X-Git-Url: http://git.hcoop.net/clinton/MarylandElectronicPetitionSignature.git/blobdiff_plain/c703e49a4fd92d464a0f38d80f941cd90d8126e5..df027d15d8c419c6e8f1d20870a6c6ac2c8615d1:/eligible.php diff --git a/eligible.php b/eligible.php index c9ceb06..7ef3bf0 100644 --- a/eligible.php +++ b/eligible.php @@ -7,8 +7,15 @@ $web_last_name = $_COOKIE['web_last_name']; $web_house_number = $_COOKIE['web_house_number']; $web_zip_code = $_COOKIE['web_zip_code']; if ($web_first_name != '' && $web_last_name != '' && $web_house_number != '' && $web_zip_code != ''){ - // ok to check for records + include_once('header.php'); + $web_first_name = $petition->real_escape_string($web_first_name); + $web_last_name = $petition->real_escape_string($web_last_name); + $web_house_number = $petition->real_escape_string($web_house_number); + $web_zip_code = $petition->real_escape_string($web_zip_code); + $DOB = $petition->real_escape_string($DOB); + $PHONE = $petition->real_escape_string($PHONE); }else{ + // we should NEVER hit this page anymore header('Location: warning_incomplete.php'); } $q = "select * from VoterList where LASTNAME = '$web_last_name' and FIRSTNAME = '$web_first_name' and HOUSE_NUMBER = '$web_house_number' and RESIDENTIALZIP5 = '$web_zip_code'"; @@ -23,14 +30,17 @@ if ($d['VTRID'] != ''){ $RESIDENTIALCITY = $d['RESIDENTIALCITY']; $COUNTY = $d['COUNTY']; $RESIDENTIALZIP5 = $d['RESIDENTIALZIP5']; + slack_general('MATCH: eligible ('.$FIRSTNAME.' '.$LASTNAME.' '.$RESIDENTIALCITY.') ('.$_COOKIE['invite'].')','md-petition'); }else{ - header('Location: warning_not_found.php'); + slack_general('MISS: eligible ('.$web_first_name.' '.$web_last_name.' '.$PHONE.') ('.$_COOKIE['invite'].')','md-petition'); + header('Location: warning_not_found.php'); } if (isset($_GET['remove'])){ $id = $_GET['remove']; $q = "update signatures set signature_status = 'removed' where id = '$id'"; $petition->query($q); + slack_general('SQL: eligible ('.$q.') ('.$_COOKIE['invite'].')','md-petition'); header('Location: eligible.php'); } @@ -38,93 +48,87 @@ echo $head; $available=''; -$q2 = "SELECT * FROM petitions"; +$q2 = "SELECT * FROM petitions where admin_status = 'approved'"; $r2 = $petition->query($q2); while($d2 = mysqli_fetch_array($r2)){ $checked = ''; $field = $d2['eligibleVoterListField']; $pass = $d2['eligibleVoterListEquals']; - $q4 = "select * from signatures where VTRID = '$VTRID' and petition_id = '$d2[petition_id]' )"; - $r4 = $petition->query($q4); - $d4 = mysqli_fetch_array($r4); -if ($d4['id'] > 0){ - $available .= "