2005-10-24 17:59:15 +00:00
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<?php
require_once ("include/election-sql.php");
$max_step = 4;
if (!isset ($_POST["step"])) {
$step = 1;
} else {
$step = $_POST["step"];
}
if ($step > $max_step || $step < 1) {
$step = 1;
}
$result = "";
$error = "";
$handle = elec_sql_open ();
if ($handle === FALSE) {
$error .= "Can not open the database.<br />\n";
$step = 0;
}
$election_id = -1;
if ($step == 1) {
2009-06-08 10:25:21 +00:00
if (isset ($_GET["election_id"]) && is_numeric ($_GET["election_id"])) {
2005-10-24 17:59:15 +00:00
$election_id = $_GET["election_id"];
2009-06-08 10:25:21 +00:00
} else if (isset ($_GET["id"]) && is_numeric ($_GET["id"])) {
$election_id = $_GET["id"]; //FIXME: Remove this else path after 2009 elections
}
2005-10-24 17:59:15 +00:00
} else if ($step >= 1) {
if (isset ($_POST["election_id"]) && is_numeric ($_POST["election_id"]))
$election_id = $_POST["election_id"];
}
if ($election_id == -1) {
2013-12-18 22:33:06 +00:00
$error .= "A menu of elections is not available. A URL that includes the election id is required. This should have been given to you when you were asked to vote.<br />\n";
2005-10-24 17:59:15 +00:00
$step = 0;
} else {
$election = elec_get_election ($handle, $election_id);
if ($election === FALSE) {
$error .= "The specified election/referendum does not exist.<br />\n";
$step = 0;
} else if (!elec_election_is_current ($election)) {
2009-06-06 13:00:37 +00:00
$error .= "The voting period for the specified ".htmlspecialchars(elec_election_get_type ($election))." starts on ".htmlspecialchars($election["voting_start"])." (UTC) and ends on ".htmlspecialchars($election["voting_end"])." (UTC). It is not possible to vote now.<br />\n";
2005-10-24 17:59:15 +00:00
$step = 0;
}
}
if ($step > 1) {
$email = "";
2005-10-24 18:25:43 +00:00
$tmp_token = "";
if (isset ($_POST["email"]) && isset ($_POST["tmp_token"])) {
2005-10-24 17:59:15 +00:00
$email = $_POST["email"];
2005-10-24 18:25:43 +00:00
$tmp_token = $_POST["tmp_token"];
2005-10-24 17:59:15 +00:00
}
2005-10-24 18:25:43 +00:00
if (!elec_verify_email_tmp_token ($handle, $election_id, $email, $tmp_token)) {
2005-10-24 17:59:15 +00:00
$step = 1;
2009-06-04 19:18:37 +00:00
$error .= "The e-mail address and token you gave do not match an existing voter, or you have already voted.<br />\n";
2005-10-24 17:59:15 +00:00
} else {
2005-10-24 18:25:43 +00:00
$choices = elec_choices_get ($handle, $election_id);
2005-10-24 17:59:15 +00:00
2009-06-04 19:18:37 +00:00
if (!elec_verify_elections ($choices)) {
2009-06-06 13:00:37 +00:00
$error .= "The ".htmlspecialchars(elec_election_get_type ($election))." is not properly set up.\n";
2005-10-24 17:59:15 +00:00
$step = 0;
}
}
}
2009-06-04 19:18:37 +00:00
?>
<head>
<link rel="stylesheet" type="text/css" href="vote.css" />
<?php
if ($step==2)
{
?>
<style>
2014-02-10 22:09:45 +00:00
table {
width: 100%;
table-layout: fixed;
border: 4px solid #FFF;
border-collapse: collapse;
}
td.canddata, td.prefdata {
border: 4px solid #FFF;
width: 50%;
height: 27em;
background: #E0FFD0;
padding: 0.5em;
vertical-align: top;
}
.canddata h3, .prefdata h3 {
margin-top: 0;
2009-06-04 19:18:37 +00:00
}
2005-10-24 17:59:15 +00:00
2009-06-04 19:18:37 +00:00
.canddata ul{
list-style-type: none;
list-style-position: inside;
}
.prefdata ol{
list-style-position: outside;
2005-10-24 17:59:15 +00:00
}
2009-06-04 19:18:37 +00:00
.canddata ul li:hover, .prefdata ol li:hover{
background: #E0E0E0;
cursor: pointer;
}
</style>
<?php
}
?>
2014-02-10 17:09:35 +00:00
<title>Votes</title>
2009-06-04 19:18:37 +00:00
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<?php
2009-06-06 11:54:24 +00:00
function escape_js_var($var) {
2009-06-06 14:12:53 +00:00
$var = preg_replace("([\\\'\"\/])", "\\$1", $var);
$var = str_replace("\n", "\\n", $var);
$var = str_replace("\r", "\\r", $var);
2009-06-06 11:54:24 +00:00
return $var;
}
2009-06-04 19:18:37 +00:00
if ($step==2)
{
?>
<script type="text/javascript">
//<![CDATA[
2010-06-15 11:44:24 +00:00
// @licstart The following is the entire license notice for the JavaScript code in this page.
