public function add_votes() { $ok = 1; global $current_user; get_currentuserinfo(); $cheked = 0; global $message; $poll_total_votes = 0; if (isset($_POST['total_number_of_votes']) && $_POST['total_number_of_votes'] != 0) { $no_of_votes = $_REQUEST['total_number_of_votes']; } $add_to_results = ""; $current_poll = new YOP_POLL_Poll_Model($_POST['poll_id']); if (current_user_can('add_yop_poll_votes')) { $index = 0; $i = 0; $message['append_row'] = ""; $append_row = ""; while ($ok == 1) { // yop_poll_dump($answer_details); $ok = 0; $i = 0; $details = ""; $max = 100; $question_count = 0; foreach ($current_poll->questions as $question) { $bulkanswers = $_POST['yoppollresultsanswerscheck'][$question->ID]; $details .= $question->question . ": "; $answer_count = 0; foreach ($question->answers as $answer) { $answer_count++; if (isset($bulkanswers)) { foreach ($bulkanswers as $bulkanswer) { if ($bulkanswer == $answer->ID) { $cheked = 1; if ($_POST['yop_poll_no_of_votes_' . $answer->ID . '_per_answer'] != "") { if ($_POST['yop_poll_no_of_votes_' . $answer->ID . '_per_answer'] != 0) { if ($_POST['yop_poll_no_of_votes_' . $answer->ID . '_per_answer'] > $index) { $answer_details["q-" . $question->ID]['question'] = $question->question . ": "; $answer_details["q-" . $question->ID]['id'] = $question->ID; $ok = 1; $details .= $answer->answer . ","; $add_to_results .= $answer->answer; $answer->votes = $answer->votes + 1; $answer_details["q-" . $question->ID]['a'][] = $answer->ID; $answer_details["q-" . $question->ID]['answers'][] = $answer->answer; $a = new YOP_POLL_Answer_Model($answer->ID); $a->votes++; $a->update(); $poll_total_votes++; } } else { $message['error'] = "Answer input from answer " . $answer_count . " Question " . ($question_count + 1) . " is zero!"; wp_die(json_encode($message)); } } else { $message['error'] = "Answer input from answer " . $answer_count . " Question " . ($question_count + 1) . " is not set!"; wp_die(json_encode($message)); } } } } } $details .= "<br>"; $question_count++; } if ($ok == 1) { $current_poll->poll_total_votes += $poll_total_votes; $poll_total_votes = 0; $current_poll->update_no_votes(); $current_poll->save(); $result['vote_details'] = json_encode($answer_details); $result['poll_id'] = $_POST['poll_id']; $result['ip'] = yop_poll_get_ip(); $result['user_type'] = "admin"; $result['vote_id'] = uniqid('vote_id_'); $result['user_id'] = $current_user->ID; $message = insert_result_in_db($result); $index++; $append_row[$i] .= " <tr valign=" . 'middle' . " class=" . 'alternate' . "\r\n id=" . 'yop-poll-log{{log.id}}' . ">\r\n <th class=" . 'check-column' . " scope=" . 'row' . ">\r\n <input type=" . 'checkbox' . " value=" . $message['insert_id'] . "\r\n name=" . 'yoppollresultscheck[]' . ">\r\n </th>\r\n <td><strong>" . $result['vote_id'] . "</strong>\r\n <br>\r\n <div class=" . 'row-actions' . ">\r\n <span class=" . 'delete' . ">\r\n <a\tonclick=" . 'return confirm( ' . ' "You are about to delete this result" ' . ') : "Cancel" "to stop" , "OK" "to delete' . ')' . "\r\n\r\n href=" . '?page=yop-polls&action=delete_result&resultid=' . $message['insert_id'] . "\r\n\r\n class=" . 'submitdelete' . ">Delete</a></span>|<span class=" . 'delete' . ">\r\n <a\r\n onclick=" . 'show_pop_up_ban(' . ($max + 1) . ')' . "\r\n class=" . 'submitdelete' . ">Ban</a></span>\r\n </div></td>\r\n <td style=" . 'display:none;' . " class=" . 'hidden_tds' . "><input id=" . 