Menu
▾
▴
[mxbb-commits] core/modules/mx_core_portal mx_poll.php,1.16,1.17
|
From: Markus P. <mar...@us...> - 2005-04-10 23:02:31
|
Update of /cvsroot/mxbb/core/modules/mx_core_portal In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20679 Modified Files: mx_poll.php Log Message: Poll Block now based on posting.php and viewtopic.php from phpBB 2.0.13 Also, changed use of mx_block_info (removed) by the new mx_block_message function. Additionally, fixed a couple of bugs. One of them security related (a nice SQL injection vulnerability). Index: mx_poll.php =================================================================== RCS file: /cvsroot/mxbb/core/modules/mx_core_portal/mx_poll.php,v retrieving revision 1.16 retrieving revision 1.17 diff -C2 -d -r1.16 -r1.17 *** mx_poll.php 6 Mar 2005 01:10:14 -0000 1.16 --- mx_poll.php 10 Apr 2005 23:02:11 -0000 1.17 *************** *** 18,56 **** * (at your option) any later version. */ - - // Vote in a poll ! $block_config = read_block_config( $block_id ); $title = $block_config[$block_id]['block_title']; ! $topic_id = $block_config[$block_id][Poll_Display]['parameter_value']; ! $forum_lst_poll = $block_config[$block_id][poll_forum]['parameter_value']; $auth_data_sql_poll = get_auth_forum(); ! if ( empty( $forum_lst_poll ) ) { $forum_lst_poll = $auth_data_sql_poll; } ! // mx_message_die(GENERAL_MESSAGE, $forum_lst_poll . '-' .$auth_data_sql_poll); // store current page to generate correct url ! $current_page = intval( isset( $HTTP_GET_VARS['page'] ) ? intval( $HTTP_GET_VARS['page'] ) : intval( $HTTP_POST_VARS['page'] ) ); if ( $topic_id == 0 ) { $sql = "SELECT vote.topic_id ! FROM " . VOTE_DESC_TABLE . " vote, ! " . TOPICS_TABLE . " topic ! WHERE vote.topic_id = topic.topic_id ! AND forum_id IN ( $forum_lst_poll ) ! AND forum_id IN ( $auth_data_sql_poll ) ! AND (vote_start + vote_length > " . time() . " ! OR vote_length = 0) ! ORDER BY vote_start DESC " ; ! if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, 'Could not obtain vote data', '', __LINE__, __FILE__, $sql ); } ! if ( $poll_info = $db->sql_fetchrow( $result ) ) { $topic_id = $poll_info['topic_id']; --- 18,62 ---- * (at your option) any later version. */ ! // -------------------------------------------------------------------------------- ! // Poll Block - based on posting.php and viewtopic.php from phpBB 2.0.13 (see below) ! // ! // Please, do not reformat the code nor touch indentation. It has been left as ! // close to the original code as possible, intentionally. ;-) ! // -------------------------------------------------------------------------------- + $block_config = read_block_config($block_id); $title = $block_config[$block_id]['block_title']; ! $topic_id = $block_config[$block_id]['Poll_Display']['parameter_value']; ! $forum_lst_poll = $block_config[$block_id]['poll_forum']['parameter_value']; $auth_data_sql_poll = get_auth_forum(); ! if ( empty($forum_lst_poll) ) { $forum_lst_poll = $auth_data_sql_poll; } ! ! // // store current page to generate correct url ! // ! $current_page = $mx_request_vars->request('page', MX_TYPE_INT, 1); if ( $topic_id == 0 ) { $sql = "SELECT vote.topic_id ! FROM " . VOTE_DESC_TABLE . " vote, ! " . TOPICS_TABLE . " topic ! WHERE vote.topic_id = topic.topic_id ! AND forum_id IN ( $forum_lst_poll ) ! AND forum_id IN ( $auth_data_sql_poll ) ! AND (vote_start + vote_length > " . time() . " ! OR vote_length = 0) ! ORDER BY vote_start DESC "; ! if ( !