tyzoid
/
Flyers-Elections
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
4 提交
5 分支
目录树: 0a7a6f5aba
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '0a7a6f5aba'
${ noResults }
Flyers-Elections/web/admin/voting.php

voting.php 7.2KB
原始文件 Blame 文件历史

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224 
  1. <?php

  2. include('../inc/inc.php');

  3. 

  4. if (!$user->loggedin()) {

  5. 	header('Location: /login.php');

  6. 	die();

  7. }

  8. 

  9. if ($user->getRole() !== "admin") {

  10. 	header('Location: /index.php');

  11. 	die();

  12. }

  13. 

  14. function loadPositions() {

  15. 	global $db;

  16. 

  17. 	$_pos = $db->fetchAssoc("select position as code, description as label, active from positions");

  18. 	$positions = [];

  19. 	foreach ($_pos as $position)

  20. 		$positions[$position['code']] = [ "label" => $position['label'], "active" => $position['active']];

  21. 

  22. 	return $positions;

  23. }

  24. 

  25. function loadVoters() {

  26. 	global $db;

  27. 

  28. 	return $db->fetchAssoc('

  29. 	select

  30. 		MIN(skymanager_id) as `skymanager_id`,

  31. 		MIN(members.voting_id) as `voting_id`,

  32. 		MIN(name) as `name`,

  33. 		MIN(username) as `username`,

  34. 		group_concat(proxy.voting_id) as `proxies`,

  35. 		MIN(upstream_proxy.delegate_id) as `delegate`,

  36. 		md5(coalesce(MIN(email), "")) as `gravatar_hash`

  37. 	from members

  38. 		left join proxy on (members.voting_id=proxy.delegate_id)

  39. 		left join proxy as upstream_proxy on (upstream_proxy.voting_id=members.voting_id)

  40. 	where members.voting_id is not null

  41. 	group by members.voting_id

  42. 	UNION

  43. 	select skymanager_id, voting_id, name, username, NULL as `proxies`, NULL as `delegate`, md5(coalesce(email, "")) as `gravatar_hash`

  44. 	from members where members.voting_id is null');

  45. }

  46. 

  47. $result = null;

  48. // Create Position

  49. if (!empty($_POST['create'])) {

  50. 	$code = $_POST['add-position'];

  51. 	$desc = $_POST['add-description'];

  52. 

  53. 	if (empty($code) || empty($desc)) $error = "Both code and description are required";

  54. 

  55. 	if (empty($error)) {

  56. 		$result = $db->query('INSERT INTO positions (position, description) VALUES ("' . $db->sanitize($code) . '", "' . $db->sanitize($desc) . '")');

  57. 		if ($result === false)

  58. 			$error = "That position already exists.";

  59. 		else

  60. 			$error = "Created position " . htmlspecialchars($desc);

  61. 	}

  62. } else if (!empty($_POST['setActive']) || !empty($_POST['deactivate'])) {

  63. 	$positions = loadPositions();

  64. 

  65. 	$position = $_POST['ballot'];

  66. 	if (!array_key_exists($position, $positions)) $error = "That position does not exist";

  67. 	if (!empty($_POST['deactivate']))

  68. 		$position='';

  69. 		

  70. 

  71. 	if (empty($error)) {

  72. 		$result = $db->query('UPDATE positions set active=(position="' . $db->sanitize($_POST['ballot']) . '")');

  73. 		if ($result === false)

  74. 			$error = "Failed to set active position";

  75. 		else if (empty($position))

  76. 			$error = "Deactivated voting form";

  77. 		else

  78. 			$error = "Set " . htmlspecialchars($positions[$_POST['ballot']]['label']) . " as active.";

  79. 	}

  80. } else if (!empty($_POST['remove'])) {

  81. 	$positions = loadPositions();

  82. 

  83. 	if (!array_key_exists($_POST['ballot'], $positions)) $error = "That position does not exist";

  84. 

  85. 	if (empty($error)) {

  86. 		$result = $db->query('DELETE FROM positions WHERE position="' . $db->sanitize($_POST['ballot']) . '"');

  87. 		if ($result === false)

  88. 			$error = "Failed to remove position";

  89. 		else

  90. 			$error = "Removed " . htmlspecialchars($positions[$_POST['ballot']]['label']) . " and discarded cast ballots.";

  91. 	}

  92. } else if (!empty($_POST['force'])) {

  93. 	$voters = loadVoters();

  94. 	$values = [];

  95. 	$vid = [];

  96. 	foreach ($voters as $voter) {

  97. 		$vid[$voter['skymanager_id']] = $voter;

  98. 

  99. 		if ($voter['voting_id'])

  100. 			array_push($values, $voter['voting_id']);

  101. 	}

  102. 

  103. 	if (!array_key_exists($_POST['voter-smid'], $vid))

  104. 		$error = "Voter does not exist";

  105. 

  106. 	sort($values);

  107. 	$count = count($values);

  108. 	$rand = rand(100, 999-$count);

  109. 	for ($i = 0; $i < $count && $values[$i] <= $rand; $i++) {

  110. 		$rand++;

  111. 	}

  112. 

