Example #1
0
 /**
  * Set a cookie to keep an announcement closed
  *
  * @return bool True
  * @access protected
  */
 protected function set_board_announcement_cookie()
 {
     // Get board announcement data from the DB text object
     $announcement_timestamp = $this->config_text->get('announcement_timestamp');
     // Store the announcement timestamp/id in a cookie with a 1 year expiration
     $this->user->set_cookie('baid', $announcement_timestamp, strtotime('+1 year'));
     return true;
 }
 protected function toggle_edit_mode()
 {
     $edit_mode = $this->request->variable($this->config['cookie_name'] . '_sm_edit_mode', false, false, \phpbb\request\request_interface::COOKIE);
     if ($this->request->is_set('edit_mode')) {
         $edit_mode = $this->request->variable('edit_mode', false);
         $this->user->set_cookie('sm_edit_mode', $edit_mode, 0);
     }
     return $edit_mode;
 }
 /**
  * {@inheritdoc}
  */
 public function set_cookie_categories($forum_id)
 {
     // Set the collapsed category data array
     $this->set_collapsed_categories($forum_id);
     // Update the cookie with json encoded array of collapsed category data
     $this->user->set_cookie('ccat', json_encode($this->collapsed_categories), strtotime('+1 year'));
     // As we are unable to check immediately if the cookie was set, return true anyway
     return true;
 }
Example #4
0
 /**
  * @param int  $user_id
  * @param bool $admin
  * @param bool $auto_login
  * @param bool $viewonline
  * @param string $class
  * @return \Symfony\Component\HttpFoundation\Response
  * @throws http_exception
  */
 public function submit($user_id, $admin, $auto_login, $viewonline, $class)
 {
     $this->user->add_lang_ext('paul999/tfa', 'common');
     if (!check_form_key('tfa_login_page')) {
         throw new http_exception(403, 'FORM_INVALID');
     }
     if (empty($this->user->data['tfa_random']) || $user_id != $this->user->data['tfa_uid']) {
         throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
     }
     $random = $this->request->variable('random', '');
     if ($this->user->data['tfa_random'] !== $random || strlen($random) !== 40) {
         throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
     }
     $sql_ary = array('tfa_random' => '', 'tfa_uid' => 0);
     $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\tWHERE\n\t\t\t\tsession_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND\n\t\t\t\tsession_user_id = '" . (int) $this->user->data['user_id'];
     $this->db->sql_query($sql);
     if (empty($class)) {
         throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
     }
     $module = $this->session_helper->findModule($class);
     if ($module == null) {
         throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
     }
     $redirect = $this->request->variable('redirect', "{$this->root_path}/index.{$this->php_ext}");
     try {
         if (!$module->login($user_id)) {
             $this->template->assign_var('S_ERROR', $this->user->lang('TFA_INCORRECT_KEY'));
             $this->session_helper->generate_page($user_id, $admin, $auto_login, $viewonline, $redirect);
         }
     } catch (http_exception $ex) {
         if ($ex->getStatusCode() == 400) {
             $this->template->assign_var('S_ERROR', $ex->getMessage());
             $this->session_helper->generate_page($user_id, $admin, $auto_login, $viewonline, $redirect);
         }
     }
     $old_session_id = $this->user->session_id;
     if ($admin) {
         $cookie_expire = time() - 31536000;
         $this->user->set_cookie('u', '', $cookie_expire);
         $this->user->set_cookie('sid', '', $cookie_expire);
     }
     $result = $this->user->session_create($user_id, $admin, $auto_login, $viewonline);
     // Successful session creation
     if ($result === true) {
         // If admin re-authentication we remove the old session entry because a new one has been created...
