$display .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $LANG25[17];
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= editpoll();
$display .= COM_siteFooter();
}
} elseif ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
$pid = '';
if (isset($_POST['pid'])) {
$pid = COM_applyFilter($_POST['pid']);
}
if (empty($pid)) {
COM_errorLog('Ignored possibly manipulated request to delete a poll.');
$display .= COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
} elseif (SEC_checkToken()) {
$display .= deletePoll($pid);
} else {
COM_accessLog("User {$_USER['username']} tried to illegally delete poll {$pid} and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
} else {
// 'cancel' or no mode at all
$display .= COM_siteHeader('menu', $LANG25[18]);
if (isset($_REQUEST['msg'])) {
$msg = COM_applyFilter($_REQUEST['msg'], true);
if ($msg > 0) {
$display .= COM_showMessage($msg, 'polls');
}
}
$display .= listpolls();
$display .= COM_siteFooter();
>
<INPUT TYPE=SUBMIT NAME=action VALUE=del_poll>
</FORM>
<FONT color=#FF0000><B>Please note that I am not going to prompt you again if you hit that button above.</B></FONT>
<?php
}
?>
</CENTER>
</TD></TR>
<?php
}
?>
<?php
if ($action == "del_poll") {
$retval = deletePoll($poll_id);
if ($retval == 0) {
echo "<CENTER>Poll Sucessfully Deleted<BR></CENTER>";
} else {
echo "<CENTER>There were some errors while deleting the poll<BR></CENTER>";
}
}
?>
<?php
if ($action == "revote") {
?>
<TR><TD><BR></TD></TR>
<TR><TD class=head style="color:#00FF00">
<?php
$ansSeq = chop($HTTP_POST_VARS["answers"]);
<h3 class="panel-title">Polls</h3>
</header>
<div class="panel-body">
<form method="get" class="form-horizontal" action="<?php
echo $_SERVER['PHP_SELF'];
?>
">
<?php
// TODO: the following save & delete should be in the header
if (isset($_POST['poll_title'])) {
savePoll();
}
//TODO: We should probably sort out $_GET and $_POST stuff so that it's handled more consistently/nicely
// Would be nice to have the site send everything via POST, but still allow for navigation to an admin page via GET parameters
if (isset($_GET['poll']) && isset($_GET['deletePoll'])) {
deletePoll($_GET['poll']);
}
showPollSelector('poll', isset($_GET['poll']) ? $_GET['poll'] : -1, True, 20);
echo <<<FORMGROUP
\t\t\t\t\t\t\t<div class="form-group">
\t\t\t\t\t\t\t\t<label for="deletePoll" class="col-lg-2 control-label">Delete</label>
\t\t\t\t\t\t\t\t<div class="col-lg-10">
\t\t\t\t\t\t\t\t\t<input type="checkbox" id="deletePoll" name="deletePoll">
\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t<div class="form-group">
\t\t\t\t\t\t\t\t<div class="col-lg-12">
\t\t\t\t\t\t\t\t\t<button type="submit" class="btn btn-default col-xs-offset-2">Go</button>
\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t</form>
}
if ($pollid > 0) {
$poll = getPollById($pollid);
if ($poll) {
$smarty->assign('poll', $poll);
$smarty->assign('questions', getQuestions($pollid));
}
}
$smarty->assign('singlequestion_path', $template_dir . '/questions_single.tpl');
$smarty->assign('path', $template_dir . '/create.tpl');
break;
case 'delete':
if (!$right['editor']) {
break;
}
if (deletePoll($pollid)) {
$notify->add($lang->get('detailedpoll'), $lang->get('notify_delete_successfull'));
} else {
$notify->add($lang->get('detailedpoll'), $lang->get('notify_delete_unsuccessfull'));
}
redirect(makeUrl('detailedpoll', array()));
break;
case 'state_change':
if (!$right['editor']) {
break;
}
$breadcrumbs->addElement($poll['title'], makeURL($mod, array('pollid' => $poll['detailedpollid'])));
$breadcrumbs->addElement($lang->get('poll_state_change'), makeURL($mod, array('pollid' => $poll['detailedpollid'], 'mode' => 'state_change')));
if (isset($_POST['send'])) {
$state = (int) $_POST['state'];
if ($state >= 0 && $state <= 3) {
