From 1eea2951fbebb5bb4dfc0c09ad7622f03e4a6471 Mon Sep 17 00:00:00 2001
From: canyonknight <canyonknight@gmail.com>
Date: Wed, 23 May 2012 15:20:58 -0400
Subject: addvote.php: Pull out DB code

* Verifying a username exists should use already present valid_user function
* Create new functions in acctfuncs.inc.php with SQL queries from addvote.php
* Centralization of DB code important in a future transition to PDO interface

Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/lib/acctfuncs.inc.php | 38 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

(limited to 'web/lib')

diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 9e50cfdb..bb1f6e89 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -522,8 +522,13 @@ function valid_username($user) {
  * Checks if the username is valid and if it exists in the database
  * Returns the username ID or nothing
  */
-function valid_user($user, $dbh) {
+function valid_user($user, $dbh=NULL) {
 	/*	if ( $user = valid_username($user) ) { */
+
+	if(!$dbh) {
+		$dbh = db_connect();
+	}
+
 	if ( $user ) {
 		$q = "SELECT ID FROM Users WHERE Username = '"
 			. db_escape_string($user). "'";
@@ -538,6 +543,37 @@ function valid_user($user, $dbh) {
 	return;
 }
 
+# Check for any open proposals about a user. Used to prevent multiple proposals.
+function open_user_proposals($user, $dbh=NULL) {
+	if(!$dbh) {
+		$dbh = db_connect();
+	}
+	$q = "SELECT * FROM TU_VoteInfo WHERE User = '" . db_escape_string($user) . "'";
+	$q.= " AND End > UNIX_TIMESTAMP()";
+	$result = db_query($q, $dbh);
+	if (mysql_num_rows($result)) {
+		return true;
+	}
+	else {
+		return false;
+	}
+}
+
+# Creates a new trusted user proposal from entered agenda.
+# Optionally takes proposal about specific user. Length of vote set by submitter.
+function add_tu_proposal($agenda, $user, $votelength, $submitteruid, $dbh=NULL) {
+	if(!$dbh) {
+		$dbh = db_connect();
+	}
+	$q = "INSERT INTO TU_VoteInfo (Agenda, User, Submitted, End, SubmitterID) VALUES ";
+	$q.= "('" . db_escape_string($agenda) . "', ";
+	$q.= "'" . db_escape_string($user) . "', ";
+	$q.= "UNIX_TIMESTAMP(), UNIX_TIMESTAMP() + " . db_escape_string($votelength);
+	$q.= ", " . $submitteruid . ")";
+	db_query($q, $dbh);
+
+}
+
 function good_passwd($passwd) {
 	if ( strlen($passwd) >= PASSWD_MIN_LEN ) {
 		return true;
-- 
cgit v1.2.3-24-g4f1b