'yop-poll-results-ip_' . ($max + 1) . " value=" . $result['ip'] . "><input></td>\r\n <td style=" . 'display: none' . " class=" . 'hidden_tds' . "><input id=" . 'yop-poll-results-userid_' . ($max + 1) . " value=" . $current_user->ID . "><input></td>\r\n <td>\r\n Admin\r\n </td>\r\n <td>\r\n </td>\r\n <td>\r\n " . $result['ip'] . "\r\n </td>\r\n <td>\r\n " . current_time('mysql') . "\r\n </td>\r\n <td class=" . 'more_details' . " style=" . '"' . 'cursor:pointer;' . '"' . ">\r\n </td>\r\n <td class=" . 'less_details' . " style=" . '"' . 'cursor:pointer;' . '"' . " >\r\n </td>\r\n </tr>\r\n <tr class=" . 'results_details' . " class=" . 'hidden_tds' . ">\r\n <td></td> <td></td>\r\n <td> Questions<br><strong>" . $details . "</strong><br></td>\r\n </tr>"; // yop_poll_dump($i); $i = $i + 1; unset($answer_details); } if ($cheked == 0) { $message['error'] = "You must select at least one answer!"; wp_die(json_encode($message)); } } } else { $message['error'] = "You don't have enough permissions do add a vote!"; wp_die(json_encode($message)); } //yop_poll_dump($append_row); foreach ($append_row as $a) { $message['append_row'] .= $a; } wp_die(json_encode($message)); // self::view_results_votes(); }
private function is_voted_username($vote_type = 'default', $facebook_user_details = null, $google_user_details, $from_register = null) { global $current_user, $wpdb; if (!$from_register) { if (isset($_COOKIE['yop_poll_vote_type_' . $this->poll['id']])) { $vote_type = in_array($_COOKIE['yop_poll_vote_type_' . $this->poll['id']], array("anonymous")) ? $_COOKIE['yop_poll_vote_type_' . $this->poll['id']] : 'default'; } if (isset($_COOKIE['yop_poll_vote_facebook_user_' . $this->poll['id']])) { $facebook_user_details['id'] = $_COOKIE['yop_poll_vote_facebook_user_' . $this->poll['id']]; } if (isset($_COOKIE['yop_poll_vote_google_user_' . $this->poll['id']])) { $google_user_details['id'] = $_COOKIE['yop_poll_vote_google_user_' . $this->poll['id']]; } } $unit = 'DAY'; if (isset($this->options['blocking_voters_interval_unit'])) { switch ($this->options['blocking_voters_interval_unit']) { case 'seconds': $unit = 'SECOND'; break; case 'minutes': $unit = 'MINUTE'; break; case 'hours': $unit = 'HOUR'; break; case 'days': $unit = 'DAY'; break; } } //user is guest if ('default' == $vote_type || 'anonymous' == $vote_type) { if (!is_user_logged_in()) { return $this->is_voted_ip(); } } $value = 30; if (isset($this->options['blocking_voters_interval_value'])) { $value = $this->options['blocking_voters_interval_value']; } $ip = yop_poll_get_ip(); $user_id = $current_user->ID; if ('facebook' == $vote_type) { $user_id = $facebook_user_details['id']; if (!$user_id) { return false; } } if ('google' == $vote_type) { $user_id = $google_user_details['id']; if (!$user_id) { return false; } } $sql = $wpdb->prepare("\r\n\t\t\t\t\tSELECT * FROM " . $wpdb->yop_poll_results . "\r\n\r\n\t\t\t\t\tWHERE poll_id = %d AND\r\n\r\n\t\t\t\t\tuser_id = %d AND\r\n\r\n\t\t\t\t\tvote_date >= DATE_SUB( NOW(), INTERVAL %d " . $unit . ")\r\n\r\n \t\t\t\t\tLIMIT 1", $this->ID, $user_id, $value); $result = $wpdb->get_results($sql, ARRAY_A); if (isset($result[0]['vote_date'])) { return true; } else { return false; } }
