Remove ability to modify motions.
[cacert-boardvoting.git] / motion.php
index 71fe4b7..536de03 100644 (file)
@@ -4,12 +4,9 @@
                header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
                exit();
        }
-       $user = $_SERVER['REMOTE_USER'];
        require_once("database.php");
        $db = new DB();
-       $stmt = $db->getStatement("get voter");
-       $stmt->execute(array($user));
-       if (!($user = $stmt->fetch())) {
+       if (!($user = $db->auth())) {
                header("HTTP/1.0 302 Redirect");
                header("Location: denied.php");
                exit();
        <body>
                <?php
                if ($_REQUEST['action'] == "store") {
-                       if (is_numeric($_REQUEST['motion'])) {
-                               $stmt = $db->getStatement("update decision");
-                               $stmt->bindParam(":id",$_POST['motion']);
-                               $stmt->bindParam(":proponent",$_POST['proponent']);
-                               $stmt->bindParam(":title",$_POST['title']);
-                               $stmt->bindParam(":content",$_POST['content']);
-                               $stmt->bindParam(":quorum",$_POST['quorum']);
-                               $stmt->bindParam(":majority",$_POST['majority']);
-                               $stmt->bindParam(":due",$_POST['due']);
-                               if ($stmt->execute()) {
-                                       ?>
-                                       <b>The motion has been proposed!</b><br/>
-                                       <a href="motions.php">Back to motions</a><br/>
-                                       <br/>
-                                       <br/>
-                                       <?php
-                                       $decision = $db->getStatement("get decision")->execute(array($_POST['motion']))?$db->getStatement("get decision")->fetch():array();
-                                       $name = $user['name'];
-                                       $tag = $decision['tag'];
-                                       $title = $decision['title'];
-                                       $content =$decision['content'];
-                                       $due = $decision['due']." UTC";
-                                       $quorum = $decision['quorum'];
-                                       $majority = $decision['majority'];
-                                       $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
-                                       $body = <<<BODY
+                       $stmt = $db->getStatement("create decision");
+                       $stmt->bindParam(":proponent",$user['id']);
+                       $stmt->bindParam(":title",$_POST['title']);
+                       $stmt->bindParam(":content",$_POST['content']);
+                       $stmt->bindParam(":votetype",$_POST['votetype']);
+                       $stmt->bindParam(":due",$_POST['due']);
+                       if ($stmt->execute()) {
+                               ?>
+                               <b>The motion has been proposed!</b><br/>
+                               <a href="motions.php">Back to motions</a><br/>
+                               <br/>
+                               <br/>
+                               <?php
+                               $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
+                               $name = $user['name'];
+                               $tag = $decision['tag'];
+                               $title = $decision['title'];
+                               $content =$decision['content'];
+                               $due = $decision['due']." UTC";
+                               $votetype = !$decision['votetype'] ? 'motion' : 'veto';
+                               $baseurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','',$_SERVER['REQUEST_URI']);
+                               $voteurl = $baseurl."vote.php?motion=".$decision['id'];
+                               $unvoted = $baseurl."motions.php?unvoted=1";
+                               $body = <<<BODY
 Dear Board,
 
-$name has modified motion $tag to the following:
+$name has made the following motion:
 
 $title
 $content
 
-To pass a minimum of $quorum votes and a $majority% acceptance will be required.
+Vote type: $votetype
+
 Voting will close $due.
 
 To vote please choose:
@@ -68,81 +64,23 @@ Aye: $voteurl&vote=1
 Naye: $voteurl&vote=-1
 Abstain: $voteurl&vote=0
 
-Please be aware, that if you have voted already your vote is still registered and valid.
-If this modification has an impact on how you wish to vote, you are responsible for voting
-again.
+To see all your outstanding votes : $unvoted
 
