X-Git-Url: https://git.hcoop.net/clinton/MarylandElectronicPetitionSignature.git/blobdiff_plain/66e03a53c06f00d843ae579441b7d19e1119c874..b697498f5308dc64bc86f070f76a342cc2f4f058:/eligible.php?ds=sidebyside diff --git a/eligible.php b/eligible.php index ebe4ba5..7510d57 100644 --- a/eligible.php +++ b/eligible.php @@ -7,8 +7,15 @@ $web_last_name = $_COOKIE['web_last_name']; $web_house_number = $_COOKIE['web_house_number']; $web_zip_code = $_COOKIE['web_zip_code']; if ($web_first_name != '' && $web_last_name != '' && $web_house_number != '' && $web_zip_code != ''){ - // ok to check for records + include_once('header.php'); + $web_first_name = $petition->real_escape_string($web_first_name); + $web_last_name = $petition->real_escape_string($web_last_name); + $web_house_number = $petition->real_escape_string($web_house_number); + $web_zip_code = $petition->real_escape_string($web_zip_code); + $DOB = $petition->real_escape_string($DOB); + $PHONE = $petition->real_escape_string($PHONE); }else{ + // we should NEVER hit this page anymore header('Location: warning_incomplete.php'); } $q = "select * from VoterList where LASTNAME = '$web_last_name' and FIRSTNAME = '$web_first_name' and HOUSE_NUMBER = '$web_house_number' and RESIDENTIALZIP5 = '$web_zip_code'"; @@ -23,14 +30,17 @@ if ($d['VTRID'] != ''){ $RESIDENTIALCITY = $d['RESIDENTIALCITY']; $COUNTY = $d['COUNTY']; $RESIDENTIALZIP5 = $d['RESIDENTIALZIP5']; + slack_general('MATCH: eligible ('.$FIRSTNAME.' '.$LASTNAME.' '.$RESIDENTIALCITY.') ('.$_COOKIE['invite'].')','md-petition'); }else{ - header('Location: warning_not_found.php'); + slack_general('MISS: eligible ('.$web_first_name.' '.$web_last_name.' '.$PHONE.') ('.$_COOKIE['invite'].')','md-petition'); + header('Location: warning_not_found.php'); } if (isset($_GET['remove'])){ $id = $_GET['remove']; $q = "update signatures set signature_status = 'removed' where id = '$id'"; $petition->query($q); + slack_general('SQL: eligible ('.$q.') ('.$_COOKIE['invite'].')','md-petition'); header('Location: eligible.php'); } @@ -38,99 +48,85 @@ echo $head; $available=''; -$q2 = "SELECT * FROM petitions"; +$q2 = "SELECT * FROM petitions where admin_status = 'approved'"; $r2 = $petition->query($q2); while($d2 = mysqli_fetch_array($r2)){ $checked = ''; $field = $d2['eligibleVoterListField']; $pass = $d2['eligibleVoterListEquals']; - $q4 = "select * from signatures where VTRID = '$VTRID' and petition_id = '$d2[petition_id]' and signature_status <> 'removed' "; - $r4 = $petition->query($q4); - $d4 = mysqli_fetch_array($r4); -if ($d4['id'] > 0){ - $available .= "
"; - }elseif($d[$field] == $pass){ - $checked = ''; - if($_COOKIE['invite'] != '' && strtoupper($_COOKIE['invite']) == strtoupper($d2['web_short_name'])){ + + + + if($d[$field] == $pass){ + // good to go + $checked = ''; + if($_COOKIE['invite'] != '' && strtoupper($_COOKIE['invite']) == strtoupper($d2['web_short_name'])){ $checked = 'checked'; }else{ $checked = ''; } $available .= "