0 ) { //print 'Dublicate'; } else { $query = "UPDATE ProfilesPolls SET poll_results = '{$results}', poll_total_votes = '{$poll_total_votes}' WHERE id_poll='{$iPollID}'"; $vProfPollRes = db_res( $query ); if ( $vProfPollRes ) setcookie("profile_polls_question_{$iPollID}", 1 , time() + ( 10000 * 3600 ), '/' ); } } } } header('Content-Type: application/xml'); echo ''; // ===================================================================== // TODO : protect from malicious calls !!!!!! // ===================================================================== // DELETE action ------------------------------------------------------- if ( 'delete' == $_GET['action'] ) { if ( '' != $_GET['ID'] ) { $query = "DELETE FROM ProfilesPolls WHERE id_poll = '" . (int)$_GET['ID'] . "' AND id_profile = '{$member['ID']}' LIMIT 1"; if ( db_res( $query ) ) echo 'no results'; } } // CHANGE STATUS action ------------------------------------------------ elseif ( 'status' == $_GET['action'] ) { if ( '' != $_GET['ID'] && $_GET['param'] ) { $query = "UPDATE ProfilesPolls SET `poll_status` = '{$_GET['param']}' WHERE id_poll = '" . (int)$_GET['ID'] . "' AND id_profile = '{$member['ID']}' LIMIT 1"; if ( db_res( $query ) ) echo 'no results'; } } // VOTE action -------------------------------------------------------- elseif ( 'vote' == $_GET['action'] ) { if ( '' != $_GET['ID'] ) { /* if ( '' != $_GET['param'] ) { $query = "SELECT poll_results FROM ProfilesPolls WHERE id_poll='" . (int)$_GET['ID'] . "'"; $res_arr = db_arr( $query ); $results = explode( ';', $res_arr['poll_results'] ); $results[$_GET['param']]++; $poll_total_votes = array_sum($results); $results = implode(';', $results); $iPollID = (int)$_GET['ID']; if ( $_COOKIE["profile_polls_question_{$iPollID}"] > 0 ) { //print 'Dublicate'; } else { $query = "UPDATE ProfilesPolls SET poll_results = '{$results}', poll_total_votes = '{$poll_total_votes}' WHERE id_poll='{$iPollID}'"; $vProfPollRes = db_res( $query ); if ( $vProfPollRes ) setcookie("profile_polls_question_{$iPollID}", 1 , time() + ( 10000 * 3600 ), '/' ); } }*/ $query = "SELECT * FROM ProfilesPolls WHERE id_poll='" . (int)$_GET['ID'] . "'"; $res_arr = db_arr( $query ); $answers_points = explode(';', $res_arr['poll_results'] ); $answers_names = explode('', $res_arr['poll_answers'] ); echo ''; $poll_total_votes = $res_arr['poll_total_votes']; foreach ($answers_points as $value) { if ( '' != $value ) { echo ''; echo round( (0 != $poll_total_votes ? (( $value / $poll_total_votes ) * 100) : 0), 1); echo ''; echo ''; echo htmlspecialchars ( $value ); echo ''; } } foreach ($answers_names as $value) { if ( '' != $value ) { echo ''; echo htmlspecialchars ( $value ); echo ''; } } echo ''; } } else if ( 'questions' == $_GET[action] && $_GET[ID] ) { $query = "SELECT * FROM ProfilesPolls WHERE id_poll = '" . (int)$_GET[ID] . "'"; $res_arr = db_arr( $query ); echo ''; echo ''; echo htmlspecialchars ( $res_arr['poll_question'] ); echo ''; $questions = explode( '', $res_arr['poll_answers']); foreach ($questions as $value) { if ( '' != $value ) { echo ''; echo htmlspecialchars ( $value ); echo ''; } } echo ''; } else { echo 'no results'; } ?>