Remove PHP code
This commit is contained in:
parent
8d0e0eeb1b
commit
dad5d58158
3 changed files with 0 additions and 295 deletions
160
database.php
160
database.php
|
@ -1,160 +0,0 @@
|
|||
<?php
|
||||
class DB {
|
||||
var $board = "cacert-board@lists.cacert.org";
|
||||
var $notices = "cacert-board-votes@lists.cacert.org";
|
||||
|
||||
function __construct() {
|
||||
$this->dbh = new PDO("sqlite:".dirname(__FILE__)."/database.sqlite");
|
||||
$this->statement = array();
|
||||
$this->statement['list decisions'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.votetype, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id ORDER BY proposed DESC LIMIT 10 OFFSET 10 * (:page - 1);");
|
||||
$this->statement['list my unvoted decisions'] = $this->dbh->prepare("SELECT * FROM (SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer,decisions.proposed AS proposed, decisions.title AS title, decisions.content AS content, decisions.votetype AS votetype, decisions.status AS status, decisions.due AS due, decisions.modified AS modified,(SELECT COUNT(*) AS ayes FROM votes WHERE decision=decisions.id AND vote=1), (SELECT COUNT(*) AS nayes FROM votes WHERE decision=decisions.id AND vote=-1), (SELECT COUNT(*) AS abstains FROM votes WHERE decision=decisions.id AND vote=0) FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.status=0) WHERE NOT EXISTS (SELECT vote FROM votes WHERE votes.decision=id AND votes.voter=:id) ORDER BY proposed DESC LIMIT 10 OFFSET 10 * (:page - 1);");
|
||||
$this->statement['list decision'] = $this->dbh->prepare("SELECT decisions.id AS id, decisions.tag AS tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.votetype, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.tag=:id ORDER BY proposed DESC;");
|
||||
$this->statement['closed decisions'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.votetype, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.status=0 AND datetime('now','utc') > datetime(due);");
|
||||
$this->statement['get decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.votetype, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=:decision;");
|
||||
$this->statement['get new decision'] = $this->dbh->prepare("SELECT decisions.id, decisions.tag, decisions.proponent, voters.name AS proposer, decisions.proposed, decisions.title, decisions.content, decisions.votetype, decisions.status, decisions.due, decisions.modified, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=1) AS ayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=-1) AS nayes, (SELECT COUNT(*) FROM votes WHERE decision=decisions.id AND vote=0) AS abstains FROM decisions, voters WHERE decisions.proponent=voters.id AND decisions.id=last_insert_rowid();");
|
||||
$this->statement['get voter'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters, emails WHERE voters.id=emails.voter AND emails.address=? AND voters.enabled=1");
|
||||
$this->statement['get voter by id'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE id=:id;");
|
||||
$this->statement['get voters'] = $this->dbh->prepare("SELECT voters.id, voters.name FROM voters WHERE voters.enabled=1 ORDER BY name ASC;");
|
||||
$this->statement['get reminder voters'] = $this->dbh->prepare("SELECT voters.id, voters.name, voters.reminder AS email FROM voters WHERE voters.enabled=1 AND voters.reminder!='' ORDER BY name ASC;");
|
||||
$this->statement['del vote'] = $this->dbh->prepare("DELETE FROM votes WHERE decision=:decision AND voter=:voter;");
|
||||
$this->statement['do vote'] = $this->dbh->prepare("INSERT INTO votes (decision, voter, vote, voted, notes) VALUES (:decision, :voter, :vote, datetime('now','utc'), :notes);");
|
||||
$this->statement['stats'] = $this->dbh->prepare("SELECT COUNT(*) AS voters FROM voters WHERE enabled=1;");
|
||||
$this->statement['list votes'] = $this->dbh->prepare("SELECT voters.name AS name, votes.vote AS vote FROM voters,votes WHERE voters.id=votes.voter AND votes.decision=:id;");
|
||||
$this->statement['create decision'] = $this->dbh->prepare("INSERT INTO decisions (proposed, proponent, title, content, votetype, status, due, modified,tag) VALUES (datetime('now','utc'), :proponent, :title, :content, :votetype, 0, datetime(date('now','utc'),'utc', :due,'+1 day','-1 second'), datetime('now','utc'),'m' || strftime('%Y%m%d','now') || '.' || (select count(*)+1 as num from decisions where proposed between date('now') and date('now','1 day')));");
