERE id="' . mysql_real_escape_string($_POST['pg_id']) . '" GROUP BY id;');
/* se supera l'if metto nella sessione i dati del pg separati da quelli dell'account, cambio pg_id nella tabella sessioni e mando l'utente alla pagina main |
* save usre data out of account data, update pg_id in session table, redirect to main page */
if ($cond->count > 0 && $cond->account_id == $_SESSION['datiaccount']['id']) {
$_SESSION['datiuser'] = get_object_vars($p->d->getrow('SELECT * FROM users WHERE id="' . $_POST['pg_id'] . '";'));
$updsess = $p->d->query('UPDATE sessioni SET pg_id="' . $_POST['pg_id'] . '" WHERE session_id="' . session_id() . '";');
header('Location:' . config::game_dir . '/plugins.php/main');
/* command to redirect */
}
}
/* se si vuole cambiare la password | Change Password OF FULL ACCOUNT */
if ($action == 'change_pwd') {
/* cripto in md5 quella nuova | md5 encript
* TODO Fix filtraggio input
*/
$password = md5(mysql_real_escape_string($_POST['password']));
/* faccio l'update della password sul db | update query */
$query = 'UPDATE accounts SET password="******",last_change_pwd=NOW() WHERE id="' . $account_id . '";';
if ($p->d->query($query) > 0) {
$t->block_null('new_password_success');
} else {
$t->block_null('new_password_failed');
}
}
/* se si vuole creare un nuovo utente | New User */
if ($action == 'new_user') {
/* prendo tutti i dati passati in POST e li passo a mysql_real_escape_string e htmlentities per evitare XSS e SQL injections | Input filtering
* TODO Fix filtraggio input
*/
$name = mysql_real_escape_string(htmlentities($_POST['name']));
$surname = mysql_real_escape_string(htmlentities($_POST['surname']));
$sex = mysql_real_escape_string(htmlentities($_POST['sex']));
$race = mysql_real_escape_string(htmlentities($_POST['race']));
/* vedo se sono stati riempiti tutti i campi | no empty fields */
if ($name == NULL || ($surname = NULL || $sex == NULL || $race == NULL)) {
die('Non hai riempito tutti i campi <br/> <a href="javascript:history.back();">torna indietro</a>');
}
/* java function to reload form */
/* controllo che il personaggio non esista già | Check in DB for duplicate entries */
if ($p->d->getvar('SELECT COUNT(id) as count FROM users WHERE name="' . $name . '";') > 0) {
die('Il personaggio che vuoi creare esiste già! <br/> <a href="javascript:history.back();">torna indietro</a>');
}
/* vedo se l'utente ha già raggiunto il massimo di pg consentiti (settati nel config) | check for max number of users in account */
if ($p->d->getvar('SELECT COUNT(*) FROM users WHERE account_id="' . $account_id . '";') < config::max_pg) {
/* creo il pg e lo collego all'account che lo ha creato | add user in db and link it to account */
$query = 'INSERT INTO users SET account_id="' . $account_id . '",name="' . $name . '",surname="' . $surname . '",sex="' . $sex . '",race="' . $race . '";';
$p->d->query($query);
/* faccio un refresh della pagina, per evitare che lo faccia manualmente l'utente creando un'altro utente vuoto | force a refresh so no duplicate entries for hand-made refreshes */
header('Location:' . config::game_dir . '/plugins.php/account_switch');
} else {
echo 'Hai raggiunto il numero massimo di personaggi consentiti... <br/> <a href="javascript:history.back();">torna indietro</a>';
}
/* | if already has all slot full display a warning and rollback */
}
/* assegno l'account id e il path di questa pagina al template | view init: assign account id and path to template */
$t->assign_var('ID', $account_id);
$t->assign_var('ACTION', config::game_dir . '/plugins.php/account_switch');
/* | Check for last changed password
* TODO Fix filtraggio input
*/
$time_password = $p->d->getvar('SELECT COUNT(id) FROM accounts WHERE id="' . $_SESSION['datiaccount']['id'] . '" AND last_change_pwd < (NOW() - INTERVAL 6 MONTH);');
