From a6e986fb161f33f9c0648afe183632842ab48aec Mon Sep 17 00:00:00 2001
From: Tagadda <36127788+Tagadda@users.noreply.github.com>
Date: Mon, 13 Aug 2018 20:23:43 +0200
Subject: [PATCH] WIP: unique_ip ! do not merge

+ Unique_ip check
+ Checkbox

TODO: Add some style
TODO: Fix a bug when you vote
---
 index.php        | 26 +++++++++++++++++++-------
 models/Poll.php  | 19 ++++++++++++++++++-
 static/js/new.js |  3 +++
 views/home.php   |  2 ++
 4 files changed, 42 insertions(+), 8 deletions(-)

diff --git a/index.php b/index.php
index 73fd1be..4c7aad4 100644
--- a/index.php
+++ b/index.php
@@ -60,10 +60,16 @@ Flight::route("POST /polls/@id:[a-fA-F0-9]+/vote", function ($id) {
 			if (isset(Flight::request()->data["options"]) && is_array(Flight::request()->data["options"]))
 			{ // Check that an options id array exists.
 				//TODO Check that only the authorized number of options are selected.
-				$poll->vote(Flight::request()->data["options"]); // Vote for the given options.
-				// Then save and show poll data.
-				$poll->save();
-				Flight::json(format_poll($poll));
+				if($poll->vote(Flight::request()->data["options"]) === false) // Vote for the given options.
+				{
+					Flight::halt(403, "<h1>403 Forbidden</h1><h3>Too many votes for this IP address.</h3>");
+				}
+				else
+				{
+					// Then save and show poll data.
+					$poll->save();
+					Flight::json(format_poll($poll));
+				}
 			}
 			else
 				Flight::halt(403, "<h1>403 Forbidden</h1><h3>Invalid data.</h3>");
@@ -75,9 +81,15 @@ Flight::route("POST /polls/@id:[a-fA-F0-9]+/vote", function ($id) {
 				$selected_options = Flight::request()->data["options"];
 				if (is_string($selected_options))
 				{ // If it is a string, input[type="radio"] were used so only one option is selected.
-					$poll->vote([intval($selected_options)]); // Vote for the selected option.
-					$poll->save();
-					Flight::redirect("/polls/$id/results"); // Redirect to the results.
+					if($poll->vote([intval($selected_options)]) === false) // Vote for the selected option.
+					{
+						Flight::redirect('/', 401);
+					}
+					else
+					{
+						$poll->save();
+						Flight::redirect("/polls/$id/results"); // Redirect to the results.
+					}
 				} //TODO: Multiple options case.
 				else
 					Flight::redirect("/polls/$id"); // Error: Redirect to the vote page.
diff --git a/models/Poll.php b/models/Poll.php
index 7d56e7b..9ac8d76 100644
--- a/models/Poll.php
+++ b/models/Poll.php
@@ -21,6 +21,7 @@ class Poll
 					"votes" => 0,
 				];
 			}
+			$poll->settings = $request_data->settings;
 			$poll->gen_new_id();
 			$poll->delete_token = bin2hex(openssl_random_pseudo_bytes(16));
 			$poll->save();
@@ -48,6 +49,8 @@ class Poll
 			$poll->creation_date = $saved_poll_data->creation_date;
 			$poll->options = $saved_poll_data->options;
 			$poll->delete_token = $saved_poll_data->delete_token;
+			$poll->settings = $saved_poll_data->settings;
+			$poll->ips = $saved_poll_data->ips;
 
 			dba_close($db);
 			return $poll;
@@ -63,6 +66,8 @@ class Poll
 	public $title;
 	public $creation_date;
 	public $options = [];
+	public $settings = [];
+	public $ips = [];
 	public $delete_token;
 
 	private function gen_new_id()
@@ -83,13 +88,23 @@ class Poll
 	/**
 	 * Vote for a list of options.
 	 * @param array $options - Array of integers containing voted options.
+	 * @return bool
 	 */
 	public function vote(array $options)
 	{
+		if($this->settings['unique_ip'] === true)
+		{
+			if(isset($this->ips[Flight::request()->query["ip"]]))
+				return false;
+			else
+				$this->ips["test"] = true;
+		}
+
 		// For each option in the list, add 1 to the vote number in the poll data.
 		foreach ($options as $option)
 			if (isset($this->options[intval($option)])) // Check invalid options id.
 				$this->options[intval($option)]->votes++;
+		return true;
 	}
 
 	public function save()
@@ -100,7 +115,9 @@ class Poll
 			"title" => $this->title,
 			"creation_date" => $this->creation_date,
 			"options" => $this->options,
-			"delete_token" => $this->delete_token
+			"delete_token" => $this->delete_token,
+			"ips" => $this->ips,
+			"settings" => $this->settings
 		]), $db);
 		dba_close($db);
 	}
diff --git a/static/js/new.js b/static/js/new.js
index 5f3d533..7a95d90 100644
--- a/static/js/new.js
+++ b/static/js/new.js
@@ -37,6 +37,9 @@ document.addEventListener("DOMContentLoaded", () => {
 			body: JSON.stringify({
 				title: form.querySelector(`input[name="title"]`).value,
 				options: get_choices(form),
+                settings: {
+                    "unique_ip": form.querySelector(`input[name="unique_ip"]`).checked,
+                }
 			}),
 			headers: {
 				"Content-Type": "application/json",
diff --git a/views/home.php b/views/home.php
index 658e008..76fab23 100644
--- a/views/home.php
+++ b/views/home.php
@@ -9,6 +9,8 @@
     <div id="choices">
     </div>
     <button type="button" id="add-choice">New choice</button>
+    <input type="checkbox" name="unique_ip" value="unique_ip" checked />
+    <label for="unique_ip">Allow multiple votes from a single IP</label>
     <input type="submit" value="Create poll" />
   </form>
   <div id="result" hidden>