From ed0a6f42d5786b6a4945276c639528fa79d85c4f Mon Sep 17 00:00:00 2001 From: "community.cacert.org" Date: Fri, 29 May 2009 04:07:07 +0000 Subject: [PATCH] withdrawling motions now authenticated and notices send git-svn-id: http://svn.cacert.cl/Software/Voting/vote@45 d4452222-2f33-11de-9270-010000000000 --- .htaccess | 2 +- motions.php | 40 +++++++++++++++++++++++++++++++++------- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/.htaccess b/.htaccess index 36336c2..7a803b2 100644 --- a/.htaccess +++ b/.htaccess @@ -17,7 +17,7 @@ php_value safe_mode_exec_dir /var/empty - + # these files require authentication SSLOptions +OptRenegotiate +StdEnvVars +ExportCertData diff --git a/motions.php b/motions.php index 7784e23..ca045ce 100644 --- a/motions.php +++ b/motions.php @@ -3,6 +3,39 @@ $db = new DB(); $db->closeVotes(); $page = is_numeric($_REQUEST['page'])?$_REQUEST['page']:1; + + if ($_REQUEST['withdrawl'] && $_REQUEST['confirm'] && $_REQUEST['id']) { + if (!($user = $db->auth())) { + header("HTTP/1.0 302 Redirect"); + header("Location: denied.php"); + exit(); + } + $stmt = $db->getStatement("get decision"); + $stmt->bindParam(":decision",$_REQUEST['id']); + if ($stmt->execute() && ($decision=$stmt->fetch())) { + $name = $user['name']; + $tag = $decision['tag']; + $title = $decision['title']; + $content = $decision['content']; + $body = <<notify("Re: $tag - $title - withdrawn",$body); + } + $stmt = $db->getStatement("close decision"); + $status = -2; + $stmt->bindParam(":status",$status); + $stmt->bindParam(":decision",$_REQUEST['id']); + $stmt->execute(); + } ?> @@ -18,13 +51,6 @@ Actions getStatement("close decision"); - $status = -2; - $stmt->bindParam(":status",$status); - $stmt->bindParam(":decision",$_REQUEST['id']); - $stmt->execute(); - } if ($_REQUEST['motion']) { $stmt = $db->getStatement("list decision"); $stmt->execute(array($_REQUEST['motion']));