if ($time_password > 0) {
$t->block_null('change_password');
}
/* seleziono i pg dell'utente | extract from db account's pc */
$users = $p->d->getresults('SELECT * FROM users WHERE account_id="' . $account_id . '" LIMIT 0,' . config::max_pg . ';');
/* se ce ne sono li aggiungo al template | if any add it to template */
if (count($users) > 0) {
foreach ($users as $user) {
$t->start_block('user');
$t->assign_block_vars(array('PG_ID' => $user->id, 'PG_NAME' => $user->name, 'PG_SURNAME' => $user->surname, 'PG_IMAGE' => $user->image, 'PG_DESC' => isset($user->description) ? $user->description : 'nessuna descrizione'));
$t->end_block('user');
/* assegnazioni per gli editor in-place per le modifiche dei PG | set editor-in-place for PC mod */
$t->block_assign('javascript_inplace_row_surname', 'ID', $user->id);
$t->block_assign('javascript_inplace_row_desc', 'ID', $user->id);
}
}
/* se il numero di utenti è minore del numero massimo consentito visualizzo il form di creazione pg | If
* number of current pc is less than max allowed per account, show new PC form */
if (count($users) < config::max_pg) {
/* | Use config constant to perform check */
$query = 'SELECT * FROM razze WHERE evolution!=1;';
/* TODO implementare uso delle sottorazze e razze avanzate */
$races = $p->d->getresults($query);
/* ogni razza a cui sia possibile aggiungere il pg è aggiunta nel template | add any pc's allowed race to template */
$t->start_block('new_user_form');
foreach ($races as $race) {
$t->block_assign('race_row', array('RACE_ID' => $race->id, 'RACE_NAME' => $race->name));
}
$t->end_block('new_user_form');
}
// endif
$t->out();
}
<?php
session_start();
if (!$_SESSION['islogin']) {
include "template.php";
$template = new template('html');
$template->set_filenames(array('login' => 'login.html'));
$template->assign_block_vars('switch_login_fails', array());
$template->pparse('login');
$template->set_filenames(array('footer' => 'footer.html'));
$template->pparse('footer');
exit;
}
if ($_GET['zid']) {
unset($_SESSION['zone']);
$_SESSION['zone'] = $_GET['zid'];
}
if (!$_SESSION['zone']) {
if ($_SESSION['access'] > 1) {
include_once "view_all_clients.php";
} else {
$template->set_filenames(array('body' => 'zone_error.html'));
$template->pparse('body');
}
} else {
include 'classes/my_customers.php';
$List = new client();
if ($_GET['pageload'] == 7) {
$template->set_filenames(array('body' => 'view_client.html'));
if ($_GET['cid'] || $_POST['cid'] || $_POST['scid']) {
include "classes/deposit.php";
<?php
session_start();
if (!$_SESSION['islogin']) {
include "template.php";
$template = new template('html');
$template->set_filenames(array('login' => 'login.html'));
$template->assign_block_vars('switch_login_fails', array());
$template->pparse('login');
$template->set_filenames(array('footer' => 'footer.html'));
$template->pparse('footer');
exit;
}
include 'classes/my_customers.php';
$data = array();
$List = new client();
?>
<div class="verify">
<form action = "confirm.php" method="POST">
<fieldset>
<legend>
Donnee a Verifier
</legend>
<table class="tabl" width="100%" cellspacing="0" summary="Data set of deposits to be approved from a given day.">
<caption>
<a href="#" onClick="return displayMenu('30 -- 9 -- 2009');">30 -- 9 -- 2009</a>
</caption>
<thead class="hat" id="30 -- 9 -- 20091">
if ($width_source > $width_max || $height_source > $height_max) {
if ($width_source > $height_source) {
$ratio = $width_source / $height_source;
$width = $width_max;
$height = $width / $ratio;
} else {
$ratio = $height_source / $width_source;
$height = $height_max;
$width = $height / $ratio;
}
} else {
$width = $width_source;
$height = $height_source;
}
