Overriding The Poll Module In Drupal 6

27th July 2009 - 11 minutes read time

The Poll module is a useful little module that comes with Drupal and allows the addition of simple polls to pages or blocks. However, there was one major issue that I wanted to correct on a certain site, but I didn't want to directly edit the core functionality of the module. The default behaviour of the module is to record one vote per IP address or user, which is fine for normal uses but in some situations it does tend to fall over. A Drupal site with one administrator that allow anonymous users to vote on your polls seems fine, but lets say that this site wants votes to come from people in the business world. The problem here is that multiple people might work for the same business, be situtated behind a firewall and therefore would have the same IP address. What this means is that if one person in that company votes on your poll it will block all other people from voting for that poll.

To override the default behaviour of the Poll module I created a new module called Poll Override and intercepted the Poll module in key areas to allow a session based vote logging approach. The second thing I wanted to achive from this new module was to change the location of the "you have voted" message so that it appeared within the poll area, rather than at the top of the screen. Doing these two things is a useful way of understanding how Drupal works.

The first task is to create a .info file called poll_override.info.

  1. ; $Id$
  3. name = Poll Override
  4. description = "Override some of the functionality of the poll module"
  5. package = "#! code"
  6. dependencies[] = poll
  7. core = 6.x<

Next, we create a .module file (called poll_override.module) and enter a description.

  1. <?php
  2. /**
  3.  * @file
  4.  * Overrides some of the funcionality of the Poll module.
  5.  *
  6.  * Changes the way in which anonymous users vote and how voting
  7.  * confirmation messages are displayed.
  8.  *
  9.  */

Put both of these files in a directory called poll_override and put it in the sites/default/modules directory of your Drupal install.

The first thing to do is to create a function called poll_override_form_poll_view_voting_alter(), which is an implementation of hook_form_alter(). The only purpose of this function is to rewrite where the submit of the vote form of the Poll module goes to. In this case we are directing it to a function called poll_override_form_submit().

  1. /**
  2.   * Implementation of hook_form_alter().
  3.   *
  4.   */
  5. function poll_override_form_poll_view_voting_alter(&$form, &$form_state){
  6. // Override the normal form submit for a submit function in this module.
  7. $form['vote']['#submit'] = array('poll_override_form_submit');
  8. }

Next we need to create the poll_override_form_submit() to handle the action of someone voting on a poll. When the poll module is installed it creates three tables, these are as follows:

  • poll - This stores details of the polls avaialable on the system.
  • poll_choices - This stores the questions for each poll.
  • poll_votes - This stores the votes made against each poll.

The table we are interested in is poll_votes. The normal behaviour of the Poll module is to store the vote along with the IP address of the user who submitted the vote and use this to varify the user the next time around. Rather than override this completely we will allow users without cookies enabled to vote using the old IP address method, and include an if statement that stores the session key for everyone else. Finally, we add an item called poll_override_message to the $_SESSION array so that we can print out a message when we refresh the page after the vote has been recorded.

  1. /**
  2.  * Submit function for Poll Override module.
  3.  *
  4.  */
  5. function poll_override_form_submit($form, &$form_state) {
  6. $node = $form['#node'];
  7. $choice = $form_state['values']['choice'];
  9. global $user;
  10. if ($user->uid) {
  11. db_query('INSERT INTO {poll_votes} (nid, chorder, uid) VALUES (%d, %d, %d)', $node->nid, $choice, $user->uid);
  12. }
  13. else {
  14. if ( isset($_COOKIE[session_name()]) ) {
  15. // If a cookie has been set for this user then use the session id to record the vote.
  16. db_query("INSERT INTO {poll_votes} (nid, chorder, hostname) VALUES (%d, %d, '%s')", $node->nid, $choice, $_COOKIE[session_name()]);
  17. } else {
  18. // Otherwise just use the IP address (this is the normal functionality).
  19. db_query("INSERT INTO {poll_votes} (nid, chorder, hostname) VALUES (%d, %d, '%s')", $node->nid, $choice, ip_address());
  20. }
  21. }
  23. // Add one to the votes.
  24. db_query("UPDATE {poll_choices} SET chvotes = chvotes + 1 WHERE nid = %d AND chorder = %d", $node->nid, $choice);
  26. // Instead of using drupal_set_message() to set the message we will just use a session variable.
  27. // This will be deleted after the page has loaded.
  28. $_SESSION['poll_override_message'] = t('Your vote was recorded.');
  29. // Return the user to whatever page they voted from.
  30. }

Now we have sorted out how we are storing the votes we need to display the poll. This means that we either display the voting form or a set of results. What we need to do here is to intercept the poll node before it is displayed and detect whether it is still eligable for voting or not. We do this with a call to the poll_override_nodeapi() function, which is a implentation of hook_nopeapi(). This function might look complicated but we are essentially running the following steps.

