error($lang->getlex('error_invalid_id')); } // ################################################################### if ($_REQUEST['do'] == 'vote') { $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']) . ((!can_perform('canviewhidden')) ? " AND !bug.hidden" : '')); $vote = $db->query_first("SELECT *, FIND_IN_SET(" . $bugsys->userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]"); if (!can_perform('canvote', null, $bug['productid'])) { $message->error_permission(); } if (!$bug) { $message->error($lang->getlex('error_invalid_id')); } if ($vote['uservote']) { $message->error($lang->string('You have already voted on this bug.')); } // handle userids $userids = $vote['userids']; if ($bugsys->userinfo['userid']) { if (trim($vote['userids'])) { $userids .= ',' . $bugsys->userinfo['userid']; } else { $userids = $bugsys->userinfo['userid']; } } $uservote = intval($bugsys->in['vote']); $votefor = $vote['votefor']; $voteagainst = $vote['voteagainst']; if ($uservote > 0) { $votefor++; } else { $voteagainst++; } $db->query("UPDATE " . TABLE_PREFIX . "vote SET userids = '$userids', votefor = $votefor, voteagainst = $voteagainst WHERE bugid = $bug[bugid]"); $message->redirect($lang->string('Your vote has been added.'), "showreport.php?bugid=$bug[bugid]"); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>