$multiple_x = $j / $smile_by_line;
$tr_start = is_int($multiple_x) ? '<tr>' : '';
$j++;
$multiple_x = $j / $smile_by_line;
$tr_end = is_int($multiple_x) ? '</tr>' : '';
if ($nbr_smile == $j) {
$tr_end = '</tr>';
}
$tpl_smileys->assign_block_vars('smiley', array('URL' => $url_smile, 'IMG' => '<img src="' . PATH_TO_ROOT . '/images/smileys/' . $url_smile . '" height="' . $height . '" width="' . $width . '" alt="' . $code_smile . '" title="' . $code_smile . '" />', 'CODE' => addslashes($code_smile), 'TR_START' => $tr_start, 'TR_END' => $tr_end));
if ($nbr_smile == $j && $nbr_smile > $smile_by_line) {
while (!is_int($j / $smile_by_line)) {
$tpl_smileys->assign_block_vars('smiley.td', array('TD' => '<td> </td>'));
$j++;
}
}
}
$tpl_smileys->parse();
<?php
require_once 'includes/init.php';
$template = new template('body');
for ($i = 0; $i < 3; $i++) {
$template->assign_block_vars('row', array('Y' => $i));
for ($j = 0; $j < 3; $j++) {
$template->assign_block_vars('row.column', array('X' => $j));
}
}
$template->displayPageFull();
static function new_post($forum_id = 0, $topic_id = 0)
{
$p = plugins::getinst();
$t = new template('template/forum_message.tpl');
//assegno l'id del forum
$t->assign_var('FORUM_ID', $forum_id);
$t->assign_var('TOPIC_ID', $topic_id);
//controllo se la bacheca è riservata al master e in caso controllo che l'utente lo sia
if ($p->d->getvar('SELECT master FROM forums WHERE id="' . $forum_id . '";') == 1 && control_access(MASTER_ACCESS) != 1) {
$t->start_block('access_denied');
$t->end_block('access_denied');
} else {
if (!$_POST) {
$t->start_block('message_form');
$t->assign_block_vars(array('ACTION' => '{ROOT}/plugins.php/new_post/' . $forum_id . '/' . $topic_id, 'TEXT' => '', 'SUBMIT_TEXT' => 'Inserisci risposta'));
$t->end_block('message_form');
} else {
//se i dati della risposta sono stati inviati li controllo e li inserisco nel database
$text = $p->filter('topic_message_send', mysql_real_escape_string(htmlentities($_POST['text'])));
$author = htmlentities($_SESSION['datiuser']['name']);
$query = 'INSERT INTO posts SET forum_id="' . $forum_id . '",topic_id="' . $topic_id . '",title="",author="' . $author . '",text="' . $text . '" ;';
$query1 = 'UPDATE posts SET last_post=NOW() WHERE id="' . $topic_id . '" AND topic_id=0;';
if ($p->d->query($query) > 0 && $p->d->query($query1) > 0) {
$t->block_assign('success', 'TEXT_SUCCESS', 'Risposta inserita');
} else {
$t->block_assign('failed', 'TEXT_FAILED', 'Risposta NON inserita: ' . mysql_error());
}
}
}
$t->out();
}
/**
*
* Displays a poll
*
*/
public function get_poll($topicID = 0, $showLink = false, $template = 'prosilver')
{
global $db, $user, $auth, $config, $phpEx, $wpUnited, $phpbbForum;
static $pollHasGenerated = false;
$fStateChanged = $phpbbForum->foreground();
if (!$pollHasGenerated) {
$user->add_lang('viewtopic');
$pollHasGenerated = true;
}
$display = false;
$ajax = false;
$inboundVote = array();
// Is this an AJAX request?
if ($topicID == 0) {
$topicID = (int) request_var('pollid', 0);
$template = (string) request_var('polltemplate', 'prosilver');
$inboundVote = request_var('vote_id', array('' => 0));
$display = (int) request_var('display', 0) == 1;
$ajax = (int) request_var('ajax', 0) == 1;
$showLink = (int) request_var('showlink', 0) == 1;
}
if (!$topicID) {
return '';
}
// Or was this form submitted without JS? If so, which poll was it for? (Unlike in phpBB, there could be more than one)
if (!$ajax) {
// submitted:
if (isset($_POST['update']) && isset($_POST['vote_id'])) {
$pollID = (int) request_var('pollid', 0);
if ($pollID == $topicID) {
$inboundVote = request_var('vote_id', array('' => 0));
// the same poll block could be on the page multiple times. We only want to register the vote once.
