tyzoid
/
Flyers-Elections
ウォッチ 1
スター 0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 0 Wiki アクティビティ
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
8 コミット
5 ブランチ
ブランチ: heroku
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'heroku' から
${ noResults }
Flyers-Elections/web/admin/voting.php

voting.php 6.8KB
Raw パーマリンク Blame 履歴

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213 
  1. <?php

  2. include('../inc/inc.php');

  3. 

  4. if (!$user->loggedin()) {

  5. 	header('Location: /login.php');

  6. 	die();

  7. }

  8. 

  9. if ($user->getRole() !== "admin") {

  10. 	header('Location: /index.php');

  11. 	die();

  12. }

  13. 

  14. function loadPositions() {

  15. 	global $db;

  16. 

  17. 	$_pos = $db->fetchAssoc("select position as code, description as label, active from positions");

  18. 	$positions = [];

  19. 	foreach ($_pos as $position)

  20. 		$positions[$position['code']] = [ "label" => $position['label'], "active" => $position['active']];

  21. 

  22. 	return $positions;

  23. }

  24. 

  25. function loadVoters() {

  26. 	global $db;

  27. 

  28. 	$voters = $db->fetchAssoc('

  29. 	select

  30. 		MIN(skymanager_id) as `skymanager_id`,

  31. 		MIN(members.voting_id) as `voting_id`,

  32. 		MIN(name) as `name`,

  33. 		MIN(username) as `username`,

  34. 		group_concat(proxy.voting_id) as `proxies`,

  35. 		MIN(upstream_proxy.delegate_id) as `delegate`,

  36. 		coalesce(MIN(email), "") as `gravatar_email`

  37. 	from members

  38. 		left join proxy on (members.voting_id=proxy.delegate_id)

  39. 		left join proxy as upstream_proxy on (upstream_proxy.voting_id=members.voting_id)

  40. 	where members.voting_id is not null

  41. 	group by members.voting_id

  42. 	UNION

  43. 	select skymanager_id, voting_id, name, username, NULL as `proxies`, NULL as `delegate`, coalesce(email, "") as `gravatar_email`

  44. 	from members where members.voting_id is null');

  45. 

  46. 	get_gravatar_assoc($voters);

  47. 	return $voters;

  48. }

  49. 

  50. $result = null;

  51. // Create Position

  52. if (!empty($_POST['create'])) {

  53. 	$code = $_POST['add-position'];

  54. 	$desc = $_POST['add-description'];

  55. 

  56. 	if (empty($code) || empty($desc)) $error = "Both code and description are required";

  57. 

  58. 	if (empty($error)) {

  59. 		$result = $db->query('INSERT INTO positions (position, description) VALUES ("' . $db->sanitize($code) . '", "' . $db->sanitize($desc) . '")');

  60. 		if ($result === false)

  61. 			$error = "That position already exists.";

  62. 		else

  63. 			$error = "Created position " . htmlspecialchars($desc);

  64. 	}

  65. } else if (!empty($_POST['setActive']) || !empty($_POST['deactivate'])) {

  66. 	if (!array_key_exists('ballot', $_POST)) {

  67. 		$error = "No position selected";

  68. 	} else {

  69. 		$positions = loadPositions();

  70. 

  71. 		$position = $_POST['ballot'];

  72. 		if (!array_key_exists($position, $positions)) $error = "That position does not exist";

  73. 		if (!empty($_POST['deactivate']))

  74. 			$position='';

  75. 

  76. 

  77. 		if (empty($error)) {

  78. 			$result = $db->query('UPDATE positions set active=(position="' . $db->sanitize($position) . '")');

  79. 			if ($result === false)

  80. 				$error = "Failed to set active position";

  81. 			else if (empty($position))

  82. 				$error = "Deactivated voting form";

  83. 			else

  84. 				$error = "Set " . htmlspecialchars($positions[$_POST['ballot']]['label']) . " as active.";

  85. 		}

  86. 	}

  87. } else if (!empty($_POST['remove'])) {

  88. 	if (!array_key_exists('ballot', $_POST)) {

  89. 		$error = "No position selected";

  90. 	} else {

  91. 		$positions = loadPositions();

  92. 

  93. 		if (!array_key_exists($_POST['ballot'], $positions)) $error = "That position does not exist";

  94. 

  95. 		if (empty($error)) {

  96. 			$result = $db->query('DELETE FROM positions WHERE position="' . $db->sanitize($_POST['ballot']) . '"');

  97. 			if ($result === false)

  98. 				$error = "Failed to remove position";

  99. 			else

  100. 				$error = "Removed " . htmlspecialchars($positions[$_POST['ballot']]['label']) . " and discarded cast ballots.";

  101. 		}

  102. 	}

  103. } else if (!empty($_POST['force'])) {

  104. 	$voters = loadVoters();

  105. 	$values = [];

  106. 	$vid = [];

  107. 	foreach ($voters as $voter) {

  108. 		$vid[$voter['skymanager_id']] = $voter;

  109. 

