summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-11-06 03:18:30 +0100
committerMichael Tänzer <neo@nhng.de>2013-11-06 03:18:30 +0100
commit6238e3b56e965aeb8eaa3345af330e96714f3989 (patch)
tree1bfbcd4dce8e2aa36b1207193a284ca7bfdcae7f
parent654e5db51486c4da9941ba2c3b02b037c1918533 (diff)
parent234b43aca01ba78b9aff492591f84187ca12a664 (diff)
downloadcacert-devel-6238e3b56e965aeb8eaa3345af330e96714f3989.tar.gz
cacert-devel-6238e3b56e965aeb8eaa3345af330e96714f3989.tar.xz
cacert-devel-6238e3b56e965aeb8eaa3345af330e96714f3989.zip
Merge branch 'release' into bug-440
Conflicts: includes/account.php Signed-off-by: Michael Tänzer <neo@nhng.de>
-rwxr-xr-xCommModule/server.pl25
-rw-r--r--includes/account.php563
-rw-r--r--includes/account_stuff.php367
-rw-r--r--includes/general.php64
-rw-r--r--includes/keygen.php128
-rw-r--r--includes/lib/account.php85
-rw-r--r--includes/lib/check_weak_key.php318
-rw-r--r--includes/lib/general.php115
-rw-r--r--includes/loggedin.php47
-rw-r--r--includes/mysql.php.sample5
-rw-r--r--includes/notary.inc.php681
-rw-r--r--includes/wot.inc.php539
-rw-r--r--locale/Makefile6
-rw-r--r--locale/escape_special_chars.php80
-rw-r--r--pages/account/0.php3
-rw-r--r--pages/account/10.php17
-rw-r--r--pages/account/12.php45
-rw-r--r--pages/account/13.php82
-rw-r--r--pages/account/16.php20
-rw-r--r--pages/account/17.php122
-rw-r--r--pages/account/18.php20
-rw-r--r--pages/account/20.php14
-rw-r--r--pages/account/22.php27
-rw-r--r--pages/account/24.php6
-rw-r--r--pages/account/27.php6
-rw-r--r--pages/account/29.php4
-rw-r--r--pages/account/3.php68
-rw-r--r--pages/account/30.php1
-rw-r--r--pages/account/33.php2
-rw-r--r--pages/account/35.php117
-rw-r--r--pages/account/38.php29
-rw-r--r--pages/account/4.php175
-rw-r--r--pages/account/40.php57
-rw-r--r--pages/account/41.php10
-rw-r--r--pages/account/43.php133
-rw-r--r--pages/account/49.php16
-rw-r--r--pages/account/5.php39
-rw-r--r--pages/account/50.php6
-rw-r--r--pages/account/57.php107
-rw-r--r--pages/account/58.php61
-rw-r--r--pages/account/6.php266
-rw-r--r--pages/account/8.php4
-rw-r--r--pages/gpg/0.php10
-rw-r--r--pages/gpg/2.php24
-rw-r--r--pages/index/0.php141
-rw-r--r--pages/index/10.php13
-rw-r--r--pages/index/11.php52
-rw-r--r--pages/index/13.php18
-rw-r--r--pages/index/21.php37
-rw-r--r--pages/index/3.php59
-rw-r--r--pages/index/4.php10
-rw-r--r--pages/wot/11.php52
-rw-r--r--pages/wot/14.php47
-rw-r--r--pages/wot/15.php2
-rw-r--r--pages/wot/2.php25
-rw-r--r--pages/wot/4.php74
-rw-r--r--pages/wot/6.php189
-rw-r--r--scripts/40de-ate-hamburg-email.txt66
-rw-r--r--scripts/40de-ate-hamburg-mail.php.txt112
-rw-r--r--scripts/41de-ate-jena-email.txt33
-rw-r--r--scripts/41de-ate-jena-mail.php.txt109
-rw-r--r--scripts/42de-ate-leipzig-email.txt39
-rw-r--r--scripts/42de-ate-leipzig-mail.php.txt114
-rw-r--r--scripts/43de-ate-karlsruhe-email.txt103
-rw-r--r--scripts/43de-ate-karlsruhe-mail.php.txt155
-rw-r--r--scripts/44de-ate-duesseldorf-email.txt104
-rw-r--r--scripts/44de-ate-duesseldorf-mail.php.txt160
-rw-r--r--scripts/45au-ate-melbourne-email.txt32
-rw-r--r--scripts/45au-ate-melbourne-mail.php.txt106
-rw-r--r--scripts/46us-ate-raleigh-email.txt41
-rw-r--r--scripts/46us-ate-raleigh-mail.php.txt112
-rw-r--r--scripts/47us-fudcon-lawrence-email.txt26
-rw-r--r--scripts/47us-fudcon-lawrence-mail.php.txt109
-rw-r--r--scripts/48de-ate-kiel-email.txt68
-rw-r--r--scripts/48de-ate-kiel-mail.php.txt114
-rw-r--r--scripts/49de-lt2013-berlin-email.txt17
-rw-r--r--scripts/49de-lt2013-berlin-mail.php.txt119
-rw-r--r--scripts/50de-ate-luebeck-email.txt91
-rw-r--r--scripts/50de-ate-luebeck-mail.php.txt123
-rw-r--r--scripts/51at-ate-graz-email.txt91
-rw-r--r--scripts/51at-ate-graz-mail.php.txt126
-rw-r--r--scripts/52at-ate-wien-email.txt91
-rw-r--r--scripts/52at-ate-wien-mail.php.txt130
-rwxr-xr-xscripts/cron/permissionreview.php250
-rwxr-xr-xscripts/cron/removedead.php (renamed from scripts/removedead.php)8
-rwxr-xr-xscripts/cron/updatesort.php (renamed from scripts/updatesort.php)17
-rwxr-xr-xscripts/cron/warning.php (renamed from scripts/warning.php)57
-rwxr-xr-xscripts/db_migrations/version2.sh96
-rw-r--r--scripts/oa02-mailingtextCats.txt71
-rw-r--r--scripts/oa02-mailingtextPoints.txt79
-rw-r--r--scripts/oa02-mailingtextPointsCats.txt82
-rw-r--r--scripts/oa02-orgainformation.php.txt119
-rw-r--r--scripts/resetpermissions.php71
-rw-r--r--stamp/style.css91
-rw-r--r--www/account.php43
-rw-r--r--www/advertising.php6
-rw-r--r--www/api/ccsr.php3
-rw-r--r--www/cap.php2
-rw-r--r--www/cats/cats_import.php4
-rw-r--r--www/certs/CAcert_Root_Certificates.msibin0 -> 1593344 bytes
-rw-r--r--www/disputes.php82
-rw-r--r--www/gpg.php247
-rw-r--r--www/images/btn_paynowCC_LG.gifbin2432 -> 2410 bytes
-rw-r--r--www/images/btn_subscribeCC_LG.gifbin0 -> 2172 bytes
-rw-r--r--www/index.php43
-rw-r--r--www/keygenIE.js609
-rw-r--r--www/policy/CertificationPracticeStatement.php72
-rw-r--r--www/policy/DisputeResolutionPolicy.php407
-rw-r--r--www/policy/OrganisationAssurancePolicy.php141
-rw-r--r--www/policy/PrivacyPolicy.html4
-rw-r--r--www/sqldump.php22
-rw-r--r--www/styles/default.css448
-rw-r--r--www/wot.php240
113 files changed, 7777 insertions, 3161 deletions
diff --git a/CommModule/server.pl b/CommModule/server.pl
index eb5113a..6084042 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -502,9 +502,28 @@ sub SignX509($$$$$$$$)
{
open OUT,">$wid/extfile";
print OUT "basicConstraints = critical, CA:FALSE\n";
+ print OUT "keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement\n";
print OUT "extendedKeyUsage = clientAuth, serverAuth, nsSGC, msSGC\n";
- print OUT "keyUsage = digitalSignature, keyEncipherment\n";
print OUT "authorityInfoAccess = OCSP;URI:$OCSPUrl\n";
+
+ my $CRLUrl="";
+ if($root==0)
+ {
+ $CRLUrl="http://crl.cacert.org/revoke.crl";
+ }
+ elsif($root==1)
+ {
+ $CRLUrl="http://crl.cacert.org/class3-revoke.crl";
+ }
+ elsif($root==2)
+ {
+ $CRLUrl="http://crl.cacert.org/class3s-revoke.crl";
+ }
+ else
+ {
+ $CRLUrl="http://crl.cacert.org/root${root}.crl";
+ }
+ print OUT "crlDistributionPoints = URI:${CRLUrl}\n";
print OUT "subjectAltName = $san\n" if(length($san));
close OUT;
$extfile=" -extfile $wid/extfile ";
@@ -936,10 +955,10 @@ sub analyze($)
if($bytes[1] == 0) # NUL Request
{
SysLog "NUL Request detected.\n";
- if($fields[1])
+ if($fields[1] =~ /^\d+\.\d+$/)
{
open OUT,">timesync.sh";
- print OUT "date -u $fields[1]\n";
+ print OUT "date -u '$fields[1]'\n";
print OUT "hwclock --systohc\n";
close OUT;
}
diff --git a/includes/account.php b/includes/account.php
index c860263..08718c5 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -17,6 +17,8 @@
*/
require_once("../includes/loggedin.php");
require_once("../includes/lib/l10n.php");
+ require_once("../includes/lib/check_weak_key.php");
+ require_once("../includes/notary.inc.php");
loadem("account");
@@ -120,9 +122,7 @@ function buildSubjectFromSession() {
}
$oldid=0;
$_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
- $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ if(check_email_exists($_REQUEST['email'])==true)
{
showheader(_("My CAcert.org Account!"));
printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
@@ -174,9 +174,9 @@ function buildSubjectFromSession() {
exit;
}
$row = mysql_fetch_assoc($res);
- $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
- $body .= _("You are receiving this email because you or someone else")."\n";
- $body .= _("has changed the default email on your account.")."\n\n";
+ $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
+ $body .= _("You are receiving this email because you or someone else ".
+ "has changed the default email on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -200,8 +200,13 @@ function buildSubjectFromSession() {
$delcount = 0;
if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
{
+ $deltitle=false;
foreach($_REQUEST['delid'] as $id)
{
+ if (!$deltitle) {
+ echo _('The following email addresses have been removed:')."<br>\n";
+ $deltitle=true;
+ }
$id = intval($id);
$query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
`email`!='".$_SESSION['profile']['email']."'";
@@ -210,17 +215,7 @@ function buildSubjectFromSession() {
{
$row = mysql_fetch_assoc($res);
echo $row['email']."<br>\n";
- $query = "select `emailcerts`.`id`
- from `emaillink`,`emailcerts` where
- `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
- `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
- group by `emailcerts`.`id`";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
-
- $query = "update `email` set `deleted`=NOW() where `id`='$id'";
- mysql_query($query);
+ account_email_delete($row['id']);
$delcount++;
}
}
@@ -229,11 +224,9 @@ function buildSubjectFromSession() {
{
echo _("You did not select any email accounts for removal.");
}
- if($delcount > 0)
+ if(0 == $delcount)
{
- echo _("The following accounts have been removed:")."<br>\n";
- } else {
- echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
+ echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
}
showfooter();
@@ -242,6 +235,14 @@ function buildSubjectFromSession() {
if($process != "" && $oldid == 3)
{
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
+
if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
{
showheader(_("My CAcert.org Account!"));
@@ -290,6 +291,11 @@ function buildSubjectFromSession() {
$_REQUEST['keytype'] = "MS";
$csr = clean_csr($_REQUEST['optionalCSR']);
}
+ if(trim($_REQUEST['description']) != ""){
+ $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $_SESSION['_config']['description']= "";
+ }
}
if($oldid == 4)
@@ -366,6 +372,8 @@ function buildSubjectFromSession() {
exit;
}
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
$query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='NS',
@@ -373,7 +381,8 @@ function buildSubjectFromSession() {
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
- `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `description`='".$_SESSION['_config']['description']."'";
mysql_query($query);
$emailid = mysql_insert_id();
if(is_array($addys))
@@ -384,15 +393,15 @@ function buildSubjectFromSession() {
fputs($fp, $emails);
fclose($fp);
$challenge=$_SESSION['spkac_hash'];
- $res=`openssl spkac -verify -in $CSRname`;
- if(!strstr($res,"Challenge String: ".$challenge))
- {
- $id = $oldid;
- showheader(_("My CAcert.org Account!"));
- echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
- showfooter();
- exit;
- }
+ $res=`openssl spkac -verify -in $CSRname`;
+ if(!strstr($res,"Challenge String: ".$challenge))
+ {
+ $id = $oldid;
+ showheader(_("My CAcert.org Account!"));
+ echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
+ showfooter();
+ exit;
+ }
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
if($csr == "")
@@ -417,8 +426,8 @@ function buildSubjectFromSession() {
$csrsubject="";
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
- if(strlen($user['mname']) == 1)
- $user['mname'] .= '.';
+ if(strlen($user['mname']) == 1)
+ $user['mname'] .= '.';
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
$csrsubject = "/CN=CAcert WoT User";
if($_SESSION['_config']['incname'] == 1)
@@ -472,7 +481,9 @@ function buildSubjectFromSession() {
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."',
`codesign`='".$_SESSION['_config']['codesign']."',
- `rootcert`='".$_SESSION['_config']['rootcert']."'";
+ `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
+ `rootcert`='".$_SESSION['_config']['rootcert']."',
+ `description`='".$_SESSION['_config']['description']."'";
mysql_query($query);
$emailid = mysql_insert_id();
if(is_array($addys))
@@ -506,10 +517,10 @@ function buildSubjectFromSession() {
csrf_check("adddomain");
if(strstr($_REQUEST['newdomain'],"\x00"))
{
- showheader(_("My CAcert.org Account!"));
- echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
- showfooter();
- exit;
+ showheader(_("My CAcert.org Account!"));
+ echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
+ showfooter();
+ exit;
}
list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
@@ -671,11 +682,9 @@ function buildSubjectFromSession() {
{
$row = mysql_fetch_assoc($res);
echo $row['domain']."<br>\n";
- mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
- $dres = mysql_query("select * from `domlink` where `domid`='$id'");
- while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
+ account_domain_delete($row['id']);
}
+
}
}
else
@@ -689,11 +698,19 @@ function buildSubjectFromSession() {
if($process != "" && $oldid == 10)
{
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
+
$CSR = clean_csr($_REQUEST['CSR']);
if(strpos($CSR,"---BEGIN")===FALSE)
{
- // In case the CSR is missing the ---BEGIN lines, add them automatically:
- $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
+ // In case the CSR is missing the ---BEGIN lines, add them automatically:
+ $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
}
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
@@ -704,6 +721,12 @@ function buildSubjectFromSession() {
exit;
}
+ if(trim($_REQUEST['description']) != ""){
+ $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $_SESSION['_config']['description']= "";
+ }
+
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
@@ -772,19 +795,23 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
{
$query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
- `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
+ `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `description`='".$_SESSION['_config']['description']."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
$query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
- `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
+ `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `description`='".$_SESSION['_config']['description']."'";
} else {
showheader(_("My CAcert.org Account!"));
echo _("Domain not verified.");
@@ -865,7 +892,8 @@ function buildSubjectFromSession() {
`modified`=NOW(),
`rootcert`='".$row['rootcert']."',
`type`='".$row['type']."',
- `pkhash`='".$row['pkhash']."'";
+ `pkhash`='".$row['pkhash']."',
+ `description`='".$row['description']."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","server",$newid);
@@ -982,6 +1010,24 @@ function buildSubjectFromSession() {
exit;
}
+ if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ foreach($_REQUEST as $id => $val)
+ {
+ if(substr($id,0,14)=="check_comment_")
+ {
+ $cid = intval(substr($id,14));
+ $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+ mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
+ }
+ }
+ echo(_("Certificate settings have been changed.")."<br/>\n");
+ showfooter();
+ exit;
+ }
+
+
if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
{
showheader(_("My CAcert.org Account!"));
@@ -1020,7 +1066,8 @@ function buildSubjectFromSession() {
`modified`=NOW(),
`disablelogin`='".$row['disablelogin']."',
`codesign`='".$row['codesign']."',
- `rootcert`='".$row['rootcert']."'";
+ `rootcert`='".$row['rootcert']."',
+ `description`='".$row['description']."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","client",$newid);
@@ -1119,26 +1166,47 @@ function buildSubjectFromSession() {
if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
{
- showheader(_("My CAcert.org Account!"));
- //echo _("Now changing the settings for the following certificates:")."<br>\n";
- foreach($_REQUEST as $id => $val)
- {
- //echo $id."<br/>";
- if(substr($id,0,5)=="cert_")
- {
- $id = intval(substr($id,5));
- $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
- //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
- mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
- //$row = mysql_fetch_assoc($res);
- }
- }
- echo(_("Certificate settings have been changed.")."<br/>\n");
- showfooter();
- exit;
+ showheader(_("My CAcert.org Account!"));
+ foreach($_REQUEST as $id => $val)
+ {
+ if(substr($id,0,5)=="cert_")
+ {
+ $cid = intval(substr($id,5));
+ $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
+ mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+ }
+ if(substr($id,0,14)=="check_comment_")
+ {
+ $cid = intval(substr($id,14));
+ if(!empty($_REQUEST['check_comment_'.$cid])) {
+ $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+ mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+ }
+ }
+ }
+ echo(_("Certificate settings have been changed.")."<br/>\n");
+ showfooter();
+ exit;
}
+ if($oldid == 6 && $_REQUEST['certid'] != "")
+ {
+ if(trim($_REQUEST['description']) != ""){
+ $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $description= "";
+ }
+
+ if(trim($_REQUEST['disablelogin']) == "1"){
+ $disablelogin = 1;
+ }else{
+ $disablelogin = 0;
+ }
+
+ mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
+ }
+
if($oldid == 13 && $process != "")
{
csrf_check("perschange");
@@ -1155,42 +1223,42 @@ function buildSubjectFromSession() {
$_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
$_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
- if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
- $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
- $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
- $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
- $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
- $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
- $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
- $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
- $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
- $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
- {
- $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
- $id = $oldid;
+ if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
+ $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
+ $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
+ $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
+ $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
+ $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
+ $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
+ $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
+ $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
+ $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
+ {
+ $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
+ $id = $oldid;
$oldid=0;
- }
+ }
if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
$_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
@@ -1333,9 +1401,9 @@ function buildSubjectFromSession() {
where `id`='".$_SESSION['profile']['id']."'");
echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
- $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
- $body .= _("You are receiving this email because you or someone else")."\n";
- $body .= _("has changed the password on your account.")."\n";
+ $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
+ $body .= _("You are receiving this email because you or someone else ".
+ "has changed the password on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -1373,6 +1441,13 @@ function buildSubjectFromSession() {
}
$_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
$_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
+
+
+ if(trim($_REQUEST['description']) != ""){
+ $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $_SESSION['_config']['description']= "";
+ }
}
if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
@@ -1401,6 +1476,12 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+ if(trim($_REQUEST['description']) != ""){
+ $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $_SESSION['_config']['description']= "";
+ }
+
if(@count($_SESSION['_config']['emails']) > 0)
$id = 17;
}
@@ -1447,6 +1528,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+
$emails .= "SPKAC = $spkac";
if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
{
@@ -1463,7 +1545,8 @@ function buildSubjectFromSession() {
`orgid`='".$org['orgid']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".$_SESSION['_config']['codesign']."',
- `rootcert`='".$_SESSION['_config']['rootcert']."'";
+ `rootcert`='".$_SESSION['_config']['rootcert']."',
+ `description`='".$_SESSION['_config']['description']."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1475,15 +1558,15 @@ function buildSubjectFromSession() {
fputs($fp, $emails);
fclose($fp);
$challenge=$_SESSION['spkac_hash'];
- $res=`openssl spkac -verify -in $CSRname`;
- if(!strstr($res,"Challenge String: ".$challenge))
- {
- $id = $oldid;
- showheader(_("My CAcert.org Account!"));
- echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
- showfooter();
- exit;
- }
+ $res=`openssl spkac -verify -in $CSRname`;
+ if(!strstr($res,"Challenge String: ".$challenge))
+ {
+ $id = $oldid;
+ showheader(_("My CAcert.org Account!"));
+ echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
+ showfooter();
+ exit;
+ }
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
@@ -1553,7 +1636,8 @@ function buildSubjectFromSession() {
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='$csrsubject',
`codesign`='".$_SESSION['_config']['codesign']."',
- `rootcert`='".$_SESSION['_config']['rootcert']."'";
+ `rootcert`='".$_SESSION['_config']['rootcert']."',
+ `description`='".$_SESSION['_config']['description']."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1628,7 +1712,8 @@ function buildSubjectFromSession() {
`created`='".$row['created']."',
`modified`=NOW(),
`codesign`='".$row['codesign']."',
- `rootcert`='".$row['rootcert']."'";
+ `rootcert`='".$row['rootcert']."',
+ `description`='".$row['description']."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","orgclient",$newid);
@@ -1720,6 +1805,24 @@ function buildSubjectFromSession() {
exit;
}
+ if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ foreach($_REQUEST as $id => $val)
+ {
+ if(substr($id,0,14)=="check_comment_")
+ {
+ $cid = intval(substr($id,14));
+ $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+ mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
+ }
+ }
+ echo(_("Certificate settings have been changed.")."<br/>\n");
+ showfooter();
+ exit;
+ }
+
+
if($process != "" && $oldid == 20)
{
$CSR = clean_csr($_REQUEST['CSR']);
@@ -1733,6 +1836,12 @@ function buildSubjectFromSession() {
exit;
}
+ if(trim($_REQUEST['description']) != ""){
+ $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }else{
+ $_SESSION['_config']['description']= "";
+ }
+
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
@@ -1808,8 +1917,8 @@ function buildSubjectFromSession() {
exit;
}
- if($_SESSION['_config']['rowid']['0'] > 0)
- {
+ if($_SESSION['_config']['rowid']['0'] > 0)
+ {
$query = "select * from `org`,`orginfo` where
`orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
`orginfo`.`id`=`org`.`orgid` and
@@ -1843,25 +1952,27 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
- if($_SESSION['_config']['rowid']['0'] > 0)
- {
- $query = "insert into `orgdomaincerts` set
- `CN`='".$_SESSION['_config']['rows']['0']."',
- `orgid`='".$org['id']."',
- `created`=NOW(),
- `subject`='$csrsubject',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `type`='$type'";
- } else {
- $query = "insert into `orgdomaincerts` set
- `CN`='".$_SESSION['_config']['altrows']['0']."',
- `orgid`='".$org['id']."',
- `created`=NOW(),
- `subject`='$csrsubject',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `type`='$type'";
- }
- mysql_query($query);
+ if($_SESSION['_config']['rowid']['0'] > 0)
+ {
+ $query = "insert into `orgdomaincerts` set
+ `CN`='".$_SESSION['_config']['rows']['0']."',
+ `orgid`='".$org['id']."',
+ `created`=NOW(),
+ `subject`='$csrsubject',
+ `rootcert`='".$_SESSION['_config']['rootcert']."',
+ `type`='$type',
+ `description`='".$_SESSION['_config']['description']."'";
+ } else {
+ $query = "insert into `orgdomaincerts` set
+ `CN`='".$_SESSION['_config']['altrows']['0']."',
+ `orgid`='".$org['id']."',
+ `created`=NOW(),
+ `subject`='$csrsubject',
+ `rootcert`='".$_SESSION['_config']['rootcert']."',
+ `type`='$type',
+ `description`='".$_SESSION['_config']['description']."'";
+ }
+ mysql_query($query);
$CSRid = mysql_insert_id();
$CSRname=generatecertpath("csr","orgserver",$CSRid);
@@ -1935,7 +2046,8 @@ function buildSubjectFromSession() {
`modified`=NOW(),
`subject`='".$row['subject']."',
`type`='".$row['type']."',
- `rootcert`='".$row['rootcert']."'";
+ `rootcert`='".$row['rootcert']."',
+ `description`='".$row['description']."'";
mysql_query($query);
$newid = mysql_insert_id();
//echo "NewID: $newid<br/>\n";
@@ -2036,6 +2148,24 @@ function buildSubjectFromSession() {
exit;
}
+ if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ foreach($_REQUEST as $id => $val)
+ {
+ if(substr($id,0,14)=="check_comment_")
+ {
+ $cid = intval(substr($id,14));
+ $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+ mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
+ }
+ }
+ echo(_("Certificate settings have been changed.")."<br/>\n");
+ showfooter();
+ exit;
+ }
+
+
if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
$id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
$id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
@@ -2133,9 +2263,9 @@ function buildSubjectFromSession() {
if($oldid == 29 && $process != "")
{
- $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
+ $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
- $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
+ $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
{
@@ -2145,12 +2275,12 @@ function buildSubjectFromSession() {
}
}
- if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
+ if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
{
$query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
- `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+ `orgdomains`.`id`='".intval($domid)."'";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
@@ -2158,7 +2288,7 @@ function buildSubjectFromSession() {
$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
`orgemaillink`.`domid`=`orgdomains`.`id` and
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
- `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+ `orgdomains`.`id`='".intval($domid)."'";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
@@ -2166,23 +2296,23 @@ function buildSubjectFromSession() {
if($oldid == 29 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
- mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
+ $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
+ mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
- echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+ echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
showfooter();
exit;
}
if($oldid == 30 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
+ $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
$domain = $row['domain'];
- mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
+ mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
- echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+ echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
showfooter();
exit;
}
@@ -2234,8 +2364,7 @@ function buildSubjectFromSession() {
$orgid = 0;
}
- if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
- $id == 35 || $oldid == 35)
+ if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
{
$query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
$_macc = mysql_num_rows(mysql_query($query));
@@ -2248,6 +2377,19 @@ function buildSubjectFromSession() {
}
}
+ if($id == 35 || $oldid == 35)
+ {
+ $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
+ $is_orguser = mysql_num_rows(mysql_query($query));
+ if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You don't have access to this area.");
+ showfooter();
+ exit;
+ }
+ }
+
if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
{
$orgid = intval($_SESSION['_config']['orgid']);
@@ -2277,8 +2419,21 @@ function buildSubjectFromSession() {
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
} else {
$row = mysql_fetch_assoc($res);
- mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
- `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
+ if ( !is_assurer(intval($row['id'])) )
+ {
+ $id = $oldid;
+ $oldid=0;
+ $_SESSION['_config']['errmsg'] =
+ _("The user is not an Assurer yet");
+ } else {
+ mysql_query(
+ "insert into `org`
+ set `memid`='".intval($row['id'])."',
+ `orgid`='".intval($_SESSION['_config']['orgid'])."',
+ `masteracc`='$masteracc',
+ `OU`='$OU',
+ `comments`='$comments'");
+ }
}
}
@@ -2402,7 +2557,7 @@ function buildSubjectFromSession() {
}
if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
- ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
+ ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
$_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
{
$id = 53;
@@ -2412,7 +2567,7 @@ function buildSubjectFromSession() {
$locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
$name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
$long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
- $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
+ $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
$action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
if($locid > 0 && $action == "edit")
@@ -2520,6 +2675,13 @@ function buildSubjectFromSession() {
mysql_query($query);
}
+ if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+ {
+ $userid = intval($_REQUEST['userid']);
+ revoke_all_private_cert($userid);
+ $id=43;
+ }
+
if($oldid == 48 && $_REQUEST['domain'] == "")
{
$id = $oldid;
@@ -2554,9 +2716,10 @@ function buildSubjectFromSession() {
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email']));
- $body = sprintf(_("Hi %s,"),$row['fname'])."\n";
- $body .= _("You are receiving this email because a CAcert administrator")."\n";
- $body .= _("has changed the password on your account.")."\n";
+
+ $body = sprintf(_("Hi %s,"),$row['fname'])."\n\n";
+ $body .= _("You are receiving this email because a CAcert administrator ".
