예제 #1
0
/**
 * displays an interface for email on the website
 *
 * @global type $UMC_USER
 * @return string
 */
function umc_mail_web()
{
    XMPP_ERROR_trace(__FUNCTION__, func_get_args());
    global $UMC_USER, $UMC_DOMAIN;
    if (!$UMC_USER) {
        return "You have to be logged in to use this!";
    }
    $uuid = $UMC_USER['uuid'];
    $username = $UMC_USER['username'];
    $folder_arr = array('inbox' => "recipient_uuid='{$uuid}' AND (status='sent' OR status='read')", 'outbox' => "sender_uuid='{$uuid}' AND (status='sent')", 'drafts' => "sender_uuid='{$uuid}' AND (status='draft')", 'trash' => "(recipient_uuid='{$uuid}' AND status IN ('deleted_receiver','deleted_both')) OR (sender_uuid='{$uuid}' AND status IN ('deleted_sender','deleted_both'))");
    $selected = array();
    $action = filter_input(INPUT_POST, 'action', FILTER_SANITIZE_STRING);
    if (!isset($action)) {
        $action = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING);
    }
    $out = '<div id="umc_ajax_container" class="webmail" style="display:block">' . "\n";
    // XMPP_ERROR_trigger("Mail");
    $sani_post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
    $out .= "\n<!-- POST CHECK // \n" . var_export($sani_post, true) . " \n// end -->\n";
    $sani_get = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
    $out .= "\n<!-- GET CHECK // \n" . var_export($sani_get, true) . " \n// end -->\n";
    $subject = '';
    $message = '';
    $recipient = '';
    $error = '';
    $msg_id = '';
    if ($action == 'Mark all read') {
        $read_sql = "UPDATE minecraft_srvr.`user_mail` SET status='read' WHERE recipient_uuid='{$uuid}';";
        umc_mysql_query($read_sql, true);
    }
    if ($action == 'Reply') {
        $recipient = filter_input(INPUT_POST, 'sender', FILTER_SANITIZE_STRING);
        $subject = "Re: " . htmlentities(filter_input(INPUT_POST, 'subject', FILTER_SANITIZE_STRING));
        $action = "New Mail";
    } else {
        if ($action == 'Delete' || $action == 'Undelete') {
            $msg_id = filter_input(INPUT_POST, 'msg_id', FILTER_SANITIZE_NUMBER_INT);
            $recipient_uuid = filter_input(INPUT_POST, 'recipient_uuid', FILTER_SANITIZE_STRING);
            $sender_uuid = filter_input(INPUT_POST, 'sender_uuid', FILTER_SANITIZE_STRING);
            $status = filter_input(INPUT_POST, 'status', FILTER_SANITIZE_STRING);
            if ($sender_uuid == $uuid) {
                $role = 'sender';
            } else {
                if ($recipient_uuid == $uuid) {
                    $role = 'recipient';
                }
            }
            umc_mail_delete_update_status($status, $role, $msg_id);
        } else {
            if ($action == 'Send' || $action == 'Save Draft') {
                // send message
                $subject = filter_input(INPUT_POST, 'subject', FILTER_SANITIZE_STRING);
                $message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
                $recipient = strtolower(filter_input(INPUT_POST, 'recipient', FILTER_SANITIZE_STRING));
                $recipient_uuid = umc_user2uuid($recipient);
                $check = umc_check_user($recipient_uuid);
                if ($recipient == $username) {
                    $check = false;
                    $error = "You cannot send emails to yourself!";
                } else {
                    if (!$check) {
                        $error = "ERROR: Recipient '{$recipient}' could not be found!";
                        $recipient = '';
                    }
                }
                $msg_id = filter_input(INPUT_GET, 'msg_id', FILTER_SANITIZE_NUMBER_INT);
                if (strlen($message) < 5) {
                    $error = "Your message is too short!";
                    $action = "New Mail";
                    $check = false;
                } else {
                    if (strlen($subject) < 5) {
                        $error = "Your subject is too short!";
                        $action = "New Mail";
                        $check = false;
                    }
                }
                if ($action == 'Send' && !$check) {
