forked from SteamLUG/steamlug.org
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpoll_vote.php
74 lines (63 loc) · 2.21 KB
/
poll_vote.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
$pageTitle = "Poll Vote";
include_once('includes/session.php');
include_once('includes/functions_poll.php');
if ( !array_key_exists( 'page', $_POST ) )
$_POST['page'] = "/";
// are we logged in? no → leave
if ( !login_check() ) {
header( "Location: " . $_POST['page'] );
exit();
} else {
$me = $_SESSION['u'];
}
if ( !isset( $database ) )
$database = connectDB( );
if (isset($_POST['poll']) && isset($_POST['poll_selection'])) {
if (is_numeric($_POST['poll']) && is_array($_POST['poll_selection'])) {
$stmt = $database->prepare("select count(*) as voted from poll_respondent where uid = :uid");
$stmt->execute(array( 'uid' => $me ));
if ($stmt)
{
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
if ($result[0]['voted'] == 0) {
$stmt = $database->prepare("select multipleChoice, now() between publishDate and expireDate as canVote from poll where id = :pollid");
$stmt->execute(array( 'pollid' => $_POST['poll']));
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
if ($result[0]['canVote'] == 1) {
//Check whether this is a multiple choice poll and bail if there are too many responses
if ((count($_POST['poll_selection']) > 1 && $result[0]['multipleChoice'] > 0) || (count($_POST['poll_selection']) == 1)) {
$stmt = $database->prepare("insert into poll_respondent (uid, pollID) values (:steamid, :pollid)");
$stmt->execute(array( 'steamid' => $me, 'pollid' => $_POST['poll']));
$stmt->closeCursor();
$stmt = $database->prepare("update poll_option set responseCount = responseCount + 1 where id = :optionid");
foreach ($_POST['poll_selection'] as $o) {
if ( is_numeric( $o ) ) {
$stmt->execute( array( 'optionid' => $o ) );
$stmt->closeCursor();
}
}
} else {
$error = "too_many_choices";
}
} else {
$error = "poll_not_open";
}
} else {
$error = "already_voted_" . $result[ 0 ] ['voted' ];
}
} else {
$error = "system_error";
}
} else {
$error = "bad_selection";
}
} else {
$error = "bad_poll";
}
if ( isset( $error ) )
header( 'location: ' . $_POST[ 'page' ] . '?error=' . $error );
else
header( 'Location: ' . $_POST[ 'page' ] );