plugins/Surveyor.php
changeset 0 e96ded22104a
child 1 97507d2ca929
equal deleted inserted replaced
-1:000000000000 0:e96ded22104a
       
     1 <?php
       
     2 /*
       
     3 Plugin Name: Survey/Poll plugin
       
     4 Plugin URI: http://enano.homelinux.org/Survey_plugin
       
     5 Description: Adds a customizable poll to your sidebar. You can have any number of options, and the poll is randomly selected from a list of enabled polls. <b>Important:</b> When first loaded, this plugin creates the following tables in your Enano database: enano_polls, enano_poll_options, enano_poll_results
       
     6 Author: Dan Fuhry
       
     7 Version: 1.0.1
       
     8 Author URI: http://enano.homelinux.org/
       
     9 
       
    10 Changelog:
       
    11   9/27/06:
       
    12   Updated to be valid XHTML 1.1
       
    13   11/2/07:
       
    14   Made compatible with Loch Ness and later (oops!)
       
    15 */
       
    16 
       
    17 /*
       
    18  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
       
    19  * Version 1.0.1 (Loch Ness)
       
    20  * Copyright (C) 2006-2007 Dan Fuhry
       
    21  *
       
    22  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
       
    23  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
       
    24  *
       
    25  * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
       
    26  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
       
    27  */
       
    28 
       
    29 global $db, $session, $paths, $template, $plugins; // Common objects
       
    30 
       
    31 // Uncomment this line once the plugin has been enabled for the first time and at least one page has been requested
       
    32 define('ENANO_SURVEYOR_TABLES_CREATED', 'true');
       
    33 
       
    34   if(!defined('ENANO_SURVEYOR_TABLES_CREATED')) {
       
    35   $e = $db->sql_query('CREATE TABLE IF NOT EXISTS '.table_prefix.'polls(
       
    36                          poll_id mediumint(5) NOT NULL auto_increment,
       
    37                          poll_question text,
       
    38                          end_time datetime,
       
    39                          enabled tinyint(1),
       
    40                          PRIMARY KEY (poll_id)
       
    41                        );');
       
    42   if(!$e) $db->_die('Surveyor plugin: error creating table '.table_prefix.'polls.');
       
    43   
       
    44   $e = $db->sql_query('CREATE TABLE IF NOT EXISTS '.table_prefix.'poll_options(
       
    45                          item_id mediumint(5) NOT NULL auto_increment,
       
    46                          poll_id mediumint(5) NOT NULL,
       
    47                          option_value text,
       
    48                          PRIMARY KEY (item_id)
       
    49                        );');
       
    50   if(!$e) $db->_die('Surveyor plugin: error creating table '.table_prefix.'poll_options.');
       
    51   
       
    52   $e = $db->sql_query('CREATE TABLE IF NOT EXISTS '.table_prefix.'poll_results(
       
    53                          poll_id mediumint(5),
       
    54                          item_id mediumint(5),
       
    55                          user_id mediumint(8),
       
    56                          ip_addr varchar(10)
       
    57                        );');
       
    58   if(!$e) $db->_die('Surveyor plugin: error creating table '.table_prefix.'poll_results.');
       
    59   
       
    60 }
       
    61 
       
    62 class Surveyor_Plugin {
       
    63   var $header_added;
       
    64   function html($pid = false)
       
    65   {
       
    66     global $db, $session, $paths, $template, $plugins; // Common objects
       
    67     $s = '';
       
    68     if(is_int($pid)) $s = ' AND p.poll_id='.$pid;
       
    69     $ret = '';
       
    70     if(!is_int($pid)) $ret .= '<div id="mdgVotePlugin" style="padding: 5px;">';
       
    71     $ret .= '<form id="survey" action="'.makeUrlNS('Special', 'SubmitVote').'" method="post"><div>';
       
    72     $q = $db->sql_query('SELECT p.poll_id AS pid,o.item_id AS oid,p.poll_question AS q,o.option_value AS v FROM '.table_prefix.'polls p, '.table_prefix.'poll_options o WHERE p.poll_id=o.poll_id AND p.enabled=1'.$s.';');
       
    73     if(!$q) $db->_die('An error occurred whilst selecting the poll data.');
       
