summaryrefslogtreecommitdiff
path: root/vote.php
diff options
context:
space:
mode:
Diffstat (limited to 'vote.php')
-rw-r--r--vote.php107
1 files changed, 107 insertions, 0 deletions
diff --git a/vote.php b/vote.php
new file mode 100644
index 0000000..b357cf1
--- /dev/null
+++ b/vote.php
@@ -0,0 +1,107 @@
+<?php
+ if ($_SERVER['HTTPS'] != 'on') {
+ header("HTTP/1.0 302 Redirect");
+ header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
+ exit();
+ }
+ $user = $_SERVER['REMOTE_USER'];
+ require_once("database.php");
+ $db = new DB();
+ $stmt = $db->getStatement("get voter");
+ $stmt->execute(array($user));
+ if (!($user = $stmt->fetch())) {
+ header("HTTP/1.0 302 Redirect");
+ header("Location: denied.php");
+ exit();
+ }
+?>
+<html>
+ <head>
+ <title>CAcert Board Decisions</title>
+ <meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
+ <link rel="stylesheet" type="text/css" href="styles.css" />
+ </head>
+ <body>
+ <?php
+ if (is_numeric($_REQUEST['motion']) && is_numeric($_REQUEST['vote'])) {
+ $stmt = $db->getStatement("get decision");
+ $stmt->bindParam(":decision",$_REQUEST['motion']);
+ if ($stmt->execute() && ($decision=$stmt->fetch())) {
+ if ($decision['status'] == 0) {
+ $stmt = $db->getStatement("del vote");
+ $stmt->bindParam(":voter",$user['id']);
+ $stmt->bindParam(":decision",$_REQUEST['motion']);
+ if ($stmt->execute()) {
+ $stmt = $db->getStatement("do vote");
+ $stmt->bindParam(":voter",$user['id']);
+ $stmt->bindParam(":decision",$_REQUEST['motion']);
+ $stmt->bindParam(":vote",$_REQUEST['vote']);
+ $notes="Direct Vote\n\n".$_SERVER['SSL_CLIENT_CERT'];
+ $stmt->bindParam(":notes",$notes);
+ if ($stmt->execute()) {
+ ?>
+ <b>Your vote has been registered.</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <?php
+ $name = $user['name'];
+ $vote = '';
+ switch($_REQUEST['vote']) {
+ case 1 : $vote='Aye'; break;
+ case -1: $vote='Naye'; break;
+ default: $vote='Abstain'; break;
+ }
+ $tag = $decision['tag'];
+ $title = $decision['title'];
+ $content = $decision['content'];
+ $due = $decision['due']." UTC";
+ $body = <<<BODY
+Dear Board,
+
+$name has just voted $vote on motion $tag.
+
+Motion:
+ $title
+ $content
+
+Kind regards,
+the vote system
+
+BODY;
+ mail($board,"Re: $tag - $title",$body);
+ } else {
+ ?>
+ <b>Your vote has NOT been registered.</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
+ <?php
+ }
+ } else {
+ ?>
+ <b>Your vote has NOT been registered.</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i>
+ <?php
+ }
+ } else {
+ ?>
+ <b>Your vote has NOT been registered.</b><br/>
+ <b>Voting is alread closed!</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <?php
+ }
+ } else {
+ ?>
+ <b>Your vote has NOT been registered.</b><br/>
+ <b>Could not find the motion to be voted!</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <?php
+ }
+ } else {
+ ?>
+ <b>This call is not a valid vote!</b><br/>
+ <a href="motions.php">Back to motions</a>
+ <?php
+ }
+ ?>
+ </body>
+</html> \ No newline at end of file