$q = "select * from signatures where id = '$id' ";
$r = $petition->query($q);
$d = mysqli_fetch_array($r);
-
+$ip_address = $d['ip_address'];
$DOB = $d['date_of_birth'];
$SIGNED = $d['date_time_signed'];
$PETITION_ID = $d['petition_id'];
-$signed_name_as = $d['signed_name_as'];
-$signed_name_as_circulator = $d['signed_name_as_circulator'];
-if ($_COOKIE['pVTRID'] != $d['VTRID']){
- slack_general('SECURITY INVALID: soft_copy.php ('.$_COOKIE['invite'].')','md-petition');
+$VoterList_table = $d['VoterList_table'];
+$signed_name_as = ucwords(strtolower($d['signed_name_as']));
+$signed_name_as_circulator = ucwords(strtolower($d['signed_name_as_circulator']));
+if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
+ $ip = $_SERVER['HTTP_CLIENT_IP'];
+} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+} else {
+ $ip = $_SERVER['REMOTE_ADDR'];
+}
+if ($ip != $d['ip_address']){
+ slack_general('SECURITY INVALID: soft_copy.php '.$ip.' vs '.$d['ip_address'].' ('.$_COOKIE['invite'].')','md-petition');
die('Error #294');
}
-$q2 = "select * from VoterList where VTRID = '$d[VTRID]' ";
+$q2 = "select * from $VoterList_table where VTRID = '$d[VTRID]' ";
$r2 = $petition->query($q2);
$d2 = mysqli_fetch_array($r2);
$FIRSTNAME = $d2['FIRSTNAME'];
$hide_county = $dX['hide_county_on_petition'];
$offset_x = $dX['offset_x_cords'];
$offset_y = $dX['offset_y_cords'];
+$offset_x_circulator = $dX['offset_x_cords_circulator'];
+$offset_y_circulator = $dX['offset_y_cords_circulator'];
// imagettftext ( resource $image , float $size , float $angle , int $x , int $y , int $color , string $fontfile , string $text )
// x how far from left
// name
-imagettftext($jpg_image, 40, 0, 100+$offset_x, 2880+$offset_y, $black, $font_path, $_COOKIE['pNAME']);
+imagettftext($jpg_image, 40, 0, 100+$offset_x_circulator, 2880+$offset_y_circulator, $black, $font_path, $_COOKIE['pNAME']);
// address
-imagettftext($jpg_image, 40, 0, 100+$offset_x, 2975+$offset_y, $black, $font_path, $_COOKIE['pADDRESS1']);
+imagettftext($jpg_image, 40, 0, 100+$offset_x_circulator, 2975+$offset_y_circulator, $black, $font_path, $_COOKIE['pADDRESS1']);
// city state zip
-imagettftext($jpg_image, 40, 0, 100+$offset_x, 3065+$offset_y, $black, $font_path, $_COOKIE['pADDRESS2']);
+imagettftext($jpg_image, 40, 0, 100+$offset_x_circulator, 3065+$offset_y_circulator, $black, $font_path, $_COOKIE['pADDRESS2']);
// phone
-imagettftext($jpg_image, 40, 0, 100+$offset_x, 3160+$offset_y, $black, $font_path, $_COOKIE['pPHONE']);
+imagettftext($jpg_image, 40, 0, 100+$offset_x_circulator, 3160+$offset_y_circulator, $black, $font_path, $_COOKIE['pPHONE']);
// signed
-imagettftext($jpg_image, 70, 0, 1290+$offset_x, 3160+$offset_y, $black, $font_path_sig, $signed_name_as_circulator);
+imagettftext($jpg_image, 70, 0, 1290+$offset_x_circulator, 3160+$offset_y_circulator, $black, $font_path_sig, $signed_name_as_circulator);
// date signed
-imagettftext($jpg_image, 50, 0, 2150+$offset_x, 3160+$offset_y, $black, $font_path, date('m / d / y',strtotime($SIGNED)));
+imagettftext($jpg_image, 50, 0, 2150+$offset_x_circulator, 3160+$offset_y_circulator, $black, $font_path, date('m / d / y',strtotime($SIGNED)));
HCoop / clinton / MarylandElectronicPetitionSignature.git / blobdiff