    74     $l = Array();
       
    75     while($row = $db->fetchrow())
       
    76     {
       
    77       if(!isset($l[$row['q']]))
       
    78       {
       
    79         $l[$row['q']] = Array();
       
    80         $l[$row['q']]['pid'] = $row['pid'];
       
    81       }
       
    82       $l[$row['q']][] = $row;
       
    83     }
       
    84     if(sizeof($l) < 1) return 'No polls created yet';
       
    85     $ques = array_rand($l);
       
    86     $poll_id = $l[$ques]['pid'];
       
    87     unset($l[$ques]['pid']);
       
    88     if(!$poll_id) die_semicritical('Surveyor plugin error', 'Invalid poll ID: '.$poll_id);
       
    89     $q = $db->sql_query('SELECT * FROM '.table_prefix.'poll_results WHERE poll_id='.$poll_id.' AND ( ip_addr=\''.mysql_real_escape_string(ip2hex($_SERVER['REMOTE_ADDR'])).'\' OR user_id='.$session->user_id.' );');
       
    90     if(!$q) $db->_die('Error obtaining vote result information');
       
    91     if($db->numrows() > 0)
       
    92     {
       
    93       if(!isset($_GET['results'])) $_GET['results'] = '';
       
    94       $_REQUEST['poll_id'] = $poll_id.'';
       
    95       $_GET['poll_id'] = $poll_id.'';
       
    96       return __enanoVoteAjaxhandler(false);
       
    97     }
       
    98     $ret .= '<input type="hidden" name="poll_id" value="'.$poll_id.'" />';
       
    99     $ret .= '<span style="font-weight: bold;">'.$ques.'</span><br />';
       
   100     foreach($l[$ques] as $o)
       
   101     {
       
   102       $ret .= '<label><input type="radio" name="item_id" value="'.addslashes($o['oid']).'" /> '.$o['v'].'</label><br />';
       
   103     }
       
   104     $ret .= '<br /><div style="text-align: center"><input type="button" value="Vote!" onclick="ajaxSubmitVote(); return false;" /> <input type="button" onclick="ajaxVoteResults(); return false;" value="View results" /></div>';
       
   105     $ret .= '</div></form>';
       
   106     if(!is_int($pid)) $ret .= '</div>';
       
   107     
       
   108     $template->add_header('
       
   109       <script type="text/javascript">
       
   110       //<![CDATA[
       
   111         function ajaxSubmitVote()
       
   112         {
       
   113           frm = document.forms.survey;
       
   114           radios = document.getElementsByTagName(\'input\');
       
   115           optlist = new Array();
       
   116           j = 0;
       
   117           for(i=0;i<radios.length;i++)
       
   118           {
       
   119             if(radios[i].name == \'item_id\')
       
   120             {
       
   121               optlist[j] = radios[i];
       
   122               j++;
       
   123             }
       
   124           }
       
   125           val = \'enanoNuLl\';
       
   126           for(i=0;i<optlist.length;i++)
       
   127           {
       
   128             if(optlist[i].checked) val = optlist[i].value;
       
   129           }
       
   130           if(val==\'enanoNuLl\') { alert(\'Please select an option.\'); return; }
       
   131           ajaxPost(\''.makeUrlNS('Special', 'SubmitVote', 'redirect=no').'\', \'poll_id=\'+frm.poll_id.value+unescape(\'%26\')+\'item_id=\'+val, function() {
       
   132               if(ajax.readyState==4)
       
   133               {
       
   134                 ajaxVoteResults();
       
   135               }
       
   136             });
       
   137         }
       
   138         function ajaxVoteForm()
       
   139         {
       
   140           ajaxGet(\''.makeUrlNS('Special', 'SubmitVote', 'voteform\'+unescape(\'%26\')+\'poll_id='.$poll_id).'\', function() {
       
   141               if(ajax.readyState==4)
       
   142               {
       
   143                 document.getElementById("mdgVotePlugin").innerHTML = ajax.responseText;
       
   144               }
       
   145             });
       
   146         }
       
   147         function ajaxVoteResults()
       
