[geeklog-cvs] geeklog: Fixed bug where polls would display in the What's New B...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Thu Mar 11 10:16:21 EST 2010
changeset 7778:1a1112707c5e
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/1a1112707c5e
user: Tom <websitemaster at cogeco.net>
date: Thu Mar 11 10:13:39 2010 -0500
description:
Fixed bug where polls would display in the What's New Block that the user did not have access to (Users who have already voted but cannot see the results cannot view link)
diffstat:
plugins/polls/functions.inc | 59 +++++++++++++++++------------
1 files changed, 34 insertions(+), 25 deletions(-)
diffs (112 lines):
diff -r 542470fa726d -r 1a1112707c5e plugins/polls/functions.inc
--- a/plugins/polls/functions.inc Wed Mar 10 09:13:29 2010 -0500
+++ b/plugins/polls/functions.inc Thu Mar 11 10:13:39 2010 -0500
@@ -1237,7 +1237,7 @@
*/
function plugin_getiteminfo_polls($pid, $what, $uid = 0, $options = array())
{
- global $_CONF, $_TABLES;
+ global $_CONF, $_TABLES, $_USER;
// parse $what to see what we need to pull from the database
$properties = explode(',', $what);
@@ -1257,6 +1257,7 @@
// needed for $pid == '*', but also in case we're only requesting
// the URL (so that $fields isn't emtpy)
$fields[] = 'pid';
+ $fields[] = 'hideresults';
break;
default:
@@ -1317,9 +1318,12 @@
. '/polls/index.php?pid=' . $pid
. '&aid=-1';
} else {
- $props['url'] = $_CONF['site_url']
- . '/polls/index.php?pid=' . $A['pid']
- . '&aid=-1';
+ // Users who have already voted but cannot see the results cannot view link
+ if ($_USER['uid'] == 2 || ($_USER['uid'] != 2 && !($A['hideresults'] == 1 && (isset($_COOKIE['poll-' . $A['pid']]) || POLLS_ipAlreadyVoted($A['pid']))))) {
+ $props['url'] = $_CONF['site_url']
+ . '/polls/index.php?pid=' . $A['pid'];
+ // . '&aid=-1';
+ }
}
break;
default:
@@ -1508,7 +1512,7 @@
*/
function plugin_getwhatsnew_polls()
{
- global $_CONF, $_TABLES, $_PO_CONF, $LANG_POLLS;
+ global $_CONF, $_TABLES, $_PO_CONF, $LANG_POLLS, $_USER;
$retval = '';
if ($_PO_CONF['hidenewpolls'] == 'modified') {
@@ -1517,13 +1521,13 @@
$datecolumn = 'created';
}
$sql = array();
- $sql['mysql'] = "SELECT pid, topic
+ $sql['mysql'] = "SELECT pid, topic, hideresults
FROM {$_TABLES['polltopics']}
WHERE ({$datecolumn} >= (DATE_SUB(NOW(), INTERVAL {$_PO_CONF['newpollsinterval']} SECOND)))
" . COM_getPermSQL('AND') . "
ORDER BY {$datecolumn} DESC LIMIT 15";
- $sql['pgsql'] = "SELECT pid, topic
+ $sql['pgsql'] = "SELECT pid, topic, hideresults
FROM {$_TABLES['polltopics']}
WHERE ({$datecolumn} >= (NOW() - INTERVAL '{$_PO_CONF['newpollsinterval']} SECONDS'))
" . COM_getPermSQL('AND') . "
@@ -1538,27 +1542,32 @@
for ($x = 0; $x < $nrows; $x++) {
$A = DB_fetchArray($result);
- //$url = COM_buildUrl($_CONF['site_url'] . '/polls/index.php?pid=' . $A['pid']);
- $url = $_CONF['site_url'] . '/polls/index.php?pid=' . $A['pid'];
-
- $title = COM_undoSpecialChars(stripslashes( $A['topic']));
- $titletouse = COM_truncate($title, $_PO_CONF['title_trim_length'],
- '...');
- if ($title != $titletouse) {
- $attr = array('title' => htmlspecialchars($title));
- } else {
- $attr = array();
+ // Users who have already voted but cannot see the results cannot view link
+ if ($_USER['uid'] == 2 || ($_USER['uid'] != 2 && !($A['hideresults'] == 1 && (isset($_COOKIE['poll-' . $A['pid']]) || POLLS_ipAlreadyVoted($A['pid']))))) {
+ $url = $_CONF['site_url'] . '/polls/index.php?pid=' . $A['pid'];
+ $title = COM_undoSpecialChars(stripslashes( $A['topic']));
+ $titletouse = COM_truncate($title, $_PO_CONF['title_trim_length'],
+ '...');
+ if ($title != $titletouse) {
+ $attr = array('title' => htmlspecialchars($title));
+ } else {
+ $attr = array();
+ }
+ $apoll = str_replace('$', '$', $titletouse);
+ $apoll = str_replace(' ', ' ', $apoll);
+
+ $newpolls[] = COM_createLink($apoll, $url, $attr);
}
- $apoll = str_replace('$', '$', $titletouse);
- $apoll = str_replace(' ', ' ', $apoll);
-
- $newpolls[] = COM_createLink($apoll, $url, $attr);
}
-
- $retval .= COM_makeList($newpolls, 'list-new-plugins');
- } else {
+
+ if (isset($url)) {
+ $retval .= COM_makeList($newpolls, 'list-new-plugins');
+ }
+ }
+
+ if ($nrows == 0 || !isset($url)) {
$retval .= $LANG_POLLS['no_new_polls'] . '<br' . XHTML . '>' . LB;
- }
+ }
return $retval;
}
More information about the geeklog-cvs
mailing list