+ "has changed the password on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -2669,24 +2832,24 @@ function buildSubjectFromSession() {
mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
}
- if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0)
- {
- csrf_check('admsetassuret');
- $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']);
- $query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
- $ver = !$row['assurer'];
- mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
- }
-
- if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0)
- {
- $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
- $query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
- $ver = !$row['assurer_blocked'];
- mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
- }
+ if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0)
+ {
+ csrf_check('admsetassuret');
+ $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']);
+ $query = "select * from `users` where `id`='$memid'";
+ $row = mysql_fetch_assoc(mysql_query($query));
+ $ver = !$row['assurer'];
+ mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
+ }
+
+ if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0)
+ {
+ $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
+ $query = "select * from `users` where `id`='$memid'";
+ $row = mysql_fetch_assoc(mysql_query($query));
+ $ver = !$row['assurer_blocked'];
+ mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
+ }
if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0)
{
@@ -2815,23 +2978,39 @@ function buildSubjectFromSession() {
if($oldid == 50 && $process != "")
{
$_REQUEST['userid'] = intval($_REQUEST['userid']);
- $res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'");
- if(mysql_num_rows($res) > 0)
- {
- $query = "update `domaincerts`,`domains` SET `domaincerts`.`revoked`='1970-01-01 10:00:01'
- WHERE `domaincerts`.`domid` = `domains`.`id` AND `domains`.`memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `domains` SET `deleted`=NOW() WHERE `domains`.`memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `emailcerts` SET `revoked`='1970-01-01 10:00:01' WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `email` SET `deleted`=NOW() WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "delete from `org` WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `users` SET `deleted`=NOW() WHERE `id`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
+ if (trim($_REQUEST['arbitrationno'])==""){
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not enter an arbitration number entry.");
+ showfooter();
+ exit;
+ }
+ if ( 1 !== preg_match('/^[a-z]\d{8}\.\d+\.\d+$/i',trim($_REQUEST['arbitrationno'])) ) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("'%s' is not a valid arbitration number entry."), sanitizeHTML(trim($_REQUEST['arbitrationno'])));
+ showfooter();
+ exit;
+ }
+ if (check_email_exists(trim($_REQUEST['arbitrationno']).'@cacert.org')) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['arbitrationno'].'@cacert.org'));
+ showfooter();
+ exit;
+ }
+ if (check_client_cert_running($_REQUEST['userid'],1) ||
+ check_server_cert_running($_REQUEST['userid'],1) ||
+ check_gpg_cert_running($_REQUEST['userid'],1)) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The CCA retention time for at least one certificate is not over. Can't continue."));
+ showfooter();
+ exit;
+ }
+ if (check_is_orgadmin($_REQUEST['userid'],1)) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The user is listed as Organisation Administrator. Can't continue."));
+ showfooter();
+ exit;
}
+ account_delete($_REQUEST['userid'], trim($_REQUEST['arbitrationno']), $_SESSION['profile']['id']);
}
if(($id == 51 || $id == 52 || $oldid == 52) && $_SESSION['profile']['tverify'] <= 0)
@@ -2954,6 +3133,4 @@ function buildSubjectFromSession() {
$_SESSION['_config']['orgid'] = intval($orgid);
if(intval($memid) > 0)
$_SESSION['_config']['memid'] = intval($memid);
- if(intval($domid) > 0)
- $_SESSION['_config']['domid'] = intval($domid);
?>
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index 108bd57..dbebf6a 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -172,7 +172,7 @@ function hideall() {
</div>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3>
- <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
+ <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("View/Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897)
echo "<li><a href='sqldump.php'>SQL Dump</a></li>";
?></ul>
@@ -209,7 +209,7 @@ function hideall() {
<ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
</div>
<? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
<ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
@@ -262,6 +262,7 @@ function hideall() {
<ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?=_("New Ad")?></a></li><li><a href="advertising.php?id=0"><?=_("View Ads")?></a></li></ul>
</div>
<? } ?>
+ <? include("about_menu.php"); ?>
</div>
<div id="content">
<div class="story">
@@ -280,365 +281,7 @@ function hideall() {
<div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
<a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> | <a href="account.php?id=40"><?=_("Contact Us")?></a>
| &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
-</div>
-</body>
+</div>
+</body>
</html><?
}
-
- /**
- * Produces a log entry with the error message with log level E_USER_WARN
- * and a random ID an returns a message that can be displayed to the user
- * including the generated ID
- *
- * @param $errormessage string
- * The error message that should be logged
- * @return string containing the generated ID that can be displayed to the
- * user
- */
- function failWithId($errormessage) {
- $errorId = rand();
- trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
- return sprintf(_("Something went wrong when processing your request. ".
- "Please contact %s for help and provide them with the ".
- "following ID: %d"),
- "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
- "ID%3A%20$errorId'>support@cacert.org</a>",
- $errorId);
- }
-
- /**
- * Checks whether the given CSR contains a vulnerable key
- *
- * @param $csr string
- * The CSR to be checked
- * @param $encoding string [optional]
- * The encoding the CSR is in (for the "-inform" parameter of OpenSSL,
- * currently only "PEM" (default) or "DER" allowed)
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyCSR($csr, $encoding = "PEM")
- {
- // non-PEM-encodings may be binary so don't use echo
- $descriptorspec = array(
- 0 => array("pipe", "r"), // STDIN for child
- 1 => array("pipe", "w"), // STDOUT for child
- );
- $encoding = escapeshellarg($encoding);
- $proc = proc_open("openssl req -inform $encoding -text -noout",
- $descriptorspec, $pipes);
-
- if (is_resource($proc))
- {
- fwrite($pipes[0], $csr);
- fclose($pipes[0]);
-
- $csrText = "";
- while (!feof($pipes[1]))
- {
- $csrText .= fread($pipes[1], 8192);
- }
- fclose($pipes[1]);
-
- if (($status = proc_close($proc)) !== 0 || $csrText === "")
- {
- return _("I didn't receive a valid Certificate Request, hit ".
- "the back button and try again.");
- }
- } else {
- return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
- }
-
-
- return checkWeakKeyText($csrText);
- }
-
- /**
- * Checks whether the given X509 certificate contains a vulnerable key
- *
- * @param $cert string
- * The X509 certificate to be checked
- * @param $encoding string [optional]
- * The encoding the certificate is in (for the "-inform" parameter of
- * OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyX509($cert, $encoding = "PEM")
- {
- // non-PEM-encodings may be binary so don't use echo
- $descriptorspec = array(
- 0 => array("pipe", "r"), // STDIN for child
- 1 => array("pipe", "w"), // STDOUT for child
- );
- $encoding = escapeshellarg($encoding);
- $proc = proc_open("openssl x509 -inform $encoding -text -noout",
- $descriptorspec, $pipes);
-
- if (is_resource($proc))
- {
- fwrite($pipes[0], $cert);
- fclose($pipes[0]);
-
- $certText = "";
- while (!feof($pipes[1]))
- {
- $certText .= fread($pipes[1], 8192);
- }
- fclose($pipes[1]);
-
- if (($status = proc_close($proc)) !== 0 || $certText === "")
- {
- return _("I didn't receive a valid Certificate Request, hit ".
- "the back button and try again.");
- }
- } else {
- return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
- }
-
-
- return checkWeakKeyText($certText);
- }
-
- /**
- * Checks whether the given SPKAC contains a vulnerable key
- *
- * @param $spkac string
- * The SPKAC to be checked
- * @param $spkacname string [optional]
- * The name of the variable that contains the SPKAC. The default is
- * "SPKAC"
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
- {
- /* Check for the debian OpenSSL vulnerability */
-
- $spkac = escapeshellarg($spkac);
- $spkacname = escapeshellarg($spkacname);
- $spkacText = `echo $spkac | openssl spkac -spkac $spkacname`;
- if ($spkacText === null) {
- return _("I didn't receive a valid Certificate Request, hit the ".
- "back button and try again.");
- }
-
- return checkWeakKeyText($spkacText);
- }
-
- /**
- * Checks whether the given text representation of a CSR or a SPKAC contains
- * a weak key
- *
- * @param $text string
- * The text representation of a key as output by the
- * "openssl <foo> -text -noout" commands
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyText($text)
- {
- /* Which public key algorithm? */
- if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
- $algorithm))
- {
- return failWithId("checkWeakKeyText(): Couldn't extract the ".
- "public key algorithm used");
- } else {
- $algorithm = $algorithm[1];
- }
-
-
- if ($algorithm === "rsaEncryption")
- {
- if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
- $keysize))
- {
- return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
- "key size");
- } else {
- $keysize = intval($keysize[1]);
- }
-
- if ($keysize < 1024)
- {
- return sprintf(_("The keys that you use are very small ".
- "and therefore insecure. Please generate stronger ".
- "keys. More information about this issue can be ".
- "found in %sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
- "</a>");
- } elseif ($keysize < 2048) {
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for small ".
- "key (< 2048 bit) requested", E_USER_NOTICE);
- }
-
-
- $debianVuln = checkDebianVulnerability($text, $keysize);
- if ($debianVuln === true)
- {
- return sprintf(_("The keys you use have very likely been ".
- "generated with a vulnerable version of OpenSSL which ".
- "was distributed by debian. Please generate new keys. ".
- "More information about this issue can be found in ".
- "%sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#DebianVulnerability'>",
- "</a>");
- } elseif ($debianVuln === false) {
- // not vulnerable => do nothing
- } else {
- return failWithId("checkWeakKeyText(): Something went wrong in".
- "checkDebianVulnerability()");
- }
-
- if (!preg_match('/^\s*Exponent: (\d+) \(0x[0-9a-fA-F]+\)$/m', $text,
- $exponent))
- {
- return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
- "exponent");
- } else {
- $exponent = $exponent[1]; // exponent might be very big =>
- //handle as string using bc*()
-
- if (bccomp($exponent, "3") === 0)
- {
- return sprintf(_("The keys you use might be insecure. ".
- "Although there is currently no known attack for ".
- "reasonable encryption schemes, we're being ".
- "cautious and don't allow certificates for such ".
- "keys. Please generate stronger keys. More ".
- "information about this issue can be found in ".
- "%sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#SmallExponent'>",
- "</a>");
- } elseif (!(bccomp($exponent, "65537") >= 0 &&
- (bccomp($exponent, "100000") === -1 ||
- // speed things up if way smaller than 2^256
- bccomp($exponent, bcpow("2", "256")) === -1) )) {
- // 65537 <= exponent < 2^256 recommended by NIST
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for ".
- "unsuitable exponent '$exponent' requested",
- E_USER_NOTICE);
- }
- }
- }
-
- /* No weakness found */
- return "";
- }
-
- /**
- * Reimplement the functionality of the openssl-vulnkey tool
- *
- * @param $text string
- * The text representation of a key as output by the
- * "openssl <foo> -text -noout" commands
- * @param $keysize int [optional]
- * If the key size is already known it can be provided so it doesn't
- * have to be parsed again. This also skips the check whether the key
- * is an RSA key => use wisely
- * @return TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
- */
- function checkDebianVulnerability($text, $keysize = 0)
- {
- $keysize = intval($keysize);
-
- if ($keysize === 0)
- {
- /* Which public key algorithm? */
- if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
- $algorithm))
- {
- trigger_error("checkDebianVulnerability(): Couldn't extract ".
- "the public key algorithm used", E_USER_WARNING);
- return null;
- } else {
- $algorithm = $algorithm[1];
- }
-
- if ($algorithm !== "rsaEncryption") return false;
-
- /* Extract public key size */
- if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
- $keysize))
- {
- trigger_error("checkDebianVulnerability(): Couldn't parse the ".
- "RSA key size", E_USER_WARNING);
- return null;
- } else {
- $keysize = intval($keysize[1]);
- }
- }
-
- // $keysize has been made sure to contain an int
- $blacklist = "/usr/share/openssl-blacklist/blacklist.RSA-$keysize";
- if (!(is_file($blacklist) && is_readable($blacklist)))
- {
- if (in_array($keysize, array(512, 1024, 2048, 4096)))
- {
- trigger_error("checkDebianVulnerability(): Blacklist for ".
- "$keysize bit keys not accessible. Expected at ".
- "$blacklist", E_USER_ERROR);
- return null;
- }
-
- trigger_error("checkDebianVulnerability(): $blacklist is not ".
- "readable. Unsupported key size?", E_USER_WARNING);
- return false;
- }
-
-
- /* Extract RSA modulus */
- if (!preg_match('/^\s*Modulus \(\d+ bit\):\n'.
- '((?:\s*[0-9a-f][0-9a-f]:(?:\n)?)+[0-9a-f][0-9a-f])$/m',
- $text, $modulus))
- {
- trigger_error("checkDebianVulnerability(): Couldn't extract the ".
- "RSA modulus", E_USER_WARNING);
- return null;
- } else {
- $modulus = $modulus[1];
- // strip whitespace and colon leftovers
- $modulus = str_replace(array(" ", "\t", "\n", ":"), "", $modulus);
-
- // when using "openssl xxx -text" first byte was 00 in all my test
- // cases but 00 not present in the "openssl xxx -modulus" output
- if ($modulus[0] === "0" && $modulus[1] === "0")
- {
- $modulus = substr($modulus, 2);
- } else {
- trigger_error("checkDebianVulnerability(): First byte is not ".
- "zero", E_USER_NOTICE);
- }
-
- $modulus = strtoupper($modulus);
- }
-
-
- /* calculate checksum and look it up in the blacklist */
- $checksum = substr(sha1("Modulus=$modulus\n"), 20);
-
- // $checksum and $blacklist should be safe, but just to make sure
- $checksum = escapeshellarg($checksum);
- $blacklist = escapeshellarg($blacklist);
- exec("grep $checksum $blacklist", $dummy, $debianVuln);
- if ($debianVuln === 0) // grep returned something => it is on the list
- {
- return true;
- } elseif ($debianVuln === 1) { // grep returned nothing
- return false;
- } else {
- trigger_error("checkDebianVulnerability(): Something went wrong ".
- "when looking up the key with checksum $checksum in the ".
- "blacklist $blacklist", E_USER_ERROR);
- return null;
- }
-
- // Should not get here
- return null;
- }
-?>
diff --git a/includes/general.php b/includes/general.php
index 4919c84..d89c0e6 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -15,13 +15,16 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+ require_once(dirname(__FILE__)."/lib/general.php");
+
session_name("cacert");
session_start();
- session_register("_config");
- session_register("profile");
- session_register("signup");
- session_register("lostpw");
+// session_register("_config");
+// session_register("profile");
+// session_register("signup");
+// session_register("lostpw");
// if($_SESSION['profile']['id'] > 0)
// session_regenerate_id();
@@ -215,7 +218,8 @@
//echo "Points due to name matches: $points<br/>";
- $do = `grep '$pwd' /usr/share/dict/american-english`;
+ $shellpwd = escapeshellarg($pwd);
+ $do = `grep $shellpwd /usr/share/dict/american-english`;
if($do)
$points--;
@@ -487,10 +491,6 @@
return(0);
}
- if($points >= 300)
- return(200);
- if($points >= 200)
- return(150);
if($points >= 150)
return(35);
if($points >= 140)
@@ -536,17 +536,22 @@
$myemail = mysql_real_escape_string($email);
if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email))
{
- list($username,$domain)=split('@',$email);
+ list($username,$domain)=explode('@',$email,2);
$dom = escapeshellarg($domain);
$line = trim(`dig +short MX $dom 2>&1`);
#echo $email."-$dom-$line-\n";
#echo `dig +short mx heise.de 2>&1`."-<br>\n";
$list = explode("\n", $line);
- foreach($list as $row)
- list($pri, $mxhosts[]) = explode(" ", substr(trim($row), 0, -1));
+ foreach($list as $row) {
+ if(!strstr($row, " ")) {
+ continue;
+ }
+ list($pri, $mxhosts[]) = explode(" ", trim($row), 2);
+ }
$mxhosts[] = $domain;
-#print_r($mxhosts); die;
+ array_walk($mxhosts, function(&$mx) { $mx = trim($mx, '.'); } );
+
foreach($mxhosts as $key => $domain)
{
$fp = @fsockopen($domain,25,$errno,$errstr,5);
@@ -728,37 +733,7 @@
return($text);
}
- // returns 0 if $userID is an Assurer
- // Otherwise :
- // Bit 0 is always set
- // Bit 1 is set if 100 Assurance Points are not reached
- // Bit 2 is set if Assurer Test is missing
- // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
- function get_assurer_status($userID)
- {
- $Result = 0;
- $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
- ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
- if(mysql_num_rows($query) < 1)
- {
- $Result |= 5;
- }
-
- $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
- $row = mysql_fetch_assoc($query);
- if ($row['points'] < 100) {
- $Result |= 3;
- }
-
- $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
- $row = mysql_fetch_assoc($query);
- if ($row['assurer_blocked'] > 0) {
- $Result |= 9;
- }
-
- return $Result;
- }
-
+
// returns text message to be shown to the user given the result of is_no_assurer
function no_assurer_text($Status)
{
@@ -827,4 +802,5 @@
return $res;
}
+
?>
diff --git a/includes/keygen.php b/includes/keygen.php
new file mode 100644
index 0000000..2713a81
--- /dev/null
+++ b/includes/keygen.php
@@ -0,0 +1,128 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
+
+ <noscript>
+ <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
+ <p><?=_('If you don\'t want to do that for any reason, you can use '.
+ 'manually created certificate requests instead.')?></p>
+ </noscript>
+
+ <div id="noActiveX" style="color:red">
+ <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
+ <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
+ 'later versions you have to add this website to the list of trusted sites '.
+ 'in the internet settings.')?></p>
+ <p><?php
+ printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
+ 'Websites", click on "Custom Level", set "ActiveX control '.
+ 'elements that are not marked as safe initialized on start in '.
+ 'scripts" to "Confirm" and click "OK". Now click "Sites", add '.
+ '"%s" and "%s" to your list of trusted sites and make the '.
+ 'changes come into effect by clicking "Close" and "OK".'),
+ 'https://'.$_SESSION['_config']['normalhostname'],
+ 'https://'.$_SESSION['_config']['securehostname'])?>
+ </p>
+ </div>
+
+ <form method="post" style="display:none" action="account.php"
+ id="CertReqForm">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>" />
+ <input type="hidden" id="CSR" name="CSR" />
+ <input type="hidden" name="keytype" value="MS" />
+
+ <p><?=_('Security level')?>:
+ <select id="SecurityLevel">
+ <option value="high" selected="selected"><?=_('High')?></option>
+ <option value="medium"><?=_('Medium')?></option>
+ <option value="custom"><?=_('Custom')?>&hellip;</option>
+ </select>
+ </p>
+
+ <fieldset id="customSettings" style="display:none">
+ <legend><?=_('Custom Parameters')?></legend>
+
+ <p><?=_('Cryptography Provider')?>:
+ <select id="CspProvider"></select>
+ </p>
+ <p><?=_('Algorithm')?>: <select id="algorithm"></select></p>
+ <p><?=_('Keysize')?>:
+ <input id="keySize" type="number" />
+ <?=_('Minimum Size')?>: <span id="keySizeMin"></span>,
+ <?=_('Maximum Size')?>: <span id="keySizeMax"></span>,
+ <?php
+ // TRANSLATORS: this specifies the step between two valid key
+ // sizes. E.g. if the step is 512 and the minimum is 1024 and
+ // the maximum is 2048, then only 1024, 1536 and 2048 bits may
+ // be specified as key size.
+ echo _('Step')?>: <span id="keySizeStep"></span></p>
+ <p style="color:red"><?php
+ printf(_('Please note that RSA key sizes smaller than %d bit '.
+ 'will not be accepted by CAcert.'),
+ 2048)?>
+ </p>
+ </fieldset>
+
+ <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
+ <p id="generatingKeyNotice" style="display:none">
+ <?=_('Generating your key. Please wait')?>&hellip;</p>
+ </form>
+
+ <!-- Error messages used in the JavaScript. Defined here so they can be
+ translated without passing the JavaScript code through PHP -->
+ <p id="createRequestErrorChooseAlgorithm" style="display:none">
+ <?=_('Could not generate certificate request. Probably you need to '.
+ 'choose a different algorithm.')?>
+ </p>
+ <p id="createRequestErrorConfirmDialogue" style="display:none">
+ <?=_('Could not generate certificate request. Please confirm the '.
+ 'dialogue if you are asked if you want to generate the key.')?>
+ </p>
+ <p id="createRequestErrorConnectDevice" style="display:none">
+ <?=_('Could not generate certificate request. Please make sure the '.
+ 'cryptography device (e.g. the smartcard) is connected.')?>
+ </p>
+ <p id="createRequestError" style="display:none">
+ <?=_('Could not generate certificate request.')?>
+ </p>
+ <p id="invalidKeySizeError" style="display:none">
+ <?=_('You have specified an invalid key size')?>
+ </p>
+ <p id="unsupportedPlatformError" style="display:none">
+ <?=_('Could not initialize the cryptographic module for your '.
+ 'platform. Currently we support Microsoft Windows XP, Vista '.
+ 'and 7. If you\'re using one of these platforms and see this '.
+ 'error message anyway you might have to enable ActiveX as '.
+ 'described in the red explanation text and accept loading of '.
+ 'the module.')?>
+ </p>
+
+ <script type="text/javascript" src="keygenIE.js"></script>
+
+<? } else { ?>
+ <p>
+ <form method="post" action="account.php">
+ <input type="hidden" name="keytype" value="NS">
+ <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
+
+ <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ </form>
+ </p>
+<? }
diff --git a/includes/lib/account.php b/includes/lib/account.php
index f7a24fa..e311668 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -17,32 +17,79 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-function fix_assurer_flag($userID)
+/**
+ * Function to recalculate the cached Assurer status
+ *
+ * @param int $userID
+ * if the user ID is not given the flag will be recalculated for all users
+ *
+ * @return bool
+ * false if there was an error on fixing the flag. This does NOT return the
+ * new value of the flag
+ */
+function fix_assurer_flag($userID = NULL)
{
- // Update Assurer-Flag on users table if 100 points.
- // Should the number of points be SUM(points) or SUM(awarded)?
- $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE '.
- '`u`.`id` = \''.(int)intval($userID).'\' AND '.
- 'EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
- 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
- '`cp`.`user_id` = `u`.`id`) AND '.
- '(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` '.
- 'AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100');
- // Challenge has been passed and non-expired points >= 100
+ // Update Assurer-Flag on users table if 100 points and CATS passed.
+ //
+ // We may have some performance issues here if no userID is given
+ // there are ~150k assurances and ~220k users currently
+ // but the exists-clause on cats_passed should be a good filter
+ $sql = '
+ UPDATE `users` AS `u` SET `assurer` = 1
+ WHERE '.(
+ ($userID === NULL) ?
+ '`u`.`assurer` = 0' :
+ '`u`.`id` = \''.intval($userID).'\''
+ ).'
+ AND EXISTS(
+ SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv`
+ WHERE `cp`.`variant_id` = `cv`.`id`
+ AND `cv`.`type_id` = 1
+ AND `cp`.`user_id` = `u`.`id`
+ )
+ AND (
+ SELECT SUM(`points`) FROM `notary` AS `n`
+ WHERE `n`.`to` = `u`.`id`
+ AND (`n`.`expire` > now()
+ OR `n`.`expire` IS NULL)
+ ) >= 100';
+ $query = mysql_query($sql);
if (!$query) {
return false;
}
-
+ // Challenge has been passed and non-expired points >= 100
+
// Reset flag if requirements are not met
- $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE '.
- '`u`.`id` = \''.(int)intval($userID).'\' AND '.
- '(NOT EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS '.
- '`cv` WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 '.
- 'AND `cp`.`user_id` = `u`.`id`) OR '.
- '(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` '.
- 'AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)');
+ //
+ // Also a bit performance critical but assurer flag is only set on
+ // ~5k accounts
+ $sql = '
+ UPDATE `users` AS `u` SET `assurer` = 0
+ WHERE '.(
+ ($userID === NULL) ?
+ '`u`.`assurer` <> 0' :
+ '`u`.`id` = \''.intval($userID).'\''
+ ).'
+ AND (
+ NOT EXISTS(
+ SELECT 1 FROM `cats_passed` AS `cp`,
+ `cats_variant` AS `cv`
+ WHERE `cp`.`variant_id` = `cv`.`id`
+ AND `cv`.`type_id` = 1
+ AND `cp`.`user_id` = `u`.`id`
+ )
+ OR (
+ SELECT SUM(`points`) FROM `notary` AS `n`
+ WHERE `n`.`to` = `u`.`id`
+ AND (
+ `n`.`expire` > now()
+ OR `n`.`expire` IS NULL
+ )
+ ) < 100
+ )';
+ $query = mysql_query($sql);
if (!$query) {
return false;
}
diff --git a/includes/lib/check_weak_key.php b/includes/lib/check_weak_key.php
new file mode 100644
index 0000000..217b885
--- /dev/null
+++ b/includes/lib/check_weak_key.php
@@ -0,0 +1,318 @@
+<?php /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+// failWithId()
+require_once 'general.php';
+
+
+/**
+* Checks whether the given CSR contains a vulnerable key
+*
+* @param $csr string
+* The CSR to be checked
+* @param $encoding string [optional]
+* The encoding the CSR is in (for the "-inform" parameter of OpenSSL,
+* currently only "PEM" (default) or "DER" allowed)
+* @return string containing the reason if the key is considered weak,
+* empty string otherwise
+*/
+function checkWeakKeyCSR($csr, $encoding = "PEM")
+{
+ $encoding = escapeshellarg($encoding);
+ $status = runCommand("openssl req -inform $encoding -text -noout",
+ $csr, $csrText);
+ if ($status === true) {
+ return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $csrText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit ".
+ "the back button and try again.");
+ }
+
+ return checkWeakKeyText($csrText);
+}
+
+/**
+ * Checks whether the given X509 certificate contains a vulnerable key
+ *
+ * @param $cert string
+ * The X509 certificate to be checked
+ * @param $encoding string [optional]
+ * The encoding the certificate is in (for the "-inform" parameter of
+ * OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeyX509($cert, $encoding = "PEM")
+{
+ $encoding = escapeshellarg($encoding);
+ $status = runCommand("openssl x509 -inform $encoding -text -noout",
+ $cert, $certText);
+ if ($status === true) {
+ return failWithId("checkWeakKeyX509(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $certText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit ".
+ "the back button and try again.");
+ }
+
+ return checkWeakKeyText($certText);
+}
+
+/**
+ * Checks whether the given SPKAC contains a vulnerable key
+ *
+ * @param $spkac string
+ * The SPKAC to be checked
+ * @param $spkacname string [optional]
+ * The name of the variable that contains the SPKAC. The default is
+ * "SPKAC"
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
+{
+ $spkacname = escapeshellarg($spkacname);
+ $status = runCommand("openssl spkac -spkac $spkacname", $spkac, $spkacText);
+ if ($status === true) {
+ return failWithId("checkWeakKeySPKAC(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $spkacText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit the ".
+ "back button and try again.");
+ }
+
+ return checkWeakKeyText($spkacText);
+}
+
+/**
+ * Checks whether the given text representation of a CSR or a SPKAC contains
+ * a weak key
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeyText($text)
+{
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't extract the ".
+ "public key algorithm used.\nData:\n$text");
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+
+ if ($algorithm === "rsaEncryption")
+ {
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "key size.\nData:\n$text");
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+
+ if ($keysize < 2048)
+ {
+ return sprintf(_("The keys that you use are very small ".
+ "and therefore insecure. Please generate stronger ".
+ "keys. More information about this issue can be ".
+ "found in %sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
+ "</a>");
+ }
+
+
+ $debianVuln = checkDebianVulnerability($text, $keysize);
+ if ($debianVuln === true)
+ {
+ return sprintf(_("The keys you use have very likely been ".
+ "generated with a vulnerable version of OpenSSL which ".
+ "was distributed by debian. Please generate new keys. ".
+ "More information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#DebianVulnerability'>",
+ "</a>");
+ } elseif ($debianVuln === false) {
+ // not vulnerable => do nothing
+ } else {
+ return failWithId("checkWeakKeyText(): Something went wrong in".
+ "checkDebianVulnerability().\nKeysize: $keysize\n".
+ "Data:\n$text");
+ }
+
+ if (!preg_match('/^\s*Exponent: (\d+) \(0x[0-9a-fA-F]+\)$/m', $text,
+ $exponent))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "exponent.\nData:\n$text");
+ } else {
+ $exponent = $exponent[1]; // exponent might be very big =>
+ //handle as string using bc*()
+
+ if (bccomp($exponent, "3") === 0)
+ {
+ return sprintf(_("The keys you use might be insecure. ".
+ "Although there is currently no known attack for ".
+ "reasonable encryption schemes, we're being ".
+ "cautious and don't allow certificates for such ".
+ "keys. Please generate stronger keys. More ".
+ "information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallExponent'>",
+ "</a>");
+ } elseif (!(bccomp($exponent, "65537") >= 0 &&
+ (bccomp($exponent, "100000") === -1 ||
+ // speed things up if way smaller than 2^256
+ bccomp($exponent, bcpow("2", "256")) === -1) )) {
+ // 65537 <= exponent < 2^256 recommended by NIST
+ // not critical but log so we have some statistics about
+ // affected users
+ trigger_error("checkWeakKeyText(): Certificate for ".
+ "unsuitable exponent '$exponent' requested",
+ E_USER_NOTICE);
+ }
+ }
+ }
+
+ /* No weakness found */
+ return "";
+}
+
+/**
+ * Reimplement the functionality of the openssl-vulnkey tool
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @param $keysize int [optional]
+ * If the key size is already known it can be provided so it doesn't
+ * have to be parsed again. This also skips the check whether the key
+ * is an RSA key => use wisely
+ * @return TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
+ */
+function checkDebianVulnerability($text, $keysize = 0)
+{
+ $keysize = intval($keysize);
+
+ if ($keysize === 0)
+ {
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract ".
+ "the public key algorithm used.\nData:\n$text",
+ E_USER_WARNING);
+ return null;
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+ if ($algorithm !== "rsaEncryption") return false;
+
+ /* Extract public key size */
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't parse the ".
+ "RSA key size.\nData:\n$text", E_USER_WARNING);
+ return null;
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+ }
+
+ // $keysize has been made sure to contain an int
+ $blacklist = "/usr/share/openssl-blacklist/blacklist.RSA-$keysize";
+ if (!(is_file($blacklist) && is_readable($blacklist)))
+ {
+ if (in_array($keysize, array(512, 1024, 2048, 4096)))
+ {
+ trigger_error("checkDebianVulnerability(): Blacklist for ".
+ "$keysize bit keys not accessible. Expected at ".
+ "$blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ trigger_error("checkDebianVulnerability(): $blacklist is not ".
+ "readable. Unsupported key size?", E_USER_WARNING);
+ return false;
+ }
+
+
+ /* Extract RSA modulus */
+ if (!preg_match('/^\s*Modulus \(\d+ bit\):\n'.
+ '((?:\s*[0-9a-f][0-9a-f]:(?:\n)?)+[0-9a-f][0-9a-f])$/m',
+ $text, $modulus))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract the ".