|
||||
$this->statement['update decision'] = $this->dbh->prepare("UPDATE decisions SET proposed=datetime('now','utc'), proponent=:proponent, title=:title, content=:content, votetype=:votetype, status=0, due=datetime(date('now','utc'),'utc', :due,'+1 day','-1 second'), modified=datetime('now','utc') WHERE id=:id;");
|
||||
$this->statement['close decision'] = $this->dbh->prepare("UPDATE decisions SET status=:status, modified=datetime('now','utc') WHERE id=:decision");
|
||||
ini_set('mbstring.internal_encoding', 'UTF-8');
|
||||
}
|
||||
function getStatement($name) {
|
||||
return $this->statement[$name];
|
||||
}
|
||||
function closeVotes() {
|
||||
$stmt = $this->getStatement("closed decisions");
|
||||
$upd = $this->getStatement("close decision");
|
||||
if ($stmt->execute()) {
|
||||
while ($decision = $stmt->fetch()) {
|
||||
switch ($decision['votetype']) {
|
||||
case 0: // motion
|
||||
$quorum = 3; $majority = 50; break;
|
||||
case 1: // veto
|
||||
default:
|
||||
$quorum = 1; $majority = 99; break;
|
||||
}
|
||||
$votes = $decision['ayes'] + $decision['nayes'] + $decision['abstains'];
|
||||
if ($votes < $quorum) {
|
||||
$decision['status'] = -1;
|
||||
} else {
|
||||
$votes = $decision['ayes'] + $decision['nayes'];
|
||||
if (($decision['ayes'] / $votes) > ($majority / 100)) {
|
||||
$decision['status'] = 1;
|
||||
} else {
|
||||
$decision['status'] = -1;
|
||||
}
|
||||
}
|
||||
$upd->bindParam(":decision",$decision['id']);
|
||||
$upd->bindParam(":status",$decision['status']);
|
||||
$upd->execute();
|
||||
$state = $decision['status']==1?"accepted":"declined";
|
||||
$tag = $decision['tag'];
|
||||
$title = $decision['title'];
|
||||
$content = $decision['content'];
|
||||
$votetype = !$decision['votetype']?'motion':'veto';
|
||||
$ayes = $decision['ayes'];
|
||||
$nayes = $decision['nayes'];
|
||||
$abstains = $decision['abstains'];
|
||||
$totalvotes = $decision['ayes']+$decision['nayes'];
|
||||
if ($totalvotes <= 0) $percent = 0;
|
||||
else $percent = $decision['ayes'] * 100 / $totalvotes;
|
||||
$body = <<<BODY
|
||||
Dear Board,
|
||||
|
||||
The motion with the identifier $tag has been $state.
|
||||
|
||||
Motion:
|
||||
$title
|
||||
$content
|
||||
|
||||
Vote type: $votetype
|
||||
|
||||
Ayes: $ayes
|
||||
Nayes: $nayes
|
||||
Abstentions: $abstains
|
||||
|
||||
Percentage: $percent%
|
||||
|
||||
Kind regards,
|
||||
the voting system.
|
||||
|
||||
BODY;
|
||||
$this->notify("Re: ".$decision['tag']." - ".$decision['title']." - finalised",$body,$decision['tag']);
|
||||
}
|
||||
}
|
||||
}
|
||||
function notify($subject,$body,$tag,$first=FALSE)
|
||||
{
|
||||
$header = "Content-Type: text/plain; charset=UTF-8\r\n";
|
||||
if ($first) {
|
||||
$header .= "Message-id: <".$tag.">\r\n";
|
||||
} else {
|
||||
$header .= "References: <".$tag.">\r\nIn-reply-to: <".$tag.">\r\n";
|
||||
}
|
||||
mail($this->board, mb_encode_mimeheader($subject,"UTF-8", "B", "\n"),$body,$header."From: Voting System <returns@cacert.org>");
|
||||
}
|
||||
function vote_notify($subject,$body,$tag)
|
||||
{
|
||||
$header = "Content-Type: text/plain; charset=UTF-8\r\n";
|
||||
$header .= "References: <".$tag.">\r\nIn-reply-to: <".$tag.">\r\n";
|
||||
mail($this->notices, mb_encode_mimeheader($subject,"UTF-8", "B", "\n"),$body,$header."From: Voting System <returns@cacert.org>");
|
||||
}
|
||||
function remind_notify($email,$subject,$body)
|
||||
{
|
||||
$header = "Content-Type: text/plain; charset=UTF-8\r\n";
|
||||
mail($email,$subject,$body,$header."From: Voting System <returns@cacert.org>");
|
||||
}
|
||||
function auth()
|
||||
{
|
||||
$stmt = $this->getStatement("get voter");
|
||||
$stmt->execute(array($_SERVER['REMOTE_USER']));
|
||||
$user = $stmt->fetch();
|
||||
if ($user) return $user;
|
||||
if ($_SERVER['SSL_CLIENT_S_DN_Email']) {
|
||||
$stmt->execute(array($_SERVER['SSL_CLIENT_S_DN_Email']));
|
||||
$user = $stmt->fetch();
|
||||
if ($user) return $user;
|
||||
}
|
||||
$d=0;
|
||||
while ($email=$_SERVER["SSL_CLIENT_S_DN_Email_$d"]) {
|
||||
$stmt->execute(array($email));
|
||||
$user = $stmt->fetch();
|
||||
if ($user) return $user;
|
||||
++$d;
|
||||
}
|
||||
$dn=$_SERVER['SSL_CLIENT_S_DN'];
|
||||
if (preg_match_all('/\/emailAddress=([^\/]*)/',$dn,$reg,PREG_SET_ORDER)) {
|
||||
foreach ($reg as $emailarr) {
|
||||
$stmt->execute(array($emailarr[1]));
|
||||
$user = $stmt->fetch();
|
||||
if ($user) return $user;
