You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
158 lines
4.7 KiB
PHP
158 lines
4.7 KiB
PHP
<?php
|
|
if ($_SERVER['HTTPS'] != 'on') {
|
|
header("HTTP/1.0 302 Redirect");
|
|
header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
|
|
exit();
|
|
}
|
|
$user = $_SERVER['REMOTE_USER'];
|
|
require_once("database.php");
|
|
$db = new DB();
|
|
$stmt = $db->getStatement("get voter");
|
|
$stmt->execute(array($user));
|
|
if (!($user = $stmt->fetch())) {
|
|
header("HTTP/1.0 302 Redirect");
|
|
header("Location: denied.php");
|
|
exit();
|
|
}
|
|
?>
|
|
<html>
|
|
<head>
|
|
<title>CAcert Board Decisions</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
|
|
<link rel="stylesheet" type="text/css" href="styles.css" />
|
|
</head>
|
|
<body>
|
|
<?php
|
|
if (!is_numeric($_REQUEST['motion'])) {
|
|
?>
|
|
<b>This is not a valid motion!</b><br/>
|
|
<a href="motions.php">Back to motions</a><br/>
|
|
<?php
|
|
} else {
|
|
$stmt = $db->getStatement("get decision");
|
|
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
|
if ($stmt->execute() && ($decision=$stmt->fetch()) && ($decision['status'] == 0)) {
|
|
if (is_numeric($_POST['voter']) && is_numeric($_POST['vote']) && is_numeric($_REQUEST['motion']) && ($_POST['justification'] != "")) {
|
|
$stmt = $db->getStatement("del vote");
|
|
$stmt->bindParam(":voter",$_REQUEST['voter']);
|
|
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
|
if ($stmt->execute()) {
|
|
$stmt = $db->getStatement("do vote");
|
|
$stmt->bindParam(":voter",$_REQUEST['voter']);
|
|
$stmt->bindParam(":decision",$_REQUEST['motion']);
|
|
$stmt->bindParam(":vote",$_REQUEST['vote']);
|
|
$notes = "Proxy-Vote by ".$user['name']."\n\n".$_REQUEST['justification']."\n\n".$_SERVER['SSL_CLIENT_CERT'];
|
|
$stmt->bindParam(":notes",$notes);
|
|
if ($stmt->execute()) {
|
|
?>
|
|
<b>The vote has been registered.</b><br/>
|
|
<a href="motions.php">Back to motions</a>
|
|
<?php
|
|
$stmt = $db->getStatement("get voter by id");
|
|
$stmt->bindParam(":id",$_REQUEST['voter']);
|
|
if ($stmt->execute() && ($voter=$stmt->fetch())) {
|
|
$voter = $voter['name'];
|
|
} else {
|
|
$voter = "Voter: ".$_REQUEST['voter'];
|
|
}
|
|
$name = $user['name'];
|
|
$justification = $_REQUEST['justification'];
|
|
$vote = '';
|
|
switch($_REQUEST['vote']) {
|
|
case 1 : $vote='Aye'; break;
|
|
case -1: $vote='Naye'; break;
|
|
default: $vote='Abstain'; break;
|
|
}
|
|
$tag = $decision['tag'];
|
|
$title = $decision['title'];
|
|
$content = $decision['content'];
|
|
$due = $decision['due']." UTC";
|
|
$body = <<<BODY
|
|
Dear Board,
|
|
|
|
$name has just registered a proxy vote of $vote for $voter on motion $tag.
|
|
|
|
The justification for this was:
|
|
$justification
|
|
|
|
Motion:
|
|
$title
|
|
$content
|
|
|
|
Kind regards,
|
|
the vote system
|
|
|
|
BODY;
|
|
$db->notify("Re: $tag - $title",$body);
|
|
} else {
|
|
?>
|
|
<b>The vote has NOT been registered.</b><br/>
|
|
<a href="motions.php">Back to motions</a>
|
|
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
|
<?php
|
|
}
|
|
} else {
|
|
?>
|
|
<b>The vote has NOT been registered.</b><br/>
|
|
<a href="motions.php">Back to motions</a>
|
|
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
|
<?php
|
|
}
|
|
} else {
|
|
$stmt = $db->getStatement("get voters");
|
|
if ($stmt->execute() && ($voters = $stmt->fetchAll())) {
|
|
?>
|
|
<form method="POST" action="?motion=<?php echo($_REQUEST['motion']); ?>">
|
|
<table>
|
|
<tr>
|
|
<th>Voter</th><th>Vote</th>
|
|
</tr>
|
|
<tr>
|
|
<td><select name="voter"><?php
|
|
foreach ($voters as $voter) {
|
|
?>
|
|
<option value="<?php echo($voter['id']); ?>"<?php if ($voter['id'] == $_POST['voter']) { echo(" selected=\"selected\""); } ?>><?php echo($voter['name']); ?></option>
|
|
<?php
|
|
}
|
|
?></select></td>
|
|
<td><select name="vote">
|
|
<option value="1"<?php if (1 == $_POST['voter']) { echo(" selected=\"selected\""); } ?>>Aye</option>
|
|
<option value="0"<?php if (0 == $_POST['voter']) { echo(" selected=\"selected\""); } ?>>Abstain</option>
|
|
<option value="-1"<?php if (-1 == $_POST['voter']) { echo(" selected=\"selected\""); } ?>>Naye</option>
|
|
</select></td>
|
|
</tr>
|
|
<tr>
|
|
<th colspan="2">Justification:</th>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2"><textarea name="justification"><?php echo($_POST['justification']); ?></textarea></td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2"><input type="submit" value="Proxy Vote" /></td>
|
|
</tr>
|
|
</table>
|
|
</form>
|
|
<?php
|
|
} else {
|
|
?>
|
|
<b>Could not retrieve voters!</b><br/>
|
|
<a href="motions.php">Back to motions</a><br/>
|
|
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
|
<?php
|
|
}
|
|
}
|
|
?>
|
|
|
|
<?php
|
|
} else {
|
|
?>
|
|
<b>This is not a valid motion!</b><br/>
|
|
<a href="motions.php">Back to motions</a><br/>
|
|
<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
|
|
<?php
|
|
}
|
|
}
|
|
?>
|
|
</body>
|
|
</html>
|