sign.php

   1 <?PHP
   2 include_once('/var/www/secure.php');
   3 include_once('slack.php');
   4 $petition_id = $_COOKIE['pID'];
   5 $VTRID = $_COOKIE['pVTRID'];
   6 if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
   7     $ip = $_SERVER['HTTP_CLIENT_IP'];
   8 } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
   9     $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  10 } else {
  11     $ip = $_SERVER['REMOTE_ADDR'];
  12 }
  13 $signed_name_as             = $petition->real_escape_string($_POST['signed_name_as']);
  14 $date_of_birth              = $petition->real_escape_string($_COOKIE['pDOB']);
  15 $signed_name_as_circulator  = $petition->real_escape_string($_POST['signed_name_as_circulator']);
  16 $contact_phone              = $petition->real_escape_string($_COOKIE['pPHONE']);
  17 $signature_status           = $petition->real_escape_string($_COOKIE['signature_status']);
  18 $bot_check                  = $petition->real_escape_string($_SERVER['HTTP_USER_AGENT']);
  19
  20 $petition->query("insert into signatures (VTRID,ip_address,date_of_birth,date_time_signed,just_date,petition_id,signed_name_as,signed_name_as_circulator,contact_phone,signature_status) values ('$VTRID','$ip','$date_of_birth',NOW(),NOW(),'$petition_id','$signed_name_as','$signed_name_as_circulator','$contact_phone','$signature_status')") or die(mysqli_error($petition));
  21 if($petition_id == '' || $petition_id == '0'){
  22     slack_general_admin("MISSING petition_id",'md-petition-signed');
  23     echo "<h1>AN ERROR HAS OCCURED - PLEASE TRY AGAIN <a href='reset.php'>HERE</a></h1>";
  24     die();  // do not clear invite!!!
  25 }
  26 slack_general_admin("$signed_name_as Petition $petition_id",'md-petition-signed');
  27
  28
  29 $last = $petition->insert_id;
  30 setcookie("invite_used", $_COOKIE['invite']);
  31 setcookie("invite", ""); // clear invite
  32 //header('Location: eligible.php');
  33 include_once('header.php');
  34
  35
  36
  37
  38 $q="SELECT ip_address, petition_id,VTRID, COUNT(*) as count FROM signatures where signature_status = 'verified' group by ip_address, petition_id, VTRID";
  39 $r = $petition->query($q);
  40 while($d = mysqli_fetch_array($r)){
  41   if ($d['count'] > 1){
  42     $msg = "*ALERT* https://www.md-petition.com/admin/abuse.php?ip_address=$d[ip_address] https://www.md-petition.com/admin/abuse.php?VTRID=$d[VTRID] $d[petition_id] $d[count]";
  43     slack_general_admin($msg,'md-petition-signed');
  44   }
  45 }
  46
  47
  48 $qX = "select * from website_text where id = '9'";
  49 $rX = $petition->query($qX);
  50 $dX = mysqli_fetch_array($rX);
  51 ?>
  52 <script>
  53     document.title = "MEPS - Petition Signed";
  54     alert("Petition Signed");
  55 </script>
  56 <div class='row'>
  57  <div class='col-sm-10' style='text-align:center;'><h1><?PHP echo $dX['text_title'];?></h1></div>
  58 </div>
  59 <div class='row'>
  60  <div class='col-sm-10' style='text-align:center;'><h2><?PHP echo $dX['text_block'];?></h2></div>
  61 </div>
  62 <div class='row'>
  63  <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-success btn-lg btn-block" onclick="window.open('printer.php?id=<?PHP echo $last;?>')">View and/or Print</button></div>
  64 </div>
  65 <div class='row'>
  66  <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-info btn-lg btn-block" onclick="window.location.href='eligible.php'">More Petitions</button></div>
  67 </div>
  68 <div class='row'>
  69  <div class='col-sm-10' style='text-align:center;'><br><button type="button" class="btn btn-danger btn-lg btn-block" onclick="window.location.href='reset.php'">Reset / Restart</button></div>
  70 </div>
  71 <?PHP
  72 include_once('footer.php');