/Quản lý website đọc truyện online PHP/forum/includes/editvote.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien · PHP · 108 lines · 94 code · 1 blank · 13 comment · 27 complexity · 6096e61fc83026939fe795413b127f38 MD5 · raw file 

    

  1. <?php
    2. 

  2. /**
    3. 

  3. * @package     JohnCMS
    4. 

  4. * @link        http://johncms.com
    5. 

  5. * @copyright   Copyright (C) 2008-2011 JohnCMS Community
    6. 

  6. * @license     LICENSE.txt (see attached file)
    7. 

  7. * @version     VERSION.txt (see attached file)
    8. 

  8. * @author      http://johncms.com/about
    9. 

  9. */
    10. 

  10. 

  11. defined('_IN_JOHNCMS') or die('Error: restricted access');
    12. 

  12. if ($rights == 3 || $rights >= 6) {
    13. 

  13.     $topic_vote = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote` WHERE `website` = '$website' AND `type`='1' AND `topic`='$id'"), 0);
    14. 

  14.     require('../incfiles/head.php');
    15. 

  15.     if ($topic_vote == 0) {
    16. 

  16.         echo functions::display_error($lng['error_wrong_data']);
    17. 

  17.         require('../incfiles/end.php');
    18. 

  18.         exit;
    19. 

  19.     }
    20. 

  20.     if (isset($_GET['delvote']) && !empty($_GET['vote'])) {
    21. 

  21.         $vote = abs(intval($_GET['vote']));
    22. 

  22.         $totalvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote` WHERE `website` = '$website' AND `type` = '2' AND `id` = '$vote' AND `topic` = '$id'"), 0);
    23. 

  23.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote` WHERE `website` = '$website' AND `type` = '2' AND `topic` = '$id'"), 0);
    24. 

  24.         if ($countvote <= 2)
    25. 

  25.             header('location: ?act=editvote&id=' . $id . '');
    26. 

  26.         if ($totalvote != 0) {
    27. 

  27.             if (isset($_GET['yes'])) {
    28. 

  28.                 mysql_query("DELETE FROM `cms_forum_vote` WHERE `id` = '$vote'");
    29. 

  29.                 $countus = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote_users` WHERE `website` = '$website' AND `vote` = '$vote' AND `topic` = '$id'"), 0);
    30. 

  30.                 $topic_vote = mysql_fetch_assoc(mysql_query("SELECT `count` FROM `cms_forum_vote` WHERE `website` = '$website' AND `type` = '1' AND `topic` = '$id' LIMIT 1"));
    31. 

  31.                 $totalcount = $topic_vote['count'] - $countus;
    32. 

  32.                 mysql_query("UPDATE `cms_forum_vote` SET  `count` = '$totalcount'   WHERE `website` = '$website' AND `type` = '1' AND `topic` = '$id'");
    33. 

  33.                 mysql_query("DELETE FROM `cms_forum_vote_users` WHERE `vote` = '$vote'");
    34. 

  34.                 header('location: ?act=editvote&id=' . $id . '');
    35. 

  35.             } else {
    36. 

  36.                 echo '<div class="rmenu"><p>' . $lng_forum['voting_variant_warning'] . '<br />' .
    37. 

  37.                     '<a href="index.php?act=editvote&amp;id=' . $id . '&amp;vote=' . $vote . '&amp;delvote&amp;yes">' . $lng['delete'] . '</a><br />' .
    38. 

  38.                     '<a href="' . htmlspecialchars(getenv("HTTP_REFERER")) . '">' . $lng['cancel'] . '</a></p></div>';
    39. 

  39.             }
    40. 

  40.         } else {
    41. 

  41.             header('location: ?act=editvote&id=' . $id . '');
    42. 

  42.         }
    43. 

  43.     } else if (isset($_POST['submit'])) {
    44. 

  44.         $vote_name = mb_substr(trim($_POST['name_vote']), 0, 50);
    45. 

  45.         if (!empty($vote_name))
    46. 

  46.             mysql_query("UPDATE `cms_forum_vote` SET  `name` = '" . mysql_real_escape_string($vote_name) . "'  WHERE `website` = '$website' AND `topic` = '$id' AND `type` = '1'");
    47. 

  47.         $vote_result = mysql_query("SELECT `id` FROM `cms_forum_vote` WHERE `website` = '$website' AND `type`='2' AND `topic`='" . $id . "'");
    48. 

  48.         while ($vote = mysql_fetch_assoc($vote_result)) {
    49. 

  49.             if (!empty($_POST[$vote['id'] . 'vote'])) {
    50. 

  50.                 $text = mb_substr(trim($_POST[$vote['id'] . 'vote']), 0, 30);
    51. 

  51.                 mysql_query("UPDATE `cms_forum_vote` SET  `name` = '" . mysql_real_escape_string($text) . "'  WHERE `website` = '$website' AND `id` = '" . $vote['id'] . "'");
    52. 

  52.             }
    53. 

  53.         }
    54. 