// The JavaScript code in this page is free software: you can
// redistribute it and/or modify it under the terms of the GNU
// General Public License (GNU GPL) as published by the Free Software
// Foundation, either version 2 of the License, or (at your option)
// any later version. The code is distributed WITHOUT ANY WARRANTY;
// without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU GPL for more details.
// @licend The above is the entire license notice for the JavaScript code in this page.
2009-06-04 19:18:37 +00:00
function addPreference(listItem)
{
var preferenceList = document.getElementById('preferences');
listItem.parentNode.removeChild(listItem);
preferenceList.appendChild(listItem);
listItem.setAttribute('onclick', 'removePreference(this)');
}
function removePreference(listItem)
{
var candidateList = document.getElementById('candidates');
listItem.parentNode.removeChild(listItem);
candidateList.appendChild(listItem);
listItem.setAttribute('onclick', 'addPreference(this)');
}
2005-10-24 17:59:15 +00:00
2009-06-04 19:18:37 +00:00
function populateList(){
var candidateList = document.getElementById('candidates');
var listItem;
var prefInput;
var listItemText;
2005-10-24 17:59:15 +00:00
2009-06-04 19:18:37 +00:00
<?php
$index=0;
foreach ($choices as $choice) {
$index++;
echo " listItem = document.createElement('li');\n";
2009-06-06 11:54:24 +00:00
echo " listItem.setAttribute('name', 'vote" . escape_js_var($choice["id"]) . "');\n";
2009-06-04 19:18:37 +00:00
echo " listItem.setAttribute('onclick', 'addPreference(this)');\n";
2009-06-06 11:54:24 +00:00
echo " listItemText = document.createTextNode('" . escape_js_var($choice["choice"]) . "');\n";
2009-06-04 19:18:37 +00:00
echo " listItem.appendChild(listItemText);\n";
echo " candidateList.appendChild(listItem);\n\n";
echo " prefInput = document.createElement('input');\n";
echo " prefInput.value = '';\n";
echo " prefInput.name = 'pref$index';\n";
echo " prefInput.id = 'pref$index';\n";
echo " prefInput.type = 'hidden';\n";
echo " document.forms[0].appendChild(prefInput);\n";
echo "\n";
}
?>
2005-10-24 17:59:15 +00:00
2009-06-04 19:18:37 +00:00
}
function submitPreferences() {
// Traverse OL, get name & position of preferences, and for each preference,
// set value of hidden input with name prefN to value voteM before submitting
var preferenceList = document.getElementById('preferences');
var pref;
var i = 0;
var index = 0;
// Iterate through the list
for( i = 0; i < preferenceList.childNodes.length; i++ )
{
node = preferenceList.childNodes[i];
// If we have a list item, get its name & set the appropriate hidden input
if (node.nodeName.toLowerCase() == 'li')
{
index++;
pref=document.getElementById('pref'+index)
pref.value = node.getAttribute('name');
// DEBUG: alert(pref.name + '=' + pref.value);
}
}
}
//]]>
</script>
2009-06-06 14:35:52 +00:00
</head>
<body onLoad="populateList()">
2009-06-04 19:18:37 +00:00
<?php
2009-06-06 14:35:52 +00:00
} else { // Here $step!=2
2009-06-04 19:18:37 +00:00
?>
</head>
<body>
<?php
2009-06-06 14:35:52 +00:00
}
2009-06-04 19:18:37 +00:00
?>
2009-06-06 14:35:52 +00:00