   148         {
       
   149           ajaxGet(\''.makeUrlNS('Special', 'SubmitVote', 'results\'+unescape(\'%26\')+\'poll_id='.$poll_id).'\', function() {
       
   150               if(ajax.readyState==4)
       
   151               {
       
   152                 document.getElementById("mdgVotePlugin").innerHTML = ajax.responseText;
       
   153               }
       
   154             });
       
   155         }
       
   156         // ]]>
       
   157       </script>
       
   158       ');
       
   159     
       
   160     return $ret;
       
   161   }
       
   162 }
       
   163 
       
   164 $plugins->attachHook('base_classes_initted', '
       
   165   $paths->add_page(Array(
       
   166       \'name\'=>\'Submit a poll vote\',
       
   167       \'urlname\'=>\'SubmitVote\',
       
   168       \'namespace\'=>\'Special\',
       
   169       \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
       
   170       ));
       
   171   $paths->addAdminNode(\'Plugin configuration\', \'Manage polls\', \'PollEditor\');
       
   172   ');
       
   173 
       
   174 function __mdgPluginDoSurvey() {
       
   175   global $db, $session, $paths, $template, $plugins; // Common objects
       
   176   $s = new Surveyor_Plugin();
       
   177   $template->sidebar_widget('Poll', $s->html());
       
   178 }
       
   179 $plugins->attachHook('compile_template', '__mdgPluginDoSurvey();');
       
   180 
       
   181 function page_Special_SubmitVote()
       
   182 {
       
   183   echo __enanoVoteAjaxhandler();
       
   184 }
       
   185 function __enanoVoteAjaxhandler($allow_vote = true)
       
   186 {
       
   187   global $db, $session, $paths, $template, $plugins; // Common objects
       
   188   $ret = '';
       
   189   if(!isset($_REQUEST['poll_id'])) { die_semicritical('Critical error in plugin', '$_REQUEST[\'poll_id\'] is not set'); $paths->main_page(); exit; }
       
   190   if(!preg_match('/^([0-9]+)$/', $_REQUEST['poll_id'])) die('Hacking attempt'); // Prevents SQL injection from the URL
       
   191   if(isset($_GET['results']))
       
   192   {
       
   193     $q = $db->sql_query('SELECT p.poll_id AS pid,o.item_id AS oid,p.poll_question AS q,o.option_value AS v FROM '.table_prefix.'polls p, '.table_prefix.'poll_options o WHERE p.poll_id=o.poll_id AND p.poll_id=\''.$_GET['poll_id'].'\';');
       
   194     $l = Array();
       
   195     while($row = $db->fetchrow())
       
   196     {
       
   197       if(!isset($l[$row['q']]))
       
   198       {
       
   199         $l[$row['q']] = Array();
       
   200         $l[$row['q']]['pid'] = $row['pid'];
       
   201       }
       
   202       $l[$row['q']][] = $row;
       
   203     }
       
   204     // The reason we use array_rand() here? Simple - we used a WHERE clause to select only one poll, and since poll_id is
       
   205     // a primary key, there is only one match in the polls table. Therefore, array_rand() effectively returns the first key in the array
       
   206     $ques = array_rand($l);
       
   207     $poll_id = $l[$ques]['pid'];
       
   208     unset($l[$ques]['pid']);
       
   209     $results = Array();
       
   210     foreach($l[$ques] as $o)
       
   211     {
       
   212       $q = $db->sql_query('SELECT * FROM '.table_prefix.'poll_results WHERE poll_id='.$_GET['poll_id'].' AND item_id='.$o['oid'].';');
       
   213       if(!$q) $db->_die('The poll result data could not be selected.');
       
   214       $results[$o['v']] = $db->numrows();
       
   215     }
       
   216     $k = array_keys($results);
       
   217     $total = 0;
       
   218     foreach($k as $key)
       
   219     {
       
   220       $total = $total + $results[$key];
       
   221     }
       
   222     if($total==0) $total = 1;
       
   223     // Figure out the percentage, round it, and send the images
       
   224     $ret .= '<table border="0" style="margin: 0; padding: 0; width: 100%;" cellspacing="0" cellpadding="0">';
       
   225     $ret .= '<tr><td colspan="2"><b>'.$ques.'</b></td></tr>';
       
