536de037fe32857a1998aacdb80e1c614a95ad23
[cacert-boardvoting.git] / motion.php
1 <?php
2 if ($_SERVER['HTTPS'] != 'on') {
3 header("HTTP/1.0 302 Redirect");
4 header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
5 exit();
6 }
7 require_once("database.php");
8 $db = new DB();
9 if (!($user = $db->auth())) {
10 header("HTTP/1.0 302 Redirect");
11 header("Location: denied.php");
12 exit();
13 }
14 $db->getStatement("stats")->execute();
15 $stats = $db->getStatement("stats")->fetch();
16 ?>
17 <html>
18 <head>
19 <title>CAcert Board Decisions</title>
20 <meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
21 <link rel="stylesheet" type="text/css" href="styles.css" />
22 </head>
23 <body>
24 <?php
25 if ($_REQUEST['action'] == "store") {
26 $stmt = $db->getStatement("create decision");
27 $stmt->bindParam(":proponent",$user['id']);
28 $stmt->bindParam(":title",$_POST['title']);
29 $stmt->bindParam(":content",$_POST['content']);
30 $stmt->bindParam(":votetype",$_POST['votetype']);
31 $stmt->bindParam(":due",$_POST['due']);
32 if ($stmt->execute()) {
33 ?>
34 <b>The motion has been proposed!</b><br/>
35 <a href="motions.php">Back to motions</a><br/>
36 <br/>
37 <br/>
38 <?php
39 $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
40 $name = $user['name'];
41 $tag = $decision['tag'];
42 $title = $decision['title'];
43 $content =$decision['content'];
44 $due = $decision['due']." UTC";
45 $votetype = !$decision['votetype'] ? 'motion' : 'veto';
46 $baseurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','',$_SERVER['REQUEST_URI']);
47 $voteurl = $baseurl."vote.php?motion=".$decision['id'];
48 $unvoted = $baseurl."motions.php?unvoted=1";
49 $body = <<<BODY
50 Dear Board,
51
52 $name has made the following motion:
53
54 $title
55 $content
56
57 Vote type: $votetype
58
59 Voting will close $due.
60
61 To vote please choose:
62
63 Aye: $voteurl&vote=1
64 Naye: $voteurl&vote=-1
65 Abstain: $voteurl&vote=0
66
67 To see all your outstanding votes : $unvoted
68
69 Kind regards,
70 the voting system
71 BODY;
72 $db->notify("$tag - $title",$body,$tag,TRUE);
73 } else {
74 ?>
75 <b>The motion has NOT been proposed!</b><br/>
76 <a href="motions.php">Back to motions</a><br/>
77 <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
78 <br/>
79 <br/>
80 <?php
81 }
82 }
83
84 if (is_numeric($_REQUEST['motion'])) {
85 $stmt = $db->getStatement("get decision");
86 if ($stmt->execute(array($_REQUEST['motion']))) {
87 $motion = $stmt->fetch();
88 }
89 if (!is_numeric($motion['id'])) {
90 $motion = array();
91 foreach (array("title","content") as $column) {
92 $motion[$column] = "";
93 }
94 $motion["proposer"] = $user['name'];
95 $motion["votetype"] = 0; // defaults to motion
96 }
97 } else {
98 $motion = array();
99 foreach (array("title","content") as $column) {
100 $motion[$column] = "";
101 }
102 $motion["proposer"] = $user['name'];
103 $motion["votetype"] = 0; // defaults to motion
104 }
105 ?>
106 <form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
107 <input type="hidden" name="action" value="store" />
108 <?php
109 if (is_numeric($_REQUEST['motion'])) {
110 ?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
111 }
112 ?>
113 <table>
114 <tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>
115 <tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?></td></tr>
116 <tr><td>Proposed date/time:</td><td><?php echo htmlentities($motion['proposed'] ? $motion['proposed']." UTC" : '(auto filled to current date/time)'); ?></td></tr>
117 <tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>
118 <tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>
119 <tr><td>Vote type:</td><td><select name="votetype">
120 <option value="0" <?php if(!$motion['votetype']) { echo(" selected=\"selected\""); } ?>>Motion</option>
121 <option value="1" <?php if($motion['votetype']) { echo(" selected=\"selected\""); } ?>>Veto</option>
122 </select></td></tr>
123 <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'] ? $motion['due'].' UTC' : '(autofilled from option below)')?></td></tr>
124 <tr><td><select name="due">
125 <option value="+3 days">In 3 Days</option>
126 <option value="+7 days">In 1 Week</option>
127 <option value="+14 days">In 2 Weeks</option>
128 <option value="+28 days">In 4 Weeks</option>
129 </select></td></tr>
130 <tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
131 </table>
132 </form>
133 <br/>
134 <a href="motions.php">Back to motions</a>
135 </body>
136 </html>