<?php
/* *******************************************************************
**********************************************************************
#### This Script Written By : Bahrambeigy - ITLPoll Version 3 #####
#### You can download it by free here : #####
############ http://www.itlpoll.com ################
#### This script is free and any one shouln't sell it! #####
#### For Support go on : http://forums.itlpoll.com #####
#### Contact me : hide@address.com #####
**********************************************************************
######################################################################
File : Index.php
Writer : Bahrambeigy(hide@address.com)
Description : Index of ITLPoll System. With this File System Can Load
All Of Script And Run it. Please Don't Change any varriable on this file!
**********************************************************************
*/
@error_reporting (E_ERROR | E_PARSE);
@session_start();
// generation time start
$time = microtime();
$time = explode(" ", $time);
$time = $time[1] + $time[0];
$start = $time;
// Installation Check !
if(filesize("config.php") == 0)
{
header("Location: install/index.php");
@exit();
}
require_once("config.php");
if(!defined("ITLPoll_INSTALLED"))
{
header("Location: install/index.php");
@exit();
}
// Functions Existance Check
if(!(file_exists("includes/functions.php")))
{
echo "Your Functions.php File Doesn't Exist in : includes/functions.php";
@exit();
}
require_once("includes/functions.php");
$connected_db = db_connect($host, $user, $passwd, $database);
Load_Configs($prefix);
// Language File Existance Check
file_check("language/".$configs['language'].".php", "Error : Your Default Laguage File Doesn't Exist");
require_once("language/".$configs['language'].".php");
// Check first then Open Theme File And Use it!
file_check("templates/".$configs['template']."/user.xml", "Error : Your Default Template File(user.xml) Doesn't Exist");
require_once("includes/xmllib.php");
$itl_fxml = new XmlLib_xmlParser("templates/".$configs['template']."/user.xml");
if($configs['disabled'] == "yes")
{
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<b> ". _DISABLEDPOLL ."</b>";
@exit();
}
/* *********** Voters Section (BEGIN) *********** */
if(($configs['voters_login'] == "yes") && !isset($_SESSION['Voters_Logged']))
{
$current_session_str = session_id();
if(isset($_GET['v']))
{
// voter account verification part
@$vsession = filter($_GET['v']);
@$uname = mb_strtolower(filter($_GET['uname']));
if(empty($uname))
{
msg(_INVALIDVERIFICATIONLINK, "?");
@exit();
}
$getv = "SELECT last_session FROM ".$prefix."_voters WHERE username='".$uname."';";
$mgetv = mysql_query($getv);
$num_v = mysql_num_rows($mgetv);
if($num_v < 1)
{
msg(_INVALIDVERIFICATIONLINK, "?");
@exit();
}
$getv_fetch = mysql_fetch_array($mgetv);
if($getv_fetch['last_session'] == $vsession)
{
if($configs['admin_voters_verification'] == "no")
$set_enabled = ", enabled='yes'";
else
$set_enabled = "";
$set_verified = "UPDATE ".$prefix."_voters SET verified='yes' ".$set_enabled." WHERE username='".$uname."';";
$mverified = mysql_query($set_verified);
if($mverified)
{
if($configs['admin_voters_verification'] == "yes")
msg(_SUCCVERIFIEDADMINWAIT, "?");
else
msg(_SUCCVERIFIEDCOMPLETE, "?");
@exit();
}
}
else
{
msg(_INVALIDVERIFICATIONLINK, "?");
@exit();
}
}
else if(isset($_GET['Voters_Register']))
{
@$username = mb_strtolower(filter($_POST['username']));
@$password1 = filter($_POST['password1']);
@$password2 = filter($_POST['password2']);
@$captchastr = strtoupper(filter($_POST['ITLPoll_user_captcha_string']));
if(empty($username) || empty($password1) || empty($password2) || empty($captchastr))
Show_VotersRegister($itl_fxml);
else
{
if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/i", $username))
{
msg(_USERNAMENOTVALID, "?Voters_Register");
@exit();
}
$query_name = "SELECT username FROM ".$prefix."_voters WHERE username='".$username."'";
$query_exec = mysql_query($query_name);
$is_there = mysql_num_rows($query_exec);
if($is_there > 0)
{
msg(_USERNAMEUSEDBEFORE, "?Voters_Register");
@exit();
}
if($password1 != $password2)
{
@session_start();
$_SESSION['KeepEntries']['Username'] = $username;
msg(_PASSERRORA, "?Voters_Register");
@exit();
}
if(!captchaVerification($captchastr))
{
@session_start();
$_SESSION['KeepEntries']['Username'] = $username;
$_SESSION['KeepEntries']['Password'] = $password1;
msg(_CAPTCHANOTCORRECT, "?Voters_Register");
@exit();
}
// non of above
$insert_voter = "INSERT INTO ".$prefix."_voters
(username, password, last_session) VALUES
('".$username."', '".md5($password1)."', '".$current_session_str."');";
$m_voter = mysql_query($insert_voter);
if($m_voter)
{
$subject = "[ITLPoll] Survey Voter Verification Needed";
$msg = "Hi dear user!,
You or someone else used your email for participate in a ITLPoll based survey. please click below link to verify your account.