   226     foreach($k as $key)
       
   227     {
       
   228       $this_width = round(100*($results[$key] / $total));
       
   229       if ( $this_width == 0 )
       
   230         $this_width = 4;
       
   231       $ret .= '<tr>
       
   232                  <td colspan="2">'.$key.'</td>
       
   233                </tr>
       
   234                <tr>
       
   235                  <td style="padding: 0px 4px 0px 4px;">
       
   236                    <img alt="Poll bar" src="'.scriptPath.'/plugins/surveyor/poll-bar-left.png"
       
   237                     width="2" height="12" style="margin: 2px 0px 2px 0px; padding: 0;" hspace="0" 
       
   238                     
       
   239                   /><img alt="Poll bar" src="'.scriptPath.'/plugins/surveyor/poll-bar-middle.png"
       
   240                     width="'.$this_width.'" height="12" style="margin: 2px 0px 2px 0px; padding: 0;" hspace="0"
       
   241                     
       
   242                   /><img alt="Poll bar" src="'.scriptPath.'/plugins/surveyor/poll-bar-right.png"
       
   243                     width="2" height="12" style="margin: 2px 0px 2px 0px; padding: 0;" hspace="0" />
       
   244                     
       
   245                   </td>
       
   246                   
       
   247                   <td>
       
   248                     ['.$results[$key].']
       
   249                   </td>
       
   250                 </tr>';
       
   251     }
       
   252     if($allow_vote) $ret .= '<tr><td colspan="2" style="text-align: center"><input type="button" value="Cast your vote" onclick="ajaxVoteForm(); return false;" /></td></tr>';
       
   253     $ret .= '</table>';
       
   254   } elseif(isset($_GET['voteform'])) {
       
   255     $s = new Surveyor_Plugin();
       
   256     $pid = (int)$_GET['poll_id'];
       
   257     $ret .= $s->html($pid);
       
   258   } else {
       
   259     if(!isset($_POST['item_id']) || (isset($_POST['item_id']) && !preg_match('/^([0-9]+)$/', $_POST['item_id']))) die('Hacking attempt'); // Once again, ensure that only numbers are passed on the URL
       
   260     if(isset($_GET['redirect']) && $_GET['redirect'] == 'no')
       
   261     {
       
   262       header('Content-type: text/plain');
       
   263       $q = $db->sql_query('SELECT * FROM '.table_prefix.'poll_results WHERE poll_id='.$_POST['poll_id'].' AND ( ip_addr=\''.mysql_real_escape_string(ip2hex($_SERVER['REMOTE_ADDR'])).'\' OR user_id='.$session->user_id.' );');
       
   264       if(!$q) $db->_die('Error obtaining vote result information');
       
   265       if($db->numrows() > 0)
       
   266       {
       
   267         die('Looks like you already voted in this poll.');
       
   268       }
       
   269       $q = $db->sql_query('INSERT INTO '.table_prefix.'poll_results(poll_id,item_id,ip_addr,user_id) VALUES('.$_POST['poll_id'].', '.$_POST['item_id'].', \''.ip2hex($_SERVER['REMOTE_ADDR']).'\', '.$session->user_id.');');
       
   270       if(!$q) $db->_die('Your vote could not be inserted into the results table.');
       
   271       $ret .= 'Your vote has been cast.';
       
   272     } else {
       
   273       $paths->main_page();
       
   274     }
       
   275   }
       
   276   return $ret;
       
   277 }
       
   278 
       
   279 function page_Admin_PollEditor()
       
   280 {
       
   281   global $db, $session, $paths, $template, $plugins; if(!$session->sid_super || $session->user_level < 2) { header('Location: '.makeUrl($paths->nslist['Special'].'Administration'.urlSeparator.'noheaders')); die('Hacking attempt'); }
       
   282   if(isset($_POST['newpoll_create']))
       
   283   {
       
   284     $date_string = $_POST['newpoll_year'].'-'.$_POST['newpoll_month'].'-'.$_POST['newpoll_day'].' '.$_POST['newpoll_hour'].':'.$_POST['newpoll_minute'].':00';
       
