// INCLUDE POLL FILES include "./include/class_poll.php"; include "./include/functions_poll.php"; // PRELOAD LANGUAGE SE_Language::_preload(2500005); // SET MAIN MENU VARS if (!$user->user_exists && $setting['setting_permission_poll'] || $user->user_exists && 1 & (int) $user->level_info['level_poll_allow']) { $plugin_vars['menu_main'] = array('file' => 'browse_polls.php', 'title' => 2500005); } if ($user->user_exists && 4 & (int) $user->level_info['level_poll_allow']) { $plugin_vars['menu_user'] = array('file' => 'user_poll.php', 'icon' => 'poll_poll16.gif', 'title' => 2500005); } // SET PROFILE MENU VARS if (4 & (int) $owner->level_info['level_poll_allow'] && $page == "profile") { // START poll $poll = new se_poll($owner->user_info['user_id']); $entries_per_page = 5; $sort = "poll_datecreated DESC"; // GET PRIVACY LEVEL AND SET WHERE $privacy_max = $owner->user_privacy_max($user); $where = "(poll_privacy & {$privacy_max})"; // GET TOTAL ENTRIES $total_polls = $poll->poll_total($where); // GET ENTRY ARRAY $polls = $poll->poll_list(0, $entries_per_page, $sort, $where); // ASSIGN ENTRIES SMARY VARIABLE $smarty->assign('polls', $polls); $smarty->assign('total_polls', $total_polls); // SET PROFILE MENU VARS $plugin_vars['menu_profile_side'] = NULL; if ($total_polls) {
// ENSURE SORT/VIEW ARE VALID if ($s != "poll_datecreated DESC" && $s != "poll_totalvotes DESC" && $s != "poll_views DESC") { $s = "poll_datecreated DESC"; } if ($v != "0" && $v != "1") { $v = 0; } // SET WHERE CLAUSE $where = "CASE\r\n\t WHEN se_polls.poll_user_id='{$user->user_info['user_id']}'\r\n\t THEN TRUE\r\n\t WHEN ((se_polls.poll_privacy & @SE_PRIVACY_REGISTERED) AND '{$user->user_exists}'<>0)\r\n\t THEN TRUE\r\n\t WHEN ((se_polls.poll_privacy & @SE_PRIVACY_ANONYMOUS) AND '{$user->user_exists}'=0)\r\n\t THEN TRUE\r\n\t WHEN ((se_polls.poll_privacy & @SE_PRIVACY_FRIEND) AND (SELECT TRUE FROM se_friends WHERE friend_user_id1=se_polls.poll_user_id AND friend_user_id2='{$user->user_info['user_id']}' AND friend_status='1' LIMIT 1))\r\n\t THEN TRUE\r\n\t WHEN ((se_polls.poll_privacy & @SE_PRIVACY_SUBNET) AND '{$user->user_exists}'<>0 AND (SELECT TRUE FROM se_users WHERE user_id=se_polls.poll_user_id AND user_subnet_id='{$user->user_info['user_subnet_id']}' LIMIT 1))\r\n\t THEN TRUE\r\n\t WHEN ((se_polls.poll_privacy & @SE_PRIVACY_FRIEND2) AND (SELECT TRUE FROM se_friends AS friends_primary LEFT JOIN se_users ON friends_primary.friend_user_id1=se_users.user_id LEFT JOIN se_friends AS friends_secondary ON friends_primary.friend_user_id2=friends_secondary.friend_user_id1 WHERE friends_primary.friend_user_id1=se_polls.poll_user_id AND friends_secondary.friend_user_id2='{$user->user_info['user_id']}' AND se_users.user_subnet_id='{$user->user_info['user_subnet_id']}' LIMIT 1))\r\n\t THEN TRUE\r\n\t ELSE FALSE\r\n\tEND"; // ONLY MY FRIENDS' POLLS if ($v == "1" && $user->user_exists) { // SET WHERE CLAUSE $where .= " && (\r\n SELECT\r\n TRUE\r\n FROM\r\n se_friends\r\n WHERE\r\n friend_user_id1='{$user->user_info['user_id']}' &&\r\n friend_user_id2=se_polls.poll_user_id &&\r\n friend_status=1\r\n )\r\n "; } // CREATE poll OBJECT $poll = new se_poll(); // GET TOTAL pollS $total_polls = $poll->poll_total($where); // MAKE ENTRY PAGES $polls_per_page = 10; $page_vars = make_page($total_polls, $polls_per_page, $p); // GET poll ARRAY $poll_array = $poll->poll_list($page_vars[0], $polls_per_page, $s, $where, TRUE); // ASSIGN SMARTY VARIABLES AND DISPLAY pollS PAGE $smarty->assign('polls', $poll_array); $smarty->assign('total_polls', $total_polls); $smarty->assign('p', $page_vars[1]); $smarty->assign('maxpage', $page_vars[2]); $smarty->assign('p_start', $page_vars[0] + 1); $smarty->assign('p_end', $page_vars[0] + count($poll_array)); $smarty->assign('s', $s);