unset($_POST['update']);
unset($_POST['vote_id']);
}
}
// view results link:
if (isset($_GET['wpupolldisp'])) {
$pollID = (int) request_var('pollid', 0);
if ($pollID == $topicID) {
$display = 1;
}
}
}
if (trim($template) == '') {
$template = 'prosilver';
}
$currURL = wpu_get_curr_page_link();
$pollMarkup = '';
$actionMsg = '';
$sql = '
SELECT t.topic_id, t.topic_title, t.topic_status, t.poll_title, t.poll_start, t.poll_length,
t.poll_max_options, t.poll_last_vote, t.poll_vote_change,
p.bbcode_bitfield, p.bbcode_uid,
t.forum_id, u.user_id, f.forum_name, f.forum_status, u.username, u.user_colour, u.user_type
FROM ' . TOPICS_TABLE . ' AS t, ' . USERS_TABLE . ' AS u, ' . FORUMS_TABLE . ' AS f, ' . POSTS_TABLE . ' AS p
WHERE t.topic_poster = u.user_id
AND t.forum_id = f.forum_id
AND t.topic_id = ' . (int) $topicID . '
AND p.post_id = t.topic_first_post_id';
if (!($result = $db->sql_query($sql))) {
$phpbbForum->restore_state($fStateChanged);
wp_die(__('Could not access the database.', 'wp-united'));
}
$topicData = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$topicData['poll_start'] || !$auth->acl_get('f_read', $topicData['forum_id'])) {
$phpbbForum->restore_state($fStateChanged);
return $pollMarkup;
}
$pollOptions = array();
$sql = '
SELECT *
FROM ' . POLL_OPTIONS_TABLE . '
WHERE topic_id = ' . (int) $topicID;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$pollOptions[] = $row;
}
$db->sql_freeresult($result);
$currVotedID = array();
if ($user->data['is_registered']) {
$sql = '
SELECT poll_option_id
FROM ' . POLL_VOTES_TABLE . '
WHERE topic_id = ' . (int) $topicID . '
AND vote_user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$currVotedID[] = $row['poll_option_id'];
}
$db->sql_freeresult($result);
} else {
// Cookie based guest tracking ...
if (isset($_COOKIE[$config['cookie_name'] . '_poll_' . $topicID])) {
$currVotedID = explode(',', $_COOKIE[$config['cookie_name'] . '_poll_' . $topicID]);
$currVotedID = array_map('intval', $currVotedID);
}
}
// Can not vote at all if no vote permission
$userCanVote = $auth->acl_get('f_vote', $topicData['forum_id']) && ($topicData['poll_length'] != 0 && $topicData['poll_start'] + $topicData['poll_length'] > time() || $topicData['poll_length'] == 0) && $topicData['topic_status'] != ITEM_LOCKED && $topicData['forum_status'] != ITEM_LOCKED && (!sizeof($currVotedID) || $auth->acl_get('f_votechg', $topicData['forum_id']) && $topicData['poll_vote_change']) ? true : false;
$displayResults = !$userCanVote || $userCanVote && sizeof($currVotedID) || $display ? true : false;
if (sizeof($inboundVote) && $userCanVote) {
// ******** register vote here ********
if (sizeof($inboundVote) > $topicData['poll_max_options'] || in_array(VOTE_CONVERTED, $currVotedID)) {
if (!sizeof($inboundVote)) {
$actionMsg = $user->lang['NO_VOTE_OPTION'];
} else {
if (sizeof($inboundVote) > $topicData['poll_max_options']) {
$actionMsg = $user->lang['TOO_MANY_VOTE_OPTIONS'];
} else {
if (in_array(VOTE_CONVERTED, $currVotedID)) {
$actionMsg = $user->lang['VOTE_CONVERTED'];
}
}
}
} else {
foreach ($inboundVote as $option) {
if (in_array($option, $currVotedID)) {
continue;
}
$sql = '
UPDATE ' . POLL_OPTIONS_TABLE . '
SET poll_option_total = poll_option_total + 1
WHERE poll_option_id = ' . (int) $option . '
AND topic_id = ' . (int) $topicID;
$db->sql_query($sql);
if ($user->data['is_registered']) {
$sql_ary = array('topic_id' => (int) $topicID, 'poll_option_id' => (int) $option, 'vote_user_id' => (int) $user->data['user_id'], 'vote_user_ip' => (string) $user->ip);
$sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
}
}
foreach ($currVotedID as $option) {
