admin/petitions.php

   1 <?PHP
   2 include_once('../slack.php');
   3 include_once('security.php');
   4 if ($_COOKIE['level'] == 'user'){
   5   slack_general('ADMIN: Redirect User Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
   6   header('Location: user_home.php');
   7 }
   8 include_once('header.php');
   9 slack_general('ADMIN: petition manager Loaded ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
  10 $group_id = $_COOKIE['group_id'];
  11
  12 if(empty($_POST['petition_id']) && isset($_POST['petition_name']) ){ // new
  13   $web_short_name = $petition->real_escape_string($_POST['web_short_name']);
  14   $web_color = $petition->real_escape_string($_POST['web_color']);
  15   $petition_name = $petition->real_escape_string($_POST['petition_name']);
  16   $petition->query("insert into petitions (web_short_name,web_color,group_id,petition_name) values ('$web_short_name','$web_color','$group_id','$petition_name') ");
  17   header('Location: petitions.php');
  18 }
  19 if(isset($_POST['petition_id']) && isset($_POST['petition_name']) ){ // edit
  20   $petition_id               = $petition->real_escape_string($_POST['petition_id']);
  21   $web_short_name               = $petition->real_escape_string($_POST['web_short_name']);
  22   $web_color                    = $petition->real_escape_string($_POST['web_color']);
  23   $petition_name                = $petition->real_escape_string($_POST['petition_name']);
  24   $petition_sign_text_box       = $petition->real_escape_string($_POST['petition_sign_text_box']);
  25   $petition_circulator_text_box = $petition->real_escape_string($_POST['petition_circulator_text_box']);
  26   $eligibleVoterListEnforce     = $petition->real_escape_string($_POST['eligibleVoterListEnforce']);
  27   $eligibleVoterListField       = $petition->real_escape_string($_POST['eligibleVoterListField']);
  28   $eligibleVoterListEquals      = $petition->real_escape_string($_POST['eligibleVoterListEquals']);
  29   $petition->query("update petitions set web_short_name='$web_short_name', web_color='$web_color', petition_name='$petition_name', petition_sign_text_box='$petition_sign_text_box', petition_circulator_text_box='$petition_circulator_text_box', eligibleVoterListEnforce='$eligibleVoterListEnforce', eligibleVoterListField='$eligibleVoterListField', eligibleVoterListEquals='$eligibleVoterListEquals' where petition_id = '$petition_id' ");
  30   header('Location: petitions.php');
  31 }
  32 ?>
  33 <h1>Petitions</h1>
  34 <?PHP
  35 if($_COOKIE['level'] == 'admin'){
  36   $q="SELECT * FROM petitions";
  37 }else{
  38   $q="SELECT * FROM petitions where group_id = '$group_id'";
  39 }
  40 $r = $petition->query($q);
  41 while($d = mysqli_fetch_array($r)){
  42  echo "<li><a href='?edit=$d[petition_id]'>EDIT</a> $d[admin_status] $d[web_short_name] $d[web_color] $d[group_id] $d[petition_name] $d[eligibleVoterListField] $d[eligibleVoterListEquals] $d[eligibleVoterListEnforce]</li>";
  43 }
  44 ?>
  45
  46 <?PHP
  47 if (isset($_GET['edit'])){
  48 $id = intval($_GET['edit']);
  49 $q = "SELECT * FROM petitions where petition_id = '$id' ";
  50 $r = $petition->query($q);
  51 $d = mysqli_fetch_array($r);
  52 ?>
  53 <h1>Edit Petition Setup</h1>
  54 <h3>Please keep whatever text you use in a word or google doc that you control, copy and paste here.</h3>
  55 <form method='post'>
  56   <input type='hidden' name='petition_id' value='<?PHP echo $id;?>'>
  57   <table>
  58     <tr><td>Web Short Name*</td><td><input name='web_short_name' value='<?PHP echo $d['web_short_name'];?>' required></td></tr>
  59     <tr><td>Web Color</td><td><input name='web_color' value='<?PHP echo $d['web_color'];?>' required></td></tr>
  60     <tr><td>Petition Name</td><td><input name='petition_name' value='<?PHP echo $d['petition_name'];?>' required></td></tr>
  61     <tr><td>Petition Sign Text Box</td><td><textarea rows='5' cols='50' name='petition_sign_text_box' required><?PHP echo $d['petition_sign_text_box'];?></textarea></td></tr>
  62     <tr><td>Petition Circulator Text Box</td><td><textarea rows='5' cols='50' name='petition_circulator_text_box' required><?PHP echo $d['petition_circulator_text_box'];?></textarea></td></tr>
  63     <tr><td>eligibleVoterList Enforce</td><td><select name='eligibleVoterListEnforce'><option><?PHP echo $d['eligibleVoterListEnforce'];?></option><option>NO</option><option>YES</option></select></td></tr>
  64     <tr><td>eligibleVoterList Field</td><td><input name='eligibleVoterListField' value='<?PHP echo $d['eligibleVoterListField'];?>' required></td></tr>
  65     <tr><td>eligibleVoterList Equals</td><td><input name='eligibleVoterListEquals' value='<?PHP echo addslashes($d['eligibleVoterListEquals']);?>' required></td></tr>
  66     <tr><td></td><td><input type='submit'></td></tr>
  67   </table>
  68 </form>
  69 * changes may break already sent invites!
  70
  71 <?PHP
  72  }
  73 ?>
  74 <h1>New Petition</h1>
  75 <form method='post'>
  76   web_short_name <input name='web_short_name' required>
  77   web_color <input name='web_color' required>
  78   petition_name <input name='petition_name' required>
  79   <input type='submit'>
  80 </form>
  81 <br><br><br>
  82 <?PHP
  83 include_once('footer.php');
  84 ?>