summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2015-01-25 13:31:44 +0100
committerBenny Baumann <BenBE@geshi.org>2015-01-25 13:31:44 +0100
commit00f5b2872ad0613595aba5c1fb6deede85201c0c (patch)
tree5c534de2ef9a5003064d46f4117a8d2c612f86ec
parenta50662743047c32946e49bbce20979425667a557 (diff)
parent8e9357bb951c0e37f30ffc118f6184139aa5b123 (diff)
downloadcacert-devel-00f5b2872ad0613595aba5c1fb6deede85201c0c.tar.gz
cacert-devel-00f5b2872ad0613595aba5c1fb6deede85201c0c.tar.xz
cacert-devel-00f5b2872ad0613595aba5c1fb6deede85201c0c.zip
Merge branch 'bug-649' into testserver-stable
-rw-r--r--includes/account_stuff.php6
-rw-r--r--includes/notary.inc.php32
-rw-r--r--pages/wot/17.php76
-rw-r--r--www/wot.php85
4 files changed, 185 insertions, 14 deletions
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index da328a3..9ff794d 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -101,7 +101,9 @@
case 506:
case 509:
case 511:
- case 512: $expand = " explode('WoT');"; break; // Find Assurer
+ case 512: // Find Assurer
+ case 516: // TTP form
+ case 517: $expand = " explode('WoT');"; break; // Assurer check
case 1000:
case 1001:
case 1002: // View GPG key
@@ -219,7 +221,7 @@ function hideall() {
<? } ?>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
- <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?></ul>
+ <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><a href="wot.php?id=17"><?=_("Check Assurer Status")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul>
</div>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><?
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index 63c426e..40170ad 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -1569,8 +1569,29 @@ function get_user_agreements($memid, $type=null, $active=null){
return $return_str;
}
+ //user function
+ function get_user_id_from_email($email){
+ $email = mysql_real_escape_string(trim($email));
+ $res = query_init ("select `id` from `users` where `email` = '" . $email . "'");
+ $row = query_getnextrow($res);
+
+ return intval($row['id']);
+ }
+
+ function get_number_of_adminlog_entries($uid, $typeid, $hours=1){
+ $uid = intval($uid);
+ $typeid = intval($typeid);
+ $hours = intval($hours);
+ $res = query_init ("SELECT count(*) AS `no` FROM `adminlog`
+ WHERE `adminid` = " . $uid . " AND `actiontypeid`=" . $typeid . " and `when` > NOW() - INTERVAL " . $hours . " HOUR " );
+ $row = query_getnextrow($res);
+
+ return intval($row['no']);
+ }
+
/**
- * Write some information to the adminlog
+ * write_se_log()
+ * writes an information to the adminlog
*
* @param int $uid - id of the user account
* @param int $adminid - id of the admin
@@ -1578,15 +1599,16 @@ function get_user_agreements($memid, $type=null, $active=null){
* @param string $info - the ticket / arbitration number or other information
* @return bool - true := success, false := error
*/
-function write_se_log($uid, $adminid, $type, $info){
+function write_se_log($uid, $adminid, $type, $info, $typeid=1){
//records all support engineer actions changing a user account
$uid = intval($uid);
$adminid = intval($adminid);
$type = mysql_real_escape_string($type);
$info = mysql_real_escape_string($info);
- $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
- (Now(), $uid, $adminid, '$type', '$info')";
- return mysql_query($query);
+ $typeid = intval($typeid);
+ $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`,`actiontypeid`) values
+ (Now(), $uid, $adminid, '$type', '$info', '$typeid')";
+ mysql_query($query);
}
/**
diff --git a/pages/wot/17.php b/pages/wot/17.php
new file mode 100644
index 0000000..657f990
--- /dev/null
+++ b/pages/wot/17.php
@@ -0,0 +1,76 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+include_once("../includes/shutdown.php");
+require_once("../includes/lib/l10n.php");
+
+if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "")
+{
+ ?><font color="orange" size="+1">
+ <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?>
+ </font>
+ <?unset($_SESSION['_config']['error']);
+}
+
+if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) {
+ unset($_SESSION['_config']['noemailfound']);
+}
+
+?>
+<form method="post" action="wot.php" name="form1">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="2" class="title"><?=_('Check Assurer Status')?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_('Email to check')?>:</td>