                    // only complain if we are trying to send
                    $action = "New Mail";
                } else {
                    umc_mail_send_backend($recipient_uuid, $uuid, $message, $subject, $action, $msg_id);
                    $action = '';
                }
            }
        }
    }
    $out .= $error;
    if ($action == 'edit') {
        $msg_id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
        $onemail_sql = "SELECT `msg_id`, `date_time`, `recipient_uuid`, username, `title`, `message`, `status`\r\n                FROM minecraft_srvr.`user_mail`\r\n                LEFT JOIN minecraft_srvr.UUID ON recipient_uuid=UUID\r\n                WHERE msg_id={$msg_id} AND sender_uuid='{$uuid}' AND status='draft';";
        $mail_data = umc_mysql_fetch_all($onemail_sql);
        if (count($mail_data) == 0) {
            $out .= "ERROR: The draft email with ID {$msg_id} could not be found!";
        } else {
            $mail = $mail_data[0];
            $recipient = $mail['username'];
            $subject = htmlentities(trim($mail['subject']));
            $message = htmlentities(trim($mail['message']));
            $msg_id = $mail['msg_id'];
            $action = "New Mail";
        }
    }
    $msg_id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
    if ($action == 'New Mail') {
        //onsubmit=\"return umcAjaxFormProcess('" . umc_web_curr_url() . "', event)\"
        $out .= "<form id=\"newmailform\" method=\"post\"><div>\n" . "<span style=\"max-width:50%;\">Recipient: <input type=\"text\" name=\"recipient\" value=\"{$recipient}\" style=\"width:35%;\" maxlength=\"32\"></span>\n " . "<span style=\"max-width:50%;\">Subject: <input type=\"text\" name=\"subject\" value=\"{$subject}\" style=\"width:35%;\" maxlength=\"32\"></span><br>\n" . "Message:<br><textarea name=\"message\" value=\"\" rows=\"10\" style=\"width:100%;\">{$message}</textarea><input type=\"hidden\" name=\"msg_id\" value=\"\">\n" . "<input type=\"submit\" name=\"action\" value=\"Send\"><input type=\"submit\" name=\"action\" value=\"Save Draft\"><input type=\"submit\" name=\"action\" value=\"Cancel\">\n" . "</div></form>";
    } else {
        if ($action == 'mail' && is_numeric($msg_id)) {
            $onemail_sql = "SELECT `msg_id`, `date_time`, `sender_uuid`, `recipient_uuid`, `title` as subject, `message`, `status` FROM minecraft_srvr.`user_mail`\r\n                WHERE msg_id={$msg_id} AND (recipient_uuid='{$uuid}' OR sender_uuid='{$uuid}');";
            $mail_data = umc_mysql_fetch_all($onemail_sql);
            if (count($mail_data) == 0) {
                $out .= "ERROR: The email with ID {$msg_id} could not be found!<br>";
                $out .= "<a href=\"{$UMC_DOMAIN}/server-access/mail/\">Back</a>";
            } else {
                // onsubmit=\"return umcAjaxFormProcess('" . umc_web_curr_url() . "', event)\"
                $out .= "<a href=\"{$UMC_DOMAIN}/server-access/mail/\">Back</a><br>";
                $out .= "\n<form id=\"newmailform\" method=\"POST\" action=\"{$UMC_DOMAIN}/server-access/mail/\">\n<div>";
                $mail = array();
                foreach ($mail_data[0] as $field => $value) {
                    $mail[$field] = htmlentities(stripslashes(trim($value)));
                }
                $buttons = "<div style=\"float:right\">";
                if (in_array($mail['status'], array('deleted_receiver', 'deleted_both'))) {
                    $buttons .= " <input type=\"submit\" name=\"action\" value=\"Undelete\">";
                } else {
                    $buttons .= " <input type=\"submit\" name=\"action\" value=\"Delete\">";
                }
                if ($mail['recipient_uuid'] == $uuid) {
                    $buttons .= " <input type=\"submit\" name=\"action\" value=\"Reply\">";
                }
                $buttons .= "</div>";
                if ($mail['status'] == 'sent') {
                    $read_sql = "UPDATE minecraft_srvr.`user_mail` SET status='read' WHERE msg_id={$mail['msg_id']};";
                    umc_mysql_query($read_sql, true);
