From a8e574ef2897e9ca709c2cfa5ff78d2f69464092 Mon Sep 17 00:00:00 2001 From: Callan Barrett Date: Thu, 27 Dec 2007 04:38:39 +0900 Subject: AUR Voting Application Added support for TU voting through AUR Signed-off-by: Callan Barrett --- web/html/addvote.php | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 web/html/addvote.php (limited to 'web/html/addvote.php') diff --git a/web/html/addvote.php b/web/html/addvote.php new file mode 100644 index 0000000..91a0658 --- /dev/null +++ b/web/html/addvote.php @@ -0,0 +1,79 @@ +Username does not exist."; + } else { + $qcheck = "SELECT * FROM TU_VoteInfo WHERE User = '" . mysql_real_escape_string($_REQUEST['user']) . "'"; + $qcheck.= " AND Submitted + " . $aweek . " > UNIX_TIMESTAMP()"; + $check = mysql_num_rows(db_query($qcheck, $dbh)); + + if ($check != 0) { + $error.= "
" . mysql_real_escape_string($_REQUEST['user']) . " already has proposal running for them.
"; + } + } + } + + if (empty($_REQUEST['agenda'])) { + $error.= "
Proposal cannot be empty.
"; + } + } + + if (!empty($_POST['addVote']) && empty($error)) { + $q = "INSERT INTO TU_VoteInfo (Agenda, User, Submitted, SubmitterID) VALUES "; + $q.= "('" . mysql_real_escape_string($_REQUEST['agenda']) . "', "; + $q.= "'" . mysql_real_escape_string($_REQUEST['user']) . "', "; + $q.= "UNIX_TIMESTAMP(), " . uid_from_sid($_COOKIE["AURSID"]) . ")"; + + db_query($q, $dbh); + print "

New proposal submitted.

\n"; + } else { +?> +

Submit a proposal to vote on.

+"; } ?> +
+Applicant/TU: +'> +(empty if not applicable) +
+Proposal:
+
+ + +
+
+Back"; +} else { + print "You are not allowed to access this area.\n"; +} + +html_footer(AUR_VERSION); +# vim: ts=2 sw=2 noet ft=php + +?> -- cgit v1.2.3-70-g09d2