Otherwise simply Ignore this message ;)
Verification Link :
http://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . "?v=".$current_session_str."&uname=".$username."
Username: ".$username."
Password: ".$password1."
____________________
ITLPoll [http://www.itlpoll.com]";
$header = 'From: "ITLPoll"';
$mail = mail($username, $subject, $msg, $header);
if($mail)
{
msg(_THANKSVOTERREGISTER, "?Voters_Register");
@exit();
}
else
{
msg(_ERRORMAIL, "?Voters_Register");
}
}
else
{
msg(_CANTADDVOTERACCOUNT, "?Voters_Register");
@exit();
}
}
}
else // login to system
{
@$username = mb_strtolower(filter($_POST['username']));
@$password = filter($_POST['password']);
@$captchastr = strtoupper(filter($_POST['ITLPoll_user_captcha_string']));
if(empty($username) || empty($password) || empty($password))
{
Show_VotersLogin($itl_fxml);
@exit();
}
else
{
$password_str = $password;
$password = md5($password);
$login_query = "SELECT username, password, enabled, verified FROM ".$prefix."_voters WHERE username='".$username."' AND password='".$password."'; ";
$login_exec = mysql_query($login_query);
if(mysql_num_rows($login_exec) < 1)
{
msg(_UPERROR, "?");
@exit();
}
if(!captchaVerification($captchastr))
{
@session_start();
$_SESSION['KeepEntries']['Username'] = $username;
$_SESSION['KeepEntries']['Password'] = $password_str;
msg(_CAPTCHANOTCORRECT, "?");
@exit();
}
$login_details = mysql_fetch_array($login_exec);
if($login_details['verified'] == "no")
{
msg(_VOTERNOTVERIFIED, "?");
@exit();
}
else if($login_details['enabled'] == "no")
{
msg(_VOTERNOTENABLED, "?");
@exit();
}
// Login Voter to system
@session_start();
$_SESSION['Voters_Logged'] = base64_encode(stripslashes($username));
$current_date = date("Y-m-d");
$update_infos = "UPDATE ".$prefix."_voters SET last_login_date='".$current_date."', last_session='".$current_session_str."' WHERE username='".$username."';";
$update_exec = mysql_query($update_infos);
msg(_LOGGED, "?");
@exit();
}
}
@exit();
}
if(isset($_GET['Voters_Logout']))
{
unset($_SESSION['Voters_Logged']);
session_destroy();
msg(_VOTERLOGGEDOUT, "?");
@exit();
}
/* *********** Voters Section (END) *********** */
@$id = filter($_REQUEST['pollID']);
if(empty($id)) $query = "SELECT * FROM ".$prefix."_poll WHERE confirmed='yes';";
else {
// Checking $id For Injection (Bug Founded By Simorgh-ev Security Group)
if(!preg_match("/[1-9]/", $id)) {
echo "Hacking Attempt - You Can't set non numeric value for ID variable!";
@exit();
}
else {
$query = "SELECT * FROM ".$prefix."_poll WHERE id = '". $id ."'";
}
}
$poll = mysql_query($query);
$active_polls = mysql_num_rows($poll);
if($active_polls > 1)
{
define("MULTIPLEACTIVE", "1");
$query = "SELECT multiactivestr FROM ".$prefix."_config";
$mquery = mysql_query($query);
$multiactive = mysql_fetch_array($mquery);
define("MULTACTIVESTR", stripslashes($multiactive['multiactivestr']));
}
// Check Cookies Enabled ?!