if (!in_array($option, $inboundVote)) {
$sql = '
UPDATE ' . POLL_OPTIONS_TABLE . '
SET poll_option_total = poll_option_total - 1
WHERE poll_option_id = ' . (int) $option . '
AND topic_id = ' . (int) $topicID;
$db->sql_query($sql);
if ($user->data['is_registered']) {
$sql = '
DELETE FROM ' . POLL_VOTES_TABLE . '
WHERE topic_id = ' . (int) $topicID . '
AND poll_option_id = ' . (int) $option . '
AND vote_user_id = ' . (int) $user->data['user_id'];
$db->sql_query($sql);
}
}
}
if ($user->data['user_id'] == ANONYMOUS && !$user->data['is_bot']) {
$user->set_cookie('poll_' . $topicID, implode(',', $inboundVote), time() + 31536000);
}
$sql = '
UPDATE ' . TOPICS_TABLE . '
SET poll_last_vote = ' . time() . "\n\t\t\t\t\tWHERE topic_id = {$topicID}";
$db->sql_query($sql);
$actionMsg = $user->lang['VOTE_SUBMITTED'] . '<br />';
// Reload vote state:
$pollOptions = array();
$sql = '
SELECT *
FROM ' . POLL_OPTIONS_TABLE . '
WHERE topic_id = ' . (int) $topicID;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$pollOptions[] = $row;
}
$db->sql_freeresult($result);
$currVotedID = $inboundVote;
$userCanVote = $auth->acl_get('f_votechg', $topicData['forum_id']) && $topicData['poll_vote_change'];
$displayResults = true;
}
// ***** end of vote registration ******
}
$pollTotal = 0;
foreach ($pollOptions as $pollOption) {
$pollTotal += $pollOption['poll_option_total'];
}
$pollBBCode = false;
if ($topicData['bbcode_bitfield']) {
require_once $wpUnited->get_setting('phpbb_path') . 'includes/functions_posting.' . $phpEx;
require_once $wpUnited->get_setting('phpbb_path') . 'includes/bbcode.' . $phpEx;
$pollBBCode = new bbcode();
}
for ($i = 0, $size = sizeof($pollOptions); $i < $size; $i++) {
$pollOptions[$i]['poll_option_text'] = censor_text($pollOptions[$i]['poll_option_text']);
if ($pollBBCode !== false) {
$pollBBCode->bbcode_second_pass($pollOptions[$i]['poll_option_text'], $topicData['bbcode_uid'], $topicData['bbcode_bitfield']);
}
$pollOptions[$i]['poll_option_text'] = bbcode_nl2br($pollOptions[$i]['poll_option_text']);
$pollOptions[$i]['poll_option_text'] = $phpbbForum->parse_phpbb_text_for_smilies($pollOptions[$i]['poll_option_text']);
}
$topicData['poll_title'] = $phpbbForum->censor($topicData['poll_title']);
if ($pollBBCode !== false) {
$pollBBCode->bbcode_second_pass($topicData['poll_title'], $topicData['bbcode_uid'], $topicData['bbcode_bitfield']);
}
$topicData['poll_title'] = bbcode_nl2br($topicData['poll_title']);
$topicData['poll_title'] = $phpbbForum->parse_phpbb_text_for_smilies($topicData['poll_title']);
unset($pollBBCode);
$pollEnd = $topicData['poll_length'] + $topicData['poll_start'];
$pollLength = $topicData['poll_length'] ? sprintf($user->lang[$pollEnd > time() ? 'POLL_RUN_TILL' : 'POLL_ENDED_AT'], $user->format_date($pollEnd)) : '';
$topicLink = $phpbbForum->seo ? "topic{$topicID}.html" : "viewtopic.{$phpEx}?t={$topicID}";
$pTemplate = new template();
$pTemplate->set_custom_template($wpUnited->get_plugin_path() . 'extras/quickpoll/templates/', 'wpupoll');
$pTemplate->set_filenames(array('poll' => "{$template}.html"));
$pTemplate->assign_vars(array('POLL_QUESTION' => $topicData['poll_title'], 'TOTAL_VOTES' => $pollTotal, 'POLL_LEFT_CAP_IMG' => str_replace($wpUnited->get_setting('phpbb_path'), $phpbbForum->get_board_url(), $user->img('poll_left')), 'POLL_RIGHT_CAP_IMG' => str_replace($wpUnited->get_setting('phpbb_path'), $phpbbForum->get_board_url(), $user->img('poll_right')), 'POLL_ID' => $topicID, 'L_MAX_VOTES' => $topicData['poll_max_options'] == 1 ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $topicData['poll_max_options']), 'L_POLL_LENGTH' => $actionMsg . $pollLength, 'POLL_TEMPLATE' => $template, 'S_CAN_VOTE' => $userCanVote, 'S_DISPLAY_RESULTS' => $displayResults, 'S_SHOW_LINK' => $showLink, 'U_TOPIC_LINK' => $phpbbForum->get_board_url() . $topicLink, 'L_TOPIC_LINK' => __('View poll in forum', 'wp-united'), 'S_IS_MULTI_CHOICE' => $topicData['poll_max_options'] > 1 ? true : false, 'S_POLL_ACTION' => $currURL, 'U_VIEW_RESULTS' => !strstr($currURL, '?') ? $currURL . '?wpupolldisp=1' : $currURL . '&wpupolldisp=1'));
