bug-1023 fixed some flaws detected by software review

2 files changed, 17 insertions, 17 deletions

diff --git a/includes/wot.inc.php b/includes/wot.inc.php
index a59a5b6..022bcbd 100644
--- a/includes/wot.inc.php
+++ b/includes/wot.inc.php
@@ -566,22 +566,22 @@ function AssureTextLine($field1,$field2)
 function AssureCCABoxLine($type,$text)
 {
 	return;
-	AssureBoxLIne($type,$text);
+	AssureBoxLine($type,$text);
 }
 
-function AssureBoxLine($type,$text)
+function AssureBoxLine($type,$text,$checked)
 {
 ?>
 	<tr>
-		<td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1"></td>
+		<td class="DataTD"><input type="checkbox" name="<?=$type?>" <?=$checked?"checked":""?></td>
 		<td class="DataTD"><?=$text?></td>
 	</tr>
 <?
 }
 
-function AssureMethodLine($text,$methods,$remark,$flag)
+function AssureMethodLine($text,$methods,$remark)
 {
-	if (intval($flag) === 1)
+	if (count($method) != 1)
 	{
 ?>
 	<tr>
@@ -590,7 +590,7 @@ function AssureMethodLine($text,$methods,$remark,$flag)
 			<select name="method">
 <?
 			foreach($methods as $val) { ?>
-				<option value="<?=$val?>"<? if(array_key_exists('method',$_POST) && $val == $_POST['method']) echo " selected"; ?>><?=$val?></option>
+				<option value="<?=$val?>" <?=$val?></option>
 
 <? } ?>
 			</select>
@@ -600,7 +600,7 @@ function AssureMethodLine($text,$methods,$remark,$flag)
 <?
 	} else {
 ?>
-	<input type="hidden" name="<?=$val?>" value="<?=$_POST['method']?>">
+	<input type="hidden" name="<?=$val?>" value="<?=$method[0]?>">
 <?
 	}
 }
diff --git a/pages/wot/6.php b/pages/wot/6.php
index c242280..064c5ff 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -41,26 +41,26 @@ function makecap()
 	$lname = $row['lname'];
 	$suffix = $row['suffix'];
 	$dob = $row['dob'];
-	$name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
+	$name = $fname." ".$mname." ".$lname." ".$suffix;
 	$_SESSION['_config']['wothash'] = md5($name."-".$dob);
 
-	$cap=makecap($fname,$mname,$lname,$suffix,$dob,$row['email'],$_SESSION['profile']['fname'].$_SESSION['profile']['mname'].$_SESSION['profile']['lname'].$_SESSION['profile']['suffix']);
+	$cap=makecap($fname,$mname,$lname,$suffix,$dob,$row['email'],$_SESSION['profile']['fname'],$_SESSION['profile']['mname'],$_SESSION['profile']['lname'],$_SESSION['profile']['suffix']);
 
 	include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
 
 	AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
-	AssureTextLine(_("Name"),$fname." ".$mname." ".$lname." ".$suffix);
+	AssureTextLine(_("Name"),$name);
 	AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
-	AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname));
+	AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
 	AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
-	AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:"","<br/>"._("Only fill this in if you assured the person on a different day"));
-	AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."),$_SESSION['profile']['ttpadmin']);
-	AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."));
-	AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."));
-	AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_NEW\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_NEW\">"._("Assurance Handbook")."</a>");
+	AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Only fill this in if you assured the person on a different day"));
+	AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+	AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
+	AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+	AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
 	AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
 	AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
 	AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
-	AssureTextLine(_("WoT Form"),"<a href=\"".$cap."\" target=\"_NEW\">A4 - "._("WoT Form")."</a> <a href=\"".$cap."&amp;format=letter\" target=\"_NEW\">US - "._("WoT Form")."</a>");
+	AssureTextLine(_("WoT Form"),"<a href=\"".$cap."\" target=\"_blank\">A4 - "._("WoT Form")."</a> <a href=\"".$cap."&amp;format=letter\" target=\"_blank\">US - "._("WoT Form")."</a>");
 	AssureFoot($id,_("I confirm this Assurance"));
 ?>