<!--#include file="masterinclude.asp"-->
<!--#include file="session.asp"-->
<!--#include file="color.asp"-->
<!--#include file="language.asp"-->
<!--#include file="js/right_functions.asp"-->
<!--#include file="js/io.asp"-->
<% 
Dim objRS, objCon, allforum, rights, pollID, forumID, mem, mode, allowPollEdit, allowPollChange
Dim pollContent, pollQuestion, oriAuthor, oriEmail, iOption, formAction
Dim action, choiceID
Dim strSQLGetPollContent, strSQLGetPoll
Dim actionCarriedOut

pollID = request("pollID")
allforum = Application(dbName&"foruminfo")
allowPollEdit = false
allowPollChange = false
actionCarriedOut = false
action = request.queryString("action")
choiceID = request.queryString("choiceID")
formAction = request.form("action")

if len(pollID) = 0 then response.redirect ("redirect.asp")

strSQLGetPoll = _
"SELECT m.forumID, m.mem FROM pgd_messages m "&_
"WHERE messageID="&Clng(pollID)

set objRS = server.createobject("adodb.recordset")
	With objRS
		.open strSQLGetPoll, datastore, , , adCmdText
			forumID = .fields(0)
			mem = .fields(1)
		.close
	End With
set objRS = nothing

Dim appid:appid = ForumIdToAppid(forumID)

Dim objPermission
Set objPermission = new PermissionSetting
	With objPermission
		.memID = memID
		.appid = appid
		mode = .moderator()
	End With
Set objPermission = nothing

if memID = cstr(mem) then allowPollEdit = true

if mode or isAdmin then 
	allowPollChange = true
	allowPollEdit = true
end if

if allowPollChange and action = "strip" then
	set objCon = server.createobject("adodb.connection")
		with objCon
			.open datastore
			.execute "DELETE FROM pgd_poll WHERE PollID = "&Clng(pollID)&" " &_
						"DELETE FROM pgd_pollLog WHERE PollLogID = "&Clng(pollID)&" " &_
						"Update pgd_messages SET isPoll=0 WHERE messageID = "&Clng(pollID), , adCmdtext + adExecuteNoRecords
			.close
		end with
	set objCon = nothing
	response.redirect (request("http_referer"))
	response.end
end if


if allowPollEdit and action = "delete" then
	set objCon = server.createobject("adodb.connection")
		with objCon
			.open datastore
			.execute "DELETE FROM pgd_poll WHERE PollID = "&Clng(pollID)&" AND ChoiceID = "&Clng(choiceID)&" " &_
					"DELETE FROM pgd_pollLog WHERE PollLogID = "&Clng(pollID)&" AND ChoiceID = "&Clng(choiceID), , adCmdtext + adExecuteNoRecords
			.close
		end with
	set objCon = nothing
	response.redirect ("polledit.asp?pollID="&pollID)
	response.end
end if

if allowPollEdit and (formAction = "edit" or formAction = "add") then
	Dim strSQLEditAdd
	if formAction = "edit" then
		Dim editChoiceCount:editChoiceCount = request.form("counts")
		if not isNumeric(editChoiceCount) or editChoiceCount = "" then editChoiceCount = "0"
		strSQLEditAdd = "Update pgd_poll SET choice='"&SQLAccessInput(left(request.form("choice"),149))&_
						"', counts = "&Clng(editChoiceCount)&" WHERE pollID="&Clng(pollID)&" AND choiceID="&Clng(request.form("choiceID"))
	elseif formAction = "add" then
		strSQLEditAdd = "DECLARE @maxchoiceID int "&_
						"SELECT @maxchoiceID = max(choiceID) FROM pgd_poll WHERE pollID="&Clng(pollID)&" "&_
						"SET @maxchoiceID = ISNull(@maxchoiceID,0) + 1 "&_
						"Insert INTO pgd_poll (pollID, forumID, choiceID, choice) VALUES "&_
						"("&Clng(pollID)&", "&Clng(forumID)&", @maxchoiceID, '"&_
						SQLAccessInput(left(request.form("choice"),149))&"')"
	end if
	set objCon = server.createobject("adodb.connection")
		with objCon
			.open datastore
			.execute strSQLEditAdd, , adCmdtext + adExecuteNoRecords
			.close
		end with
	set objCon = nothing
	response.redirect ("polledit.asp?pollID="&pollID)
end if