foreach ($pollOptions as $pollOption) {
$optionPct = $pollTotal > 0 ? $pollOption['poll_option_total'] / $pollTotal : 0;
$optionPctTxt = sprintf("%.1d%%", round($optionPct * 100));
$pTemplate->assign_block_vars('poll_option', array('POLL_OPTION_ID' => $pollOption['poll_option_id'], 'POLL_OPTION_CAPTION' => $pollOption['poll_option_text'], 'POLL_OPTION_RESULT' => $pollOption['poll_option_total'], 'POLL_OPTION_PERCENT' => $optionPctTxt, 'POLL_OPTION_PCT' => round($optionPct * 100), 'POLL_OPTION_IMG' => str_replace($wpUnited->get_setting('phpbb_path'), $phpbbForum->get_board_url(), $user->img('poll_center', $optionPctTxt, round($optionPct * 250))), 'POLL_OPTION_VOTED' => in_array($pollOption['poll_option_id'], $currVotedID) ? true : false));
}
ob_start();
$pTemplate->display('poll');
$pollMarkup = ob_get_contents();
unset($pTemplate);
ob_end_clean();
$phpbbForum->restore_state($fStateChanged);
if ($ajax) {
wpu_ajax_header();
echo '<wpupoll>';
echo '<newnonce>' . wp_create_nonce('wpu-poll-submit') . '</newnonce>';
echo '<pollid>' . $topicID . '</pollid>';
echo '<markup><![CDATA[' . base64_encode($pollMarkup) . ']]></markup>';
echo '</wpupoll>';
exit;
}
return $pollMarkup;
}
/**
* @param template $template
* @param string $name
* @param mixed $values
*/
function tpl_assign_select(&$template, $name, $values)
{
!is_array($values) ? $values = array($values => $values) : false;
foreach ($values as $key => $value) {
$template->assign_block_vars($name, array('KEY' => htmlentities($key, ENT_COMPAT, 'UTF-8'), 'VALUE' => htmlentities($value, ENT_COMPAT, 'UTF-8')));
}
}
}
// maintenant qu'on est connecté é la base de donnée, on récupére les infos de configuration sur la base de données
$config->load_db();
$actual_day_number = floor(time() / 86400);
if ($config->day_number < $actual_day_number) {
require $config->path . 'includes/cron_day.' . $config->phpex;
}
// récupération des données de la langue courante
include $config->path . 'language/' . $config->language . '/main.' . $config->phpex;
$lang->load_keys('common');
// démarrage du systéme de template
$template = new template();
// démarrage de la session
$user = new user();
if ($user->logged_in) {
$template->assign_block_vars('logged_in', array());
} else {
$template->assign_block_vars('not_logged_in', array());
}
// les variables par défaut du template
$template->assign_vars(array('SITE_NAME' => $config->site_name, 'SITE_DESC' => $config->site_desc, 'TEMPLATE_PATH' => 'templates/' . $config->template . '/', 'SITE_DESC' => $config->site_desc, 'U_INDEX' => $config->index, 'PATH' => $config->path, 'USER_ID' => $user->id, 'USER_NAME' => $user->name, 'COPYRIGHT' => 'Program written by <a href="http://www.jeremyfaivre.com" onclick="window.open(this.href);return false">Jérémy Faivre</a> - 2005 © <a href="http://www.jeremyfaivre.com/tags/phpore" onclick="window.open(this.href);return false">phpore</a>', 'DIRECTION' => $lang->direction, 'ENCODING' => $lang->encoding));
if ($user->admin) {
$template->assign_block_vars('admin_panel', array());
}
if ($config->use_gzip == 1) {
ob_start('ob_gzhandler');
$config->use_gzip = true;
} else {
$config->use_gzip = false;
}
ob_start('execution_time');
