function dadem_get_error($e)
{
if (!rabx_is_error($e)) {
return FALSE;
} else {
return $e->text;
}
}
function LookupToken($email)
{
$sql = <<<EOT
SELECT token,created,data
FROM token
WHERE scope='login' AND encode( data, 'escape' ) ilike ?
ORDER BY created DESC
EOT;
$q = db_query($sql, '%' . $email . '%');
$cnt = db_num_rows($q);
if ($cnt == 0) {
print "<p>No tokens found for <code>{$email}</code> (maybe they used a different email address?)</p>\n";
} else {
print "<p>Found {$cnt} tokens for <code>{$email}</code> (most recent first)</p>\n";
print "<table border=1>\n";
print "<tr><th>when issued</th><th>email</th><th>confirmation link</th><th>stashed url</th></tr>\n";
while ($r = db_fetch_array($q)) {
$t = strtotime($r['created']);
$issued = strftime('%R %a %e %B %Y', $t);
$token = $r['token'];
$confirmation_url = OPTION_BASE_URL . "/login?t={$token}";
$stashed_url = '????';
$email = '????';
$pos = 0;
$res = rabx_wire_rd(&$r['data'], &$pos);
if (!rabx_is_error($res)) {
$email = $res['email'];
$stashed_url = db_getOne("SELECT url FROM requeststash WHERE key=?", $res['stash']);
if (!$stashed_url) {
$stashed_url = '-none- (which probably means they clicked the link)';
}
}
?>
<tr>
<td><?php
echo $issued;
?>
</td>
<td><code><?php
echo $email;
?>
</code></td>
<td><code><?php
echo $confirmation_url;
?>
</code></td>
<td><code><?php
echo $stashed_url;
?>
</code></td>
</tr>
<?php
}
print "</table>\n";
}
}
function ratty_do_call($name, $args)
{
global $ratty_client;
$res = $ratty_client->call("Ratty.{$name}", $args);
if (rabx_is_error($res)) {
err($res->text);
} else {
return $res;
}
}
function auth_token_retrieve($scope, $token)
{
$data = db_getOne('
select data
from token
where scope = ? and token = ?', array($scope, $token));
/* Madness. We have to unescape this, because the PEAR DB library isn't
* smart enough to spot BYTEA columns and do it for us. */
$data = pg_unescape_bytea($data);
$pos = 0;
$res = rabx_wire_rd(&$data, &$pos);
if (rabx_is_error($res)) {
$res = unserialize($data);
if (is_null($res)) {
err("Data for scope '{$scope}', token '{$token}' are not valid");
}
}
return $res;
}
function submitFaxes() {
/* Submit a group of messages or an individual message
* and show the results to the user */
global $grpid, $msgid_list, $msgid;
global $repid_list, $fyr_who;
global $representatives_info, $fyr_voting_area;
global $fyr_values, $cobrand;
// Set up some brief error descriptions
$errors = cobrand_message_sending_errors($cobrand);
if (!$errors) {
$errors = array("problem-generic" => "Message Rejected",
"problem-lords" => "You have sent too many messages to Lords",
"problem-lords-similar" => "Too many similar messages have been sent",
"problem-postcodes" => "You seem to be sending messages with several different postcodes",
"problem-similar" => "Your message is near-identical with others sent previously");
}
// send the message to each representative
$any_success = false;
$error_msg = "";
if ($grpid) {
// No questionnaire for group mails
$no_questionnaire = true;
// check the group id
if (!preg_match("/^[0-9a-f]{20}$/i", $grpid)) {
template_show_error('Sorry, but your browser seems to be transmitting
erroneous data to us. Please try again, or contact us at
<a href="mailto:team@writetothem.com">team@writetothem.com</a>.');
exit;
}
// double check that the group_id isn't already being used
// This could mean that these messages have already been
// queued or (with a very small probability) that someone
// else got the same group id
$result = msg_check_group_unused($grpid);
if (isset($result)) {
$error_msg .= rabx_mail_error_msg($result->code, $result->text) . "<br>";
template_show_error("Sorry, we were unable to send your messages for the following reasons: <br>" . $error_msg);
exit;
}
} else {
$no_questionnaire = false;
$msgid_list = array($msgid);
$repid_list = array($fyr_who);
}
# set up the address
$address = prepare_address();
check_message_length();
# check the msgids
foreach ($msgid_list as $msgid) {
check_message_id($msgid);
}
$cocode = $fyr_values['cocode'];
if (!$cocode)
$cocode = null;
$message_array = prepare_message_array($address);
$result = msg_write_messages($msgid_list,
$message_array,
$repid_list,
$fyr_values['signedbody'],
$cobrand, $cocode, $grpid, $no_questionnaire);
#check for error
if (rabx_is_error($result)) {
template_show_error(rabx_mail_error_msg($result->code, $result->text));
exit;
}
foreach (array_keys($result) as $id) {
$res = $result[$id];
$rep_id = $res['recipient_id'];
$abuse_res = $res['abuse_result'];
$status = $res['status_code'];
$err = $res['error_text'];
$code = $res['error_code'];
if ($status != 0) {
$rep_name = "<strong>" . $fyr_voting_area['rep_prefix'] . " " .