public function register_vote($request) { global $current_user; $poll_id = $this->id; $unique_id = strip_tags(xss_clean($this->unique_id)); $location = strip_tags(xss_clean($request['location'])); $vote_id = uniqid('vote_id_'); $vote_type = $request['vote_type']; $SuperCookie = strip_tags(xss_clean($request['supercookie'])); $tr_id = strip_tags(xss_clean($request['yop_poll_tr_id'])); $votes = 0; $user_id = 0; $user_type = 'default'; $user_details = ''; if (wp_verify_nonce($request['yop-poll-nonce-' . $poll_id . $unique_id], 'yop_poll-' . $this->ID . $unique_id . '-user-actions')) { switch ($vote_type) { default: $user_id = $current_user->ID != null ? $current_user->ID : 0; $user_type = 'default'; break; case 'wordpress': $user_id = $current_user->ID; $user_type = 'wordpress'; break; case 'anonymous': $user_type = 'anonymous'; break; } $log_to_add = array('poll_id' => $this->ID, 'vote_id' => $vote_id, 'ip' => yop_poll_get_ip(), 'user_id' => $user_id, 'user_type' => $user_type, 'user_details' => json_encode($user_details), 'tr_id' => $tr_id); } else { $this->error = __yop_poll('Bad Request!'); $log_to_add['message'] = __yop_poll('Bad request'); insert_log_in_db($log_to_add); return false; } if (wp_verify_nonce($request['yop-poll-nonce-' . $this->ID . $unique_id], 'yop_poll-' . $this->ID . $unique_id . '-user-actions')) { $tr_id = $request['yop_poll_tr_id']; $super_perm = true; if (in_array("supercookie", $this->blocking_voters)) { $super_perm = $this->is_voted_supercookie($SuperCookie); } if ($super_perm == true) { $current_date = yop_poll_get_mysql_curent_date(); if ($this->is_allowed_to_vote($vote_type)) { if ($current_date >= convert_date($this->poll_start_date, 'Y-m-d H:i:s')) { if ($current_date <= convert_date($this->poll_end_date, 'Y-m-d H:i:s')) { if ('closed' == $this->status) { $this->error = __yop_poll('This poll is closed!'); $log_to_add['message'] = __yop_poll('Poll Closed'); insert_log_in_db($log_to_add); return false; } else { if (!$this->is_voted($vote_type, $facebook_user_details, $google_user_details, true, $SuperCookie)) { $voter = array(); $voter['poll_id'] = $poll_id; $voter['user_id'] = $current_user->ID; $voter['user_type'] = $vote_type; if ($this->user_have_votes_to_vote($voter, $SuperCookie)) { $i = 1; $cookie = ''; $log = array(); foreach ($this->questions as &$question) { $answers = array(); if (isset($request['yop_poll_answer'][$question->ID])) { if ('yes' == $question->allow_multiple_answers) { if (count($request['yop_poll_answer'][$question->ID]) <= intval($question->allow_multiple_answers_number)) { if (count($request['yop_poll_answer'][$question->ID]) >= intval($question->allow_multiple_answers_min_number)) { $answers = array(); foreach ($request['yop_poll_answer'][$question->ID] as $answer) { $new_answer = array(); $new_answer['answer_id'] = $answer; $new_answer['type'] = 'default'; if ('other' == $answer) { $a = new YOP_POLL_Answer_Model(); if (isset($request['yop_poll_other_answer'][$question->ID]) && '' != strip_tags(trim($request['yop_poll_other_answer'][$question->ID]))) { $a->type = 'other'; $a->poll_id = $poll_id; $a->question_id = $question->ID; $a->answer = strip_tags(trim($request['yop_poll_other_answer'][$question->ID])); $a->answer_date = current_time('mysql'); $a->answer_modified = current_time('mysql'); $a->status = 'active'; $a->question_order = $question->countanswers() + 1; $a->answer_author = $current_user->ID; $a->save(); if (!