} $poll_title = !empty($_POST['poll_title']) ? $_POST['poll_title'] : NULL; $poll_desc = !empty($_POST['poll_desc']) ? $_POST['poll_desc'] : NULL; $poll_options = !empty($_POST['poll_options']) ? $_POST['poll_options'] : NULL; $poll_search = !empty($_POST['poll_search']) ? $_POST['poll_search'] : NULL; $poll_privacy = !empty($_POST['poll_privacy']) ? $_POST['poll_privacy'] : NULL; $poll_comments = !empty($_POST['poll_comments']) ? $_POST['poll_comments'] : NULL; // SET EMPTY VARS $is_error = FALSE; // ENSURE POLLS ARE ENABLED FOR THIS USER if (4 & ~(int) $user->level_info['level_poll_allow']) { header("Location: user_home.php"); exit; } // CREATE POLL OBJECT $poll = new se_poll($user->user_info['user_id']); // ADD A NEW POLL if ($task == "doadd") { // HTML SUPPORT $poll_title = censor(cleanHTML(htmlspecialchars_decode($poll_title), $setting['setting_poll_html'])); $poll_desc = censor(cleanHTML(htmlspecialchars_decode($poll_desc), $setting['setting_poll_html'])); // REMOVE EMPTY OPTIONS $poll_options = array_filter($poll_options); // GET POLL OPTIONS AND POST POLL foreach ($poll_options as $poll_option_index => $poll_option_label) { $poll_options[$poll_option_index] = censor(cleanHTML(htmlspecialchars_decode($poll_option_label), $setting['setting_poll_html'])); } // MAKE SURE TITLE IS PROVIDED if (!trim($poll_title)) { $is_error = 2500123; }
} elseif ($s == "cd") { $sort = "total_comments DESC"; $c = "c"; } else { $sort = "poll_datecreated DESC"; $d = "d"; } // SET WHERE CLAUSE if ($search != "") { $where = "(poll_title LIKE '%{$search}%' OR poll_desc LIKE '%{$search}%' OR poll_options LIKE '%{$search}%')"; } else { $where = ""; } // CREATE POLL OBJECT $entries_per_page = $user->level_info['level_poll_entries']; $poll = new se_poll($user->user_info['user_id']); // DELETE NECESSARY ENTRIES $start = ($p - 1) * $entries_per_page; if ($task == "delete") { $poll->polls_delete($start, $entries_per_page, $sort, $where); } // GET TOTAL ENTRIES $total_polls = $poll->poll_total($where); // MAKE ENTRY PAGES $page_vars = make_page($total_polls, $entries_per_page, $p); // GET ENTRY ARRAY $polls = $poll->poll_list($page_vars[0], $entries_per_page, $sort, $where); $smarty->assign('polls', $polls); $smarty->assign('s', $s); $smarty->assign('d', $d); $smarty->assign('t', $t);
$poll_id = $_POST['poll_id']; } elseif (isset($_GET['poll_id'])) { $poll_id = $_GET['poll_id']; } else { $poll_id = 0; } if (isset($_POST['delete_polls'])) { $delete_polls = $_POST['delete_polls']; } elseif (isset($_GET['delete_polls'])) { $delete_polls = $_GET['delete_polls']; } else { $delete_polls = NULL; } // CREATE poll OBJECT $entries_per_page = 100; $poll = new se_poll(); // DELETE SINGLE ENTRY if ($task == "deleteentry") { $poll->poll_delete($poll_id); } if ($task == "delete" && is_array($delete_polls) && !empty($delete_polls)) { $poll->poll_delete($delete_polls); } // SET poll ENTRY SORT-BY VARIABLES FOR HEADING LINKS $i = "id"; // poll_ID $t = "t"; // poll_TITLE $o = "o"; // OWNER OF ENTRY $v = "v";
$smarty->assign('error_header', 639); $smarty->assign('error_message', 828); $smarty->assign('error_submit', 641); include "footer.php"; } // ENSURE POLLS ARE ENABLED FOR THIS USER if (4 & ~(int) $owner->level_info['level_poll_allow']) { header("Location: " . $url->url_create('profile', $owner->user_info['user_username'])); exit; } // SET PRIVACY LEVEL AND WHERE CLAUSE $privacy_max = $owner->user_privacy_max($user); $where = "(poll_privacy & {$privacy_max})"; // CREATE POLL OBJECT $entries_per_page = $owner->level_info['level_poll_entries']; $poll = new se_poll($owner->user_info['user_id']); // GET TOTAL ENTRIES $total_polls = $poll->poll_total($where); // MAKE ENTRY PAGES $page_vars = make_page($total_polls, $entries_per_page, $p); // GET ENTRY ARRAY $polls = $poll->poll_list($page_vars[0], $entries_per_page, "poll_id DESC", $where); $smarty->assign('polls', $polls); $smarty->assign('s', $s); $smarty->assign('d', $d); $smarty->assign('t', $t); $smarty->assign('c', $c); $smarty->assign('search', $search); $smarty->assign('total_polls', $total_polls); $smarty->assign('p', $page_vars[1]); $smarty->assign('maxpage', $page_vars[2]);