         if ($admin) {
             // the login array is used because the user ids do not differ for re-authentication
             $sql = 'DELETE FROM ' . SESSIONS_TABLE . "\n\t\t\t\t\tWHERE session_id = '" . $this->db->sql_escape($old_session_id) . "'\n\t\t\t\t\tAND session_user_id = " . (int) $user_id;
             $this->db->sql_query($sql);
             redirect(append_sid("{$this->root_path}adm/index.{$this->php_ext}", false, true, $this->user->data['session_id']));
         }
         redirect(append_sid($redirect, false, true, $this->user->data['session_id']));
     }
     throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
 }
Example #5
0
 public function viewtopic_lfg($event)
 {
     //$topic_data = $event['topic_data'];
     //$topic_id = $topic_data['topic_id'];
     $post_row = $event['post_row'];
     $current_row_number = $event['current_row_number'];
     $message = $post_row['MESSAGE'];
     $att = $post_row['S_HAS_ATTACHMENTS'];
     $user_id = $this->user->data['user_id'];
     $max = $this->max_topics;
     $read = $cookie = $this->request->variable($this->config['cookie_name'] . '_cookie_lfg', '', true, \phpbb\request\request_interface::COOKIE);
     if ($user_id == 1 and $current_row_number == 0) {
         if ($read >= $max) {
             $message = $this->user->lang['MAX_GUEST'];
             $att = false;
         } else {
             $this->user->set_cookie('cookie_lfg', $read + 1, strtotime('+1 year'));
         }
     }
     $post_row['S_HAS_ATTACHMENTS'] = $att;
     $post_row['MESSAGE'] = $message;
     $event['post_row'] = $post_row;
 }
Example #6
0
    /**
     * Parse template variables for module
     *
     * @param int $module_id	Module ID
     * @param string $type	Module type (center or side)
     *
     * @return string HTML filename
     */
    protected function parse_template($module_id, $type = '')
    {
        $this->user->add_lang('viewtopic');
        // check if we need to include the bbcode class
        if (!class_exists('bbcode')) {
            include $this->phpbb_root_path . 'includes/bbcode.' . $this->php_ext;
        }
        $view = $this->request->variable('view', '');
        $update = $this->request->variable('update', false);
        $poll_view = $this->request->variable('polls', '');
        $poll_view_ar = strpos($poll_view, ',') !== false ? explode(',', $poll_view) : ($poll_view != '' ? array($poll_view) : array());
        if ($update && $this->config['board3_poll_allow_vote_' . $module_id]) {
            $up_topic_id = $this->request->variable('t', 0);
            $up_forum_id = $this->request->variable('f', 0);
            $voted_id = $this->request->variable('vote_id', array('' => 0));
            $cur_voted_id = array();
            if ($this->user->data['is_registered']) {
                $sql = 'SELECT poll_option_id
					FROM ' . POLL_VOTES_TABLE . '
					WHERE topic_id = ' . (int) $up_topic_id . '
						AND vote_user_id = ' . (int) $this->user->data['user_id'];
                $result = $this->db->sql_query($sql);
                while ($row = $this->db->sql_fetchrow($result)) {
                    $cur_voted_id[] = $row['poll_option_id'];
                }
                $this->db->sql_freeresult($result);
            } else {
                // Cookie based guest tracking ... I don't like this but hum ho
                // it's oft requested. This relies on "nice" users who don't feel
                // the need to delete cookies to mess with results.
                if ($this->request->is_set($this->config['cookie_name'] . '_poll_' . $up_topic_id, \phpbb\request\request_interface::COOKIE)) {
                    $cur_voted_id = explode(',', $this->request->variable($this->config['cookie_name'] . '_poll_' . $up_topic_id, '', true, \phpbb\request\request_interface::COOKIE));
                    $cur_voted_id = array_map('intval', $cur_voted_id);
                }
            }
            $sql = 'SELECT t.poll_length, t.poll_start, t.poll_vote_change, t.topic_status, f.forum_status, t.poll_max_options
				FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f\n\t\t\t\tWHERE t.forum_id = f.forum_id\n\t\t\t\t\tAND t.topic_id = " . (int) $up_topic_id . "\n\t\t\t\t\tAND t.forum_id = " . (int) $up_forum_id;
            $result = $this->db->sql_query_limit($sql, 1);
            $topic_data = $this->db->sql_fetchrow($result);
            $this->db->sql_freeresult($result);
            $s_can_up_vote = (!sizeof($cur_voted_id) && $this->auth->acl_get('f_vote', $up_forum_id) || $this->auth->acl_get('f_votechg', $up_forum_id) && $topic_data['poll_vote_change']) && ($topic_data['poll_length'] != 0 && $topic_data['poll_start'] + $topic_data['poll_length'] > time() || $topic_data['poll_length'] == 0) && $topic_data['topic_status'] != ITEM_LOCKED && $topic_data['forum_status'] != ITEM_LOCKED ? true : false;
            if ($s_can_up_vote) {
                $redirect_url = $this->modules_helper->route('board3_portal_controller');
                if (!sizeof($voted_id) || sizeof($voted_id) > $topic_data['poll_max_options'] || in_array(VOTE_CONVERTED, $cur_voted_id)) {
                    meta_refresh(5, $redirect_url);
                    if (!sizeof($voted_id)) {
                        $message = 'NO_VOTE_OPTION';
                    } else {
                        if (sizeof($voted_id) > $topic_data['poll_max_options']) {
                            $message = 'TOO_MANY_VOTE_OPTIONS';
                        } else {
                            $message = 'VOTE_CONVERTED';
                        }
                    }
                    $message = $this->user->lang[$message] . '<br /><br />' . sprintf($this->user->lang['RETURN_PORTAL'], '<a href="' . $redirect_url . '">', '</a>');