                    $mail['status'] = 'read';
                }
                $sender = umc_user2uuid($mail['sender_uuid']);
                $recipient = umc_user2uuid($mail['recipient_uuid']);
                $out .= "<div class=\"line\"><div style=\"float:left;width:33%;\"><label>From:</label><span class=\"field\">{$sender}</span></div>\n" . "<div style=\"float:left;width:33%;\"><label>To:</label><span class=\"field\">{$recipient}</span></div>\n" . "<div style=\"float:left;width:33%;\"><label>Date:</label><span class=\"field\">{$mail['date_time']}</span></div>\n" . "<div style=\"clear:both;\"></div>\n</div>" . "{$buttons}<div class=\"line\" style=\"overflow:hidden\"><label>Subject:</label><span class=\"field\">{$mail['subject']}</span></div>\n" . "<div style=\"clear:both;\"></div>\n" . "<div class=\"line\"><label>Message:</label><br>" . "<div class=\"field\">{$mail['message']}</div>\n</div>\n" . "<input type=\"hidden\" name=\"status\" value=\"{$mail['status']}\">" . "<input type=\"hidden\" name=\"sender\" value=\"{$sender}\">" . "<input type=\"hidden\" name=\"subject\" value=\"{$mail['subject']}\">" . "<input type=\"hidden\" name=\"recipient_uuid\" value=\"{$mail['recipient_uuid']}\">" . "<input type=\"hidden\" name=\"msg_id\" value=\"{$msg_id}\">" . "<input type=\"hidden\" name=\"sender_uuid\" value=\"{$mail['sender_uuid']}\">" . "</div></form>";
            }
        } else {
            // show folder
            if (!isset($post_folder)) {
                $post_folder = filter_input(INPUT_POST, 'folder', FILTER_SANITIZE_STRING);
            }
            $sql_filter = $folder_arr['inbox'];
            if (isset($post_folder) && $post_folder != 'inbox') {
                if (isset($folder_arr[$post_folder])) {
                    $sql_filter = $folder_arr[$post_folder];
                } else {
                    $out .= "<h2>Folder {$post_folder} cannot be found!</h2>";
                }
            }
            // get the current value
            $alerts_saved = umc_wp_get_meta($uuid, 'mc_mail_alerts');
            $alerts_choice = filter_input(INPUT_POST, 'email_alerts', FILTER_SANITIZE_STRING);
            $submit = filter_input(INPUT_POST, 'submit_form', FILTER_SANITIZE_STRING);
            // update database only if form was submitted
            if ($submit == 'submit_form') {
                if ($alerts_choice == 'email_alerts' && $alerts_saved == 'false') {
                    umc_wp_set_meta($uuid, 'mc_mail_alerts', 'true');
                    $alerts_saved = 'true';
                } else {
                    if ($alerts_choice == NULL && $alerts_saved == 'true') {
                        umc_wp_set_meta($uuid, 'mc_mail_alerts', 'false');
                        $alerts_saved = 'false';
                    }
                }
            }
            $out .= "<form action=\"\" method=\"post\">\n<div class=\"line\">\nFolder: <select name=\"folder\" onchange='this.form.submit()'>";
            $selected[$post_folder] = " selected=\"selected\"";
            foreach ($folder_arr as $folder => $str_filter) {
                $folder_str = ucwords($folder);
                $sel_str = '';
                if (isset($selected[$folder])) {
                    $sel_str = $selected[$folder];
                }
                $out .= "<option value=\"{$folder}\"{$sel_str}>{$folder_str}</option>";
            }
            $checked = '';
            if ($alerts_saved == 'true') {
                $checked = 'checked="checked"';
            }
            $out .= "</select>\n<input type=\"submit\" name=\"action\" value=\"New Mail\"><input type=\"submit\" name=\"action\" value=\"Mark all read\"><input type=\"hidden\" name=\"submit_form\" value=\"submit_form\">\n" . "<span style=\"float:right;\"><input type=\"checkbox\" name=\"email_alerts\" value=\"email_alerts\" {$checked} onchange='this.form.submit()'> Send e-mail alerts</span>" . "</div></form>\n";
