function survey_sign_email_address($email) { // Encode the email address to make the user code, so that anyone just with access to the survey database // can't work out what the email is. We don't have a salt, as we want to be able to test uniqueness. $user_code = sha1($email . "-" . OPTION_SURVEY_SECRET); // And sign it to authorise it $auth_signature = auth_sign_with_shared_secret($user_code, OPTION_SURVEY_SECRET); return array($user_code, $auth_signature); }
public function get_values() { global $this_page; $data = array(); // TODO: think about not hard coding these $current_question = 3; $always_ask = 1; $data['survey_site'] = "twfy-mini-{$current_question}"; $show_survey_qn = 0; $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $has_answered_question = get_http_var('answered_survey'); $hide_question = get_http_var('hide_survey'); $data['show'] = false; if ($hide_question) { $always_ask = 0; $show_survey_qn = $current_question; setcookie('survey', $current_question, time() + 60 * 60 * 24 * 365, '/'); } elseif ($has_answered_question == $current_question && !$always_ask) { $show_survey_qn = $current_question; setcookie('survey', $current_question, time() + 60 * 60 * 24 * 365, '/'); } elseif (isset($_COOKIE['survey'])) { $show_survey_qn = $_COOKIE['survey']; } if ($show_survey_qn < $current_question && !$has_answered_question) { $data['show'] = true; $page_url = ''; $hide_url = ''; if (in_array($this_page, array('mp', 'peer', 'msp', 'mla', 'royal'))) { global $MEMBER; if ($MEMBER) { $page_url = $MEMBER->url() . "?answered_survey={$current_question}"; $hide_url = $MEMBER->url() . "?hide_survey={$current_question}"; } } else { $URL = new \URL($this_page); $URL->insert(array('answered_survey' => $current_question)); $page_url = 'http://' . DOMAIN . $URL->generate(); $URL = new \URL($this_page); $URL->insert(array('hide_survey' => $current_question)); $hide_url = 'http://' . DOMAIN . $URL->generate(); } $data['page_url'] = $page_url; $data['hide_url'] = $hide_url; $data['user_code'] = bin2hex(urandom_bytes(16)); $data['auth_signature'] = auth_sign_with_shared_secret($data['user_code'], OPTION_SURVEY_SECRET); $data['datetime'] = time(); } $data['current_q'] = $current_question; $data['answered'] = $has_answered_question; return $data; }
} $show_survey_qn = $_COOKIE['survey']; if ($show_survey_qn == 2) { header('Location: http://' . DOMAIN . '/survey/done', true, 301); exit; } setcookie('survey', '1b', time()+60*60*24*365, '/'); if ($show_survey_qn == 1) { $db = new ParlDB; $db->query("UPDATE survey SET $find = $find + 1"); } $user_code = bin2hex(urandom_bytes(16)); $auth_signature = auth_sign_with_shared_secret($user_code, OPTION_SURVEY_SECRET); if ($find == 'yes') { ?> <div style="margin:1em; border: solid 2px #cc9933; background-color: #ffffcc; padding: 4px; font-size:larger;"> Glad we could help you! Maybe you could help us by answering some questions in our user survey which will contribute to make TheyWorkForYou even better – five minutes should be enough. If you don’t want to participate, thanks anyway<? if ($referer) print ', <a href="' . $referer . '">return to where you were</a>'; ?>. </div> <? } else { ?> <div style="margin:1em; padding: 4px; border: solid 2px #cc9933; background-color: #ffffcc; font-size:larger;"> We’re sorry to hear that. Maybe you could help us make TheyWorkForYou better by answering some questions in our user survey – five minutes should be enough. If you don’t want to participate, thanks anyway<? if ($referer) print ', <a href="' . $referer . '">return to where you were</a>'; ?>. </div> <?
function crosssell_check_twfy($email, $postcode) { global $crosssell_check_twfy_checked; if (!is_null($crosssell_check_twfy_checked)) { return $crosssell_check_twfy_checked; } if (!defined('OPTION_AUTH_SHARED_SECRET') || !$postcode) { return false; } // Look up who the MP is global $crosssell_voting_areas; if (!$crosssell_voting_areas) { $crosssell_voting_areas = mapit_get_voting_areas($postcode); } mapit_check_error($crosssell_voting_areas); if (!array_key_exists('WMC', $crosssell_voting_areas)) { $crosssell_check_twfy_checked = false; return false; } $reps = dadem_get_representatives($crosssell_voting_areas['WMC']); dadem_check_error($reps); if (count($reps) != 1) { $crosssell_check_twfy_checked = false; return false; } $rep_info = dadem_get_representative_info($reps[0]); dadem_check_error($rep_info); if (!array_key_exists('parlparse_person_id', $rep_info)) { $crosssell_check_twfy_checked = false; return false; } $person_id = str_replace('uk.org.publicwhip/person/', '', $rep_info['parlparse_person_id']); if (!$person_id) { $crosssell_check_twfy_checked = false; return false; } $auth_signature = auth_sign_with_shared_secret($email, OPTION_AUTH_SHARED_SECRET); // See if already signed up $already_signed = crosssell_fetch_page('www.theyworkforyou.com', '/alert/authed.php?pid=' . $person_id . '&email=' . urlencode($email) . '&sign=' . urlencode($auth_signature)); if ($already_signed != 'not signed') { $crosssell_check_twfy_checked = false; return false; } $crosssell_check_twfy_checked = array($person_id, $auth_signature); return $crosssell_check_twfy_checked; }
$answered_q = get_http_var('answered'); if ($policyID) { $policiesList = new MySociety\TheyWorkForYou\Policies($policyID); } else { $policiesList = new MySociety\TheyWorkForYou\Policies(); } $positions = new MySociety\TheyWorkForYou\PolicyPositions($policiesList, $MEMBER); $divisions = new MySociety\TheyWorkForYou\Divisions($MEMBER, $positions, $policiesList); if ($policyID) { $data['policydivisions'] = $divisions->getMemberDivisionsForPolicy($policyID); } else { $data['policydivisions'] = $divisions->getAllMemberDivisionsByPolicy(); } // data for the 'what else would you like to see' question box $data['user_code'] = bin2hex(urandom_bytes(16)); $data['auth_signature'] = auth_sign_with_shared_secret($data['user_code'], OPTION_SURVEY_SECRET); $data['page_url'] = "http://" . DOMAIN . $_SERVER['REQUEST_URI'] . ($policyID ? '&' : '?') . 'answered=1'; $data['answered_q'] = $answered_q; // Send the output for rendering MySociety\TheyWorkForYou\Renderer::output('mp/divisions', $data); break; case '': default: $policiesList = new MySociety\TheyWorkForYou\Policies(); $policies = $policiesList->limitToSet('summary')->shuffle(); // Generate limited voting record list $data['policyPositions'] = new MySociety\TheyWorkForYou\PolicyPositions($policies, $MEMBER, 6); // Send the output for rendering MySociety\TheyWorkForYou\Renderer::output('mp/profile', $data); break; }