summaryrefslogtreecommitdiff
path: root/motion.php
diff options
context:
space:
mode:
Diffstat (limited to 'motion.php')
-rw-r--r--motion.php211
1 files changed, 211 insertions, 0 deletions
diff --git a/motion.php b/motion.php
new file mode 100644
index 0000000..515e25c
--- /dev/null
+++ b/motion.php
@@ -0,0 +1,211 @@
+<?php
+ if ($_SERVER['HTTPS'] != 'on') {
+ header("HTTP/1.0 302 Redirect");
+ header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
+ exit();
+ }
+ $user = $_SERVER['REMOTE_USER'];
+ require_once("database.php");
+ $db = new DB();
+ $stmt = $db->getStatement("get voter");
+ $stmt->execute(array($user));
+ if (!($user = $stmt->fetch())) {
+ header("HTTP/1.0 302 Redirect");
+ header("Location: denied.php");
+ exit();
+ }
+ $db->getStatement("stats")->execute();
+ $stats = $db->getStatement("stats")->fetch();
+ function htmlesc($string) {
+ $string = preg_replace('/&/',"&amp;",$string);
+ $string = preg_replace('/</',"&lt;",$string);
+ $string = preg_replace('/>/',"&gt;",$string);
+ echo $string;
+ }
+?>
+<html>
+ <head>
+ <title>CAcert Board Decisions</title>
+ <meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
+ <link rel="stylesheet" type="text/css" href="styles.css" />
+ </head>
+ <body>
+ <?php
+ if ($_REQUEST['action'] == "store") {
+ if (is_numeric($_REQUEST['motion'])) {
+ $stmt = $db->getStatement("update decision");
+ $stmt->bindParam(":id",$_POST['motion']);
+ $stmt->bindParam(":proponent",$_POST['proponent']);
+ $stmt->bindParam(":title",$_POST['title']);
+ $stmt->bindParam(":content",$_POST['content']);
+ $stmt->bindParam(":quorum",$_POST['quorum']);
+ $stmt->bindParam(":majority",$_POST['majority']);
+ $stmt->bindParam(":due",$_POST['due']);
+ if ($stmt->execute()) {
+ ?>
+ <b>The motion has been proposed!</b><br/>
+ <a href="motions.php">Back to motions</a><br/>
+ <br/>
+ <br/>
+ <?php
+ $decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();
+ $name = $user['name'];
+ $tag = $decision['tag'];
+ $title = $decision['title'];
+ $content =$decision['content'];
+ $due = $decision['due']." UTC";
+ $quorum = $decision['quorum'];
+ $majority = $decision['majority'];
+ $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
+ $body = <<<BODY
+Dear Board,
+
+$name has modified motion $tag to the following:
+
+$title
+$content
+
+To pass a minimum of $quorum votes and a $majority% acceptance will be required.
+Voting will close $due.
+
+To vote please choose:
+
+Aye: $voteurl&vote=1
+Naye: $voteurl&vote=-1
+Abstain: $voteurl&vote=0
+
+Please be aware, that if you have voted already your votr is still registered and valid.
+If this modification has an impact on how you wish to vote, you are responsible for voting
+again.
+
+Kind regards,
+the voting system
+BODY;
+ mail($board,"Re: $tag - $title",$body);
+ } else {
+ ?>
+ <b>The motion has NOT been proposed!</b><br/>
+ <a href="motions.php">Back to motions</a><br/>
+ <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
+ <br/>
+ <br/>
+ <?php
+ }
+ } else {
+ $stmt = $db->getStatement("create decision");
+ $stmt->bindParam(":proponent",$_POST['proponent']);
+ $stmt->bindParam(":title",$_POST['title']);
+ $stmt->bindParam(":content",$_POST['content']);
+ $stmt->bindParam(":quorum",$_POST['quorum']);
+ $stmt->bindParam(":majority",$_POST['majority']);
+ $stmt->bindParam(":due",$_POST['due']);
+ if ($stmt->execute()) {
+ $db->getStatement("post create")->execute();
+ ?>
+ <b>The motion has been proposed!</b><br/>
+ <a href="motions.php">Back to motions</a><br/>
+ <br/>
+ <br/>
+ <?php
+ $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
+ $name = $user['name'];
+ $tag = $decision['tag'];
+ $title = $decision['title'];
+ $content =$decision['content'];
+ $due = $decision['due']." UTC";
+ $quorum = $decision['quorum'];
+ $majority = $decision['majority'];
+ $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
+ $body = <<<BODY
+Dear Board,
+
+$name has made the following motion:
+
+$title
+$content
+
+To pass a minimum of $quorum votes and a $majority% acceptance will be required.