} $poll_title = !empty($_POST['poll_title']) ? $_POST['poll_title'] : NULL; $poll_desc = !empty($_POST['poll_desc']) ? $_POST['poll_desc'] : NULL; $poll_options = !empty($_POST['poll_options']) ? $_POST['poll_options'] : NULL; $poll_search = !empty($_POST['poll_search']) ? $_POST['poll_search'] : NULL; $poll_privacy = !empty($_POST['poll_privacy']) ? $_POST['poll_privacy'] : NULL; $poll_comments = !empty($_POST['poll_comments']) ? $_POST['poll_comments'] : NULL; // SET EMPTY VARS $is_error = FALSE; // ENSURE POLLS ARE ENABLED FOR THIS USER if (4 & ~(int) $user->level_info['level_poll_allow']) { header("Location: user_home.php"); exit; } // CREATE POLL OBJECT $poll = new se_poll($user->user_info['user_id'], $poll_id); // VERIFY POLLS EXISTS AND OWNER if (!$poll->poll_exists || $poll->poll_info['poll_user_id'] != $user->user_info['user_id']) { header("Location: user_poll.php"); exit; } // GET CURRENT POLL DATA $poll_title = $poll->poll_info['poll_title']; $poll_desc = $poll->poll_info['poll_desc']; // EDIT THIS POLL if ($task == "doedit") { $poll_title = $_POST['poll_title']; $poll_desc = $_POST['poll_desc']; $poll_search = $_POST['poll_search']; $poll_privacy = $_POST['poll_privacy']; $poll_comments = $_POST['poll_comments'];
<?php $page = "poll"; include "header.php"; $poll_id = !empty($_POST['poll_id']) ? $_POST['poll_id'] : (!empty($_GET['poll_id']) ? $_GET['poll_id'] : NULL); // DISPLAY ERROR PAGE IF USER IS NOT LOGGED IN AND ADMIN SETTING REQUIRES REGISTRATION if (!$user->user_exists && !$setting['setting_permission_poll'] || $user->user_exists && 1 & ~(int) $user->level_info['level_poll_allow']) { $page = "error"; $smarty->assign('error_header', 639); $smarty->assign('error_message', 656); $smarty->assign('error_submit', 641); include "footer.php"; } // INIT POLL OBJECT $poll_object = new se_poll($owner->user_info['user_id'], $poll_id); $poll_object->poll_info['poll_voted_array'] = explode(",", $poll_object->poll_info['poll_voted']); // DISPLAY ERROR PAGE IF NO OWNER if (!$owner->user_exists || !$poll_object->poll_exists) { $page = "error"; $smarty->assign('error_header', 639); $smarty->assign('error_message', 828); $smarty->assign('error_submit', 641); include "footer.php"; } // ENSURE POLLS ARE ENABLED FOR THIS USER if (4 & ~(int) $owner->level_info['level_poll_allow'] || $poll_object->poll_info['poll_user_id'] != $owner->user_info['user_id']) { header("Location: " . $url->url_create('profile', $owner->user_info['user_username'])); exit; } // GET PRIVACY LEVELS $privacy_max = $owner->user_privacy_max($user);
$poll_object = new se_poll(NULL, $poll_id); //$poll_object = new se_poll($user->user_info['user_id'], $poll_id); $poll_info = $poll_object->poll_info; unset($poll_info['poll_voted']); // SEND echo json_encode($poll_info); } elseif ($task == "togglepoll") { if (!$user->user_exists || 4 & ~(int) $user->level_info['level_poll_allow']) { echo json_encode(array('result' => 'failure')); exit; } $poll_object = new se_poll($user->user_info['user_id'], $poll_id); if ($poll_id && $poll_object->poll_toggle_closed($poll_closed)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; } elseif ($task == "deletepoll") { if (!$user->user_exists || 4 & ~(int) $user->level_info['level_poll_allow']) { echo json_encode(array('result' => 'failure')); exit; } $poll_object = new se_poll($user->user_info['user_id'], $poll_id); if ($poll_id && $poll_object->poll_delete($poll_id)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; }