cacert-boardvoting/database.php

<?php
	class DB {
		//var $board = "cacert-board@lists.cacert.org";
		var $board = "testsympa@lists.cacert.org";

		function __construct() {
			$this->dbh = new PDO("sqlite:".dirname(__FILE__)."/database.sqlite");
			$this->statement = array();
			$this->statement['list decisions'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id ORDER BY proposed DESC LIMIT 10 OFFSET 10 * (:page - 1);");
			$this->statement['list decision'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.tag=:id ORDER BY proposed DESC;");
			$this->statement['closed decisions'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.status=0 AND datetime('now','utc') > datetime(due);");
			$this->statement['get decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=:decision;");
			$this->statement['get new decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=last_insert_rowid();");
			$this->statement['get voter'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters, emails WHERE voters.id=emails.voter AND emails.address=? AND voters.enabled=1");
			$this->statement['get voter by id'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE id=:id;");
			$this->statement['get voters'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE voters.enabled=1 ORDER BY name ASC;");
			$this->statement['del vote'] = $this->dbh->prepare("DELETE FROM votes WHERE decision=:decision AND voter=:voter;");
			$this->statement['do vote'] = $this->dbh->prepare("INSERT INTO votes (decision, voter, vote, voted, notes) VALUES (:decision, :voter, :vote, datetime('now','utc'), :notes);");
			$this->statement['stats'] = $this->dbh->prepare("SELECT COUNT(*) AS voters FROM voters WHERE enabled=1;");
			$this->statement['list votes'] = $this->dbh->prepare("SELECT voters.name AS name, votes.vote AS vote FROM voters,votes WHERE voters.id=votes.voter AND votes.decision=:id;");
			$this->statement['create decision'] = $this->dbh->prepare("INSERT INTO decisions (proposed, proponent, title, content, quorum, majority, status, due, modified) VALUES (datetime('now','utc'), :proponent, :title, :content, :quorum, :majority, 0, datetime('now','utc', :due), datetime('now','utc'));");
			$this->statement['post create'] = $this->dbh->prepare(" UPDATE decisions SET tag='m' || strftime('%Y%m%d','now') || '.' || id WHERE id=last_insert_rowid();");
			$this->statement['update decision'] = $this->dbh->prepare("UPDATE decisions SET proposed=datetime('now','utc'), proponent=:proponent, title=:title, content=:content, quorum=:quorum, majority=:majority, status=0, due=datetime('now','utc',:due), modified=datetime('now','utc') WHERE id=:id;");
			$this->statement['close decision'] = $this->dbh->prepare("UPDATE decisions SET status=:status, modified=datetime('now','utc') WHERE id=:decision");
		}
		function getStatement($name) {
			return $this->statement[$name];
		}
		function closeVotes() {
			$stmt = $this->getStatement("closed decisions");
			$upd = $this->getStatement("close decision");
			if ($stmt->execute()) {
				while ($decision = $stmt->fetch()) {
					$votes = $decision['ayes'] + $decision['nayes'] + $decision['abstains'];
					if ($votes < $decision['quorum']) {
						$decision['status'] = -1;
					} else {
						$votes = $decision['ayes'] + $decision['nayes'];
						if (($decision['ayes'] / $votes) >= ($decision['majority'] / 100)) {
							$decision['status'] = 1;
						} else {
							$decision['status'] = -1;
						}
					}
					$upd->bindParam(":decision",$decision['id']);
					$upd->bindParam(":status",$decision['status']);
					$upd->execute();
					$state = $decision['status']==1?"accepted":"declined";
					$tag = $decision['tag'];
					$title = $decision['title'];
					$content = $decision['content'];
					$quorum = $decision['quorum'];
					$majority = $decision['majority'];
					$ayes = $decision['ayes'];
					$nayes = $decision['nayes'];
					$abstains = $decision['abstains'];
					$totalvotes = $decision['ayes']+$decision['nayes'];
					if ($totalvotes <= 0) $percent = 0;
					else $percent = $decision['ayes'] * 100 / $totalvotes;
					$body = <<<BODY
Dear Board,

The motion with the identifier $tag has been $state.

Motion:
    $title
    $content

Votes:
	Quorum: $quorum
	Majority: $majority%
	
	Ayes: $ayes
	Nayes: $nayes
	Abstentions: $abstains
	
	Percentage: $percent%
	
Kind regards,
the voting system.