  54.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote` WHERE `website` = '$website' AND `type`='2' AND `topic`='" . $id . "'"), 0);
    55. 

  55.         for ($vote = $countvote; $vote < 20; $vote++) {
    56. 

  56.             if (!empty($_POST[$vote])) {
    57. 

  57.                 $text = mb_substr(trim($_POST[$vote]), 0, 30);
    58. 

  58.                 mysql_query("INSERT INTO `cms_forum_vote` SET `name` = '" . mysql_real_escape_string($text) . "',
    59. 

  59. 					`website` = '$website',  `type` = '2', `topic` = '$id'");
    60. 

  60.             }
    61. 

  61.         }
    62. 

  62.         echo '<div class="gmenu"><p>' . $lng_forum['voting_changed'] . '<br /><a href="index.php?id=' . $id . '">' . $lng['continue'] . '</a></p></div>';
    63. 

  63.     } else {
    64. 

  64.         /*
    65. 

  65.         -----------------------------------------------------------------
    66. 

  66.         Форма редактирования опроса
    67. 

  67.         -----------------------------------------------------------------
    68. 

  68.         */
    69. 

  69.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_vote` WHERE `website` = '$website' AND `type` = '2' AND `topic` = '$id'"), 0);
    70. 

  70.         $topic_vote = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `cms_forum_vote` WHERE `type` = '1' AND `topic` = '$id' LIMIT 1"));
    71. 

  71.         echo '<div class="phdr"><a href="index.php?id=' . $id . '"><b>' . $lng['forum'] . '</b></a> | ' . $lng_forum['edit_vote'] . '</div>' .
    72. 

  72.             '<form action="index.php?act=editvote&amp;id=' . $id . '" method="post">' .
    73. 

  73.             '<div class="gmenu"><p>' .
    74. 

  74.             '<b>' . $lng_forum['voting'] . ':</b><br/>' .
    75. 

  75.             '<input type="text" size="20" maxlength="150" name="name_vote" value="' . htmlentities($topic_vote['name'], ENT_QUOTES, 'UTF-8') . '"/>' .
    76. 

  76.             '</p></div>' .
    77. 

  77.             '<div class="menu"><p>';
    78. 

  78.         $vote_result = mysql_query("SELECT `id`, `name` FROM `website` = '$website' AND `cms_forum_vote` WHERE `type` = '2' AND `topic` = '$id'");
    79. 

  79.         while ($vote = mysql_fetch_assoc($vote_result)) {
    80. 

  80.             echo $lng_forum['answer'] . ' ' . ($i + 1) . ' (max. 50): <br/>' .
    81. 

  81.                 '<input type="text" name="' . $vote['id'] . 'vote" value="' . htmlentities($vote['name'], ENT_QUOTES, 'UTF-8') . '"/>';
    82. 

  82.             if ($countvote > 2)
    83. 

  83.                 echo '&nbsp;<a href="index.php?act=editvote&amp;id=' . $id . '&amp;vote=' . $vote['id'] . '&amp;delvote">[x]</a>';
    84. 

  84.             echo '<br/>';
    85. 

  85.             ++$i;
    86. 

  86.         }
    87. 

  87.         if ($countvote < 20) {
    88. 

  88.             if (isset($_POST['plus']))
    89. 

  89.                 ++$_POST['count_vote'];
    90. 

  90.             elseif (isset($_POST['minus']))
    91. 

  91.                 --$_POST['count_vote'];
    92. 

  92.             if (empty($_POST['count_vote']))
    93. 

  93.                 $_POST['count_vote'] = $countvote;
    94. 

  94.             elseif ($_POST['count_vote'] > 20)
    95. 

  95.                 $_POST['count_vote'] = 20;
    96. 

  96.             for ($vote = $i; $vote < $_POST['count_vote']; $vote++) {
    97. 

  97.                 echo 'Ответ ' . ($vote + 1) . '(max. 50): <br/><input type="text" name="' . $vote . '" value="' . functions::checkout($_POST[$vote]) . '"/><br/>';
    98. 

  98.             }
    99. 

  99.             echo '<input type="hidden" name="count_vote" value="' . abs(intval($_POST['count_vote'])) . '"/>' . ($_POST['count_vote'] < 20 ? '<input type="submit" name="plus" value="' . $lng['add'] . '"/>' : '')
    100. 

  100.                 . ($_POST['count_vote'] - $countvote ? '<input type="submit" name="minus" value="' . $lng_forum['delete_last'] . '"/>' : '');
    101. 

  101.         }
    102. 

  102.         echo '</p></div><div class="gmenu">' .
    103. 

  103.             '<p><input type="submit" name="submit" value="' . $lng['save'] . '"/></p>' .
    104. 

  104.             '</div></form>' .
    105. 

  105.             '<div class="phdr"><a href="index.php?id=' . $id . '">' . $lng['cancel'] . '</a></div>';
    106. 

  106.     }
    107. 

  107. }
    108. 

  108. ?>
    109.