[clinton/MarylandElectronicPetitionSignature.git] / sign.php

<?PHP 
include_once('/var/www/secure.php'); 
include_once('slack.php');
$petition_id = $_COOKIE['pID'];
$VTRID = $_COOKIE['pVTRID'];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
    $ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
    $ip = $_SERVER['REMOTE_ADDR'];
}
$signed_name_as             = $petition->real_escape_string($_POST['signed_name_as']);
$date_of_birth              = $petition->real_escape_string($_COOKIE['pDOB']);
$signed_name_as_circulator  = $petition->real_escape_string($_POST['signed_name_as_circulator']);
$contact_phone              = $petition->real_escape_string($_COOKIE['pPHONE']);
$signature_status           = $petition->real_escape_string($_COOKIE['signature_status']);
$bot_check                  = $petition->real_escape_string($_SERVER['HTTP_USER_AGENT']);

$petition->query("insert into signatures (bot_check,VTRID,ip_address,date_of_birth,date_time_signed,just_date,petition_id,signed_name_as,signed_name_as_circulator,contact_phone,signature_status) values ('$bot_check','$VTRID','$ip','$date_of_birth',NOW(),NOW(),'$petition_id','$signed_name_as','$signed_name_as_circulator','$contact_phone','$signature_status')") or die(mysqli_error($petition));
if($petition_id == '' || $petition_id == '0'){
    slack_general_admin("MISSING petition_id",'md-petition-signed'); 
    echo "<h1>AN ERROR HAS OCCURED - PLEASE TRY AGAIN <a href='reset.php'>HERE</a></h1>";   
    die();  // do not clear invite!!! 
}
slack_general_admin("$signed_name_as Petition $petition_id",'md-petition-signed');


$last = $petition->insert_id;
setcookie("invite_used", $_COOKIE['invite']);
setcookie("invite", ""); // clear invite
//header('Location: eligible.php');
include_once('header.php'); 


$q="SELECT ip_address, petition_id,VTRID, COUNT(*) as count FROM signatures where signature_status = 'verified' group by ip_address, petition_id, VTRID";
$r = $petition->query($q);
while($d = mysqli_fetch_array($r)){
  if ($d['count'] > 1){
    $msg = "*ALERT* https://www.md-petition.com/admin/abuse.php?ip_address=$d[ip_address] https://www.md-petition.com/admin/abuse.php?VTRID=$d[VTRID] $d[petition_id] $d[count]"; 
    slack_general_admin($msg,'md-petition-signed');
  }
}