            $sql = "SELECT `msg_id`, `date_time`, s_ref.username as sender, r_ref.username as recipient, `title` as subject, status\r\n                FROM minecraft_srvr.`user_mail`\r\n                LEFT JOIN minecraft_srvr.UUID as s_ref on sender_uuid=s_ref.UUID\r\n                LEFT JOIN minecraft_srvr.UUID as r_ref on recipient_uuid=r_ref.UUID\r\n                WHERE {$sql_filter} ORDER BY date_time DESC;";
            $status_header = "";
            if ($post_folder == 'outbox') {
                $status_header = '<th>Status</th>';
            }
            $D = umc_mysql_fetch_all($sql);
            $non_numeric = array('date_time', 'sender', 'recipient', 'subject');
            $formats = array('sender' => 'umc_mail_web_formats', 'status' => 'umc_mail_web_formats', 'recipient' => 'umc_mail_web_formats', 'subject' => 'umc_mail_web_formats');
            $hide_cols = array('msg_id');
            $check = umc_web_table("mail", "0, 'desc'", $D, '', $hide_cols, $non_numeric, $formats);
            if (!$check) {
                XMPP_ERROR_trigger("Error creating web_table with SQL {$sql}");
                $out .= "Error creating data table. Admin was notified, please wait until it is fixed";
            } else {
                $out .= $check;
            }
        }
    }
    $out .= "</div>\n";
    return $out;
}
예제 #2
0
function umc_vote_web()
{
    XMPP_ERROR_trace(__FUNCTION__, func_get_args());
    global $vote_ranks, $UMC_DOMAIN, $UMC_USER;
    $lvl_percent = array('a' => 0.3, 'd' => 0.4, 'm' => 0.7, 'e' => 1);
    $out = umc_vote_stats();
    // return "<h1>Sorry, due to technical issues, voting is temporarily suspended</h1>";
    if (!$UMC_USER) {
        $out = "Please <a href=\"{$UMC_DOMAIN}/wp-login.php\">login</a> to vote!";
        return $out;
    } else {
        $out .= "<h2>Proposals & Votes</h2>";
        $username = $UMC_USER['username'];
        $uuid = $UMC_USER['uuid'];
        $user_lvl = $UMC_USER['userlevel'];
    }
    $user_lvl_id = $vote_ranks[$user_lvl]['lvl'];
    if ($user_lvl_id < 3) {
        // start voting only for designers
        return "Sorry, you need to be Designer or above to vote!";
    }
    // get user numbers for levels
    $lvl_str_arr = array('a' => "'Architect', 'ArchitectDonator', 'ArchitectDonatorPlus'", 'd' => "'Designer', 'DesignerDonator', 'DesignerDonatorPlus'", 'm' => "'Master', 'MasterDonator', 'MasterDonatorPlus'", 'e' => "'Elder', 'ElderDonator', 'ElderDonatorPlus'");
    $lvl_amounts = array('a' => 0, 'd' => 0, 'm' => 0, 'e' => 0);
    $lvl_min_req = array('a' => 0, 'd' => 0, 'm' => 0, 'e' => 0);
    foreach ($lvl_str_arr as $lvl_code => $lvl_str) {
        // This takes all lots where the owners are in one of the user 4 levels that can vote
        $sql = "SELECT user_id, UUID.UUID as uuid, username FROM `minecraft_worldguard`.`region_players`\r\n            LEFT JOIN minecraft_worldguard.user ON region_players.user_id=user.id\r\n            LEFT JOIN minecraft_srvr.UUID ON minecraft_worldguard.user.uuid=minecraft_srvr.UUID.UUID\r\n            LEFT JOIN minecraft_srvr.permissions_inheritance ON minecraft_srvr.UUID.UUID=minecraft_srvr.permissions_inheritance.child\r\n            WHERE parent IN ({$lvl_str}) AND type=1 AND owner=1 GROUP BY user_id;";
        $C = umc_mysql_fetch_all($sql);
        // count all the people in the userlevel to know how many votes are needed
        $lvl_amounts[$lvl_code] = count($C);
    }
    // calc needed votes
    $full_vote = $lvl_amounts['e'] * $vote_ranks['Elder']['vote'];
    foreach ($lvl_amounts as $lvl => $lvl_amount) {
        $lvl_min_req[$lvl] = round($full_vote * $lvl_percent[$lvl]);
    }
    // TODO insert here a cleanup process that deletes old votes of non-promoted users
    $proposed = filter_input(INPUT_POST, 'proposal', FILTER_SANITIZE_STRING);
    if (isset($proposed) && strlen($proposed) > 1) {
        $proposed = umc_check_user($proposed);
        if (!$proposed) {
            $out .= "Sorry {$username}, but you need to input an existing user to propose!";
        } else {
            $proposed_data = umc_uuid_getboth($proposed, 'username');
            $proposed_username = $proposed_data['username'];
            $proposed_uuid = $proposed_data['uuid'];
            // what user level is it?