  • Check if we are loading the node and if the node is a poll.
  • Load the poll and the associated choices for that poll.
  • Set a variable of the node called allowvotes to false. This is used to display either the results (if false) or a voting form (if true).
  • Detect if the user is able to vote on polls and if the poll is active. If not then we skip the rest of this function and the form is not displayed.
  • If the user object has a uid property then this user is logged in so we load the vote using this information.
  • If the user is not logged in we can either use the session cookie or the IP address depending on the information we have available.
  • Finally, if a vote has been detected in the last 2 steps we pass this onto the node, otherwise we pass nothing and set allowvotes to true so that the user can vote.

Here is the code in full.

  1. /**
  2.  * Implementation of hook_nodeapi().
  3.  *
  4.  */
  5. function poll_override_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL ) {
  6. if ( $op == 'load' && $node->type == 'poll' ) {
  7. global $user;
  9. $poll = db_fetch_object(db_query("SELECT runtime, active FROM {poll} WHERE nid = %d", $node->nid));
  11. // Load the appropriate choices into the $poll object.
  12. $result = db_query("SELECT chtext, chvotes, chorder FROM {poll_choices} WHERE nid = %d ORDER BY chorder", $node->nid);
  13. while ( $choice = db_fetch_array($result) ) {
  14. $node->choice[$choice['chorder']] = $choice;
  15. }
  17. // Determine whether or not this user is allowed to vote.
  18. $node->allowvotes = FALSE;
  19. if ( user_access('vote on polls') && $poll->active ) {
  20. if ( $user->uid ) {
  21. $result = db_fetch_object(db_query('SELECT chorder FROM {poll_votes} WHERE nid = %d AND uid = %d', $node->nid, $user->uid));
  22. } else {
  23. if ( isset($_COOKIE[session_name()]) ) {
  24. // If a cookie has been set for this user then use the session id to retreive the vote.
  25. $result = db_fetch_object(db_query("SELECT chorder FROM {poll_votes} WHERE nid = %d AND hostname = '%s'", $node->nid, $_COOKIE[session_name()]));
  26. } else {
  27. // Otherwise just use the IP address (this is the normal functionality).
  28. $result = db_fetch_object(db_query("SELECT chorder FROM {poll_votes} WHERE nid = %d AND hostname = '%s'", $node->nid, ip_address()));
  29. }
  30. }
  31. if ( isset($result->chorder) ) {
  32. $node->vote = $result->chorder;
  33. } else {
  34. $node->vote = -1;
  35. $node->allowvotes = TRUE;
  36. }
  37. }
  38. }
  39. }

The Poll module includes a function called theme_preprocess_poll_results(). This is essentially a low level hook that we can override by using a more specific theme function. So by calling a fucntion poll_override_preprocess_poll_results() we can override the theme_preprocess_poll_results() function within the Poll module and change the output of the results block. This code will be run when printing out the results of a poll and does two things. It is possible to cancel the vote on a poll so the first thing we do is to include the form that allows users to do this. The second thing we do it detect if the poll_override_message has been set, and if so assign this value to the $variables array (which will be passed to the template) and unset the item in the $_SESSION array.

  1. /**
  2.  * Implementation of theme_preprocess_poll_results()
  3.  *
  4.  */
  5. function poll_override_preprocess_poll_results(&$variables) {
  6. $variables['links'] = theme('links', $variables['raw_links']);
  7. if ( isset($variables['vote']) && $variables['vote'] > -1 && user_access('cancel own vote') ) {
  8. $variables['cancel_form'] = drupal_get_form('poll_cancel_form', $variables['nid']);
  9. }
  10. $variables['title'] = check_plain($variables['raw_title']);
  12. // If this is a block, allow a different tpl.php to be used.
  13. if ( $variables['block'] ) {
  14. $variables['template_files'][] = 'poll-results-block';
  15. if ( isset($_SESSION['poll_override_message']) ) {
  16. $variables['message'] = $_SESSION['poll_override_message'];
  17. unset($_SESSION['poll_override_message']);
  18. }
  19. }
  20. }

The very final step is to create a file called poll-results-block.tpl.php and include the following code.

  1. <div class="poll">
  2. <div class="title"><?php print $title ?></div>
  3. <?php print $results ?>
  4. <div class="total">
  5. <?php print t('Total votes: @votes', array('@votes' => $votes)); ?>
  6. </div>
  7. <?php
  8. if ( isset($message) ) {
  9. print '<p class="voted">'.$message.'</p>';
  10. }
  11. ?>
  12. </div>
  13. <div class="links"><?php print $links; ?></div>

The $message variable contains the message that might have been set in the poll_override_nodeapi() function, if it is set here then we print it out. You can include this file in the poll_module directory or within your template directory, this is up to you.


