}
$open = '';
if (isset($_POST['open'])) {
$open = COM_applyFilter($_POST['open']);
}
$hideresults = '';
if (isset($_POST['hideresults'])) {
$hideresults = COM_applyFilter($_POST['hideresults']);
}
$display .= savepoll($pid, $old_pid, $_POST['question'], $mainpage, $_POST['topic'], $_POST['meta_description'], $_POST['meta_keywords'], $statuscode, $open, $hideresults, COM_applyFilter($_POST['commentcode'], true), $_POST['answer'], $_POST['votes'], $_POST['remark'], COM_applyFilter($_POST['owner_id'], true), COM_applyFilter($_POST['group_id'], true), $_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']);
} else {
$display .= COM_siteHeader('menu', $LANG25[5]);
$display .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $LANG25[17];
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= editpoll();
$display .= COM_siteFooter();
}
} elseif ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
$pid = '';
if (isset($_POST['pid'])) {
$pid = COM_applyFilter($_POST['pid']);
}
if (empty($pid)) {
COM_errorLog('Ignored possibly manipulated request to delete a poll.');
$display .= COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
} elseif (SEC_checkToken()) {
$display .= deletePoll($pid);
} else {
COM_accessLog("User {$_USER['username']} tried to illegally delete poll {$pid} and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
$mainpage = '';
if (isset($_POST['mainpage'])) {
$mainpage = COM_applyFilter($_POST['mainpage']);
}
$open = '';
if (isset($_POST['open'])) {
$open = COM_applyFilter($_POST['open']);
}
$hideresults = '';
if (isset($_POST['hideresults'])) {
$hideresults = COM_applyFilter($_POST['hideresults']);
}
$display .= savepoll($pid, $old_pid, $_POST['question'], $mainpage, $_POST['topic'], $_POST['meta_description'], $_POST['meta_keywords'], $statuscode, $open, $hideresults, COM_applyFilter($_POST['commentcode'], true), $_POST['answer'], $_POST['votes'], $_POST['remark'], COM_applyFilter($_POST['owner_id'], true), COM_applyFilter($_POST['group_id'], true), $_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon'], $_POST['allow_multipleanswers'], COM_applyFilter($_POST['topic_description']), $_POST['description']);
} else {
$display .= COM_showMessageText($LANG25[17], $LANG21[32]) . editpoll();
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG25[5]));
}
} elseif ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
$pid = '';
if (isset($_POST['pid'])) {
$pid = COM_applyFilter($_POST['pid']);
}
if (empty($pid)) {
COM_errorLog('Ignored possibly manipulated request to delete a poll.');
$display .= COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
} elseif (SEC_checkToken()) {
$display .= deletePoll($pid);
} else {
COM_accessLog("User {$_USER['username']} tried to illegally delete poll {$pid} and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');