( $result = $db->sql_query($sql) ) ) { ! mx_message_die(GENERAL_ERROR, 'Could not obtain vote data', '', __LINE__, __FILE__, $sql); } ! if ( $poll_info = $db->sql_fetchrow($result) ) { $topic_id = $poll_info['topic_id']; *************** *** 58,262 **** } - // End Select Poll ! $vote_id_name = 'vote_id_' . $topic_id; ! if ( !empty( $HTTP_POST_VARS[$vote_id_name] ) ) ! { ! $vote_option_id = $HTTP_POST_VARS[$vote_id_name]; ! $sql = "SELECT vd.vote_id ! FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr ! WHERE vd.topic_id = $topic_id ! AND vr.vote_id = vd.vote_id ! AND vr.vote_option_id = $vote_option_id ! GROUP BY vd.vote_id"; ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! message_die( GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql ); ! } ! if ( $vote_info = $db->sql_fetchrow( $result ) ) { ! $vote_id = $vote_info['vote_id']; ! $sql = "SELECT * ! FROM " . VOTE_USERS_TABLE . " ! WHERE vote_id = $vote_id ! AND vote_user_id = " . $userdata['user_id']; ! if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql ); } ! if ( !( $row = $db->sql_fetchrow( $result ) ) ) { ! $sql = "UPDATE " . VOTE_RESULTS_TABLE . " ! SET vote_result = vote_result + 1 WHERE vote_id = $vote_id ! AND vote_option_id = $vote_option_id"; ! if ( !$db->sql_query( $sql, BEGIN_TRANSACTION ) ) { ! message_die( GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql ); } ! $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip) ! VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')"; ! if ( !$db->sql_query( $sql, END_TRANSACTION ) ) { ! message_die( GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql ); ! } ! $message = $lang['Vote_cast']; } else { ! $message = $lang['Already_voted']; } ! } ! else ! { ! $message = $lang['No_vote_option']; ! } ! $template->assign_vars( array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid( PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id ) . '">' ) ); ! $message .= '<br /><br />' . sprintf( $lang['Click_view_voted'], '<a href="' . append_sid( PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id . "&page=$current_page" ) . '">', '</a>' ); ! mx_block_info( GENERAL_MESSAGE, $message ); ! } ! ! // contain a poll? ! $sql = "SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result ! FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr ! WHERE vd.topic_id = $topic_id ! AND vr.vote_id = vd.vote_id ! ORDER BY vr.vote_option_id ASC"; ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! $block_rows[$block]['show_title'] = 0; ! $block_rows[$block]['show_block'] = 0; ! return; ! message_die( GENERAL_ERROR, "Could not obtain vote data for this topic", '', __LINE__, __FILE__, $sql ); ! } ! if ( $vote_info = $db->sql_fetchrowset( $result ) ) { ! $db->sql_freeresult( $result ); ! $vote_options = count( $vote_info ); ! ! $vote_id = $vote_info[0]['vote_id']; ! $vote_title = $vote_info[0]['vote_text']; ! $sql = "SELECT vote_id ! FROM " . VOTE_USERS_TABLE . " ! WHERE vote_id = $vote_id ! AND vote_user_id = " . $userdata['user_id']; ! if ( !( $result = $db->sql_query( $sql ) ) ) { ! return; ! message_die( GENERAL_ERROR, "Could not obtain user vote data for this topic", '', __LINE__, __FILE__, $sql ); } ! $user_voted = ( $row = $db->sql_fetchrow( $result ) ) ? true : 0; ! $db->sql_freeresult( $result ); ! // Fix by NPauly ! if ( ( isset( $HTTP_GET_VARS['vote'] ) || isset( $HTTP_POST_VARS['vote'] ) ) || ( !$userdata['session_logged_in'] ) ) ! { ! $view_result = ( ( ( ( isset( $HTTP_GET_VARS['vote'] ) ) ? $HTTP_GET_VARS['vote'] : $HTTP_POST_VARS['vote'] ) == 'viewresult' ) || ( !