                    trigger_error($message);
                }
                foreach ($voted_id as $option) {
                    if (in_array($option, $cur_voted_id)) {
                        continue;
                    }
                    $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . '
						SET poll_option_total = poll_option_total + 1
						WHERE poll_option_id = ' . (int) $option . '
							AND topic_id = ' . (int) $up_topic_id;
                    $this->db->sql_query($sql);
                    if ($this->user->data['is_registered']) {
                        $sql_ary = array('topic_id' => (int) $up_topic_id, 'poll_option_id' => (int) $option, 'vote_user_id' => (int) $this->user->data['user_id'], 'vote_user_ip' => (string) $this->user->ip);
                        $sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
                        $this->db->sql_query($sql);
                    }
                }
                foreach ($cur_voted_id as $option) {
                    if (!in_array($option, $voted_id)) {
                        $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . '
							SET poll_option_total = poll_option_total - 1
							WHERE poll_option_id = ' . (int) $option . '
								AND topic_id = ' . (int) $up_topic_id;
                        $this->db->sql_query($sql);
                        if ($this->user->data['is_registered']) {
                            $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . '
								WHERE topic_id = ' . (int) $up_topic_id . '
									AND poll_option_id = ' . (int) $option . '
									AND vote_user_id = ' . (int) $this->user->data['user_id'];
                            $this->db->sql_query($sql);
                        }
                    }
                }
                if ($this->user->data['user_id'] == ANONYMOUS && !$this->user->data['is_bot']) {
                    $this->user->set_cookie('poll_' . $up_topic_id, implode(',', $voted_id), time() + 31536000);
                }
                $sql = 'UPDATE ' . TOPICS_TABLE . '
					SET poll_last_vote = ' . time() . '
					WHERE topic_id = ' . (int) $up_topic_id;
                //, topic_last_post_time = ' . time() . " -- for bumping topics with new votes, ignore for now
                $this->db->sql_query($sql);
                meta_refresh(5, $redirect_url);
                trigger_error($this->user->lang['VOTE_SUBMITTED'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PORTAL'], '<a href="' . $redirect_url . '">', '</a>'));
            }
        }
        $poll_forums = false;
        // Get readable forums
        $forum_list = array_unique(array_keys($this->auth->acl_getf('f_read', true)));
        if ($this->config['board3_poll_topic_id_' . $module_id] !== '') {
            $poll_forums_config = explode(',', $this->config['board3_poll_topic_id_' . $module_id]);
            if ($this->config['board3_poll_exclude_id_' . $module_id]) {
                $forum_list = array_unique(array_diff($forum_list, $poll_forums_config));
            } else {
                $forum_list = array_unique(array_intersect($poll_forums_config, $forum_list));
            }
        }
        $where = '';
        if (sizeof($forum_list)) {
            $poll_forums = true;
            $where = 'AND ' . $this->db->sql_in_set('t.forum_id', $forum_list);
        }
        if ($this->config['board3_poll_hide_' . $module_id]) {
            $portal_poll_hide = 'AND (t.poll_start + t.poll_length > ' . time() . ' OR t.poll_length = 0)';
        } else {
            $portal_poll_hide = '';
        }
        if ($poll_forums === true) {
            $sql = 'SELECT t.poll_title, t.poll_start, t.topic_id,  t.topic_first_post_id, t.forum_id, t.poll_length, t.poll_vote_change, t.poll_max_options, t.topic_status, f.forum_status, p.bbcode_bitfield, p.bbcode_uid
				FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f\n\t\t\t\tWHERE t.forum_id = f.forum_id\n\t\t\t\t\tAND t.topic_visibility = 1\n\t\t\t\t\tAND t.poll_start > 0\n\t\t\t\t\t{$where}\n\t\t\t\t\tAND t.topic_moved_id = 0\n\t\t\t\t\tAND p.post_id = t.topic_first_post_id\n\t\t\t\t\t{$portal_poll_hide}\n\t\t\t\tORDER BY t.poll_start DESC";
            $limit = isset($this->config['board3_poll_limit_' . $module_id]) ? $this->config['board3_poll_limit_' . $module_id] : 3;
            $result = $this->db->sql_query_limit($sql, $limit);
            $has_poll = false;
            if ($result) {
                while ($data = $this->db->sql_fetchrow($result)) {
                    $has_poll = true;
                    $poll_has_options = false;
                    $topic_id = (int) $data['topic_id'];
                    $forum_id = (int) $data['forum_id'];
                    $cur_voted_id = array();
                    if ($this->config['board3_poll_allow_vote_' . $module_id]) {
                        if ($this->user->data['is_registered']) {
                            $vote_sql = 'SELECT poll_option_id
								FROM ' . POLL_VOTES_TABLE . '
								WHERE topic_id = ' . (int) $topic_id . '
									AND vote_user_id = ' . (int) $this->user->data['user_id'];
                            $vote_result = $this->db->sql_query($vote_sql);
                            while ($row = $this->db->sql_fetchrow($vote_result)) {
                                $cur_voted_id[] = $row['poll_option_id'];
                            }
                            $this->db->sql_freeresult($vote_result);
                        } else {
                            // Cookie based guest tracking ... I don't like this but hum ho
                            // it's oft requested. This relies on "nice" users who don't feel
                            // the need to delete cookies to mess with results.