+ "RSA modulus.\nData:\n$text", E_USER_WARNING);
+ return null;
+ } else {
+ $modulus = $modulus[1];
+ // strip whitespace and colon leftovers
+ $modulus = str_replace(array(" ", "\t", "\n", ":"), "", $modulus);
+
+ // when using "openssl xxx -text" first byte was 00 in all my test
+ // cases but 00 not present in the "openssl xxx -modulus" output
+ if ($modulus[0] === "0" && $modulus[1] === "0")
+ {
+ $modulus = substr($modulus, 2);
+ } else {
+ trigger_error("checkDebianVulnerability(): First byte is not ".
+ "zero", E_USER_NOTICE);
+ }
+
+ $modulus = strtoupper($modulus);
+ }
+
+
+ /* calculate checksum and look it up in the blacklist */
+ $checksum = substr(sha1("Modulus=$modulus\n"), 20);
+
+ // $checksum and $blacklist should be safe, but just to make sure
+ $checksum = escapeshellarg($checksum);
+ $blacklist = escapeshellarg($blacklist);
+ $debianVuln = runCommand("grep $checksum $blacklist");
+ if ($debianVuln === 0) // grep returned something => it is on the list
+ {
+ return true;
+ } elseif ($debianVuln === 1) {
+ // grep returned nothing
+ return false;
+ } else {
+ trigger_error("checkDebianVulnerability(): Something went wrong ".
+ "when looking up the key with checksum $checksum in the ".
+ "blacklist $blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ // Should not get here
+ return null;
+}
diff --git a/includes/lib/general.php b/includes/lib/general.php
index 25d2561..85b132d 100644
--- a/includes/lib/general.php
+++ b/includes/lib/general.php
@@ -47,4 +47,117 @@ function get_user_id_from_cert($serial, $issuer_cn)
return -1;
}
-?>
+/**
+ * Produces a log entry with the error message with log level E_USER_WARN
+ * and a random ID an returns a message that can be displayed to the user
+ * including the generated ID
+ *
+ * @param $errormessage string
+ * The error message that should be logged
+ * @return string containing the generated ID that can be displayed to the
+ * user
+ */
+function failWithId($errormessage) {
+ $errorId = rand();
+ trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
+ return sprintf(_("Something went wrong when processing your request. ".
+ "Please contact %s for help and provide them with the ".
+ "following ID: %d"),
+ "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
+ "ID%3A%20$errorId'>support@cacert.org</a>",
+ $errorId);
+}
+
+
+/**
+ * Runs a command on the shell and return it's exit code and output
+ *
+ * @param string $command
+ * The command to run. Make sure that you escapeshellarg() any non-constant
+ * parts as this is executed on a shell!
+ * @param string|bool $input
+ * The input that is passed to the command via STDIN, if true the real
+ * STDIN is passed through
+ * @param string|bool $output
+ * The output the command wrote to STDOUT (this is passed as reference),
+ * if true the output will be written to the real STDOUT. Output is ignored
+ * by default
+ * @param string|bool $errors
+ * The output the command wrote to STDERR (this is passed as reference),
+ * if true (default) the output will be written to the real STDERR
+ *
+ * @return int|bool
+ * The exit code of the command, true if the execution of the command
+ * failed (true because then
+ * <code>if (runCommand('echo "foo"')) handle_error();</code> will work)
+ */
+function runCommand($command, $input = "", &$output = null, &$errors = true) {
+ $descriptorspec = array();
+
+ if ($input !== true) {
+ $descriptorspec[0] = array("pipe", "r"); // STDIN for child
+ }
+
+ if ($output !== true) {
+ $descriptorspec[1] = array("pipe", "w"); // STDOUT for child
+ }
+
+ if ($errors !== true) {
+ $descriptorspec[2] = array("pipe", "w"); // STDERR for child
+ }
+
+ $proc = proc_open($command, $descriptorspec, $pipes);
+
+ if (is_resource($proc))
+ {
+ if ($input !== true) {
+ fwrite($pipes[0], $input);
+ fclose($pipes[0]);
+ }
+
+ if ($output !== true) {
+ $output = stream_get_contents($pipes[1]);
+ }
+
+ if ($errors !== true) {
+ $errors = stream_get_contents($pipes[2]);
+ }
+
+ return proc_close($proc);
+
+ } else {
+ return true;
+ }
+}
+
+ // returns 0 if $userID is an Assurer
+ // Otherwise :
+ // Bit 0 is always set
+ // Bit 1 is set if 100 Assurance Points are not reached
+ // Bit 2 is set if Assurer Test is missing
+ // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
+ function get_assurer_status($userID)
+ {
+ $Result = 0;
+ $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
+ ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
+ if(mysql_num_rows($query) < 1)
+ {
+ $Result |= 5;
+ }
+
+ $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
+ $row = mysql_fetch_assoc($query);
+ if ($row['points'] < 100) {
+ $Result |= 3;
+ }
+
+ $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
+ $row = mysql_fetch_assoc($query);
+ if ($row['assurer_blocked'] > 0) {
+ $Result |= 9;
+ }
+
+ return $Result;
+ }
+ \ No newline at end of file
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 5734fad..4f9b8e8 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -18,20 +18,29 @@
include_once("../includes/lib/general.php");
require_once("../includes/lib/l10n.php");
+ include_once("../includes/mysql.php");
+
+ if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
+ $_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
+ }
+ if(!isset($_SESSION['profile']['id']) || !isset($_SESSION['profile']['loggedin'])) {
+ $_SESSION['profile']['id'] = 0;
+ $_SESSION['profile']['loggedin'] = 0;
+ }
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
{
$uid = $_SESSION['profile']['id'];
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
- foreach($_SESSION as $key)
+ foreach($_SESSION as $key => $value)
{
- if($key == '_config')
+ if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
continue;
if(is_int($key) || is_string($key))
unset($_SESSION[$key]);
- unset($$key);
- session_unregister($key);
+ unset($$key);
+ //session_unregister($key);
}
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$uid'"));
@@ -50,14 +59,14 @@
{
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
- foreach($_SESSION as $key)
+ foreach($_SESSION as $key => $value)
{
- if($key == '_config')
+ if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
continue;
if(is_int($key) || is_string($key))
unset($_SESSION[$key]);
- unset($$key);
- session_unregister($key);
+ unset($$key);
+ //session_unregister($key);
}
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
@@ -69,16 +78,16 @@
} else {
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
- foreach($_SESSION as $key)
+ foreach($_SESSION as $key => $value)
{
- if($key == '_config')
+ if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
continue;
- unset($_SESSION[$key]);
- unset($$key);
- session_unregister($key);
+ unset($_SESSION[$key]);
+ unset($$key);
+ //session_unregister($key);
}
- unset($_SESSION['_config']['oldlocation']);
+ $_SESSION['_config']['oldlocation'] = '';
foreach($_GET as $key => $val)
{
@@ -127,9 +136,9 @@
$_SESSION['profile'] = "";
foreach($_SESSION as $key => $value)
{
- unset($_SESSION[$key]);
- unset($$key);
- session_unregister($key);
+ unset($_SESSION[$key]);
+ unset($$key);
+ //session_unregister($key);
}
header("location: https://".$normalhost."/index.php");
@@ -138,11 +147,11 @@
if($_SESSION['profile']['loggedin'] < 1)
{
- unset($_SESSION['_config']['oldlocation']);
+ $_SESSION['_config']['oldlocation'] = '';
foreach($_REQUEST as $key => $val)
{
- if($_SESSION['_config']['oldlocation'])
+ if('' != $_SESSION['_config']['oldlocation'])
$_SESSION['_config']['oldlocation'] .= "&";
$key = str_replace(array("\n", "\r"), '', $key);
diff --git a/includes/mysql.php.sample b/includes/mysql.php.sample
index ff5cfc3..10185fc 100644
--- a/includes/mysql.php.sample
+++ b/includes/mysql.php.sample
@@ -28,7 +28,7 @@
function sendmail($to, $subject, $message, $from, $replyto = "", $toname = "", $fromname = "", $errorsto = "returns@cacert.org", $extra="")
{
- $lines = explode('\n', $message);
+ $lines = explode("\n", $message);
$message = "";
foreach($lines as $line)
{
@@ -64,7 +64,8 @@
fputs($smtp, "DATA\r\n");
$InputBuffer = fgets($smtp, 1024);
fputs($smtp, "X-Mailer: CAcert.org Website\r\n");
- fputs($smtp, "X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
+ if (array_key_exists("REMOTE_ADDR", $_SERVER))
+ fputs($smtp, "X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
fputs($smtp, "Sender: $errorsto\r\n");
fputs($smtp, "Errors-To: $errorsto\r\n");
if($replyto != "")
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index cc0e0eb..1f0ec92 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -14,7 +14,7 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/
+*/
function query_init ($query)
{
@@ -41,6 +41,15 @@
return intval($row['list']);
}
+ function get_number_of_ttpassurances ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
function get_number_of_assurees ($userid)
{
$res = query_init ("SELECT count(*) AS `list` FROM `notary`
@@ -52,8 +61,8 @@
function get_top_assurer_position ($no_of_assurances)
{
- $res = query_init ("SELECT count(*) AS `list` FROM `notary`
- WHERE `method` = 'Face to Face Meeting'
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting'
GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
return intval(query_get_number_of_rows($res)+1);
}
@@ -83,7 +92,7 @@
$res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
return $res;
}
-
+
function get_received_assurances_summary ($userid)
{
$res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
@@ -106,7 +115,7 @@
function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
{
- $apoints = max($row['points'],$row['awarded']);
+ $apoints = max($row['points'], $row['awarded']);
$points += $apoints;
$experience = "&nbsp;";
$revoked = false; # to be coded later (after DB-upgrade)
@@ -129,7 +138,7 @@
$awarded = 100;
}
else
- $experience = 0;
+ $experience = 0;
switch ($row['method'])
{
@@ -192,15 +201,15 @@
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td class="title"><?=_("Assurer Ranking")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
- </tr>
+ <tr>
+ <td class="title"><?=_("Assurer Ranking")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
+ </tr>
</table>
<br/>
<?
@@ -210,65 +219,68 @@
{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
+ <tr>
<?
if ($support == "1")
{
?>
- <td colspan="10" class="title"><?=$title?></td>
+ <td colspan="10" class="title"><?=$title?></td>
<?
} else {
?>
- <td colspan="7" class="title"><?=$title?></td>
-<? }
+ <td colspan="7" class="title"><?=$title?></td>
+<?
+ }
?>
- </tr>
- <tr>
- <td class="DataTD"><strong><?=_("ID")?></strong></td>
- <td class="DataTD"><strong><?=_("Date")?></strong></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("ID")?></strong></td>
+ <td class="DataTD"><strong><?=_("Date")?></strong></td>
<?
if ($support == "1")
{
?>
- <td class="DataTD"><strong><?=_("When")?></strong></td>
- <td class="DataTD"><strong><?=_("Email")?></strong></td>
-<? } ?>
- <td class="DataTD"><strong><?=_("Who")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Location")?></strong></td>
- <td class="DataTD"><strong><?=_("Method")?></strong></td>
- <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("When")?></strong></td>
+ <td class="DataTD"><strong><?=_("Email")?></strong></td>
+<?
+ }
+?>
+ <td class="DataTD"><strong><?=_("Who")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Location")?></strong></td>
+ <td class="DataTD"><strong><?=_("Method")?></strong></td>
+ <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
<?
if ($support == "1")
{
?>
- <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
+ <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
<?
}
?>
- </tr>
+ </tr>
<?
}
function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
{
?>
- <tr>
- <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td>
- <td class="DataTD"><?=$points?></td>
- <td class="DataTD">&nbsp;</td>
- <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
- <td class="DataTD"><?=$sumexperience?></td>
+ <tr>
+ <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD">&nbsp;</td>
+ <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
+ <td class="DataTD"><?=$sumexperience?></td>
<?
if ($support == "1")
{
?>
- <td class="DataTD">&nbsp;</td>
+ <td class="DataTD">&nbsp;</td>
<?
}
?>
- </tr>
+ </tr>
</table>
<br/>
<?
@@ -277,52 +289,54 @@
function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
{
- $tdstyle="";
- $emopen="";
- $emclose="";
+ $tdstyle="";
+ $emopen="";
+ $emclose="";
- if ($awarded == $points)
- {
- if ($awarded == "0")
+ if ($awarded == $points)
{
- if ($when < "2006-09-01")
+ if ($awarded == "0")
{
- $tdstyle="style='background-color: #ffff80'";
- $emopen="<em>";
- $emclose="</em>";
+ if ($when < "2006-09-01")
+ {
+ $tdstyle="style='background-color: #ffff80'";
+ $emopen="<em>";
+ $emclose="</em>";
+ }
}
}
- }
?>
- <tr>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
+ <tr>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
<?
- if ($support == "1")
- {
+ if ($support == "1")
+ {
?>
<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
-<? }
+<?
+ }
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
<?
- if ($support == "1")
- {
- if ($revoked == true)
+ if ($support == "1")
{
+ if ($revoked == true)
+ {
?>
- <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
-<? } else {
+ <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
+<?
+ } else {
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
<?
+ }
}
- }
?>
</tr>
<?
@@ -332,14 +346,14 @@
{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
- </tr>
- <tr>
- <td class="DataTD"><strong><?=_("Description")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Remark")?></strong></td>
+ <tr>
+ <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("Description")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Remark")?></strong></td>
</tr>
<?
}
@@ -355,12 +369,12 @@
function output_summary_row($title,$points,$points_countable,$remark)
{
?>
- <tr>
- <td class="DataTD"><strong><?=$title?></strong></td>
- <td class="DataTD"><?=$points?></td>
- <td class="DataTD"><?=$points_countable?></td>
- <td class="DataTD"><?=$remark?></td>
- </tr>
+ <tr>
+ <td class="DataTD"><strong><?=$title?></strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD"><?=$points_countable?></td>
+ <td class="DataTD"><?=$remark?></td>
+ </tr>
<?
}
@@ -374,7 +388,7 @@
$res = get_given_assurances(intval($userid));
while($row = mysql_fetch_assoc($res))
{
- $fromuser = get_user (intval($row['to']));
+ $fromuser = get_user (intval($row['to']));
$apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
$name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
$email = show_email_link ($fromuser['email'],intval($row['to']));
@@ -430,6 +444,8 @@
break;
case 'Unknown': // to be revoked in the future? limit to max 50 pts?
case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
+ case 'TTP-Assisted': // TTP assurances, limit to 35
+ case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
case '': // to be revoked in the future? limit to max 50 pts?
case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
break;
@@ -575,14 +591,14 @@
return $issue_points;
}
- function output_given_assurances($userid,$support)
+ function output_given_assurances($userid,$support=0)
{
output_assurances_header(_("Assurance Points You Issued"),$support);
output_given_assurances_content($userid,$points,$sum_experience,$support);
output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
}
- function output_received_assurances($userid,$support)
+ function output_received_assurances($userid,$support=0)
{
output_assurances_header(_("Your Assurance Points"),$support);
output_received_assurances_content($userid,$points,$sum_experience,$support);
@@ -602,4 +618,495 @@
<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
<?
}
+
+ //functions to do with recording user agreements
+ /**
+ * write_user_agreement()
+ * writes a new record to the table user_agreement
+ *
+ * @param mixed $memid
+ * @param mixed $document
+ * @param mixed $method
+ * @param mixed $comment
+ * @param integer $active
+ * @param integer $secmemid
+ * @return
+ */
+ function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
+ // write a new record to the table user_agreement
+ $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
+ ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
+ $res = mysql_query($query);
+ }
+
+ function get_user_agreement_status($memid, $type="CCA"){
+ //returns 0 - no user agreement, 1- at least one entry
+ $query="SELECT u.`document` FROM `user_agreements` u
+ WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <=0){
+ return 0;
+ }else{
+ return 1;
+ }
+ }
+
+ function get_first_user_agreement($memid, $active=1, $type="CCA"){
+ //returns an array (`document`,`date`,`method`, `comment`,`active`)
+ if($active==1){
+ $filter="u.`memid`=".$memid;
+ }else{
+ $filter="u.`secmemid`=".$memid;
+ }
+ $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
+ WHERE u.`document` = '".$type."' AND ".$filter."
+ ORDER BY u.`date` Limit 1;";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) >0){
+ $row = mysql_fetch_assoc($res);
+ $rec['document']= $row['document'];
+ $rec['date']= $row['date'];
+ $rec['method']= $row['method'];
+ $rec['comment']= $row['comment'];
+ $rec['active']= $row['active'];
+ }else{
+ $rec=array();
+ }
+ return $rec;
+ }
+
+ function get_last_user_agreement($memid, $type="CCA"){
+ //returns an array (`document`,`date`,`method`, `comment`,`active`)
+ $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
+ union
+ (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) >0){
+ $row = mysql_fetch_assoc($res);
+ $rec['document']= $row['document'];
+ $rec['date']= $row['date'];
+ $rec['method']= $row['method'];
+ $rec['comment']= $row['comment'];
+ $rec['active']= $row['active'];
+ }else{
+ $rec=array();
+ }
+ return $rec;
+ }
+
+ function delete_user_agreement($memid, $type="CCA"){
+ //deletes all entries to an user for the given type of user agreements
+ mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
+ mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
+ }
+
+ // functions for 6.php (assure somebody)
+
+ function AssureHead($confirmation,$checkname)
+ {
+?>
+<form method="post" action="wot.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
+ <tr>
+ <td colspan="2" class="title"><?=$confirmation?></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+ </tr>
+<?
+ }
+
+ function AssureTextLine($field1,$field2)
+ {
+?>
+ <tr>
+ <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
+ <td class="DataTD"><?=$field2?></td>
+ </tr>
+<?
+ }
+
+ function AssureBoxLine($type,$text,$checked)
+ {
+?>
+ <tr>
+ <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
+ <td class="DataTD"><?=$text?></td>
+ </tr>
+<?
+ }
+
+ function AssureMethodLine($text,$methods,$remark)
+ {
+ if (count($methods) != 1) {
+?>
+ <tr>
+ <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
+ <td class="DataTD">
+ <select name="method">
+<?
+ foreach($methods as $val) {
+?>
+ <option value="<?=$val?>"><?=$val?></option>
+<?
+ }
?>
+ </select>
+ <br />
+ <?=$remark?>
+ </td>
+ </tr>
+<?
+ } else {
+?>
+ <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
+<?
+ }
+ }
+
+ function AssureInboxLine($type,$field,$value,$description)
+ {
+?>
+ <tr>
+ <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
+ <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+ </tr>
+<?
+ }
+
+ function AssureFoot($oldid,$confirm)
+ {
+?>
+ <tr>
+ <td class="DataTD" colspan="2">
+ <input type="submit" name="process" value="<?=$confirm?>" />
+ <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
+ </td>
+ </tr>
+</table>
+<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
+<input type="hidden" name="oldid" value="<?=$oldid?>" />
+</form>
+<?
+ }
+
+ function account_email_delete($mailid){
+ //deletes an email entry from an acount
+ //revolkes all certifcates for that email address
+ //called from www/account.php if($process != "" && $oldid == 2)
+ //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
+ //called from account_delete
+ $mailid = intval($mailid);
+ revoke_all_client_cert($mailid);
+ $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
+ mysql_query($query);
+ }
+
+ function account_domain_delete($domainid){
+ //deletes an domain entry from an acount
+ //revolkes all certifcates for that domain address
+ //called from www/account.php if($process != "" && $oldid == 9)
+ //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
+ //called from account_delete
+ $domainid = intval($domainid);
+ revoke_all_server_cert($domainid);
+ mysql_query(
+ "update `domains`
+ set `deleted`=NOW()
+ where `id` = '$domainid'");
+ }
+
+ function account_delete($id, $arbno, $adminid){
+ //deletes an account following the deleted account routnie V3
+ // called from www/account.php if($oldid == 50 && $process != "")
+ //change password
+ $id = intval($id);
+ $arbno = mysql_real_escape_string($arbno);
+ $adminid = intval($adminid);
+ $pool = 'abcdefghijklmnopqrstuvwxyz';
+ $pool .= '0123456789!()§';
+ $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+ srand ((double)microtime()*1000000);
+ $password="";
+ for($index = 0; $index < 30; $index++)
+ {
+ $password .= substr($pool,(rand()%(strlen ($pool))), 1);
+ }
+ mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
+
+ //create new mail for arbitration number
+ $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
+ mysql_query($query);
+ $emailid = mysql_insert_id();
+
+ //set new mail as default
+ $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
+ mysql_query($query);
+
+ //delete all other email address
+ $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ account_email_delete($row['id']);
+ }
+
+ //delete all domains
+ $query = "select `id` from `domains` where `memid`='".$id."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ account_domain_delete($row['id']);
+ }
+
+ //clear alert settings
+ mysql_query(
+ "update `alerts` set
+ `general`='0',
+ `country`='0',
+ `regional`='0',
+ `radius`='0'
+ where `memid`='$id'");
+
+ //set default location
+ $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
+ mysql_query($query);
+
+ //clear listings
+ $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
+ mysql_query($query);
+
+ //set lanuage to default
+ //set default language
+ mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
+ //delete secondary langugaes
+ mysql_query("delete from `addlang` where `userid`='".$id."'");
+
+ //change secret questions
+ for($i=1;$i<=5;$i++){
+ $q="";
+ $a="";
+ for($index = 0; $index < 30; $index++)
+ {
+ $q .= substr($pool,(rand()%(strlen ($pool))), 1);
+ $a .= substr($pool,(rand()%(strlen ($pool))), 1);
+ }
+ $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
+ mysql_query($query);
+ }
+
+ //change personal information to arbitration number and DOB=1900-01-01
+ $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
+ $details = mysql_fetch_assoc(mysql_query($query));
+ $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
+ `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'";
+ mysql_query($query);
+ $query = "update `users` set `fname`='".$arbno."',
+ `mname`='".$arbno."',
+ `lname`='".$arbno."',
+ `suffix`='".$arbno."',
+ `dob`='1900-01-01'
+ where `id`='".$id."'";
+ mysql_query($query);
+
+ //clear all admin and board flags
+ mysql_query(
+ "update `users` set
+ `assurer`='0',
+ `assurer_blocked`='0',
+ `codesign`='0',
+ `orgadmin`='0',
+ `ttpadmin`='0',
+ `locadmin`='0',
+ `admin`='0',
+ `adadmin`='0',
+ `tverify`='0',
+ `board`='0'
+ where `id`='$id'");
+
+ //block account
+ mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
+ }
+
+
+ function check_email_exists($email){
+ // called from includes/account.php if($process != "" && $oldid == 1)
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $email = mysql_real_escape_string($email);
+ $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+ function check_gpg_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
+ }else{
+ $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+ function check_client_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
+ $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
+ }else{
+ $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
+ $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query1);
+ $r1 = mysql_num_rows($res)>0;
+ $res = mysql_query($query2);
+ $r2 = mysql_num_rows($res)>0;
+ return !!($r1 || $r2);
+ }
+
+ function check_server_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query1 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `domaincerts`.`expire` > NOW()
+ and `domaincerts`.`revoked` < `domaincerts`.`created`";
+ $query2 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `revoked`>NOW()";
+ }else{
+ $query1 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `expire`>(NOW()-90*86400)
+ and `revoked`<`created`";
+ $query2 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `revoked`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query1);
+ $r1 = mysql_num_rows($res)>0;
+ $res = mysql_query($query2);
+ $r2 = mysql_num_rows($res)>0;
+ return !!($r1 || $r2);
+ }
+
+ function check_is_orgadmin($uid){
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+
+ // revokation of certificates
+ function revoke_all_client_cert($mailid){
+ //revokes all client certificates for an email address
+ $mailid = intval($mailid);
+ $query = "select `emailcerts`.`id`
+ from `emaillink`,`emailcerts` where
+ `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
+ group by `emailcerts`.`id`";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres)){
+ mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+ }
+ }
+
+ function revoke_all_server_cert($domainid){
+ //revokes all server certs for an domain
+ $domainid = intval($domainid);
+ $query =
+ "select `domaincerts`.`id`
+ from `domaincerts`
+ where `domaincerts`.`domid` = '$domainid'
+ union distinct
+ select `domaincerts`.`id`
+ from `domaincerts`, `domlink`
+ where `domaincerts`.`id` = `domlink`.`certid`
+ and `domlink`.`domid` = '$domainid'";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres))
+ {
+ mysql_query(
+ "update `domaincerts`
+ set `revoked`='1970-01-01 10:00:01'
+ where `id` = '".$drow['id']."'
+ and `revoked` = 0");
+ }
+ }
+
+ function revoke_all_private_cert($uid){
+ //revokes all certificates linked to a personal accounts
+ //gpg revokation needs to be added to a later point
+ $uid=intval($uid);
+ $query = "select `id` from `email` where `memid`='".$uid."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ revoke_all_client_cert($row['id']);
+ }
+
+
+ $query = "select `id` from `domains` where `memid`='".$uid."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ revoke_all_server_cert($row['id']);
+ }
+ }
+
+ /**
+ * check_date_format()
+ * checks if the date is entered in the right date format YYYY-MM-DD and
+ * if the date is after the 1st January of the given year
+ *
+ * @param mixed $date
+ * @param integer $year
+ * @return
+ */
+ function check_date_format($date, $year=2000){
+ if (!strpos($date,'-')) {
+ return FALSE;
+ }
+ $arr=explode('-',$date);
+
+ if ((count($arr)!=3)) {
+ return FALSE;
+ }
+ if (intval($arr[0])<=$year) {
+ return FALSE;
+ }
+ if (intval($arr[1])>12 or intval($arr[1])<=0) {
+ return FALSE;
+ }
+ if (intval($arr[2])>31 or intval($arr[2])<=0) {
+ return FALSE;
+ }
+
+ return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
+
+ }
+
+ /**
+ * check_date_difference()
+ * returns false if the date is larger then today + time diffrence
+ *
+ * @param mixed $date
+ * @param integer $diff
+ * @return
+ */
+ function check_date_difference($date, $diff=1){
+ return (strtotime($date)<=time()+$diff*86400);
+ }
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
deleted file mode 100644
index 884b97f..0000000
--- a/includes/wot.inc.php
+++ /dev/null
@@ -1,539 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2011 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/
-
- function query_init ($query)
- {
- return mysql_query($query);
- }
-
- function query_getnextrow ($res)
- {
- $row1 = mysql_fetch_assoc($res);
- return $row1;
- }
-
- function query_get_number_of_rows ($resultset)
- {
- return intval(mysql_num_rows($resultset));
- }
-
- function get_number_of_assurances ($userid)
- {
- $res = query_init ("SELECT count(*) AS `list` FROM `notary`
- WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
- $row = query_getnextrow($res);
-
- return intval($row['list']);
- }
-
- function get_number_of_assurees ($userid)
- {
- $res = query_init ("SELECT count(*) AS `list` FROM `notary`
- WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
- $row = query_getnextrow($res);
-
- return intval($row['list']);
- }
-
- function get_top_assurer_position ($no_of_assurances)
- {
- $res = query_init ("SELECT count(*) AS `list` FROM `notary`
- WHERE `method` = 'Face to Face Meeting'
- GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
- return intval(query_get_number_of_rows($res)+1);
- }
-
- function get_top_assuree_position ($no_of_assurees)
- {
- $res = query_init ("SELECT count(*) AS `list` FROM `notary`
- WHERE `method` = 'Face to Face Meeting'
- GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
- return intval(query_get_number_of_rows($res)+1);
- }
-
- function get_given_assurances ($userid)
- {
- $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
- return $res;
- }
-
- function get_received_assurances ($userid)
- {
- $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
- return $res;
- }
-
- function get_given_assurances_summary ($userid)
- {
- $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
- return $res;
- }
-
- function get_received_assurances_summary ($userid)
- {
- $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
- return $res;
- }
-
- function get_user ($userid)
- {
- $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
- return mysql_fetch_assoc($res);
- }
-
- function get_cats_state ($userid)
- {
-
- $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
- WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
- return mysql_num_rows($res);
- }
-
- function calc_experience ($row,&$points,&$experience,&$sum_experience)
- {
- $apoints = max($row['points'], $row['awarded']);
-
- $points += $apoints;
-
- $experience = "&nbsp;";
- if ($row['method'] == "Face to Face Meeting")
- {
- $sum_experience = $sum_experience +2;
- $experience = "2";
- }
- return $apoints;
- }
-
- function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
- {
- $awarded = calc_points($row);
-
- if ($awarded > 100)
- {
- $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
- $awarded = 100;
- }
- else
- $experience = 0;
-
- switch ($row['method'])
- {
- case 'Thawte Points Transfer':
- case 'CT Magazine - Germany':
- case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
- $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
- $experience=0;
- break;
- default:
- $points += $awarded;
- }
- $sumexperience = $sumexperience + $experience;
- }
-
-
- function show_user_link ($name,$userid)
- {
- $name = trim($name);
- if($name == "")
- {
- if ($userid == 0)
- $name = _("System");
- else
- $name = _("Deleted account");
- }
- else
- $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
- return $name;
- }
-
- function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
- {
- $num_of_assurances = get_number_of_assurances (intval($userid));
- $rank_of_assurer = get_top_assurer_position($num_of_assurances);
- }
-
- function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
- {
- $num_of_assurees = get_number_of_assurees (intval($userid));
- $rank_of_assuree = get_top_assuree_position($num_of_assurees);
- }
-
-
-// ************* html table definitions ******************
-
- function output_ranking($userid)
- {
- get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
- get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
-
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td class="title"><?=_("Assurer Ranking")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
- </tr>
-</table>
-<br/>
-<?