Dim subject:subject = trim(request.form("subject"))
if allowPollEdit and subject <> ""  then
	Dim editAllowMultiple:editAllowMultiple = request.form("allowMultiple")
	if editAllowMultiple = "on" then editAllowMultiple = 1 else editAllowMultiple = 0
	Dim strSQLChangeSubject:strSQLChangeSubject = _
		"UPDATE pgd_messages SET subject='"&SQLAccessInput(SQLin(subject))&"' WHERE messageID = "&Clng(pollID)&" "&_
		"UPDATE pgd_poll SET allowMultiple = "&Clng(editAllowMultiple)&" WHERE pollID="&Clng(pollID)
	set objCon = server.createobject("adodb.connection")
		with objCon
			.open datastore
			.execute strSQLChangeSubject, , adCmdtext + adExecuteNoRecords
			.close
		end with
	set objCon = nothing	
	actionCarriedOut = true
end if

Dim strSQLGetSubjectAndAuthor:strSQLGetSubjectAndAuthor = _
"SELECT m.subject, p.login, p.Email FROM pgd_messages m "&_
"INNER JOIN (SELECT login, Email, mem FROM pgd_members) p "&_
"ON p.mem = m.mem "&_
"WHERE messageID="&Clng(pollID)

set objRS = server.createobject("adodb.recordset")
	With objRS
		.open strSQLGetSubjectAndAuthor, datastore, , , adCmdText
			pollQuestion = SQLout(.fields(0))
			oriAuthor = HTMLEncode(""&.fields(1))
			oriEmail = HTMLEncode(""&.fields(2))
		.close
	End With
set objRS = nothing