Nice piece of work, and one of the best descriptions of how you code up a module that I've read. Is there a way to modify this process so an authorized user is allowed to vote once a day?

Sean Morrison (Thu, 08/20/2009 - 17:19)

Thanks for the feedback! It should be fairly straightforward. There isn't any way of storing a timestamp in the poll_votes table, so you would need to add that field and use the time() function to store a timestamp when the user voted. There are 86400 seconds in a day so when you retrieve the vote you would need to check for anything less than (time()-86400).
Great code! This should be in the Drupal handbook since lots of people are struggling with this. Two things I'm pondering about: * Cookies are great, but not very safe: it's easy enough to delete them and manipulate the poll. Now you've given us a great insight in how to modify the poll, it's pretty easy to devise alternative ways to enhance it. * I'm no fan of the cache_clear_all() near the end of your submit handler. Your essentially flushing the entire cache of all expireable data. This function should be used with care since it can be a performance monster. I also don't really why you'd put it there since it doesn't really do anything related to the functionality you've written. @Sean: I wouldn't add an extra column to an existing Drupal core database table. It's a bit messing with the preset database schema and it could bit you back when you want to upgrade and there have been changes to it. You could try to serialize the timestamp with the cookie/ip data. Or just create a totally new table all together.

Matthias Vande… (Tue, 10/13/2009 - 20:33)

...And some code for the 'cancel your vote' functionality...
  1. /**
  2.  * Implementation of hook_form_alter().
  3.  *
  4.  */
  5. function across_poll_override_form_poll_cancel_form_alter(&$form, &$form_state) {
  6. // Override the normal form submit for a submit function in this module.
  7. $form['submit']['#submit'] = array('across_poll_override_cancel_submit');
  8. }
  10. function across_poll_override_cancel_submit($form, &$form_state) {
  11. $node = node_load($form['#nid']);
  12. global $user;
  14. if ($user->uid) {
  15. db_query('DELETE FROM {poll_votes} WHERE nid = %d and uid = %d', $node->nid, $user->uid);
  16. } else {
  17. if ( isset($_COOKIE[session_name()]) ) {
  18. db_query("DELETE FROM {poll_votes} WHERE nid = %d and hostname = '%s'", $node->nid, $_COOKIE[session_name()]);
  19. } else {
  20. db_query("DELETE FROM {poll_votes} WHERE nid = %d and hostname = '%s'", $node->nid, ip_address());
  21. }
  22. }
  24. // Subtract from the votes.
  25. db_query("UPDATE {poll_choices} SET chvotes = chvotes - 1 WHERE nid = %d AND chorder = %d", $node->nid, $node->vote);
  26. }

Matthias Vande… (Tue, 10/13/2009 - 20:59)

@Matthias - Thanks for pointing that out about the cache_clear_all(). I have no idea why I put that in there... But you are right about it being pointless, so I have removed it! Cookies are easily deleted, but in this case I created this module to allow any user to vote on a poll. I took the decision early on that I didn't really care about people voting and then clearing cookies. Of course you could even vote in multiple browsers, but it's only a simple poll. Interesting point about editing the table. I have been working with Drupal for about 3 months now and there are some key methodologies I still need to get my head around. So thanks for the tip. :)
@Matthias - You posted that cancel function before I could post my first reply. Thank you very much for the contribution!
I'm getting this in the module section: "Override some of the functionality of the poll module Afhænger af: Array (mangler)" Last part would be translated to something like "depends on: Array (missing)" If I change "dependencies[] = poll" to "dependencies = poll" then I can active the module, but then every submit returns a blank page (and if I then place the cursor in theaddress bar and hit enter, then the page is shown) I'm using Drupal5, that's probably why. Do you have a solution for DP5? Kind regards Kim

Kim Emax (Wed, 11/04/2009 - 07:08)

It might be due to something in Drupal 5, but I have honestly never used anything other than version 6 so I can't really help here. Sorry! If any of readers wishes to submit a similar article for Drupal 5 then I would me more than happy to publish it. :)
Thanks for the article. I wanted to leave a couple of tips from my experience playing around with your module - 1. I found out the use of "cache_clear_all" the hard way. If I am redirecting the form after submission to the *same* page, the new vote cast by the user is not updated. Doing a "cache_clear_all" solves this. 2. Also, I tried removing the initial 2 DB calls in the custom poll_nodeapi since the original poll_load was populating "node" as well. However, in some cases poll_nodeapi gets called without poll_load being called. I dont know what use case causes this. But be aware that this optimization may not work. My $.02. -Prathaban

Prathaban (Fri, 11/27/2009 - 08:10)

Very helpful. Thanks for the posting.

