voting options and new motion links for board members only
[cacert-boardvoting.git] / motion.php
1 <?php
2 if ($_SERVER['HTTPS'] != 'on') {
3 header("HTTP/1.0 302 Redirect");
4 header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
5 exit();
6 }
7 require_once("database.php");
8 $db = new DB();
9 if (!($user = $db->auth())) {
10 header("HTTP/1.0 302 Redirect");
11 header("Location: denied.php");
12 exit();
13 }
14 $db->getStatement("stats")->execute();
15 $stats = $db->getStatement("stats")->fetch();
16 ?>
17 <html>
18 <head>
19 <title>CAcert Board Decisions</title>
20 <meta http-equiv="Content-Type" content="text/html; charset='UTF-8'" />
21 <link rel="stylesheet" type="text/css" href="styles.css" />
22 </head>
23 <body>
24 <?php
25 if ($_REQUEST['action'] == "store") {
26 if (is_numeric($_REQUEST['motion'])) {
27 $stmt = $db->getStatement("update decision");
28 $stmt->bindParam(":id",$_POST['motion']);
29 $stmt->bindParam(":proponent",$user['id']);
30 $stmt->bindParam(":title",$_POST['title']);
31 $stmt->bindParam(":content",$_POST['content']);
32 $stmt->bindParam(":due",$_POST['due']);
33 $stmt->bindParam(":votetype",$_POST['votetype']);
34 if ($stmt->execute()) {
35 ?>
36 <b>The motion has been proposed!</b><br/>
37 <a href="motions.php">Back to motions</a><br/>
38 <br/>
39 <br/>
40 <?php
41 $decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();
42 $name = $user['name'];
43 $tag = $decision['tag'];
44 $title = $decision['title'];
45 $content =$decision['content'];
46 $due = $decision['due']." UTC";
47 $votetype = !$decision['votetype'] ? 'motion' : 'veto';
48 $baseurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','',$_SERVER['REQUEST_URI']);
49 $voteurl = $baseurl."vote.php?motion=".$decision['id'];
50 $unvoted = $baseurl."motions.php?unvoted=1";
51 $body = <<<BODY
52 Dear Board,
53
54 $name has modified motion $tag to the following:
55
56 $title
57 $content
58
59 Vote type: $votetype
60
61 To vote please choose:
62
63 Aye: $voteurl&vote=1
64 Naye: $voteurl&vote=-1
65 Abstain: $voteurl&vote=0
66
67 Please be aware, that if you have voted already your vote is still registered and valid.
68 If this modification has an impact on how you wish to vote, you are responsible for voting
69 again.
70
71 To see all your outstanding votes : $unvoted
72
73 Kind regards,
74 the voting system
75 BODY;
76 $db->notify("Re: $tag - $title - modified",$body,$tag);
77 } else {
78 ?>
79 <b>The motion has NOT been proposed!</b><br/>
80 <a href="motions.php">Back to motions</a><br/>
81 <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
82 <br/>
83 <br/>
84 <?php
85 }
86 } else {
87 $stmt = $db->getStatement("create decision");
88 $stmt->bindParam(":proponent",$user['id']);
89 $stmt->bindParam(":title",$_POST['title']);
90 $stmt->bindParam(":content",$_POST['content']);
91 $stmt->bindParam(":votetype",$_POST['votetype']);
92 $stmt->bindParam(":due",$_POST['due']);
93 if ($stmt->execute()) {
94 $db->getStatement("post create")->execute();
95 ?>
96 <b>The motion has been proposed!</b><br/>
97 <a href="motions.php">Back to motions</a><br/>
98 <br/>
99 <br/>
100 <?php
101 $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
102 $name = $user['name'];
103 $tag = $decision['tag'];
104 $title = $decision['title'];
105 $content =$decision['content'];
106 $due = $decision['due']." UTC";
107 $votetype = !$decision['votetype'] ? 'motion' : 'veto';
108 $baseurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','',$_SERVER['REQUEST_URI']);
109 $voteurl = $baseurl."vote.php?motion=".$decision['id'];
110 $unvoted = $baseurl."motions.php?unvoted=1";
111 $body = <<<BODY
112 Dear Board,
113
114 $name has made the following motion:
115
116 $title
117 $content
118
119 Vote type: $votetype
120
121 Voting will close $due.
122
123 To vote please choose:
124
125 Aye: $voteurl&vote=1
126 Naye: $voteurl&vote=-1
127 Abstain: $voteurl&vote=0
128
129 To see all your outstanding votes : $unvoted
130
131 Kind regards,
132 the voting system
133 BODY;
134 $db->notify("$tag - $title",$body,$tag,TRUE);
135 } else {
136 ?>
137 <b>The motion has NOT been proposed!</b><br/>
138 <a href="motions.php">Back to motions</a><br/>
139 <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
140 <br/>
141 <br/>
142 <?php
143 }
144 }
145
146 }
147 if (is_numeric($_REQUEST['motion'])) {
148 $stmt = $db->getStatement("get decision");
149 if ($stmt->execute(array($_REQUEST['motion']))) {
150 $motion = $stmt->fetch();
151 }
152 if (!is_numeric($motion['id'])) {
153 $motion = array();
154 foreach (array("title","content") as $column) {
155 $motion[$column] = "";
156 }
157 $motion["proposer"] = $user['name'];
158 $motion["votetype"] = 0; // defaults to motion
159 }
160 } else {
161 $motion = array();
162 foreach (array("title","content") as $column) {
163 $motion[$column] = "";
164 }
165 $motion["proposer"] = $user['name'];
166 $motion["votetype"] = 0; // defaults to motion
167 }
168 ?>
169 <form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
170 <input type="hidden" name="action" value="store" />
171 <?php
172 if (is_numeric($_REQUEST['motion'])) {
173 ?><input type="hidden" name="motion" value="<?php echo($_REQUEST["motion"]); ?>" /><?php
174 }
175 ?>
176 <table>
177 <tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>
178 <tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?></td></tr>
179 <tr><td>Proposed date/time:</td><td><?php echo htmlentities($motion['proposed'] ? $motion['proposed']." UTC" : '(auto filled to current date/time)'); ?></td></tr>
180 <tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>
181 <tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>
182 <tr><td>Vote type:</td><td><select name="votetype">
183 <option value="0" <?php if(!$motion['votetype']) { echo(" selected=\"selected\""); } ?>>Motion</option>
184 <option value="1" <?php if($motion['votetype']) { echo(" selected=\"selected\""); } ?>>Veto</option>
185 </select></td></tr>
186 <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'] ? $motion['due'].' UTC' : '(autofilled from option below)')?></td></tr>
187 <tr><td><select name="due">
188 <option value="+3 days">In 3 Days</option>
189 <option value="+7 days">In 1 Week</option>
190 <option value="+14 days">In 2 Weeks</option>
191 <option value="+28 days">In 4 Weeks</option>
192 </select></td></tr>
193 <tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
194 </table>
195 </form>
196 <br/>
197 <a href="motions.php">Back to motions</a>
198 </body>
199 </html>