$userdata['session_logged_in'] ) ) ? true : 0; ! } ! else { ! $view_result = 0; ! } ! $poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? true : 0 ) : 0; ! // Fix by NPauly ! if ( $view_result || $poll_expired || $user_voted ) ! { ! $template->set_filenames( array( 'pollbox' => 'mx_poll_result.tpl' ) ! ); ! $vote_results_sum = 0; ! for( $i = 0; $i < $vote_options; $i++ ) { ! $vote_results_sum += $vote_info[$i]['vote_result']; } ! $vote_graphic = 0; ! $vote_graphic_max = count( $images['voting_graphic'] ); ! for( $i = 0; $i < $vote_options; $i++ ) { ! $vote_percent = ( $vote_results_sum > 0 ) ? $vote_info[$i]['vote_result'] / $vote_results_sum : 0; ! // $vote_graphic_length = round($vote_percent * ($block_size - 50) ); ! $vote_graphic_length = is_numeric( $block_size ) ? round( $vote_percent * ( $block_size - 50 ) ) : $vote_percent * 400 ; ! $vote_graphic_img = $images['voting_graphic'][$vote_graphic]; ! $vote_graphic = ( $vote_graphic < $vote_graphic_max - 1 ) ? $vote_graphic + 1 : 0; ! if ( count( $orig_word ) ) { ! $vote_info[$i]['vote_option_text'] = preg_replace( $orig_word, $replacement_word, $vote_info[$i]['vote_option_text'] ); } ! $template->assign_block_vars( "poll_option", array( 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'], 'POLL_OPTION_RESULT' => $vote_info[$i]['vote_result'], ! 'POLL_OPTION_PERCENT' => sprintf( "%.1d%%", ( $vote_percent * 100 ) ), 'POLL_OPTION_IMG' => $vote_graphic_img, ! 'POLL_OPTION_IMG_WIDTH' => $vote_graphic_length ) ); ! } ! $template->assign_vars( array( 'L_TITLE' => $lang['Surveys/Polls'], 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'TEMPLATE_ROOT_PATH' => TEMPLATE_ROOT_PATH, 'L_TOTAL_VOTES' => $lang['Total_votes'], ! 'TOTAL_VOTES' => $vote_results_sum ) ! ); ! } ! else ! { ! $template->set_filenames( array( 'pollbox' => 'mx_poll_ballot.tpl' ) ); ! for( $i = 0; $i < $vote_options; $i++ ) { ! if ( count( $orig_word ) ) { ! $vote_info[$i]['vote_option_text'] = preg_replace( $orig_word, $replacement_word, $vote_info[$i]['vote_option_text'] ); ! } ! $template->assign_block_vars( "poll_option", array( 'POLL_OPTION_ID' => $vote_info[$i]['vote_option_id'], 'VOTE_ID' => $vote_id_name, ! 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'] ) ); ! } ! $template->assign_vars( array( 'BLOCK_SIZE' => $block_size , 'L_TITLE' => $lang['Surveys/Polls'], 'L_SUBMIT_VOTE' => $lang['Submit_vote'], 'L_VIEW_RESULTS' => $lang['View_results'], ! 'U_VIEW_RESULTS' => append_sid( PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id . "&page=$current_page" ), ! 'U_URL' => append_sid( PHPBB_URL . "viewtopic.$phpEx?t=$topic_id" ) ) ); ! $s_hidden_fields = '<input type="hidden" name="topic_id" value="' . $topic_id . '"><input type="hidden" name="mode" value="vote">'; ! } ! if ( count( $orig_word ) ) ! { ! $vote_title = preg_replace( $orig_word, $replacement_word, $vote_title ); ! } ! $template->assign_vars( array( 'BLOCK_SIZE' => ( !empty( $block_size ) ? $block_size : '100%' ), 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'POLL_QUESTION' => $vote_title, ! 'S_HIDDEN_FIELDS' => ( !empty( $s_hidden_fields ) ) ? $s_hidden_fields : '', ! 'S_POLL_ACTION' => append_sid( PORTAL_URL . "index.$phpEx?" . POST_TOPIC_URL . "=$topic_id&block_id=" . $block_id . "&page=$current_page" ) ) ); ! $template->assign_var_from_handle( 'poll_submit', 'pollbox' ); ! $template->assign_var_from_handle( 'POLL_DISPLAY', 'pollbox' ); ! $template->pparse( 'pollbox' ); } else --- 64,295 ---- } ! // -------------------------------------------------------------------------------- ! // The following code is based on posting.php (around line 453) from phpBB 2.0.13 ! // ! $vote_id_name = 'vote_id_' . $topic_id; ! // ! // Vote in a poll ! // ! if ( !empty($HTTP_POST_VARS[$vote_id_name]) ) { ! $vote_option_id = intval($HTTP_POST_VARS[$vote_id_name]); ! $sql = "SELECT vd.vote_id ! FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr ! WHERE vd.topic_id = $topic_id ! AND vr.vote_id = vd.vote_id ! AND vr.vote_option_id = $vote_option_id ! GROUP BY vd.vote_id"; ! if ( !