During patch review by Tobias Mueller <muelli@cryptobitch.de>, Tobias
pointed out that the original commit referenced above seemed to make a
change that was inappropriate. I reread my commit message and cannot
figure out why I made that change, at least, it doesn't make sense for
the reason I described, and Tobias is right that the escaped version
should be used here.
I've therefore corrected the problem and will test to see if any ill
effects occur.
The code that currently calls this only ever passes in a value that was
returned by elec_verify_voted_token() and as such no security issue
existed here.
However, assuming this function might be used for someone else in
future, we might as well case the value back to integer "just in case".
HT Tobias Mueller <muelli@cryptobitch.de> who pointed this out.
<mina86> it will never scroll [18:09]
<mina86> or I should say, unless you have *very* narrow browser window
<bkuhn> :)
<mina86> the names of the licences will wrap if it's too narrow [18:10]
<mina86> and horizontal scroll will appear only if individual words in license
names are too long
instead of relying on default foreground color.
Thanks to pehjota for this comment:
<pehjota> bkuhn: In vote.css for "input[type=text]", you might want to set
"color" in addition to "background-color". Otherwise, with my dark
GTK+ theme, I see white text in a light gray box, which is hard to
read. :)
This was primarily based on feedback from Richard Fontana, who said the
previous instructions were unclear.
I also figured it's better to refer to third party documents on what STV is,
rather than the vague description that was here previously.
foundationmembers was a table specific to the GNOME Foundation. This new
table, election_voters, allows creation of an electorate based on a list.
README is updated to explain how to use this table.
It's clear from the PHP code that there should be an integer field called
'preference' in the election_votes table. I suspect that at some point there
was an ALTER TABLE done that wasn't reflected in the schema.sql file.
This is probably not the right long-term solution. Ideally, I think it'd be
useful if elections could be marked private or public, and elections that are
public would be listed automatically, and private ones wouldn't appear.
It seems there are some remnants in the code that make it look like someone
was going to make a step 0, which would list the elections from the database,
but that was never done.
So, I've hard-coded what I wanted here, in hopes someone else comes along and
does it up right.
GNOME's Election committee was previously hard-code here, but the code is
more reusable if it is no longer hard-coded. The variables still default to
GNOME's details, but can be overridden with the configuration file.
With this change, schema.sql can be run directly from the mysql command line,
with a command such as:
$ mysql -u root -p -D dbname < .../vote/include/schema.sql
We're going to use this to run Conservancy project elections in future, and
as such we don't need records of old GNOME elections.
I'm leaving 2013 to use as a template.
