public function testHasVoted()
{
$db_conn = $this->initAndClearTables();
$this->insertSubmission($db_conn, 'Q', 'test1', 0, 0, 23456);
$qid1 = $this->getSubmissionID($db_conn, 'Q', 'test1');
$this->insertSubmission($db_conn, 'Q', 'test2', 1, 0, 23456);
$qid2 = $this->getSubmissionID($db_conn, 'Q', 'test2');
$this->addToVotedOn($db_conn, 'Q', $qid2, 123);
include_once '../../Incognito/students/scripts/studentfeed_lookup_questions.php';
// UID 123 has voted for question test2, but not for test1.
$voted = hasVoted('Q', $qid1, 123, $db_conn);
$this->assertEquals(0, $voted);
$voted = hasVoted('Q', $qid2, 123, $db_conn);
$this->assertEquals(1, $voted);
}
function printfive($result)
{
$query = "SELECT questionText, answer1Text, answer2Text, postID FROM Question ORDER BY postID DESC;";
$result = mysql_query($query);
$record = mysql_fetch_array($result);
while ($record != false) {
$questionText = $record['questionText'];
$answer1Text = $record['answer1Text'];
$answer2Text = $record['answer2Text'];
$postID = $record['postID'];
$normalQuestion = stripslashes($questionText);
$normalA1 = stripslashes($answer1Text);
$normalA2 = stripslashes($answer2Text);
if (hasVoted($userID, $postID)) {
showResults($postID, $normalQuestion, $normalA1, $normalA2);
} else {
echo "\t<td>{$normalQuestion}</td> ";
echo <<<BLOCK2
\t\t\t\t<tr>
\t\t
\t\t\t\t\t<td>\t\t\t\t\t
\t\t\t\t\t\t\t<div onclick="location.href='vote.php?postID={$postID}&answerChoice=1'" class="ans1">
\t\t\t\t\t\t\t\t<input type="image" src="MidiateRedMan.png" name="redman"
\t\t\t\t\t\t\t\twidth="60" height="60" /> {$normalA1}      
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t<div onclick="location.href='vote.php?postID={$postID}&answerChoice=2'" class="ans2">
\t\t\t\t\t\t\t
\t\t\t\t\t\t\t {$normalA2} <input type="image" src="MidiateBlueMan.png" name="blueman"
\t\t\t\t\t\t\t\twidth="60" height="60" />
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t</td>
\t\t\t\t\t</tr>
BLOCK2;
}
$record = mysql_fetch_array($result);
}
}
function getQuestions($sid, $filter, $sort, $uid)
{
$db_conn = connectToDB();
$uid;
if (isset($_POST['sid'])) {
$uid = $_POST['uid'];
}
$feed = array();
$query = null;
// There are seven filtering options and three sorting options. Each combination
// of these options needs to be handled differently.
if ($filter == "None" || $filter == "All Questions") {
$query = null;
if ($sort == "Newest") {
$query = sprintf("SELECT * FROM Question WHERE sid = %d ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
$query = sprintf("SELECT * FROM Question WHERE sid = %d ORDER BY numvotes DESC", $sid);
} else {
$query = sprintf("SELECT * FROM Question WHERE sid = %d", $sid);
}
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$qid = (int) $r["qid"];
$voted = hasVoted('Q', $qid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'answered' => $r["answered"], 'type' => 'Q', 'id' => $r["qid"], 'numvotes' => $r["numvotes"], 'time' => $r["time"]);
}
}
if ($filter == "None" || $filter == "All Feedback") {
$query = null;
// echo "Filter By: All Feedback</br>";
if ($sort == "Newest") {
// Get results sorted by timestamp in descending order
// echo "Sort By: Newest</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
// Get results sorted by the number of votes in descending order
// echo "Sort By: Priority</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d ORDER BY numvotes DESC", $sid);
} else {
// No sorting specified
// echo "Sort By: None</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d", $sid);
}
// Run the query and fetch the results
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$fid = (int) $r["fid"];
$voted = hasVoted('F', $fid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'isread' => $r["isread"], 'type' => 'F', 'id' => $r["fid"], 'numvotes' => $r["numvotes"], 'time' => $r["time"]);
}
// If filter is None, there will be results from the Questions query in $feed already, so
// we need to sort the array to make sure the sorting is properly applied. If filter is All Feedback,
// we don't need to sort the array again, but it won't hurt to do so, and it saves a bit of control
// flow logic.