                            if ($this->request->is_set($this->config['cookie_name'] . '_poll_' . $topic_id, \phpbb\request\request_interface::COOKIE)) {
                                $cur_voted_id = explode(',', $this->request->variable($this->config['cookie_name'] . '_poll_' . $topic_id, 0, false, true));
                                $cur_voted_id = array_map('intval', $cur_voted_id);
                            }
                        }
                        $s_can_vote = (!sizeof($cur_voted_id) && $this->auth->acl_get('f_vote', $forum_id) || $this->auth->acl_get('f_votechg', $forum_id) && $data['poll_vote_change']) && ($data['poll_length'] != 0 && $data['poll_start'] + $data['poll_length'] > time() || $data['poll_length'] == 0) && $data['topic_status'] != ITEM_LOCKED && $data['forum_status'] != ITEM_LOCKED ? true : false;
                    } else {
                        $s_can_vote = false;
                    }
                    $s_display_results = !$s_can_vote || $s_can_vote && sizeof($cur_voted_id) || $view == 'viewpoll' && in_array($topic_id, $poll_view_ar) ? true : false;
                    $poll_sql = 'SELECT po.poll_option_id, po.poll_option_text, po.poll_option_total
						FROM ' . POLL_OPTIONS_TABLE . ' po
						WHERE po.topic_id = ' . (int) $topic_id . '
						ORDER BY po.poll_option_id';
                    $poll_result = $this->db->sql_query($poll_sql);
                    $poll_total_votes = 0;
                    $poll_data = array();
                    if ($poll_result) {
                        while ($polls_data = $this->db->sql_fetchrow($poll_result)) {
                            $poll_has_options = true;
                            $poll_data[] = $polls_data;
                            $poll_total_votes += $polls_data['poll_option_total'];
                        }
                    }
                    $this->db->sql_freeresult($poll_result);
                    $make_poll_view = array();
                    if (in_array($topic_id, $poll_view_ar) === false) {
                        $make_poll_view[] = $topic_id;
                        $make_poll_view = array_merge($poll_view_ar, $make_poll_view);
                    }
                    $poll_view_str = urlencode(implode(',', $make_poll_view));
                    $portalpoll_url = $this->modules_helper->route('board3_portal_controller') . "?polls={$poll_view_str}";
                    $portalvote_url = $this->modules_helper->route('board3_portal_controller') . "?f={$forum_id}&amp;t={$topic_id}";
                    $viewtopic_url = append_sid("{$this->phpbb_root_path}viewtopic.{$this->php_ext}", "f={$forum_id}&amp;t={$topic_id}");
                    $poll_end = $data['poll_length'] + $data['poll_start'];
                    // Parse BBCode title
                    if ($data['bbcode_bitfield']) {
                        $poll_bbcode = new \bbcode();
                    } else {
                        $poll_bbcode = false;
                    }
                    $data['poll_title'] = censor_text($data['poll_title']);
                    if ($poll_bbcode !== false) {
                        $poll_bbcode->bbcode_second_pass($data['poll_title'], $data['bbcode_uid'], $data['bbcode_bitfield']);
