cacert-boardvoting/motion.php

<?php
	if ($_SERVER['HTTPS'] != 'on') {
		header("HTTP/1.0 302 Redirect");
		header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
		exit();
	}
	require_once("database.php");
	$db = new DB();
	if (!($user = $db->auth())) {
		header("HTTP/1.0 302 Redirect");
		header("Location: denied.php");
		exit();
	}
	$db->getStatement("stats")->execute();
	$stats = $db->getStatement("stats")->fetch();
?>
<html>
	<head>
		<title>CAcert Board Decisions</title>
		<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
		<link rel="stylesheet" type="text/css" href="styles.css" />
	</head>
	<body>
		<?php
		if ($_REQUEST['action'] == "store") {
			if (is_numeric($_REQUEST['motion'])) {
				$stmt = $db->getStatement("update decision");
				$stmt->bindParam(":id",$_POST['motion']);
				$stmt->bindParam(":proponent",$_POST['proponent']);
				$stmt->bindParam(":title",$_POST['title']);
				$stmt->bindParam(":content",$_POST['content']);
				$stmt->bindParam(":quorum",$_POST['quorum']);
				$stmt->bindParam(":majority",$_POST['majority']);
				$stmt->bindParam(":due",$_POST['due']);
				if ($stmt->execute()) {
					?>
					<b>The motion has been proposed!</b><br/>
					<a href="motions.php">Back to motions</a><br/>
					<br/>
					<br/>
					<?php
					$decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();
					$name = $user['name'];
					$tag = $decision['tag'];
					$title = $decision['title'];
					$content =$decision['content'];
					$due = $decision['due']." UTC";
					$quorum = $decision['quorum'];
					$majority = $decision['majority'];
					$voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
					$body = <<<BODY
Dear Board,

$name has modified motion $tag to the following:

$title
$content

To pass a minimum of $quorum votes and a $majority% acceptance will be required.
Voting will close $due.

To vote please choose:

Aye: $voteurl&vote=1
Naye: $voteurl&vote=-1
Abstain: $voteurl&vote=0

Please be aware, that if you have voted already your vote is still registered and valid.
If this modification has an impact on how you wish to vote, you are responsible for voting
again.

Kind regards,
the voting system
BODY;
					$db->notify("Re: $tag - $title",$body);
				} else {
					?>
					<b>The motion has NOT been proposed!</b><br/>
					<a href="motions.php">Back to motions</a><br/>
					<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
					<br/>
					<br/>
					<?php
				}
			} else {
				$stmt = $db->getStatement("create decision");
				$stmt->bindParam(":proponent",$_POST['proponent']);
				$stmt->bindParam(":title",$_POST['title']);
				$stmt->bindParam(":content",$_POST['content']);
				$stmt->bindParam(":quorum",$_POST['quorum']);
				$stmt->bindParam(":majority",$_POST['majority']);
				$stmt->bindParam(":due",$_POST['due']);
				if ($stmt->execute()) {
					$db->getStatement("post create")->execute();
					?>
					<b>The motion has been proposed!</b><br/>
					<a href="motions.php">Back to motions</a><br/>
					<br/>
					<br/>
					<?php
					$decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
					$name = $user['name'];
					$tag = $decision['tag'];
					$title = $decision['title'];
					$content =$decision['content'];
					$due = $decision['due']." UTC";
					$quorum = $decision['quorum'];
					$majority = $decision['majority'];
					$voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
					$body = <<<BODY
Dear Board,

$name has made the following motion:

$title
$content

To pass a minimum of $quorum votes and a $majority% acceptance will be required.
Voting will close $due.