            $prop_lvl = umc_get_uuid_level($proposed_uuid);
            $prop_lvl_id = $vote_ranks[$prop_lvl]['lvl'];
            // check if the user was recently promoted
            $sql = "SELECT UNIX_TIMESTAMP(`date`) as mysql_ts FROM minecraft_srvr.proposals  WHERE `uuid` LIKE '{$proposed_uuid}' ORDER BY `date` DESC;";
            $D = umc_mysql_fetch_all($sql);
            $row = array();
            if (count($D) > 0) {
                $row = $D[0];
                // get the first (latest) entry
            } else {
                $row['mysql_ts'] = 0;
            }
            if (time() - $row['mysql_ts'] < 5270400) {
                $out .= "<strong>Sorry {$username}, but {$proposed_username} was last proposed for promotion less than 2 months ago!</strong>";
            } else {
                if ($user_lvl_id < 6 && $user_lvl_id < $prop_lvl_id + 1) {
                    $out .= "<strong>Sorry {$username}, but you need to be at a higher level to propose {$proposed_username} for a higher rank!</strong>";
                } else {
                    if ($prop_lvl_id > 5) {
                        $out .= "<strong>Sorry {$username}, but {$proposed_username} has reached max level already!</strong>";
                    } else {
                        if (umc_user_countlots($proposed) < 1) {
                            // is this an active user?
                            $out .= "<strong>Sorry {$username}, but you can only propose users who have a lot!</strong>";
                        } else {
                            if ($prop_lvl_id < 2) {
                                $out .= "<strong>Sorry {$username}, but you can only propose users who are at least Citizen level!</strong>";
                            } else {
                                if ($username == $proposed) {
                                    $out .= "<strong>Sorry {$username}, but you cannot propose yourself!</strong>";
                                } else {
                                    // ok to be promoted
                                    $ins_proposal_sql = "INSERT INTO `minecraft_srvr`.`proposals` (`pr_id`, `uuid`, `proposer_uuid`, `date`, `status`)\r\n                    VALUES (NULL, '{$proposed_uuid}', '{$uuid}', NOW(), 'voting');";
                                    umc_mysql_query($ins_proposal_sql);
                                    $pr_id = umc_mysql_insert_id();
                                    $sql = "INSERT INTO minecraft_srvr.`proposals_votes` (`pr_id`, `voter_uuid`, `date`, `vote`) VALUES ({$pr_id}, '{$uuid}', NOW(), 1);";
                                    umc_mysql_query($sql, true);
                                    $out .= "Thanks {$username}, {$proposed_username} as been submitted for voting, and your vote has been set, too!";
                                    if ($prop_lvl_id == 5) {
                                        // we propose a Master for promotion, inform all elders
                                        $sql = "SELECT user_email, UUID, username FROM minecraft_srvr.`UUID`\r\n                        LEFT JOIN minecraft.wp_usermeta ON UUID.UUID=meta_value\r\n                        LEFT JOIN minecraft.wp_users ON user_id=ID\r\n                        WHERE `userlevel` LIKE 'Elder%' AND lot_count > 0";
                                        $D = umc_mysql_fetch_all($sql);
                                        $subject = "{$proposed} proposed for Elder, please vote!";