   285     if(isset($_POST['newpoll_never']))
       
   286       $date_string = '9999-01-01 00:00:00';
       
   287     if(!$db->sql_query('INSERT INTO '.table_prefix.'polls(poll_question,enabled,end_time) VALUES(\''.mysql_real_escape_string($_POST['newpoll_name']).'\', 1, \''.$date_string.'\');')) $db->_die('The poll information could not be inserted.');
       
   288     $q = $db->sql_query('SELECT poll_id FROM '.table_prefix.'polls WHERE poll_question=\''.mysql_real_escape_string($_POST['newpoll_name']).'\' AND end_time=\''.$date_string.'\';');
       
   289     if(!$q) $db->_die('The new poll ID could not be fetched.');
       
   290     $r = $db->fetchrow();
       
   291     if(!$db->sql_query('INSERT INTO '.table_prefix.'poll_options(poll_id,option_value) VALUES('.$r['poll_id'].', \'First option\')')) $db->_die('The default option data could not be inserted.');
       
   292   }
       
   293   
       
   294   echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module'], true).'" method="post">';
       
   295     ?>
       
   296     <h3>Create a new poll</h3>
       
   297     <p>Question: <input name="newpoll_name" type="text" /></p>
       
   298     <p>Ending time:
       
   299     <select name="newpoll_month">
       
   300       <option value="01">January</option>
       
   301       <option value="02">February</option>
       
   302       <option value="03">March</option>
       
   303       <option value="04">April</option>
       
   304       <option value="05">May</option>
       
   305       <option value="06">June</option>
       
   306       <option value="07">July</option>
       
   307       <option value="08">August</option>
       
   308       <option value="09">September</option>
       
   309       <option value="10">October</option>
       
   310       <option value="11">November</option>
       
   311       <option value="12">December</option>
       
   312     </select>
       
   313     <select name="newpoll_day">
       
   314     <?php
       
   315       // This would be too hard to write by hand, so let's use a simple for-loop to take care of it for us
       
   316       for($i=1;$i<=31;$i++)
       
   317       {
       
   318         if($i < 10) $t = '0'.$i;
       
   319         else $t = $i.'';
       
   320         echo '<option value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   321       }
       
   322     ?>
       
   323     </select>,
       
   324     <select name="newpoll_year">
       
   325     <?php
       
   326       // What the heck? Let's do it again :-D
       
   327       for($i=2006;$i<=2026;$i++)
       
   328       {
       
   329         echo '<option value="'.$i.'">'.$i.'</option>'."\n      "; 
       
   330       }
       
   331     ?>
       
   332     </select>&nbsp;&nbsp;
       
   333     <select name="newpoll_hour">
       
   334     <?php
       
   335       for($i=0;$i<=23;$i++)
       
   336       {
       
   337         if($i < 10) $t = '0'.$i;
       
   338         else $t = $i.'';
       
   339         echo '<option value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   340       }
       
   341     ?>
       
   342     </select>:<select name="newpoll_minute">
       
   343     <?php
       
   344       for($i=0;$i<=59;$i++)
       
   345       {
       
   346         if($i < 10) $t = '0'.$i;
       
   347         else $t = $i.'';
       
   348         echo '<option value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   349       }
       
   350     ?>
       
   351     </select><br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<label><input type="checkbox" name="newpoll_never" />Never ends</label></p>
       
   352     
       
   353     <p><input type="submit" name="newpoll_create" value="Create poll" /></p>
       
   354     <?php
       
   355   echo '</form>';
       
   356   
       
   357   $q = $db->sql_query('SELECT p.poll_id AS pid,o.item_id AS oid,p.poll_question AS q,o.option_value AS v,p.end_time,p.enabled FROM '.table_prefix.'polls p, '.table_prefix.'poll_options o WHERE p.poll_id=o.poll_id;');
       
   358   if(!$q) $db->_die('The poll information could not be selected.');
       
   359   $l = Array();
       
   360   while($row = $db->fetchrow())
       
   361   {
       
   362     if(!isset($l[$row['q']]))
       
   363     {
       
   364       $l[$row['q']] = Array();
       
   365     }
       
   366     $l[$row['q']][] = $row;
       
