X-Git-Url: https://git.hcoop.net/clinton/MarylandElectronicPetitionSignature.git/blobdiff_plain/5b555233b04e1198b92f95dc8e25796f22f1bb1b..b697498f5308dc64bc86f070f76a342cc2f4f058:/eligible.php diff --git a/eligible.php b/eligible.php index 9267f2d..7510d57 100644 --- a/eligible.php +++ b/eligible.php @@ -7,8 +7,15 @@ $web_last_name = $_COOKIE['web_last_name']; $web_house_number = $_COOKIE['web_house_number']; $web_zip_code = $_COOKIE['web_zip_code']; if ($web_first_name != '' && $web_last_name != '' && $web_house_number != '' && $web_zip_code != ''){ - // ok to check for records + include_once('header.php'); + $web_first_name = $petition->real_escape_string($web_first_name); + $web_last_name = $petition->real_escape_string($web_last_name); + $web_house_number = $petition->real_escape_string($web_house_number); + $web_zip_code = $petition->real_escape_string($web_zip_code); + $DOB = $petition->real_escape_string($DOB); + $PHONE = $petition->real_escape_string($PHONE); }else{ + // we should NEVER hit this page anymore header('Location: warning_incomplete.php'); } $q = "select * from VoterList where LASTNAME = '$web_last_name' and FIRSTNAME = '$web_first_name' and HOUSE_NUMBER = '$web_house_number' and RESIDENTIALZIP5 = '$web_zip_code'"; @@ -23,77 +30,103 @@ if ($d['VTRID'] != ''){ $RESIDENTIALCITY = $d['RESIDENTIALCITY']; $COUNTY = $d['COUNTY']; $RESIDENTIALZIP5 = $d['RESIDENTIALZIP5']; + slack_general('MATCH: eligible ('.$FIRSTNAME.' '.$LASTNAME.' '.$RESIDENTIALCITY.') ('.$_COOKIE['invite'].')','md-petition'); }else{ - header('Location: warning_not_found.php'); + slack_general('MISS: eligible ('.$web_first_name.' '.$web_last_name.' '.$PHONE.') ('.$_COOKIE['invite'].')','md-petition'); + header('Location: warning_not_found.php'); } -echo $head; +if (isset($_GET['remove'])){ + $id = $_GET['remove']; + $q = "update signatures set signature_status = 'removed' where id = '$id'"; + $petition->query($q); + slack_general('SQL: eligible ('.$q.') ('.$_COOKIE['invite'].')','md-petition'); + header('Location: eligible.php'); +} +echo $head; $available=''; -$q2 = "SELECT * FROM petitions"; +$q2 = "SELECT * FROM petitions where admin_status = 'approved'"; $r2 = $petition->query($q2); while($d2 = mysqli_fetch_array($r2)){ + $checked = ''; $field = $d2['eligibleVoterListField']; $pass = $d2['eligibleVoterListEquals']; - $q4 = "select * from signatures where VTRID = '$VTRID' and petition_id = '$d2[petition_id]' "; - $r4 = $petition->query($q4); - $d4 = mysqli_fetch_array($r4); - if ($d4['id'] > 0){ - $available .= "
"; - }elseif($d[$field] == $pass){ + + + + if($d[$field] == $pass){ + // good to go + $checked = ''; if($_COOKIE['invite'] != '' && strtoupper($_COOKIE['invite']) == strtoupper($d2['web_short_name'])){ $checked = 'checked'; }else{ $checked = ''; } $available .= "