- }
-
- function output_assurances_header($title)
- {
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="7" class="title"><?=$title?></td>
- </tr>
- <tr>
- <td class="DataTD"><strong><?=_("ID")?></strong></td>
- <td class="DataTD"><strong><?=_("Date")?></strong></td>
- <td class="DataTD"><strong><?=_("Who")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Location")?></strong></td>
- <td class="DataTD"><strong><?=_("Method")?></strong></td>
- <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
- </tr>
-<?
- }
-
- function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
- {
-?>
- <tr>
- <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
- <td class="DataTD"><?=$points?></td>
- <td class="DataTD">&nbsp;</td>
- <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
- <td class="DataTD"><?=$sumexperience?></td>
- </tr>
-</table>
-<br/>
-<?
- }
-
- function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience)
- {
-
- $tdstyle="";
- $emopen="";
- $emclose="";
-
- if ($awarded == $points)
- {
- if ($awarded == "0")
- {
- if ($when < "2006-09-01")
- {
- $tdstyle="style='background-color: #ffff80'";
- $emopen="<em>";
- $emclose="</em>";
- }
- }
- }
-
-?>
- <tr>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
- </tr>
-<?
- }
-
- function output_summary_header()
- {
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
- </tr>
- <tr>
- <td class="DataTD"><strong><?=_("Description")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Remark")?></strong></td>
- </tr>
-<?
- }
-
- function output_summary_footer()
- {
-?>
-</table>
-<br/>
-<?
- }
-
- function output_summary_row($title,$points,$points_countable,$remark)
- {
-?>
- <tr>
- <td class="DataTD"><strong><?=$title?></strong></td>
- <td class="DataTD"><?=$points?></td>
- <td class="DataTD"><?=$points_countable?></td>
- <td class="DataTD"><?=$remark?></td>
- </tr>
-<?
- }
-
-
-// ************* output given assurances ******************
-
- function output_given_assurances_content($userid,&$points,&$sum_experience)
- {
- $points = 0;
- $sumexperience = 0;
- $res = get_given_assurances(intval($userid));
- while($row = mysql_fetch_assoc($res))
- {
- $fromuser = get_user (intval($row['to']));
- $apoints = calc_experience ($row,$points,$experience,$sum_experience);
- $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
- output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
- }
- }
-
-// ************* output received assurances ******************
-
- function output_received_assurances_content($userid,&$points,&$sum_experience)
- {
- $points = 0;
- $sumexperience = 0;
- $res = get_received_assurances(intval($userid));
- while($row = mysql_fetch_assoc($res))
- {
- $fromuser = get_user (intval($row['from']));
- calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
- $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
- output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
- }
- }
-
-// ************* output summary table ******************
-
- function check_date_limit ($userid,$age)
- {
- $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
- $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
- return intval(query_get_number_of_rows($res));
- }
-
- function calc_points($row)
- {
- $awarded = intval($row['awarded']);
- if ($awarded == "")
- $awarded = 0;
- if (intval($row['points']) < $awarded)
- $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
- else
- $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
- switch ($row['method'])
- {
- case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
- case 'CT Magazine - Germany': // revoke c't (only one test-entry)
- case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
- $points = 0;
- break;
- case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
- if ($points <= 2) // maybe limit to 35/50 pts in the future?
- $points = 0;
- break;
- case 'Unknown': // to be revoked in the future? limit to max 50 pts?
- case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
- case '': // to be revoked in the future? limit to max 50 pts?
- case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
- break;
- default: // should never happen ... ;-)
- $points = 0;
- }
- if ($points < 0) // ignore negative points (bug needs to be fixed)
- $points = 0;
- return $points;
- }
-
- function max_points($userid)
- {
- return output_summary_content ($userid,0);
- }
-
- function output_summary_content($userid,$display_output)
- {
- $sum_points = 0;
- $sum_experience = 0;
- $sum_experience_other = 0;
- $max_points = 100;
- $max_experience = 50;
-
- $experience_limit_reached_txt = _("Limit reached");
-
- if (check_date_limit($userid,18) != 1)
- {
- $max_experience = 10;
- $experience_limit_reached_txt = _("Limit given by PoJAM reached");
- }
- if (check_date_limit($userid,14) != 1)
- {
- $max_experience = 0;
- $experience_limit_reached_txt = _("Limit given by PoJAM reached");
- }
-
- $res = get_received_assurances_summary($userid);
- while($row = mysql_fetch_assoc($res))
- {
- $points = calc_points ($row);
-
- if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
- {
- $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
- $points = $max_points;
- }
- $sum_points += $points*intval($row['number']);
- }
-
- $res = get_given_assurances_summary($userid);
- while($row = mysql_fetch_assoc($res))
- {
- switch ($row['method'])
- {
- case 'Face to Face Meeting': // count Face to Face only
- $sum_experience += 2*intval($row['number']);
- break;
- }
-
- }
-
- if ($sum_points > $max_points)
- {
- $sum_points_countable = $max_points;
- $remark_points = _("Limit reached");
- }
- else
- {
- $sum_points_countable = $sum_points;
- $remark_points = "&nbsp;";
- }
- if ($sum_experience > $max_experience)
- {
- $sum_experience_countable = $max_experience;
- $remark_experience = $experience_limit_reached_txt;
- }
- else
- {
- $sum_experience_countable = $sum_experience;
- $remark_experience = "&nbsp;";
- }
-
- if ($sum_experience_countable + $sum_experience_other > $max_experience)
- {
- $sum_experience_other_countable = $max_experience-$sum_experience_countable;
- $remark_experience_other = $experience_limit_reached_txt;
- }
- else
- {
- $sum_experience_other_countable = $sum_experience_other;
- $remark_experience_other = "&nbsp;";
- }
-
- if ($sum_points_countable < $max_points)
- {
- if ($sum_experience_countable != 0)
- $remark_experience = _("Points on hold due to less assurance points");
- $sum_experience_countable = 0;
- if ($sum_experience_other_countable != 0)
- $remark_experience_other = _("Points on hold due to less assurance points");
- $sum_experience_other_countable = 0;
- }
-
- $issue_points = 0;
- $cats_test_passed = get_cats_state ($userid);
- if ($cats_test_passed == 0)
- {
- $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
- if ($sum_points_countable < $max_points)
- {
- $issue_points_txt = "<strong style='color: red'>";
- $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
- $issue_points_txt .= "</strong>";
- }
- }
- else
- {
- $experience_total = $sum_experience_countable+$sum_experience_other_countable;
- $issue_points_txt = "";
- if ($sum_points_countable == $max_points)
- $issue_points = 10;
- if ($experience_total >= 10)
- $issue_points = 15;
- if ($experience_total >= 20)
- $issue_points = 20;
- if ($experience_total >= 30)
- $issue_points = 25;
- if ($experience_total >= 40)
- $issue_points = 30;
- if ($experience_total >= 50)
- $issue_points = 35;
- if ($issue_points != 0)
- $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
- }
- if ($display_output)
- {
- output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
- output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
- output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
- output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
- }
- return $issue_points;
- }
-
- function output_given_assurances($userid)
- {
- output_assurances_header(_("Assurance Points You Issued"));
- output_given_assurances_content($userid,$points,$sum_experience);
- output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
- }
-
- function output_received_assurances($userid)
- {
- output_assurances_header(_("Your Assurance Points"));
- output_received_assurances_content($userid,$points,$sum_experience);
- output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
- }
-
- function output_summary($userid)
- {
- output_summary_header();
- output_summary_content($userid,1);
- output_summary_footer();
- }
-
- function output_end_of_page()
- {
-?>
- <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
-<?
- }
-?>
diff --git a/locale/Makefile b/locale/Makefile
index b703fb2..4215a4f 100644
--- a/locale/Makefile
+++ b/locale/Makefile
@@ -112,8 +112,7 @@ $(LANGS:%=$(MO_FILE_TEMPLATE)): $(MO_FILE_TEMPLATE): $(PO_FILE_TEMPLATE)
$(LANGS:%=$(PO_FILE_TEMPLATE)):
mkdir -p $(@D)
wget --output-document - '$(@:$(PO_FILE_TEMPLATE)=$(PO_URL_TEMPLATE))' | \
- # convert UTF-8 characters to HTML entities \
- php -r 'while (!feof(STDIN)) echo mb_convert_encoding(fgets(STDIN), "HTML-ENTITIES", "UTF-8");' \
+ php -f escape_special_chars.php \
> $@
@@ -177,7 +176,8 @@ upload.clean: template.clean
messages.pot: $(GETTEXT_FILES)
xgettext --output - --sort-by-file --copyright-holder "CAcert Inc." \
--package-name "CAcert" --package-version "$(VERSION)" \
- --msgid-bugs-address "translations-admin@cacert.org" $^ | \
+ --msgid-bugs-address "translations-admin@cacert.org" \
+ --add-comments=TRANSLATORS $^ | \
# replace place holders in the lines before the first msgid\
sed '1,/^msgid/ { s/SOME DESCRIPTIVE TITLE/$(DESCRITPION)/; s/YEAR/$(COPYRIGHT_YEAR)/; s/PACKAGE/$(PACKAGE)/ }' \
> $@
diff --git a/locale/escape_special_chars.php b/locale/escape_special_chars.php
new file mode 100644
index 0000000..0f494f1
--- /dev/null
+++ b/locale/escape_special_chars.php
@@ -0,0 +1,80 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/* Convert special characters in UTF-8 encoded PO files to HTML entities */
+
+define('MSGSTR', 'msgstr');
+define('MSGSTR_LEN', strlen(MSGSTR));
+define('MSGID', 'msgid');
+define('MSGID_LEN', strlen(MSGID));
+
+function is_msgstr($line) {
+ if (strlen($line) < MSGSTR_LEN) {
+ return false;
+ }
+
+ return substr_compare($line, MSGSTR, 0, MSGSTR_LEN) === 0;
+}
+
+function is_msgid($line) {
+ if (strlen($line) < MSGID_LEN) {
+ return false;
+ }
+
+ return substr_compare($line, MSGID, 0, MSGID_LEN) === 0;
+}
+
+
+////////////// Main //////////////
+
+// Skip the metadata (first msgid/msgstr pair)
+while (!feof(STDIN)) {
+ $line = fgets(STDIN);
+
+ echo $line;
+
+ if (is_msgstr($line)) {
+ break;
+ }
+}
+
+// determines if the current line belongs to a msgid or a msgstr
+$msgstr = false;
+
+while (!feof(STDIN)) {
+ $line = fgets(STDIN);
+
+ if (is_msgstr($line)) {
+ $msgstr = true;
+ } elseif (is_msgid($line)) {
+ $msgstr = false;
+ }
+
+ if ($msgstr) {
+ // Escape everything that has a special HTML entity such as
+ // &gt; or &auml; except quote characters
+ $line = htmlentities($line, ENT_NOQUOTES, "UTF-8");
+
+ // Escape everything else -> all characters that don't have a special
+ // HTML entity but are outside the ASCII range
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ }
+ echo $line;
+}
diff --git a/pages/account/0.php b/pages/account/0.php
index 84b581e..b9b150c 100644
--- a/pages/account/0.php
+++ b/pages/account/0.php
@@ -29,5 +29,4 @@
<p><?=_("Once you have verified your company you will see these menu options. They allow you to issue as many certificates as you like without proving individual email accounts as you like, further more you are able to get your company details on the certificate.")?></p>
<h4><?=_("CAcert Web of Trust")?></h4>
<p><?=_("The Web of Trust system CAcert uses is similar to that many involved with GPG/PGP use, they hold face to face meetings to verify each others photo identities match their GPG/PGP key information. CAcert differs however in that we have modified things to work within the PKI framework, for you to gain trust in the system you must first locate someone already trusted. The trust person depending how many people they've trusted or meet before will determine how many points they can issue to you (the number of points they can issue is listed in the locate assurer section). Once you've met up you can show your ID and you will need to fill out a CAP form which the person assuring your details must retain for verification reasons.")?></p>
-<p><b><?=_("The former TTP (Trusted Third Party) System has been stopped, and is currently not available.")?></b></p>
-<? // "You can also get trust points via the Trust Third Party system where you go to a lawyer, bank manager, accountant, or public notary/juctise of the peace and they via your ID and fill in the TTP form to state they have viewed your ID documents and it appears authentic and true. More information on the TTP system can be found in the TTP sub-menu</p> ?>
+<p><b><?=sprintf(_("For information about the TTP-assisted-assurance program please read %s"),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?></b></p>
diff --git a/pages/account/10.php b/pages/account/10.php
index 704a05c..6371f76 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -26,16 +26,21 @@
<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
-<p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not. If you are a valid organisation and would like more details to appear on certificates, you will need to have at least 50 assurance points and you need to send us a copy of your document of incorporation. Then we can add those details to your certificates. Contact us for more information on our organisational services.")?> ***</b></p>
+<p><b>*** <?=_("Please note: All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
+<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
<form method="post" action="account.php">
<? if($_SESSION['profile']['points'] >= 50) { ?>
-<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
-<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<input type="radio" name="rootcert" value="1"/> <?=_("Sign by class 1 root certificate")?><br />
+<input type="radio" name="rootcert" value="2" checked/> <?=_("Sign by class 3 root certificate")?><br />
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<? } ?>
+<p><?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80/></p>
<p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<textarea name="CSR" cols="80" rows="15"></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
diff --git a/pages/account/12.php b/pages/account/12.php
index 44926ca..9058a07 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -19,24 +19,26 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
+ <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
</tr>
<?
$query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
+ UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
+ `domaincerts`.`description`
from `domaincerts`,`domains`
- where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
+ where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
if($viewall != 1)
{
$query .= "AND `revoked`=0 AND `renewed`=0 ";
@@ -49,7 +51,7 @@
{
?>
<tr>
- <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="8" class="DataTD"><?=_("No certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -62,31 +64,46 @@
$verified = _("Pending");
if($row['revoked'] > 0)
$verified = _("Revoked");
- if($row['revoked'] == 0)
- $row['revoke'] = _("Not Revoked");
+ if($row['revoked'] == 0)
+ $row['revoke'] = _("Not Revoked");
?>
<tr>
<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
<? } else if($verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
<? } else { ?>
<td class="DataTD">&nbsp;</td>
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
+ <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+ <td class="DataTD" colspan="8">
+ <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="8">
+ <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>"/>&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"/> </td>
</tr>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+ </tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>" />
+<input type="hidden" name="oldid" value="<?=$id?>"/>
+<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/>
</form>
-<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
diff --git a/pages/account/13.php b/pages/account/13.php
index e8dad73..1c1cfc6 100644
--- a/pages/account/13.php
+++ b/pages/account/13.php
@@ -16,30 +16,33 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
- $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
- $res = mysql_query($query);
- $user = mysql_fetch_assoc($res);
+ $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ $user = mysql_fetch_assoc($res);
- $year = intval(substr($user['dob'], 0, 4));
- $month = intval(substr($user['dob'], 5, 2));
- $day = intval(substr($user['dob'], 8, 2));
+ $year = intval(substr($user['dob'], 0, 4));
+ $month = intval(substr($user['dob'], 5, 2));
+ $day = intval(substr($user['dob'], 8, 2));
+ $showdetails = array_key_exists('showdetails', $_REQUEST) && !!intval($_REQUEST['showdetails']);
+ if($showdetails){
+ $body = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
+ $body .= _("You receive this automatic mail since you yourself or someone ".
+ "else looked up your secret questions and answers for a forgotten ".
+ "password.\n\n".
+ "If it was you who looked up or changed that data, or clicked ".
+ "through the menu in your account, everything is in best order ".
+ "and you can ignore this mail.\n\n".
+ "But if you received this mail without a recognisable reason, ".
+ "there is a danger that an unauthorised person accessed your ".
+ "account, and you should promptly change your password and your ".
+ "secret questions and answers.")."\n\n";
- $body = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
- $body .= _("You receive this automatic mail since you yourself or")."\n";
- $body .= _("someone else looked up your secret questions and answers")."\n";
- $body .= _("for a forgotten password.")."\n\n";
- $body .= _("If it was you who looked up or changed that data, or clicked")."\n";
- $body .= _("through the menu in your account, everything is in best order and")."\n";
- $body .= _("you can ignore this mail.")."\n\n";
- $body .= _("But if you received this mail without a recognisable reason,")."\n";
- $body .= _("there is a danger that an unauthorised person accessed your")."\n";
- $body .= _("account, and you should promptly change your password and your")."\n";
- $body .= _("secret questions and answers.")."\n\n";
+ $body .= _("Best regards")."\n"._("CAcert Support");
- $body .= _("With kind regards,")."\n\n"._("CAcert Support");
-
- sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+ sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+ }
?>
+
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
@@ -70,24 +73,24 @@
(<?=_("dd/mm/yyyy")?>)</td>
<td class="DataTD"><nobr><select name="day">
<?
- for($i = 1; $i <= 31; $i++)
- {
- echo "<option";
- if($day == $i)
- echo " selected='selected'";
- echo ">$i</option>";
- }
+ for($i = 1; $i <= 31; $i++)
+ {
+ echo "<option";
+ if($day == $i)
+ echo " selected='selected'";
+ echo ">$i</option>";
+ }
?>
</select>
<select name="month">
<?
- for($i = 1; $i <= 12; $i++)
- {
- echo "<option value='$i'";
- if($month == $i)
- echo " selected='selected'";
- echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
- }
+ for($i = 1; $i <= 12; $i++)
+ {
+ echo "<option value='$i'";
+ if($month == $i)
+ echo " selected='selected'";
+ echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
+ }
?>
</select>
<input type="text" name="year" value="<?=$year?>" size="4"></nobr>
@@ -115,18 +118,22 @@
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?><br>
- (<?=_("dd/mm/yyyy")?>)</td>
+ (<?=_("dd/mm/yyyy")?>)</td>
<td class="DataTD"><?=$day?> <?=ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$month,1,1))))?> <?=$year?></td>
</tr>
<? } ?>
<tr>
+ <td colspan="2" class="title"><a href="account.php?id=13&amp;showdetails=<?=!$showdetails?>"><?=_("View secret question & answers and OTP phrases")?></a></td>
+ </tr>
+ <? if($showdetails){ ?>
+ <tr>
<td class="DataTD"><?=_("OTP Hash")?><br>
- (<?=_("Not displayed")?>)</td>
+ (<?=_("Not displayed")?>)</td>
<td class="DataTD"><input type="text" name="otphash"></td>
</tr>
<tr>
<td class="DataTD"><?=_("OTP PIN")?><br>
- (<?=_("Not displayed")?>)</td>
+ (<?=_("Not displayed")?>)</td>
<td class="DataTD"><input type="text" name="otppin"></td>
</tr>
<tr>
@@ -153,6 +160,7 @@
<td class="DataTD"><input type="text" name="A5" value="<?=sanitizeHTML($user['A5'])?>"></td>
</tr>
<tr>
+ <? } ?>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
diff --git a/pages/account/16.php b/pages/account/16.php
index 514ecfd..6f055d7 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -29,25 +29,25 @@
foreach($_SESSION['_config']['emails'] as $val) { ?>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="emails[]" value="<?=$val?>"></td>
+ <td class="DataTD"><input type="text" name="emails[]" value="<?=$val?>"/></td>
</tr>
<? } ?>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="emails[]"></td>
+ <td class="DataTD"><input type="text" name="emails[]"/></td>
</tr>
<tr>
<td class="DataTD"><?=_("Name")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"></td>
+ <td class="DataTD"><input type="text" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
</tr>
<tr>
<td class="DataTD"><?=_("Department")?>:</td>
- <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?($_SESSION['_config']['OU']):''?>"></td>
+ <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?($_SESSION['_config']['OU']):''?>"/></td>
</tr>
<tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
- <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
+ <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
+ <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
<?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 60))?>
</td>
</tr>
@@ -56,9 +56,15 @@
<td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td>
</tr>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview")?><br />
+ <input type="text" name="description" maxlength="80" size=80 />
+ </td>
+ </tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
- <input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <input type="submit" name="process" value="<?=_("Next")?>" /></td>
</tr>
</table>
<input type="hidden" name="oldid" value="<?=$id?>">
diff --git a/pages/account/17.php b/pages/account/17.php
index 2ba5390..8ac8b65 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -14,124 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?>
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/18.php b/pages/account/18.php
index 13dcc30..2fbb8b4 100644
--- a/pages/account/18.php
+++ b/pages/account/18.php
@@ -19,13 +19,14 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="8" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -35,7 +36,8 @@
UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
`oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
- `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`
+ `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
+ `oemail`.`description`
from `orgemailcerts` as `oemail`, `org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`oemail`.`orgid` ";
@@ -50,7 +52,7 @@
{
?>
<tr>
- <td colspan="6" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="8" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -80,14 +82,22 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
+ <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
</tr>
<? } ?>
<tr>
+ <td class="DataTD" colspan="8">
+ <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ </td>
+ </tr>
+ <tr>
<td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
</tr>
<? } ?>
</table>
diff --git a/pages/account/20.php b/pages/account/20.php
index 510b708..0187013 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -27,11 +27,13 @@
<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
<form method="post" action="account.php">
-<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
-<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<input type="radio" name="rootcert" value="1" /> <?=_("Sign by class 1 root certificate")?><br />
+<input type="radio" name="rootcert" value="2" checked /> <?=_("Sign by class 3 root certificate")?><br />
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br />
+ <input type="text" name="description" maxlength="80" size=80 /></p>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<p><?=_("Paste your CSR below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
+<textarea name="CSR" cols="80" rows="15"></textarea><br />
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
+</form> \ No newline at end of file
diff --git a/pages/account/22.php b/pages/account/22.php
index 9df8200..cb40cf2 100644
--- a/pages/account/22.php
+++ b/pages/account/22.php
@@ -19,16 +19,16 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
-
+ <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
<?
$query = "select UNIX_TIMESTAMP(`orgdomaincerts`.`created`) as `created`,
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
@@ -36,7 +36,8 @@
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
`orgdomaincerts`.`serial`,
- `orgdomaincerts`.`id` as `id`
+ `orgdomaincerts`.`id` as `id`,
+ `orgdomaincerts`.`description`
from `orgdomaincerts`,`org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
if($viewall != 1)
@@ -51,7 +52,7 @@
{
?>
<tr>
- <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="8" class="DataTD"><?=_("No domains are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -77,18 +78,26 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
+ <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="8">
+ <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
</tr>
<? } ?>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
<input type="hidden" name="csrf" value="<?=make_csrf('orgsrvcerchange')?>" />
</form>
<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
diff --git a/pages/account/24.php b/pages/account/24.php
index 7f56023..14a47c0 100644
--- a/pages/account/24.php
+++ b/pages/account/24.php
@@ -48,7 +48,11 @@
</tr>
<tr>
<td class="DataTD"><?=_("Country")?>:</td>
- <td class="DataTD"><input type="text" name="C" value="" size="5">(2 letter <a href="http://www.iso.org/iso/english_country_names_and_code_elements">ISO code</a>)</td>
+ <td class="DataTD"><input type="text" name="C" value="" size="5">
+ <?php printf(_('(2 letter %s ISO code %s )'),
+ '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
+ '</a>')?>
+ </td>
</tr>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
diff --git a/pages/account/27.php b/pages/account/27.php
index 9524620..a1086d4 100644
--- a/pages/account/27.php
+++ b/pages/account/27.php
@@ -41,7 +41,11 @@
</tr>
<tr>
<td class="DataTD"><?=_("Country")?>:</td>
- <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>" size="5"> (2 letter <a href="http://www.iso.org/iso/english_country_names_and_code_elements">ISO code</a>)</td>
+ <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>" size="5">
+ <?php printf(_('(2 letter %s ISO code %s )'),
+ '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
+ '</a>')?>
+ </td>
</tr>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
diff --git a/pages/account/29.php b/pages/account/29.php
index c1a3def..4229b3b 100644
--- a/pages/account/29.php
+++ b/pages/account/29.php
@@ -35,10 +35,12 @@
<td class="DataTD"><input type="text" name="domainname" value="<?=sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD"><input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+ <td class="DataTD"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="oldid" value="<?=intval($id)?>">
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/3.php b/pages/account/3.php
index 5590488..b760c11 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -44,7 +44,7 @@
<td class="DataTD"><input type="checkbox" name="addid[]" value="<?=intval($row['id'])?>"></td>
<td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
</tr>
-<? }
+<? }
if($_SESSION['profile']['points'] >= 50)
{
$fname = $_SESSION['profile']['fname'];
@@ -52,55 +52,68 @@ if($_SESSION['profile']['points'] >= 50)
$lname = $_SESSION['profile']['lname'];
$suffix = $_SESSION['profile']['suffix'];
?>
- <tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
- <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
- <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
+ <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
+ <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
+ <?=str_replace("\n", "<br />\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
</td>
</tr>
<tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="incname" value="0" checked> <?=_("No Name")?><br>
-<? if($fname && $lname) { ?><input type="radio" name="incname" value="1"> <?=_("Include")?> '<?=$fname." ".$lname?>'<br><? } ?>
-<? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br><? } ?>
-<? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3"> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br><? } ?>
-<? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br><? } ?>
+ <input type="radio" name="incname" value="0" checked /> <?=_("No Name")?><br />
+ <? if($fname && $lname) { ?><input type="radio" name="incname" value="1" /> <?=_("Include")?> '<?=$fname." ".$lname?>'<br /><? } ?>
+ <? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br /><? } ?>
+ <? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3" /> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br /><? } ?>
+ <? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br /><? } ?>
</td>
</tr>
-<? } ?>
+<? } ?>
<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
<tr>
+ <td class="DataTD">
+ <input type="checkbox" name="codesign" value="1" />
+ </td>
<td class="DataTD" align="left">
- <input type="checkbox" name="codesign" value="1"> <?=_("Code Signing")?></td>
- <td class="DataTD" align="left">
- <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
+ <?=_("Code Signing")?><br />
+ <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
</td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="2" align="left">
- <input type="checkbox" name="login" value="1" checked="checked"> <?=_("Enable certificate login with this certificate")?><br>
+ <td class="DataTD">
+ <input type="checkbox" name="login" value="1" checked="checked" />
+ </td>
+ <td class="DataTD"> <?=_("Enable certificate login with this certificate")?><br />
<?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?><br/>
</td>
</tr>
-
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview max. 100 characters")?><br />
+ <input type="text" name="description" maxlength="100" size="100" />
+ </td>
+ </tr>
<tr name="expertoff" style="display:none">
- <td class="DataTD" colspan="2" align="left">
- <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)"/><?=_("Show advanced options")?>
+ <td class="DataTD">
+ <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)" />
+ </td>
+ <td class="DataTD">
+ <?=_("Show advanced options")?>
</td>
</tr>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="SSO" value="0" checked> <?=_("No Single Sign On ID")?><br>
- <input type="radio" name="SSO" value="1"> <?=_("Add Single Sign On ID Information")?><br>
+ <input type="radio" name="SSO" value="0" checked /> <?=_("No Single Sign On ID")?><br />
+ <input type="radio" name="SSO" value="1" /> <?=_("Add Single Sign On ID Information")?><br />
<?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
<a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a>
</td>
</tr>
+
+
<tr name="expert">
<td class="DataTD" colspan="2"><?=_("Optional Client CSR, no information on the certificate will be used")?></td>
</tr>
@@ -108,10 +121,19 @@ if($_SESSION['profile']['points'] >= 50)
<td class="DataTD" colspan="2"><textarea name="optionalCSR" cols="80" rows="5"></textarea></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD">
+ <input type="checkbox" name="CCA" />
+ </td>
+ <td class="DataTD" align="left">
+ <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>" /></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
<script language="javascript">
diff --git a/pages/account/30.php b/pages/account/30.php
index 33eeca8..04ad229 100644
--- a/pages/account/30.php
+++ b/pages/account/30.php
@@ -41,5 +41,6 @@
<input type="hidden" name="oldid" value="<?=intval($id)?>">
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
<input type="hidden" name="domain" value="<?=sanitizeHTML($row['domain'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/33.php b/pages/account/33.php
index 376a8b9..9e2f67a 100644
--- a/pages/account/33.php
+++ b/pages/account/33.php
@@ -51,7 +51,7 @@
<? } ?>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
- <td class="DataTD"><input type="text" name="comments" size=27 maxlength=20 value=""></td>
+ <td class="DataTD"><textarea name="comments" cols="30" rows="5"></textarea></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
diff --git a/pages/account/35.php b/pages/account/35.php
index 3a4714f..05c7f2b 100644
--- a/pages/account/35.php
+++ b/pages/account/35.php
@@ -15,44 +15,89 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
- <tr>
- <td colspan="3" class="title"><?=_("Organisations")?></td>
- </tr>
- <tr>
- <td class="DataTD">#</td>
- <td class="DataTD"><?=_("Organisation")?></td>
- <td class="DataTD"><?=_("Admins")?></td>
- </tr>
-<?
- $query = "select * from `orginfo`,`org` where `orginfo`.`id`=`org`.`orgid` and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- //number of admins for the org
- $r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
- $admincount = mysql_num_rows($r2);
- // number of domains for the org
- $r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
- $domcount = mysql_num_rows($r2);
-?>
- <tr>
- <td class="DataTD"><?=intval($row['id'])?></td>
- <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=sanitizeHTML($row['C'])?></td>
- <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
- </tr>
<?
- // display the domains of each organisation
- $query3 = "select * from `orgdomains` where `orgid`='".intval($row['id'])."'";
- $res3 = mysql_query($query3);
- while($detailorg = mysql_fetch_assoc($res3))
+$query = "select *
+ from `orginfo`,`org`
+ where `orginfo`.`id`=`org`.`orgid`
+ and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+while($row = mysql_fetch_assoc($res))
+{
+ ?>
+ <tr>
+ <td colspan="3" class="title"><?=_("Organisation")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Organisation Name")?>:</td>
+ <td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Contact Email")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Town/Suburb")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['L'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("State/Province")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Country")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['C'])?></td>
+ </tr>
+ <?