                    }
                    $data['poll_title'] = bbcode_nl2br($data['poll_title']);
                    $data['poll_title'] = smiley_text($data['poll_title']);
                    unset($poll_bbcode);
                    $this->template->assign_block_vars($type !== '' ? 'poll_' . $type : 'poll', array('S_POLL_HAS_OPTIONS' => $poll_has_options, 'POLL_QUESTION' => $data['poll_title'], 'U_POLL_TOPIC' => append_sid($this->phpbb_root_path . 'viewtopic.' . $this->php_ext, 't=' . $topic_id . '&amp;f=' . $forum_id), 'POLL_LENGTH' => $data['poll_length'], 'TOPIC_ID' => $topic_id, 'TOTAL_VOTES' => $poll_total_votes, 'L_MAX_VOTES' => $this->user->lang('MAX_OPTIONS_SELECT', $data['poll_max_options']), 'L_POLL_LENGTH' => $data['poll_length'] ? sprintf($this->user->lang[$poll_end > time() ? 'POLL_RUN_TILL' : 'POLL_ENDED_AT'], $this->user->format_date($poll_end)) : '', 'S_CAN_VOTE' => $s_can_vote, 'S_DISPLAY_RESULTS' => $s_display_results, 'S_IS_MULTI_CHOICE' => $data['poll_max_options'] > 1 ? true : false, 'S_POLL_ACTION' => $portalvote_url, 'U_VIEW_RESULTS' => $portalpoll_url . '&amp;view=viewpoll#viewpoll', 'U_VIEW_TOPIC' => $viewtopic_url));
                    foreach ($poll_data as $pd) {
                        $option_pct = $poll_total_votes > 0 ? $pd['poll_option_total'] / $poll_total_votes : 0;
                        $option_pct_txt = sprintf("%.1d%%", round($option_pct * 100));
                        // Parse BBCode option text
                        if ($data['bbcode_bitfield']) {
                            $poll_bbcode = new \bbcode();
                        } else {
                            $poll_bbcode = false;
                        }
                        $pd['poll_option_text'] = censor_text($pd['poll_option_text']);
                        if ($poll_bbcode !== false) {
                            $poll_bbcode->bbcode_second_pass($pd['poll_option_text'], $data['bbcode_uid'], $data['bbcode_bitfield']);
                        }
                        $pd['poll_option_text'] = bbcode_nl2br($pd['poll_option_text']);
                        $pd['poll_option_text'] = smiley_text($pd['poll_option_text']);
                        unset($poll_bbcode);
                        $this->template->assign_block_vars(($type !== '' ? 'poll_' . $type : 'poll') . '.poll_option', array('POLL_OPTION_ID' => $pd['poll_option_id'], 'POLL_OPTION_CAPTION' => $pd['poll_option_text'], 'POLL_OPTION_RESULT' => $pd['poll_option_total'], 'POLL_OPTION_PERCENT' => $option_pct_txt, 'POLL_OPTION_PCT' => round($option_pct * 100), 'POLL_OPTION_IMG' => $this->user->img('poll_center', $option_pct_txt, round($option_pct * 35) . 'px'), 'POLL_OPTION_VOTED' => in_array($pd['poll_option_id'], $cur_voted_id) ? true : false));
                    }
                }
            }
            $this->db->sql_freeresult($result);
            $this->template->assign_vars(array('S_HAS_POLL' => $has_poll, 'POLL_LEFT_CAP_IMG' => $this->user->img('poll_left'), 'POLL_RIGHT_CAP_IMG' => $this->user->img('poll_right')));
        }
        return ($type !== '' ? 'poll_' . $type : 'poll_center') . '.html';
    }
Example #7
0
 /**
  * Set tracking data in a cookie.
