3 use strict qw(refs vars);
9 my $self= $ENV{'SCRIPT_FILENAME'};
10 $self= $0 unless defined $self;
11 $self= realpath $self;
12 my $sballotdir= $self;
13 $sballotdir =~ s,/[^/]*$,,;
15 chdir $sballotdir or die "$sballotdir $!";
23 print header(-status=>500), start_html('Secret ballot - error'),
24 h1("error"), strong($m), end_html();
28 my $issueid= param('issue');
29 fail('bad issueid') if $issueid =~ m/[^-0-9a-z]/ or $issueid =~ m/^[^0-9a-z]/;
31 open T, "issues/$issueid/title" or fail("unknown issue $!");
32 my $title= <T>; chomp $title or die $!;
33 my $regexp= <T>; chomp $regexp or die $!;
36 my $vote= param('vote');
37 my $ident= param('ident');
38 my $pw= param('password');
42 open M, $vfile or fail("unknown psuedonym $!");
43 my $m= <M>; chomp $m or die $!;
46 $m =~ m/^(\S+) (\S.*)$/ or die;
50 sub issue_and_title () {
52 dt('Issue ID'), dd(escapeHTML($issueid)),
53 dt('Title'), dd(escapeHTML($title))
57 if (length $vote or length $ident or length $pw) {
58 fail('bad pseudonym') if !defined $ident or $ident =~ m/[^0-9a-z]/;
60 fail('bad password') if !defined $pw or $pw =~ m/[^0-9a-z]/;
61 my $pwhash= hash($pw);
63 fail('bad vote') if $vote =~ m/[^0-9a-z]/i;
66 fail("invalid vote - consult administrator's instructions")
67 unless $vote =~ /^(?:$regexp)$/io;
69 my $vfile= "issues/$issueid/v.$ident";
70 my ($exp_pwhash, $oldvote) = read_vfile($vfile);
71 $exp_pwhash eq $pwhash or fail("wrong password");
73 open N, "> $vfile.new" or die $!;
74 print N "$pwhash $vote\n" or die $!;
77 rename "$vfile.new", $vfile or die "$vfile $!";
79 print(header(), start_html('Secret ballot - vote recorded'),
80 h1('Vote recorded'), '<dl>',
82 dt('Old vote'), dd($oldvote),
83 dt('New vote'), dd($vote), '</dl>',
84 end_html()) or die $!;
88 if (param('results') or param('email_results')) {
90 The moderators' votes (so far) are as follows:
92 foreach my $vfile (sort <issues/$issueid/v.*>) {
93 $vfile =~ m,/v\.([0-9a-f]+)([^/]*)$, or die;
95 die "$vfile $2" if length $2;
97 my ($dummy_pwhash, $vote) = read_vfile($vfile);
98 $txt .= " $ident $vote\n";
102 See the email from the administrator for the meanings of the above
103 votes. There is no automatic counting; the above is just a list
104 of the entries provided by the voting moderators.
107 if (param('email_results')) {
109 print P <<END or die $!;
110 To: $setting{ABBREV} moderators <$setting{MODEMAIL}>
111 Subject: Secret ballot results for $setting{ABBREV}
113 One of the moderators for $setting{GROUP}
114 has requested that the results of the following ballot be sent out:
121 moderation system robot
123 print(header(), start_html('Secret ballot - email sent'),
125 p('The email has been sent and should arrive shortly'),
130 print(header(), start_html('Secret ballot - results'),
131 h1('Results so far'),
132 '<dl>',issue_and_title(),'</dl>',
133 pre(escapeHTML($txt)),
139 print(header(), start_html('Secret ballot - voting page'),
141 p('Wait for the email from the administrator confirming '.
142 'that this is the actual live ballot before voting. '.
143 "The administrator's email will tell you what to put in".
145 h1('Voting form'), '<dl>',
146 start_form(-method=>'POST'),
147 hidden('issue',$issueid),
149 dt('Pseudonym'), dd(textfield(-name=>'ident', -size=>($hashlen+10))),
150 dt('Password'), dd(textfield(-name=>'password', -size=>($hashlen+10))),
151 dt('Vote'), dd(textfield(-name=>'vote', -size=>40)),
153 submit('Cast your vote'),
156 p('This allows you to view the results (so far)'),
157 start_form(-method=>'GET'), hidden('issue',$issueid),
158 p(submit(-name=>'results',
159 -value=>'Show results')),
160 p(submit(-name=>'email_results',
161 -value=>"Send results to moderators' list")),