summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorINOPIAE <inopiae@cacert.org>2014-01-20 16:31:40 +0100
committerINOPIAE <inopiae@cacert.org>2014-01-20 16:31:40 +0100
commit536674a62c15bed0de8cb897b2d25ed35774f5ce (patch)
tree0939e2c33c739676d8d130a3e94ecee3e012c7bd
parenta8ad88d816358d70dbaff28f587bdb258a7e5391 (diff)
downloadcacert-devel-536674a62c15bed0de8cb897b2d25ed35774f5ce.tar.gz
cacert-devel-536674a62c15bed0de8cb897b2d25ed35774f5ce.tar.xz
cacert-devel-536674a62c15bed0de8cb897b2d25ed35774f5ce.zip
bug 1138: inserted revoke certificate handling
-rw-r--r--includes/account.php5
-rw-r--r--includes/notary.inc.php20
-rw-r--r--pages/account/43.php9
3 files changed, 18 insertions, 16 deletions
diff --git a/includes/account.php b/includes/account.php
index 2960954..f75c5e8 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2730,10 +2730,11 @@
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+ if($oldid == 43 && $_REQUEST['action'] == 'revokecert' && $ticketvalidation==TRUE)
{
$userid = intval($_REQUEST['userid']);
revoke_all_private_cert($userid);
+ write_se_log($userid, $_SESSION['profile']['id'], 'AD Revoke all certificates',$ticketno);
$id=43;
}
@@ -3239,7 +3240,7 @@
*/
if($id == 59){
if ($oldid == 43 && $_SESSION['profile']['admin'] == 1) {
- write_se_log($_REQUEST['userid'], $_SESSION['profile']['id'], 'View account history', $_REQUEST['ticketno']);
+ write_se_log($_REQUEST['userid'], $_SESSION['profile']['id'], 'AD View account history', $_REQUEST['ticketno']);
$_SESSION['support']=1;
}ELSEIF ($oldid == 13 && $_REQUEST['userid'] == $_SESSION['profile']['id']){
$_SESSION['support']=0;
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index aaee304..52789b4 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -286,7 +286,7 @@
<?
}
- function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
+ function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked, $ticketno)
{
$tdstyle="";
@@ -333,7 +333,7 @@
<?
} else {
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
<?
}
}
@@ -381,7 +381,7 @@
// ************* output given assurances ******************
- function output_given_assurances_content($userid,&$points,&$sum_experience,$support)
+ function output_given_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
{
$points = 0;
$sumexperience = 0;
@@ -392,13 +392,13 @@
$apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
$name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
$email = show_email_link ($fromuser['email'],intval($row['to']));
- output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
}
}
// ************* output received assurances ******************
- function output_received_assurances_content($userid,&$points,&$sum_experience,$support)
+ function output_received_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
{
$points = 0;
$sumexperience = 0;
@@ -409,7 +409,7 @@
calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
$name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
$email = show_email_link ($fromuser['email'],intval($row['from']));
- output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
}
}
@@ -591,17 +591,17 @@
return $issue_points;
}
- function output_given_assurances($userid,$support=0)
+ function output_given_assurances($userid,$support=0, $ticketno)
{
output_assurances_header(_("Assurance Points You Issued"),$support);
- output_given_assurances_content($userid,$points,$sum_experience,$support);
+ output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
}
- function output_received_assurances($userid,$support=0)
+ function output_received_assurances($userid,$support=0, $ticketno)
{
output_assurances_header(_("Your Assurance Points"),$support);
- output_received_assurances_content($userid,$points,$sum_experience,$support);
+ output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
}
diff --git a/pages/account/43.php b/pages/account/43.php
index bee4b20..34fc1ec 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -952,6 +952,7 @@ if(intval($_REQUEST['userid']) > 0) {
<input type="hidden" name="oldid" value="43">
<input type="hidden" name="userid" value="<?=intval($userid)?>">
<input type="submit" value="<?=_('revoke certificates')?>">
+ <input type="hidden" name="ticketno" value="<?=$ticketno?>"/>
</form>
</td>
</tr>
@@ -1008,7 +1009,7 @@ if(intval($_REQUEST['userid']) > 0) {
<td class="DataTD"><?=intval($drow['points'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<?
}
@@ -1055,7 +1056,7 @@ if(intval($_REQUEST['userid']) > 0) {
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
- <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<?
}
@@ -1080,10 +1081,10 @@ if(isset($_GET['shownotary'])) {
showassuredby();
break;
case 'assuredto15':
- output_received_assurances(intval($_GET['userid']),1);
+ output_received_assurances(intval($_GET['userid']),1,$ticketno);
break;
case 'assuredby15':
- output_given_assurances(intval($_GET['userid']),1);
+ output_given_assurances(intval($_GET['userid']),1, $ticketno);
break;
}
}