  *
  * @param int $type			Object type
  * @param int $id			Object id
  * @param bool|int $time	Optional tracking time to use,
  * 		if none is given, the value from time() is used
  */
 protected function track_cookie($type, $id, $time = false)
 {
     $this->store[$type][$id] = $time === false ? time() : (int) $time;
     $this->user->set_cookie('titania_track', serialize($this->store), time() + 31536000);
 }
Example #8
0
    /**
     * Perform all poll related modifications
     *
     * @param array	$topic_data						The array of topic data
     * @param array $vote_counts					Array with the vote counts for every poll option, updated here
     * @param array $cur_voted_id					Array of current votes, stored in the database, updated here
     * @param array $voted_id						Array of votes, submitted in the form, updated here
     * @param array $poll_info						Array with poll options and details, updated here
     * @param bool $s_can_vote						May the user vote in this poll?  May be modified here
     * @param string $viewtopic_url					URL with the return topic
     * @return void
     */
    public function do_poll_voting_modifications($topic_data, &$vote_counts, &$cur_voted_id, &$voted_id, &$poll_info, &$s_can_vote, $viewtopic_url)
    {
        $options = $this->get_possible_options(true);
        $options = array_keys($options);
        $poll_options = array_keys($vote_counts);
        $poll_options_count = count($poll_options);
        // Get votes data
        $sql = 'SELECT *
				FROM ' . POLL_VOTES_TABLE . '
				WHERE poll_option_id > 0
					AND topic_id = ' . $topic_data['topic_id'];
        $result = $this->db->sql_query($sql);
        $option_voters = array_fill_keys($poll_options, array());
        $cur_voted_val = array();
        $cur_total_val = 0;
        while ($row = $this->db->sql_fetchrow($result)) {
            $option_voters[$row['poll_option_id']][(int) $row['vote_user_id']] = (int) $row['wolfsblvt_poll_option_value'];
            if ($this->user->data['is_registered'] && $this->user->data['user_id'] == $row['vote_user_id']) {
                $cur_voted_val[(int) $row['poll_option_id']] = (int) $row['wolfsblvt_poll_option_value'];
                $cur_total_val += (int) $row['wolfsblvt_poll_option_value'];
            }
        }
        $this->db->sql_freeresult($result);
        for ($i = 0; $i < $poll_options_count; $i++) {
            $poll_info[$i]['option_voters'] = $option_voters[$poll_info[$i]['poll_option_id']];
        }
        if (!$this->user->data['is_registered']) {
            // Cookie based guest tracking ... I don't like this but hum ho
            // it's oft requested. This relies on "nice" users who don't feel
            // the need to delete cookies to mess with results.
            if ($this->request->is_set($this->config['cookie_name'] . '_poll_votes_' . $topic_data['topic_id'], \phpbb\request\request_interface::COOKIE)) {
                $cur_voted_votes = explode(',', $this->request->variable($this->config['cookie_name'] . '_poll_votes_' . $topic_data['topic_id'], '', true, \phpbb\request\request_interface::COOKIE));
                $cur_voted_votes = array_map('intval', $cur_voted_votes);
                $cur_voted_val = array_combine($cur_voted_id, $cur_voted_votes);
                $cur_total_val = array_sum($cur_voted_votes);
            }
        }
        $voted_val = array();
        $scoring = $this->request->variable('scoring', false);
        $update = $this->request->variable('update', false);
        if ($scoring) {
            $voted_val = $this->request->variable('vote_id', array(0 => 0));
            $voted_val = array_diff($voted_val, array(0));
            $voted_id = array_keys($voted_val);
            $voted_id = sizeof($voted_id) > 1 ? array_unique($voted_id) : $voted_id;
        }
        if (!in_array('wolfsblvt_no_vote', $options) && in_array(0, $cur_voted_id)) {
            $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . '
				WHERE topic_id = ' . (int) $topic_data['topic_id'] . '
					AND poll_option_id = ' . 0 . '
					AND vote_user_id = ' . (int) $this->user->data['user_id'];
            $this->db->sql_query($sql);
            $cur_voted_id = array_keys($cur_voted_val);
        }
        $s_incremental = in_array('wolfsblvt_incremental_votes', $options);
        $s_is_scoring = in_array('wolfsblvt_poll_max_value', $options) && $topic_data['wolfsblvt_poll_max_value'] > 1 ? true : false;
        $s_vote_incomplete = $s_incremental ? $s_is_scoring ? $cur_total_val < $topic_data['wolfsblvt_poll_total_value'] : sizeof($cur_voted_id) < $topic_data['poll_max_options'] : !sizeof($cur_voted_id);
        $s_can_change_vote = $this->auth->acl_get('f_votechg', $topic_data['forum_id']) && $topic_data['poll_vote_change'] ? true : false;
        $s_can_vote = $s_can_vote || $this->auth->acl_get('f_vote', $topic_data['forum_id']) && ($topic_data['poll_length'] != 0 && $topic_data['poll_start'] + $topic_data['poll_length'] > time() || $topic_data['poll_length'] == 0) && ($topic_data['topic_status'] != ITEM_LOCKED || in_array('wolfsblvt_closed_voting', $options)) && $topic_data['forum_status'] != ITEM_LOCKED && ($s_vote_incomplete || $s_can_change_vote) ? true : false;
