Parašė Samp_Tevas· 2009 Lap. 28 20:11:55
#1
Tai va perskaiciau straipsni, ir apsalau, tai jei as istrinu isvis member_poll_panel, ar nulauzti galima?
Ir isvis, is kur jus suzinote kelinta
php fusion versija naudojama per explorer?
ip_poll_panel, ar ir jinai yra nesaugi, jei taip, kurioje vietoje pataisyti koda, nes ja naudoju?
<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright (c) 2005 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
if (file_exists(INFUSIONS."ip_poll_panel/locale/".$settings['locale'].".php")) {
include INFUSIONS."ip_poll_panel/locale/".$settings['locale'].".php";
} else {
include INFUSIONS."ip_poll_panel/locale/English.php";
}
openside($locale['PLAN_100']);
if (isset($_POST['cast_vote'])) {
$voteoption = $_POST['voteoption'];
$sql = dbquery("SELECT * FROM ".$db_prefix."ip_polls WHERE poll_id='$poll_id'");
$data = dbarray($sql);
$poll_ips = explode("|", $data['poll_ips']);
if (!in_array(USER_IP, $poll_ips)) {
array_push($poll_ips, USER_IP);
$poll_ips = implode("|", $poll_ips);
$result = dbquery("UPDATE ".$db_prefix."ip_polls SET poll_votes_$voteoption=poll_votes_$voteoption+1, poll_ips='$poll_ips' WHERE poll_id=$poll_id");
header("Location: ".FUSION_SELF.(FUSION_QUERY ? "?".FUSION_QUERY : ""));
}
}
$result = dbquery("SELECT * FROM ".$db_prefix."ip_polls ORDER BY poll_started DESC LIMIT 1");
if (dbrows($result) != 0) {
$data = dbarray($result);
$poll_title = $data['poll_title'];
$poll_ips = explode("|", $data['poll_ips']);
$poll_votes = 0;
for ($i=0; $i<=9; $i++) {
if ($data["poll_opt_".$i]) $poll_option[$i] = $data["poll_opt_".$i];
$poll_votes = $poll_votes + $data["poll_votes_".$i];
}
if (!in_array(USER_IP, $poll_ips) && $data['poll_ended'] == 0) {
$poll = ""; $i = 0; $num_opts = count($poll_option);
while ($i < $num_opts) {
$poll .= "<input type='radio' name='voteoption' value='$i'> $poll_option[$i]<br><br>\n";
$i++;
}
echo "<form name='voteform' method='post' action='".FUSION_SELF.(FUSION_QUERY ? "?".FUSION_QUERY : "")."'>
<b>$poll_title</b><br><br>
$poll<center><input type='hidden' name='poll_id' value='".$data['poll_id']."'>
<input type='submit' name='cast_vote' value='".$locale['PLAN_101']."' class='button'></center>
</form>\n";
} else {
$poll = ""; $i = 0; $num_opts = count($poll_option);
while ($i < $num_opts) {
$num_votes = $data["poll_votes_".$i];
$opt_votes = ($poll_votes ? number_format(100 / $poll_votes * $num_votes) : 0);
$poll .= "<div>".$poll_option[$i]."</div>
<div><img src='".THEME."images/pollbar.gif' alt='".$poll_option[$i]."' height='12' width='$opt_votes' class='poll'></div>
<div>".$opt_votes."% [".$num_votes." ".($num_votes == 1 ? $locale['PLAN_102'] : $locale['PLAN_103'])."]</div><br>\n";
$i++;
}
echo "<b>".$poll_title."</b><br><br>
$poll
<center>".$locale['PLAN_104'].$poll_votes."<br>
".$locale['PLAN_105'].showdate("shortdate", $data['poll_started']);
if ($data['poll_ended'] > 0) {
echo "<br>\n".$locale['PLAN_106'].showdate("shortdate", $data['poll_ended'])."\n";
}
$result = dbquery("SELECT * FROM ".$db_prefix."ip_polls");
if (dbrows($result) > 1) {
echo "<br><br><img src='".THEME."images/bullet.gif'>
<a href='".INFUSIONS."ip_poll_panel/ip_poll_archive.php' class='side'>".$locale['PLAN_107']."</a> <img src='".THEME."images/bulletb.gif'>\n";
}
echo "</center>\n";
}
} else {
echo "<center>".$locale['004']."</center>\n";
}
closeside();
?>
kurioje eiluteje ideti si
if (isset($voteoption) && !isNum($voteoption)) fallback("index.php");
Redagavo Samp_Tevas· 2009 Lap. 29 00:11:29