/Quản lý website đọc truyện online PHP/soo/includes/editvote.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien · PHP · 109 lines · 96 code · 2 blank · 11 comment · 25 complexity · ce943ef2ab7e5efc539306389db7fde9 MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4. WMR: R118530587041
    5. 

  5. ICQ: 365848916
    6. 

  6. Автор: VladiSs
    7. 

  7. Сайт: http://wapnex.ru
    8. 

  8. */
    9. 

  9. 

  10. defined('_IN_JOHNCMS') or die('Error: restricted access');
    11. 

  11. $us = mysql_fetch_array(mysql_query("SELECT * FROM `soo_users` where `website` = '$website' AND  `sid` = ' " . $sid . " ' AND `user_id`=' " . $user_id . " '  "));
    12. 

  12.                 if ($us['rights'] >= 8) {
    13. 

  13.     $topic_vote = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote` where `website` = '$website' AND  `type`='1' AND `topic`='$id'"), 0);
    14. 

  14.     require('../incfiles/head.php');
    15. 

  15.     if ($topic_vote == 0) {
    16. 

  16.         echo functions::display_error($lng['error_wrong_data']);
    17. 

  17.         require('../incfiles/end.php');
    18. 

  18.         exit;
    19. 

  19.     }
    20. 

  20.     if (isset($_GET['delvote']) && !empty($_GET['vote'])) {
    21. 

  21.         $vote = abs(intval($_GET['vote']));
    22. 

  22.         $totalvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '2' AND `id` = '$vote' AND `topic` = '$id'"), 0);
    23. 

  23.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '2' AND `topic` = '$id'"), 0);
    24. 

  24.         if ($countvote <= 2)
    25. 

  25.             header('location: ../soo/?mod=forum&act=editvote&id=' . $id . '');
    26. 

  26.         if ($totalvote != 0) {
    27. 

  27.             if (isset($_GET['yes'])) {
    28. 

  28.                 mysql_query("DELETE FROM `soo_forum_vote` where `website` = '$website' AND  `id` = '$vote'");
    29. 

  29.                 $countus = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote_users` where `website` = '$website' AND  `vote` = '$vote' AND `topic` = '$id'"), 0);
    30. 

  30.                 $topic_vote = mysql_fetch_array(mysql_query("SELECT `count` FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '1' AND `topic` = '$id' LIMIT 1"));
    31. 

  31.                 $totalcount = $topic_vote['count'] - $countus;
    32. 

  32.                 mysql_query("UPDATE `soo_forum_vote` SET  `count` = '$totalcount'   where `website` = '$website' AND  `type` = '1' AND `topic` = '$id'");
    33. 

  33.                 mysql_query("DELETE FROM `soo_forum_vote_users` where `website` = '$website' AND  `vote` = '$vote'");
    34. 

  34.                 header('location: ?mod=forum&act=editvote&sid='. $sid .'&id=' . $id . '');
    35. 

  35.             } else {
    36. 

  36.                 echo '<div class="rmenu"><p>' . $lng_forum['voting_variant_warning'] . '<br />' .
    37. 

  37.                     '<a href="../soo/?mod=forum&amp;act=editvote&amp&sid='. $sid .'&amp;id=' . $id . '&amp;vote=' . $vote . '&amp;delvote&amp;yes">' . $lng['delete'] . '</a><br />' .
    38. 

  38.                     '<a href="' . htmlspecialchars(getenv("HTTP_REFERER")) . '">' . $lng['cancel'] . '</a></p></div>';
    39. 

  39.             }
    40. 

  40.         } else {
    41. 

  41.             header('location: ../soo/?mod=forum&act=editvote&id=' . $id . '');
    42. 

  42.         }
    43. 

  43.     } else if (isset($_POST['submit'])) {
    44. 

  44.         $vote_name = mb_substr(trim($_POST['name_vote']), 0, 50);
    45. 

  45.         if (!empty($vote_name))
    46. 

  46.             mysql_query("UPDATE `soo_forum_vote` SET  `name` = '" . mysql_real_escape_string($vote_name) . "'  where `website` = '$website' AND  `topic` = '$id' AND `type` = '1'");
    47. 

  47.         $vote_result = mysql_query("SELECT `id` FROM `soo_forum_vote` where `website` = '$website' AND  `type`='2' AND `topic`='" . $id . "'");
    48. 

  48.         while ($vote = mysql_fetch_array($vote_result)) {
    49. 

  49.             if (!empty($_POST[$vote['id'] . 'vote'])) {
    50. 

  50.                 $text = mb_substr(trim($_POST[$vote['id'] . 'vote']), 0, 30);
    51. 

  51.                 mysql_query("UPDATE `soo_forum_vote` SET  `name` = '" . mysql_real_escape_string($text) . "'  where `website` = '$website' AND  `id` = '" . $vote['id'] . "'");
    52. 

  52.             }
    53. 

  53.         }
    54. 

  54.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote` where `website` = '$website' AND  `type`='2' AND `topic`='" . $id . "'"), 0);
    55. 

  55.         for ($vote = $countvote; $vote < 20; $vote++) {
    56. 

  56.             if (!empty($_POST[$vote])) {
    57. 

  57.                 $text = mb_substr(trim($_POST[$vote]), 0, 30);
    58. 

  58.                 mysql_query("INSERT INTO `soo_forum_vote` SET `name` = '" . mysql_real_escape_string($text) . "',  `type` = '2', `topic` = '$id', `website` = '$website'");
    59. 

  59.             }
    60. 

  60.         }
    61. 

  61.         echo '<div class="gmenu"><p>' . $lng_forum['voting_changed'] . '<br /><a href="../soo/?mod=forum&amp;&sid='. $sid .'&amp;id=' . $id . '">' . $lng['continue'] . '</a></p></div>';
    62. 

  62.     } else {
    63. 

  63.         /*
    64. 

  64.         -----------------------------------------------------------------
    65. 

  65.         Форма редактирования опроса
    66. 

  66.         -----------------------------------------------------------------
    67. 

  67.         */
    68. 

  68.         $countvote = mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '2' AND `topic` = '$id'"), 0);
    69. 

  69.         $topic_vote = mysql_fetch_array(mysql_query("SELECT `name` FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '1' AND `topic` = '$id' LIMIT 1"));
    70. 

  70.         echo '<div class="phdr"><a href="../soo/?mod=forum&amp;&sid='. $sid .'&amp;id=' . $id . '"><b>' . $lng['forum'] . '</b></a> | ' . $lng_forum['edit_vote'] . '</div>' .
    71. 

  71.             '<form action="../soo/?mod=forum&amp;act=editvote&amp;&sid='. $sid .'&amp;id=' . $id . '" method="post">' .
    72. 

  72.             '<div class="gmenu"><p>' .
    73. 

  73.             '<b>' . $lng_forum['voting'] . ':</b><br/>' .
    74. 

  74.             '<input type="text" size="20" maxlength="150" name="name_vote" value="' . htmlentities($topic_vote['name'], ENT_QUOTES, 'UTF-8') . '"/>' .
    75. 

  75.             '</p></div>' .
    76. 

  76.             '<div class="menu"><p>';
    77. 

  77.         $vote_result = mysql_query("SELECT `id`, `name` FROM `soo_forum_vote` where `website` = '$website' AND  `type` = '2' AND `topic` = '$id'");
    78. 

  78.         while ($vote = mysql_fetch_array($vote_result)) {
    79. 

  79.             echo $lng_forum['answer'] . ' ' . ($i + 1) . ' (max. 50): <br/>' .
    80. 

  80.                 '<input type="text" name="' . $vote['id'] . 'vote" value="' . htmlentities($vote['name'], ENT_QUOTES, 'UTF-8') . '"/>';
    81. 

  81.             if ($countvote > 2)
    82. 

  82.                 echo '&nbsp;<a href="../soo/?mod=forum&amp;act=editvote&amp;&sid='. $sid .'&amp;id=' . $id . '&amp;vote=' . $vote['id'] . '&amp;delvote">[x]</a>';
    83. 

  83.             echo '<br/>';
    84. 

  84.             ++$i;
    85. 

  85.         }
    86. 

  86.         if ($countvote < 20) {
    87. 

  87.             if (isset($_POST['plus']))
    88. 

  88.                 ++$_POST['count_vote'];
    89. 

  89.             elseif (isset($_POST['minus']))
    90. 

  90.                 --$_POST['count_vote'];
    91. 

  91.             if (empty($_POST['count_vote']))
    92. 

  92.                 $_POST['count_vote'] = $countvote;
    93. 

  93.             elseif ($_POST['count_vote'] > 20)
    94. 

  94.                 $_POST['count_vote'] = 20;
    95. 

  95.             for ($vote = $i; $vote < $_POST['count_vote']; $vote++) {
    96. 

  96.                 echo 'Ответ ' . ($vote + 1) . '(max. 50): <br/><input type="text" name="' . $vote . '" value="' . functions::checkout($_POST[$vote]) . '"/><br/>';
    97. 

  97.             }
    98. 

  98.             echo '<input type="hidden" name="count_vote" value="' . abs(intval($_POST['count_vote'])) . '"/>' . ($_POST['count_vote'] < 20 ? '<input type="submit" name="plus" value="' . $lng['add'] . '"/>' : '')
    99. 

  99.                 . ($_POST['count_vote'] - $countvote ? '<input type="submit" name="minus" value="' . $lng_forum['delete_last'] . '"/>' : '');
    100. 

  100.         }
    101. 

  101.         echo '</p></div><div class="gmenu">' .
    102. 

  102.             '<p><input type="submit" name="submit" value="' . $lng['save'] . '"/></p>' .
    103. 

  103.             '</div></form>' .
    104. 

  104.             '<div class="phdr"><a href="../soo/?mod=forum&amp;&sid='. $sid .'&amp;id=' . $id . '">' . $lng['cancel'] . '</a></div>';
    105. 

  105.     }
    106. 

  106. }
    107. 

  107. require('../incfiles/end.php');
    108. 

  108. break;
    109. 

  109. ?>
    110.