        if ($update && $s_can_vote) {
            if (!sizeof($voted_id) || sizeof($voted_id) > $topic_data['poll_max_options'] || $scoring !== $s_is_scoring || !$s_can_change_vote && sizeof(array_diff($cur_voted_id, $voted_id)) || !check_form_key('posting')) {
                meta_refresh(5, $viewtopic_url);
                if (!sizeof($voted_id)) {
                    $message = 'NO_VOTE_OPTION';
                } else {
                    if (sizeof($voted_id) > $topic_data['poll_max_options']) {
                        $message = 'TOO_MANY_VOTE_OPTIONS';
                    } else {
                        if ($scoring !== $s_is_scoring) {
                            $message = 'AP_POLL_TYPE_MISMATCH';
                        } else {
                            if (!$s_can_change_vote && sizeof(array_diff($cur_voted_id, $voted_id))) {
                                $message = 'AP_VOTE_CHANGED';
                            } else {
                                $message = 'FORM_INVALID';
                            }
                        }
                    }
                }
                $message = $this->user->lang[$message] . '<br /><br />' . sprintf($this->user->lang['RETURN_TOPIC'], '<a href="' . $viewtopic_url . '">', '</a>');
                trigger_error($message);
            }
            if ($this->user->data['is_registered'] && in_array(0, $cur_voted_id)) {
                $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . '
					WHERE topic_id = ' . (int) $topic_data['topic_id'] . '
						AND poll_option_id = ' . 0 . '
						AND vote_user_id = ' . (int) $this->user->data['user_id'];
                $this->db->sql_query($sql);
                $cur_voted_id = array_keys($cur_voted_val);
            }
        }
        if ($update && $s_can_vote && $s_is_scoring) {
            $voted_total_val = 0;
            $vote_changed = false;
            foreach ($voted_id as $option) {
                $voted_total_val += $voted_val[$option];
                if (isset($cur_voted_val[$option]) && $cur_voted_val[$option] > $voted_val[$option]) {
                    $vote_changed = true;
                }
            }
            if ($voted_total_val > $topic_data['wolfsblvt_poll_total_value'] || !$s_can_change_vote && $vote_changed) {
                meta_refresh(5, $viewtopic_url);
                $message = '';
                if (!$s_can_change_vote && $vote_changed) {
                    $message = 'AP_VOTE_CHANGED';
                } else {
                    if ($voted_total_val > $topic_data['wolfsblvt_poll_total_value']) {
                        $message = 'AP_TOO_MANY_VOTES';
                    }
                }
                $message = $this->user->lang[$message] . '<br /><br />' . sprintf($this->user->lang['RETURN_TOPIC'], '<a href="' . $viewtopic_url . '">', '</a>');
                trigger_error($message);
            }
            foreach ($cur_voted_id as $option) {
                if (!in_array($option, $voted_id) || $cur_voted_val[$option] != $voted_val[$option]) {
                    $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . '
						SET poll_option_total = poll_option_total - ' . (int) $cur_voted_val[$option] . '
						WHERE poll_option_id = ' . (int) $option . '
							AND topic_id = ' . (int) $topic_data['topic_id'];
                    $this->db->sql_query($sql);
                    $vote_counts[$option] -= (int) $cur_voted_val[$option];
                    if ($this->user->data['is_registered']) {
                        $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . '
							WHERE topic_id = ' . (int) $topic_data['topic_id'] . '
								AND poll_option_id = ' . (int) $option . '
								AND vote_user_id = ' . (int) $this->user->data['user_id'];
                        $this->db->sql_query($sql);
                    }
                }
            }
            foreach ($voted_id as $option) {
                if (in_array($option, $cur_voted_id) && $cur_voted_val[$option] == $voted_val[$option]) {
                    continue;
                }
                $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . '
					SET poll_option_total = poll_option_total + ' . (int) $voted_val[$option] . '
					WHERE poll_option_id = ' . (int) $option . '
						AND topic_id = ' . (int) $topic_data['topic_id'];
                $this->db->sql_query($sql);
                $vote_counts[$option] += (int) $voted_val[$option];
                if ($this->user->data['is_registered']) {
                    $sql_ary = array('topic_id' => (int) $topic_data['topic_id'], 'poll_option_id' => (int) $option, 'wolfsblvt_poll_option_value' => (int) $voted_val[$option], 'vote_user_id' => (int) $this->user->data['user_id'], 'vote_user_ip' => (string) $this->user->ip);
                    $sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
                    $this->db->sql_query($sql);
                }
            }
            if ($this->user->data['user_id'] == ANONYMOUS && !$this->user->data['is_bot']) {