if(isset($_REQUEST['ITLPollCheckCookie']))
{
if( !isset($_COOKIE['ITLPoll_Voted']) )
{
setcookie("ITLPoll_Voted", "");
msg(_ECOOKIES, "?");
}
else
{
// check if voter participated before or not ! ;) (version 3.2)
if($configs['voters_login'] == "yes")
{
$can_vote = FALSE;
$username = stripslashes(base64_decode($_SESSION['Voters_Logged']));
$query = "SELECT last_voted_date FROM ".$prefix."_voters WHERE username='".$username."';";
$mquery = mysql_query($query);
$fetch_date = mysql_fetch_array($mquery);
$active_poll_date = "SELECT multiactivedate FROM ".$prefix."_config";
$active_poll_date_query = mysql_query($active_poll_date);
$active_poll_date_query = mysql_fetch_array($active_poll_date_query);
$active_poll_date_str = $active_poll_date_query['multiactivedate'];
if($fetch_date['last_voted_date'] == "0000-00-00 00:00:00")
$can_vote = TRUE;
else if(Changed_Last_Poll($active_poll_date_str, $fetch_date['last_voted_date']))
$can_vote = TRUE;
if(!$can_vote)
{
msg(_YVOTED, "?");
@exit();
}
}
if( isset($_COOKIE['ITLPoll_Valid_Post']) AND ($_COOKIE['ITLPoll_Valid_Post'] == "yes") )
{
$ch = filter($_REQUEST['Choice']);
$ch = explode(":", $ch);
$error_detected = false;
// define arrays
$update = array();
$id_set = array();
$real_numbers_counter = 0;
$counter = 0;
// check created choice selected not created by malicious user ! ;)
if(isset($_SESSION['CreatedChoiceStr']) && ( (filter($_REQUEST['Choice']) != $_SESSION['CreatedChoiceStr']) ) )
$error_detected = true;
for($counter=0; ($counter < $active_polls) && !$error_detected; $counter++)
{
$situation = explode(",", $ch[$counter]);
$is_multiple = $situation[0];
// Check for Multiple Choices Enabled
if($is_multiple == "s")
{
$ch_expld = explode("_", $situation[1]);
$id = $ch_expld[0];
if($id > 0);
else
$error_detected = true;
$update[$counter] = "UPDATE ".$prefix."_results SET $ch_expld[1]=$ch_expld[1]+1 WHERE id=$id";
$id_set[$counter] = $id;
$real_numbers_counter++;
}
else if($is_multiple == "m")
{
$ch_expld = explode("|", $situation[1]);
$s_str = "";
for($i=1; $i <= $ch_expld[0]; $i++)
{
$ch_explded = explode("_", $ch_expld[$i]);
$id = $ch_explded[0];
$ch_num = $ch_explded[1];
$s_str .= ($i == $ch_expld[0]) ? $ch_num ."=" . $ch_num . "+1" : $ch_num ."=" . $ch_num . "+1, ";
}
if($ch_expld[0] > 0)
{
$update[$counter] = "UPDATE ".$prefix."_results SET ". $s_str ." WHERE id='".$id."'";
//$mquery5 = mysql_query($query5);
}
else if($ch_expld[0] == 0)
{
$id = $ch_expld[1];
$update[$counter] = "empty";
}
else
$error_detected = true;
$id_set[$counter] = $id;
$real_numbers_counter++;
//$query6 = "UPDATE ".$prefix."_results SET uniques=uniques+1 WHERE id = '".$id."'";
//$mquery6 = mysql_query($query6);
}
}
// uniques people queries
if( !$error_detected && ($real_numbers_counter == $active_polls))
{
$query_update_uniques = "UPDATE ".$prefix."_results SET uniques=uniques+1 WHERE (";
for($counter = 0; ($counter < $active_polls) && !$error_detected; $counter++)
{
if($update[$counter] == "empty")
$query_update_uniques .= "id='".$id_set[$counter]."' " . (($counter == ($active_polls-1)) ? " )" : " OR ");
else
{
$mquery_run = mysql_query($update[$counter]);
if(!$mquery_run)
$error_detected = true;
else
$query_update_uniques .= "id='".$id_set[$counter]."' " . (($counter == ($active_polls-1)) ? " )" : " OR ");
}
}
if(!$error_detected)
{
$mqeury_uniques = mysql_query($query_update_uniques);
if(!$mqeury_uniques)
$error_detected = true;
}
}
else
$error_detected = true;
if(!$error_detected)
{
setcookie("ITLPoll_Valid_Post", "no", time()+15552000);
// update user informations if login section enabled
if($configs['voters_login'] == "yes")
{
$username = stripslashes(base64_decode($_SESSION['Voters_Logged']));
$today = date("Y-m-d H:i:s");
$real_ip = getRealIpAddress();
$update_voter = "UPDATE ".$prefix."_voters SET last_voted_date='".$today."', total_votes=total_votes+1, last_voted_ip='".$real_ip."' WHERE username='".$username."';";
$update_exec = mysql_query($update_voter);
}
$update_total_votes = "UPDATE ".$prefix."_config SET total_votes=total_votes+1;";
