Mercurial > hg > fapweb
view vote.inc.php @ 0:8019b357cc03
Initial import.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Tue, 04 Dec 2012 19:07:18 +0200 |
parents | |
children | 934ab7d8c244 |
line wrap: on
line source
<? $mode = stGetRequestItem("mode", "start"); stGetCompoList(FALSE); function stPrintFormData($button, $mode = "start") { global $compos; echo "<form name=\"vote\" action=\"vote\" method=\"post\">\n". " <input type=\"submit\" value=\"".chentities($button)."\" />\n"; stPrintFormHiddenInput("mode", $mode); stPrintFormHiddenInput("key", stGetRequestItem("key")); foreach ($compos as $id => $compo) { foreach ($compo["entries"] as $eid => $entry) { stPrintFormHiddenInput("entry".$eid, stGetRequestItem("entry".$eid)); } } echo "</form>\n"; } // Check if voting is enabled if (!stChkSetting("allowVoting")) { ?> <h1>Sorry, voting disabled!</h1> <p> Voting functionality not available at this time. </p> <? } else if ($mode == "start") { ?> <h1>Way Too Simple Vote System</h1> <form name="vote" action="vote" method="post"> <input type="hidden" name="mode" value="check"> <table class="misc"> <? stPrintFormTextInput("Vote key:", "(that series of characters)", 30, 30, "key", "autocomplete=\"off\""); echo "</table>\n"; foreach ($compos as $id => $compo) if (count($compo["entries"]) > 0) { echo " <table class=\"misc\">\n". " <tr><th colspan=\"3\">".chentities($compo["name"])."</th></tr>\n". " <tr>\n". " <th>Title</th>\n". " <th>Author</th>\n". " <th>Actions</th>\n". " </tr>\n"; foreach ($compo["entries"] as $eid => $entry) { echo " <tr>\n". " <td>".$entry["name"]."</td>\n". " <td>".$entry["author"]."</td>\n". " <td>\n"; for ($i = stGetSetting("voteMin", -2); $i <= stGetSetting("voteMax", 2); $i++) { $name = "entry".$eid; $checked = stChkRequestItem($name) ? stGetRequestItem($name) : 0; echo " <input type=\"radio\" name=\"".$name."\" ". ($i == $checked ? "checked=\"checked\" " : ""). "value=\"".$i."\"><label for=\"".$name."\">".$i."</label>\n"; } echo " </td>\n". " </tr>\n"; } echo " </table>\n"; } ?> <input type="submit" value="Vote!" /><br /> </form> <? } else if ($mode == "check") { // Check received data if (stChkDataItem("key") || strlen(stGetRequestItem("key")) != stGetSetting("votekeylen", 8)) { stError("Invalid or empty vote key, please check."); } else { // Check if the key exists and is active $sql = stPrepareSQL( "SELECT * FROM voters WHERE key=%S AND enabled<>0", "key"); if (($voter = stFetchSQL($sql)) === FALSE) stError("Vote key does not exist, perhaps you typed it incorrectly?"); } // Check the submitted vote values foreach ($compos as $id => $compo) if (count($compo["entries"]) > 0) { foreach ($compo["entries"] as $eid => $entry) { $vote = stGetRequestItem("entry".$eid); if ($vote < stGetSetting("voteMin", -2) || $vote > stGetSetting("voteMax", 2)) { stError("One or more vote value was out of bounds. Trying to cheat, eh?"); break; } } } // Ookkay... if ($errorSet) { echo "<p>Following errors occured:</p>\n". "<ul>\n".$errorMsg."</ul>\n"; stPrintFormData("Go back"); } else { foreach ($compos as $id => $compo) if (count($compo["entries"]) > 0) { foreach ($compo["entries"] as $eid => $entry) { $vote = stGetRequestItem("entry".$eid); $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d", $voter["id"], $eid); if (stFetchSQLColumn($sql) === false) { $sql = stPrepareSQL( "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)", $voter["id"], $eid, $vote); if (stExecSQL($sql) === false) break; } else { $sql = stPrepareSQL( "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d", $vote, $voter["id"], $eid); if (stExecSQL($sql) === false) break; } } } if ($errorSet) { echo "<h1>An error occured.</h1>\n"; echo "<p>Following errors occured:</p>\n". "<ul>\n".$errorMsg."</ul>\n"; stPrintFormData("Go back"); } else { echo "<h1>Voting successful</h1>\n"; echo "<p>Now go FAP some more! Or whatever.</p>\n"; } } } ?>