$representatives_info[$rep_id]['name'] . " " . $fyr_voting_area['rep_suffix'] . "</strong>";
if ($status == 1) {
# FYR Error code
if ($grpid) {
$error_msg .= $rep_name . ": " . rabx_mail_error_msg($code, $err) . "<br>";
} else {
template_show_error(rabx_mail_error_msg($code, $err));
exit;
}
} elseif ($status == 2) {
# flagged for abuse
if ($grpid) {
if (array_key_exists($abuse_res, $errors)) {
$error_msg .= "<p>" . $rep_name . ": " . $errors[$abuse_res]
. " <a href=\"/" . $abuse_res . "\">read more</a></p>";
} else {
$error_msg .= "<p>" .$rep_name . ": Message Rejected</p>";
}
} else {
template_draw($abuse_res, $fyr_values);
exit;
}
}
} else {
$any_success = true;
}
}
if (!$any_success) {
// None of the messages could be sent
template_show_error("Sorry, we were unable to send your messages for the following reasons: <br>" . $error_msg);
} elseif ($error_msg) {
// Some problems
$error_msg = "
<p style=\"text-align: center; color: #ff0000; \">Note:
Some of your messages could not be sent for the following reasons: </p>
" . $error_msg;
show_check_email($error_msg);
} else {
//no problems
show_check_email($error_msg);
}
}
$got_year = 1;
} else {
$year_bar_array[] = "<a href=\"/stats/{$y}/{$type}\">{$y}</a>";
}
}
if (!$got_year) {
template_show_error("We don’t have statistics for that year");
}
$year_bar = "<p>Statistics for other years:</p><ul class=\"inline-list\"><li>" . join($year_bar_array, "</li><li>") . "</li></ul>";
#if (!get_http_var('really'))
# $year_bar = "";
require_once "../phplib/summary_report_{$year}.php";
require_once "../phplib/questionnaire_report_{$year}_WMC.php";
$rep_info = array();
$voting_areas = mapit_call('postcode', $postcode, array(), array(400 => MAPIT_BAD_POSTCODE, 404 => MAPIT_POSTCODE_NOT_FOUND));
if (!rabx_is_error($voting_areas)) {
$area_representatives = dadem_get_representatives($voting_areas['shortcuts']['WMC']);
dadem_check_error($area_representatives);
$rep_info = dadem_get_representative_info($area_representatives[0]);
dadem_check_error($rep_info);
$rep_info['postcode'] = $postcode;
} else {
if ($voting_areas->code == MAPIT_BAD_POSTCODE) {
$error_message = "Sorry, we need your complete UK postcode to identify your elected representatives.";
$template = "index-advice";
} elseif ($voting_areas->code == MAPIT_POSTCODE_NOT_FOUND) {
$error_message = "We’re not quite sure why, but we can’t seem to recognise your postcode.";
$template = "index-advice";
}
}
if ($type == 'mps') {
function stash_check_for_post_redirect()
{
/* Are we doing a POST redirect? */
$key = get_http_var('stashpost');
if (!$key) {
return;
}
global $stash_in_stashpost;
$stash_in_stashpost = true;
/* Extract the post data */
list($method, $url, $post_data) = db_getRow_list('select method, url, post_data from requeststash where key = ?', $key);
if (is_null($method)) {
err(_("If you got the email more than a year ago, then your request has probably expired. Please try doing what you were doing from the beginning."), E_USER_NOTICE);
}
/* Postgres/PEAR DB BYTEA madness -- see comment in auth.php. */
$post_data = pg_unescape_bytea($post_data);
$pos = 0;
$stashed_POST = rabx_wire_rd(&$post_data, &$pos);
if (rabx_is_error($stashed_POST)) {
err("Bad serialised POST data in stash_check_for_post_redirect('{$key}')");
}
/* Fix $_POST to make this look like one */
$_POST = $stashed_POST;
# print_r($stashed_POST);
}
function postcode_to_areas($postcode)
{
$voting_areas = mapit_call('postcode', $postcode);
if (rabx_is_error($voting_areas)) {
header('Location: ' . url_new('/', true, 'pc', $postcode));
exit;
}
debug_timestamp();
