From: <sy...@us...> - 2010-03-10 18:38:14
|
Revision: 26054 http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=26054&view=rev Author: sylvieg Date: 2010-03-10 18:38:08 +0000 (Wed, 10 Mar 2010) Log Message: ----------- [FIX]poll: add an antibot to poll voting + error message Modified Paths: -------------- branches/5.x/lib/setup/polls.php branches/5.x/lib/wiki-plugins/wikiplugin_poll.php branches/5.x/templates/tiki-plugin_poll.tpl branches/5.x/templates/tiki-poll.tpl branches/5.x/templates/tiki-poll_form.tpl Modified: branches/5.x/lib/setup/polls.php =================================================================== --- branches/5.x/lib/setup/polls.php 2010-03-10 17:44:02 UTC (rev 26053) +++ branches/5.x/lib/setup/polls.php 2010-03-10 18:38:08 UTC (rev 26054) @@ -8,17 +8,25 @@ //this script may only be included - so its better to die if called directly. $access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__)); -if ( isset($_REQUEST['pollVote']) ) { - if ( $tiki_p_vote_poll == 'y' && isset($_REQUEST['polls_optionId']) ) { - if( $prefs['feature_poll_anonymous'] == 'y' || $user ) { - global $polllib; include_once('lib/polls/polllib_shared.php'); +if ( isset($_REQUEST['pollVote']) && !empty($_REQUEST['polls_pollId']) ) { + $ok = true; + if (empty($_REQUEST['polls_optionId'])) { + $ok = false; + $smarty->assign('msg', tra('You must choose an option')); + } elseif ( $tiki_p_vote_poll == 'y' && ($prefs['feature_poll_anonymous'] == 'y' || $user || $prefs['feature_antibot'] == 'y')) { + if (($prefs['feature_antibot'] == 'y' && empty($user)) && (!isset($_SESSION['random_number']) || $_SESSION['random_number'] != $_REQUEST['antibotcode'])) { + $ok = false; + $smarty->assign('msg', tra('You have mistyped the anti-bot verification code; please try again.')); + $smarty->assign_by_ref('polls_optionId', $_REQUEST['polls_optionId']); + } else { if( $tikilib->register_user_vote($user, 'poll' . $_REQUEST['polls_pollId'], $_REQUEST['polls_optionId'], array(), $prefs['feature_poll_revote'] == 'y' ) ) { + global $polllib; include_once('lib/polls/polllib_shared.php'); $polllib->poll_vote($user, $_REQUEST['polls_pollId'], $_REQUEST['polls_optionId']); } } } - $pollId = $_REQUEST['polls_pollId']; - if ( ! isset($_REQUEST['wikipoll']) && $tiki_p_view_poll_results == 'y') { - header ("location: tiki-poll_results.php?pollId=$pollId"); + if ( $ok && ! isset($_REQUEST['wikipoll']) && $tiki_p_view_poll_results == 'y') { + header ('location: tiki-poll_results.php?pollId='.$_REQUEST['polls_pollId']); + die; } } Modified: branches/5.x/lib/wiki-plugins/wikiplugin_poll.php =================================================================== --- branches/5.x/lib/wiki-plugins/wikiplugin_poll.php 2010-03-10 17:44:02 UTC (rev 26053) +++ branches/5.x/lib/wiki-plugins/wikiplugin_poll.php 2010-03-10 18:38:08 UTC (rev 26054) @@ -55,6 +55,6 @@ ask_ticket('poll-form'); // Display the template - return $smarty->fetch("tiki-plugin_poll.tpl"); + return '~np~'.$smarty->fetch("tiki-plugin_poll.tpl").'~/np~'; } } Modified: branches/5.x/templates/tiki-plugin_poll.tpl =================================================================== --- branches/5.x/templates/tiki-plugin_poll.tpl 2010-03-10 17:44:02 UTC (rev 26053) +++ branches/5.x/templates/tiki-plugin_poll.tpl 2010-03-10 18:38:08 UTC (rev 26054) @@ -1,11 +1,9 @@ -~np~ <div class="poll"> <div class="poll-title"> - <strong>{$poll_title}</strong> + <strong>{$poll_title|escape}</strong> </div> <div class="poll-data"> -{$menu_info.name} +{$menu_info.name|escape} {include file='tiki-poll.tpl'} </div> </div> -~/np~ Modified: branches/5.x/templates/tiki-poll.tpl =================================================================== --- branches/5.x/templates/tiki-poll.tpl 2010-03-10 17:44:02 UTC (rev 26053) +++ branches/5.x/templates/tiki-poll.tpl 2010-03-10 18:38:08 UTC (rev 26054) @@ -1,19 +1,28 @@ +{if $prefs.feature_antibot eq 'y' && $user eq '' && !empty($msg)} + {remarksbox type="errors"} + {$msg} + {/remarksbox} +{/if} + {$menu_info.title|escape}<br /> <form method="post" action="{$ownurl}"> -<input type="hidden" name="polls_pollId" value="{$menu_info.pollId|escape}" /> -{if $tiki_p_vote_poll ne 'n' && ($user || $prefs.feature_poll_anonymous == 'y')} -{section name=ix loop=$channels} - <label><input type="radio" name="polls_optionId" value="{$channels[ix].optionId|escape}" />{tr}{$channels[ix].title|escape}{/tr}</label><br /> -{/section} -{else} - <ul> - {section name=ix loop=$channels} - <li>{tr}{$channels[ix].title|escape}{/tr}</li> - {/section} - </ul> + <input type="hidden" name="polls_pollId" value="{$menu_info.pollId|escape}" /> + {if $tiki_p_vote_poll ne 'n' && ($user || $prefs.feature_poll_anonymous == 'y' || $prefs.feature_antibot eq 'y')} + {section name=ix loop=$channels} + <label><input type="radio" name="polls_optionId" value="{$channels[ix].optionId|escape}"{if $polls_optionId == $channels[ix].optionId} checked="checked"{/if} />{tr}{$channels[ix].title|escape}{/tr}</label><br /> + {/section} + {else} + <ul> + {section name=ix loop=$channels} + <li>{tr}{$channels[ix].title|escape}{/tr}</li> + {/section} + </ul> + {/if} +<div align="center"> +{if $prefs.feature_antibot eq 'y' && $user eq ''} + <table>{include file='antibot.tpl'}</table> {/if} -<div align="center"> -{if $tiki_p_vote_poll ne 'n' && ($user || $prefs.feature_poll_anonymous == 'y')} +{if $tiki_p_vote_poll ne 'n' && ($user || $prefs.feature_poll_anonymous == 'y' || $prefs.feature_antibot eq 'y')} <input type="submit" name="pollVote" value="{tr}vote{/tr}" /><br /> {/if} {if $tiki_p_view_poll_results == 'y'} Modified: branches/5.x/templates/tiki-poll_form.tpl =================================================================== --- branches/5.x/templates/tiki-poll_form.tpl 2010-03-10 17:44:02 UTC (rev 26053) +++ branches/5.x/templates/tiki-poll_form.tpl 2010-03-10 18:38:08 UTC (rev 26054) @@ -1,7 +1,7 @@ <h2>{tr}Vote poll{/tr}:</h2> <div align="center"> {$menu_info.title}<br /><br /> -<div style="text-align:left;width:130px;" class="cbox"> +<div class="cbox"> <div class="cbox-title">{$menu_info.name}</div> <div class="cbox-data"> {include file='tiki-poll.tpl'} This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |