url = $_SERVER['SCRIPT_NAME']; } else { $this->url = $_id; } $this->poll_index = $_poll_index; $this->poll_title = $_poll_title; $this->selectInsertPollID(); ## We need this before going on! if(isset($_POST['poll_action' . $_poll_index])) { $this->poll_action = $_POST['poll_action' . $_poll_index]; } $App = new App(); $this->Session = $App->useSession("optional"); # Clean incoming $this->url = str_replace("..", "", $this->url); $this->url = str_replace(";", "", $this->url); if(!is_numeric($this->poll_index)) { $this->poll_index = 1; } # Determine the action to take. if($this->poll_action == "vote" && $this->isVoteable()) { if($this->require_login && $this->Session->getBugzillaID() <= 0) { # should not happen unless someone forces a post. $this->error = "You must be logged in to vote."; } if(isset($_POST['polloption']) && is_numeric($_POST['polloption'])) { # Save poll options! $this->updatePollCount(); } else { $this->error = "You must choose an option to vote."; $this->poll_action = ""; } } } /** * fetch poll counts from the database * */ function selectPollCounts() { # Get poll counts for poll id if($this->isValidPollID()) { $App = new App(); $this->total_votes = 0; $sql = "SELECT option_id, answer_count FROM poll_options WHERE poll_id = " . $this->poll_id; $dbc = new DBConnectionPollsRW(); $dbh = $dbc->connect(); $result = mysql_query($sql, $dbh); # find the right poll option, and increment the count while($myrow = mysql_fetch_array($result)) { for($i = 0; $i < count($this->poll_options); $i++) { $PollOption = $this->poll_options[$i]; if($PollOption->option_id == $myrow['option_id']) { $PollOption->answer_count = $myrow['answer_count']; $this->total_votes += $myrow['answer_count']; $this->poll_options[$i] = $PollOption; break; } } } $dbc->disconnect(); $dbh = null; $dbc = null; $result = null; $myrow = null; } } /** * get poll id from db, or create if not found */ function selectInsertPollID() { if($this->isValidPollID()) { # Get poll ID from the database, or create one if it doesn't exist. $App = new App(); $sql = "SELECT POL.poll_id, POL.require_login FROM polls AS POL WHERE POL.url = " . $App->returnQuotedString($this->url) . " AND POL.poll_index = " . $this->poll_index; $dbc = new DBConnectionPollsRW(); $dbh = $dbc->connect(); $result = mysql_query($sql, $dbh); if($myrow = mysql_fetch_array($result)) { $this->poll_id = $myrow["poll_id"]; $this->require_login = $myrow['require_login']; } else { $sql = "INSERT INTO polls ( poll_id, url, poll_index, first_seen) VALUES ( NULL, " . $App->returnQuotedString($this->url) . ", " . $this->poll_index . ", CURDATE())"; mysql_query($sql, $dbh); $this->poll_id = mysql_insert_id($dbh); # Perform house cleaning when creating new polls # Pass database handle to recycle the connection $this->flushOldPolls($dbh); } $dbc->disconnect(); $dbh = null; $dbc = null; $result = null; $myrow = null; } } /** * update poll count in db as a result of voting */ function updatePollCount() { if($this->isValidPollID()) { $App = new App(); # if poll requires login, ensure client is logged in $Session = $this->Session; # echo "Session: " . $Session->getBugzillaID() . " Login req: " . $this->require_login; exit; if( ($this->require_login && $Session->getBugzillaID() > 0) || !$this->require_login) { # we have the poll id, add a count $poll_option = $_POST['polloption']; if(!is_numeric($poll_option)) { $poll_option = 1; } $dbc = new DBConnectionPollsRW(); $dbh = $dbc->connect(); # Attempt to insert this user's vote in poll_login_votes. # If it fails, the user has already voted and we must not continue $error = false; if($this->require_login && $Session->getBugzillaID() > 0) { $sql = "INSERT INTO poll_login_votes (poll_id, bugzilla_id) VALUES (" . $this->poll_id . ", " . $Session->getBugzillaID() . ")"; mysql_query($sql, $dbh); if(mysql_affected_rows() <= 0) { $error = true; } } if(!$error) { $sql = "UPDATE poll_options SET answer_count = answer_count + 1 WHERE poll_id = " . $this->poll_id . " AND option_id = " . $poll_option; mysql_query($sql, $dbh); if(mysql_affected_rows() == 0) { # Update failed. Issue insert statement $sql = "INSERT INTO poll_options ( poll_id, option_id, answer_count) VALUES ( " . $this->poll_id . ", " . $poll_option . ", 1)"; mysql_query($sql, $dbh); } # put cookie on the browser to indicate user has voted $this->setCookie(); } $dbc->disconnect(); $dbh = null; $dbc = null; $result = null; $myrow = null; } } } /** * set cookie on the browser to avoid ballot stuffers */ function setCookie() { /* * Cookie is called ECLIPSE_INSTA_POLLS * We put a csv list of poll id's the user has voted on * all in one cookie. Makes for fewer cookies on the browser * */ $insta_polls = array(); if(isset($_COOKIE[$this->COOKIE_NAME])) { $insta_polls = explode(",", $_COOKIE[$this->COOKIE_NAME]); } if(!is_numeric(array_search($this->poll_id, $insta_polls))) { $insta_polls[count($insta_polls)] = $this->poll_id; } setcookie($this->COOKIE_NAME, implode(",", $insta_polls), time()+604800, "/"); } /** * determine if user can vote * @return bool */ function isVoteable() { /* * isVoteable - used to determine if we display a form or just get the actual results */ $rValue = false; $insta_polls = array(); if(isset($_COOKIE[$this->COOKIE_NAME])) { $insta_polls = explode(",", $_COOKIE[$this->COOKIE_NAME]); } if(!is_numeric(array_search($this->poll_id, $insta_polls))) { $rValue = true; } return $rValue; } /** * Add a poll option to the object's array * @param string $option_id a 12-character alphanumeric key to represent the option * @param string $option_text */ function addOption($_option_id, $_option_text) { $PollOption = new PollOption(); $PollOption->poll_id = $this->poll_id; $PollOption->option_id = $_option_id; $PollOption->option_text = str_replace("\"", "'", $_option_text); $this->poll_options[count($this->poll_options)] = $PollOption; } /** * disable graph display */ function noGraph() { $this->show_graph = false; } /** * disable anonymous polls */ function requireLogin() { # the constructor should have read this state from the DB # if we're setting requireLogin() and it's false in this object, # then this is the first time we've set requireLogin if(!$this->require_login) { $this->require_login = true; $App = new App(); $dbc = new DBConnectionPollsRW(); $dbh = $dbc->connect(); $sql = "UPDATE polls SET require_login = 1 WHERE poll_id = " . $this->poll_id; mysql_query($sql, $dbh); $dbc->disconnect(); $dbh = null; $dbc = null; } } /** * generate HTML required for the poll * @return string */ function getHTML() { $rValue = ""; if($this->poll_action == "" && $this->isVoteable()) { # display poll options $rValue = "
" . $this->poll_title . "
"; } } if($this->poll_action == "vote" || !($this->isVoteable())) { # display poll options $this->selectPollCounts(); $rValue = "Results: " . $this->poll_title . "
"; for($i = 0; $i < count($this->poll_options); $i++) { $PollOption = $this->poll_options[$i]; $thisPercent = 0; if($this->total_votes > 0) { $thisPercent = round($PollOption->answer_count / $this->total_votes * 100); } $rValue .= $PollOption->option_text . ": " . $thisPercent . " %Total votes: " . $this->total_votes . "
"; } return $rValue; } /** * determine if poll_id is valid * @return bool */ function isValidPollID() { if(is_numeric($this->poll_id)) { return true; } else { return false; } } /** * flush old polls and results. Polls can still be used, this is simply for house cleaning. * This code should be run automatically when a new poll is created. * @param dbh $_dbh a writable database connection * */ function flushOldPolls($_dbh) { # a Foreign Key constraint will enforce deletion of poll_options $sql = "DELETE FROM polls WHERE first_seen <= DATE_SUB(CURDATE(), INTERVAL 3 MONTH)"; mysql_query($sql, $_dbh); $_dbh = null; } } class PollOption { var $poll_id = 0; #PK var $option_id = 0; #PK var $option_text = ""; var $answer_count = 0; } ?>