|
|
@@ -467,15 +467,17 @@ def vote(idvote):
|
|
|
if vote is None:
|
|
|
abort(404)
|
|
|
if can_see_vote(idvote, get_userid()):
|
|
|
+ choices = query_db('select name, id from choices where id_vote=?', [idvote])
|
|
|
if request.method == 'POST':
|
|
|
if can_vote(idvote, get_userid()):
|
|
|
if vote['is_multiplechoice'] == 0:
|
|
|
- if query_db('select * from choices where id = ?', [request.form['choice']], one=True) is not None:
|
|
|
- g.db.execute('insert into user_choice (id_user, id_choice) values (?, ?)',
|
|
|
- [session.get('user').get('id'), request.form['choice']])
|
|
|
+ choice = request.form['choice']
|
|
|
+ if choice in [str(c['id']) for c in choices] \
|
|
|
+ and query_db('select * from choices where id = ?', [choice], one=True) is not None:
|
|
|
+ g.db.execute('insert into user_choice (id_user, id_choice) values (?, ?)',
|
|
|
+ [session.get('user').get('id'), request.form['choice']])
|
|
|
g.db.commit()
|
|
|
else:
|
|
|
- choices = query_db('select name, id from choices where id_vote=?', [idvote])
|
|
|
for choice in choices:
|
|
|
if str(choice['id']) in request.form.keys():
|
|
|
g.db.execute('insert into user_choice (id_user, id_choice) values (?, ?)',
|
Julien Rabier