                                        $content = "Dear Elder, \r\n\r\nthe user {$proposed} has been proposed to be promoted to Elder. Please go to\r\n\r\n{$UMC_DOMAIN}/vote-for-users/\r\n\r\n" . "and vote on this proposal. Please either SUPPORT or VETO the proposal.\r\n" . "Please note that the vote will be closed as 'failed' unless all Elders cast a vote within the coming 2 months.\r\n" . "Thanks a lot for supporting Uncovery Minecraft!\r\n\r\nBest regards,\r\nUncovery";
                                        $headers = 'From:minecraft@uncovery.me' . "\r\nReply-To:minecraft@uncovery.me\r\n" . 'X-Mailer: PHP/' . phpversion();
                                        mail('*****@*****.**', $subject, $content, $headers);
                                        foreach ($D as $row) {
                                            mail($row['user_email'], '[Uncovery Minecraft] ' . $subject, $content, $headers);
                                            umc_mail_send_backend($row['UUID'], 'ab3bc877-4434-45a9-93bd-bab6df41eabf', $content, $subject, 'send');
                                            // send from uncovery's UUID
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
    // propose new person
    if ($user_lvl_id > 3) {
        $out .= "<form action=\"\" method=\"post\">\n" . "<span>Propose a person to be upgraded: <input type=\"text\" name=\"proposal\"> " . "<input type=\"submit\" name=\"proposebutton\" value=\"Propose user!\">" . "</span></form>";
    } else {
        $out .= "(Since your level is too low, you cannot propose users yet.)";
    }
    // close old proposals
    $upd_sql = "UPDATE minecraft_srvr.proposals SET `status`='failed' WHERE status = 'voting' AND date < NOW() - INTERVAL 2 month";
    umc_mysql_query($upd_sql, true);
    // list proposed people
    $sql = "SELECT UUID.username, status, pr_id, date, proposals.uuid FROM minecraft_srvr.proposals\r\n        LEFT JOIN minecraft_srvr.UUID ON proposals.uuid=UUID.UUID\r\n        WHERE status IN ('voting','closed') ORDER BY `date` ASC;";
    $D = umc_mysql_fetch_all($sql);
    $header = '';
    if ($username == 'uncovery') {
        $header = '<th>Score</th>';
    }
    $out .= "<br><form action=\"\" method=\"post\">\n<input type=\"hidden\" name=\"uuid\" value=\"{$uuid}\">\n<input type=\"hidden\" name=\"voting\" value=\"true\">\n<table>\n" . "<tr><th>Proposal</th><th>Date</th><th>Current Level</th><th>Your Vote</th><th>Vote date</th>{$header}</tr>\n";
    $proposals = 0;
    $upgraded_users = array();
    foreach ($D as $row) {
        $prop_lvl = umc_get_userlevel($row['username']);
        $prop_status = $row['status'];
        $prop_lvl_id = $vote_ranks[$prop_lvl]['lvl'];
        $proposed = $row['uuid'];
        $proposed_name = $row['username'];
        // check if user is allowed to vote for this person
        if ($user_lvl_id <= $prop_lvl_id) {
            continue;
        }
        $proposals++;
        $sel_support = $sel_veto = '';
        $sel_none = " selected=\"selected\"";
        $vote_date = "n/a";
        $pr_id = $row['pr_id'];
        // check if vote has been cast right now
        if (isset($_POST['voting']) && $_POST['uuid'] == $uuid) {
            if ($prop_status == 'closed' && $username == 'uncovery' && isset($_POST['CL_' . $pr_id]) && $_POST['CL_' . $pr_id] != 'closed') {
                $new_vote = filter_input(INPUT_POST, 'CL_' . $pr_id, FILTER_SANITIZE_STRING);
                // var_dump($_POST);
                $sql = "UPDATE minecraft_srvr.`proposals` SET `status` = '{$new_vote}' WHERE `proposals`.`pr_id`={$pr_id} LIMIT 1;";
                umc_mysql_query($sql);
                // echo $sql;
                if ($new_vote == 'success') {
                    $cmd = "pex promote {$proposed}";
                    umc_exec_command($cmd, 'asConsole', false);
                    umc_exec_command($cmd, 'asConsole', false);
                    umc_exec_command($cmd, 'asConsole', false);