                $this->user->set_cookie('poll_' . $topic_data['topic_id'], implode(',', array_keys($voted_val)), time() + 31536000);
                $this->user->set_cookie('poll_votes_' . $topic_data['topic_id'], implode(',', array_values($voted_val)), time() + 31536000);
            }
            $sql = 'UPDATE ' . TOPICS_TABLE . '
				SET poll_last_vote = ' . time() . '
				WHERE topic_id = ' . $topic_data['topic_id'];
            $this->db->sql_query($sql);
            $message = $this->user->lang['VOTE_SUBMITTED'] . '<br /><br />' . sprintf($this->user->lang['RETURN_TOPIC'], '<a href="' . $viewtopic_url . '">', '</a>');
            if ($this->request->is_ajax()) {
                // Filter out invalid options
                $valid_user_votes = array_intersect(array_keys($vote_counts), $voted_id);
                $s_vote_incomplete = $s_incremental ? $s_is_scoring ? $voted_total_val < $topic_data['wolfsblvt_poll_total_value'] : sizeof($valid_user_votes) < $topic_data['poll_max_options'] : !sizeof($valid_user_votes);
                $data = array('NO_VOTES' => $this->user->lang['NO_VOTES'], 'success' => true, 'scoring' => true, 'user_votes' => array_flip($valid_user_votes), 'user_vote_counts' => $voted_val, 'vote_counts' => $vote_counts, 'total_votes' => array_sum($vote_counts), 'can_vote' => $s_vote_incomplete || $s_can_change_vote);
                $json_response = new \phpbb\json_response();
                $json_response->send($data);
            }
            meta_refresh(5, $viewtopic_url);
            trigger_error($message);
        }
        // If we have ajax call here with no_vote, we exit save it here and return json_response
        if (in_array('wolfsblvt_no_vote', $options) && $this->request->is_ajax() && $this->request->is_set('no_vote')) {
            if ($this->user->data['is_registered']) {
                $sql_ary = array('topic_id' => (int) $topic_data['topic_id'], 'poll_option_id' => (int) 0, 'wolfsblvt_poll_option_value' => (int) 0, 'vote_user_id' => (int) $this->user->data['user_id'], 'vote_user_ip' => (string) $this->user->ip);
                $sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
                $this->db->sql_query($sql);
                $json_response = new \phpbb\json_response();
                $json_response->send(array('success' => true));
            }
        }
        $this->cur_voted_val = $cur_voted_val;
        return;
    }
Example #9
0
 public function user_setup($event)
 {
     $this->quick_language_enable = false;
     //get all installed languages
     $sql = "SELECT * FROM " . LANG_TABLE;
     $result = $this->db->sql_query($sql);
     $counter = 0;
     $this->lang_info = array();
     while ($row = $this->db->sql_fetchrow($result)) {
         $this->lang_info[] = $row;
         if (!($row['lang_iso'] == 'en' && !$this->is_english_show)) {
             $counter++;
         }
     }
     $this->db->sql_freeresult($result);
     if ($counter < 2 || $event['user_data']['is_bot'] || $event['user_data']['user_id'] == ANONYMOUS && !$this->allow_guests) {
         //do nothing
         $this->quick_language_enable = false;
         $this->current_lang = $event['user_data']['is_registered'] ? $event['user_lang_name'] : $this->config['default_lang'];
         return;
     }
     $this->quick_language_enable = true;
     $this->current_lang = $event['user_data']['is_registered'] ? $event['user_lang_name'] : $this->request_cookie('quicklang', $this->config['default_lang']);
     $submit = isset($_POST['h_lang']) ? true : false;
     if (!$submit) {
         if ($event['user_data']['is_registered']) {
             return;
         } else {
             if ($this->current_lang != $this->config['default_lang']) {
                 $event['user_lang_name'] = $this->current_lang;
             }
             return;
         }
     }
     $new_lang = basename($this->request->variable('h_lang', $this->current_lang));
     //validate user data
     $res = $this->get_iso($new_lang);
     $this->new_lang = $new_lang;
     if ($res == '') {
         $this->error = listener::QUICK_LANG_NO;
         return;
     }
     if ($res == 'en' && !$this->is_english_show) {
         $this->error = listener::QUICK_LANG_EN_DISABLE;
         return;
     }
     //registered user
     if ($event['user_data']['is_registered']) {
         if ($new_lang != $event['user_data']['user_lang']) {
             //change user lang preference
             $sql = "UPDATE " . USERS_TABLE . " SET user_lang = '" . $new_lang . "' WHERE user_id=" . (int) $event['user_data']['user_id'];
             $this->db->sql_query($sql);
             $event['user_lang_name'] = $new_lang;
             $this->current_lang = $new_lang;
             return;
         }
     }
     // guest (not bot)
     if ($event['user_data']['user_id'] == ANONYMOUS) {
         if ($new_lang != $this->current_lang) {
             //change guest lang preference
             $this->user->set_cookie('quicklang', $new_lang, 0);
             $event['user_lang_name'] = $new_lang;
             $this->current_lang = $new_lang;
         }
     }
 }