1<?php 2// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project 3// 4// All Rights Reserved. See copyright.txt for details and a complete list of authors. 5// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. 6// $Id$ 7 8if (basename($_SERVER['SCRIPT_NAME']) === basename(__FILE__)) { 9 die('This script may only be included.'); 10} 11 12if (isset($_REQUEST['pollVote']) && ! empty($_REQUEST['polls_pollId'])) { 13 $ok = true; 14 $voted = false; 15 if (empty($_REQUEST['polls_optionId'])) { 16 $ok = false; 17 $error = tra('You must choose an option'); 18 } elseif ($tiki_p_vote_poll == 'y' && ($prefs['feature_poll_anonymous'] == 'y' || $user || $prefs['feature_antibot'] == 'y')) { 19 $captchalib = TikiLib::lib('captcha'); 20 if (empty($user) && empty($_COOKIE)) { 21 $ok = false; 22 $error = tra('For you to vote, cookies must be allowed'); 23 $smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']); 24 } elseif (($prefs['feature_antibot'] == 'y' && empty($user)) && (! $captchalib->validate())) { 25 $ok = false; 26 $errors = $captchalib->getErrors(); 27 $smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']); 28 } else { 29 $polllib = TikiLib::lib('poll'); 30 $poll = $polllib->get_poll($_REQUEST['polls_pollId']); 31 if (empty($poll) || $poll['active'] == 'x') { 32 $ok = false; 33 $error = tra('This poll is closed.'); 34 $smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']); 35 } else { 36 $previous_vote = $polllib->get_user_vote('poll' . $_REQUEST['polls_pollId'], $user); 37 if ($tikilib->register_user_vote($user, 38 'poll' . $_REQUEST['polls_pollId'], 39 $_REQUEST['polls_optionId'], 40 [], 41 $prefs['feature_poll_revote'] == 'y' 42 ) 43 && $access->checkCsrf()) 44 { 45 $result = $polllib->poll_vote($user, $_REQUEST['polls_pollId'], $_REQUEST['polls_optionId'], $previous_vote); 46 if ($result) { 47 if ($result === true) { 48 Feedback::note(tr('Your vote for this option has already been recorded')); 49 } elseif ($result->numRows()) { 50 Feedback::success(tr('Vote recorded')); 51 } 52 } else { 53 Feedback::error(tr('Vote not recorded')); 54 } 55 } 56 } 57 } 58 } 59 if (! empty($error)) { 60 Feedback::error($error); 61 } 62 if ($ok && ! isset($_REQUEST['wikipoll']) && $tiki_p_view_poll_results == 'y' && empty($_REQUEST['showresult'])) { 63 header('location: tiki-poll_results.php?pollId=' . $_REQUEST['polls_pollId']); 64 die; 65 } 66} 67