   367   }
       
   368   $k = array_keys($l);
       
   369   foreach ( $k as $key )
       
   370   {
       
   371     $c = $l[$key][0];
       
   372     $poll_id = $c['pid'];
       
   373     $enabled = $c['enabled'];
       
   374     $ending_time = $c['end_time'];
       
   375     $year = substr($ending_time, 0, 4);
       
   376     $month = substr($ending_time, 5, 2);
       
   377     $day = substr($ending_time, 8, 2);
       
   378     $hour = substr($ending_time, 11, 2);
       
   379     $minute = substr($ending_time, 14, 2);
       
   380     if(isset($_POST['poll_'.$c['pid'].'_update']))
       
   381     {
       
   382       $date_string = $_POST['poll_'.$c['pid'].'_year'].'-'.$_POST['poll_'.$c['pid'].'_month'].'-'.$_POST['poll_'.$c['pid'].'_day'].' '.$_POST['poll_'.$c['pid'].'_hour'].':'.$_POST['poll_'.$c['pid'].'_minute'].':00';
       
   383       if(isset($_POST['poll_'.$c['pid'].'_never']))
       
   384         $date_string = '9999-01-01 00:00:00';
       
   385       $en = isset($_POST['poll_'.$c['pid'].'_enabled']) ? '1' : '0';
       
   386       $q = $db->sql_query('UPDATE '.table_prefix.'polls SET enabled='.$en.',end_time=\''.$date_string.'\' WHERE poll_id='.$c['pid'].';');
       
   387       if(!$q) $db->_die('The poll data could not be updated.');
       
   388       
       
   389       $q = $db->sql_query('SELECT p.poll_id AS pid,o.item_id AS oid,p.poll_question AS q,o.option_value AS v,p.end_time,p.enabled FROM '.table_prefix.'polls p, '.table_prefix.'poll_options o WHERE p.poll_id=o.poll_id;');
       
   390       if(!$q) $db->_die('The poll information could not be selected.');
       
   391       $l = Array();
       
   392       while($row = $db->fetchrow())
       
   393       {
       
   394         if(!isset($l[$row['q']]))
       
   395         {
       
   396           $l[$row['q']] = Array();
       
   397         }
       
   398         $l[$row['q']][] = $row;
       
   399       }
       
   400       $k = array_keys($l);
       
   401       
       
   402       echo '<h3>Information</h3><p>Poll updated successfully.</p>';
       
   403     }
       
   404     if(isset($_POST['poll_'.$c['pid'].'_delete']))
       
   405     {
       
   406       // Safe to use the poll ID here because it's the primary key
       
   407       if(!$db->sql_query('DELETE FROM '.table_prefix.'poll_results WHERE poll_id='.$c['pid'].';') ) $db->_die('The poll results could not be deleted.');
       
   408       if(!$db->sql_query('DELETE FROM '.table_prefix.'poll_options WHERE poll_id='.$c['pid'].';') ) $db->_die('The poll options could not be deleted.');
       
   409       if(!$db->sql_query('DELETE FROM '.table_prefix.'polls WHERE poll_id='.$c['pid'].';')        ) $db->_die('The poll could not be deleted.');
       
   410       unset($l[$key]);
       
   411       echo '<h3>Information</h3><p>Poll deleted.</p>';
       
   412     }
       
   413   }
       
   414   $k = array_keys($l); // Refresh the key list after any deletions that may have been done
       
   415   foreach ( $k as $key )
       
   416   {
       
   417     if(isset($_POST['create_'.$l[$key][0]['pid']]))
       
   418     {
       
   419       $str = mysql_real_escape_string($_POST['value_'.$l[$key][0]['pid']]);
       
   420       $q = $db->sql_query('INSERT INTO '.table_prefix.'poll_options(poll_id,option_value) VALUES('.$l[$key][0]['pid'].', \''.$str.'\');');
       
   421       if(!$q) $db->_die('The poll data could not be inserted.');
       
   422       $q = $db->sql_query('SELECT o.item_id AS oid,option_value AS v, p.poll_id AS pid FROM '.table_prefix.'polls p, '.table_prefix.'poll_options o WHERE p.poll_id=o.poll_id AND option_value=\''.$str.'\';');
       
