Proxy Vote

WordPress plug-in to create voting events and collect proxies so you can reach quorum at meetings.

6 minute read
GitHub Repository

The Story

I developed this WordPress plugin while managing my neighborhood homeowner association (HOA). It was always difficult for our annual board meetings to achieve quorum. People skipped the meeting and didn't bother to mail us their proxy vote.

The process is simple. The voter goes to a website, enters his unique key, his name, the proxy's name, then submits the information. The first version I deployed helped our HOA achieve quorum.

Proxy event in WordPress 4.8

A few years later I moved to a new home, stopped maintaining the website, and the plugin itself was disused.

I originally developed this in the v2.3 era of WordPress—in late 2007. I started a container to see if WordPress v4.8 would still load, create the DB tables, and run it correctly. To my shock and amusement it actually worked. I didn't change a single line of code.

This is decade old software and it still runs. If you're wondering why web security is such a burning hot topic, this is just one example. If old, unmaintained software still runs then what does that say about the infrastructure that loads the plugin?

Features

Add an Event

Provide the title, description, expiration time, and the number of voters.

Adding a proxy event

Setting up your event only takes a few lines of HTML and the shortcodes:

<h2>Annual Meeting Proxy Vote</h2>
<p>
  To achieve a quorum at our annual meeting 
  we only ask for a few moments of your time. 
  This year we've made the process super easy. 
  Please follow these directions<:
</p>
<ol>
  <li>Go to our HOA website</li>
  <li>Look for post "Proxy Vote"</li>
  <li>Submit before: <b>[expires]</b></li>
  <li>Enter code: <code>[key]</code><li>
  <li>Enter your name</li>
  <li>Enter your proxy's name</li>
</ol>
<p>
  Again, <i>thank you</i> for your support. 
  This will help our meeting proceed  
  smoothly and without delay.</p>
<p>
  Sincerely,<br/>
  Matthew Crumley<br/>
  Board President
</p>

Post, Print, and Export

After creating the proxy event you need to insert the shortcode into a post or a page. You can add any text before or after the form itself. Give your voters a simple reminder of what's required. Keep the message short and simple.

Write a post or page and use a shortcode

Your browser's print menu will show a preview of the proxy handouts. These are intended for distribution because each page has a unique proxy key. Check out an example PDF.

Once your proxy collection is complete you might want to organize the data differently. Proxy Vote wasn't designed to analyze or format data. Export your event to an XML file and open it in your favorite spreadsheet application.

Code and Coda

The first time I used PHP was in college. It was a senior design project in which I built a web-enabled horse feeder. Since then I haven't had use for PHP professionally aside from scattered WordPress templates and this plugin.

The total line count for Proxy Vote:

Language Files Blank Comment Code
PHP 2 185 169 911

I wrote this plugin before I became security-conscious. The OWASP Top 10 applies here but I wasn't aware such guidelines existed in 2007. Training to do penetration testing opened my eyes even wider. There are numerous exploits in the Metasploit Framework targeting WordPress plugins. If a plugin doesn't sanitize input then it's game over from a security standpoint.

Weigh the risks carefully before you stray too far from a stock installation of WordPress.