60cfb0de9015cc59f9f854cfdf9f50aeb4f1aba0
[cacert-boardvoting.git] / motion.php
1 <?php
2 if ($_SERVER['HTTPS'] != 'on') {
3 header("HTTP/1.0 302 Redirect");
4 header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
5 exit();
6 }
7 $user = $_SERVER['REMOTE_USER'];
8 require_once("database.php");
9 $db = new DB();
10 $stmt = $db->getStatement("get voter");
11 $stmt->execute(array($user));
12 if (!($user = $stmt->fetch())) {
13 header("HTTP/1.0 302 Redirect");
14 header("Location: denied.php");
15 exit();
16 }
17 $db->getStatement("stats")->execute();
18 $stats = $db->getStatement("stats")->fetch();
19 function htmlesc($string) {
20 $string = preg_replace('/&/',"&amp;",$string);
21 $string = preg_replace('/</',"&lt;",$string);
22 $string = preg_replace('/>/',"&gt;",$string);
23 echo $string;
24 }
25 ?>
26 <html>
27 <head>
28 <title>CAcert Board Decisions</title>
29 <meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
30 <link rel="stylesheet" type="text/css" href="styles.css" />
31 </head>
32 <body>
33 <?php
34 if ($_REQUEST['action'] == "store") {
35 if (is_numeric($_REQUEST['motion'])) {
36 $stmt = $db->getStatement("update decision");
37 $stmt->bindParam(":id",$_POST['motion']);
38 $stmt->bindParam(":proponent",$_POST['proponent']);
39 $stmt->bindParam(":title",$_POST['title']);
40 $stmt->bindParam(":content",$_POST['content']);
41 $stmt->bindParam(":quorum",$_POST['quorum']);
42 $stmt->bindParam(":majority",$_POST['majority']);
43 $stmt->bindParam(":due",$_POST['due']);
44 if ($stmt->execute()) {
45 ?>
46 <b>The motion has been proposed!</b><br/>
47 <a href="motions.php">Back to motions</a><br/>
48 <br/>
49 <br/>
50 <?php
51 $decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();
52 $name = $user['name'];
53 $tag = $decision['tag'];
54 $title = $decision['title'];
55 $content =$decision['content'];
56 $due = $decision['due']." UTC";
57 $quorum = $decision['quorum'];
58 $majority = $decision['majority'];
59 $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
60 $body = <<<BODY
61 Dear Board,
62
63 $name has modified motion $tag to the following:
64
65 $title
66 $content
67
68 To pass a minimum of $quorum votes and a $majority% acceptance will be required.
69 Voting will close $due.
70
71 To vote please choose:
72
73 Aye: $voteurl&vote=1
74 Naye: $voteurl&vote=-1
75 Abstain: $voteurl&vote=0
76
77 Please be aware, that if you have voted already your votr is still registered and valid.
78 If this modification has an impact on how you wish to vote, you are responsible for voting
79 again.
80
81 Kind regards,
82 the voting system
83 BODY;
84 mail($board,"Re: $tag - $title",$body,"From: Voting System <returns@caert.org>");
85 } else {
86 ?>
87 <b>The motion has NOT been proposed!</b><br/>
88 <a href="motions.php">Back to motions</a><br/>
89 <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
90 <br/>
91 <br/>
92 <?php
93 }
94 } else {
95 $stmt = $db->getStatement("create decision");
96 $stmt->bindParam(":proponent",$_POST['proponent']);
97 $stmt->bindParam(":title",$_POST['title']);
98 $stmt->bindParam(":content",$_POST['content']);
99 $stmt->bindParam(":quorum",$_POST['quorum']);
100 $stmt->bindParam(":majority",$_POST['majority']);
101 $stmt->bindParam(":due",$_POST['due']);
102 if ($stmt->execute()) {
103 $db->getStatement("post create")->execute();
104 ?>
105 <b>The motion has been proposed!</b><br/>
106 <a href="motions.php">Back to motions</a><br/>
107 <br/>
108 <br/>
109 <?php
110 $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
111 $name = $user['name'];
112 $tag = $decision['tag'];
113 $title = $decision['title'];
114 $content =$decision['content'];
115 $due = $decision['due']." UTC";
116 $quorum = $decision['quorum'];
117 $majority = $decision['majority'];
118 $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
119 $body = <<<BODY
120 Dear Board,
121
122 $name has made the following motion:
123
124 $title
125 $content
126
127 To pass a minimum of $quorum votes and a $majority% acceptance will be required.
128 Voting will close $due.
129
130 To vote please choose:
131
132 Aye: $voteurl&vote=1
133 Naye: $voteurl&vote=-1
134 Abstain: $voteurl&vote=0
135
136 Kind regards,
137 the voting system
138 BODY;
139 mail($board,"$tag - $title",$body,"From: Voting System <returns@caert.org>");
140 } else {
141 ?>
142 <b>The motion has NOT been proposed!</b><br/>
143 <a href="motions.php">Back to motions</a><br/>
144 <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
145 <br/>
146 <br/>
147 <?php
148 }
149 }
150
151 }
152 if (is_numeric($_REQUEST['motion'])) {
153 $stmt = $db->getStatement("get decision");
154 if ($stmt->execute(array($_REQUEST['motion']))) {
155 $motion = $stmt->fetch();
156 }
157 if (!is_numeric($motion['id'])) {
158 $motion = array();
159 foreach (array("title","content","quorum","majority") as $column) {
160 $motion[$column] = "";
161 }
162 $motion["proponent"] = $user['id'];
163 $motion["proposer"] = $user['name'];
164 }
165 } else {
166 $motion = array();
167 foreach (array("title","content","quorum","majority") as $column) {
168 $motion[$column] = "";
169 }
170 $motion["proponent"] = $user['id'];
171 $motion["proposer"] = $user['name'];
172 }
173 ?>
174 <form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
175 <input type="hidden" name="action" value="store" />
176 <?php
177 if (is_numeric($_REQUEST['motion'])) {
178 ?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
179 }
180 ?>
181 <table>
182 <tr><td>ID:</td><td><?php htmlesc($motion['tag']); ?></td></tr>
183 <tr><td>Proponent:</td><td><?php htmlesc($motion['proposer']); ?><input type="hidden" name="proponent" value="<?php htmlesc($user['id']); ?>"></td></tr>
184 <tr><td>Proposed:</td><td><?php htmlesc($motion['proposed']); ?> UTC</td></tr>
185 <tr><td>Title:</td><td><input name="title" value="<?php htmlesc($motion['title'])?>"></td></tr>
186 <tr><td>Text:</td><td><textarea name="content"><?php htmlesc($motion['content'])?></textarea></td></tr>
187 <tr><td>Quorum:</td><td><select name="quorum">
188 <option value="<?php echo(ceil($stats["voters"])); ?>" <?php if($motion['quorum'] == $stats["voters"]) { echo(" selected=\"selected\""); } ?>>100% Votes (<?php echo($stats["voters"]); ?>)</option>
189 <option value="<?php echo(ceil($stats["voters"] / 2)); ?>" <?php if($motion['quorum'] == ceil($stats["voters"] / 2)) { echo(" selected=\"selected\""); } ?>>50% Votes (<?php echo(ceil($stats["voters"] / 2)); ?>)</option>
190 <option value="2" <?php if($motion['quorum'] == 2) { echo(" selected=\"selected\""); } ?>>2 Votes</option>
191 <option value="1" <?php if($motion['quorum'] == 1) { echo(" selected=\"selected\""); } ?>>1 Vote</option>
192 </select></td></tr>
193 <tr><td>Majority:</td><td><select name="majority">
194 <option value="50" <?php if($motion['majority'] == 50) { echo(" selected=\"selected\""); } ?>>50%</option>
195 <option value="67" <?php if($motion['majority'] == 67) { echo(" selected=\"selected\""); } ?>>67%</option>
196 <option value="75" <?php if($motion['majority'] == 75) { echo(" selected=\"selected\""); } ?>>75%</option>
197 <option value="100" <?php if($motion['majority'] == 100) { echo(" selected=\"selected\""); } ?>>100%</option>
198 </td></tr>
199 <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'])?> UTC</td></tr>
200 <tr><td><select name="due">
201 <option value="+3 days">In 3 Days</option>
202 <option value="+7 days">In 1 Week</option>
203 <option value="+14 days">In 2 Weeks</option>
204 </select></td></tr>
205 <tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
206 </table>
207 </form>
208 <br/>
209 <a href="motions.php">Back to motions</a>
210 </body>
211 </html>