$feed = sortResults($feed, $sort);
} elseif ($filter == "Answered") {
// echo "Filter By: Answered</br>";
if ($sort == "Newest") {
// Get results sorted by timestamp in descending order
// echo "Sort By: Answered</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 1 ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
// Get results sorted by the number of votes in descending order
// echo "Sort By: Priority</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 1 ORDER BY numvotes DESC", $sid);
} else {
// No sorting specified
// echo "Sort By: None</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 1", $sid);
}
// Run the query and fetch the results
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$qid = (int) $r["qid"];
$voted = hasVoted('Q', $qid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'answered' => $r["answered"], 'type' => 'Q', 'id' => $r["qid"]);
}
} elseif ($filter == "Unanswered") {
// echo "Filter By: Unanswered</br>";
if ($sort == "Newest") {
// Get results sorted by timestamp in descending order
// echo "Sort By: Newest</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 0 ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
// Get results sorted by the number of votes in descending order
// echo "Sort By: Priority</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 0 ORDER BY numvotes DESC", $sid);
} else {
// No sorting specified
// echo "Sort By: None</br>";
$query = sprintf("SELECT * FROM Question WHERE sid = %d AND answered = 0", $sid);
}
// Run the query and fetch the results
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$qid = (int) $r["qid"];
$voted = hasVoted('Q', $qid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'answered' => $r["answered"], 'type' => 'Q', 'id' => $r["qid"]);
}
} elseif ($filter == "Unread") {
// echo "Filter By: Unread</br>";
if ($sort == "Newest") {
// Get results sorted by timestamp in descending order
// echo "Sort By: Newest</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 0 ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
// Get results sorted by the number of votes in descending order
// echo "Sort By: Priority</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 0 ORDER BY numvotes DESC", $sid);
} else {
// No sorting specified
// echo "Sort By: None</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 0", $sid);
}
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$fid = (int) $r["fid"];
$voted = hasVoted('F', $fid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'isread' => $r["isread"], 'type' => 'F', 'id' => $r["fid"]);
}
} elseif ($filter == "Read") {
// echo "Filter By: Read</br>";
if ($sort == "Newest") {
// Get results sorted by timestamp in descending order
// echo "Sort By: Newest</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 1 ORDER BY time DESC", $sid);
} elseif ($sort == "Priority") {
// Get results sorted by the number of votes in descending order
// echo "Sort By: Priority</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 1 ORDER BY numvotes DESC", $sid);
} else {
// No sorting specified
// echo "Sort By: None</br>";
$query = sprintf("SELECT * FROM Feedback WHERE sid = %d AND isread = 1", $sid);
}
// Run the query and fetch the results
$results = mysql_query($query, $db_conn);
if (!$results) {
die("Error: " . mysql_error($db_conn));
}
while ($r = mysql_fetch_assoc($results)) {
$fid = (int) $r["fid"];
$voted = hasVoted('F', $fid, $uid, $db_conn);
$feed[] = array('voted' => $voted, 'text' => $r["text"], 'isread' => $r["isread"], 'type' => 'F', 'id' => $r["fid"]);
}
}
mysql_close($db_conn);
return $feed;
}
<?php
session_start();
require_once 'includes/connect.php';
require_once 'includes/forceopen.php';
//Make sure you aren't trying to double vote
if (hasVoted()) {
header("Location: /thanks");
exit;
}
if ($_SESSION['confirmcheck'] !== "CONFIRMED") {
die("<h1>eror</h1>");
}
$totalvotes = $_SESSION['totalvotes'];
for ($i = 0; $i < $totalvotes; $i += 1) {
$vid = $_SESSION['ballotData'][$i]['vid'];
$title = $_SESSION['ballotData'][$i]['title'];
$viewCount = $_SESSION['ballotData'][$i]['viewCount'];
$smallthumb = $_SESSION['ballotData'][$i]['smallthumb'];