To vote please choose:

Aye: $voteurl&vote=1
Naye: $voteurl&vote=-1
Abstain: $voteurl&vote=0

Kind regards,
the voting system
BODY;
					$db->notify("$tag - $title",$body);
				} else {
					?>
					<b>The motion has NOT been proposed!</b><br/>
					<a href="motions.php">Back to motions</a><br/>
					<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
					<br/>
					<br/>
					<?php
				}
			}
			
		}
		if (is_numeric($_REQUEST['motion'])) {
			$stmt = $db->getStatement("get decision");
			if ($stmt->execute(array($_REQUEST['motion']))) {
				$motion = $stmt->fetch();
			}
			if (!is_numeric($motion['id'])) {
				$motion = array();
				foreach (array("title","content","quorum","majority") as $column) {
					$motion[$column] = "";
				}
				$motion["proponent"] = $user['id'];
				$motion["proposer"] = $user['name'];
			}
		} else {
			$motion = array();
			foreach (array("title","content","quorum","majority") as $column) {
				$motion[$column] = "";
			}
			$motion["proponent"] = $user['id'];
			$motion["proposer"] = $user['name'];
		}
		?>
		<form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
			<input type="hidden" name="action" value="store" />
			<?php
				if (is_numeric($_REQUEST['motion'])) {
					?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
				}
			?>
		<table>
			<tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>
			<tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?><input type="hidden" name="proponent" value="<?php echo htmlentities($user['id']); ?>"></td></tr>
			<tr><td>Proposed:</td><td><?php echo htmlentities($motion['proposed']); ?> UTC</td></tr>
			<tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>
			<tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>
			<tr><td>Quorum:</td><td><select name="quorum">
				<option value="<?php echo(ceil($stats["voters"])); ?>" <?php if($motion['quorum'] == $stats["voters"]) { echo(" selected=\"selected\""); } ?>>100% Votes (<?php echo($stats["voters"]); ?>)</option>
				<option value="<?php echo(ceil($stats["voters"] / 2)); ?>" <?php if($motion['quorum'] == ceil($stats["voters"] / 2)) { echo(" selected=\"selected\""); } ?>>50% Votes (<?php echo(ceil($stats["voters"] / 2)); ?>)</option>
				<option value="2" <?php if($motion['quorum'] == 2) { echo(" selected=\"selected\""); } ?>>2 Votes</option>
				<option value="1" <?php if($motion['quorum'] == 1) { echo(" selected=\"selected\""); } ?>>1 Vote</option>
			</select></td></tr>
			<tr><td>Majority:</td><td><select name="majority">
				<option value="50" <?php if($motion['majority'] == 50) { echo(" selected=\"selected\""); } ?>>50%</option>
				<option value="67" <?php if($motion['majority'] == 67) { echo(" selected=\"selected\""); } ?>>67%</option>
				<option value="75" <?php if($motion['majority'] == 75) { echo(" selected=\"selected\""); } ?>>75%</option>
				<option value="100" <?php if($motion['majority'] == 100) { echo(" selected=\"selected\""); } ?>>100%</option>
			</td></tr>
			<tr><td rowspan="2">Due:</td><td><?php echo($motion['due'])?> UTC</td></tr>
			<tr><td><select name="due">
				<option value="+3 days">In 3 Days</option>
				<option value="+7 days">In 1 Week</option>
				<option value="+14 days">In 2 Weeks</option>
			</select></td></tr>
			<tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
		</table>
		</form>
		<br/>
		<a href="motions.php">Back to motions</a>		
	</body>
</html>
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`<?php`
			`if ($_SERVER['HTTPS'] != 'on') {`
			`header("HTTP/1.0 302 Redirect");`
			`header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);`
			`exit();`
			`}`
			`require_once("database.php");`
			`$db = new DB();`
centralise authentication + more certificate checking git-svn-id: http://svn.cacert.cl/Software/Voting/vote@44 d4452222-2f33-11de-9270-010000000000 2009-05-29 03:43:21 +00:00			`if (!($user = $db->auth())) {`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`header("HTTP/1.0 302 Redirect");`
			`header("Location: denied.php");`
			`exit();`
			`}`
			`$db->getStatement("stats")->execute();`
			`$stats = $db->getStatement("stats")->fetch();`
			`?>`
			`<html>`
			`<head>`
			`<title>CAcert Board Decisions</title>`
			`<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />`
			`<link rel="stylesheet" type="text/css" href="styles.css" />`
			`</head>`
			`<body>`
			`<?php`
			`if ($_REQUEST['action'] == "store") {`
			`if (is_numeric($_REQUEST['motion'])) {`
			`$stmt = $db->getStatement("update decision");`
			`$stmt->bindParam(":id",$_POST['motion']);`
			`$stmt->bindParam(":proponent",$_POST['proponent']);`
			`$stmt->bindParam(":title",$_POST['title']);`
			`$stmt->bindParam(":content",$_POST['content']);`
			`$stmt->bindParam(":quorum",$_POST['quorum']);`
			`$stmt->bindParam(":majority",$_POST['majority']);`
			`$stmt->bindParam(":due",$_POST['due']);`
			`if ($stmt->execute()) {`
			`?>`
			`<b>The motion has been proposed!</b><br/>`
			`<a href="motions.php">Back to motions</a><br/>`
			`<br/>`
			`<br/>`
			`<?php`
			`$decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();`
			`$name = $user['name'];`
			`$tag = $decision['tag'];`
			`$title = $decision['title'];`
			`$content =$decision['content'];`
			`$due = $decision['due']." UTC";`
			`$quorum = $decision['quorum'];`
			`$majority = $decision['majority'];`
			`$voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];`
			`$body = <<<BODY`
			`Dear Board,`