|
||||
}
|
||||
}
|
||||
if ($_SERVER['SSL_CLIENT_CERT']) {
|
||||
# subjectAltName unpresented by Apache http://httpd.apache.org/docs/trunk/mod/mod_ssl.html
|
||||
# subjectAltName http://tools.ietf.org/html/rfc5280#section-4.2.1.6
|
||||
# WARNING WARNING openssl_x509_parse is an unstable PHP API
|
||||
$x509 = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
|
||||
$subjectAltName = $x509['extensions']['subjectAltName']; // going off https://foaf.me/testSSL.php
|
||||
#print_r(split("[, ]",$subjectAltName));
|
||||
#print_r($x509);
|
||||
#echo $subjectAltName;
|
||||
if (preg_match_all('/email:([^, ]*)/',$subjectAltName,$reg,PREG_SET_ORDER)) {
|
||||
foreach ($reg as $emailarr) {
|
||||
$stmt->execute(array($emailarr[1]));
|
||||
$user = $stmt->fetch();
|
||||
if ($user) return $user;
|
||||
}
|
||||
}
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
?>
|
31
styles.css
31
styles.css
|
@ -1,31 +0,0 @@
|
|||
html, body, th, td {
|
||||
font-family: Verdana, Arial, Sans-Serif;
|
||||
font-size:10px;
|
||||
}
|
||||
table, tr, td, th {
|
||||
vertical-align:top;
|
||||
border:1px solid black;
|
||||
border-collapse: collapse;
|
||||
}
|
||||
td.navigation {
|
||||
text-align:center;
|
||||
}
|
||||
td.approved {
|
||||
color:green;
|
||||
}
|
||||
td.declined {
|
||||
color:red;
|
||||
}
|
||||
td.withdrawn {
|
||||
color:red;
|
||||
}
|
||||
td.pending {
|
||||
color:blue;
|
||||
}
|
||||
textarea {
|
||||
width:400px;
|
||||
height:150px;
|
||||
}
|
||||
input {
|
||||
width:400px;
|
||||
}
|
104
vote.php
104
vote.php
|
@ -1,104 +0,0 @@
|
|||
<?php
|
||||
if ($_SERVER['HTTPS'] != 'on') {
|
||||
header("HTTP/1.0 302 Redirect");
|
||||
header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
|
||||
exit();
|
||||
}
|
||||
require_once("database.php");
|
||||
$db = new DB();
|
||||
if (!($user = $db->auth())) {
|
||||
header("HTTP/1.0 302 Redirect");
|
||||
header("Location: denied.php");
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
<html>
|
||||
<head>
|
||||
<title>CAcert Board Decisions</title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
|
||||
<link rel="stylesheet" type="text/css" href="styles.css" />
|
||||
</head>
|
||||
<body>
|
||||
<?php
|
||||
if (is_numeric($_REQUEST['motion']) && is_numeric($_REQUEST['vote'])) {
|
||||
$stmt = $db->getStatement("get decision");
|
||||
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
||||
if ($stmt->execute() && ($decision=$stmt->fetch())) {
|
||||
if ($decision['status'] == 0) {
|
||||
$stmt = $db->getStatement("del vote");
|
||||
$stmt->bindParam(":voter",$user['id']);
|
||||
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
||||
if ($stmt->execute()) {
|
||||
$stmt = $db->getStatement("do vote");
|
||||
$stmt->bindParam(":voter",$user['id']);
|
||||
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
||||
$stmt->bindParam(":vote",$_REQUEST['vote']);
|
||||
$notes="Direct Vote\n\n".$_SERVER['SSL_CLIENT_CERT'];
|
||||
$stmt->bindParam(":notes",$notes);
|
||||
if ($stmt->execute()) {
|
||||
?>
|
||||
<b>Your vote has been registered.</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<?php
|
||||
$name = $user['name'];
|
||||
$vote = '';
|
||||
switch($_REQUEST['vote']) {
|
||||
case 1 : $vote='Aye'; break;
|
||||
case -1: $vote='Naye'; break;
|
||||
default: $vote='Abstain'; break;
|
||||
}
|
||||
$tag = $decision['tag'];
|
||||
$title = $decision['title'];
|
||||
$content = $decision['content'];
|
||||
$due = $decision['due']." UTC";
|
||||
$body = <<<BODY
|
||||
Dear Board,
|
||||
|
||||
$name has just voted $vote on motion $tag.
|
||||
|
||||
Motion:
|
||||
$title
|
||||
$content
|
||||
|
||||
Kind regards,
|
||||
the vote system
|
||||
|
||||
BODY;
|
||||
$db->vote_notify("Re: $tag - $title",$body,$tag);
|
||||
} else {
|
||||
?>
|
||||
<b>Your vote has NOT been registered.</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<b>Your vote has NOT been registered.</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<b>Your vote has NOT been registered.</b><br/>
|
||||
<b>Voting is alread closed!</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<b>Your vote has NOT been registered.</b><br/>
|
||||
<b>Could not find the motion to be voted!</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<b>This call is not a valid vote!</b><br/>
|
||||
<a href="motions.php">Back to motions</a>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in a new issue