$display .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header')); $display .= $LANG25[17]; $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $display .= editpoll(); $display .= COM_siteFooter(); } } elseif ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) { $pid = ''; if (isset($_POST['pid'])) { $pid = COM_applyFilter($_POST['pid']); } if (empty($pid)) { COM_errorLog('Ignored possibly manipulated request to delete a poll.'); $display .= COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php'); } elseif (SEC_checkToken()) { $display .= deletePoll($pid); } else { COM_accessLog("User {$_USER['username']} tried to illegally delete poll {$pid} and failed CSRF checks."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); } } else { // 'cancel' or no mode at all $display .= COM_siteHeader('menu', $LANG25[18]); if (isset($_REQUEST['msg'])) { $msg = COM_applyFilter($_REQUEST['msg'], true); if ($msg > 0) { $display .= COM_showMessage($msg, 'polls'); } } $display .= listpolls(); $display .= COM_siteFooter();
> <INPUT TYPE=SUBMIT NAME=action VALUE=del_poll> </FORM> <FONT color=#FF0000><B>Please note that I am not going to prompt you again if you hit that button above.</B></FONT> <?php } ?> </CENTER> </TD></TR> <?php } ?> <?php if ($action == "del_poll") { $retval = deletePoll($poll_id); if ($retval == 0) { echo "<CENTER>Poll Sucessfully Deleted<BR></CENTER>"; } else { echo "<CENTER>There were some errors while deleting the poll<BR></CENTER>"; } } ?> <?php if ($action == "revote") { ?> <TR><TD><BR></TD></TR> <TR><TD class=head style="color:#00FF00"> <?php $ansSeq = chop($HTTP_POST_VARS["answers"]);
<h3 class="panel-title">Polls</h3> </header> <div class="panel-body"> <form method="get" class="form-horizontal" action="<?php echo $_SERVER['PHP_SELF']; ?> "> <?php // TODO: the following save & delete should be in the header if (isset($_POST['poll_title'])) { savePoll(); } //TODO: We should probably sort out $_GET and $_POST stuff so that it's handled more consistently/nicely // Would be nice to have the site send everything via POST, but still allow for navigation to an admin page via GET parameters if (isset($_GET['poll']) && isset($_GET['deletePoll'])) { deletePoll($_GET['poll']); } showPollSelector('poll', isset($_GET['poll']) ? $_GET['poll'] : -1, True, 20); echo <<<FORMGROUP \t\t\t\t\t\t\t<div class="form-group"> \t\t\t\t\t\t\t\t<label for="deletePoll" class="col-lg-2 control-label">Delete</label> \t\t\t\t\t\t\t\t<div class="col-lg-10"> \t\t\t\t\t\t\t\t\t<input type="checkbox" id="deletePoll" name="deletePoll"> \t\t\t\t\t\t\t\t</div> \t\t\t\t\t\t\t</div> \t\t\t\t\t\t\t<div class="form-group"> \t\t\t\t\t\t\t\t<div class="col-lg-12"> \t\t\t\t\t\t\t\t\t<button type="submit" class="btn btn-default col-xs-offset-2">Go</button> \t\t\t\t\t\t\t\t</div> \t\t\t\t\t\t\t</div> \t\t\t\t\t\t</form>
} if ($pollid > 0) { $poll = getPollById($pollid); if ($poll) { $smarty->assign('poll', $poll); $smarty->assign('questions', getQuestions($pollid)); } } $smarty->assign('singlequestion_path', $template_dir . '/questions_single.tpl'); $smarty->assign('path', $template_dir . '/create.tpl'); break; case 'delete': if (!$right['editor']) { break; } if (deletePoll($pollid)) { $notify->add($lang->get('detailedpoll'), $lang->get('notify_delete_successfull')); } else { $notify->add($lang->get('detailedpoll'), $lang->get('notify_delete_unsuccessfull')); } redirect(makeUrl('detailedpoll', array())); break; case 'state_change': if (!$right['editor']) { break; } $breadcrumbs->addElement($poll['title'], makeURL($mod, array('pollid' => $poll['detailedpollid']))); $breadcrumbs->addElement($lang->get('poll_state_change'), makeURL($mod, array('pollid' => $poll['detailedpollid'], 'mode' => 'state_change'))); if (isset($_POST['send'])) { $state = (int) $_POST['state']; if ($state >= 0 && $state <= 3) {