                    $upgraded_users[$proposed_name] = $prop_lvl;
                    umc_log('voting', "promotion", "{$proposed_name} ({$proposed}) was promoted from {$prop_lvl} through votes");
                }
                continue;
            } else {
                if ($prop_status != 'closed') {
                    $new_vote = filter_input(INPUT_POST, 'PR_' . $pr_id, FILTER_SANITIZE_STRING);
                    $sel_support = $sel_veto = $sel_none = '';
                    // find existing votes
                    $sql = "SELECT * FROM minecraft_srvr.`proposals_votes` WHERE pr_id={$pr_id} and voter_uuid='{$uuid}';";
                    $C = umc_mysql_fetch_all($sql);
                    if (count($C) > 0) {
                        $row_check = $C[0];
                        $vote_id = $row_check['vote_id'];
                        if ($new_vote == 0) {
                            $sql = "DELETE FROM minecraft_srvr.`proposals_votes` WHERE pr_id={$pr_id} and voter_uuid='{$uuid}';";
                            umc_mysql_query($sql, true);
                        } else {
                            if ($row_check['vote'] != $new_vote) {
                                $sql = "REPLACE INTO minecraft_srvr.`proposals_votes` (`vote_id`, `pr_id`, `voter_uuid`, `date`, `vote`)\r\n\t\t\t    VALUES ({$vote_id}, {$pr_id}, '{$uuid}', NOW(), {$new_vote});";
                                umc_mysql_query($sql, true);
                            }
                        }
                    } else {
                        if ($new_vote != 0) {
                            $sql = "INSERT INTO minecraft_srvr.`proposals_votes` (`pr_id`, `voter_uuid`, `date`, `vote`)\r\n                        VALUES ({$pr_id}, '{$uuid}', NOW(), {$new_vote});";
                            umc_mysql_query($sql, true);
                        }
                    }
                } else {
                    if ($prop_status == 'closed') {
                        // a user tried to vote on a closed vote... what to do?
                    }
                }
            }
        }
        // load existing votes
        $total_score = 0;
        $sql = "SELECT date, voter_uuid, UUID.username, vote, date FROM minecraft_srvr.proposals_votes\r\n                LEFT JOIN minecraft_srvr.UUID ON voter_uuid=UUID.UUID\r\n                WHERE pr_id={$pr_id} AND vote <> 0 ORDER BY date DESC;";
        $R = umc_mysql_fetch_all($sql);
        $email_close = "{$UMC_DOMAIN}/vote-for-users/\n";
        foreach ($R as $row_calc) {
            $vote_date = $row_calc['date'];
            $voter_lvl = umc_get_uuid_level($row_calc['voter_uuid']);
            $voter_weight = $vote_ranks[$voter_lvl]['vote'];
            $voter_score = $voter_weight * $row_calc['vote'];
            $total_score = $total_score + $voter_score;
            if ($username == 'uncovery') {
                $out .= "<tr><td>Vote:</td><td>{$row_calc['username']}</td><td>{$voter_lvl}</td><td>{$row_calc['vote']}</td><td>{$row_calc['date']}</td><td>{$voter_score}</td></tr>\n";
                // prepare email to send if this will be closed
            }
            $email_close .= "Vote: {$row_calc['username']} ({$voter_lvl}) on {$row_calc['date']} gave points: {$voter_score}\n";
        }
        // close votes that have enough points
        $lvl_code = $vote_ranks[$prop_lvl]['code'];
        $min_req = $lvl_min_req[$lvl_code];
        if (abs($total_score) >= $min_req && $prop_status == 'voting') {
            // close vote
            $sql = "UPDATE minecraft_srvr.`proposals` SET `status` = 'closed' WHERE `proposals`.`pr_id`={$pr_id} LIMIT 1 ";
            umc_mysql_query($sql, true);