($result = $db->sql_query($sql)) ) { ! mx_message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); } ! if ( $vote_info = $db->sql_fetchrow($result) ) { ! $vote_id = $vote_info['vote_id']; ! ! $sql = "SELECT * ! FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $vote_id ! AND vote_user_id = " . $userdata['user_id']; ! if ( !($result2 = $db->sql_query($sql)) ) { ! mx_message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql); } ! if ( !($row = $db->sql_fetchrow($result2)) ) { ! $sql = "UPDATE " . VOTE_RESULTS_TABLE . " ! SET vote_result = vote_result + 1 ! WHERE vote_id = $vote_id ! AND vote_option_id = $vote_option_id"; ! if ( !$db->sql_query($sql, BEGIN_TRANSACTION) ) ! { ! mx_message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql); ! } ! $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip) ! VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')"; ! if ( !$db->sql_query($sql, END_TRANSACTION) ) ! { ! mx_message_die(GENERAL_ERROR, "Could not insert user_id for poll", '', __LINE__, __FILE__, $sql); ! } ! ! $message = $lang['Vote_cast']; ! } ! else ! { ! $message = $lang['Already_voted']; ! } ! $db->sql_freeresult($result2); } else { ! $message = $lang['No_vote_option']; } ! $db->sql_freeresult($result); ! $template->assign_vars(array( ! 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id) . '">') ); ! $message .= '<br /><br />' . sprintf($lang['Click_view_voted'], '<a href="' . append_sid(PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id . "&page=$current_page") . '">', '</a>'); ! mx_block_message($lang['Surveys/Polls'], $message); ! return; ! } ! // -------------------------------------------------------------------------------- ! // The following code is based on viewtopic.php (around line 674) from phpBB 2.0.13 ! // ! // ! // Does this topic contain a poll? ! // ! //if ( !empty($forum_topic_data['topic_vote']) ) { ! $s_hidden_fields = ''; ! $sql = "SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result ! FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr ! WHERE vd.topic_id = $topic_id ! AND vr.vote_id = vd.vote_id ! ORDER BY vr.vote_option_id ASC"; ! if ( !($result = $db->sql_query($sql)) ) { ! $block_rows[$block]['show_title'] = 0; ! $block_rows[$block]['show_block'] = 0; ! return; //message_die(GENERAL_ERROR, "Could not obtain vote data for this topic", '', __LINE__, __FILE__, $sql); } ! if ( $vote_info = $db->sql_fetchrowset($result) ) { ! $db->sql_freeresult($result); ! $vote_options = count($vote_info); ! $vote_id = $vote_info[0]['vote_id']; ! $vote_title = $vote_info[0]['vote_text']; ! $sql = "SELECT vote_id ! FROM " . VOTE_USERS_TABLE . " ! WHERE vote_id = $vote_id ! AND vote_user_id = " . $userdata['user_id']; ! if ( !($result = $db->sql_query($sql)) ) ! { ! return; //message_die(GENERAL_ERROR, "Could not obtain user vote data for this topic", '', __LINE__, __FILE__, $sql); ! } ! $user_voted = ( $row = $db->sql_fetchrow($result) ) ? TRUE : 0; ! $db->sql_freeresult($result); ! ! if ( ( isset($HTTP_GET_VARS['vote']) || isset($HTTP_POST_VARS['vote']) ) || ( !