+
+ //domain info
+ $query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
+ $res1 = mysql_query($query);
+ while($domain = mysql_fetch_assoc($res1))
+ {
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Domain")?></td>
+ <td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+ </tr>
+ <?
+ }
+
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Administrator")?></td>
+ <td class="DataTD"><?=_("Master Account")?></td>
+ <td class="DataTD"><?=_("Department")?></td>
+ </tr>
+ <?
+
+ //org admins
+ $query = "select * from `org` where `orgid`='".intval($row['id'])."'";
+ $res2 = mysql_query($query);
+ while($org = mysql_fetch_assoc($res2))
{
-?>
- <tr>
- <td class="DataTD"><?=intval($detailorg['id'])?></td>
- <td class="DataTD"><?=_("Domain available")?></td>
- <td class="DataTD"><?=sanitizeHTML($detailorg['domain'])?></td>
- </tr>
-<? } } ?>
+ $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+ ?>
+ <tr>
+ <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+ <td class="DataTD"><?=($org['masteracc'])?></td>
+ <td class="DataTD"><?=($org['OU'])?></td>
+ </tr>
+ <?
+
+ if(intval($org['masteracc']) === 1 &&
+ intval($org['memid']) === intval($_SESSION['profile']['id']))
+ {
+ $master="account.php?id=32&amp;orgid=".intval($row['id']);
+ ?>
+ <tr>
+ <td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+ </tr>
+ <?
+ }
+ }
+} ?>
</table>
diff --git a/pages/account/38.php b/pages/account/38.php
index f311bf5..7caddb0 100644
--- a/pages/account/38.php
+++ b/pages/account/38.php
@@ -14,31 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<H3><?=_("Donations")?></H3><br>
+*/
-<h4><?=_("If I'd like to donate to CAcert Inc., how can I do it?")?></h4>
-
-<p>
-<?
-printf(_("CAcert Inc. is a non-profit association which is legally able to accept donations. CAcert adheres to %sstrict guidelines%s about how this money can to be used. If you'd like to make a donation, you can do so via"),
- '<a href="//wiki.cacert.org/FAQ/DonationsGuideline">', '</a>');
-?>
-
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="<?=_("CAcert Donation through PayPal")?>">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCA1pOad7SD8OtSdvHxI3CItmi2sb2eq/1UZbQboNkJTwlaTbTZfoWzBuFmimBR/Qz21Z+L7wFa7XxfhwRLC4V/X4uTJVAIDaKsdTXFNx51EMu+LyiP1O+7GxcdNR7njwvndIaHN0HZIdidpG8jFPP/8ZsLaPe2/Dh2S7344wSuUDELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIYn0dsk7tIRmAgaBNejWqE2RRr+Tsb3fVlcbuG98Bq+zaMO5g8n8i3DnBjIoSJNb+ZuSj53oWrh/+HCY4EY1Rg3qHiUSMOS/o9k75UR7C+ez0R9tmZ2eQrdxlqTVuvENRA0W5z6iTJYog5XhMoKScOFUBaIr9zxjETUY2Y1V3X8qRFIe0YWlYRYbePs2p/IDatirUFhOJSff0ancU2GZULRy0PiZHtzbm8Gy/oIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDcxMTAzMDcxMDI1WjAjBgkqhkiG9w0BCQQxFgQU8tPwGUvNb8eYe8Pfhe9YutgXm/YwDQYJKoZIhvcNAQEBBQAEgYBpwhhgz5ED5qxBosfMaifzIr2anV5ScQqqQbC1hphWBQ4e2PT5+TQWCcQkrTh2UTp3vC81Y8vYZ+fussa+zPBE8DmeFDfzpLJo+TQHZUiKxWUDu6drv3o3mV3VjAkaqIhAdubhEOxj2bbKND3IRT1lfIVVSUipndKzRjukZJK39A==-----END PKCS7-----">
-</form>
-
-<p><?=_("If you are located in Australia, please use bank transfer instead:")?></p>
-
-<pre>
-Account Name: CAcert Inc
-BSB: 032073
-Account No.: 180264
-</pre>
-
-<p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
-
-<p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+require_once(dirname(__FILE__)."/../index/13.php");
diff --git a/pages/account/4.php b/pages/account/4.php
index a4d6597..8ac8b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -14,177 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- // Vista:
- Set csps = CreateObject("X509Enrollment.CCspInformations")
- If IsObject(csps) Then
- csps.AddAvailableCsps()
- Document.CertReqForm.keytype.value="VI"
- For j = 0 to csps.Count-1
- Set oOption = document.createElement("OPTION")
- oOption.text = csps.ItemByIndex(j).Name
- oOption.value = j
- Document.CertReqForm.CspProvider.add(oOption)
- Next
-
- Else
-
- // 2000,XP:
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
- End If
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
-
-
- // Vista
- if Document.CertReqForm.keytype.value="VI" Then
-
- Dim g_objClassFactory
- Dim obj
- Dim objPrivateKey
- Dim g_objRequest
- Dim g_objRequestCMC
-
- Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
- Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
- Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
- Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
- //Msgbox exit function
- objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
- // "Microsoft Enhanced RSA and AES Cryptographic Provider"
- objPrivateKey.ProviderType = "24"
- objPrivateKey.KeySpec = "1"
- objPrivateKey.ExportPolicy = 1
- objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
- Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
- objDN.Encode("CN=CAcertRequest")
- objRequest.Subject = objDN
-
- // obj.Initialize(1)
- obj.InitializeFromRequest(objRequest)
- obj.CertificateDescription="Description"
- obj.CertificateFriendlyName="FriendlyName"
- CSR=obj.CreateRequest(1)
- If len(CSR)<>0 Then Exit Function
- Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
-
- else
- // XP
-
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- End if
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/40.php b/pages/account/40.php
index 8391903..a809595 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -27,17 +27,28 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" name="form1">
+<form method="post" action="account.php" name="form1">
<input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="support" value="yes">
+<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
- <table border="0">
- <tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+ <p class="robotic" id="pot">
+ <label>If you're human leave this blank:</label>
+ <input name="robotest" type="text" id="robotest" class="robotest" />
+ </p>
+<table border="0">
+ <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+ <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+ <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+ <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+
+ <tr>
+ <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+ <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ </tr>
</table>
</form>
@@ -50,31 +61,15 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
-<p><b><?=_("Sensitive Information")?></b></p>
-<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="https://www.cacert.org/index.php" name="form2">
- <input type="hidden" name="secrethash2" value="">
- <input type="hidden" name="oldid" value="<?=$id?>">
- <table border="0">
- <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
- </table>
-</form>
-
<p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
+<p><?=sprintf(_("Please use any of the following ways to report security ".
+ "issues: You can use the above contact form for sensitive information. ".
+ "You can email us to %s. You can file a bugreport on %s and mark it as ".
+ "private."),
+ "<a href='mailto:support@cacert.org'>support@cacert.org</a>",
+ "<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
<script type="text/javascript">
<!--
diff --git a/pages/account/41.php b/pages/account/41.php
index d2cfc8c..d61d8db 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -25,7 +25,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
<td colspan="2" class="title"><?=_("My Language Settings")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("My prefered language")?>:</td>
+ <td class="DataTD"><?=_("My preferred language")?>:</td>
<td class="DataTD"><select name="lang">
<?
foreach(L10n::$translations as $key => $val)
@@ -73,8 +73,12 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
- echo "<option value='".sanitizeHTML($row['locale'])."'";
- echo ">".$row['country']." - ".$row['lang']."</option>\n";
+ printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
+ sanitizeHTML($row['locale']),
+ sanitizeHTML($row['locale']),
+ $row['lang'],
+ $row['country']
+ );
}
?>
</select>
diff --git a/pages/account/43.php b/pages/account/43.php
index 7bf6d04..a942f18 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -35,6 +35,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
{
+ $_REQUEST['userid'] = 0;
+
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
//Disabled to speed up the queries
@@ -53,14 +55,14 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
} else {
// $email contains non-digits ==> search for mail addresses
// Be defensive here (outer join) if primary mail is not listed in email table
- $query = "select `users`.`id` as `id`, `email`.`email` as `email`
+ $query = "select `users`.`id` as `id`, `email`.`email` as `email`
from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
- where (`email`.`email` like '$emailsearch'
+ where (`email`.`email` like '$emailsearch'
or `users`.`email` like '$emailsearch')
and `users`.`deleted`=0
group by `users`.`id` limit 100";
}
- // bug-975 ted+uli changes --- end
+ // bug-975 ted+uli changes --- end
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
@@ -98,8 +100,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
if(intval($_REQUEST['userid']) > 0)
{
- $id = intval($_REQUEST['userid']);
- $query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
+ $userid = intval($_REQUEST['userid']);
+ $query = "select * from `users` where `users`.`id`='$userid' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -133,7 +135,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<td class="DataTD"><?=_("Last Name")?>:</td>
<td class="DataTD"> <input type="hidden" name="oldid" value="43">
<input type="hidden" name="action" value="updatedob">
- <input type="hidden" name="userid" value="<?=intval($id)?>">
+ <input type="hidden" name="userid" value="<?=intval($userid)?>">
<input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>"></td>
</tr>
<tr>
@@ -173,6 +175,10 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<input type="submit" value="Go"></form></nobr></td>
</tr>
<tr>
+ <td class="DataTD"><?=_("CCA accepted")?>:</td>
+ <td class="DataTD"><a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>"><?=intval(get_user_agreement_status($row['id'])) ? _("Yes") : _("No") ?></a></td>
+ </tr>
+ <tr>
<td class="DataTD"><?=_("Trainings")?>:</td>
<td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
</tr>
@@ -338,7 +344,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<td colspan="2" class="title"><?=_("Account State")?></td>
</tr>
-<?
+<?
// --- bug-975 begin ---
// potential db inconsistency like in a20110804.1
// Admin console -> don't list user account
@@ -359,7 +365,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
4. email.email = primary-email (???) or'd
not covered by admin console find user routine, but may block users login
5. users.verified = 0|1
- further "special settings"
+ further "special settings"
6. users.locked (setting displayed in display form)
7. users.assurer_blocked (setting displayed in display form)
@@ -370,7 +376,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
1. users.verified = 1
2. users.deleted = 0
3. users.locked = 0
- 4. users.email = primary-email
+ 4. users.email = primary-email
--- Assurer, assure someone find user query
select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
@@ -384,11 +390,11 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
1. email.hash = '' Yes No No
2. email.deleted = 0 Yes No No
3. users.deleted = 0 Yes Yes Yes
- 4. users.verified = 1 No Yes No
+ 4. users.verified = 1 No Yes No
5. users.locked = 0 No Yes No
6. users.email = prim-email No Yes Yes
7. email.email = prim-email Yes No No
-
+
full usable account needs all 7 requirements fulfilled
so if one setting isn't set/cleared there is an inconsistency either way
if eg email.email is not avail, admin console cannot open user info
@@ -432,7 +438,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
}
-
+
if ($drow) {
$eemail = $drow['eemail'];
$edeleted = $drow['edeleted'];
@@ -451,11 +457,11 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if ($edeleted!=0) {
$inconsistency += 8;
- $inccause .= (empty($inccause)?"":"<br>")._("Email record set deleted");
+ $inccause .= (empty($inccause)?"":"<br>")._("Email record set deleted");
}
if ($ehash!='') {
$inconsistency += 16;
- $inccause .= (empty($inccause)?"":"<br>")._("Email record hash not unset");
+ $inccause .= (empty($inccause)?"":"<br>")._("Email record hash not unset");
}
} else {
$inconsistency = 32;
@@ -474,14 +480,14 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
"operations and needs to be fixed manually through arbitration/critical ".
"team.")?>
</td>
- </tr>
+ </tr>
<? }
// --- bug-975 end ---
?>
</table>
<br>
-<?
+<?
// End - Debug infos
?>
@@ -510,12 +516,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
-
+
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
-
+
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `domains` inner join `domaincerts`
@@ -526,7 +532,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
-
+
$query = "select COUNT(*) as `expired`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
@@ -535,7 +541,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
-
+
$query = "select COUNT(*) as `revoked`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
@@ -568,12 +574,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
-
+
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
-
+
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `emailcerts`
@@ -583,7 +589,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
-
+
$query = "select COUNT(*) as `expired`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@@ -591,7 +597,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
-
+
$query = "select COUNT(*) as `revoked`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@@ -623,12 +629,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
-
+
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
-
+
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `gpg`
@@ -637,7 +643,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
-
+
$query = "select COUNT(*) as `expired`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@@ -645,7 +651,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
-
+
?>
<td class="DataTD"><?=intval($total)?></td>
<td class="DataTD"><?=intval($valid)?></td>
@@ -662,7 +668,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
</tr>
<tr>
- <td class="DataTD"><?=_("Org Server")?>:</td>
+ <td class="DataTD"><a href="account.php?id=58&amp;userid=<?=intval($row['id'])?>"><?=_("Org Server")?></a>:</td>
<?
$query = "select COUNT(*) as `total`,
MAX(`orgcerts`.`expire`) as `maxexpire`
@@ -672,12 +678,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
-
+
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
-
+
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `orgdomaincerts` as `orgcerts` inner join `org`
@@ -688,7 +694,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
-
+
$query = "select COUNT(*) as `expired`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@@ -697,7 +703,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
-
+
$query = "select COUNT(*) as `revoked`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@@ -732,12 +738,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
-
+
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
-
+
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `orgemailcerts` as `orgcerts` inner join `org`
@@ -748,7 +754,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
-
+
$query = "select COUNT(*) as `expired`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@@ -757,7 +763,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
-
+
$query = "select COUNT(*) as `revoked`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@@ -780,9 +786,20 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<?
} ?>
</tr>
+ <tr>
+ <td colspan="6" class="title">
+ <form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to revoke all private certificates?")?>')) return false;">
+ <input type="hidden" name="action" value="revokecert">
+ <input type="hidden" name="oldid" value="43">
+ <input type="hidden" name="userid" value="<?=intval($userid)?>">
+ <input type="submit" value="<?=_('revoke certificates')?>">
+ </form>
+ </td>
+ </tr>
</table>
<br>
+
<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
(<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
<br />
@@ -827,11 +844,11 @@ function showassuredto()
<td class="DataTD"><?=intval($drow['points'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
+ <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
@@ -873,30 +890,32 @@ function showassuredby()
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
- <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
+ <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
<? } ?>
<br><br>
-<? } }
-
-switch ($_GET['shownotary'])
- {
- case 'assuredto': showassuredto();
- break;
- case 'assuredby': showassuredby();
- break;
- case 'assuredto15': output_received_assurances(intval($_GET['userid']),1);
- break;
- case 'assuredby15': output_given_assurances(intval($_GET['userid']),1);
- break;
- }
-
-
-?>
+<? } }
+
+if(isset($_GET['shownotary'])) {
+ switch($_GET['shownotary']) {
+ case 'assuredto':
+ showassuredto();
+ break;
+ case 'assuredby':
+ showassuredby();
+ break;
+ case 'assuredto15':
+ output_received_assurances(intval($_GET['userid']),1);
+ break;
+ case 'assuredby15':
+ output_given_assurances(intval($_GET['userid']),1);
+ break;
+ }
+}
diff --git a/pages/account/49.php b/pages/account/49.php
index 688b9a4..0218fa0 100644
--- a/pages/account/49.php
+++ b/pages/account/49.php
@@ -34,7 +34,7 @@
if(mysql_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+ <td colspan="5" class="title"><?=_("Select Specific User Account Details")?></td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
@@ -58,7 +58,11 @@
$row = mysql_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
- printf(_("No personal domains found matching %s"), sanitizeHTML($domain));
+ ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?printf(_("No personal domains found matching %s"), sanitizeHTML($domain));?></td>
+ </tr>
+ </table><br><br><?
}
$query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domain' limit 100";
@@ -66,7 +70,7 @@
if(mysql_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+ <td colspan="5" class="title"><?=_("Select Specific Organisation Account Details")?></td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
@@ -90,7 +94,11 @@
$row = mysql_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
- printf(_("No organisational domains found matching %s"), sanitizeHTML($domain));
+ ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?printf(_("No organisational domains found matching %s"), sanitizeHTML($domain));?></td>
+ </tr>
+ </table><br><br><?
}
}
diff --git a/pages/account/5.php b/pages/account/5.php
index 5c131ba..44763e2 100644
--- a/pages/account/5.php
+++ b/pages/account/5.php
@@ -19,28 +19,29 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="7" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Login")?></td>
-
+ <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
<?
$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
- `emailcerts`.`expire` as `expires`,
+ `emailcerts`.`expire` as `expires`,
`emailcerts`.`revoked` as `revoke`,
- UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
+ UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
`emailcerts`.`id`,
`emailcerts`.`CN`,
`emailcerts`.`serial`,
- emailcerts.disablelogin as `disablelogin`
+ `emailcerts`.`disablelogin` as `disablelogin`,
+ `emailcerts`.`description`
from `emailcerts`
where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
";
@@ -56,7 +57,7 @@
{
?>
<tr>
- <td colspan="7" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="10" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -86,31 +87,39 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD">
<input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
- <input type="hidden" name="cert_<?=$row['id']?>" value="1"/>
+ <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
</td>
+ <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
</tr>
-<? } ?>
+ <? } ?>
<tr>
- <td class="DataTD" colspan="8">
+ <td class="DataTD" colspan="9">
<a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="9">
+ <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ </td>
+ </tr>
+
+ <tr>
+ <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
- <td class="DataTD" colspan="3"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+ <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
</tr>
<? } ?>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
<input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
</form>
<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
diff --git a/pages/account/50.php b/pages/account/50.php
index 1604156..a4c2413 100644
--- a/pages/account/50.php
+++ b/pages/account/50.php
@@ -19,13 +19,17 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Change Password")?></td>
+ <td colspan="2" class="title"><?=_("Delete Account")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
<td class="DataTD"><b><?=sanitizeHTML($_REQUEST['email'])?></b></td>
</tr>
<tr>
+ <td class="DataTD"><?=_("New Username from arbitration number + sequence number a20xxyyzz.a.b")?>:</td>
+ <td class="DataTD"><input type="text" name="arbitrationno"></td>
+ </tr>
+ <tr>
<td class="DataTD" colspan="2"><?=_("Are you sure you want to delete this user, while not actually deleting the account it will completely disable it and revoke any/all certificates currently issued.")?></td>
</tr>
<tr>
diff --git a/pages/account/57.php b/pages/account/57.php
new file mode 100644
index 0000000..76eee27
--- /dev/null
+++ b/pages/account/57.php
@@ -0,0 +1,107 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?
+ include_once($_SESSION['_config']['filepath'].'/includes/notary.inc.php');
+
+ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+
+ echo _('You do not have access to this page');
+
+ } else {
+ $user_id = intval($_REQUEST['userid']);
+ $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ } else {
+ $row = mysql_fetch_assoc($res);
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?=_('CCA agreement of').' '.sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname'])?></td>
+ </tr>
+</table>
+
+
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="DataTD"><b><?=_('CCA type')?></b></td>
+ <td class="DataTD"><b><?=_('Date')?></b></td>
+ <td class="DataTD"><b><?=_('Method')?></b></td>
+ <td class="DataTD"><b><?=_('Type')?></b></td>
+ </tr>
+<?
+ $data=get_first_user_agreement($user_id,1);
+ if (!isset($data['active'])){
+ $type='';
+ }else{
+ $type=_('active');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('First active CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+<?
+ $data=get_first_user_agreement($user_id,0);
+ if (!isset($data['active'])){
+ $type="";
+ }else{
+ $type=_('passive');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('First passive CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+<?
+ $data=get_last_user_agreement($user_id);
+ if (!isset($data['active'])){
+ $type="";
+ }elseif($data['active']==1){
+ $type=_('active');
+ }else{
+ $type=_('passive');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('Last CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+</table>
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+<?
+ if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+?>
+ <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=$user_id ?>">back</a></td></tr>
+<? }
+?> </table>
+<?
+ }
+}
+?>
diff --git a/pages/account/58.php b/pages/account/58.php
new file mode 100644
index 0000000..1f6b1a0
--- /dev/null
+++ b/pages/account/58.php
@@ -0,0 +1,61 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+ echo _('You do not have access to this page');
+} else {
+ $user_id = intval($_REQUEST['userid']);
+ $query = "select `users`.`fname`, `users`.`mname`, `users`.`lname` from `users` where `id`='$user_id' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) != 1){
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ } else {
+ if ($row = mysql_fetch_assoc($res)){
+ $username=sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname']);
+ $query = "select `orginfo`.`o`, `org`.`masteracc`
+ FROM `orginfo`, `org`
+ WHERE `orginfo`.`id` = `org`.`orgid`
+ AND `org`.`memid`='$user_id' order by `orginfo`.`o`";
+ $res1 = mysql_query($query);?>
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?
+ if (mysql_num_rows($res1) <= 0) {?>
+ <tr>
+ <td colspan="2" class="title"><?=sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
+ </tr>
+ <?}else{?>
+ <tr>
+ <td colspan="2" class="title"><?=sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><b><?=_('Organisation')?></b></td>
+ <td class="DataTD"><b><?=_('Masteraccount')?></b></td>
+ </tr><?
+ while($drow = mysql_fetch_assoc($res1)){?>
+ <tr>
+ <td class="DataTD"><?=$drow['o']?></td>
+ <td class="DataTD"><?=$drow['masteracc'] ? _("Yes") : _("No") ?></td>
+ </tr>
+ <?}
+ }
+ ?></table>
+<? }else{
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ }
+ }
+}
+?>
diff --git a/pages/account/6.php b/pages/account/6.php
index 38af8e8..0054b7a 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -14,123 +14,173 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
-
- $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("No such certificate attached to your account.");
- showfooter();
- exit;
+*/
+
+// Get certificate information
+$certid = 0;
+if(array_key_exists('cert',$_REQUEST)) {
+ $certid = intval($_REQUEST['cert']);
+}
+
+$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
+ UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+ UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
+ `emailcerts`.`expire` as `expires`,
+ `emailcerts`.`revoked` as `revoke`,
+ UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
+ `emailcerts`.`id`,
+ `emailcerts`.`CN`,
+ `emailcerts`.`serial`,
+ `emailcerts`.`disablelogin` as `disablelogin`,
+ `emailcerts`.`crt_name`,
+ `emailcerts`.`keytype`,
+ `emailcerts`.`description`
+ from `emailcerts`
+ where `emailcerts`.`id`='$certid' and
+ `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+if(mysql_num_rows($res) <= 0) {
+ showheader(_("My CAcert.org Account!"));
+ echo _("No such certificate attached to your account.");
+ showfooter();
+ exit;
+}
+$row = mysql_fetch_assoc($res);
+
+
+if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
}
- $row = mysql_fetch_assoc($res);
$crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname`;
-
- if($row['keytype'] == "NS")
- {
- if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
- {
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
- $fname=sanitizeFilename($row['CN']);
- if($fname=="") $fname="certificate";
- header('Content-Disposition: inline; filename="'.$fname.'.crt"');
- echo $cert;
- exit;
- } else {
- showheader(_("My CAcert.org Account!"));
- echo "<h3>"._("Installing your certificate")."</h3>\n";
- echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n";
- echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n";
- showfooter();
- exit;
- }
- } else {
- showheader(_("My CAcert.org Account!"));
-?>
-<h3><?=_("Installing your certificate")?></h3>
+ $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
-<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
-<OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</OBJECT>
-<FORM >
-<INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
-</FORM>
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
-</P>
+ echo $cert;
+ exit;
-<SCRIPT LANGUAGE=VBS>
- Sub CertInst_OnClick
- certchain = _
-<?
- $lines = explode("\n", $cert);
- if(is_array($lines))
- foreach($lines as $line)
- {
- $line = trim($line);
- if($line != "-----END CERTIFICATE-----")
- echo "\"$line\" & _\n";
- else {
- echo "\"$line\"\n";
- break;
- }
- }
-?>
+} elseif (array_key_exists('install', $_REQUEST)) {
+ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+ strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
- On Error Resume Next
-
- Dim obj
- Set obj=CreateObject("X509Enrollment.CX509Enrollment")
- If IsObject(obj) Then
- obj.Initialize(1)
- obj.InstallResponse 0,certchain,0,""
- if err.number<>0 then
- msgbox err.Description
- else
- msgbox "<?=_("Certificate installed successfully. Please don't forget to backup now")?>"
- end if
- else
-
-
-
-
- cec.DeleteRequestCert = FALSE
- err.clear
-
- cec.WriteCertToCSP = TRUE
- cec.acceptPKCS7(certchain)
- if err.number <> 0 Then
- cec.WriteCertToCSP = FALSE
- end if
- err.clear
- cec.acceptPKCS7(certchain)
- if err.number <> 0 then
- errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
- "(Error code " & err.number & ")"
- msgRes = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
- else
- okMsg = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
- "See Tools->Internet Options->Content->Certificates"
- msgRes = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
- end if
- End If
- End Sub
-</SCRIPT>
-
-<p><?=_("Your certificate:")?></p>
-<pre><?=$cert?></pre>
-<?
-
- showfooter();
+ // Handle IE
+ //TODO
+
+ } else {
+ // All other browsers
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+ header("Content-Type: application/x-x509-user-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+ echo $cert;
exit;
}
+
+} else {
+ showheader(_("My CAcert.org Account!"), _("Install your certificate"));
+ echo '<ul class="no_indent">';
+ echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
+ _("Install the certificate into your browser").
+ "</a></li>\n";
+
+ echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
+ _("Download the certificate in PEM format")."</a></li>\n";
+
+ echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
+ _("Download the certificate in DER format")."</a></li>\n";
+ echo '</ul>';
+
+ // Allow to directly copy and paste the cert in PEM format
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
+ echo "<pre>$cert</pre>";
+
+ ?>
+<form method="post" action="account.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="2" class="title"><?=_("Information about the certificate")?></td>
+ </tr>
+<?
+ if($row['timeleft'] > 0)
+ $verified = _("Valid");
+ if($row['timeleft'] < 0)
+ $verified = _("Expired");
+ if($row['expired'] == 0)
+ $verified = _("Pending");
+ if($row['revoked'] > 0)
+ $verified = _("Revoked");
+ if($row['revoked'] == 0)
+ $row['revoke'] = _("Not Revoked");
?>
+ <tr>
+ <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
+<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="revokeid[<?=$row['id']?>]" ></td>
+<? } else if($verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[<?=$row['id']?>]"></td>
+<? } else { ?>
+ <td class="DataTD">&nbsp;</td>
+<? } ?>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Status")?></td>
+ <td class="DataTD"><?=$verified?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Email Address")?></td>
+ <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Revoked")?></td>
+ <td class="DataTD"><?=$row['revoke']?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Expires")?></td>
+ <td class="DataTD"><?=$row['expires']?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Login")?></td>
+ <td class="DataTD">
+ <input type="checkbox" name="disablelogin" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Comment")?></td>
+ <td class="DataTD"><input type="text" name="description" maxlength="100" size=100 value="<?=htmlspecialchars($row['description'])?>"></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+ </tr>
+</table>
+<input type="hidden" name="oldid" value="6">
+<input type="hidden" name="certid" value="<?=$certid?>">
+</form>
+<?
+ showfooter();
+ exit;
+}
diff --git a/pages/account/8.php b/pages/account/8.php
index 6b3de01..79448d1 100644
--- a/pages/account/8.php
+++ b/pages/account/8.php
@@ -25,7 +25,7 @@
if(is_array($_SESSION['_config']['addy']))
foreach($_SESSION['_config']['addy'] as $add) { ?>
<tr>
- <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?>></td>
+ <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?> /></td>
<td class="DataTD" width="175"><?=$add?></td>
</tr>
<? } ?>
@@ -34,5 +34,5 @@
</tr>
</table>
<input type="hidden" name="csrf" value="<?=make_csrf('ctcinfo')?>" />
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
diff --git a/pages/gpg/0.php b/pages/gpg/0.php
index ce3b72a..f490511 100644
--- a/pages/gpg/0.php
+++ b/pages/gpg/0.php
@@ -19,7 +19,11 @@
?>
<p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
<form method="post" action="gpg.php">
-<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<p><?=_("Optional comment, only used in the certifictate overview")?><br />
+ <input type="text" name="description" maxlength="80" size=80 /></p>
+<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
diff --git a/pages/gpg/2.php b/pages/gpg/2.php
index e10935e..cc8a872 100644
--- a/pages/gpg/2.php
+++ b/pages/gpg/2.php
@@ -15,29 +15,30 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+<form method="post" action="gpg.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("OpenPGP Keys")?></td>
+ <td colspan="6" class="title"><?=_("OpenPGP Keys")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Key ID")?></td>
-
+ <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
<?
$query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`expire`) as `expired`,
- `expire` as `expires`, `id`, `level`,
- `email`,`keyid` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
+ `expire` as `expires`, `id`, `level`,
+ `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
ORDER BY `issued` desc";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="5" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
+ <td colspan="6" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -62,10 +63,19 @@
<? } ?>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
-
+ <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
</tr>
<? } ?>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="6">
+ <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ </td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="6"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
+ </tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
diff --git a/pages/index/0.php b/pages/index/0.php
index d1d3fef..b1359f6 100644
--- a/pages/index/0.php
+++ b/pages/index/0.php
@@ -29,61 +29,52 @@
<div class="newsbox">
<?
