error(L_INVALID_ID); } // ################################################################### if ($_REQUEST['do'] == 'vote') { $bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $input->inputClean('bugid', TYPE_UINT)); $vote = $db->queryFirst("SELECT *, FIND_IN_SET(" . bugdar::$userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]"); if (!check_bug_permissions($bug)) { $message->errorPermission(); } if (!can_perform('canvote', $bug['product'])) { $message->errorPermission(); } if (!$bug) { $message->error(L_INVALID_ID); } if ($vote['uservote']) { $message->error(T('You have already voted on this bug.')); } // handle userids $userids = $vote['userids']; if (bugdar::$userinfo['userid']) { if (trim($vote['userids'])) { $userids .= ',' . bugdar::$userinfo['userid']; } else { $userids = bugdar::$userinfo['userid']; } } $uservote = $input->inputClean('vote', TYPE_INT); $votefor = $vote['votefor']; $voteagainst = $vote['voteagainst']; if ($uservote > 0) { $votefor++; } else if ($uservote < 0) { $voteagainst++; } else { $message->error(T('You need to specify whether you want to vote for or against this bug.')); } $db->query("UPDATE " . TABLE_PREFIX . "vote SET userids = '$userids', votefor = $votefor, voteagainst = $voteagainst WHERE bugid = $bug[bugid]"); $message->redirect(T('Your vote has been added.'), "showreport.php?bugid=$bug[bugid]"); } ?>