+<? if(array_key_exists('remindersent',$_SESSION['_config']) && $_SESSION['_config']['remindersent'] == 1) { unset($_SESSION['_config']['remindersent']) ?>
+ <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
+ <? } else { ?>
+ <td class="DataTD"><input type="text" name="email" id="email" value="<?=array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):""?>"></td>
+ <? } ?>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_('Reason why the assurer status is needed')?>:</td>
+ <td class="DataTD"><select name="reason"><option>--</option>
+ <option><?=_('Assurance')?></option>
+ <option><?=_('Event Preparation')?></option>
+ <option><?=_('Arbitration')?></option>
+ <option><?=_('CARS check')?></option>
+ <option><?=_('CATS certificate creation')?></option>
+ <option><?=_('Organisation Assurance')?></option>
+ </select></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><?=_('If you request the assurer status the result is send via mail to the person of whom you request the status of.')?></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ </tr>
+</table>
+<input type="hidden" name="oldid" value="<?=$id?>">
+</form>
+<SCRIPT LANGUAGE="JavaScript">
+//<![CDATA[
+ function my_init()
+ {
+ document.getElementById("email").focus();
+ }
+
+ window.onload = my_init();
+//]]>
+</script>
diff --git a/www/wot.php b/www/wot.php
index a7195e3..808d57f 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -80,8 +80,11 @@ function show_page($target,$message,$error)
case 'MyPointsNew': includeit(15, "wot");
break;
case '16':
- case 'TTPForm': includeit(16, "wot");
- break;
+ case 'TTPForm': includeit(16, "wot");
+ break;
+ case '17':
+ case 'AssurerCheck': includeit(17, "wot");
+ break;
}
showfooter();
@@ -124,6 +127,7 @@ function send_reminder()
if(array_key_exists('location',$_POST) && $_POST['location'] != "")
$_SESSION['_config']['location'] = $_POST['location'];
+ $id=array_key_exists('id',$_REQUEST)?intval($_REQUEST['id']):0;
$oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0;
if($oldid == 12)
@@ -555,9 +559,76 @@ function send_reminder()
exit;
}
-// showheader(_("My CAcert.org Account!"));
-// echo "ID now = ".$id."/".$oldid.">>".$iecho;
-// includeit($id, "wot");
-// showfooter();
+ // Assurer Check
+ if($oldid == 17 )
+ {
+ $oldid = 0;
+ $id = 17;
+ $number = 5;
+ $email = mysql_real_escape_string(trim($_REQUEST['email']));
+ $reason = mysql_real_escape_string(trim($_REQUEST['reason']));
+ $uid = get_user_id_from_email($email);
+
+ if ($uid == 0) {
+ show_page("AssurerCheck", "", _("I'm sorry, there was no email matching what you entered in the system. Please double check your information."));
+ exit;
+ }
+
+ if ($reason == "--") {
+ show_page("AssurerCheck", "" ,_("I'm sorry, there was no reason given why you need to check the assurer status."));
+ exit;
+ }
+
+ if (get_number_of_adminlog_entries($_SESSION['profile']['id'],1000,1) > $number) {
+ show_page("AssurerCheck", "", sprintf(_("I'm sorry, you reached the maximum requests of %s per hour. Please wait until you try it again."),$number));
+ exit;
+ }
+
+ if (is_assurer($uid)) {
+ $status = _('Is assurer');
+ } else {
+ $status = _('Is no assurer');
+ }
+
+ write_se_log($uid, $_SESSION['profile']['id'], 'User Assurer status check', '', 1000);
+
+ $assurer = get_user($uid);
+
+ //mail to member
+ $my_translation = L10n::get_translation();
+ L10n::set_translation($assurer['language']);
+
+ $subject = "[CAcert.org] ". _("Assurer status report for you");
+
+ $body = sprintf(_("Hi %s,"), $assurer['fname'])."\n\n";
+ $body .= sprintf(_("%s %s (%s) has requested your assurer status for %s."),
+ $_SESSION['profile']['fname'],
+ $_SESSION['profile']['lname'],
+ $_SESSION['profile']['email'],
+ $reason)."\n\n";
+ $body .= sprintf(_("The transmitted result: %s"), $status)."\n";
+ $body .= _("Best regards")."\n";
+ $body .= _("CAcert Support Team");
+
+ sendmail($assurer['email'], "[CAcert.org] ". $subject, $body,
+ "support@cacert.org", //from
+ "", //replyto
+ "", //toname
+ "CAcert Support"); //fromname
+
+ L10n::set_translation($my_translation);
+
+ showheader(_("My CAcert.org Account!"));?>
+ <p>
+ <?=sprintf(_('The assurer status for %s %s (%s) is: %s'),
+ $assurer['fname'],
+ $assurer['lname'],
+ $assurer['email'],
+ $status) . '<br/>'. _('The mail with the status request has been sent to the email address above.'); ?>
+ </p>
+ <?
+ showfooter();
+ exit;
+ }
+
show_page ($id,"","");
-?>