-/*
- $query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 5";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- echo "<p><b>".date("Y-m-d", $row['TS'])."</b> - ".$row['short']."</p>\n";
- if($row['story'] != "")
- echo "<p>[ <a href='news.php?id=".$row['id']."'>"._("Full Story")."</a> ]</p>\n";
- }
- if(mysql_num_rows(mysql_query("select * from `news`")) > 2)
- echo "<p>[ <a href='news.php'>"._("More News Items")."</a> ]</p>";
-*/
- $rss = "";
- $open = $items = 0;
- $fp = @fopen("/www/pages/index/feed.rss", "r");
- if($fp)
- {
- echo '<p id="lnews">'._('Latest News').'</p>';
-
-
- while(!feof($fp))
- $rss .= trim(fgets($fp, 4096));
- fclose($fp);
- $rss = str_replace("><", ">\n<", $rss);
- $lines = explode("\n", $rss);
- foreach($lines as $line)
- {
- $line = trim($line);
-
- if($line != "<item>" && $open == 0)
- continue;
-
- if($line == "<item>" && $open == 0)
- {
- $open = 1;
- continue;
- }
-
- if($line == "</item>" && $open == 1)
- {
- $items++;
- if($items >= 3)
- break;
- $open == 0;
- continue;
- }
- if(substr($line, 0, 7) == "<title>")
- echo "<h3>".str_replace("&amp;#", "&#", recode_string("UTF8..html", str_replace("&amp;", "", trim(substr($line, 7, -8)))))."</h3>\n";
- if(substr($line, 0, 13) == "<description>")
- echo "<p>".str_replace("&amp;#", "&#", recode_string("UTF8..html", str_replace("&amp;", "", trim(substr($line, 13, -14)))))."</p>\n";
- if(substr($line, 0, 6) == "<link>")
- echo "<p>[ <a href='".trim(substr($line, 6, -7))."'>"._("Full Story")."</a> ]</p>\n";
+ printf("<p id='lnews'>%s</p>\n\n",_('Latest News'));
+
+ $xml = "/www/pages/index/feed.rss"; // FIXME: use relative path to allow operation with different document root
+ $dom = new DOMDocument();
+ $dom->preserveWhiteSpace = false;
+ $dom->Load($xml);
+
+ $xpath = new DOMXPath($dom); //Create an XPath query
+
+ $query = "//channel/item";
+ $items = $xpath->query($query);
+
+ $count = 0;
+ foreach($items as $id => $item) {
+ $query = "./title";
+ $nodeList = $xpath->query($query, $item);
+ $title = recode_string("UTF8..html" , $nodeList->item(0)->nodeValue);
+
+ $query = "./link";
+ $nodeList = $xpath->query($query, $item);
+ $link = htmlspecialchars($nodeList->item(0)->nodeValue);
+
+ $query = "./description";
+ $nodeList = $xpath->query($query, $item);
+ $description = $nodeList->item(0)->nodeValue;
+ // The description may contain HTML entities => convert them
+ $description = html_entity_decode($description, ENT_COMPAT | ENT_HTML401, 'UTF-8');
+ // Description may contain HTML markup and unicode characters => encode them
+ // If we didn't decode and then encode again, (i.e. take the content
+ // as it is in the RSS feed) we might inject harmful markup
+ $description = recode_string("UTF8..html", $description);
+
+ printf("<h3><a href=\"%s\">%s</a></h3>\n", $link, $title);
+ printf("<p>%s</p>\n", nl2br($description));
+
+ $title = '';
+ $description = '';
+ $link = '';
+
+ $count++;
+ if ($count >= 3) {
+ break;
}
}
?>
+
[ <a href="http://blog.CAcert.org/"><?=_('More News Items')?></a> ]
</div>
<hr/>
@@ -118,54 +109,12 @@
<p><?=_("If you are located in Australia, use bank transfer instead.")?></p>
<p><?=_("CAcert bank account details:")?></p>
-
-<ul>
+<ul class="no_indent">
<li>Account Name: CAcert Inc</li>
+<li>SWIFT: WPACAU2S</li>
<li>BSB: 032073</li>
<li>Account No.: 180264</li>
</ul>
<br /><br />
<?=_("If you want to participate in CAcert.org, have a look")?> <a href="http://wiki.cacert.org/wiki/HelpingCAcert"><?=_("here")?></a> <?=_("and")?> <a href="http://wiki.cacert.org/wiki/SystemTasks"><?=_("here")?></a>.
-
-<!--
-<h3><?=_("For CAcert Association Members")?></h3>
-
-<b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b>
-<p><?=_("If not then select this PayPal button to pay your US$10 membership fee for the year.")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="Make payments with PayPal">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHiAYJKoZIhvcNAQcEoIIHeTCCB3UCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAVW/F7PUYp3SMSCdOj1L4lNmZk8TPLmyFBXiYe/dP6bdcsvvx0A58mLC/3j961TCs95gXWqYx5vDD9znDEii5An7weRqtaxFa9B+UplKT2kcQJpi45zsGKzhwtHF/g0aJQdLmzrDYNnWd16UvhuasUIV501LaZB3ykq5j2eDJV/DELMAkGBSsOAwIaBQAwggEEBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJHKnDgLaYrEgIHgjYPDm0r2cH9hexIMEuCuiO9eOIsYxpzC50y9+ZWltUA9Eqp8avPT3ExC4qaw6FS8eo4+UWweESWXpAk3QrNTXgeV+Zf/4RjUEurpkRECinPUCtTgJvs6XLaPU50hAAaV9QmknT4DICcmB7djry0tB1FbLOmnqMyOTpT2pKDuL7r6hgEIAnCyASBtO5E8YJWFgSneQ53PbtT+YuAcVwIOD83wFRDAjlwYhs50VD6ugK07SXxC5I8RFV65PZS/qIiEEBCv7yiXi/U9DK4QG+3ojuxkP6ZjwshGb/99uK1NZCqgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzExMDMwNzA2NDdaMCMGCSqGSIb3DQEJBDEWBBQQVDeJMeMteu3fuP5xIdpSiYrfLDANBgkqhkiG9w0BAQEFAASBgHIt5M/R6uPXFU0bVQJWcoO++ETE4nPbp+Nz+o7bclXsxIQL+yG5C5vQdpgNeCLuq42sPv+QUuVoMxio6hecCgHewwqAxkrUUr+teGOFSEqpfXBhjWfkUvZLvOy1ix6pSpjLnUu4bbJxaA5eM0gZQDZCJ8nh0HxPScdi5BhVuPSk-----END PKCS7-----
-">
-</form>
-<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of US$10 in AU$.")?></p>
-
-<p><?=_("Please also include Your name in the transaction so we know who it came from or send an email to robert at cacert dot org with the details:")?></p>
-
-<ul>
-<li>Account Name: CAcert Inc</li>
-<li>BSB: 032073</li>
-<li>Account No.: 180264</li>
-</ul>
-<br/><br/>
--->
-
-
-<!--
-<h3><?=_("Introduction")?></h3>
-
-<p><?=_("It's been a long time coming, but the wait was worthwhile, finally you are able to get security at the right price... Free!")?></p>
-
-<p><?=_("For years we've all been charged high amounts of money to pay for security that doesn't and shouldn't cost the earth.")?></p>
-
-<p><?=_("The primary goals are:")?>
-<ul>
-<li><?=_("Inclusion into mainstream browsers!")?></li>
-<li><?=_("To provide a trust mechanism to go with the security aspects of encryption.")?></li>
-</ul>
-
-<p><?=sprintf(_("For general documentation and help please see our %s site"), "<a href='http://wiki.CAcert.org'>"._("Wiki Documentation")."</a>")?>.</p>
--->
-
-
diff --git a/pages/index/10.php b/pages/index/10.php
index 9e09bb8..7280e09 100644
--- a/pages/index/10.php
+++ b/pages/index/10.php
@@ -14,11 +14,8 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_('This page has been moved to the %spolicy directory%s. Please update '.
- 'your bookmarks and report any broken links.'),
- '<a href="/policy/PrivacyPolicy.html">', '</a>');
-?>
-</p>
+*/
+
+ header('HTTP/1.0 301 Moved Permanently');
+ header('Location: http://www.cacert.org/policy/CertificationPracticeStatement.php');
+ exit();
diff --git a/pages/index/11.php b/pages/index/11.php
index 8391903..d1ef4df 100644
--- a/pages/index/11.php
+++ b/pages/index/11.php
@@ -27,17 +27,28 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" name="form1">
+<form method="post" action="index.php" name="form1">
<input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="support" value="yes">
+<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
+ <p class="robotic" id="pot">
+ <label>If you're human leave this blank:</label>
+ <input name="robotest" type="text" id="robotest" class="robotest" />
+ </p>
<table border="0">
- <tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+ <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+ <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+ <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+ <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+
+ <tr>
+ <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+ <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ </tr>
</table>
</form>
@@ -50,31 +61,8 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
-<p><b><?=_("Sensitive Information")?></b></p>
-<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="https://www.cacert.org/index.php" name="form2">
- <input type="hidden" name="secrethash2" value="">
- <input type="hidden" name="oldid" value="<?=$id?>">
- <table border="0">
- <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
- </table>
-</form>
-
<p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
-
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<p><?=sprintf(_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on %s and mark it as private."),"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
<script type="text/javascript">
<!--
diff --git a/pages/index/13.php b/pages/index/13.php
index 68ee5ed..612422f 100644
--- a/pages/index/13.php
+++ b/pages/index/13.php
@@ -35,10 +35,24 @@ printf(_("CAcert Inc. is a non-profit association which is legally able to accep
<pre>
Account Name: CAcert Inc
-BSB: 032073
-Account No.: 180264
+SWIFT: WPACAU2S
+BSB: 032073
+Account No.: 180264
</pre>
<p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
<p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+
+
+<h3><?=_("Using Our Affiliate Partners")?></h3>
+
+<h4>Booking.com</h4>
+
+<p><?=_("If you do any trips where you need accommodation why not book via booking.com?")?></p>
+
+<p><?php
+ printf(_("For any booking done over %s started from this page CAcert gets a share of the provision. You do not pay more but you will support CAcert."),
+ '<a href="//www.booking.com/index.html?aid=346253">booking.com</a>');
+ ?></p>
+
diff --git a/pages/index/21.php b/pages/index/21.php
index 4d2599c..f07bbb8 100644
--- a/pages/index/21.php
+++ b/pages/index/21.php
@@ -14,33 +14,42 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/*
+page called from the following pages
+ a. https://wiki.cacert.org/Price [^]
+ b. https://wiki.cacert.org/CacertMembership/DE [^]
+ c. https://wiki.cacert.org/CacertMembership [^]
+ d. https://wiki.cacert.org/CAcertInc [^]
+ e. https://wiki.cacert.org/Brain/CAcertInc [^]
*/ ?>
<h3><?=_("For CAcert Association Members")?></h3>
-<b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b>
-<p><?=_("If not then select this PayPal button to establish annual payment of your US$10 membership fee.")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<p><b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b></p>
+
+<p><?=_("If not then select this PayPal button to establish annual payment of your 10 EUR membership fee.")?></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="Make payments with PayPal">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHiAYJKoZIhvcNAQcEoIIHeTCCB3UCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAVW/F7PUYp3SMSCdOj1L4lNmZk8TPLmyFBXiYe/dP6bdcsvvx0A58mLC/3j961TCs95gXWqYx5vDD9znDEii5An7weRqtaxFa9B+UplKT2kcQJpi45zsGKzhwtHF/g0aJQdLmzrDYNnWd16UvhuasUIV501LaZB3ykq5j2eDJV/DELMAkGBSsOAwIaBQAwggEEBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJHKnDgLaYrEgIHgjYPDm0r2cH9hexIMEuCuiO9eOIsYxpzC50y9+ZWltUA9Eqp8avPT3ExC4qaw6FS8eo4+UWweESWXpAk3QrNTXgeV+Zf/4RjUEurpkRECinPUCtTgJvs6XLaPU50hAAaV9QmknT4DICcmB7djry0tB1FbLOmnqMyOTpT2pKDuL7r6hgEIAnCyASBtO5E8YJWFgSneQ53PbtT+YuAcVwIOD83wFRDAjlwYhs50VD6ugK07SXxC5I8RFV65PZS/qIiEEBCv7yiXi/U9DK4QG+3ojuxkP6ZjwshGb/99uK1NZCqgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzExMDMwNzA2NDdaMCMGCSqGSIb3DQEJBDEWBBQQVDeJMeMteu3fuP5xIdpSiYrfLDANBgkqhkiG9w0BAQEFAASBgHIt5M/R6uPXFU0bVQJWcoO++ETE4nPbp+Nz+o7bclXsxIQL+yG5C5vQdpgNeCLuq42sPv+QUuVoMxio6hecCgHewwqAxkrUUr+teGOFSEqpfXBhjWfkUvZLvOy1ix6pSpjLnUu4bbJxaA5eM0gZQDZCJ8nh0HxPScdi5BhVuPSk-----END PKCS7-----
-">
+<input type="hidden" name="hosted_button_id" value="AMCDNMBBDXGA2">
+<input type="image" src="/images/btn_subscribeCC_LG.gif" border="0" name="submit" alt="Subscription payment for membership fee">
</form>
-<p><?=_("To do a single US$10 Membership-Fee Payment, please use this button:")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<p><?=_("To do a single 10 EUR membership fee payment, please use this button:")?></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="586280">
-<input type="image" src="/images/btn_paynowCC_LG.gif" border="0" name="submit" alt="">
-</form>
+<input type="hidden" name="hosted_button_id" value="8F4WL72WX857J">
+<input type="image" src="/images/btn_paynowCC_LG.gif" border="0" name="submit" alt="Single payment for membership fee">
+</form>
-<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of US$10 in AU$.")?></p>
+<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of 10 EUR in AUD.")?></p>
<p><?=_("Please also include your name in the transaction so we know who it came from and send an email to secretary at cacert dot org with the details:")?></p>
<ul>
<li>Account Name: CAcert Inc</li>
+<li>SWIFT: WPACAU2S</li>
<li>BSB: 032073</li>
-<li>Account No.: 180264</li>
+<li>Account No: 180264</li>
</ul>
-<br/><br/>
diff --git a/pages/index/3.php b/pages/index/3.php
index c2cb391..a107c29 100644
--- a/pages/index/3.php
+++ b/pages/index/3.php
@@ -18,38 +18,45 @@
<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.php'>","</a>")?></p>
-<p>
-Class 1 <?=_("PKI Key")?><br>
-<a href="index.php?id=17"><?=_("Click here if you want to import the root certificate into Microsoft Internet Explorer 5.x/6.x")?></a><br>
-<a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a><br>
-<a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a><br>
-<a href="certs/root.txt"><?=_("Root Certificate (Text Format)")?></a><br>
-<a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a><br>
-<?=_("Fingerprint")?> SHA1: 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33<br/>
-<?=_("Fingerprint")?> MD5: A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B<br/>
-</p>
+<h3><?=_("Windows Installer") ?></h3>
+<ul class="no_indent">
+ <li><? printf(_("%s Windows installer package %s for browsers that use the Windows certificate store %s (for example Internet Explorer, Chrome on Windows and Safari on Windows)"), '<a href="certs/CAcert_Root_Certificates.msi">', '</a>', '<br/>')?></li>
+ <li><?=_("SHA1 Hash:") ?> 2db1957db31aa0d778d1a65ea146760ee1e67611</li>
+ <li><?=_("SHA256 Hash:") ?> 88883f2e3117bae6f43922fbaef8501b94efe4143c12116244ca5d0c23bcbb16</li>
+</ul>
-<p>
-Class 3 <?=_("PKI Key")?><br>
-<a href="certs/class3.crt"><?=_("Intermediate Certificate (PEM Format)")?></a><br/>
-<a href="certs/class3.der"><?=_("Intermediate Certificate (DER Format)")?></a><br/>
-<a href="certs/class3.txt"><?=_("Intermediate Certificate (Text Format)")?></a><br/>
-<a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a><br/>
+<h3><?=_("Class 1 PKI Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a></li>
+ <li><a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a></li>
+ <li><a href="certs/root.txt"><?=_("Root Certificate (Text Format)")?></a></li>
+ <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a></li>
+ <li><?=_("SHA1 Fingerprint:")?> 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33</li>
+ <li><?=_("MD5 Fingerprint:")?> A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B</li>
+</ul>
+
+<h3><?=_("Class 3 PKI Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/class3.crt"><?=_("Intermediate Certificate (PEM Format)")?></a></li>
+ <li><a href="certs/class3.der"><?=_("Intermediate Certificate (DER Format)")?></a></li>
+ <li><a href="certs/class3.txt"><?=_("Intermediate Certificate (Text Format)")?></a></li>
+ <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a></li>
<?php /*
class3 subroot fingerprint updated: 2011-05-23 class3 Re-sign project
https://wiki.cacert.org/Roots/Class3ResignProcedure/Migration
*/ ?>
-<?=_("Fingerprint")?> SHA1: AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE<br/>
-<?=_("Fingerprint")?> MD5: F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42<br/>
-</p>
+ <li><?=_("SHA1 Fingerprint:")?> AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE</li>
+ <li><?=_("MD5 Fingerprint:")?> F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42</li>
+</ul>
-<p>
-<?=_("GPG Key")?><br>
-<a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a><br>
-</p>
+<h3><?=_("GPG Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a></li>
+ <li><?=_("GPG Key ID:")?> 0x65D0FD58</li>
+ <li><?=_("Fingerprint:")?> A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58</li>
+</ul>
-<p>
-<?=_("PKI finger/thumb print signed by the CAcert GPG Key")?><br>
+<h4><?=_("PKI fingerprint signed by the CAcert GPG Key")?></h4>
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
@@ -82,8 +89,8 @@ TG1yj+lkktROGGyn0hJ5SbM=
=tXoj
-----END PGP SIGNATURE-----
</pre>
-</p>
+<h3><?=_("History")?></h3>
<p>
<? printf(_('An overview over all CA certificates ever issued can be found in '.
'%sthe wiki%s.'),
diff --git a/pages/index/4.php b/pages/index/4.php
index ffbfe26..384ea56 100644
--- a/pages/index/4.php
+++ b/pages/index/4.php
@@ -25,11 +25,11 @@
?>
<? if($_SESSION['_config']['hostname'] == $_SESSION['_config']['securehostname']) { ?>
-<p><?=_("Warning! You've attempted to log into the system with a client certificate, but the login failed due to the certificate being expired, revoked, disabled for certificate login, or simply not valid for this site. You can login using your Email/Pass Phrase to get a new certificate, by clicking on 'Normal Login' to the right of your screen.")?></p>
+<p><?=sprintf(_("Warning! You've attempted to log into the system with a client certificate, but the login failed due to the certificate being expired, revoked, disabled for certificate login, or simply not valid for this site. You can login using your email/pass phrase to get a new certificate, by clicking on %sPassword Login%s on the right side of this page."),"<a href='https://".$_SESSION['_config']['normalhostname']."/index.php?id=4'>", "</a>")?></p>
<? } else { ?>
<style>
.box2 {width:100%;text-align:center;}
-.box {background:#F5F7F7;border:2px solid #cccccc;margin:0px auto;height:250px;width:300px;padding:1em;}
+.box {background:#F5F7F7;border:2px solid #cccccc;margin:0px auto;height:auto;width:300px;padding:1em;}
.smalltext {font-size:10px;}
label {width:100px;display:block;float:left;}
text {width:166px;display:block;float:left;}
@@ -45,15 +45,15 @@ h1 {font-size:1.9em;text-align:center;}
<label for="email"><?=_("Email Address")?>:</label><input type='text' name="email" value="<?=sanitizeHTML(array_key_exists("email",$_REQUEST)?$_REQUEST['email']:"")?>" <? if(array_key_exists('notauto',$_REQUEST) && $_REQUEST['noauto'] == 1) echo " autocomplete='off'"; ?>/><br />
<label for="pword"><?=_("Pass Phrase")?>:</label><input type='password' name='pword' autocomplete="off"/><br />
<input type='submit' name="process" value="<?=_("Login")?>" /><br /><br />
-<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4'><?=_("Password Login")?></a> -
-<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5'><?=_("Lost Password")?></a> -
+<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4'><?=_("Password Login")?></a> -
+<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5'><?=_("Lost Password")?></a> -
<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1'><?=_("Net Cafe Login")?></a><br />
<p class='smalltext'><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
</div>
</div>
-<? }
+<? }
if(array_key_exists("oldlocation",$_SESSION['_config']) && $_SESSION['_config']['oldlocation']!="")
{
echo "<br/><center>"._("If you want to use certificate login instead of username+password, please")." <a href='https://secure.cacert.org/".sanitizeHTML($_SESSION['_config']['oldlocation'])."'>"._("click here")."</a></center>";
diff --git a/pages/wot/11.php b/pages/wot/11.php
deleted file mode 100644
index e25a862..0000000
--- a/pages/wot/11.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['admin'] == 1) { ?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="2" class="title"><?=_("Organisational Assurance")?></td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Organisation Title")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Contact Email")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Town/Suburb")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("State/Province")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Country")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Comments")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
-</table>
-<? } else { ?>
-<p><?=_("This page is a work in Progress. Please see this")?>
-<a href="http://wiki.cacert.org/wiki/OrganisationEntities"><?=_("article on the Wiki")?></a>
-<?=_("for more information about Organizational Support.")?></a></p>
-<? } ?>
diff --git a/pages/wot/14.php b/pages/wot/14.php
deleted file mode 100644
index 21c5873..0000000
--- a/pages/wot/14.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-
-<p>This is a demo page, which isn't fully functional yet.</p>
-
-<p><?=sprintf(_("If you have a %sSignaturecard%s (also called 'Buergerkarte'), you can digitally sign your assurance request here, and get 50 CAcert points:"),"<a href='http://www.buergerkarte.at/'>","</a>")?><br /></p>
-
-<p><?=sprintf(_("To get assured with your Signaturecard, you need the Software from <a href='http://www.buergerkarte.at/bku/'>http://www.buergerkarte.at/bku/</a>. To activate your E-Card, please go to <a href='https://www.sozialversicherung.at/signon2-Registrierung/'>https://www.sozialversicherung.at/signon2-Registrierung/</a>."))?></p>
-
-
-<pre><?=sanitizeHTML($_REQUEST['XMLResponse'])?></pre>
-
-<h1>1. Step: Assurance form</h1>
-
-<form name="form" method="post" action="http://localhost:3495/http-security-layer-request"/>
- <input type="submit" name="Weiter" value="Start Assurance">
- <input type="hidden" name="XMLRequest" value="&lt;CreateXMLSignatureRequest xmlns='http://www.buergerkarte.at/namespaces/securitylayer/20020831#' xmlns:dsig='http://www.w3.org/2000/09/xmldsig#' xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'>&lt;KeyboxIdentifier>CertifiedKeypair&lt;/KeyboxIdentifier>&lt;DataObjectInfo Structure='enveloping'>&lt;sl10:DataObject>&lt;sl10:XMLContent>Mit dieser Signatur beantragen Sie die Assurance ihres CAcert Accounts '<?=$_SESSION['profile']['email']?>' mit ihrer Buergerkarte.&lt;/sl10:XMLContent>&lt;/sl10:DataObject>&lt;sl10:TransformsInfo>&lt;sl10:FinalDataMetaInfo>&lt;sl10:MimeType>text/plain&lt;/sl10:MimeType>&lt;/sl10:FinalDataMetaInfo>&lt;/sl10:TransformsInfo>&lt;/DataObjectInfo>&lt;/CreateXMLSignatureRequest>"/>
- <input type="hidden" name="actualtest_" value="4"/>
- <input type="hidden" name="DataURL" value="https://www.cacert.org/tverify/seclayer.php?id=14&amp;user=<?=$_SESSION['profile']['email']?>"/>
- <input type="hidden" name="TestResult_" value="&lt;strong&gt;TestResult&lt;/strong&gt;"/>
-</form>
-
-<h1>2. Step: Person binding (Birthday)</h1>
-
-<form name="form" method="post" action="http://localhost:3495/http-security-layer-request"/>
- <input type="submit" name="Weiter" value="Read birthday from Card">
- <input type="hidden" name="XMLRequest" value="&lt;InfoboxReadRequest xmlns=&quot;http://www.buergerkarte.at/namespaces/securitylayer/20020225#&quot;&gt;&lt;InfoboxIdentifier&gt;IdentityLink&lt;/InfoboxIdentifier&gt;&lt;BinaryFileParameters ContentIsXMLEntity=&quot;true&quot;/&gt;&lt;/InfoboxReadRequest&gt;"/>
- <input type="hidden" name="actualtest_" value="4"/>
- <input type="hidden" name="DataURL" value="https://www.cacert.org/tverify/seclayer.php?id=14&amp;user=<?=$_SESSION['profile']['email']?>"/>
- <input type="hidden" name="TestResult_" value="&lt;strong&gt;TestResult&lt;/strong&gt;"/>
-</form>
-
diff --git a/pages/wot/15.php b/pages/wot/15.php
index 8579588..cca2702 100644
--- a/pages/wot/15.php
+++ b/pages/wot/15.php
@@ -16,7 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+ require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$userid = intval($_SESSION['profile']['id']);
diff --git a/pages/wot/2.php b/pages/wot/2.php
index a75bc57..eda77bb 100644
--- a/pages/wot/2.php
+++ b/pages/wot/2.php
@@ -15,22 +15,19 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<span style="background-color: #FF8080; font-size: 150%">
-Note that the <strong>TTP</strong> programme is effectively <strong>Frozen</strong><br>
-Until a subsidiary policy under AP is written, it is against AP rules.<br>
-</span>
-&nbsp;<br>
-<h3><?=_("To become an Assurer")?></h3>
-<p><?=_("There are several ways to become a CAcert Assurer, the most common of which is face to face meetings with existing assurers, who check your ID documents (you need to show 2 government issued photo ID where possible otherwise you won't be allocated as many points!).")?></p>
+<h3><?=_('To become an Assurer')?></h3>
-<p><?=_("You can also become a CAcert Assurer by seeking out a public notary, justice of the peace, accountant, lawyer or bank manager. You will need to download and print out a copy of the TTP.pdf and fill in your sections. You will need to produce a photo copy of your ID, which the person assuring you will inspect against the originals. Once they are satisfied the documents appear to be genuine they need to sign the back of the photo copies, and fill in their sections of the TTP document. Once you have had your ID verified by 2 different people, pop the copies + forms in an envelope and post them to:")?></p>
+<p><?=_('To become a CAcert Assurer you need to fulfill the following requirements:')?></p>
+<ol>
+ <li><?=_('You have to reach 100 Assurance points')?></li>
+ <li><?=_('You have to pass the CATS test')?></li>
+</ol>
-<p>CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<p><?=_('To reach 100 Assurance Points you have to meet with assurers who assure you under the CAcert Assurance Programme according to Assurance Policy. During the face to face meeting you need to show at least one governmental issued photo ID.')?></p>
+
+<p><?=sprintf(_('The 2nd requirement in becoming assurer is to pass the CAcert Assurer Challenge, which can be started at %s. For more information explore the wiki regarding the %s.'),'<a href="https://cats.cacert.org">https://cats.cacert.org</a>','<a href="//wiki.cacert.org/AssurerChallenge">Assurer Challenge</a>')?><p>
+
+<p><?=sprintf(_('In case you cannot meet an Assurer (eg there are not many assurer in your area) you can be assured under the alternate %sTTP-assisted-assurance programme%s. Read the pages %s for the basic way how the TTP-assisted-assurance programme works for you and %s whether the TTP programme affects the country where you are located.'),'<a href="/wot.php?id=4">', '</a>','<a href="//wiki.cacert.org/TTP/TTPuser">TTPuser</a>','<a href="//wiki.cacert.org/TTP/TTPAL">TTPAL</a>')?> </p>
-<p><?=_("Upon receiving your documents you will be notified, and points will be added to your account.")?></p>
-<p><?=_("Once you have received at least 100 Assurance Points you will have to pass a test called Assurer Challenge, which can be started at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>!'?></p>
diff --git a/pages/wot/4.php b/pages/wot/4.php
index 0da72da..628e6a5 100644
--- a/pages/wot/4.php
+++ b/pages/wot/4.php
@@ -14,19 +14,69 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<span style="background-color: #FF8080; font-size: 150%">
-Note that the <strong>TTP</strong> programme is effectively <strong>Frozen</strong><br>
-Until a subsidiary policy under AP is written, it is against AP rules.<br>
-</span>
-&nbsp;<br>
+*/
+require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
+?>
+
<h3><?=_("Trusted Third Parties")?></h3>
-<p><?=_("A trusted 3rd party is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on. Other people are allowed to be authoritative in this area as well, such as bank managers, accountants and lawyers.")?></p>
+<p><?=_("The Trusted Third Party (TTP) programme is intended to be used in areas without many CAcert Assurers.")?></p>
+
+<p><?=_("A Trusted Third Party (TTP) is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on.")?></p>
+
+<p><?=_("With the TTP programme you can potentially gain assurance up to a maximum of 100 assurance points.")?></p>
+
+<p><?=_("Currently CAcert has only developed the TTP programme to the level that you can gain 70 assurance points by TTP assurances.") ?></p>
+
+<p><?=_("We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points.")?> </p>
+
+<p><?=_("In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but also remember that assurers may occasionally visit your country or area.")?></p>
-<p><?=_("You can become a CAcert Assurer by seeking out trusted 3rd parties. You will also need to download and print out a copy of the TTP Form (found under 'CAP/TTP Forms') and fill in your sections. You will need to produce a photo copy of your ID, which the person assuring you will inspect against the originals. Once they are satisfied the documents appear to be genuine they need to sign the back of the photo copies, and fill in their sections of the TTP document. Once you have had your ID verified by 2 different people, pop the copies + forms in an envelope and post them to:")?></p>
+<p><?=sprintf(_("If you are interested in the TTP programme, read the pages %s for the basic way how the TTP programme works for you, and %s whether the TTP programme affects the country where you are located."),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?> </p>
-<p>CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<?