  110. 		if ($voter['voting_id'])

  111. 			array_push($values, $voter['voting_id']);

  112. 	}

  113. 

  114. 	if (!array_key_exists($_POST['voter-smid'], $vid))

  115. 		$error = "Voter does not exist";

  116. 

  117. 	sort($values);

  118. 	$count = count($values);

  119. 	$rand = rand(100, 999-$count);

  120. 	for ($i = 0; $i < $count && $values[$i] <= $rand; $i++) {

  121. 		$rand++;

  122. 	}

  123. 

  124. 	if (empty($error)) {

  125. 		$result = $db->query('UPDATE members set voting_id=' . ((int) $rand) . ' where skymanager_id=' . ((int) $_POST['voter-smid']));

  126. 		if ($result === false)

  127. 			$error = "Failed to force check-in. Please try again.";

  128. 		else

  129. 			$error = "Assigned voting id $rand to {$vid[$_POST['voter-smid']]['name']}";

  130. 	}

  131. }

  132. 

  133. $positions = loadPositions();

  134. $voters = loadVoters();

  135. 

  136. $header = new Header("Michigan Flyers Election : Admin");

  137. $header->addStyle("/styles/style.css");

  138. $header->addStyle("/styles/admin.css");

  139. $header->addStyle("/styles/vote.css");

  140. $header->addScript("/js/jquery-1.11.3.min.js");

  141. $header->addScript("/js/search.js");

  142. $header->addScript("/js/admin-search.js");

  143. $header->setAttribute('title', 'Michigan Flyers');

  144. $header->setAttribute('tagline', 'Election Administration Tools');

  145. $header->output();

  146. 

  147. ?>

  148. <script type="text/javascript">

  149. var voters = <?= json_encode($voters); ?>;

  150. </script>

  151. <form action="voting.php" method="POST">

  152. <?php if (!empty($error) || !empty($result)): ?>

  153. <div id="vote-result">

  154. 	<div id="status" class="<?= $result ? "success" : "failure"; ?>"></div>

  155. 	<div id="message" class="<?= $result ? "success" : "failure"; ?>">

  156. 		<?= !empty($error) ? $error : ($result ? "This Ballot has been successfully Submitted" :

  157. 			"This ballot has already been submitted.") ?>

  158. 	</div>

  159. </div>

  160. <?php endif; ?>

  161. <?php if (!empty($positions)): ?>

  162. <div class="form-section">

  163. 	<h3>Manage Positions</h3>

  164. 	<div class="form-row">

  165. 		<div class="selector">

  166. 		<?php foreach ($positions as $code => $position): ?>

  167. 			<label class="radio">

  168. 				<input type="radio" id="vote-<?= $code ?>" name="ballot" value="<?= $code ?>" <?= ($position['active']) ? 'checked' : '' ?> />

  169. 				<span class="radio-button-label"><?= $position['label'] ?></span>

  170. 			</label>

  171. 		<?php endforeach; ?>

  172. 		</div>

  173. 	</div>

  174. 	<div class="form-row split-button">

  175. 		<input class="submit danger" type="submit" name="remove" value="Remove Position & Ballots" />

  176. 		<input class="submit" type="submit" name="deactivate" value="Deactivate" />

  177. 		<input class="submit" type="submit" name="setActive" value="Set Active" />

  178. 	</div>

  179. </div>

  180. <?php endif; ?>

  181. <div class="form-section">

  182. 	<h3>Add Position</h3>

  183. 	<div class="form-row">

  184. 		<label for="add-position">Add Position Code</label>

  185. 		<input type="text" placeholder="PRES" id="add-position" name="add-position" value="" />

  186. 	</div>

  187. 	<div class="form-row">

  188. 		<label for="add-description">Add Position Description</label>

  189. 		<input type="text" placeholder="President" id="add-description" name="add-description" value="" />

  190. 	</div>

  191. 	<div class="form-row">

  192. 		<input class="submit" type="submit" name="create" value="Create Position" />

  193. 	</div>

  194. </div>

  195. <div class="form-section">

  196. 	<h3>Force Check-In</h3>

  197. 	<div class="form-row">

  198. 		<input type="text" placeholder="Voter Search" id="voter-searchbox" name="voter-searchbox" value="" />

  199. 		<div id="voter-results"></div>

  200. 		<input type="hidden" name="voter" id="voter-input" value="0" />

  201. 		<input type="hidden" name="voter-smid" id="voter-smid" value="0" />

  202. 		<div id="selectedVoter" class="selected candidate voter">

  203. 			<span class="placeholder">No Selected Voter</span>

  204. 		</div>

  205. 	</div>

  206. 	<div class="form-row">

  207. 		<input class="submit" type="submit" name="force" value="Force Check In" />

  208. 	</div>

  209. </div>

  210. </form>

  211. <?php

  212. $footer = new Footer();

  213. $footer->output();