BODY;
					$this->notify("Re: ".$decision['tag']." - ".$decision['title'],$body);
				}
			}
		}
		function notify($subject,$body)
		{
			mail($this->board,$subject,$body,"From: Voting System <returns@cacert.org>");
			//mail("testsympa@lists.cacert.org",$subject,$body,"From: Voting System <returns@cacert.org>");
		}
		function auth()
		{
		        $stmt = $this->getStatement("get voter");
		        $stmt->execute(array($_SERVER['REMOTE_USER']));
		        $user = $stmt->fetch();
			if ($user) return $user;
			if ($_SERVER['SSL_CLIENT_S_DN_EMAIL']) {
			        $stmt->execute(array($_SERVER['SSL_CLIENT_S_DN_EMAIL']));
			        $user = $stmt->fetch();
				if ($user) return $user;
			}
			$d=0;
			while ($email=$_SERVER["SSL_CLIENT_S_DN_EMAIL_$d"]) {
			        $stmt->execute(array($email));
			        $user = $stmt->fetch();
				if ($user) return $user;
				++$d;
			}
			if (preg_match_all('/\/emailAddress=([^\/]*)/',$dn,$reg,PREG_SET_ORDER)) {
			        foreach ($reg as $emailarr) { 
			        	$stmt->execute(array($emailarr[1]));
			        	$user = $stmt->fetch();
					if ($user) return $user;
				}
			}
			if ($_SERVER['SSL_CLIENT_CERT']) {
				# subjectAltName unpresented by Apache http://httpd.apache.org/docs/trunk/mod/mod_ssl.html
				# subjectAltName http://tools.ietf.org/html/rfc5280#section-4.2.1.6
				# WARNING WARNING openssl_x509_parse is an unstable PHP API
				$x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
				$subjectAltName = $x509['extensions']['subjectAltName']; // going off https://foaf.me/testSSL.php
				#print_r(split("[, ]",$subjectAltName));
				#print_r($x509);
				#echo $subjectAltName;
				if (preg_match_all('/email:([^, ]*)/',$subjectAltName,$reg,PREG_SET_ORDER)) {
					foreach ($reg as $emailarr) { 
			        		$stmt->execute(array($emailarr[1]));
			        		$user = $stmt->fetch();
						if ($user) return $user;
					}
				}
			}
			return FALSE;
		}
	}
?>
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`<?php`
			`class DB {`
add empty SQL structure. Add links to single entities git-svn-id: http://svn.cacert.cl/Software/Voting/vote@41 d4452222-2f33-11de-9270-010000000000 2009-05-27 05:39:41 +00:00			`//var $board = "cacert-board@lists.cacert.org";`
			`var $board = "testsympa@lists.cacert.org";`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`function __construct() {`
			`$this->dbh = new PDO("sqlite:".dirname(__FILE__)."/database.sqlite");`
			`$this->statement = array();`
add empty SQL structure. Add links to single entities git-svn-id: http://svn.cacert.cl/Software/Voting/vote@41 d4452222-2f33-11de-9270-010000000000 2009-05-27 05:39:41 +00:00			$this->statement['list decisions'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id ORDER BY proposed DESC LIMIT 10 OFFSET 10 (:page - 1);");
			$this->statement['list decision'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.tag=:id ORDER BY proposed DESC;");
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			$this->statement['closed decisions'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.status=0 AND datetime('now','utc') > datetime(due);");
			$this->statement['get decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=:decision;");
			$this->statement['get new decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.quorum, decisions.majority, decisions.status, decisions.due, decisions.modified, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT() FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=last_insert_rowid();");
			`$this->statement['get voter'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters, emails WHERE voters.id=emails.voter AND emails.address=? AND voters.enabled=1");`
			`$this->statement['get voter by id'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE id=:id;");`
			`$this->statement['get voters'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE voters.enabled=1 ORDER BY name ASC;");`
			`$this->statement['del vote'] = $this->dbh->prepare("DELETE FROM votes WHERE decision=:decision AND voter=:voter;");`
			`$this->statement['do vote'] = $this->dbh->prepare("INSERT INTO votes (decision, voter, vote, voted, notes) VALUES (:decision, :voter, :vote, datetime('now','utc'), :notes);");`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`$this->statement['stats'] = $this->dbh->prepare("SELECT COUNT(*) AS voters FROM voters WHERE enabled=1;");`
add showvotes functionality and remove notification when people vote git-svn-id: http://svn.cacert.cl/Software/Voting/vote@40 d4452222-2f33-11de-9270-010000000000 2009-05-26 03:19:11 +00:00			`$this->statement['list votes'] = $this->dbh->prepare("SELECT voters.name AS name, votes.vote AS vote FROM voters,votes WHERE voters.id=votes.voter AND votes.decision=:id;");`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`$this->statement['create decision'] = $this->dbh->prepare("INSERT INTO decisions (proposed, proponent, title, content, quorum, majority, status, due, modified) VALUES (datetime('now','utc'), :proponent, :title, :content, :quorum, :majority, 0, datetime('now','utc', :due), datetime('now','utc'));");`
			`$this->statement['post create'] = $this->dbh->prepare(" UPDATE decisions SET tag='m' \|\| strftime('%Y%m%d','now') \|\| '.' \|\| id WHERE id=last_insert_rowid();");`
			`$this->statement['update decision'] = $this->dbh->prepare("UPDATE decisions SET proposed=datetime('now','utc'), proponent=:proponent, title=:title, content=:content, quorum=:quorum, majority=:majority, status=0, due=datetime('now','utc',:due), modified=datetime('now','utc') WHERE id=:id;");`
			`$this->statement['close decision'] = $this->dbh->prepare("UPDATE decisions SET status=:status, modified=datetime('now','utc') WHERE id=:decision");`
			`}`
			`function getStatement($name) {`
			`return $this->statement[$name];`
			`}`
			`function closeVotes() {`
			`$stmt = $this->getStatement("closed decisions");`
			`$upd = $this->getStatement("close decision");`
			`if ($stmt->execute()) {`
			`while ($decision = $stmt->fetch()) {`
			`$votes = $decision['ayes'] + $decision['nayes'] + $decision['abstains'];`
			`if ($votes < $decision['quorum']) {`
			`$decision['status'] = -1;`
			`} else {`
			`$votes = $decision['ayes'] + $decision['nayes'];`
			`if (($decision['ayes'] / $votes) >= ($decision['majority'] / 100)) {`
			`$decision['status'] = 1;`
			`} else {`
			`$decision['status'] = -1;`
			`}`
			`}`
			`$upd->bindParam(":decision",$decision['id']);`
			`$upd->bindParam(":status",$decision['status']);`
			`$upd->execute();`
			`$state = $decision['status']==1?"accepted":"declined";`
			`$tag = $decision['tag'];`
			`$title = $decision['title'];`
			`$content = $decision['content'];`
			`$quorum = $decision['quorum'];`
			`$majority = $decision['majority'];`
			`$ayes = $decision['ayes'];`
			`$nayes = $decision['nayes'];`
			`$abstains = $decision['abstains'];`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`$totalvotes = $decision['ayes']+$decision['nayes'];`
			`if ($totalvotes <= 0) $percent = 0;`
			`else $percent = $decision['ayes'] * 100 / $totalvotes;`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`$body = <<<BODY`
			`Dear Board,`