$qX = "select * from website_text where id = '9'";
$rX = $petition->query($qX);
$dX = mysqli_fetch_array($rX);
?>
<script>
    document.title = "MEPS - Petition Signed";
    alert("Petition Signed");
</script>
<div class='row'>
 <div class='col-sm-10' style='text-align:center;'><h1><?PHP echo $dX['text_title'];?></h1></div>
</div>
<div class='row'>
 <div class='col-sm-10' style='text-align:center;'><h2><?PHP echo $dX['text_block'];?></h2></div>
</div>
<div class='row'>
 <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-success btn-lg btn-block" onclick="window.open('printer.php?id=<?PHP echo $last;?>')">View and/or Print</button></div>
</div>
<div class='row'>
 <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-info btn-lg btn-block" onclick="window.location.href='eligible.php'">More Petitions</button></div>
</div>
<div class='row'>
 <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-danger btn-lg btn-block" onclick="window.location.href='reset.php'">Reset / Restart</button></div>
</div>
<?PHP 
include_once('footer.php');
Commit	Line	Data
b208f391 PM	1	<?PHP
b208f391 PM	2	include_once('/var/www/secure.php');
b66e2577	3	include_once('slack.php');
b208f391 PM	4	$petition_id = $_COOKIE['pID'];
	5	$VTRID = $_COOKIE['pVTRID'];
	6	if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
	7	$ip = $_SERVER['HTTP_CLIENT_IP'];
	8	} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
	9	$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
	10	} else {
	11	$ip = $_SERVER['REMOTE_ADDR'];
	12	}
4319d4ba PM	13	$signed_name_as = $petition->real_escape_string($_POST['signed_name_as']);
	14	$date_of_birth = $petition->real_escape_string($_COOKIE['pDOB']);
	15	$signed_name_as_circulator = $petition->real_escape_string($_POST['signed_name_as_circulator']);
	16	$contact_phone = $petition->real_escape_string($_COOKIE['pPHONE']);
	17	$signature_status = $petition->real_escape_string($_COOKIE['signature_status']);
c43717cb	18	$bot_check = $petition->real_escape_string($_SERVER['HTTP_USER_AGENT']);
4319d4ba	19
616cb157	20	$petition->query("insert into signatures (bot_check,VTRID,ip_address,date_of_birth,date_time_signed,just_date,petition_id,signed_name_as,signed_name_as_circulator,contact_phone,signature_status) values ('$bot_check','$VTRID','$ip','$date_of_birth',NOW(),NOW(),'$petition_id','$signed_name_as','$signed_name_as_circulator','$contact_phone','$signature_status')") or die(mysqli_error($petition));
d6181b02	21	if($petition_id == '' \|\| $petition_id == '0'){
b66e2577 PM	22	slack_general_admin("MISSING petition_id",'md-petition-signed');
	23	echo "<h1>AN ERROR HAS OCCURED - PLEASE TRY AGAIN <a href='reset.php'>HERE</a></h1>";
	24	die(); // do not clear invite!!!
d6181b02	25	}
b66e2577 PM	26	slack_general_admin("$signed_name_as Petition $petition_id",'md-petition-signed');
b66e2577 PM	27
d6181b02	28
4319d4ba	29	$last = $petition->insert_id;
fed42b73 PM	30	setcookie("invite_used", $_COOKIE['invite']);
fed42b73 PM	31	setcookie("invite", ""); // clear invite
4319d4ba PM	32	//header('Location: eligible.php');
4319d4ba PM	33	include_once('header.php');
4397618f PM	34
4397618f PM	35
d6181b02	36
4397618f PM	37
	38	$q="SELECT ip_address, petition_id,VTRID, COUNT(*) as count FROM signatures where signature_status = 'verified' group by ip_address, petition_id, VTRID";
	39	$r = $petition->query($q);
	40	while($d = mysqli_fetch_array($r)){
	41	if ($d['count'] > 1){
	42	$msg = "ALERT https://www.md-petition.com/admin/abuse.php?ip_address=$d[ip_address] https://www.md-petition.com/admin/abuse.php?VTRID=$d[VTRID] $d[petition_id] $d[count]";
	43	slack_general_admin($msg,'md-petition-signed');
	44	}
	45	}
	46
	47
681bb530	48	$qX = "select * from website_text where id = '9'";
4319d4ba PM	49	$rX = $petition->query($qX);
	50	$dX = mysqli_fetch_array($rX);
	51	?>
9e0f5668 PM	52	<script>
9e0f5668 PM	53	document.title = "MEPS - Petition Signed";
1c9f9cea	54	alert("Petition Signed");
9e0f5668	55	</script>
4319d4ba PM	56	<div class='row'>
	57	<div class='col-sm-10' style='text-align:center;'><h1><?PHP echo $dX['text_title'];?></h1></div>
	58	</div>
	59	<div class='row'>
	60	<div class='col-sm-10' style='text-align:center;'><h2><?PHP echo $dX['text_block'];?></h2></div>
	61	</div>
	62	<div class='row'>
4397618f	63	<div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-success btn-lg btn-block" onclick="window.open('printer.php?id=<?PHP echo $last;?>')">View and/or Print</button></div>
4319d4ba PM	64	</div>
4319d4ba PM	65	<div class='row'>
4397618f	66	<div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-info btn-lg btn-block" onclick="window.location.href='eligible.php'">More Petitions</button></div>
4319d4ba PM	67	</div>
4319d4ba PM	68	<div class='row'>
4397618f	69	<div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-danger btn-lg btn-block" onclick="window.location.href='reset.php'">Reset / Restart</button></div>
4319d4ba PM	70	</div>
	71	<?PHP
	72	include_once('footer.php');