$a->id) { $this->error = __yop_poll('Other answer for question ') . $i . __yop_poll(' could not be inserted!'); $log_to_add['message'] = __yop_poll('Other answer for question ') . $i . __yop_poll(' could not be inserted'); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll('Other answer from question ') . $i . __yop_poll(' is empty'); $log_to_add['message'] = __yop_poll('Other answer from question ') . $i . __yop_poll(' is empty'); insert_log_in_db($log_to_add); return false; } $question->addAnswer($a); $new_answer['answer_id'] = $a->id; $new_answer['type'] = 'other'; unset($a); } $new_answer['poll_id'] = $poll_id; $new_answer['vote_id'] = $vote_id; $new_answer['ip'] = yop_poll_get_ip(); $new_answer['user_id'] = $current_user->ID; $new_answer['user_type'] = 'default'; if ($vote_type == 'anonymous' || $vote_type == 'wordpress') { $new_answer['user_type'] = $vote_type; } $new_answer['http_referer'] = $_SERVER['HTTP_REFERER']; $new_answer['tr_id'] = $tr_id; $new_answer['host'] = esc_attr(@gethostbyaddr(yop_poll_get_ip())); $new_answer['other_answer_value'] = ''; $answers[] = $new_answer; } } else { $this->error = __yop_poll("Too few answers selected for question ") . $i . __yop_poll("! Only more than ") . $question->allow_multiple_answers_min_number . __yop_poll(" answers allowed!"); $log_to_add['message'] = __yop_poll("Too few answers selected for question ") . $i; insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("Too many answers selected for question ") . $i . __yop_poll("! Only ") . $question->allow_multiple_answers_number . __yop_poll(" answers allowed!"); $log_to_add['message'] = __yop_poll("Too many answers selected for question ") . $i; insert_log_in_db($log_to_add); return false; } } else { $new_answer = array(); $new_answer['answer_id'] = $request['yop_poll_answer'][$question->ID]; $new_answer['type'] = 'default'; if ('other' == $request['yop_poll_answer'][$question->ID]) { $a = new YOP_POLL_Answer_Model(); if (isset($request['yop_poll_other_answer'][$question->ID]) && '' != strip_tags(trim($request['yop_poll_other_answer'][$question->ID]))) { $a->type = 'other'; $a->poll_id = $poll_id; $a->question_id = $question->ID; $a->answer = strip_tags(trim($request['yop_poll_other_answer'][$question->ID])); $a->answer_date = current_time('mysql'); $a->question_order = $question->countanswers(); $a->answer_author = $current_user->ID; $a->votes = 0; $a->save(); if (!$a->id) { $this->error = __yop_poll("Other answer for question ") . $i . __yop_poll(" could not be inserted!"); $log_to_add['message'] = __yop_poll("Other answer for question ") . $i . __yop_poll(" could not be inserted"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("Other answer from question ") . $i . ' ' . __yop_poll('is empty'); $log_to_add['message'] = __yop_poll("Other answer from question ") . $i . ' ' . __yop_poll('empty'); insert_log_in_db($log_to_add); return false; } $question->addAnswer($a); $new_answer['answer_id'] = $a->id; $new_answer['type'] = 'other'; unset($a); } $new_answer['poll_id'] = $poll_id; $new_answer['vote_id'] = $vote_id; $new_answer['ip'] = yop_poll_get_ip(); $new_answer['user_id'] = $current_user->ID; $new_answer['user_type'] = 'default'; $new_answer['http_referer'] = $_SERVER['HTTP_REFERER']; $new_answer['tr_id'] = $tr_id; $new_answer['host'] = esc_attr(@gethostbyaddr(yop_poll_get_ip())); $new_answer['other_answer_value'] = ''; $answers[] = $new_answer; } if (count($answers) > 0) { $custom_fields = array(); $poll_custom_fields = $question->custom_fields; if (count($poll_custom_fields) > 0) { if (isset($request['yop_poll_customfield'][$question->ID])) { foreach ($poll_custom_fields as $custom_field) { if (isset($request['yop_poll_customfield'][$question->ID][$custom_field->ID])) { if ('' == trim(strip_tags($request['yop_poll_customfield'][$question->ID][$custom_field->ID])) && 