(*PREFIX*polls_events.access =? and *PREFIX*polls_events.owner =?) or *PREFIX*polls_events.access !=? or *PREFIX*polls_particip.user =? or *PREFIX*polls_comments.user =? order by created'); $result = $query->execute(array('hidden', OCP\User::getUser(), 'hidden', OCP\User::getUser(), OCP\User::getUser())); ?> <?php while ($row = $result->fetchRow()) { ?> <?php if (!userHasAccess($row['id'])) { continue; } ?> <tr> <td class="cl_link" title="<?php p($l->t('Go to')); ?> "> <?php echo $row['title']; ?> <input type="hidden" value="<?php echo $row['id']; ?> " />
use OCP\DB; use OCP\User; use OCP\Util; // coming directly to vote (link) if (isset($_GET) && isset($_GET['poll_id'])) { // check if poll is public / user registered $query = DB::prepare('select access from *PREFIX*polls_events where id=?'); $result = $query->execute(array($_GET['poll_id'])); $row = $result->fetchRow(); $access = $row['access']; // if !public and !loggedIn go to login page if (strcmp($access, 'public') && !OCP\User::isLoggedIn()) { OCP\User::checkLoggedIn(); } // check if user has access to this poll if (!userHasAccess($_GET['poll_id'])) { include 'error_no_poll.php'; return; } unset($_POST); $_POST['j'] = "vote"; $_POST['poll_id'] = $_GET['poll_id']; unset($_GET); } if (isset($_POST) && isset($_POST['j'])) { //echo '<pre>POST: '; print_r($_POST); echo '</pre>'; $post_j = $_POST['j']; // vote: build vote page; finish: save "vote" - both available w/o login if ($post_j !== 'vote' && $post_j !== 'finish') { OCP\User::checkLoggedIn(); }