            // send email with status report
            $email_text = $email_close . "Total Score: {$total_score}\n\rRequired: " . abs($lvl_min_req[$lvl_code]);
            $headers = 'From:minecraft@uncovery.me' . "\r\nReply-To:minecraft@uncovery.me\r\n" . 'X-Mailer: PHP/' . phpversion();
            mail('*****@*****.**', "Voting closed for " . $row['username'], $email_text, $headers);
            $prop_status = 'closed';
        } else {
            if ($prop_status == 'closed' && $total_score < abs($lvl_min_req[$lvl_code])) {
                //$sql = "UPDATE minecraft_srvr.`proposals` SET `status` = 'voting' WHERE `proposals`.`pr_id`=$pr_id LIMIT 1 ";
                //mysql_query($sql);
            }
        }
        // show total score
        if ($username == 'uncovery') {
            $header = "<td><strong>{$total_score}</strong> (of {$min_req})</td>";
        }
        // load your own score
        $sql = "SELECT * FROM minecraft_srvr.proposals_votes WHERE voter_uuid = '{$uuid}' AND pr_id={$pr_id}";
        $D = umc_mysql_fetch_all($sql);
        $vote_date = "n/a";
        if (count($D) > 0) {
            $row_votes = $D[0];
            $vote_id = $row_votes['vote_id'];
            $your_vote = $row_votes['vote'];
            $vote_date = $row_votes['date'];
            // check if an alternative vote has been cast right now
            if ($your_vote == 1) {
                $sel_support = " selected=\"selected\"";
            } else {
                if ($your_vote == -1) {
                    $sel_veto = " selected=\"selected\"";
                }
            }
        }
        // show voting buttons
        $vote_close = '';
        $min_req = $lvl_min_req[$lvl_code];
        if ($prop_status == 'closed') {
            $vote = "Voting closed!<input type=\"hidden\" name=\"PR_{$pr_id}\" value=\"done\">";
            if ($username == 'uncovery') {
                $vote_date = "<select name=\"CL_{$pr_id}\"><option value=\"closed\">Voting closed</option><option value=\"success\">Upgrade</option><option value=\"failed\">Fail</option></select>";
            }
        } else {
            $vote = "<select name=\"PR_{$pr_id}\"><option value=\"0\" {$sel_none}>Abstain</option><option value=\"1\"{$sel_support}>Supported</option><option value=\"-1\"{$sel_veto}>Vetoed</option></select>";
        }
        $vote_lvl = umc_get_userlevel($row['username']);
        $out .= "<tr><td><strong><a href=\"{$UMC_DOMAIN}/users-2/?u={$row['username']}\">{$row['username']}</a></strong></td><td>{$row['date']}</td><td>{$prop_lvl}</td><td>{$vote}</td><td>{$vote_date}</td>{$header}</tr>\n";
    }
    if ($proposals == 0) {
        $out .= "<tr><td colspan=6>There are no proposals that you can vote for at the moment!</td><tr>\n";
    }
    $out .= "</table>\n<input type=\"submit\" name=\"votebutton\" value=\"Submit votes!\">\n</form><br>\n";
    // process successful votes, create post to blog
    if (count($upgraded_users) > 0) {
        $text = "Please see the latest upgrades from the voting system:<ul>";
        $userlist_arr = array();
        foreach ($upgraded_users as $upgraded_user => $userlvl) {
            $nextrank = $vote_ranks[$userlvl]['next'];
            $text .= "<li>{$upgraded_user} (from {$userlvl} to {$nextrank})</li>";
            $userlist_arr[] = $upgraded_user;
        }
        $userlist = implode(", ", $userlist_arr);
        $text .= "</ul>Congratz and thanks to all voters!";
        $post = array('comment_status' => 'open', 'ping_status' => 'closed', 'post_author' => 1, 'post_content' => $text, 'post_status' => 'publish', 'post_title' => "Today's upgrades: {$userlist}", 'post_type' => 'post');
        wp_insert_post($post);
    }
    return $out;
}