$userdata['session_logged_in'] ) ) { ! $view_result = ( ( ( ( isset($HTTP_GET_VARS['vote']) ) ? $HTTP_GET_VARS['vote'] : $HTTP_POST_VARS['vote'] ) == 'viewresult' ) || ( !$userdata['session_logged_in'] ) ) ? TRUE : 0; ! } ! else ! { ! $view_result = 0; } ! $poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? TRUE : 0 ) : 0; ! if ( $user_voted || $view_result || $poll_expired ) { ! $template->set_filenames(array( ! 'pollbox' => 'mx_poll_result.tpl') ! ); ! $vote_results_sum = 0; ! for($i = 0; $i < $vote_options; $i++) { ! $vote_results_sum += $vote_info[$i]['vote_result']; } ! $vote_graphic = 0; ! $vote_graphic_max = count($images['voting_graphic']); ! ! for($i = 0; $i < $vote_options; $i++) ! { ! $vote_percent = ( $vote_results_sum > 0 ) ? $vote_info[$i]['vote_result'] / $vote_results_sum : 0; ! $vote_graphic_length = is_numeric($block_size) ? round($vote_percent * ( $block_size - 50 )) : $vote_percent * 400; ! ! $vote_graphic_img = $images['voting_graphic'][$vote_graphic]; ! $vote_graphic = ($vote_graphic < $vote_graphic_max - 1) ? $vote_graphic + 1 : 0; ! ! if ( count($orig_word) ) ! { ! $vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']); ! } ! ! $template->assign_block_vars('poll_option', array( ! 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'], 'POLL_OPTION_RESULT' => $vote_info[$i]['vote_result'], ! 'POLL_OPTION_PERCENT' => sprintf('%.1d%%', ( $vote_percent * 100 )), ! 'POLL_OPTION_IMG' => $vote_graphic_img, ! 'POLL_OPTION_IMG_WIDTH' => $vote_graphic_length) ); ! } ! $template->assign_vars(array( ! 'L_TITLE' => $lang['Surveys/Polls'], 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'TEMPLATE_ROOT_PATH' => TEMPLATE_ROOT_PATH, 'L_TOTAL_VOTES' => $lang['Total_votes'], ! 'TOTAL_VOTES' => $vote_results_sum) ); ! } ! else { ! $template->set_filenames(array( ! 'pollbox' => 'mx_poll_ballot.tpl') ! ); ! ! for($i = 0; $i < $vote_options; $i++) { ! if ( count($orig_word) ) ! { ! $vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']); ! } ! $template->assign_block_vars("poll_option", array( 'VOTE_ID' => $vote_id_name, ! 'POLL_OPTION_ID' => $vote_info[$i]['vote_option_id'], ! 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text']) ); ! } ! $template->assign_vars(array( ! 'BLOCK_SIZE' => $block_size, 'L_TITLE' => $lang['Surveys/Polls'], 'L_SUBMIT_VOTE' => $lang['Submit_vote'], 'L_VIEW_RESULTS' => $lang['View_results'], ! 'U_VIEW_RESULTS' => append_sid(PORTAL_URL . "index.$phpEx?" . "vote=viewresult&block_id=" . $block_id . "&page=$current_page"), ! 'U_URL' => append_sid(PHPBB_URL . "viewtopic.$phpEx?t=$topic_id")) ); ! $s_hidden_fields = '<input type="hidden" name="topic_id" value="' . $topic_id . '" /><input type="hidden" name="mode" value="vote" />'; ! } ! if ( count($orig_word) ) ! { ! $vote_title = preg_replace($orig_word, $replacement_word, $vote_title); ! } ! $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; ! ! $template->assign_vars(array( ! 'BLOCK_SIZE' => ( !empty($block_size) ? $block_size : '100%' ), 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'POLL_QUESTION' => $vote_title, ! 'S_HIDDEN_FIELDS' => ( !empty($s_hidden_fields) ? $s_hidden_fields : '' ), ! 'S_POLL_ACTION' => append_sid(PORTAL_URL . "index.$phpEx?" . POST_TOPIC_URL . "=$topic_id&block_id=" . $block_id . "&page=$current_page")) ); ! $template->pparse('pollbox'); ! } } else *************** *** 264,267 **** $block_rows[$block]['show_title'] = 0; $block_rows[$block]['show_block'] = 0; ! } ?> \ No newline at end of file --- 297,301 ---- $block_rows[$block]['show_title'] = 0; $block_rows[$block]['show_block'] = 0; ! } ! ?> \ No newline at end of file |