			`$name has modified motion $tag to the following:`

			`$title`
			`$content`

			`To pass a minimum of $quorum votes and a $majority% acceptance will be required.`
			`Voting will close $due.`

			`To vote please choose:`

			`Aye: $voteurl&vote=1`
			`Naye: $voteurl&vote=-1`
			`Abstain: $voteurl&vote=0`

consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`Please be aware, that if you have voted already your vote is still registered and valid.`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`If this modification has an impact on how you wish to vote, you are responsible for voting`
			`again.`

			`Kind regards,`
			`the voting system`
			`BODY;`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`$db->notify("Re: $tag - $title",$body);`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`} else {`
			`?>`
			`<b>The motion has NOT been proposed!</b><br/>`
			`<a href="motions.php">Back to motions</a><br/>`
			`<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>`
			`<br/>`
			`<br/>`
			`<?php`
			`}`
			`} else {`
			`$stmt = $db->getStatement("create decision");`
			`$stmt->bindParam(":proponent",$_POST['proponent']);`
			`$stmt->bindParam(":title",$_POST['title']);`
			`$stmt->bindParam(":content",$_POST['content']);`
			`$stmt->bindParam(":quorum",$_POST['quorum']);`
			`$stmt->bindParam(":majority",$_POST['majority']);`
			`$stmt->bindParam(":due",$_POST['due']);`
			`if ($stmt->execute()) {`
			`$db->getStatement("post create")->execute();`
			`?>`
			`<b>The motion has been proposed!</b><br/>`
			`<a href="motions.php">Back to motions</a><br/>`
			`<br/>`
			`<br/>`
			`<?php`
			`$decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();`
			`$name = $user['name'];`
			`$tag = $decision['tag'];`
			`$title = $decision['title'];`
			`$content =$decision['content'];`
			`$due = $decision['due']." UTC";`
			`$quorum = $decision['quorum'];`
			`$majority = $decision['majority'];`
			`$voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];`
			`$body = <<<BODY`
			`Dear Board,`

			`$name has made the following motion:`

			`$title`
			`$content`

			`To pass a minimum of $quorum votes and a $majority% acceptance will be required.`
			`Voting will close $due.`

			`To vote please choose:`

			`Aye: $voteurl&vote=1`
			`Naye: $voteurl&vote=-1`
			`Abstain: $voteurl&vote=0`

			`Kind regards,`
			`the voting system`
			`BODY;`
consolidate mail functions. typo in mail message fix. div by zero fix if no votes. query pretty up. git-svn-id: http://svn.cacert.cl/Software/Voting/vote@39 d4452222-2f33-11de-9270-010000000000 2009-05-26 02:32:18 +00:00			`$db->notify("$tag - $title",$body);`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`} else {`
			`?>`
			`<b>The motion has NOT been proposed!</b><br/>`
			`<a href="motions.php">Back to motions</a><br/>`
			`<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>`
			`<br/>`
			`<br/>`
			`<?php`
			`}`
			`}`