'yes' == $custom_field->required) { $this->error = __yop_poll("Custom field ") . $custom_field->custom_field . __yop_poll(" from question ") . $i . ' ' . __yop_poll("is required") . "!"; $log_to_add['message'] = __yop_poll("Custom field ") . $custom_field->custom_field . __yop_poll(" from question ") . $i . ' ' . __yop_poll("required"); insert_log_in_db($log_to_add); return false; } else { if (trim(strip_tags($request['yop_poll_customfield'][$question->ID][$custom_field->ID])) != '') { $new_custom_field = array(); $new_custom_field['poll_id'] = $poll_id; $new_custom_field['question_id'] = $question->ID; $new_custom_field['vote_id'] = $vote_id; $new_custom_field['custom_field_id'] = $custom_field->ID; $new_custom_field['user_id'] = $current_user->ID; $new_custom_field['user_type'] = 'default'; if ($vote_type == 'wordpress' || $vote_type == 'anonymous') { $new_custom_field['user_type'] = $vote_type; } $new_custom_field['custom_field_value'] = strip_tags(trim($request['yop_poll_customfield'][$question->ID][$custom_field->ID])); $custom_fields[] = $new_custom_field; } } } else { $this->error = __yop_poll("Custom field ") . '"' . $custom_field->custom_field . '"' . __yop_poll(" from question ") . $i . ' ' . __yop_poll("is missing ") . '!'; $log_to_add['message'] = __yop_poll("Custom field ") . '"' . $custom_field->custom_field . '"' . __yop_poll(" from question ") . $i . ' ' . __yop_poll("missing"); insert_log_in_db($log_to_add); return false; } } } else { $this->error = __yop_poll("Custom fields from question ") . $i . ' ' . __yop_poll("are missing") . '!'; $log_to_add['message'] = __yop_poll("Custom fields from question ") . $i . ' ' . __yop_poll("missing") . '!'; insert_log_in_db($log_to_add); return false; } } if ('yes' == $this->use_captcha) { require_once YOP_POLL_INC . '/securimage.php'; $img = new Yop_Poll_Securimage(); $img->namespace = 'yop_poll_' . $poll_id . $unique_id; if ($img->check($_REQUEST['yop_poll_captcha_input'][$poll_id])) { $mail_notifications_answers[$question->ID] = array(); $add_to_log = $this->update_votes($question, $answers, $votes, $mail_notifications_answers[$question->ID], $facebook_user_details['id'], $google_user_details['id']); $log["q-" . $question->ID]['question'] = $question->question; $log["q-" . $question->ID]['a'] = $add_to_log['a']; $log["q-" . $question->ID]['answers'] = $add_to_log['answers']; $mail_notifications_answers[$question->ID] = trim($mail_notifications_answers[$question->ID], '<br>'); $mail_notifications_custom_fields[$question->ID] = ''; foreach ($custom_fields as $custom_field) { if ('anonymous' == $vote_type) { $custom_field['user_id'] = 0; } $custom_field['tr_id'] = $tr_id; self::insert_vote_custom_field_in_database($custom_field); $cf = $question->getCustomFieldById($custom_field['custom_field_id']); $mail_notifications_custom_fields[$question->ID][$cf->custom_field] = $custom_field['custom_field_value']; } if ('yes' == $this->number_of_votes_per_user) { $this->success = str_replace('%USER-VOTES-LEFT%', intval($this->number_of_votes_per_user) - $this->get_voter_number_of_votes($voter), $poll_options['message_after_vote']); } else { $this->success = str_replace('%USER-VOTES-LEFT%', '', $this->message_after_vote); } } else { $this->error = __yop_poll("Incorrect security code entered!"); $log_to_add['message'] = __yop_poll("Incorrect security code entered"); insert_log_in_db($log_to_add); return false; } } else { $mail_notifications_answers[$question->ID] = array(); $add_to_log = $this->update_votes($question, $answers, $votes, $mail_notifications_answers[$question->ID], $vote_type, $facebook_user_details['id'], $google_user_details['id']); $log["q-" . $question->ID]['question'] = $question->question; $log["q-" . $question->ID]['id'] = $question->ID; $log["q-" . $question->ID]['a'] = $add_to_log['a']; $log["q-" . $question->ID]['answers'] = $add_to_log['answers']; $mail_notifications_custom_fields[$question->ID] = array(); $add_to_log = array(); foreach ($custom_fields as $custom_field) { if ('google' == $vote_type) { $custom_field['user_id'] = $google_user_details['id']; } if ('anonymous' == $vote_type) { $custom_field['user_id'] = 0; } $custom_field['tr_id'] = $tr_id; $cf_id = self::insert_vote_custom_field_in_database($custom_field); $add_to_log[] = $cf_id; $cf = $question->getCustomFieldById($custom_field['custom_field_id']); $mail_notifications_custom_fields[$question->ID][$cf->custom_field] = $custom_field['custom_field_value']; } $log["q-" . $question->ID]['cf'] = $add_to_log; if ('yes' == $this->number_of_votes_per_user) { $this->success = str_replace('%USER-VOTES-LEFT%', intval($this->number_of_votes_per_user) - $this->get_voter_number_of_votes($voter), $this->message_after_vote); } else { $this->success = str_replace('%USER-VOTES-LEFT%', '', $this->message_after_vote); } } } else { $this->error = __yop_poll("No vote registered!"); $log_to_add['message'] = __yop_poll("No vote registered"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("No answer selected for question ") . $i; $log_to_add['message'] = __yop_poll("No answer selected for question ") . $i; insert_log_in_db($log_to_add); return false; } $i++; } } else { $this->error = __yop_poll("You have run out of votes!"); $log_to_add['message'] = __yop_poll("Run out of votes"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("You Already voted!"); $log_to_add['message'] = __yop_poll("Already Voted"); insert_log_in_db($log_to_add); return false; } } } else { $this->error = __yop_poll("This poll is closed!"); $log_to_add['message'] = __yop_poll("Poll Closed"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("You can vote once the poll starts!"); $log_to_add['message'] = __yop_poll("Poll not started"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("You are not allowed to vote!"); $log_to_add['message'] = __yop_poll("Not allowed to vote"); insert_log_in_db($log_to_add); return false; } } else { $this->error = __yop_poll("You are not allowed to vote!"); return false; } } else { $this->error = __yop_poll("Bad Request!"); $log_to_add['message'] = __yop_poll("Bad request"); insert_log_in_db($log_to_add); return false; } if ($this->send_email_notifications == "yes") { $this->sendMail($mail_notifications_answers, $mail_notifications_custom_fields, $vote_id); } $this->update_poll_total_votes(1); $log_to_add['message'] = __yop_poll('Success'); $log_to_add['vote_details'] = json_encode($log); insert_log_in_db($log_to_add); $ip_data = @json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip=" . $log_to_add['ip'])); $log_to_add['country'] = $ip_data->geoplugin_countryName; insert_result_in_db($log_to_add); $this->set_vote_cookie(json_encode($log), $vote_type, $facebook_user_details, $google_user_details); $this->vote = true; $this->poll_total_votes += 1; return do_shortcode($this->return_poll_html(array('tr_id' => $tr_id, 'location' => $location))); }