$bigthumb = $_SESSION['ballotData'][$i]['bigthumb'];
$artist = $_SESSION['ballotData'][$i]['artist'];
$artisturl = $_SESSION['ballotData'][$i]['artisturl'];
$title = $con->escape_string($title);
$artist = $con->escape_string($artist);
$sql = "SELECT * from `votes` WHERE `vid`='" . $_SESSION['ballotData'][$i]['vid'] . "'";
$result = $con->query($sql);
if ($result->num_rows < 1) {
$sql = "INSERT INTO votes \t(`vid`, `name`, `tally`, `views`, `smallthumb`, `bigthumb`,\n\t\t\t\t\t\t\t\t\t\t `artist`, `artisturl`, `dAdded`, `dLastvoted`) " . "VALUES \t('{$vid}', '{$title}', 1, {$viewCount}, '{$smallthumb}', '{$bigthumb}',\n\t\t\t\t\t\t\t\t'{$artist}', '{$artisturl}', CURDATE(), CURDATE())";
$con->query($sql);
} else {
//Add 1 to the tally already recorded and update
function updateAnswers($pollid, $userid, $values)
{
global $db;
if (!hasVoted($pollid, $userid)) {
return false;
}
$useranswer = $db->selectOneRow('detailedpoll_user_answers', '`useranswerid`', '`userid`=' . (int) $userid . ' AND `detailedpollid`=' . (int) $pollid);
$db->update('detailedpoll_user_answers', "`date`= " . time(), "`useranswerid`= " . $useranswer['useranswerid']);
foreach ($values as $questionid => $value) {
$db->update('detailedpoll_answers', "`value`=" . (int) $value, "`questionid`=" . (int) $questionid . " AND `useranswerid`=" . (int) $useranswer['useranswerid']);
}
return $useranswer['useranswerid'];
}
$sendResult = updateAnswers($pollid, $login->currentUserId(), $_POST['values']);
} else {
$sendResult = saveAnswers($pollid, $login->currentUserId(), $_POST['values']);
}
if ($sendResult > 0) {
$notify->add($lang->get('detailedpoll'), $lang->get('notify_send_successfull'));
redirect(makeUrl('detailedpoll', array()));
} else {
$notify->add($lang->get('detailedpoll'), $lang->get('notify_send_unsuccessfull'));
}
} else {
$notify->add($lang->get('detailedpoll'), $lang->get('notify_send_unsuccessfull_fields_missing'));
$smarty->assign('values', $_POST['values']);
}
}
if (hasVoted($pollid, $login->currentUserId())) {
$smarty->assign('values', getMyAnswers($pollid, $login->currentUserId()));
}
$smarty->assign('sendAvailable', $poll['state'] == 1);
$smarty->assign('resultAvailable', $poll['state'] >= 2);
$smarty->assign('poll', $poll);
if ($poll['state'] >= 2) {
$questions = calculatePoll($pollid);
$smarty->assign('result', getCalculatedPoll($questions));
} else {
$questions = getQuestions($pollid);
}
$smarty->assign('questions', $questions);
$colors = array(0 => '#aaa', 1 => '#bbb', 2 => '#ccc', 3 => '#ddd');
$smarty->assign('color', $colors);
$smarty->assign('path', $template_dir . '/poll.tpl');
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php
echo BBSNAME;
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="default.css" rel="stylesheet" type="text/css" />
</head>
<body class="main">
<p><a href="voting_booth.php">back to voting
booth</a> </p>
<?php
if (!hasVoted($_SESSION['id'], $req['id'])) {
$row_topic = @mysql_fetch_assoc($sth_topic);
?>
<form method="post" action="voting_tally.php" name="form1">
<h1><?php
echo $row_topic['name'];
?>
</h1>
<?php
while ($row_options = @mysql_fetch_assoc($sth_options)) {
?>
<p>
<label>
<input type="radio" name="option" value="<?php
echo $row_options['opt'];
?>
<?php
require_once 'lib/utils.php';
session_start();
authenticate();
foreach ($_POST as $name => $value) {
$req[$name] = trim(clean($value, 255));
}
if (!isset($req['id']) or !isset($req['option']) or hasVoted($_SESSION['id'], $req['id'])) {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/voting_vote.php?badvote=true" . "&id=" . $req['id']);
exit;
}
$sql_tally = "INSERT INTO votes (user_id, topic_id, option_id) SELECT u.id AS user_id, \n\t\tvt.id AS topic_id, vo.id AS option_id FROM users u, voting_topics vt, voting_options vo\n\t\tWHERE u.alias = '" . $_SESSION['alias'] . "' AND vt.id = " . $req['id'] . " AND vo.opt \n\t\t= '" . $req['option'] . "'";
myLog('VOTE', $_SESSION['id'], $req['id']);
if (@mysql_query($sql_tally)) {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/voting_vote.php?id=" . $req['id']);
exit;
} else {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/voting_vote.php?badvote=true" . "&id=" . $req['id']);
exit;
}
