Poll editing problem (users are disallowed to change their vote after poll edit)

marek123321 · October 13, 2012, 11:37:25 AM

1. User creates a pool which allow users to change their vote in time (default value is "don't allow").

2. After a period of time he/she tries to edit the poll.
*Poll creator does not have "can_moderate_poll" permission, so he cannot change value of field "allow users to change their votes". (This field is not visible anymore for him/her)

3. Poll creator submits edited poll.

PROBLEM:
4. Users cannot change their votes. ("allow users to change their votes" changes it's state to default)

Some code from my SMF 2.0.2:
./Themes/default/Poll.template.php (110-112):

Code Select

 <dd>
   <input type="checkbox" id="poll_change_vote" name="poll_change_vote"',  !empty($context['poll']['change_vote']) ? ' checked="checked"' : '', ' class="input_check" />
 </dd>';

Checkbox (id="poll_change_vote") is responsile for "allow" feature. According to code, this checkbox is visible only for role "can_moderate_poll"

Polls are managed by ./Sources/Pool.php.
./Sources/Pool.php (686):

Code Select

$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
./Sources/Pool.php (717-736):

Code Select

 // If we're editing, let's commit the changes.
   if ($isEdit)
   {
      $smcFunc['db_query']('', '
         UPDATE {db_prefix}polls
         SET question = {string:question}, change_vote = {int:change_vote},' . (allowedTo('moderate_board') ? '
            hide_results = {int:hide_results}, expire_time = {int:expire_time}, max_votes = {int:max_votes},
            guest_vote = {int:guest_vote}' : '
            hide_results = CASE WHEN expire_time = {int:expire_time_zero} AND {int:hide_results} = 2 THEN 1 ELSE {int:hide_results} END') . '
         WHERE id_poll = {int:id_poll}',
         array(
            'change_vote' => $_POST['poll_change_vote'],
            'hide_results' => $_POST['poll_hide'],
            'expire_time' => !empty($_POST['poll_expire']) ? $_POST['poll_expire'] : 0,
            'max_votes' => !empty($_POST['poll_max_votes']) ? $_POST['poll_max_votes'] : 0,
            'guest_vote' => $_POST['poll_guest_vote'],
            'expire_time_zero' => 0,
            'id_poll' => $bcinfo['id_poll'],
            'question' => $_POST['question'],
         )
      );

Two interesting lines are:

Code Select

$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
'change_vote' => $_POST['poll_change_vote'],

I would like to be wrong, but isn't it a bug?. 'change_vote' shouldn't be updated when user do not see according field (isset returns false). Value for this field should remain the same.

Maybe someone had the same problem and found some solution? Maybe some of my settings are not correct?
Thanks in advance.

Kays · October 16, 2012, 07:43:38 PM

Hi marek123321 and sorry for the slow response.

I think that this could be a bit of a bug. In looking at the code for SMF 2.1 how $context['can_moderate_poll'] is set has been changed.

In Poll.php find and remove (or comment out) the following: ~line 328

Code Select


	$context['can_moderate_poll'] = isset($_REQUEST['add']) ? 1 : allowedTo('moderate_board');

Then look for: ~line 368

Code Select


	// Do we enable guest voting?

And add before it:

Code Select


	$context['can_moderate_poll'] = isset($_REQUEST['add']) ? true : allowedTo('poll_edit_' . ($user_info['id'] == $pollinfo['id_member_started'] || ($pollinfo['poll_starter'] != 0 && $user_info['id'] == $pollinfo['poll_starter']) ? 'own' : 'any'));

Greybrow · October 18, 2012, 07:34:04 AM

Thanks Kays. I've implemented this change with simple modification on the forum me and Marek are administrating, and it seems to work just fine.
I've attached it in case if anyone would like to apply this change too.

chadon · December 22, 2014, 05:30:11 PM

Quote from: Kays on October 16, 2012, 07:43:38 PM
Hi marek123321 and sorry for the slow response.

I think that this could be a bit of a bug. In looking at the code for SMF 2.1 how $context['can_moderate_poll'] is set has been changed.

In Poll.php find and remove (or comment out) the following: ~line 328

Code Select Expand
$context['can_moderate_poll'] = isset($_REQUEST['add']) ? 1 : allowedTo('moderate_board');

Then look for: ~line 368

Code Select Expand
// Do we enable guest voting?

And add before it:

Code Select Expand
$context['can_moderate_poll'] = isset($_REQUEST['add']) ? true : allowedTo('poll_edit_' . ($user_info['id'] == $pollinfo['id_member_started'] || ($pollinfo['poll_starter'] != 0 && $user_info['id'] == $pollinfo['poll_starter']) ? 'own' : 'any'));

Thanks for the tip.

Maybe this topic should be moved to the "Bug Reports" board? I had to apply this fix with SMF 2.0.9.

chadon · December 22, 2014, 05:59:49 PM

Yep. I tried to reproduce the bug here and the "allow users to change the vote" option disappeared when I edited the poll:
http://www.simplemachines.org/community/index.php?topic=531538.0

Kindred · December 22, 2014, 09:28:59 PM

.... And?

2.0.x is mostly only receiving security updates. When we have a security release, some bugs may get patched, some may not. In general, all uodates are being applied to 2.1 at this point.

chadon · December 22, 2014, 10:41:24 PM

Quote from: Kindred on December 22, 2014, 09:28:59 PM
.... And?

And... I guess it takes over 2 years to get a bug fixed with SMF.

Arantor · December 22, 2014, 11:03:25 PM

And I guess that 2.0 became 2.0.0 3 years ago such that the only changes since 2.0.0 are security fixes...?

Kindred · December 23, 2014, 08:03:03 AM

As I said... bugs, in general, are addressed/fixed in the NEXT version (with some exceptions).
For the most part 2.0.x ONLY gets security and functionality updates which would totally break the forum if not fixed (like the update to fix compatibility with php 5.5+)

So - although this may be an actual bug - it is being addressed in 2.1.
Test a 2.1 installation... does it still occur? If so, THEN we have an issue.

qc · April 25, 2016, 06:14:27 PM

A user of our up-to-date 2.0.11 SMF installation just stumbled over this bug. I am posting this just to confirm that this issue is still non-fixed in the latest "production-ready" SMF release - in case someone else has the same problem.

The patch posted by Kays in 2012 seems to work well though

Kindred · April 25, 2016, 06:22:04 PM

Quote from: Kindred on December 23, 2014, 08:03:03 AM
As I said... bugs, in general, are addressed/fixed in the NEXT version (with some exceptions).
For the most part 2.0.x ONLY gets security and functionality updates which would totally break the forum if not fixed (like the update to fix compatibility with php 5.5+)

So - although this may be an actual bug - it is being addressed in 2.1.
Test a 2.1 installation... does it still occur? If so, THEN we have an issue.

qc · April 25, 2016, 06:44:07 PM

@Kindred, I am well aware of your statement. I decided to post my experience with the user contributed patch here as a service to those who use SMF productively.

Irisado · April 26, 2016, 11:45:25 AM

This topic has now been revived twice after long gaps between posts and has run its course, so it is being locked.

News:

Poll editing problem (users are disallowed to change their vote after poll edit)