# store the candidate grabbed through ajax and stored in flash
@quickvote.candidatelist = flash[:candlist]
-
+ @quickvote.description=CGI.escapeHTML(@quickvote.description)
# try to save, if it fails, show the page again (the flash should
# still be intact
if @quickvote.save
end
def add_candidate
- candidate_name = params[:ajax][:newcandidate]
- if flash.has_key?(:candlist) and flash[:candlist].instance_of?(Array)
- flash[:candlist] << candidate_name
- else
- flash[:candlist] = [ candidate_name ]
+ candidate_name = CGI.escapeHTML(params[:ajax][:newcandidate])
+ unless candidate_name.strip.empty?
+ if flash.has_key?(:candlist) and flash[:candlist].instance_of?(Array)
+ flash[:candlist] << candidate_name unless flash[:candlist].index(candidate_name)
+ else
+ flash[:candlist] = [ candidate_name ]
+ end
end
flash.keep(:candlist)
render_partial 'candidate_list'
#############################################################
def index
- @election = ident_to_quickvote(params[:ident])
+ @election = QuickVote.ident_to_quickvote(params[:ident])
# if the person has specified an election, we show them the voting
# page. otherwise, we redirect back to main the page
def confirm
# we need the election to verify that we have the right voter
- election = ident_to_quickvote(params[:ident])
+ election = QuickVote.ident_to_quickvote(params[:ident])
# find out who the voter is for this election
@voter = QuickVoter.find_all(["session_id = ? and election_id = ?",
###############################################################
def results
- @election = ident_to_quickvote(params[:ident])
-
- # initalize the tallies to empty arrays
- preference_tally = Array.new
- plurality_tally = Array.new
- approval_tally = Array.new
-
- @election.voters.each do |voter|
- # skip if the voter has not voted or has an unconfirmed vote
- next unless voter.voted?
-
- plurality_tally << voter.vote.rankings.sort[0].candidate.id
- approval_tally << voter.vote.rankings.sort[0..1].collect \
- { |ranking| ranking.candidate.id }
- preference_tally << voter.vote.rankings.sort.collect \
- { |ranking| ranking.candidate.id }
- end
-
- @plurality_result = PluralityVote.new(plurality_tally).result
- @approval_result = ApprovalVote.new(approval_tally).result
- @condorcet_result = PureCondorcetVote.new(preference_tally).result
- @ssd_result = CloneproofSSDVote.new(preference_tally).result
- @borda_result = BordaVote.new(preference_tally).result
- #@runoff_result = InstantRunoffVote.new(preference_tally).result
- #@runoff_results = PluralityVote.new(preference_tally).result
-
-
- @candidates = {}
+ @election = QuickVote.ident_to_quickvote(params[:ident])
+ @election.results
+ @candidates = {}
@election.candidates.each {|c| @candidates[c.id] = c}
end
-
- private
- def ident_to_quickvote(ident)
- if ident.match(/^\d+$/)
- quickvote = QuickVote.find(ident)
- else
- quickvote = QuickVote.find_all(["name = ?", ident])[0]
- end
-
- return quickvote
- end
-
end