   423       if(!$q) $db->_die('The poll data could not be selected.');
       
   424       $nr = $db->fetchrow();
       
   425       $l[$key][] = $nr; // Fetches the option ID, which is needed for updating and deleting the poll option
       
   426     }
       
   427     echo '<hr /><h3>Poll: '.$key.'</h3>';
       
   428     echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module'], true).'" method="post">';
       
   429     $poll_id = $l[$key][0]['pid'];
       
   430     $enabled = $l[$key][0]['enabled'];
       
   431     $ending_time = $l[$key][0]['end_time'];
       
   432     $year = substr($ending_time, 0, 4);
       
   433     $month = substr($ending_time, 5, 2);
       
   434     $day = substr($ending_time, 8, 2);
       
   435     $hour = substr($ending_time, 11, 2);
       
   436     $minute = substr($ending_time, 14, 2);
       
   437     ?>
       
   438     <p>Ending time:
       
   439     <select name="poll_<?php echo $poll_id; ?>_month">
       
   440       <option<?php if($month=='01') echo ' selected="selected"'; ?> value="01">January</option>
       
   441       <option<?php if($month=='02') echo ' selected="selected"'; ?> value="02">February</option>
       
   442       <option<?php if($month=='03') echo ' selected="selected"'; ?> value="03">March</option>
       
   443       <option<?php if($month=='04') echo ' selected="selected"'; ?> value="04">April</option>
       
   444       <option<?php if($month=='05') echo ' selected="selected"'; ?> value="05">May</option>
       
   445       <option<?php if($month=='06') echo ' selected="selected"'; ?> value="06">June</option>
       
   446       <option<?php if($month=='07') echo ' selected="selected"'; ?> value="07">July</option>
       
   447       <option<?php if($month=='08') echo ' selected="selected"'; ?> value="08">August</option>
       
   448       <option<?php if($month=='09') echo ' selected="selected"'; ?> value="09">September</option>
       
   449       <option<?php if($month=='10') echo ' selected="selected"'; ?> value="10">October</option>
       
   450       <option<?php if($month=='11') echo ' selected="selected"'; ?> value="11">November</option>
       
   451       <option<?php if($month=='12') echo ' selected="selected"'; ?> value="12">December</option>
       
   452     </select>
       
   453     <select name="poll_<?php echo $poll_id; ?>_day">
       
   454     <?php
       
   455       // This would be too hard to write by hand, so let's use a simple for-loop to take care of it for us
       
   456       for($i=1;$i<=31;$i++)
       
   457       {
       
   458         if($i < 10) $t = '0'.$i;
       
   459         else $t = $i.'';
       
   460         echo '<option';
       
   461         if($t == $day) echo ' selected="selected"';
       
   462         echo ' value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   463       }
       
   464     ?>
       
   465     </select>,
       
   466     <select name="poll_<?php echo $poll_id; ?>_year">
       
   467     <?php
       
   468       // What the heck? Let's do it again :-D
       
   469       for($i=2006;$i<=2026;$i++)
       
   470       {
       
   471         echo '<option';
       
   472         if($i.'' == $year) echo ' selected="selected"';
       
   473         echo ' value="'.$i.'">'.$i.'</option>'."\n      "; 
       
   474       }
       
   475     ?>
       
   476     </select>&nbsp;&nbsp;
       
   477     <select name="poll_<?php echo $poll_id; ?>_hour">
       
   478     <?php
       
   479       for($i=0;$i<=23;$i++)
       
   480       {
       
   481         if($i < 10) $t = '0'.$i;
       
   482         else $t = $i.'';
       
   483         echo '<option';
       
   484         if($t == $hour) echo ' selected="selected"';
       
   485         echo ' value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   486       }
       
   487     ?>
       
   488     </select>:<select name="poll_<?php echo $poll_id; ?>_minute">
       
   489     <?php
       
   490       for($i=0;$i<=59;$i++)
       
   491       {
       
   492         if($i < 10) $t = '0'.$i;
       
   493         else $t = $i.'';
       
   494         echo '<option';
       
   495         if($t == $minute) echo ' selected="selected"';
       