 Kind regards,
 the voting system
 BODY;
-                                       $db->notify("Re: $tag - $title",$body);
-                               } else {
-                                       ?>
-                                       <b>The motion has NOT been proposed!</b><br/>
-                                       <a href="motions.php">Back to motions</a><br/>
-                                       <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
-                                       <br/>
-                                       <br/>
-                                       <?php
-                               }
+                               $db->notify("$tag - $title",$body,$tag,TRUE);
                        } else {
-                               $stmt = $db->getStatement("create decision");
-                               $stmt->bindParam(":proponent",$_POST['proponent']);
-                               $stmt->bindParam(":title",$_POST['title']);
-                               $stmt->bindParam(":content",$_POST['content']);
-                               $stmt->bindParam(":quorum",$_POST['quorum']);
-                               $stmt->bindParam(":majority",$_POST['majority']);
-                               $stmt->bindParam(":due",$_POST['due']);
-                               if ($stmt->execute()) {
-                                       $db->getStatement("post create")->execute();
-                                       ?>
-                                       <b>The motion has been proposed!</b><br/>
-                                       <a href="motions.php">Back to motions</a><br/>
-                                       <br/>
-                                       <br/>
-                                       <?php
-                                       $decision = $db->getStatement("get new decision")->execute()?$db->getStatement("get new decision")->fetch():array();
-                                       $name = $user['name'];
-                                       $tag = $decision['tag'];
-                                       $title = $decision['title'];
-                                       $content =$decision['content'];
-                                       $due = $decision['due']." UTC";
-                                       $quorum = $decision['quorum'];
-                                       $majority = $decision['majority'];
-                                       $voteurl = "https://".$_SERVER['HTTP_HOST'].":".$_SERVER['SERVER_PORT'].preg_replace('/motion\.php/','vote.php',$_SERVER['REQUEST_URI'])."?motion=".$decision['id'];
-                                       $body = <<<BODY
-Dear Board,
-
-$name has made the following motion:
-
-$title
-$content
-
-To pass a minimum of $quorum votes and a $majority% acceptance will be required.
-Voting will close $due.
-
-To vote please choose:
-
-Aye: $voteurl&vote=1
-Naye: $voteurl&vote=-1
-Abstain: $voteurl&vote=0
-
-Kind regards,
-the voting system
-BODY;
-                                       $db->notify("$tag - $title",$body);
-                               } else {
-                                       ?>
-                                       <b>The motion has NOT been proposed!</b><br/>
-                                       <a href="motions.php">Back to motions</a><br/>
-                                       <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
-                                       <br/>
-                                       <br/>
-                                       <?php
-                               }
+                               ?>
+                               <b>The motion has NOT been proposed!</b><br/>
+                               <a href="motions.php">Back to motions</a><br/>
+                               <i><?php echo join("<br/>\n",$stmt->errorInfo()); ?></i><br/>
+                               <br/>
+                               <br/>
+                               <?php
                        }
-                       
                }
+                       
                if (is_numeric($_REQUEST['motion'])) {
                        $stmt = $db->getStatement("get decision");
                        if ($stmt->execute(array($_REQUEST['motion']))) {
@@ -150,19 +88,19 @@ BODY;
                        }
                        if (!is_numeric($motion['id'])) {
                                $motion = array();
-                               foreach (array("title","content","quorum","majority") as $column) {
+                               foreach (array("title","content") as $column) {
                                        $motion[$column] = "";
                                }
-                               $motion["proponent"] = $user['id'];
                                $motion["proposer"] = $user['name'];
+                               $motion["votetype"] = 0; // defaults to motion
                        }
                } else {
                        $motion = array();
-                       foreach (array("title","content","quorum","majority") as $column) {
+                       foreach (array("title","content") as $column) {
                                $motion[$column] = "";
                        }
-                       $motion["proponent"] = $user['id'];
                        $motion["proposer"] = $user['name'];
+                       $motion["votetype"] = 0; // defaults to motion
                }
                ?>
                <form <?php if (is_numeric($_REQUEST['motion'])) { echo(" action=\"?\""); } ?> method="POST">
@@ -174,27 +112,20 @@ BODY;
                        ?>
                <table>
                        <tr><td>ID:</td><td><?php echo htmlentities($motion['tag']); ?></td></tr>
-                       <tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?><input type="hidden" name="proponent" value="<?php echo htmlentities($user['id']); ?>"></td></tr>
-                       <tr><td>Proposed:</td><td><?php echo htmlentities($motion['proposed']); ?> UTC</td></tr>
+                       <tr><td>Proponent:</td><td><?php echo htmlentities($motion['proposer']); ?></td></tr>
+                       <tr><td>Proposed date/time:</td><td><?php echo htmlentities($motion['proposed'] ? $motion['proposed']." UTC" : '(auto filled to current date/time)'); ?></td></tr>
                        <tr><td>Title:</td><td><input name="title" value="<?php echo htmlentities($motion['title'])?>"></td></tr>
                        <tr><td>Text:</td><td><textarea name="content"><?php echo htmlspecialchars($motion['content'])?></textarea></td></tr>
-                       <tr><td>Quorum:</td><td><select name="quorum">
-                               <option value="<?php echo(ceil($stats["voters"])); ?>" <?php if($motion['quorum'] == $stats["voters"]) { echo(" selected=\"selected\""); } ?>>100% Votes (<?php echo($stats["voters"]); ?>)</option>
-                               <option value="<?php echo(ceil($stats["voters"] / 2)); ?>" <?php if($motion['quorum'] == ceil($stats["voters"] / 2)) { echo(" selected=\"selected\""); } ?>>50% Votes (<?php echo(ceil($stats["voters"] / 2)); ?>)</option>
-                               <option value="2" <?php if($motion['quorum'] == 2) { echo(" selected=\"selected\""); } ?>>2 Votes</option>
-                               <option value="1" <?php if($motion['quorum'] == 1) { echo(" selected=\"selected\""); } ?>>1 Vote</option>
+                       <tr><td>Vote type:</td><td><select name="votetype">
+                               <option value="0" <?php if(!$motion['votetype']) { echo(" selected=\"selected\""); } ?>>Motion</option>
+                               <option value="1" <?php if($motion['votetype']) { echo(" selected=\"selected\""); } ?>>Veto</option>
                        </select></td></tr>
-                       <tr><td>Majority:</td><td><select name="majority">
-                               <option value="50" <?php if($motion['majority'] == 50) { echo(" selected=\"selected\""); } ?>>50%</option>
-                               <option value="67" <?php if($motion['majority'] == 67) { echo(" selected=\"selected\""); } ?>>67%</option>
-                               <option value="75" <?php if($motion['majority'] == 75) { echo(" selected=\"selected\""); } ?>>75%</option>
-                               <option value="100" <?php if($motion['majority'] == 100) { echo(" selected=\"selected\""); } ?>>100%</option>
-                       </td></tr>
-                       <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'])?> UTC</td></tr>
+                       <tr><td rowspan="2">Due:</td><td><?php echo($motion['due'] ? $motion['due'].' UTC' : '(autofilled from option below)')?></td></tr>
                        <tr><td><select name="due">
                                <option value="+3 days">In 3 Days</option>
                                <option value="+7 days">In 1 Week</option>
                                <option value="+14 days">In 2 Weeks</option>
+                               <option value="+28 days">In 4 Weeks</option>
                        </select></td></tr>
                        <tr><td>&nbsp;</td><td><input type="submit" value="Propose" /></td></tr>
                </table>