1<?php
2// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
3//
4// All Rights Reserved. See copyright.txt for details and a complete list of authors.
5// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
6// $Id$
7
8if (basename($_SERVER['SCRIPT_NAME']) === basename(__FILE__)) {
9	die('This script may only be included.');
10}
11
12if (isset($_REQUEST['pollVote']) && ! empty($_REQUEST['polls_pollId'])) {
13	$ok = true;
14	$voted = false;
15	if (empty($_REQUEST['polls_optionId'])) {
16		$ok = false;
17		$error = tra('You must choose an option');
18	} elseif ($tiki_p_vote_poll == 'y' && ($prefs['feature_poll_anonymous'] == 'y' || $user || $prefs['feature_antibot'] == 'y')) {
19		$captchalib = TikiLib::lib('captcha');
20		if (empty($user) && empty($_COOKIE)) {
21			$ok = false;
22			$error = tra('For you to vote, cookies must be allowed');
23			$smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']);
24		} elseif (($prefs['feature_antibot'] == 'y' && empty($user)) && (! $captchalib->validate())) {
25			$ok = false;
26			$errors = $captchalib->getErrors();
27			$smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']);
28		} else {
29			$polllib = TikiLib::lib('poll');
30			$poll = $polllib->get_poll($_REQUEST['polls_pollId']);
31			if (empty($poll) || $poll['active'] == 'x') {
32				$ok = false;
33				$error = tra('This poll is closed.');
34				$smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']);
35			} else {
36				$previous_vote = $polllib->get_user_vote('poll' . $_REQUEST['polls_pollId'], $user);
37				if ($tikilib->register_user_vote($user,
38					'poll' . $_REQUEST['polls_pollId'],
39					$_REQUEST['polls_optionId'],
40					[],
41					$prefs['feature_poll_revote'] == 'y'
42					)
43					&& $access->checkCsrf())
44				{
45					$result = $polllib->poll_vote($user, $_REQUEST['polls_pollId'], $_REQUEST['polls_optionId'], $previous_vote);
46					if ($result) {
47						if ($result === true) {
48							Feedback::note(tr('Your vote for this option has already been recorded'));
49						} elseif ($result->numRows()) {
50							Feedback::success(tr('Vote recorded'));
51						}
52					} else {
53						Feedback::error(tr('Vote not recorded'));
54					}
55				}
56			}
57		}
58	}
59	if (! empty($error)) {
60		Feedback::error($error);
61	}
62	if ($ok && ! isset($_REQUEST['wikipoll']) && $tiki_p_view_poll_results == 'y' && empty($_REQUEST['showresult'])) {
63		header('location: tiki-poll_results.php?pollId=' . $_REQUEST['polls_pollId']);
64		die;
65	}
66}
67