# HG changeset patch
# User Matti Hamalainen <ccr@tnsp.org>
# Date 1485383886 -7200
# Node ID 4c76b4994414adcacd828ba087624d66df6c7d04
# Parent  4a95cd4fa34133caf19bb17188062922e843cff7
Somewhat refactor usrajax and voting.

diff -r 4a95cd4fa341 -r 4c76b4994414 pages/vote.inc.php
--- a/pages/vote.inc.php	Thu Jan 26 00:30:58 2017 +0200
+++ b/pages/vote.inc.php	Thu Jan 26 00:38:06 2017 +0200
@@ -15,6 +15,19 @@
     " </div>\n";
 }
 
+function stVoteLoginForm()
+{
+  return
+    "<div class=\"voteLogin\">\n".
+    " ".stGetFormStart("vote", "usrlogin.php").
+    " ".stGetFormHiddenInput("mode", "vote")."\n".
+    " ".stGetFormHiddenInput("goto", "vote")."\n".
+    "  Enter your vote key:\n".
+    "  ".stGetFormTextInput($userKeyLen > 30 ? $userKeyLen : 30, $userKeyLen, "key", "", "", "", "autocomplete=\"off\" autofocus=\"autofocus\"")."\n".
+    "  ".stGetFormSubmitInput("login", "Login")."\n".
+    " </form>\n".
+    "</div>\n";
+}
 
 // Check if voting is enabled
 if (!stChkSetting("allowVoting"))
@@ -62,16 +75,7 @@
       "<h1>Voting system</h1>\n";
   }
 
-  echo
-    "<div class=\"voteLogin\">\n".
-    " ".stGetFormStart("vote", "usrlogin.php").
-    " ".stGetFormHiddenInput("mode", "vote")."\n".
-    " ".stGetFormHiddenInput("goto", "vote")."\n".
-    "  Enter your vote key:\n".
-    "  ".stGetFormTextInput($userKeyLen > 30 ? $userKeyLen : 30, $userKeyLen, "key", "", "", "", "autocomplete=\"off\" autofocus=\"autofocus\"")."\n".
-    "  ".stGetFormSubmitInput("login", "Login")."\n".
-    " </form>\n".
-    "</div>\n";
+  echo stVoteLoginForm();
 }
 else
 if (($mode = stGetSessionItem("mode")) == "vote")
@@ -173,8 +177,25 @@
 else
 if ($mode == "done")
 {
-  // Voting finished
+  // Voting finished successfully
   echo stGetSetting("voteFinishedText");
   stSessionEnd(SESS_USER);
 }
+else
+if ($mode == "error")
+{
+  // Error cases in session, when using form submit
+  echo
+    "<h1>Voting system error</h1>\n".
+    "<ul class=\"notice\">\n";
+
+  foreach (stGetSessionItem("error") as $msg)
+    echo " <li>".chentities($msg)."</li>\n";
+
+  echo
+    "</ul>\n".
+    stVoteLoginForm();
+
+  stSessionEnd(SESS_USER);
+}
 ?> 
\ No newline at end of file
diff -r 4a95cd4fa341 -r 4c76b4994414 usrajax.php
--- a/usrajax.php	Thu Jan 26 00:30:58 2017 +0200
+++ b/usrajax.php	Thu Jan 26 00:38:06 2017 +0200
@@ -81,6 +81,31 @@
 
 $voteKeyId = stGetSessionItem("key_id");
 
+//
+// Check vote key validity
+//
+$sql = stPrepareSQL("SELECT * FROM votekeys WHERE id=%d", $voteKeyId);
+if (($key = stFetchSQL($sql)) === false)
+{
+  stError("Votekey does not exist.");
+}
+else
+{
+  // Validate login based on current vote key mode
+  switch (stGetSetting("voteKeyMode"))
+  {
+    case VOTE_ACTIVATE:
+      if ($key["active"] == 0)
+        stError("Votekey is not active.");
+      break;
+
+    case VOTE_ASSIGN:
+      $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]);
+      if (stFetchSQL($sql) === false)
+        stError("Votekey is not assigned to any user.");
+      break;
+  }
+}
 
 //
 // Handle the request
@@ -91,6 +116,7 @@
     //
     // Set vote, if voting is enabled
     //
+    $ajax = TRUE;
     if (!stChkSetting("allowVoting"))
       stError("Voting is not enabled.");
     else
@@ -113,34 +139,27 @@
     break;
 
   case "submit":
+    //
+    // Submit all votes, if voting is enabled
+    //
+    $ajax = FALSE;
     if (!stChkSetting("allowVoting"))
       stError("Voting is not enabled.");
     else
+    foreach (stExecSQL("SELECT * FROM compos WHERE visible<>0 AND voting<>0") as $compo)
     {
-      foreach (stExecSQL("SELECT * FROM compos WHERE visible<>0 AND voting<>0") as $compo)
+      stDBBeginTransaction();
+      foreach (stExecSQL("SELECT * FROM entries WHERE compo_id=".$compo["id"]) as $entry)
       {
-        stDBBeginTransaction();
-        foreach (stExecSQL("SELECT * FROM entries WHERE compo_id=".$compo["id"]) as $entry)
+        if (stCheckVoteValue("ventry".$entry["id"], $value))
         {
-          if (stCheckVoteValue("ventry".$entry["id"], $value))
-          {
-            if (!stUpdateVote($voteKeyId, $entry["id"], $value))
-              stError("Could not set vote for compo #".$compo["id"].", entry #".$entry["id"]);
-          }
+          if (!stUpdateVote($voteKeyId, $entry["id"], $value))
+            stError("Could not set vote for compo #".$compo["id"].", entry #".$entry["id"]);
         }
-        stDBCommitTransaction();
       }
-
-      if ($errorSet)
-      {
-        stSetSessionItem("mode", "error");
-        stSetSessionItem("error", $errorMsgs);
-      }
-      else
-        stSetSessionItem("mode", "done");
-
-      header("Location: ".stGetRequestItem("goto", "vote"));
+      stDBCommitTransaction();
     }
+    stSetSessionItem("mode", "done");
     break;
 
   default:
@@ -148,10 +167,22 @@
     break;
 }
 
+
 if ($errorSet)
 {
   ob_clean();
-  stDumpAJAXStatusErrors();
+  stSetSessionItem("mode", "error");
+  stSetSessionItem("error", $errorMsgs);
+}
+
+if ($ajax)
+{
+  if ($errorSet)
+    stDumpAJAXStatusErrors();
+}
+else
+{
+  header("Location: ".stGetRequestItem("goto", "vote"));
 }
 
 ob_end_flush();