+// test for points <100
+if ($_SESSION['profile']['points']<100){
+ // test for TTP assurances
+ if (get_number_of_ttpassurances(intval($_SESSION['profile']['id']))<2){?>
+ <p><?=_("If you want to ask for TTP assurances fill out the missing data and send the request to support@cacert.org to start the process. CAcert will then inform you about the next steps.")?></p>
+ <form method="post" action="wot.php">
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="DataTD"><?=_("Country where you want to visit the TTP")?></td>
+ <td class="DataTD"><select size="1" name="country">
+ <option>Australia</option>
+ <option>Puerto Rico</option>
+ <option>USA</option>
+ </select></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("I want to take part in the TTP Topup programme")?></td>
+ <td class="DataTD"><input type="checkbox" name="ttptopup" value="1"></td>
+ </tr>
+ <tr>
+ <td colspan="2" >
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="submit" name="ttp" value="<?=_("I need a TTP assurance")?>">
+ </td>
+ </tr>
+ </table>
+ </form>
+<? //"
+ } else {
+ /* As soon as the TPP TOPUP Programme is established this routine should be used
+ <p><?=_("As you have already got 2 TTP assurances you can only take part in the TTP TOPUP programme. If you want to ask for the TTP TOPUP programme use the submit button to send the request to support@cacert.org to start the process. CAcert will then inform you about the next steps.")?></p>
+ <form method="post" action="wot.php">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="submit" name="ttptopup" value="<?=_("I need a TTP TOPUP")?>">
+ </form>
+*/
+?>
+ <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p>
+<?
+ }
+} else {
+?>
+ <p><?=_("You reached the maximum points that can be granted by the TTP programme and therefore you cannot take part in the TTP programme any more.")?></p>
+<?
+}
diff --git a/pages/wot/6.php b/pages/wot/6.php
index f8be9d7..ef8cac7 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -16,6 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
+
if(!array_key_exists('notarise',$_SESSION['_config']))
{
echo "Error: No user data found.";
@@ -24,147 +25,61 @@
$row = $_SESSION['_config']['notarise'];
- if(!array_key_exists('pointsalready',$_SESSION['_config'])) $_SESSION['_config']['pointsalready']=0;
+ if($_SESSION['profile']['ttpadmin'] == 1)
+// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP");
+// else
+ $methods = array("Face to Face Meeting", "Trusted 3rd Parties");
+ else
+ $methods = array("Face to Face Meeting");
+ $mnames = array(
+ '01' => _('January'),
+ '02' => _('February'),
+ '03' => _('March'),
+ '04' => _('April'),
+ '05' => _('May'),
+ '06' => _('June'),
+ '07' => _('July'),
+ '08' => _('August'),
+ '09' => _('September'),
+ '10' => _('October'),
+ '11' => _('November'),
+ '12' => _('December')
+ );
- if($_SESSION['profile']['ttpadmin'] == 1 && $_SESSION['profile']['board'] == 1)
- {
- $methods = array("Face to Face Meeting", "Trusted Third Parties", "Thawte Points Transfer", "Administrative Increase", "CT Magazine - Germany");
- } else if($_SESSION['profile']['ttpadmin'] == 1) {
- $methods = array("Face to Face Meeting", "Trusted Third Parties");
- }
+ $fname = $row['fname'];
+ $mname = $row['mname'];
+ $lname = $row['lname'];
+ $suffix = $row['suffix'];
+ $dob = $row['dob'];
- $cap = "/cap.php?";
- $name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
- $_SESSION['_config']['wothash'] = md5($name."-".$row['dob']);
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "name=".urlencode($name);
- $cap .= "&amp;dob=".urlencode($row['dob']);
- $cap .= "&amp;email=".urlencode($row['email']);
- $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "&amp;assurer=".urlencode($name);
- $cap .= "&amp;date=now";
- $cap .= "&amp;maxpoints=".maxpoints();
+ $dob_date = explode('-', $dob, 3);
+ $dob_print = sprintf(
+ '<tt class="accountdetail">%s-%s-%s</tt> (%d %s %d)',
+ $dob_date[0], $dob_date[1], $dob_date[2],
+ intval($dob_date[2], 10), $mnames[$dob_date[1]], intval($dob_date[0], 10)
+ );
- $maxpoints = maxpoints();
- if($maxpoints > 100)
- $maxpoints = 100;
+ $name = $fname." ".$mname." ".$lname." ".$suffix;
+ $_SESSION['_config']['wothash'] = md5($name."-".$dob);
- if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
-<form method="post" action="wot.php">
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
- <tr>
- <td colspan="2" class="title"><?=_("Assurance Confirmation")?></td>
- </tr>
-<? if(array_key_exists('alreadydone',$_SESSION['_config']) && $_SESSION['_config']['alreadydone'] == 1) { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
- </tr>
-<?
- } if(100 - $_SESSION['_config']['pointsalready'] - $maxpoints < 0) {
- ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
- </tr>
-<? }
+ require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
- $query = "select `verified` from `users` where `id`='".$row['id']."'";
- $res = mysql_query($query);
- $drow = mysql_fetch_assoc($res);
- //if($_SESSION['_config']['verified'] <= 0)
- if($drow['verified']<=0)
- { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("You are about to assure a person that isn't currently verified. If you continue and they do not verify their account within 48 hours the account could automatically be removed by the system.")?></b></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD" colspan="2" align="left"><? printf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $row['fname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Name")?>:</td>
- <td class="DataTD"><?=$row['fname']?> <?=$row['mname']?> <?=$row['lname']?> <?=$row['suffix']?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date of Birth")?>:</td>
- <td class="DataTD"><?=$row['dob']?> (<?=_("YYYY-MM-DD")?>)</td>
- </tr>
-<? if($_SESSION['profile']['ttpadmin'] == 1) { ?>
- <tr>
- <td class="DataTD"><?=_("Method")?>:</td>
- <td class="DataTD"><select name="method">
-<? foreach($methods as $val) { ?>
- <option value="<?=$val?>"<? if(array_key_exists('method',$_POST) && $val == $_POST['method']) echo " selected"; ?>><?=$val?></option>
-<? } ?>
- </select>
- </td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Only tick the next box if the Assurance was face to face.")?></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="certify" value="1"<? if(array_key_exists('certify',$_POST) && $_POST['certify'] == 1) echo " checked"; ?>></td>
- <td class="DataTD"><? printf(_("I certify that %s %s %s has appeared in person"), $row['fname'], $row['mname'], $row['lname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><input type="text" name="location" value="<?=array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:""?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date")?>:</td>
- <td class="DataTD"><input type="text" name="date" value="<?=array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:""?>"><br><?=_("Only fill this in if you assured the person on a different day")?></td>
- </tr>
-<? if($_SESSION['profile']['board'] == 1 && $_SESSION['_config']['pointsalready'] <= 150) { ?>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Issuing a temporary increase will automatically boost their points to 200 points for a nomindated amount of days, after which the person will be reduced to 150 points regardless of the amount of points they had previously. Regardless of method chosen above it will be recorded in the system as an Administrative Increase and there is a maximum amount of 45 days that points can be issued for.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Temporary Increase")?>:</nobr><br><nobr><?=_("Number of days")?></nobr></td>
- <td class="DataTD"><input type="text" name="expire" value="<?=intval(array_key_exists('expire',$_POST)?$_POST['expire']:0)?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Sponsoring Member")?>:</td>
- <td class="DataTD"><select name="sponsor">
-<?
- $query = "select * from `users` where `board`='1' and `id`!='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
+ AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s %s %s %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname, $mname, $lname, $suffix));
+ AssureTextLine(_("Name"), sprintf(
+ "<tt><span class=\"accountdetail name\"><span class=\"accountdetail fname\">%s</span> <span class=\"accountdetail mname\">%s</span> <span class=\"accountdetail lname\">%s</span> <span class=\"accountdetail suffix\">%s</span></span></tt>",
+ $fname, $mname, $lname, $suffix
+ ));
+ AssureTextLine(_("Date of Birth"),$dob_print);
+ AssureMethodLine(_("Method"),$methods,'');
+ AssureBoxLine("certify",sprintf(_("I certify that %s %s %s %s has appeared in person."), $fname, $mname, $lname, $suffix),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+ AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s %s has accepted the CAcert Community Agreement."), $fname, $mname, $lname, $suffix),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);
+ AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
+ AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("The date when the assurance took place. Please adjust the date if you assured the person on a different day (YYYY-MM-DD)."));
+ AssureTextLine("",_("Only tick the next box if the Assurance was face to face."));
+ AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
+ AssureBoxLine("rules",_("I have read and understood the CAcert Community Agreement (CCA), Assurance Policy and the Assurance Handbook. I am making this Assurance subject to and in compliance with the CCA, Assurance policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+ AssureTextLine(_("Policy"),"<a href=\"/policy/CAcert Community Agreement.php\" target=\"_blank\">"._("CAcert Community Agreement")."</a> -<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+ AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+ AssureFoot($id,_("I confirm this Assurance"));
?>
- <option value="<?=$row['id']?>"<? if(array_key_exists('sponsor',$_POST) && $row['id'] == $_POST['sponsor']) echo " selected='selected'"; ?>><?=$row['fname']." ".$row['lname']?></option>
-<? } ?>
- </select>
- </td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="assertion" value="1"<? if(array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><input type="checkbox" name="rules" value="1"<? if(array_key_exists('rules',$_POST) && $_POST['rules'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Policy")?>:</td>
- <td class="DataTD"><a href="/policy/AssurancePolicy.php" target="_NEW"><?=_("Assurance Policy")?></a> - <a href="http://wiki.cacert.org/AssuranceHandbook2" target="_NEW"><?=_("Assurance Handbook")?></a></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Points")?>:<br><nobr>(Max <?=maxpoints()?>)</nobr></td>
- <td class="DataTD"><input type="text" name="points" value=""></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("WoT Form")?>:</td>
- <td class="DataTD"><a href="<?=$cap?>" target="_NEW">A4 - <?=_("WoT Form")?></a> <a href="<?=$cap?>&amp;format=letter" target="_NEW">US - <?=_("WoT Form")?></a></td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I confirm this Assurance")?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
- </tr>
-</table>
-<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
diff --git a/scripts/40de-ate-hamburg-email.txt b/scripts/40de-ate-hamburg-email.txt
new file mode 100644
index 0000000..ddf7c0f
--- /dev/null
+++ b/scripts/40de-ate-hamburg-email.txt
@@ -0,0 +1,66 @@
+CAcert Assurer Training Event Hamburg [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Was sind die 2 wesentlichen Punkte der CCA die du einem Assuree vermitteln koennen sollst ?
+- Unter welchen Umstaenden koennen z.Bsp. niederlaendische Rufnamen akzeptiert werden?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 14. Februar 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Hamburg'
+
+Kontakt: events@cacert.org
+
+
+CAcert Assurer Training Event Hamburg [English]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Much has happened during the past 3 years. The old way of
+orally-transmitted procedures has now gone, and our rules have been cast
+into formal policies. New procedures (e.g. the Assurer Challenge) and
+obligations (e.g. in the CAcert Community Agreement) have been approved.
+The Assurer Training Events bring all this to you, the Community:
+
+- What you have to add onto the CAP form if you assure U18 people ?
+- What are the 2 essential topics regarding CCA you have to present an Assuree ?
+- When you can accept i.e. a Dutch "roepnaam" ?
+
+Answers to these and many other questions are given at the Assurer
+Training Events (ATEs).
+
+ATE-Hamburg takes place on:
+Tuesday, Feb 14, 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+The Event-Team is looking forward to hearing from you.
+
+Details on Location and Transportation you will find under
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+Registration for ATE-Hamburg: please reply
+'I will attend: ATE-Hamburg'
+
+Contact: events@cacert.org
diff --git a/scripts/40de-ate-hamburg-mail.php.txt b/scripts/40de-ate-hamburg-mail.php.txt
new file mode 100644
index 0000000..54ec1b8
--- /dev/null
+++ b/scripts/40de-ate-hamburg-mail.php.txt
@@ -0,0 +1,112 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("40de-ate-hamburg-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+
+// ATE Manchester 2012
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+// $eventname = "ATE-Manchester";
+// $city = "Manchester/Crewe UK";
+
+// ATE Hamburg, DE, Feb 14 2012
+ $locid = 715191; // Hamburg
+ $eventname = "ATE-Hamburg";
+ $city = "Feb 14, 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/41de-ate-jena-email.txt b/scripts/41de-ate-jena-email.txt
new file mode 100644
index 0000000..f70dc85
--- /dev/null
+++ b/scripts/41de-ate-jena-email.txt
@@ -0,0 +1,33 @@
+CAcert Assurer Training Event Jena [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Donnerstag den 29. Maerz 2012, 19:00 - 22:00
+
+Adresse: Am Johannisfriedhof 2, Jena
+Gebaeude: Universitaetsrechenzentrum der Friedrich-Schiller-Universitaet Jena
+OSM: [http://osm.org/go/0MAe9XhNp-]
+Webseite: [http://www.uni-jena.de/URZ.html]
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-03-29ATE-Jena]
+Blog [http://blog.cacert.org/2012/03/550.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Jena'
+
+Kontakt: events@cacert.org
diff --git a/scripts/41de-ate-jena-mail.php.txt b/scripts/41de-ate-jena-mail.php.txt
new file mode 100644
index 0000000..5691f63
--- /dev/null
+++ b/scripts/41de-ate-jena-mail.php.txt
@@ -0,0 +1,109 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("41de-ate-jena-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012
+ $locid = 803095; // Jena, Thueringen, Germany
+ $eventname = "ATE-Jena";
+ $city = "Mar 29, 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/42de-ate-leipzig-email.txt b/scripts/42de-ate-leipzig-email.txt
new file mode 100644
index 0000000..ea08a75
--- /dev/null
+++ b/scripts/42de-ate-leipzig-email.txt
@@ -0,0 +1,39 @@
+CAcert Assurer Training Event Leipzig
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 10. April 2012, 19:00 - 22:00
+(Dienstag nach Ostern)
+
+Adresse:
+ Universtität Leipzig / Institut für Informatik
+ Johannisgasse 26 / Raum 1-40
+ 04103 Leipzig
+Webseite:
+ [http://www.informatik.uni-leipzig.de/ifi/]
+Lageplan:
+ [http://www.fmi.uni-leipzig.de/cms/service/lageplan.html]
+
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-04-10ATE-Leipzig]
+Blog [http://blog.cacert.org/2012/03/555.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Leipzig'
+
+Kontakt: events@cacert.org
diff --git a/scripts/42de-ate-leipzig-mail.php.txt b/scripts/42de-ate-leipzig-mail.php.txt
new file mode 100644
index 0000000..d0c02b7
--- /dev/null
+++ b/scripts/42de-ate-leipzig-mail.php.txt
@@ -0,0 +1,114 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("42de-ate-leipzig-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012
+// $locid = 803095; // Jena, Thueringen, Germany
+// $eventname = "ATE-Jena";
+// $city = "Mar 29, 2012";
+
+// ATE Leipzig, DE, Apr 10 2012
+ $locid = 1067965; // Leipzig, Sachsen, Germany
+ $eventname = "ATE-Leipzig";
+ $city = "Apr 10, 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/43de-ate-karlsruhe-email.txt b/scripts/43de-ate-karlsruhe-email.txt
new file mode 100644
index 0000000..26af21c
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-email.txt
@@ -0,0 +1,103 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 15. Mai 2012
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Raum: New York
+- im FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Karlsruhe teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+[French]
+
+Bon nombre de changements ont eu lieu au cours de la derniere annee au sein de CAcert. Beaucoup de regles "orales" ont ete transformees en reglements ("Policies"). De nouvelles procedures (par exemple le Challenge Assureur) et devoirs (par exemple le CAcert Community Agreement) ont ete activees. Les Assurer Training Events essaient de propager ces informations :
+
+- Que manque-t-il sur les "anciens" formulaires CAP ?
+- Pourquoi dois-je me souvenir de R/L/O ?
+- Que faire si une personne vous montre un document d'identite qui vous est inconnu ?
+
+Durant les Assurer Training Events (ATEs) vous recevrez les reponses a ces questions et a plein d'autres.
+
+De plus, les ATE vous permettent de vous entrainer a verifier les identites. Ceci sera audite afin de mesurer la qualite des assurances effectuees dans la routine quotidienne. On essaiera de vous induire en erreur. Vous aurez ainsi la possibilite de voir les problemes et d'apprendre a dejouer les pieges.
+
+Comme IanG l'a dit : il est fortement recommande aux assureurs de participer aux ATE. Le programmme contient des parties qui entrent directement en ligne de compte pour le succes de notre audit. Venez et decouvrez comment contribuer.
+
+Le prochain ATE qui aura lieu pres de chez vous sera :
+- Mardi le 15 mai 2012
+- de 19:00 a environ 22:00
+- Chambre: New York
+- dans le FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+NB : les exposes auront lieu en Allemand
+
+Plus de renseignements sur le lieu :
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+Pour participer, repondez a ce courriel : 'Je viendrais au ATE-Karlsruhe'
+
+Le comite d'organisation se rejouit de votre venue.
+
+Contact: events@cacert.org
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Tuesday 15th Mai 2012
+- during 19:00 - ca. 22:00
+- Room: New York
+- in the FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+User reply for registration: 'I will attend the ATE-Karlsruhe'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/43de-ate-karlsruhe-mail.php.txt b/scripts/43de-ate-karlsruhe-mail.php.txt
new file mode 100644
index 0000000..afea2f2
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-mail.php.txt
@@ -0,0 +1,155 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("43de-ate-karlsruhe-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+
+// Software Freedom Day 19. Sept 2009
+// $locid = 715191; // Hamburg
+
+// LISA2009 Baltimore, 1.11.2009
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $city = "Baltimore, MD - Nov. 3rd 2009";
+
+// OpenSourceTreffen-Muenchen, 20.11.2009
+// $locid = 1260319; // Muenchen
+// $city = "Muenchen - 20. Nov 2009";
+
+// BLIT2009, Brandenburger Linux-Infotag, 21.11.2009
+// $locid = 1486658; // Potsdam
+// $eventname = "Brandenburger Linux-Infotag (BLIT2009)";
+// $city = "Potsdam - 21. Nov 2009";
+
+// ATE-Goteborg, 16.12.2009
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $eventname = "ATE-Goteborg";
+// $city = "Goteborg - Dec 16th 2009";
+
+// Assurance Event Mission Hills CA, 15.01.2010
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $eventname = "Assurance Event";
+// $city = "Mission Hills CA - Jan 15th 2010";
+
+// Assurance Event OSD Copenhagen DK, 5.03.2010
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "Assurance Event OpenSource-Days 2010";
+// $city = "Copenhagen DK - March 5th/6th 2010";
+
+// SCALE 8x Los Angeles, CA, Feb 19-21 2010
+// $locid = 2093625; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "SCALE 8x 2010";
+// $city = "Los Angeles, CA - February 19-21 2010";
+
+// ATE Sydney, AU, Mar 24 2010
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $eventname = "ATE-Sydney";
+// $city = "March 24, 2010";
+
+// ATE Essen, DE, Sept 28 2010
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Essen";
+// $city = "September 28, 2010";
+
+// ATE Aachen, DE, Oct 4th 2010
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Aachen";
+// $city = "October 4th, 2010";
+
+// ATE Muenchen, DE, Apr 2nd 2011
+// $locid = 1260319; // Muenchen
+// $eventname = "ATE-Muenchen";
+// $city = "2. April, 2011";
+
+// ATE Bonn, DE, Jun 8th 2011
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Bonn";
+// $city = "8. Juni, 2011";
+
+// ATE Karlsruhe, DE, May 15th 2012
+ $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+ $eventname = "ATE-Karlsruhe";
+ $city = "15. May 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/44de-ate-duesseldorf-email.txt b/scripts/44de-ate-duesseldorf-email.txt
new file mode 100644
index 0000000..b4b3708
--- /dev/null
+++ b/scripts/44de-ate-duesseldorf-email.txt
@@ -0,0 +1,104 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Montag, den 09. Juli 2012
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- in der Heinrich-Heine-Universitaet Duesseldorf
+- Raum: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/559.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Duesseldorf teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+[French]
+
+Bon nombre de changements ont eu lieu au cours de la derniere annee au sein de CAcert. Beaucoup de regles "orales" ont ete transformees en reglements ("Policies"). De nouvelles procedures (par exemple le Challenge Assureur) et devoirs (par exemple le CAcert Community Agreement) ont ete activees. Les Assurer Training Events essaient de propager ces informations :
+
+- Que manque-t-il sur les "anciens" formulaires CAP ?
+- Pourquoi dois-je me souvenir de R/L/O ?
+- Que faire si une personne vous montre un document d'identite qui vous est inconnu ?
+
+Durant les Assurer Training Events (ATEs) vous recevrez les reponses a ces questions et a plein d'autres.
+
+De plus, les ATE vous permettent de vous entrainer a verifier les identites. Ceci sera audite afin de mesurer la qualite des assurances effectuees dans la routine quotidienne. On essaiera de vous induire en erreur. Vous aurez ainsi la possibilite de voir les problemes et d'apprendre a dejouer les pieges.
+
+Comme IanG l'a dit : il est fortement recommande aux assureurs de participer aux ATE. Le programmme contient des parties qui entrent directement en ligne de compte pour le succes de notre audit. Venez et decouvrez comment contribuer.
+
+Le prochain ATE qui aura lieu pres de chez vous sera :
+- Lundi le 09 juli 2012
+- de 19:00 a environ 22:00
+- dans Heinrich-Heine-Universitaet Duesseldorf
+- Chambre: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+NB : les exposes auront lieu en Allemand
+
+Plus de renseignements sur le lieu :
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/566.html]
+
+Pour participer, repondez a ce courriel : 'Je viendrais au ATE-Karlsruhe'
+
+Le comite d'organisation se rejouit de votre venue.
+
+Contact: events@cacert.org
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Monday 9th July 2012
+- during 19:00 - ca. 22:00
+- in the Heinrich-Heine-Universitaet Duesseldorf
+- Room: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/566.html]
+
+User reply for registration: 'I will attend the ATE-Duesseldorf'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/44de-ate-duesseldorf-mail.php.txt b/scripts/44de-ate-duesseldorf-mail.php.txt
new file mode 100644
index 0000000..7b89e96
--- /dev/null
+++ b/scripts/44de-ate-duesseldorf-mail.php.txt
@@ -0,0 +1,160 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("44de-ate-duesseldorf-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+
+// Software Freedom Day 19. Sept 2009
+// $locid = 715191; // Hamburg
+
+// LISA2009 Baltimore, 1.11.2009
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $city = "Baltimore, MD - Nov. 3rd 2009";
+
+// OpenSourceTreffen-Muenchen, 20.11.2009
+// $locid = 1260319; // Muenchen
+// $city = "Muenchen - 20. Nov 2009";
+
+// BLIT2009, Brandenburger Linux-Infotag, 21.11.2009
+// $locid = 1486658; // Potsdam
+// $eventname = "Brandenburger Linux-Infotag (BLIT2009)";
+// $city = "Potsdam - 21. Nov 2009";
+
+// ATE-Goteborg, 16.12.2009
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $eventname = "ATE-Goteborg";
+// $city = "Goteborg - Dec 16th 2009";
+
+// Assurance Event Mission Hills CA, 15.01.2010
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $eventname = "Assurance Event";
+// $city = "Mission Hills CA - Jan 15th 2010";
+
+// Assurance Event OSD Copenhagen DK, 5.03.2010
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "Assurance Event OpenSource-Days 2010";
+// $city = "Copenhagen DK - March 5th/6th 2010";
+
+// SCALE 8x Los Angeles, CA, Feb 19-21 2010
+// $locid = 2093625; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "SCALE 8x 2010";
+// $city = "Los Angeles, CA - February 19-21 2010";
+
+// ATE Sydney, AU, Mar 24 2010
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $eventname = "ATE-Sydney";
+// $city = "March 24, 2010";
+
+// ATE Essen, DE, Sept 28 2010
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Essen";
+// $city = "September 28, 2010";
+
+// ATE Aachen, DE, Oct 4th 2010
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Aachen";
+// $city = "October 4th, 2010";
+
+// ATE Muenchen, DE, Apr 2nd 2011
+// $locid = 1260319; // Muenchen
+// $eventname = "ATE-Muenchen";
+// $city = "2. April, 2011";
+
+// ATE Bonn, DE, Jun 8th 2011
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Bonn";
+// $city = "8. Juni, 2011";
+
+// ATE Karlsruhe, DE, May 15th 2012
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $eventname = "ATE-Karlsruhe";
+// $city = "15. May 2012";
+
+// ATE Duesseldorf, DE, May 15th 2012
+ $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+ $eventname = "ATE-Duesseldorf";
+ $city = "09. July 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/45au-ate-melbourne-email.txt b/scripts/45au-ate-melbourne-email.txt
new file mode 100644
index 0000000..aa46112
--- /dev/null
+++ b/scripts/45au-ate-melbourne-email.txt
@@ -0,0 +1,32 @@
+
+
+During the last years many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Saturday 28th July 2012
+- starting around 05:00 pm
+- Urban Camp
+ Brens Drive
+ Parkville
+ Victoria 3052
+
+Details to the location and time can be found:
+Wiki [http://wiki.cacert.org/events/20120728_ATE-Melbourne]
+Blog [http://blog.cacert.org/2012/07/571.html]
+
+User reply for registration: 'I will attend the ATE-Melbourne'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/45au-ate-melbourne-mail.php.txt b/scripts/45au-ate-melbourne-mail.php.txt
new file mode 100644
index 0000000..5161e97
--- /dev/null
+++ b/scripts/45au-ate-melbourne-mail.php.txt
@@ -0,0 +1,106 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("45au-ate-melbourne-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+
+// ATE Melbourne, AU, July 28th 2012
+ $locid = 2262656; // Melbourne, Victoria, Australia
+ $eventname = "ATE-Melbourne";
+ $city = "28th July 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/46us-ate-raleigh-email.txt b/scripts/46us-ate-raleigh-email.txt
new file mode 100644
index 0000000..c263db5
--- /dev/null
+++ b/scripts/46us-ate-raleigh-email.txt
@@ -0,0 +1,41 @@
+
+
+During the last years many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures (e.g. Assurer Challenge)
+and obligations (e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training
+Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to
+measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute directly
+to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Saturday 11th August 2012
+- 10:00-13:00
+- Splat Space - Durham's Hackerspace
+ 331 W. Main St - Basement
+ Durham, NC
+
+
+Details to the location and time can be found:
+Wiki [http://wiki.cacert.org/events/ATE-Raleigh]
+Blog [http://blog.cacert.org/2012/07/572.html]
+
+User reply for registration: 'I will attend the ATE-Raleigh'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/46us-ate-raleigh-mail.php.txt b/scripts/46us-ate-raleigh-mail.php.txt
new file mode 100644
index 0000000..0c55567
--- /dev/null
+++ b/scripts/46us-ate-raleigh-mail.php.txt
@@ -0,0 +1,112 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("46us-ate-raleigh-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+
+// ATE Melbourne, AU, July 28th 2012
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $eventname = "ATE-Melbourne";
+// $city = "28th July 2012";
+
+// ATE Raleigh, US, August 11th 2012
+ $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+ $eventname = "ATE-Raleigh";
+ $city = "11th August 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/47us-fudcon-lawrence-email.txt b/scripts/47us-fudcon-lawrence-email.txt
new file mode 100644
index 0000000..d2b6e97
--- /dev/null
+++ b/scripts/47us-fudcon-lawrence-email.txt
@@ -0,0 +1,26 @@
+Hi,
+
+I'm a Fedora developer and sysadmin (and a CAcert Assurer), and am going to be attending the Fedora Users and Developers Conference which will be held at the University of Kansas, located in Lawrence, KS, from January 18–20, 2013.
+
+We have a GPG/PGP keysigning party planned, and I'm interested in getting some people together to offer CAcert assurances. This is especially important since CAcert will be removing all points formerly obtained by Thawte Point Transfer very soon.
+
+The CAcert Assurance Event will be held on Saturday, January 19, 2013, beginning at 15:30.
+The GPG Keysigning Event will begin at 16:30.
+
+If you are interested in either event, please sign up at:
+http://bit.ly/fudcon2013-keysigning for the keysigning event
+and/or
+http://bit.ly/fudcon2013-cacert-assurance for the CAcert assurance event.
+
+Please contact me at either nb@fedoraproject.org or nb@cacert.org if you have any questions.
+
+Nick
+
+Further infos:
+ * [https://wiki.cacert.org/Events/FUDConLawrence]
+ * CAcert organizing wiki page
+ * [http://fedoraproject.org/wiki/FUDCon:Lawrence_2013]
+ * has more information about FUDCon.
+
+
+Contact: events@cacert.org
diff --git a/scripts/47us-fudcon-lawrence-mail.php.txt b/scripts/47us-fudcon-lawrence-mail.php.txt
new file mode 100644
index 0000000..4bb3c8a
--- /dev/null
+++ b/scripts/47us-fudcon-lawrence-mail.php.txt
@@ -0,0 +1,109 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("47us-fudcon-lawrence-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+ $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+ $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+ $city = "January 19th 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/48de-ate-kiel-email.txt b/scripts/48de-ate-kiel-email.txt
new file mode 100644
index 0000000..d522cdc
--- /dev/null
+++ b/scripts/48de-ate-kiel-email.txt
@@ -0,0 +1,68 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 11. Februar 2013
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Toppoint e.V.