$update_exec = mysql_query($update_total_votes);
if($update_exec)
msg(_THANKS, "?");
else
echo '<script>window.location="?"</script>';
}
else
{
// roll back ?! (we don't need !;) )
}
}
else
echo '<script>window.location="?"</script>';
}
@exit();
}
// end of check cookies
// Check admin logged in already ( for showing menu ) - version 3.2 added
if( (isset($_SESSION['ITLPoll']['Admin'])) && ( Time_Valid($_SESSION['ITLPoll']['AdminTime'], $nowtime) ) )
define('ADMIN_LOGGED_IN', TRUE);
else
define('ADMIN_LOGGED_IN', FALSE);
@$action = filter($_REQUEST['action']);
if( !empty($id) )
{
$choice_totals = 0;
for($counter=0; $counter < $active_polls; $counter++)
{
$polllist = mysql_fetch_array($poll);
$id = $polllist['id'];
$title = $polllist['subject'];
$choices = $polllist['choices'];
$multiple = $polllist['multiple'];
$active = $polllist['active'];
$expire = $polllist['expire'];
$strdate = $polllist['start'];
$crtdate = $polllist['created'];
// Jalali date format check
if($usejalali == "1")
{
if($crtdate != "0000-00-00")
{
$create_date = explode("-", $crtdate);
$created = ConvDate($create_date, "H");
$crtdate = implode("-", $created);
}
}
// Query The Results From Database
$query2 = "SELECT * FROM ".$prefix."_results WHERE id = $id";
// Gathering uniques voters
$result = mysql_query($query2);
$choice_total = mysql_fetch_array($result);
$choice_totals += $choice_total['uniques'];
$result = mysql_query($query2);
$choice = mysql_fetch_row($result);
// Optimize the database
mysql_free_result($result);
// Query The Choices From Database
$query3 = "select * from ".$prefix."_choices where id = $id";
$cho = mysql_query($query3);
$choi = mysql_fetch_row($cho);
// Optimize the database
mysql_free_result($cho);
$sid = $counter . "|" . $id . "|" . $active_polls . "|" . $configs['total_votes'];
// Finally Shows The Results Page!
if($configs['defaultresult'] == "html") {
Show_Results($crtdate, $choices, $title, $itl_fxml, $choice, $choi, $configs['color1'], $configs['color2'], $sid);
}
elseif($configs['defaultresult'] == "image") {
if($configs['defaultgraph'] == "bar")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "bar", $sid);
else if($configs['defaultgraph'] == "pie")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "pie", $sid);
else
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "simple", $sid);
}
}
}
// This Will Show The Archive Of Polls - Added On Version 2.00
elseif( isset($_REQUEST['Archive']) || ($action == "Archive") ) {
// Query The Polls From Database
$query = "SELECT id, subject FROM ".$prefix."_poll ORDER BY id DESC";
$archive = mysql_query($query);
// Shows The Archives Page!
Show_Archives($itl_fxml, $archive, $configs['numarchive'], $configs['color1'], $configs['color2']);
}
elseif(isset($_REQUEST['HtmlResults']) || ($action == "HtmlResults") ) {
$choice_totals = 0;
for($counter=0; $counter < $active_polls; $counter++)
{
$polllist = mysql_fetch_array($poll);
$id = $polllist['id'];
$title = $polllist['subject'];
$choices = $polllist['choices'];
$multiple = $polllist['multiple'];
$active = $polllist['active'];
$expire = $polllist['expire'];
$strdate = $polllist['start'];
$crtdate = $polllist['created'];
if($usejalali == "1")
{
if($crtdate != "0000-00-00")
{
$create_date = explode("-", $crtdate);
$created = ConvDate($create_date, "H");
$crtdate = implode("-", $created);
}
}
// Query The Results From Database
$query2 = "SELECT * FROM ".$prefix."_results WHERE id = $id";
// Gathering uniques voters
$result = mysql_query($query2);
$choice_total = mysql_fetch_array($result);
$choice_totals += $choice_total['uniques'];
$result = mysql_query($query2);
$choice = mysql_fetch_row($result);
// Optimize the database
mysql_free_result($result);
// Query The Choices From Database
$query3 = "select * from ".$prefix."_choices where id = $id";
$cho = mysql_query($query3);
$choi = mysql_fetch_row($cho);
// Optimize the database
mysql_free_result($cho);
$id = $counter . "|" . $id . "|" . $active_polls . "|" . $configs['total_votes'];
// Finally Shows The Results Page!
