Voting Tool

git-svn-id: http://svn.cacert.cl/Software/Voting/vote@34 d4452222-2f33-11de-9270-010000000000

1 files changed, 107 insertions, 0 deletions

diff --git a/vote.php b/vote.php
new file mode 100644
index 0000000..b357cf1
--- /dev/null
+++ b/vote.php
@@ -0,0 +1,107 @@
+<?php
+	if ($_SERVER['HTTPS'] != 'on') {
+		header("HTTP/1.0 302 Redirect");
+		header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
+		exit();
+	}
+	$user = $_SERVER['REMOTE_USER'];
+	require_once("database.php");
+	$db = new DB();
+	$stmt = $db->getStatement("get voter");
+	$stmt->execute(array($user));
+	if (!($user = $stmt->fetch())) {
+		header("HTTP/1.0 302 Redirect");
+		header("Location: denied.php");
+		exit();
+	}
+?>
+<html>
+	<head>
+		<title>CAcert Board Decisions</title>
+		<meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
+		<link rel="stylesheet" type="text/css" href="styles.css" />
+	</head>
+	<body>
+		<?php
+			if (is_numeric($_REQUEST['motion']) && is_numeric($_REQUEST['vote'])) {
+				$stmt = $db->getStatement("get decision");
+				$stmt->bindParam(":decision",$_REQUEST['motion']);
+				if ($stmt->execute() && ($decision=$stmt->fetch())) {
+					if ($decision['status'] == 0) {
+						$stmt = $db->getStatement("del vote");
+						$stmt->bindParam(":voter",$user['id']);
+						$stmt->bindParam(":decision",$_REQUEST['motion']);
+						if ($stmt->execute()) {
+							$stmt = $db->getStatement("do vote");
+							$stmt->bindParam(":voter",$user['id']);
+							$stmt->bindParam(":decision",$_REQUEST['motion']);
+							$stmt->bindParam(":vote",$_REQUEST['vote']);
+							$notes="Direct Vote\n\n".$_SERVER['SSL_CLIENT_CERT'];
+							$stmt->bindParam(":notes",$notes);
+							if ($stmt->execute()) {
+								?>
+									<b>Your vote has been registered.</b><br/>
+									<a href="motions.php">Back to motions</a>
+								<?php
+								$name = $user['name'];
+								$vote = '';
+								switch($_REQUEST['vote']) {
+									case 1 : $vote='Aye'; break;
+									case -1: $vote='Naye'; break;
+									default: $vote='Abstain'; break;
+								}
+								$tag = $decision['tag'];
+								$title = $decision['title'];
+								$content = $decision['content'];
+								$due = $decision['due']." UTC";
+								$body = <<<BODY
+Dear Board,
+
+$name has just voted $vote on motion $tag.
+
+Motion:
+    $title
+    $content
+
+Kind regards,
+the vote system
+
+BODY;
+								mail($board,"Re: $tag - $title",$body);
+							} else {
+								?>
+								<b>Your vote has NOT been registered.</b><br/>
+								<a href="motions.php">Back to motions</a>
+								<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
+								<?php
+							}
+						} else {
+							?>
+							<b>Your vote has NOT been registered.</b><br/>
+							<a href="motions.php">Back to motions</a>
+							<i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
+							<?php
+						}
+					} else {
+						?>
+						<b>Your vote has NOT been registered.</b><br/>
+						<b>Voting is alread closed!</b><br/>
+						<a href="motions.php">Back to motions</a>
+						<?php
+					}
+				} else {
+					?>
+					<b>Your vote has NOT been registered.</b><br/>
+					<b>Could not find the motion to be voted!</b><br/>
+					<a href="motions.php">Back to motions</a>
+					<?php
+				}
+			} else {
+				?>
+				<b>This call is not a valid vote!</b><br/>
+				<a href="motions.php">Back to motions</a>
+				<?php
+			}
+		?>
+	</body>
+</html>
\ No newline at end of file