# Switch the voting_area array to be TYPE => AREA, instead of ID => AREA.
$a = array();
foreach ($voting_areas['areas'] as $id => $area) {
$a[$area['type']] = $area;
}
return $a;
}
function call($function, $args, $force_post = 0)
{
debug("RABX", "RABX calling {$function} via {$this->url}, arguments:", $args);
$callstr = rabx_call_string($function, &$args);
debug("RABXWIRE", "RABX raw send:", $callstr);
if (rabx_is_error($callstr)) {
return $callstr;
}
$c = urlencode($callstr);
$post = $this->use_post || $force_post;
if (!$post and strlen($u = $this->url . "?{$c}") > 1024) {
$post = TRUE;
}
if ($post) {
curl_setopt($this->ch, CURLOPT_URL, $this->url);
curl_setopt($this->ch, CURLOPT_POST, 1);
curl_setopt($this->ch, CURLOPT_POSTFIELDS, $callstr);
} else {
curl_setopt($this->ch, CURLOPT_URL, $u);
curl_setopt($this->ch, CURLOPT_HTTPGET, 1);
/* By default curl passes a "Pragma: no-cache" header. Turn it
* off. */
curl_setopt($this->ch, CURLOPT_HTTPHEADER, array("Pragma: "));
}
if ($this->userpwd) {
curl_setopt($this->ch, CURLOPT_USERPWD, $this->userpwd);
}
if (!($r = curl_exec($this->ch))) {
return rabx_error(RABX_ERROR_TRANSPORT, curl_error($this->ch) . " calling {$this->url}");
}
$C = curl_getinfo($this->ch, CURLINFO_HTTP_CODE);
debug("RABXWIRE", "RABX raw result:", $r);
if ($C != 200) {
return rabx_error(RABX_ERROR_TRANSPORT, "HTTP error {$C} calling {$this->url}");
} else {
$result = rabx_return_string_parse($r);
debug("RABX", "RABX result:", $result);
return $result;
}
}
if (rabx_is_error($result)) {
if ($result->code == FYR_QUEUE_MESSAGE_EXPIRED) {
$url = cobrand_url($cobrand, "/", $cocode);
$text = <<<EOF
You took so long to confirm your message that under our privacy policy
your message has already been removed from our database.
If you’d still like to write a message, you can <a href="{$url}">try again from the
beginning
EOF;
template_show_error($text);
} else {
template_show_error($result->text);
}
}
if (!$result) {
template_draw("confirm-trouble", $template_params);
} else {
$values = msg_admin_get_message($result);
if (rabx_is_error($values)) {
template_show_error($values->text);
} elseif ($values['cobrand'] && cobrand_post_letter_send($values)) {
// Do nothing - cobrand_post_letter_send must do the special action e.g. header or template_draw etc.
} else {
$values['cobrand'] = $cobrand;
$values['host'] = fyr_get_host();
template_draw("confirm-accept", $values);
}
}
?>
require_once "../phplib/fyr.php";
require_once "../phplib/queue.php";
require_once "../commonlib/phplib/utility.php";
require_once "../commonlib/phplib/survey.php";
fyr_rate_limit(array());
$token = get_http_var('token');
if (!$token) {
template_show_error("The token was missing.");
}
$answer = get_http_var('answer');
if ($answer != "yes" && $answer != "no") {
template_show_error("The answer type was missing.");
}
// 1 is the firsttime question
$result = msg_record_questionnaire_answer($token, 1, $answer);
if (rabx_is_error($result)) {
template_show_error($result->text);
}
$values = msg_admin_get_message($result);
$values['cobrand'] = $cobrand;
// Demographic survey
list($values['user_code'], $values['auth_signature']) = survey_sign_email_address($values['sender_email']);
$done_survey = survey_check_if_already_done($values['user_code'], $values['auth_signature']);
//$rand = rand(0, 4); // high rate when want lots of data
$rand = rand(0, 29);
// low rate when not actively doing research, so still get 50-100 responses a month
if (!$done_survey && $rand == 0 && cobrand_display_survey($cobrand)) {
$values['return_url'] = OPTION_BASE_URL . htmlspecialchars($_SERVER['REQUEST_URI']);
template_draw("survey-questions", $values);
} else {
// Either the questionnaire or the survey done