Show_Results($crtdate, $choices, $title, $itl_fxml, $choice, $choi, $configs['color1'], $configs['color2'], $id);
}
}
// Image Result - Added On Version 2.5
elseif(isset($_REQUEST['ImageResults']) || ($action == "ImageResults") ) {
$choice_totals = 0;
for($counter=0; $counter < $active_polls; $counter++)
{
$polllist = mysql_fetch_array($poll);
$id = $polllist['id'];
$title = $polllist['subject'];
$choices = $polllist['choices'];
$multiple = $polllist['multiple'];
$active = $polllist['active'];
$expire = $polllist['expire'];
$strdate = $polllist['start'];
$crtdate = $polllist['created'];
if($usejalali == "1")
{
if($crtdate != "0000-00-00")
{
$create_date = explode("-", $crtdate);
$created = ConvDate($create_date, "H");
$crtdate = implode("-", $created);
}
}
// Query The Results From Database
$query2 = "SELECT * FROM ".$prefix."_results WHERE id = $id";
// Gathering uniques voters
$result = mysql_query($query2);
$choice_total = mysql_fetch_array($result);
$choice_totals += $choice_total['uniques'];
$result = mysql_query($query2);
$choice = mysql_fetch_row($result);
// Optimize the database
mysql_free_result($result);
// Query The Choices From Database
$query3 = "select * from ".$prefix."_choices where id = $id";
$cho = mysql_query($query3);
$choi = mysql_fetch_row($cho);
// Optimize the database
mysql_free_result($cho);
$sid = $counter . "|" . $id . "|" . $active_polls . "|" . $configs['total_votes'];
if($configs['defaultgraph'] == "bar")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "bar", $sid);
else if($configs['defaultgraph'] == "pie")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "pie", $sid);
else
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "simple", $sid);
}
}
// End Of Image Result
// IF User Voted Shows The Results
elseif(isset($_COOKIE['ITLPoll_Voted']))
{
$active_poll_date = "SELECT multiactivedate FROM ".$prefix."_config";
$active_poll_date_query = mysql_query($active_poll_date);
$active_poll_date_query = mysql_fetch_array($active_poll_date_query);
$active_poll_date_str = $active_poll_date_query['multiactivedate'];
if( Changed_Last_Poll($active_poll_date_str) )
{
setcookie("ITLPoll_Voted", "");
msg(_CHANGEDLATESTPOLL, "?");
@exit();
}
// reactive cookie !
setcookie("ITLPoll_Voted", $active_poll_date_str, time()+15552000);
$choice_totals = 0;
for($counter=0; $counter < $active_polls; $counter++)
{
$polllist = mysql_fetch_array($poll);
$id = $polllist['id'];
$title = $polllist['subject'];
$choices = $polllist['choices'];
$multiple = $polllist['multiple'];
$active = $polllist['active'];
$expire = $polllist['expire'];
$strdate = $polllist['start'];
$crtdate = $polllist['created'];
if($usejalali == "1")
{
if($crtdate != "0000-00-00")
{
$create_date = explode("-", $crtdate);
$created = ConvDate($create_date, "H");
$crtdate = implode("-", $created);
}
}
// Query The Results From Database
$query2 = "SELECT * FROM ".$prefix."_results WHERE id = $id";
// Gathering uniques voters
$result = mysql_query($query2);
$choice_total = mysql_fetch_array($result);
$choice_totals += $choice_total['uniques'];
$result = mysql_query($query2);
$choice = mysql_fetch_row($result);
// Optimize the database
mysql_free_result($result);
// Query The Choices From Database
$query3 = "select * from ".$prefix."_choices where id = $id";
$cho = mysql_query($query3);
$choi = mysql_fetch_row($cho);
// Optimize the database
mysql_free_result($cho);
$sid = $counter . "|" . $id . "|" . $active_polls . "|" . $configs['total_votes'];
// Finally Shows The Results Page!