+Voting will close $due.
+
+To vote please choose:
+
+Aye: $voteurl&vote=1
+Naye: $voteurl&vote=-1
+Abstain: $voteurl&vote=0
+
+Kind regards,
+the voting system
+BODY;
+ mail($board,"$tag - $title",$body);
+ } else {
+ ?>
+ <b>The motion has NOT been proposed!</b><br/>
+ <a href="motions.php">Back to motions</a><br/>
+ <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
+ <br/>
+ <br/>
+ <?php
+ }
+ }
+
+ }
+ if (is_numeric($_REQUEST['motion'])) {
+ $stmt = $db->getStatement("get decision");
+ if ($stmt->execute(array($_REQUEST['motion']))) {
+ $motion = $stmt->fetch();
+ }
+ if (!is_numeric($motion['id'])) {
+ $motion = array();
+ foreach (array("title","content","quorum","majority") as $column) {
+ $motion[$column] = "";
+ }
+ $motion["proponent"] = $user['id'];
+ $motion["proposer"] = $user['name'];
+ }
+ } else {
+ $motion = array();
+ foreach (array("title","content","quorum","majority") as $column) {
+ $motion[$column] = "";
+ }
+ $motion["proponent"] = $user['id'];
+ $motion["proposer"] = $user['name'];
+ }
+ ?>
+ <form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
+ <input type="hidden" name="action" value="store" />
+ <?php
+ if (is_numeric($_REQUEST['motion'])) {
+ ?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
+ }
+ ?>
+ <table>
+ <tr><td>ID:</td><td><?php htmlesc($motion['tag']); ?></td></tr>
+ <tr><td>Proponent:</td><td><?php htmlesc($motion['proposer']); ?><input type="hidden" name="proponent" value="<?php htmlesc($user['id']); ?>"></td></tr>
+ <tr><td>Proposed:</td><td><?php htmlesc($motion['proposed']); ?> UTC</td></tr>
+ <tr><td>Title:</td><td><input name="title" value="<?php htmlesc($motion['title'])?>"></td></tr>
+ <tr><td>Text:</td><td><textarea name="content"><?php htmlesc($motion['content'])?></textarea></td></tr>
+ <tr><td>Quorum:</td><td><select name="quorum">
+ <option value="<?php echo(ceil($stats["voters"])); ?>" <?php if($motion['quorum'] == $stats["voters"]) { echo(" selected=\"selected\""); } ?>>100% Votes (<?php echo($stats["voters"]); ?>)</option>
+ <option value="<?php echo(ceil($stats["voters"] / 2)); ?>" <?php if($motion['quorum'] == ceil($stats["voters"] / 2)) { echo(" selected=\"selected\""); } ?>>50% Votes (<?php echo(ceil($stats["voters"] / 2)); ?>)</option>
+ <option value="2" <?php if($motion['quorum'] == 2) { echo(" selected=\"selected\""); } ?>>2 Votes</option>
+ <option value="1" <?php if($motion['quorum'] == 1) { echo(" selected=\"selected\""); } ?>>1 Vote</option>
+ </select></td></tr>
+ <tr><td>Majority:</td><td><select name="majority">
+ <option value="50" <?php if($motion['majority'] == 50) { echo(" selected=\"selected\""); } ?>>50%</option>
+ <option value="67" <?php if($motion['majority'] == 67) { echo(" selected=\"selected\""); } ?>>67%</option>
+ <option value="75" <?php if($motion['majority'] == 75) { echo(" selected=\"selected\""); } ?>>75%</option>
+ <option value="100" <?php if($motion['majority'] == 100) { echo(" selected=\"selected\""); } ?>>100%</option>
+ </td></tr>
+ <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'])?> UTC</td></tr>
+ <tr><td><select name="due">
+ <option value="+3 days">In 3 Days</option>
+ <option value="+7 days">In 1 Week</option>
+ <option value="+14 days">In 2 Weeks</option>
+ </select></td></tr>
+ <tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
+ </table>
+ </form>
+ <br/>
+ <a href="motions.php">Back to motions</a>
+ </body>
+</html>