			`The motion with the identifier $tag has been $state.`

			`Motion:`
			`$title`
			`$content`

			`Votes:`
			`Quorum: $quorum`
			`Majority: $majority%`

			`Ayes: $ayes`
			`Nayes: $nayes`
			`Abstentions: $abstains`

			`Percentage: $percent%`

			`Kind regards,`
			`the voting system.`

			`BODY;`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`$this->notify("Re: ".$decision['tag']." - ".$decision['title'],$body);`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`}`
			`}`
			`}`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`function notify($subject,$body)`
			`{`
			`mail($this->board,$subject,$body,"From: Voting System <returns@cacert.org>");`
			`//mail("testsympa@lists.cacert.org",$subject,$body,"From: Voting System <returns@cacert.org>");`
			`}`
centralise authentication + more certificate checking git-svn-id: http://svn.cacert.cl/Software/Voting/vote@44 d4452222-2f33-11de-9270-010000000000 2009-05-29 03:43:21 +00:00			`function auth()`
			`{`
			`$stmt = $this->getStatement("get voter");`
			`$stmt->execute(array($_SERVER['REMOTE_USER']));`
			`$user = $stmt->fetch();`
			`if ($user) return $user;`
			`if ($_SERVER['SSL_CLIENT_S_DN_EMAIL']) {`
			`$stmt->execute(array($_SERVER['SSL_CLIENT_S_DN_EMAIL']));`
			`$user = $stmt->fetch();`
			`if ($user) return $user;`
			`}`
			`$d=0;`
			`while ($email=$_SERVER["SSL_CLIENT_S_DN_EMAIL_$d"]) {`
			`$stmt->execute(array($email));`
			`$user = $stmt->fetch();`
			`if ($user) return $user;`
			`++$d;`
			`}`
			`if (preg_match_all('/\/emailAddress=([^\/]*)/',$dn,$reg,PREG_SET_ORDER)) {`
			`foreach ($reg as $emailarr) {`
			`$stmt->execute(array($emailarr[1]));`
			`$user = $stmt->fetch();`
			`if ($user) return $user;`
			`}`
			`}`
			`if ($_SERVER['SSL_CLIENT_CERT']) {`
			`# subjectAltName unpresented by Apache http://httpd.apache.org/docs/trunk/mod/mod_ssl.html`
			`# subjectAltName http://tools.ietf.org/html/rfc5280#section-4.2.1.6`
			`# WARNING WARNING openssl_x509_parse is an unstable PHP API`
			`$x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);`
			`$subjectAltName = $x509['extensions']['subjectAltName']; // going off https://foaf.me/testSSL.php`
			`#print_r(split("[, ]",$subjectAltName));`
			`#print_r($x509);`
			`#echo $subjectAltName;`
			`if (preg_match_all('/email:([^, ]*)/',$subjectAltName,$reg,PREG_SET_ORDER)) {`
			`foreach ($reg as $emailarr) {`
			`$stmt->execute(array($emailarr[1]));`
			`$user = $stmt->fetch();`
			`if ($user) return $user;`
			`}`
			`}`
			`}`
			`return FALSE;`
			`}`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`}`
put return address on email git-svn-id: http://svn.cacert.cl/Software/Voting/vote@35 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:59:43 +00:00			`?>`