HCoop / clinton / MarylandElectronicPetitionSignature.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update report.php
[clinton/MarylandElectronicPetitionSignature.git] / presign.php
1 <?PHP
2 session_start();
3 include_once('/var/www/secure.php');
4 include_once('slack.php');
5 $petition_id = $_COOKIE['pID'];
6 $VTRID = $_COOKIE['pVTRID'];
7 if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
8 $ip = $_SERVER['HTTP_CLIENT_IP'];
9 } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
10 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
11 } else {
12 $ip = $_SERVER['REMOTE_ADDR'];
13 }
14 function id2petition($id){
15 global $petition;
16 $q = "select petition_name from petitions where petition_id = '$id'";
17 $r = $petition->query($q);
18 $d = mysqli_fetch_array($r,MYSQLI_ASSOC);
19 return $d['petition_name'];
20 }
21 $signed_name_as = $petition->real_escape_string($_POST['signed_name_as']);
22 $date_of_birth = $petition->real_escape_string($_COOKIE['pDOB']);
23 $signed_name_as_circulator = $petition->real_escape_string($_POST['signed_name_as_circulator']);
24 $contact_phone = $petition->real_escape_string($_COOKIE['pPHONE']);
25 $signature_status = $petition->real_escape_string($_COOKIE['signature_status']);
26 $bot_check = $petition->real_escape_string($_SERVER['HTTP_USER_AGENT']);
27 $VoterList_table = $petition->real_escape_string($_COOKIE['VoterList_table']);
28 $php_session_id = session_id();
29 global $time_on_site;
30 if (empty($_COOKIE['start_time'])){
31 setcookie("start_time", time());
32 $time_on_site = 0;
33 }else{
34 $now = time();
35 $time_on_site = $now - $_COOKIE['start_time'];
36 }
37 $petition->query("insert into signatures (VoterList_table,php_session_id,bot_check,VTRID,ip_address,date_of_birth,date_time_signed,just_date,petition_id,signed_name_as,signed_name_as_circulator,contact_phone,signature_status)
38 values ('$VoterList_table','$php_session_id','$bot_check','$VTRID','$ip','$date_of_birth',NOW(),NOW(),'$petition_id','$signed_name_as','$signed_name_as_circulator','$contact_phone','$signature_status')") or die(mysqli_error($petition));
39
40 $last = $petition->insert_id;
41
42 $petition->query("update presign set presign_status = 'SIGNED' where php_session_id = '$php_session_id' and presign_status = 'NEW' ");
43 if($petition_id == '' || $petition_id == '0'){
44 slack_general_admin("MISSING petition_id",'md-petition-signed');
45 echo "<h1>AN ERROR HAS OCCURED - PLEASE TRY AGAIN <a href='reset.php'>HERE</a></h1>";
46 die(); // do not clear invite!!!
47 }
48
49
50
51 slack_general_admin("$signed_name_as ".id2petition($petition_id)." sig #".$last,'md-petition-signed');
52 setcookie("last", $last);
53 setcookie("invite_used", $_COOKIE['invite']);
54 setcookie("invite", ""); // clear invite
55
56
57
58
59
60 $q="SELECT ip_address, petition_id,VTRID, COUNT(*) as count FROM signatures where signature_status = 'verified' group by ip_address, petition_id, VTRID";
61 $r = $petition->query($q);
62 while($d = mysqli_fetch_array($r)){
63 if ($d['count'] > 1){
64 $msg = "*ALERT* https://www.md-petition.com/admin/analytics.php $d[ip_address] $d[VTRID] ".id2petition($d['petition_id'])." *$d[count]*";
65 slack_general_admin($msg,'md-petition-signed');
66 }
67 }
68
69 $q = "select exit_page from petitions where petition_id = '$petition_id'";
70 $r = $petition->query($q);
71 $d = mysqli_fetch_array($r,MYSQLI_ASSOC);
72 if ($d['exit_page'] != ''){
73 header('Location: '.$d['exit_page']);
74 die();
75 }
76
77 header('Location: sign.php?s='.$last);
78
79 ?>
Unnamed repository; edit this file 'description' to name the repository.