summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcommunity.cacert.org <community.cacert.org@d4452222-2f33-11de-9270-010000000000>2009-05-29 04:07:07 +0000
committercommunity.cacert.org <community.cacert.org@d4452222-2f33-11de-9270-010000000000>2009-05-29 04:07:07 +0000
commited0a6f42d5786b6a4945276c639528fa79d85c4f (patch)
treea17ce261a0ce347366e716c8bdcdd380233f4bea
parente122d4337bb02ac572b3abe82d590aeeda5691f5 (diff)
downloadcacert-boardvoting-ed0a6f42d5786b6a4945276c639528fa79d85c4f.tar.gz
cacert-boardvoting-ed0a6f42d5786b6a4945276c639528fa79d85c4f.tar.xz
cacert-boardvoting-ed0a6f42d5786b6a4945276c639528fa79d85c4f.zip
withdrawling motions now authenticated and notices send
git-svn-id: http://svn.cacert.cl/Software/Voting/vote@45 d4452222-2f33-11de-9270-010000000000
-rw-r--r--.htaccess2
-rw-r--r--motions.php40
2 files changed, 34 insertions, 8 deletions
diff --git a/.htaccess b/.htaccess
index 36336c2..7a803b2 100644
--- a/.htaccess
+++ b/.htaccess
@@ -17,7 +17,7 @@ php_value safe_mode_exec_dir /var/empty
-<FilesMatch "^(motion|vote|proxy)\.php$">
+<FilesMatch "^(motions?|vote|proxy)\.php$">
# these files require authentication
<IfModule mod_ssl.c>
SSLOptions +OptRenegotiate +StdEnvVars +ExportCertData
diff --git a/motions.php b/motions.php
index 7784e23..ca045ce 100644
--- a/motions.php
+++ b/motions.php
@@ -3,6 +3,39 @@
$db = new DB();
$db->closeVotes();
$page = is_numeric($_REQUEST['page'])?$_REQUEST['page']:1;
+
+ if ($_REQUEST['withdrawl'] && $_REQUEST['confirm'] && $_REQUEST['id']) {
+ if (!($user = $db->auth())) {
+ header("HTTP/1.0 302 Redirect");
+ header("Location: denied.php");
+ exit();
+ }
+ $stmt = $db->getStatement("get decision");
+ $stmt->bindParam(":decision",$_REQUEST['id']);
+ if ($stmt->execute() && ($decision=$stmt->fetch())) {
+ $name = $user['name'];
+ $tag = $decision['tag'];
+ $title = $decision['title'];
+ $content = $decision['content'];
+ $body = <<<BODY
+Dear Board,
+
+$name has withdrawn the motion $tag that was as follows:
+
+$title
+$content
+
+Kind regards,
+the voting system
+BODY;
+ $db->notify("Re: $tag - $title - withdrawn",$body);
+ }
+ $stmt = $db->getStatement("close decision");
+ $status = -2;
+ $stmt->bindParam(":status",$status);
+ $stmt->bindParam(":decision",$_REQUEST['id']);
+ $stmt->execute();
+ }
?>
<html>
<head>
@@ -18,13 +51,6 @@
<th>Actions</th>
</tr>
<?php
- if ($_REQUEST['withdrawl'] && $_REQUEST['confirm'] && $_REQUEST['id']) {
- $stmt = $db->getStatement("close decision");
- $status = -2;
- $stmt->bindParam(":status",$status);
- $stmt->bindParam(":decision",$_REQUEST['id']);
- $stmt->execute();
- }
if ($_REQUEST['motion']) {
$stmt = $db->getStatement("list decision");
$stmt->execute(array($_REQUEST['motion']));