Andrei (Fri, 01/29/2010 - 20:06)

As I can notice this will duplicate records in poll_votes for anonymous users. There is nothing to prevent it. Am I right?

Sasha (Wed, 04/07/2010 - 15:21)

Hello Philip, Its really nice article you have written. I tried using this but i was stuck. Its still not allowing anonymous users to vote multiple times. voted as anonymous user(without login) and cleared the browser cache and refreshed the page, but still it didnt allow me to vote again. When I checked by printing module, i found that if (isset($_COOKIE[session_name()]) ) is never true. and $_COOKIE[session_name()] is always empty. Is there any other module required? thanks in advance for help

Karunakar (Wed, 04/14/2010 - 12:01)

There shouldn't be any other module required to run this code. $_COOKIE is a superglobal array and session_name() is a PHP function so it should all run fine. One thing you might want to check for is that the session cookie is actually being created.
... I'm looking to make my poll have once a day functionality, is the code to do this around anywhere? ...

Mondo Jay (Thu, 05/20/2010 - 21:54)

i have installed the poll overriding module its working fine, but found propblem that every time i need to click twise to update the poll its create difficulty. could you advise that how i can update the poll on one click.

pratheesh (Wed, 05/26/2010 - 17:00)

Just what I needed, thanks man

borgo (Fri, 07/30/2010 - 12:32)

@philipnorton42 Great post but there is a glitch with the naming convention, you named the nodeapi hook wrongly, it should of course be poll_override_nodeapi() The code only works because there is no poll_nodeapi in the poll module ( and doesn't crash due to duplicate php functions). The module will limp along oblivious to this error but if you add and more cck fields to the poll content type they will NOT show up in node object in the hook. It drove me nuts till i spotted it

ndmaque (Fri, 01/07/2011 - 10:44)

@ndmaque Good spot! I have updated the post with the correct hook name. Thanks for the information! :)
oops another minor tweak, i reckon load in $op == load should be a string ie; 'load' function poll_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL ) { if ( $op == load && $node->type == 'poll' ) { // should be this function poll_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL ) { if ( $op == 'load' && $node->type == 'poll' ) {

ndmaque (Fri, 01/07/2011 - 16:39)

On the ball today @ndmaque! Clearly unlike I was when I added this post :S Corrected :)

I want to do something similar to what you did.  I'd like to simply override the default Poll module with a new poll_view function in my poll_override module.  However, I setup the .module and .info files as you specified and enabled the new module. But it does not execute my overriden function.  Any ideas as to what to look for?  Thanks!

Sam (Tue, 06/07/2011 - 00:55)


Your poll_view function should have the same name as your module in order for it to hook in properly. A good test is to add something like die('pollview') to the overridden function to make sure that the function is actually being called. If it is then you can move on to figure out what is going on down the line.


I've made a couple of modifications for my own use case, which is to allow unlimited voting by all users:

function poll_override_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL ) {<br />  if ( $op == 'load' && $node->type == 'poll' ) {    <br />      global $user;<br />      <br />      $poll = db_fetch_object(db_query("SELECT runtime, active FROM {poll} WHERE nid = %d", $node->nid));<br /> <br />      // Load the appropriate choices into the $poll object.<br />      $result = db_query("SELECT chtext, chvotes, chorder FROM {poll_choices} WHERE nid = %d ORDER BY chorder", $node->nid);<br />      while ( $choice = db_fetch_array($result) ) {<br />        $node->choice[$choice['chorder']] = $choice;<br />      }<br /> <br />      // Determine whether or not this user is allowed to vote.<br />      $node->allowvotes = FALSE;<br />      if ( user_access('vote on polls') && $poll->active ) {<br />        $node->vote = -1;<br />        $node->allowvotes = TRUE;<br />      }   <br />  }<br />}

The problem I encountered was duplicate rows in the poll_votes table if someone tried to vote multiple times (from the same session, e.g.). To solve this, I simply replaced the hostname field with a random number as follows:

function poll_override_form_submit($form, &$form_state) {<br />  $node = $form['#node'];<br />  $choice = $form_state['values']['choice'];<br /> <br />  // just use a random number in place of IP address to avoid duplicate rows in the poll_votes table<br />  db_query("INSERT INTO {poll_votes} (nid, chorder, hostname) VALUES (%d, %d, '%s')", $node->nid, $choice, mt_rand());<br /><br /> <br />  // Add one to the votes.<br />  db_query("UPDATE {poll_choices} SET chvotes = chvotes + 1 WHERE nid = %d AND chorder = %d", $node->nid, $choice);<br /> <br />  drupal_set_message(t('Your vote was recorded.'));<br />  // Return the user to whatever page they voted from.<br />}

acy (Tue, 06/28/2011 - 22:34)

Add new comment

The content of this field is kept private and will not be shown publicly.