if($configs['defaultresult'] == "html") {
// Read The Results Template Files
Show_Results($crtdate, $choices, $title, $itl_fxml, $choice, $choi, $configs['color1'], $configs['color2'], $sid);
}
elseif($configs['defaultresult'] == "image") {
if($configs['defaultgraph'] == "bar")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "bar", $sid);
else if($configs['defaultgraph'] == "pie")
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "pie", $sid);
else
Show_ImageResults($id, $crtdate, $choices, $title, $itl_fxml, $choice, $choi, "", "simple", $sid);
}
}
}
else
{
$query = "SELECT * FROM ".$prefix."_poll WHERE active = 'yes'";
$mquery = mysql_query($query);
if( isset($_REQUEST['Post']) )
{
$script_str_js = '<script>window.location="?ITLPollCheckCookie&Choice='; //
$script_str = "";
for($counter_s=0, $counter_m; ($counter_s + $counter_m) < $active_polls;)
{
$polllist = mysql_fetch_array($mquery);
$id = $polllist['id'];
$multiple = $polllist['multiple'];
$choices = $polllist['choices'];
$choice_str = $id . "_Choice";
if($multiple == "no")
{
@$ch_[$counter_s] = filter($_POST[$choice_str]);
if(empty($ch_[$counter_s]))
$ch_[$counter_s] = $id . "_ch1";
}
elseif($multiple == "yes")
{
$ch = array();
for ($i=0; $i < $choices; $i++)
{
$ch_num = $i + 1;
$textbox = $id . "_ch". $ch_num;
@$ch[$i][$counter_m] = filter($_POST[$textbox]);
}
}
if($multiple == "yes")
{
$changed_choices = 0;
$choices_queue = "";
for($i=0; $i < $choices; $i++)
{
if(!empty($ch[$i][$counter_m]))
{
$choices_queue .= $ch[$i][$counter_m] . "|";
$changed_choices++;
}
}
if($changed_choices > 0)
$choices_queue = 'm,' . $changed_choices . "|" . $choices_queue . ":";
else
$choices_queue = 'm,' . $changed_choices . "|" . $id . ":";
$script_str .= $choices_queue;
$counter_m++;
}
elseif($multiple == "no")
{
$script_str .= 's,' . $ch_[$counter_s] . ':';
$counter_s++;
}
}
$script_str_js .= $script_str;
$script_str_js .= "\"</script>";
$active_poll_date = "SELECT multiactivedate FROM ".$prefix."_config";
$active_poll_date_query = mysql_query($active_poll_date);
$active_poll_date_query = mysql_fetch_array($active_poll_date_query);
$active_poll_date_str = $active_poll_date_query['multiactivedate'];
// Will be valid for ever ( it's enough big ! )
setcookie("ITLPoll_Voted", $active_poll_date_str, time()+15552000);
setcookie("ITLPoll_Valid_Post", "yes", time()+15552000);
$_SESSION['CreatedChoiceStr'] = $script_str;
echo $script_str_js;
@exit();
}
for($counter=0; $counter < $active_polls; $counter++)
{
$polllist = mysql_fetch_array($poll);
$id = $polllist['id'];
$title = $polllist['subject'];
$choices = $polllist['choices'];
$multiple = $polllist['multiple'];
$active = $polllist['active'];
$expire = $polllist['expire'];
$strdate = $polllist['start'];
$crtdate = $polllist['created'];
// Start Date Check - Added in Version 2.7
StartDate_Check($strdate);
// Expiration Check - Completed in Version 2.6
Expiration_Check($expire);
if($usejalali == "1")
{
if($crtdate != "0000-00-00")
{
$create_date = explode("-", $crtdate);
$created = ConvDate($create_date, "H");
$crtdate = implode("-", $created);
}
}
// If User Doen't Click Submit Show The Radio Buttons
$query3 = "select * from ".$prefix."_choices where id = $id";
$cho = mysql_query($query3);
$choi = mysql_fetch_row($cho);
// Optimize the database
mysql_free_result($cho);
$id = $counter . "|" . $id . "|" . $active_polls;
Show_Body($crtdate, $choices, $title, $itl_fxml, $choi, $configs['color1'], $configs['color2'], $multiple, $id);
}
}
mysql_close($connected_db);
// generation time
$time = microtime();
$time = explode(" ", $time);
$time = $time[1] + $time[0];
$finish = $time;
$totaltime = ($finish - $start);
if(defined("MULTIPLEACTIVE"))
{
$generation_time_str = "<p style='text-align: right;'>"._GENERATIONTIME." <b> %f </b> "._SECONDS."</p>";
printf($generation_time_str, $totaltime);
}
?>