break; case "createPosted": poll_createPosted($pollTitle, $optionText, $planguage, $title, $hometext, $topic, $bodytext, $catid, $ihome, $acomm); break; case "ChangePoll": ChangePoll($pollID, $pollTitle, $optionText, $voteID); break; case "remove": poll_removePoll(); break; case "removePosted": poll_removePosted(); break; case "polledit": polledit($pollID); break; case "savepoll": savepoll($pollID, $pollTitle, $planguage, $optiontext1, $optiontext2, $optiontext3, $optiontext4, $optiontext5, $optiontext6, $optiontext7, $optiontext8, $optiontext9, $optiontext10, $optiontext11, $optiontext12); break; case "polledit_select": polledit_select(); break; } } else { include "header.php"; GraphicAdmin(); OpenTable(); echo "<center><b>" . _ERROR . "</b><br><br>You do not have administration permission for module \"{$module_name}\"</center>"; CloseTable(); include "footer.php"; }
if (isset($_POST['statuscode'])) { $statuscode = COM_applyFilter($_POST['statuscode'], true); } $mainpage = ''; if (isset($_POST['mainpage'])) { $mainpage = COM_applyFilter($_POST['mainpage']); } $open = ''; if (isset($_POST['open'])) { $open = COM_applyFilter($_POST['open']); } $hideresults = ''; if (isset($_POST['hideresults'])) { $hideresults = COM_applyFilter($_POST['hideresults']); } $display .= savepoll($pid, $old_pid, $_POST['question'], $mainpage, $_POST['topic'], $_POST['meta_description'], $_POST['meta_keywords'], $statuscode, $open, $hideresults, COM_applyFilter($_POST['commentcode'], true), $_POST['answer'], $_POST['votes'], $_POST['remark'], COM_applyFilter($_POST['owner_id'], true), COM_applyFilter($_POST['group_id'], true), $_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']); } else { $display .= COM_siteHeader('menu', $LANG25[5]); $display .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header')); $display .= $LANG25[17]; $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $display .= editpoll(); $display .= COM_siteFooter(); } } elseif ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) { $pid = ''; if (isset($_POST['pid'])) { $pid = COM_applyFilter($_POST['pid']); } if (empty($pid)) { COM_errorLog('Ignored possibly manipulated request to delete a poll.');
function setsmsincomingaction($sms_datetime, $sms_sender, $message) { global $system_from; $ok = false; $keywords = explode(' ', $message); $target_code = strtoupper($keywords[0]); switch ($target_code) { case 'BC': $array_target_group = explode(" ", $message); $target_group = strtoupper(trim($array_target_group[0])); $message = $array_target_group[1]; for ($i = 2; $i < count($array_target_group); $i++) { $message .= " " . $array_target_group[$i]; } if (send2group($sms_sender, $target_group, $message)) { $ok = true; } break; case 'PV': $array_target_user = explode(" ", $message); $target_user = strtoupper(trim($array_target_user[0])); $message = $array_target_user[1]; for ($i = 2; $i < count($array_target_user); $i++) { $message .= " " . $array_target_user[$i]; } if (insertsmstoinbox($sms_datetime, $sms_sender, $target_user, $message)) { $ok = true; } break; default: // try as autoreply $ok = processAutoreply($sms_datetime, $sms_sender, $message); // maybe its for sms poll if (!$ok) { $db_query = "SELECT poll_id FROM playsms_featPoll WHERE poll_code='{$target_code}'"; if ($db_result = dba_num_rows($db_query)) { $ok = savepoll($sms_sender, $target_code, $message); } } // or maybe its for sms command if (!$ok) { $db_query = "SELECT command_id FROM playsms_featCommand WHERE command_code='{$target_code}'"; if ($db_result = dba_num_rows($db_query)) { $ok = execcommand($sms_datetime, $sms_sender, $target_code, $message); } } // or maybe its for sms custom if (!$ok) { $db_query = "SELECT custom_id FROM playsms_featCustom WHERE custom_code='{$target_code}'"; if ($db_result = dba_num_rows($db_query)) { $ok = processcustom($sms_datetime, $sms_sender, $target_code, $message); } } // its for sms board if (!$ok) { $db_query = "SELECT board_id FROM playsms_featBoard WHERE board_code='{$target_code}'"; if ($db_result = dba_num_rows($db_query)) { $ok = insertsmstodb($sms_datetime, $sms_sender, $target_code, $message); } } // if its from the known system messsage sender, // then process it as a system message $syssenders = explode(',', $system_from); foreach ($syssenders as $syssender) { if (0 == strcasecmp($sms_sender, $syssender)) { $saveToInbox = true; $ok = processSystemMessage($sms_sender, "{$target_code} {$message}"); } } break; } if (!$ok) { $saveToInbox = true; // If all else failed, then check the autoreplies again, // this time with a more sophisticated match. // // Note that since this can result in autoreply error messages, // we only do this if its a regular number, not a shortcode or // some special cell provider number // (if we don't check we can get into an infinite loop, us // sending an error message to another autmoated system, which // sends us an error message...) if (strlen($sms_sender) > 4 && ereg('^\\+?[0-9]+$', $sms_sender)) { $ok = processAutoreply($sms_datetime, $sms_sender, $message, false); $saveToInbox = !$ok; } } if ($saveToInbox) { error_log("saving to inbox..."); if (insertsmstoinbox($sms_datetime, $sms_sender, "admin", $message)) { $ok = true; } } return $ok; }