2009-06-04 19:18:37 +00:00
<?php
if (isset ($election) && $election !== FALSE) {
2009-06-06 11:54:24 +00:00
echo "<h1>".htmlspecialchars($election["name"])."</h1>\n";
2009-06-04 19:18:37 +00:00
}
if ($step >= 2) {
2005-10-24 18:25:43 +00:00
$votes_array = elec_vote_get_votes_from_post ($choices);
2005-10-24 17:59:15 +00:00
$vote = -1;
2009-06-04 19:18:37 +00:00
$res = elec_verify_vote_is_valid ($choices, $vote, $votes_array);
2005-10-24 17:59:15 +00:00
if ($res != "") {
2009-06-06 13:00:37 +00:00
$error .= "The vote you made is not valid: ".htmlspecialchars($res)."<br />\n";
2005-10-24 17:59:15 +00:00
$step = 2;
}
}
if ($step == 4) {
/* vote has been confirmed */
require ("include/step4-commit.php");
$result = step4_do ();
} else if ($step == 3) {
/* confirm vote */
require ("include/step3-confirm.php");
$result = step3_do ();
} else if ($step == 2) {
/* choose vote */
require ("include/step2-choose.php");
$result = step2_do ();
} else if ($step == 1) {
/* login */
require ("include/step1-login.php");
$result = step1_do ();
} else {
if (!isset ($error) || $error == "")
$error = "Unknown error.<br />\n";
}
if (isset ($handle))
elec_sql_close ($handle);
2013-12-18 22:26:15 +00:00
global $committee_name;
global $committee_email;
2005-10-24 17:59:15 +00:00
if (isset ($error) && $error != "") {
2009-06-06 13:00:37 +00:00
echo "<div class=\"error\">".$error."</div>\n";;
2013-12-18 22:26:15 +00:00
echo "<p>If you don't understand the error, you should probably contact the $committee_name, which can be reached at <a href=\"mailto:$committee_email\">$committee_email</a>.</p>\n";
2005-10-24 17:59:15 +00:00
}
if ($step != $max_step && $step >= 1) {
2009-06-06 11:54:24 +00:00
echo "<form action=\"".htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES)."\" method=\"post\"";
2009-06-04 19:18:37 +00:00
if ($step == 2) {
2009-06-06 14:31:25 +00:00
echo " onsubmit=\"submitPreferences()\"";
2009-06-04 19:18:37 +00:00
}
echo ">\n";
2005-10-24 17:59:15 +00:00
}
2009-06-06 11:54:24 +00:00
echo $result; // already HTML escaped
2005-10-24 17:59:15 +00:00
if ($step != $max_step && $step >= 1) {
if ($step > 1) {
2009-06-06 11:54:24 +00:00
echo " <input type=\"hidden\" name=\"email\" value=\"". htmlspecialchars($email)."\" />\n";
echo " <input type=\"hidden\" name=\"tmp_token\" value=\"".htmlspecialchars($tmp_token)."\" />\n";
2005-10-24 17:59:15 +00:00
}
if ($step > 2) {
2009-06-04 19:18:37 +00:00
$index=0;
foreach ($votes_array as $vote) {
$index++;
$name = "pref".$index;
$value = "vote".$vote;
2005-10-24 17:59:15 +00:00
2009-06-06 11:54:24 +00:00
echo " <input type=\"hidden\" name=\"".htmlspecialchars($name)."\" value=\"".htmlspecialchars($value)."\" />\n";
2005-10-24 17:59:15 +00:00
}
}
2009-06-06 11:54:24 +00:00
echo " <input type=\"hidden\" name=\"election_id\" value=\"".htmlspecialchars($election_id)."\" />\n";
echo " <input type=\"hidden\" name=\"step\" value=\"".htmlspecialchars($step + 1)."\" />\n";
2005-11-13 15:05:03 +00:00
echo " <input type=\"submit\" value=\"Continue to next step\" />\n";
2005-10-24 17:59:15 +00:00
echo "</form>\n";
}
?>
2009-06-04 19:18:37 +00:00
</body>
</html>