/** * Allow the user to vote. * It is called to register a vote in a poll. * Must be called with a topic and option specified. * Requires the poll_vote permission. * Upon successful completion of action will direct user back to topic. * Accessed via ?action=poll;sa=vote. * * @uses Post language file. */ public function action_vote() { global $topic, $user_info, $modSettings; require_once SUBSDIR . '/Poll.subs.php'; // Make sure you can vote. isAllowedTo('poll_vote'); loadLanguage('Post'); // Check if they have already voted, or voting is locked. $row = checkVote($topic); if (empty($row)) { fatal_lang_error('poll_error', false); } // If this is a guest can they vote? if ($user_info['is_guest']) { // Guest voting disabled? if (!$row['guest_vote']) { fatal_lang_error('guest_vote_disabled'); } elseif (!empty($_COOKIE['guest_poll_vote']) && preg_match('~^[0-9,;]+$~', $_COOKIE['guest_poll_vote']) && strpos($_COOKIE['guest_poll_vote'], ';' . $row['id_poll'] . ',') !== false) { // ;id,timestamp,[vote,vote...]; etc $guestinfo = explode(';', $_COOKIE['guest_poll_vote']); // Find the poll we're after. foreach ($guestinfo as $i => $guestvoted) { $guestvoted = explode(',', $guestvoted); if ($guestvoted[0] == $row['id_poll']) { break; } } // Has the poll been reset since guest voted? if (isset($guestvoted[1]) && $row['reset_poll'] > $guestvoted[1]) { // Remove the poll info from the cookie to allow guest to vote again unset($guestinfo[$i]); if (!empty($guestinfo)) { $_COOKIE['guest_poll_vote'] = ';' . implode(';', $guestinfo); } else { unset($_COOKIE['guest_poll_vote']); } } else { fatal_lang_error('poll_error', false); } unset($guestinfo, $guestvoted, $i); } } // Is voting locked or has it expired? if (!empty($row['voting_locked']) || !empty($row['expire_time']) && time() > $row['expire_time']) { fatal_lang_error('poll_error', false); } // If they have already voted and aren't allowed to change their vote - hence they are outta here! if (!$user_info['is_guest'] && $row['selected'] != -1 && empty($row['change_vote'])) { fatal_lang_error('poll_error', false); } elseif (!empty($row['change_vote']) && !$user_info['is_guest'] && empty($_POST['options'])) { checkSession('request'); // Find out what they voted for before. $pollOptions = determineVote($user_info['id'], $row['id_poll']); // Just skip it if they had voted for nothing before. if (!empty($pollOptions)) { // Update the poll totals. decreaseVoteCounter($row['id_poll'], $pollOptions); // Delete off the log. removeVote($user_info['id'], $row['id_poll']); } // Redirect back to the topic so the user can vote again! if (empty($_POST['options'])) { redirectexit('topic=' . $topic . '.' . $_REQUEST['start']); } } checkSession('request'); // Make sure the option(s) are valid. if (empty($_POST['options'])) { fatal_lang_error('didnt_select_vote', false); } // Too many options checked! if (count($_REQUEST['options']) > $row['max_votes']) { fatal_lang_error('poll_too_many_votes', false, array($row['max_votes'])); } $pollOptions = array(); $inserts = array(); foreach ($_REQUEST['options'] as $id) { $id = (int) $id; $pollOptions[] = $id; $inserts[] = array($row['id_poll'], $user_info['id'], $id); } // Add their vote to the tally. addVote($inserts); increaseVoteCounter($row['id_poll'], $pollOptions); // If it's a guest don't let them vote again. if ($user_info['is_guest'] && count($pollOptions) > 0) { // Time is stored in case the poll is reset later, plus what they voted for. $_COOKIE['guest_poll_vote'] = empty($_COOKIE['guest_poll_vote']) ? '' : $_COOKIE['guest_poll_vote']; // ;id,timestamp,[vote,vote...]; etc $_COOKIE['guest_poll_vote'] .= ';' . $row['id_poll'] . ',' . time() . ',' . (count($pollOptions) > 1 ? implode(',', $pollOptions) : $pollOptions[0]); // Increase num guest voters count by 1 increaseGuestVote($row['id_poll']); require_once SUBSDIR . '/Auth.subs.php'; $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies'])); elk_setcookie('guest_poll_vote', $_COOKIE['guest_poll_vote'], time() + 2500000, $cookie_url[1], $cookie_url[0], false, false); } // Maybe let a social networking mod log this, or something? call_integration_hook('integrate_poll_vote', array(&$row['id_poll'], &$pollOptions)); // Return to the post... redirectexit('topic=' . $topic . '.' . $_REQUEST['start']); }
$message = ''; try { $conn = new PDO('mysql:host=' . $servername . ';dbname=' . $database, $username, $password); // set the PDO error mode to exception $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if ($_POST['type'] == "login") { $message = "Login successful"; } else { if ($_POST['type'] == 'getCurrentPolls') { $polls = readCurrentPolls($conn, $username); } else { if ($_POST['type'] == 'getOldPolls') { $polls = readOldPolls($conn, $username); } else { if ($_POST['type'] == 'addVote') { $message = addVote($conn, $username); } else { $message = "Site error. Action not recognized."; $success = false; } } } } $conn = null; } catch (PDOException $e) { $success = false; if ($e->getCode() == 1044) { $message = 'Incorrect password.'; } else { if ($e->getCode() == 1045) { $message = 'Failed to login.';
$sql = "SELECT id, film_id FROM selections WHERE filmnight_id = {$filmnight_id}"; $result = query($sql); $selectedFilms = []; $num_rows = $result->num_rows; if ($num_rows > 0) { while ($row = $result->fetch_assoc()) { $selectedFilms[$row['film_id']] = $row['id']; } } error_log(print_r($selectedFilms, TRUE)); error_log(print_r($jsonVote, TRUE)); $idVote = []; if (sort(array_keys($jsonVote)) != sort(array_keys($selectedFilms))) { $continue = FALSE; $_SESSION['ERROR'] = "Error: Failed to validate your vote.<br>Your list of films doesn't match our list of films<br>{$vote}"; echo "Error: Failed to validate your vote: bad films"; } if (sort(array_values($jsonVote)) != range(1, $num_rows)) { $continue = FALSE; $_SESSION['ERROR'] = "Error: Failed to validate your vote.<br>You didn't give the correct positions.<br>{$vote}"; echo "Error: Failed to validate your vote: bad position"; } foreach ($selectedFilms as $film => $filmid) { $idVote[$filmid] = $jsonVote[$film]; } if ($continue) { addVote($filmnight_id, $_SESSION['ID'], $idVote); } } } }