 %>
<html>
<head>
<title><%= Application(dbName&"forumtitle") %></title>
<%= NoScript() %>
<script language="JavaScript" src="js/confirmDeletion.js"></script>
<%= OutputCSS() %>
</head>
<% if action<>"" then %>
<body onload="document.forms[0].choice.focus();" <%= Application(dbName&"bodyoption") %>>
<% else %>
<body onload="document.forms[0].subject.focus();" <%= Application(dbName&"bodyoption") %>>
<% end if %>
<center>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <form method="post" action="polledit.asp" name="postform">
	<tr> 
	  <td bgcolor="<%=tableborder%>"> 
		  <table width="100%" border="0" cellspacing="1" cellpadding="4">
            <tr> 
              <th nowrap bgcolor="<%=tabletitle%>" colspan="2" valign="top" class="subhead"> 
                <font color="<%=titlefontcolor%>"> <%= tmPollEditDesc %> </font></th>
            </tr>
            <% if allowPollEdit and action="" then 
				strSQLGetPollContent = _
				"SELECT ChoiceID, Choice, Counts, allowMultiple FROM pgd_poll WHERE pollID="&Clng(pollID)
				'==========0========1=======2
				set objRS = server.createobject("adodb.recordset")
		    	With objRS
		    		.open strSQLGetPollContent, datastore, , , adCmdText
	    			if not (.eof and .bof) then pollContent = .getrows
	    			.close
	    		End With
		    	set objRS = nothing	
				Dim allowMultiple:allowMultiple = ""
				if pollContent(3,0) = 1 then allowMultiple = "checked"
				%>
            <tr> 
              <td nowrap <%=tableinside%> valign="top" class="c2"><%= tmName %></td>
              <td nowrap class="cat" <%= tablealt %>>&nbsp;<b><%=( oriAuthor &" &nbsp;&nbsp; ( "&oriEmail&" )") %></b> 
              </td>
            </tr>
            <tr> 
              <td nowrap <%=tableinside%> class="c2"> <%= pollQDesc %></td>
              <td nowrap <%= tablealt %>>
			  	<% if actionCarriedOut then %> 
				* <%= pollQEditSuccess %><br>
				<% end if %>
                <input type="text" name="subject" size="40" maxlength="70" value="<%= pollQuestion %>" tabindex="0">
				<input type="checkbox" name="allowMultiple" <%= allowMultiple %> class="radiocheck">&nbsp;&nbsp;<%= pollAllowMulDesc %>
              </td>
            </tr>
            <tr> 
              <td nowrap valign="top" <%=tableinside%>><span class="c2"><%= pollOptionDesc %></span> 
              </td>
              <td nowrap id="file" <%= tablealt %>> 
			  <% if isArray(pollContent) then %>
                <table width="100%" border="0" cellspacing="0" cellpadding="2">
                  <% for iOption = 0 to ubound(pollContent,2)%>
                  <tr> 
                    <td><%= iOption + 1 %>.</td>
                    <td> 
                      <b><%= HTMLEncode(""&pollContent(1,iOption)) %></b> (<%= pollContent(2,iOption) %>)
                    </td>
					<td>
					  <a href="polledit.asp?pollID=<%= pollID %>&choiceID=<%= pollContent(0,iOption) %>&action=edit"><%= pollEditDesc %></a>
					</td>
					<td>
					  <% if ubound(pollContent,2) <> 0 then %>
					  <a href="polledit.asp?pollID=<%= pollID %>&choiceID=<%= pollContent(0,iOption) %>&action=delete" 
					  onClick="return confirmDeletion('<%= JSEncode(pollDelDesc) %>')"><%= pollDelDesc %></a>
					  <% end if %>							
					</td>
                  </tr>
                  <% next %>
                </table>
			  <% end if %>
              </td>
            </tr>
			<% elseif allowPollEdit and (action="edit" or action="add") then %>
				<% if action = "edit" then
					Dim editChoice, editChoiceID, editCount
					editChoice = "" : editChoiceID = "" : editCount = ""
					set objRS = server.createobject("adodb.recordset")
                    	With objRS
                    		.open "SELECT choice, choiceID, counts FROM pgd_poll WHERE pollID="&Clng(pollID)&" AND ChoiceID="&Clng(choiceID) _
							, datastore, , , adCmdText
                    			editChoice = HTMLEncode(""&.fields(0))
								editChoiceID = .fields(1)
								editCount = .fields(2)
                    		.close
                    	End With
                    set objRS = nothing
				end if%>
			<tr>
			  <td <%= tableinside %>><span class="c2"><%= pollOptionDesc %></span></td>
			  <td <%= tablealt %>>
			  	<input type="text" name="choice" size="40" maxlength="70" class="info" value="<%= editChoice %>" tabindex="0">&nbsp;
				<% if action = "edit" then %>
				<input type="<% if allowPollChange then response.write("text") else response.write("hidden") %>" name="counts" class="info" value="<%= editCount %>">
				<% end if %>
				<input type="hidden" name="choiceID" value="<%= editChoiceID %>">
				<input type="hidden" name="action" value="<%= action %>">
			  </td>
			</tr>
            <% else %>
            <tr> 
              <td nowrap <%=tableinside%> colspan="2" align="center" class="subhead"><%= RightViolationMessage %></td>
            </tr>
            <% end if %>
          </table>
	  </td>
	</tr>
	<tr>
	  <td>
	  	<hr size=1 noshade>
	  </td>
	</tr>
	<tr>
	  <td align="right">
	      <input type="hidden" name="pollID" value="<%= pollID %>">
		  <input type="submit" value="<%= buttonApplyValue %>" tabindex="0" class="buttons">
		  <% if action <> "add" and action <> "edit" then %>
		  <input type="button" name="add" value="<%= pgdPollAddOption %>" onclick="self.location.href='polledit.asp?pollID=<%= pollID %>&action=add'" tabindex="0" class="buttons">
		  <% end if %>
		  <% if action<>"" then %>
		  <input type="button" value="<%= javascriptBackDesc %>" onclick="history.go(-1)" tabindex="0" class="buttons">
		  <% end if %>
  		  <input type="button" value="<%= buttonDoneValue %>" onclick="opener.location.reload(); self.close();opener.focus()" tabindex="0" class="buttons">  
	  </td>
	</tr>
  </form>
</table>
</center>
</body>
</html>