cacert-boardvoting/motion.php

<?php
	if ($_SERVER['HTTPS'] != 'on') {
		header("HTTP/1.0 302 Redirect");
		header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
		exit();
	}
	require_once("database.php");
	$db = new DB();
	if (!($user = $db->auth())) {
		header("HTTP/1.0 302 Redirect");
		header("Location: denied.php");
		exit();
	}
	$db->getStatement("stats")->execute();
	$stats = $db->getStatement("stats")->fetch();
?>
<html>
	<head>
		<title>CAcert Board Decisions</title>
		<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
		<link rel="stylesheet" type="text/css" href="styles.css" />
	</head>
	<body>
		<?php
		if ($_REQUEST['action'] == "store") {
			$stmt = $db->getStatement("create decision");
			$stmt->bindParam(":proponent",$user['id']);
			$stmt->bindParam(":title",$_POST['title']);
			$stmt->bindParam(":content",$_POST['content']);
			$stmt->bindParam(":votetype",$_POST['votetype']);
			$stmt->bindParam(":due",$_POST['due']);
			if ($stmt->execute()) {
				?>
				<b>The motion has been proposed!</b><br/>
				<a href="motions.php">Back to motions</a><br/>
				<br/>
				<br/>
				<?php
				$decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
				$name = $user['name'];
				$tag = $decision['tag'];
				$title = $decision['title'];
				$content =$decision['content'];
				$due = $decision['due']." UTC";
				$votetype = !$decision['votetype'] ? 'motion' : 'veto';
				$baseurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','',$_SERVER['REQUEST_URI']);
				$voteurl = $baseurl."vote.php?motion=".$decision['id'];
				$unvoted = $baseurl."motions.php?unvoted=1";
				$body = <<<BODY
Dear Board,

$name has made the following motion:

$title
$content

Vote type: $votetype

Voting will close $due.

To vote please choose:

Aye: $voteurl&vote=1
Naye: $voteurl&vote=-1
Abstain: $voteurl&vote=0

To see all your outstanding votes : $unvoted

Kind regards,
the voting system
BODY;
				$db->notify("$tag - $title",$body,$tag,TRUE);
			} else {
				?>
				<b>The motion has NOT been proposed!</b><br/>
				<a href="motions.php">Back to motions</a><br/>
				<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
				<br/>
				<br/>
				<?php
			}
		}
			
		if (is_numeric($_REQUEST['motion'])) {
			$stmt = $db->getStatement("get decision");
			if ($stmt->execute(array($_REQUEST['motion']))) {
				$motion = $stmt->fetch();
			}
			if (!is_numeric($motion['id'])) {
				$motion = array();
				foreach (array("title","content") as $column) {
					$motion[$column] = "";
				}
				$motion["proposer"] = $user['name'];
				$motion["votetype"] = 0; // defaults to motion
			}
		} else {
			$motion = array();
			foreach (array("title","content") as $column) {
				$motion[$column] = "";
			}
			$motion["proposer"] = $user['name'];
			$motion["votetype"] = 0; // defaults to motion
		}
		?>
		<form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
			<input type="hidden" name="action" value="store" />
			<?php
				if (is_numeric($_REQUEST['motion'])) {
					?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
				}
			?>
		<table>
			<tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>
			<tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?></td></tr>
			<tr><td>Proposed date/time:</td><td><?php echo htmlentities($motion['proposed'] ? $motion['proposed']." UTC" : '(auto filled to current date/time)'); ?></td></tr>
			<tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>
			<tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>
			<tr><td>Vote type:</td><td><select name="votetype">
				<option value="0" <?php if(!$motion['votetype']) { echo(" selected=\"selected\""); } ?>>Motion</option>
				<option value="1" <?php if($motion['votetype']) { echo(" selected=\"selected\""); } ?>>Veto</option>
			</select></td></tr>
			<tr><td rowspan="2">Due:</td><td><?php echo($motion['due'] ? $motion['due'].' UTC' : '(autofilled from option below)')?></td></tr>
			<tr><td><select name="due">
				<option value="+3 days">In 3 Days</option>
				<option value="+7 days">In 1 Week</option>
				<option value="+14 days">In 2 Weeks</option>
				<option value="+28 days">In 4 Weeks</option>
			</select></td></tr>
			<tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
		</table>
		</form>
		<br/>
		<a href="motions.php">Back to motions</a>		
	</body>
</html>