  113. 	if (empty($error)) {

  114. 		$result = $db->query('UPDATE members set voting_id=' . ((int) $rand) . ' where skymanager_id=' . ((int) $_POST['voter-smid']));

  115. 		if ($result === false)

  116. 			$error = "Failed to force check-in. Please try again.";

  117. 		else

  118. 			$error = "Assigned voting id $rand to {$vid[$_POST['voter-smid']]['name']}";

  119. 	}

  120. }

  121. 

  122. $positions = loadPositions();

  123. $voters = loadVoters();

  124. 

  125. $header = new Header("Michigan Flyers Election : Admin");

  126. $header->addStyle("/styles/style.css");

  127. $header->addStyle("/styles/admin.css");

  128. $header->addStyle("/styles/vote.css");

  129. $header->addScript("/js/jquery-1.11.3.min.js");

  130. $header->addScript("/js/search.js");

  131. $header->addScript("/js/admin-search.js");

  132. $header->setAttribute('title', 'Michigan Flyers');

  133. $header->setAttribute('tagline', 'Election Administration Tools');

  134. $header->output();

  135. 

  136. ?>

  137. <script type="text/javascript">

  138. var voters = <?= json_encode($voters); ?>;

  139. </script>

  140. <form action="voting.php" method="POST">

  141. <!--

  142. <div class="form-row">

  143. 	<div class="selector">

  144. 		<label class="radio">

  145. 			<input type="radio" name="button" value="ci" />

  146. 			<a class="radio-button-label" href="/admin/checkin.php">Check-In</a>

  147. 		</label>

  148. 		<label class="radio">

  149. 			<input type="radio" name="button" value="pe" />

  150. 			<a class="radio-button-label" href="/admin/paper.php">Paper Entry</a>

  151. 		</label>

  152. 		<label class="radio">

  153. 			<input type="radio" name="button" value="vo" checked />

  154. 			<a class="radio-button-label" href="#">Voting</a>

  155. 		</label>

  156. 		<label class="radio">

  157. 			<input type="radio" name="button" value="re" />

  158. 			<a class="radio-button-label" href="/admin/results.php">Results</a>

  159. 		</label>

  160. 	</div>

  161. </div>

  162. -->

  163. <?php if (!empty($error) || !empty($result)): ?>

  164. <div id="vote-result">

  165. 	<div id="status" class="<?= $result ? "success" : "failure"; ?>"></div>

  166. 	<div id="message" class="<?= $result ? "success" : "failure"; ?>">

  167. 		<?= !empty($error) ? $error : ($result ? "This Ballot has been successfully Submitted" :

  168. 			"This ballot has already been submitted.") ?>

  169. 	</div>

  170. </div>

  171. <?php endif; ?>

  172. <?php if (!empty($positions)): ?>

  173. <div class="form-section">

  174. 	<h3>Manage Positions</h3>

  175. 	<div class="form-row">

  176. 		<div class="selector">

  177. 		<?php foreach ($positions as $code => $position): ?>

  178. 			<label class="radio">

  179. 				<input type="radio" id="vote-<?= $code ?>" name="ballot" value="<?= $code ?>" <?= ($position['active']) ? 'checked' : '' ?> />

  180. 				<span class="radio-button-label"><?= $position['label'] ?></span>

  181. 			</label>

  182. 		<?php endforeach; ?>

  183. 		</div>

  184. 	</div>

  185. 	<div class="form-row split-button">

  186. 		<input class="submit danger" type="submit" name="remove" value="Remove Position & Ballots" />

  187. 		<input class="submit" type="submit" name="deactivate" value="Deactivate" />

  188. 		<input class="submit" type="submit" name="setActive" value="Set Active" />

  189. 	</div>

  190. </div>

  191. <?php endif; ?>

  192. <div class="form-section">

  193. 	<h3>Add Position</h3>

  194. 	<div class="form-row">

  195. 		<label for="add-position">Add Position Code</label>

  196. 		<input type="text" placeholder="PRES" id="add-position" name="add-position" value="" />

  197. 	</div>

  198. 	<div class="form-row">

  199. 		<label for="add-description">Add Position Description</label>

  200. 		<input type="text" placeholder="President" id="add-description" name="add-description" value="" />

  201. 	</div>

  202. 	<div class="form-row">

  203. 		<input class="submit" type="submit" name="create" value="Create Position" />

  204. 	</div>

  205. </div>

  206. <div class="form-section">

  207. 	<h3>Force Check-In</h3>

  208. 	<div class="form-row">

  209. 		<input type="text" placeholder="Voter Search" id="voter-searchbox" name="voter-searchbox" value="" />

  210. 		<div id="voter-results"></div>

  211. 		<input type="hidden" name="voter" id="voter-input" value="0" />

  212. 		<input type="hidden" name="voter-smid" id="voter-smid" value="0" />

  213. 		<div id="selectedVoter" class="selected candidate voter">

  214. 			<span class="placeholder">No Selected Voter</span>

  215. 		</div>

  216. 	</div>

  217. 	<div class="form-row">

  218. 		<input class="submit" type="submit" name="force" value="Force Check In" />

  219. 	</div>

  220. </div>

  221. </form>

  222. <?php

  223. $footer = new Footer();

  224. $footer->output();