			`}`
			`if (is_numeric($_REQUEST['motion'])) {`
			`$stmt = $db->getStatement("get decision");`
			`if ($stmt->execute(array($_REQUEST['motion']))) {`
			`$motion = $stmt->fetch();`
			`}`
			`if (!is_numeric($motion['id'])) {`
			`$motion = array();`
			`foreach (array("title","content","quorum","majority") as $column) {`
			`$motion[$column] = "";`
			`}`
			`$motion["proponent"] = $user['id'];`
			`$motion["proposer"] = $user['name'];`
			`}`
			`} else {`
			`$motion = array();`
			`foreach (array("title","content","quorum","majority") as $column) {`
			`$motion[$column] = "";`
			`}`
			`$motion["proponent"] = $user['id'];`
			`$motion["proposer"] = $user['name'];`
			`}`
			`?>`
			`<form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">`
			`<input type="hidden" name="action" value="store" />`
			`<?php`
			`if (is_numeric($_REQUEST['motion'])) {`
			`?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php`
			`}`
			`?>`
			`<table>`
php functions for escaping git-svn-id: http://svn.cacert.cl/Software/Voting/vote@42 d4452222-2f33-11de-9270-010000000000 2009-05-27 07:14:23 +00:00			`<tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>`
			`<tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?><input type="hidden" name="proponent" value="<?php echo htmlentities($user['id']); ?>"></td></tr>`
			`<tr><td>Proposed:</td><td><?php echo htmlentities($motion['proposed']); ?> UTC</td></tr>`
			`<tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>`
			`<tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>`
Voting Tool git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000 2009-05-21 11:20:15 +00:00			`<tr><td>Quorum:</td><td><select name="quorum">`
			`<option value="<?php echo(ceil($stats["voters"])); ?>" <?php if($motion['quorum'] == $stats["voters"]) { echo(" selected=\"selected\""); } ?>>100% Votes (<?php echo($stats["voters"]); ?>)</option>`
			`<option value="<?php echo(ceil($stats["voters"] / 2)); ?>" <?php if($motion['quorum'] == ceil($stats["voters"] / 2)) { echo(" selected=\"selected\""); } ?>>50% Votes (<?php echo(ceil($stats["voters"] / 2)); ?>)</option>`
			`<option value="2" <?php if($motion['quorum'] == 2) { echo(" selected=\"selected\""); } ?>>2 Votes</option>`
			`<option value="1" <?php if($motion['quorum'] == 1) { echo(" selected=\"selected\""); } ?>>1 Vote</option>`
			`</select></td></tr>`
			`<tr><td>Majority:</td><td><select name="majority">`
			`<option value="50" <?php if($motion['majority'] == 50) { echo(" selected=\"selected\""); } ?>>50%</option>`
			`<option value="67" <?php if($motion['majority'] == 67) { echo(" selected=\"selected\""); } ?>>67%</option>`
			`<option value="75" <?php if($motion['majority'] == 75) { echo(" selected=\"selected\""); } ?>>75%</option>`
			`<option value="100" <?php if($motion['majority'] == 100) { echo(" selected=\"selected\""); } ?>>100%</option>`
			`</td></tr>`
			`<tr><td rowspan="2">Due:</td><td><?php echo($motion['due'])?> UTC</td></tr>`
			`<tr><td><select name="due">`
			`<option value="+3 days">In 3 Days</option>`
			`<option value="+7 days">In 1 Week</option>`
			`<option value="+14 days">In 2 Weeks</option>`
			`</select></td></tr>`
			`<tr><td> </td><td><input type="submit" value="Propose" /></td></tr>`
			`</table>`
			`</form>`
			`<br/>`
			`<a href="motions.php">Back to motions</a>`
			`</body>`
			`</html>`