   496         echo ' value="'.$t.'">'.$t.'</option>'."\n      "; 
       
   497       }
       
   498     ?>
       
   499     </select><br />
       
   500     &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<label><input<?php if($year=='9999' && $month=='01' && $day=='01' && $hour=='00' && $minute=='00') echo ' checked="checked"'; ?> type="checkbox" name="poll_<?php echo $poll_id; ?>_never" />Never ends</label></p>
       
   501     <p><label><input<?php if($enabled) echo ' checked="checked"'; ?> type="checkbox" name="poll_<?php echo $poll_id; ?>_enabled" /> Poll is enabled</label></p>
       
   502     <p><input type="submit" name="poll_<?php echo $poll_id; ?>_update" value="Update this poll" />  <input type="submit" name="poll_<?php echo $poll_id; ?>_delete" value="Delete this poll" /></p></p>
       
   503     <table border="0" width="100%" cellspacing="1" cellpadding="4">
       
   504       <tr><th>Option value</th><th>Votes</th><th>Actions</th></tr>
       
   505       <?php
       
   506         foreach($l[$key] as $row)
       
   507         {
       
   508           if(isset($_POST['delete_'.$row['pid'].'_'.$row['oid']]) && sizeof($l[$key]) > 1)
       
   509           {
       
   510             $q = $db->sql_query('DELETE FROM '.table_prefix.'poll_options WHERE poll_id='.$row['pid'].' AND item_id='.$row['oid'].';');
       
   511             if(!$q) $db->_die('The poll data could not be deleted.');
       
   512             $q = $db->sql_query('DELETE FROM '.table_prefix.'poll_results WHERE poll_id='.$row['pid'].' AND item_id='.$row['oid'].';');
       
   513             if(!$q) $db->_die('The poll result data could not be deleted.');
       
   514             echo '<tr><td colspan="3" style="text-align: center"><b>Item deleted.</b></tr>';
       
   515           } else {
       
   516             if(isset($_POST['delete_'.$row['pid'].'_'.$row['oid']]) && sizeof($l[$key]) < 2)
       
   517               echo '<tr><td colspan="3" style="text-align: center"><b>You cannot delete the last option in a poll.<br />Instead, please use the "Update" button.</b></tr>';
       
   518             if(isset($_POST['update_'.$row['pid'].'_'.$row['oid']]))
       
   519             {
       
   520               $q = $db->sql_query('UPDATE '.table_prefix.'poll_options SET option_value=\''.mysql_real_escape_string($_POST['value_'.$row['pid'].'_'.$row['oid']]).'\' WHERE poll_id='.$row['pid'].' AND item_id='.$row['oid'].';');
       
   521               if(!$q) $db->_die('The poll data could not be updated.');
       
   522               $row['v'] = $_POST['value_'.$row['pid'].'_'.$row['oid']];
       
   523             }
       
   524             // Sorry guys, really, I hate to make a ton of queries here but there's really no other way to do this :'(
       
   525             $q = $db->sql_query('SELECT * FROM '.table_prefix.'poll_results WHERE poll_id='.$row['pid'].' AND item_id='.$row['oid'].';');
       
   526             if(!$q) $db->_die('The poll result data could not be selected.');
       
   527             echo '<tr><td><input name="value_'.$row['pid'].'_'.$row['oid'].'" value="'.htmlspecialchars($row['v']).'" /></td><td>'.$db->numrows().'</td><td style="text-align: center"><input name="update_'.$row['pid'].'_'.$row['oid'].'" type="submit" value="Update" />  <input name="delete_'.$row['pid'].'_'.$row['oid'].'" type="submit" value="Delete" /></td></tr>';
       
   528           }
       
   529           //$last_pid
       
   530         }
       
   531       ?>
       
   532       <tr><td colspan="2"><input name="value_<?php echo $l[$key][0]['pid']; ?>" type="text" /></td><td style="text-align: center;"><input type="submit" name="create_<?php echo $l[$key][0]['pid']; ?>" value="Create option" /></td>
       
   533     </table>
       
   534     <?php
       
   535     echo '</form>';
       
   536   }
       
   537 }
       
   538 
       
   539 ?>