+- Eckernfrder Str. 20
+- 24103 Kiel
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2013-02-11ATE-Kiel]
+Blog [http://blog.cacert.org/2013/01/586.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Kiel teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Tuesday 11. February 2013
+- during 19:00 - ca. 22:00
+- Toppoint e.V.
+- Eckernfrder Str. 20
+- 24103 Kiel
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2013-02-11ATE-Kiel]
+Blog [http://blog.cacert.org/2013/01/586.html]
+
+User reply for registration: 'I will attend the ATE-Kiel'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/48de-ate-kiel-mail.php.txt b/scripts/48de-ate-kiel-mail.php.txt
new file mode 100644
index 0000000..9f3ab46
--- /dev/null
+++ b/scripts/48de-ate-kiel-mail.php.txt
@@ -0,0 +1,114 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("48de-ate-kiel-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+ $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+ $eventname = "ATE-Kiel";
+ $city = "11. Februar 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/49de-lt2013-berlin-email.txt b/scripts/49de-lt2013-berlin-email.txt
new file mode 100644
index 0000000..3759160
--- /dev/null
+++ b/scripts/49de-lt2013-berlin-email.txt
@@ -0,0 +1,17 @@
+Hallo CAcert-Mitglieder und Assurer,
+
+Der diesjaehrige LinuxTag auf der Messe Berlin findet von Mittwoch, 22. Mai bis Samstag, 25. Mai statt und steht unter dem Motto "Open minds create effective solutions!"
+
+Effektive Loesungen finden bei CAcert besonders gut dann statt, wenn ein reger Informationsaustausch stattfindet. Dafuer steht CAcert mit einem Stand auf der Messe am Stand 140 in Halle 7.1a. Wir freuen uns dabei nicht nur auf Besucher, sondern wir sind auch in hohem Masse auf die Mithilfe der Community angewiesen. Wir freuen uns deshalb besonders, auch Dich am Stand als Standbetreuer, Assurer und Netzwerker begruessen zu koennen. Bei dieser Gelegenheit koennen wir uns auch gerne ueber die aktuellen Entwicklungen bei CAcert unterhalten.
+
+Weitere Details stehen in unserem Wiki unter
+[https://wiki.cacert.org/Events/LinuxTag2013]
+
+Fuer Assurer, die als Standbetreuer mithelfen moechten bitte
+Rueckantwort bitte an events@cacert.org
+ 'Ich moechte beim Linuxtag mithelfen'
+Dafuer koennen wir auch kostenlose Eintrittskarten zur Verfuegung stellen, rechtzeitige Absprache ist dafuer natuerlich Voraussetzung.
+
+Vielen Dank fuer eure Unterstuetzung!
+
+Kontakt: events@cacert.org
diff --git a/scripts/49de-lt2013-berlin-mail.php.txt b/scripts/49de-lt2013-berlin-mail.php.txt
new file mode 100644
index 0000000..a5bef69
--- /dev/null
+++ b/scripts/49de-lt2013-berlin-mail.php.txt
@@ -0,0 +1,119 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("49de-lt2013-berlin-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 50;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+// $eventname = "ATE-Kiel";
+// $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+ $locid = 228950; // Berlin
+ $eventname = "Linuxtag Berlin";
+ $city = "22.-25. Mai, 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/50de-ate-luebeck-email.txt b/scripts/50de-ate-luebeck-email.txt
new file mode 100644
index 0000000..5bbfb70
--- /dev/null
+++ b/scripts/50de-ate-luebeck-email.txt
@@ -0,0 +1,91 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+ wenn du ein fremdes Ausweisdokument das ersteMal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Freitag, den 7. Juni 2013
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Jugendzentrum Burgtor
+- Grosse Burgstrasse 2
+- 23539 Luebeck
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/events/2013-06-07ATE-Luebeck]
+Blog [http://blog.cacert.org/2013/05/595.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Luebeck teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Friday 07. June 2013
+- during 19:00 - ca. 22:00
+- Jugendzentrum Burgtor
+- Grosse Burgstrasse 2
+- 23539 Luebeck
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/events/2013-06-07ATE-Luebeck]
+Blog [http://blog.cacert.org/2013/05/595.html]
+
+User reply for registration: 'I will attend the ATE-Luebeck'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/50de-ate-luebeck-mail.php.txt b/scripts/50de-ate-luebeck-mail.php.txt
new file mode 100644
index 0000000..41721c5
--- /dev/null
+++ b/scripts/50de-ate-luebeck-mail.php.txt
@@ -0,0 +1,123 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2013 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("50de-ate-luebeck-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+// $eventname = "ATE-Kiel";
+// $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+// $locid = 228950; // Berlin
+// $eventname = "Linuxtag Berlin";
+// $city = "22.-25. Mai, 2013";
+
+ $locid = 1117395; // Lubeck Hansestadt, Schleswig-Holstein, Germany
+ $eventname = "ATE-Luebeck";
+ $city = "07. Juni 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/51at-ate-graz-email.txt b/scripts/51at-ate-graz-email.txt
new file mode 100644
index 0000000..0d77dfe
--- /dev/null
+++ b/scripts/51at-ate-graz-email.txt
@@ -0,0 +1,91 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+ wenn du ein fremdes Ausweisdokument das ersteMal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Freitag, den 16. August 2013
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Realraum Graz
+- Jakomistraße 16
+- 8010 Graz
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2013-08-16ATE-Graz]
+Blog [http://blog.cacert.org/2013/07/ate-graz-at-2013-08-16/]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Graz teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Friday 16. August 2013
+- during 19:00 - ca. 22:00
+- Realraum Graz
+- Jakomistraße 16
+- 8010 Graz
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2013-08-16ATE-Graz]
+Blog [http://blog.cacert.org/2013/07/ate-graz-at-2013-08-16/]
+
+User reply for registration: 'I will attend the ATE-Graz'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/51at-ate-graz-mail.php.txt b/scripts/51at-ate-graz-mail.php.txt
new file mode 100644
index 0000000..56dd4ff
--- /dev/null
+++ b/scripts/51at-ate-graz-mail.php.txt
@@ -0,0 +1,126 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2013 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("51at-ate-graz-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+// $eventname = "ATE-Kiel";
+// $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+// $locid = 228950; // Berlin
+// $eventname = "Linuxtag Berlin";
+// $city = "22.-25. Mai, 2013";
+
+// $locid = 1117395; // Lubeck Hansestadt, Schleswig-Holstein, Germany
+// $eventname = "ATE-Luebeck";
+// $city = "07. Juni 2013";
+
+ $locid = 675661; // Graz, Steiermark, Austria
+ $eventname = "ATE-Graz";
+ $city = "16. August 2013";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/52at-ate-wien-email.txt b/scripts/52at-ate-wien-email.txt
new file mode 100644
index 0000000..bb4ce4c
--- /dev/null
+++ b/scripts/52at-ate-wien-email.txt
@@ -0,0 +1,91 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+ wenn du ein fremdes Ausweisdokument das erste Mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 15. Oktober 2013
+- in der Zeit von: 18:00 - ca. 22:00 Uhr
+- Wirtschaftskammer Oesterreich, Raum B3 1 Besprechungsraum
+- Wiedner Hauptstraße 63
+- 1045 Wien
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2013-10-15ATE-Wien]
+Blog [http://blog.cacert.org/2013/09/ate-wien-at-2013-10-15/]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Graz teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Friday, October 15th 2013
+- during: 18:00 - ca. 22:00
+- Austrian Chamber of Commerce, Meetingroom B3 1
+- Wiedner Hauptstraße 63
+- 1045 Vienna
+
+Details to the location can be found:
+Wiki [https://wiki.cacert.org/Events/2013-10-15ATE-Wien]
+Blog [http://blog.cacert.org/2013/09/ate-wien-at-2013-10-15/]
+
+User reply for registration: 'I will attend the ATE-Graz'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/52at-ate-wien-mail.php.txt b/scripts/52at-ate-wien-mail.php.txt
new file mode 100644
index 0000000..109bb81
--- /dev/null
+++ b/scripts/52at-ate-wien-mail.php.txt
@@ -0,0 +1,130 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2013 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("52at-ate-wien-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+// $eventname = "ATE-Kiel";
+// $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+// $locid = 228950; // Berlin
+// $eventname = "Linuxtag Berlin";
+// $city = "22.-25. Mai, 2013";
+
+// $locid = 1117395; // Lubeck Hansestadt, Schleswig-Holstein, Germany
+// $eventname = "ATE-Luebeck";
+// $city = "07. Juni 2013";
+
+// $locid = 675661; // Graz, Steiermark, Austria
+// $eventname = "ATE-Graz";
+// $city = "16. August 2013";
+
+ $locid = 1992733; // Wien, Wien, Austria
+ $eventname = "ATE-Wien";
+ $city = "15. Oktober 2013";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/cron/permissionreview.php b/scripts/cron/permissionreview.php
new file mode 100755
index 0000000..ca95f18
--- /dev/null
+++ b/scripts/cron/permissionreview.php
@@ -0,0 +1,250 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+require_once(dirname(__FILE__).'/../../includes/mysql.php');
+
+$BOARD_PRIVATE = 'cacert-board-private@lists.cacert.org';
+$ASSURANCE_OFFICER = 'ao@cacert.org';
+$ORGANISATION_ASSURANCE_OFFICER = 'oao@cacert.org';
+
+
+//defines to whom to send the lists
+$flags = array(
+ 'admin=1' => array(
+ 'name' => 'Support Engineer',
+ 'own' => false, //Don't send twice
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'orgadmin=1' => array(
+ 'name' => 'Organisation Assurer',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'board=1' => array(
+ 'name' => 'Board Member',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'ttpadmin=1' => array(
+ 'name' => 'Trusted Third Party Admin',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'ttpadmin=2' => array(
+ 'name' => 'Trusted Third Party TOPUP Admin',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'tverify=1' => array(
+ 'name' => 'Tverify Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'locadmin=1' => array(
+ 'name' => 'Location Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'adadmin=1' => array(
+ 'name' => 'submit status for Advertising Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'adadmin=2' => array(
+ 'name' => 'approve status for Advertising Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+
+ );
+
+
+// Build up list of various admins
+$adminlist = array();
+foreach ($flags as $flag => $flag_properties) {
+ $flagname = explode('=', $flag, 2 );
+ $query = "select `fname`, `lname`, `email` from `users` where `$flagname[0]` = '$flagname[1]'";
+ if(! $res = mysql_query($query) ) {
+ fwrite(STDERR,
+ "MySQL query for flag $flag failed:\n".
+ "\"$query\"\n".
+ mysql_error()
+ );
+
+ continue;
+ }
+
+ $adminlist[$flag] = array();
+
+ while ($row = mysql_fetch_assoc($res)) {
+ $adminlist[$flag][] = $row;
+ }
+
+
+ // Send mail to admins of this group if 'own' is set
+ if ($flag_properties['own']) {
+ foreach ($adminlist[$flag] as $admin) {
+ $message = <<<EOF
+Hello $admin[fname],
+
+you get this message, because you are listed as $flag_properties[name] on
+CAcert.org. Please review the following list of persons with the same privilege
+and report to the responsible team leader or board
+($BOARD_PRIVATE) if you spot any errors.
+
+
+EOF;
+
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
+ echo "Sent $flag_properties[name] mail to $admin[email]\n";
+ }
+ }
+}
+
+
+
+// Send to support engineers
+$message = <<<EOF
+Dear Support Engineers,
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them.
+
+
+EOF;
+
+foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties['support']) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= "\n\n";
+ }
+}
+
+$message .= <<<EOF
+
+Best Regards,
+CAcert Support
+EOF;
+
+foreach ($adminlist['admin=1'] as $support_engineer) {
+ sendmail(
+ $support_engineer['email'],
+ "Permissions Review",
+ $message,
+ 'support@cacert.org');
+ echo "Sent Support Engineer mail to $support_engineer[email]\n";
+}
+
+
+// Send to one-email addresses
+foreach (array(
+ 'ao' => array(
+ 'description' => 'Assurance Officer',
+ 'email' => $ASSURANCE_OFFICER),
+ 'oao' => array(
+ 'description' => 'Organisation Assurance Officer',
+ 'email' => $ORGANISATION_ASSURANCE_OFFICER),
+ 'board' => array(
+ 'description' => 'Board Members',
+ 'email' => $BOARD_PRIVATE)
+ ) as $key => $values) {
+ $message = <<<EOF
+Dear $values[description],
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them and also ask the persons
+responsible for an up-to-date copy of access lists not directly recorded in the
+web application (critical admins, software assessors etc.)
+
+
+
+EOF;
+
+ foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties[$key]) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+ $message .= "\n\n";
+ }
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($values['email'], "Permissions Review", $message, 'support@cacert.org');
+ echo "Sent $values[description] mail to $values[email]\n";
+}
diff --git a/scripts/removedead.php b/scripts/cron/removedead.php
index 23c4cd9..2257dc8 100755
--- a/scripts/removedead.php
+++ b/scripts/cron/removedead.php
@@ -17,9 +17,10 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("/home/cacert/www/includes/mysql.php");
- require_once('/home/cacert/www/includes/lib/l10n.php');
-
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/l10n.php');
+ require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
+
$query = "select * from `users` where `users`.`verified`=0 and
(UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`users`.`created`)) >= 172800";
$res = mysql_query($query);
@@ -27,6 +28,7 @@
{
mysql_query("delete from `email` where `memid`='".$row['id']."'");
mysql_query("delete from `users` where `id`='".$row['id']."'");
+ delete_user_agreement($row['id']);
}
$query = "delete from `domains` where `hash`!='' and
diff --git a/scripts/updatesort.php b/scripts/cron/updatesort.php
index 4d36bfc..051b179 100755
--- a/scripts/updatesort.php
+++ b/scripts/cron/updatesort.php
@@ -16,18 +16,13 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("../includes/mysql.php");
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/account.php');
-
- //mysql_query("update users set assurer=0");
- $query = "select notary.`to` as uid from notary group by notary.`to` having sum(points)>=100;";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- $query = "update users set `assurer`='1' where `id`='${row['uid']}'";
- //echo $query."\n";
- mysql_query($query);
+ // Recalculate assurer flag for all accounts
+ if (!fix_assurer_flag()) {
+ fwrite(STDERR, "ERROR on fixing the assurer flag. Continuing anyway");
}
@@ -72,6 +67,4 @@
}
-
-
?>
diff --git a/scripts/warning.php b/scripts/cron/warning.php
index b578c09..0c97ba2 100755
--- a/scripts/warning.php
+++ b/scripts/cron/warning.php
@@ -17,14 +17,14 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("/home/cacert/www/includes/mysql.php");
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
$days = array("1" => "3", "15" => "2", "30" => "1", "45" => "0");
foreach($days as $day => $warning)
{
$query = "SELECT `emailcerts`.`id`,`users`.`fname`,`users`.`lname`,`users`.`email`,`emailcerts`.`memid`,
- `emailcerts`.`subject`, `emailcerts`.`crt_name`,`emailcerts`.`CN`,
+ `emailcerts`.`subject`, `emailcerts`.`crt_name`,`emailcerts`.`CN`, `emailcerts`.`serial`,
(UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW())) / 86400 as `daysleft`
FROM `users`,`emailcerts`
WHERE UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 and
@@ -56,7 +56,11 @@
$body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
$body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
$body .= $row['subject']."\n\n";
- $body .= sprintf(_("Your certificate is set to expire in approximately %s days time, you can renew this by going to the following URL:"), $row['daysleft'])."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
$body .= "https://www.cacert.org/account.php?id=5\n\n";
$body .= _("Best Regards")."\n"._("CAcert Support");
sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
@@ -68,16 +72,37 @@ echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid
foreach($days as $day => $warning)
{
- $query = "SELECT `domaincerts`.`id`, `users`.`fname`, `users`.`lname`, `users`.`email`,
- `domains`.`memid`, `domaincerts`.`subject`, `domaincerts`.`crt_name`,
- `domaincerts`.`CN`,
- (UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`
- FROM `users`, `domaincerts`, `domlink`, `domains`
- WHERE UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 AND
- UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) < $day * 86400 AND
- `domaincerts`.`renewed`=0 AND `domaincerts`.`warning` <= '$warning' AND
- `domaincerts`.`revoked`=0 AND `users`.`id` = `domains`.`memid` AND
- `domlink`.`certid` = `domaincerts`.`id` AND `domains`.`id` = `domlink`.`domid`";
+ $select_clause =
+ "`domaincerts`.`id`,
+ `users`.`fname`, `users`.`lname`, `users`.`email`,
+ `domains`.`memid`,
+ `domaincerts`.`subject`, `domaincerts`.`crt_name`,
+ `domaincerts`.`CN`,
+ `domaincerts`.`serial`,
+ (UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`";
+ $where_clause =
+ "UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) > -7 * 86400
+ AND UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) < $day * 86400
+ AND `domaincerts`.`renewed` = 0
+ AND `domaincerts`.`warning` <= '$warning'
+ AND `domaincerts`.`revoked` = 0
+ AND `domains`.`memid` = `users`.`id`";
+ $query =
+ "SELECT $select_clause
+ FROM `users`, `domaincerts`, `domains`
+ WHERE $where_clause
+ AND `domaincerts`.`domid` = `domains`.`id`
+ UNION DISTINCT
+ SELECT $select_clause
+ FROM `users`,
+ `domaincerts` LEFT JOIN `domlink` ON
+ (`domaincerts`.`id` = `domlink`.`certid`),
+ `domains`
+ WHERE $where_clause
+ AND `domlink`.`domid` = `domains`.`id`";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
@@ -88,7 +113,11 @@ echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid
$body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
$body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
$body .= $row['subject']."\n\n";
- $body .= sprintf(_("Your certificate is set to expire in approximately %s days time, you can renew this by going to the following URL:"), $row['daysleft'])."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
$body .= "https://www.cacert.org/account.php?id=12\n\n";
$body .= _("Best Regards")."\n"._("CAcert Support");
sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
diff --git a/scripts/db_migrations/version2.sh b/scripts/db_migrations/version2.sh
new file mode 100755
index 0000000..7d940ff
--- /dev/null
+++ b/scripts/db_migrations/version2.sh
@@ -0,0 +1,96 @@
+#!/bin/sh
+# LibreSSL - CAcert web application
+# Copyright (C) 2004-2011 CAcert Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+
+
+# script to do database migrations
+
+# This particular version migrates from the preversioned state to version 1
+# If you want to reuse it for further migrations you probably should pay special
+# attention because you have to adjust it a bit
+
+set -e # script fails if any command fails
+
+STDIN=0
+STDOUT=1
+STDERR=2
+
+if [ "$1" = "--help" ]; then
+ cat >&$STDERR <<- USAGE
+ Usage: $0 [MYSQL_OPTIONS]
+ You have to specify all options needed by "mysql" as if you had started
+ the MySQL command line client directly (including the name of the
+ database to operate on). The MySQL user used has to have enough
+ privileges to do all necessary operations (among others CREATE, ALTER,
+ DROP, UPDATE, INSERT, DELETE).
+ You might need to enter the mysql password multiple times if you
+ specify the -p option.
+ USAGE
+ exit 1
+fi
+
+mysql_opt=" --batch --skip-column-names $@"
+
+schema_version=$( mysql $mysql_opt <<- 'SQL'
+
+ SELECT MAX(`version`) FROM `schema_version`;
+SQL
+)
+if [ $schema_version != 1 ]; then
+ cat >&$STDERR <<- ERROR
+ Error: database schema is not in the right version to do the migration!
+ Expected version: 1 (i.e. the version before there was versioning)
+ ERROR
+ exit 2
+fi
+
+mysql $mysql_opt <<- 'SQL'
+
+ -- Organisation Assurance bug #1118
+ ALTER TABLE `orgemailcerts` ADD `ou` varchar(50) NOT NULL
+ DEFAULT '';
+
+
+ -- Bugs #855, #863, #864, #888, #1118
+ ALTER TABLE `notary`
+ -- add "TTP-Assisted" as method for point transfers (for TTP)
+ MODIFY `method`
+ enum(
+ 'Face to Face Meeting',
+ 'Trusted Third Parties',
+ 'Thawte Points Transfer',
+ 'Administrative Increase',
+ 'CT Magazine - Germany',
+ 'Temporary Increase',
+ 'Unknown',
+ 'TOPUP',
+ 'TTP-Assisted'
+ ) NOT NULL DEFAULT 'Face to Face Meeting';
+
+
+
+
+ -- Update schema version number
+ INSERT INTO `schema_version`
+ (`version`, `when`) VALUES
+ ('2' , NOW() );
+SQL
+
+
+echo "Database successfully migrated to version 2"
+exit 0
+
diff --git a/scripts/oa02-mailingtextCats.txt b/scripts/oa02-mailingtextCats.txt
new file mode 100644
index 0000000..044b49b
--- /dev/null
+++ b/scripts/oa02-mailingtextCats.txt
@@ -0,0 +1,71 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are only missing the CATS challenge, I ask you to do the challenge within
+the next 2 months. If you have not passed the CATS test by then, I will have
+to delete you as Organisation Administrator from the appropriate accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Ihnen lediglich die Assurer-Pruefung fehlt, fordere ich Sie auf, diese
+Pruefung innerhalb der naechsten 2 Monate nachzuholen. Wenn Sie diese Pruefung
+bis dahin nicht abgelegt haben, werde ich Sie als Organisations Administrator
+aus den betreffenden Konten austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-mailingtextPoints.txt b/scripts/oa02-mailingtextPoints.txt
new file mode 100644
index 0000000..5e0eadf
--- /dev/null
+++ b/scripts/oa02-mailingtextPoints.txt
@@ -0,0 +1,79 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are missing the 100 Assurance Points requirement (which might be due to
+the new points calculation) I ask you to get assured during the next 3 months to
+reach the 100 Assurance Points. If you have problems in getting assured, please
+let me know, so I can see what can be done to help you. If you have not reached
+the 100 points by then (or after an additional grace period in cases of
+hardship), I will have to delete you as Organisation Administrator from the
+appropriate accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Sie die 100 Assurance-Punkte nicht erreicht haben, was auch an der neuen
+Punkteberechnung liegen kann, fordere ich Sie auf, sich innerhalb der naechsten
+3 Monate assuren zu lassen, um die 100 Punkte zu erreichen. Wenn Sie Probleme
+haben, sich assuren zu lassen, teilen Sie mir das bitte mit und wir werden
+sehen, wie wir Ihnen dabei helfen koennen. Wenn Sie bis dahin (oder nach einer
+zusaetzlichen Gnadenfrist in schwierigen Faellen) die 100 Punkte nicht erreicht
+haben, werde ich Sie als Organisations Administrator aus den betreffenden Konten
+austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-mailingtextPointsCats.txt b/scripts/oa02-mailingtextPointsCats.txt
new file mode 100644
index 0000000..67bc5d3
--- /dev/null
+++ b/scripts/oa02-mailingtextPointsCats.txt
@@ -0,0 +1,82 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are missing the 100 Assurance Points requirement (which might be due to
+the new points calculation) and the CATS challenge, I ask you to get assured
+during the next 3 months to reach the 100 Assurance Points and do the CATS test.
+If you have problems in getting assured, please let me know, so I can see what
+can be done to help you. If you have not passed the CATS test and reached the
+100 points by then (or after an additional grace period in cases of hardship),
+I will have to delete you as Organisation Administrator from the appropriate
+accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Sie die 100 Assurance-Punkte nicht erreicht haben, was auch an der neuen
+Punkteberechnung liegen kann, und auch die Assurer-Pruefung nicht abgelegt
+haben, fordere ich Sie auf, sich innerhalb der naechsten 3 Monate assuren zu
+lassen, um die 100 Punkte zu erreichen, und die Assurer-Pruefung abzulegen.
+Wenn Sie Probleme haben, sich assuren zu lassen, teilen Sie mir das bitte mit
+und wir werden sehen, wie wir Ihnen dabei helfen koennen. Wenn Sie bis dahin
+(oder nach einer zusaetzlichen Gnadenfrist in schwierigen Faellen) die
+100 Punkte nicht erreicht haben oder die Assurer-Pruefung nicht abgelegt haben,
+werde ich Sie als Organisations-Administrator aus den betreffenden Konten
+austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-orgainformation.php.txt b/scripts/oa02-orgainformation.php.txt
new file mode 100644
index 0000000..e0d8ca2
--- /dev/null
+++ b/scripts/oa02-orgainformation.php.txt
@@ -0,0 +1,119 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+ include_once("../includes/lib/general.php");
+
+ //default mail text
+ $lines = "";
+ $fp = fopen("oa02-mailingtextPoints.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ //first variant of mail text
+ $lines1 = "";
+ $fp = fopen("oa02-mailingtextCats.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines1 .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ //second variant of mail text
+ $lines2 = "";
+ $fp = fopen("oa02-mailingtextPointsCats.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines2 .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $query = "
+ SELECT
+ `users`.`email`,
+ `users`.`fname`,
+ `users`.`lname`,
+ `orginfo`.`O`,
+ `orginfo`.`id`,
+ `org`.`memid`
+ FROM
+ `users`,
+ `orginfo`,
+ `org`
+ WHERE `org`.`orgid` = `orginfo`.`id`
+ AND `org`.`memid` = `users`.`id`
+ AND `users`.`assurer` = 0
+ AND `org`.`deleted` = 0
+ ORDER BY
+ `users`.`email`,
+ `orginfo`.`O`
+ ";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ $report = "";
+ $report1 = "";
+ $report2 = "";
+ $report3 = "";
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ $fullname = $row['fname']." ".$row['lname'];
+ $status = get_assurer_status($row['memid']);
+ if (3 == $status) {
+ $mail = str_replace("<name>",$fullname,$lines);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } elseif (5 == $status) {
+ $mail = str_replace("<name>",$fullname,$lines1);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report1 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } elseif (7 == $status){
+ $mail = str_replace("<name>",$fullname,$lines2);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report2 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } else {
+ $report3 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ }
+ }
+
+ // 1x cc to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $lines."\n\n".$lines1."\n\n".$lines2, "oao@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ // 1x mailing report to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ // 1x detailed mailing report to OAO
+ $reporttotal = "Result of the Mailing \n\n Organisation Administrators with missing points \n".$report."\n\n Organisation Adminstrators with missing points ".$report1."\n\n Organisation Adminstrators with missing points and CATS ".$report2."\n\n Organisation Adminstrators with blocked assurer ".$report3;
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", $reporttotal, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20110608.1
+ sendmail("bernhard@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ echo "oa-mailing sent to $xrows recipients.\n";
diff --git a/scripts/resetpermissions.php b/scripts/resetpermissions.php
new file mode 100644
index 0000000..0bfdaa3
--- /dev/null
+++ b/scripts/resetpermissions.php
@@ -0,0 +1,71 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+require_once(dirname(__FILE__).'/../includes/mysql.php');
+
+$flags = array('board', 'tverify');
+
+foreach ($flags as $flag) {
+ echo "Resetting $flag flag:\n";
+ $query = "select `id`, `fname`, `lname`, `email` from `users`
+ where `$flag` = 1";
+ if(! $res = mysql_query($query) ) {
+ fwrite(STDERR,
+ "MySQL query for flag $flag failed:\n".
+ "\"$query\"\n".
+ mysql_error()
+ );
+
+ continue;
+ }
+
+ while ($row = mysql_fetch_assoc($res)) {
+ echo "$row[fname] $row[lname] $row[email]";
+
+ $update = "update `users` set `$flag` = 0 where `id` = $row[id]";
+ if(! $res2 = mysql_query($update) ) {
+ echo " NOT RESET!!!\n";
+ fwrite(STDERR,
+ "MySQL query for $flag flag reset on user $row[id] failed:\n".
+ "\"$update\"\n".
+ mysql_error()
+ );
+
+ } else {
+
+ $message = <<<EOF
+Hi $row[fname],
+
+As per Arbitration a20110118.1 [1] the $flag permission has been removed
+from your account.
+
+[1] https://wiki.cacert.org/Arbitrations/a20110118.1
+
+Best Regards,
+CAcert Support
+EOF;
+ sendmail($row['email'], "Permissions have been reset", $message, 'support@cacert.org');
+
+ echo " reset.\n";
+ }
+ }
+
+ echo "\n\n";
+} \ No newline at end of file
diff --git a/stamp/style.css b/stamp/style.css
index 79d3c35..c00a4c7 100644
--- a/stamp/style.css
+++ b/stamp/style.css
@@ -6,94 +6,95 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
+ background: #cccccc;
/* url("/siteimages/bg_grad.jpg") fixed; */
}
+
/******* hyperlink and anchor tag styles *******/
-a:link, a:visited{
+a:link, a:visited {
color: #005FA9;
text-decoration: none;
}
-a:hover{
+a:hover {
text-decoration: underline;
}
/************** header tag styles **************/
-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
+h2 {
+ font: bold 114% Arial,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
}
-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
- cursor: pointer;
-/* cursor: hand; */
+h3 {
+ font: bold 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+ cursor: pointer;
+ /* cursor: hand; */
}
-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
+h4 {
+ font: bold 100% Arial,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
}
-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h5 {
+ font: 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
/*************** list tag styles ***************/
ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin :0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}
ul {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
+#pagecell1 {
position:absolute;
top: 2%;
left: 2%;
diff --git a/www/account.php b/www/account.php
index d1dd695..c7f34a3 100644
--- a/www/account.php
+++ b/www/account.php
@@ -25,34 +25,35 @@
} else if($id == 19) {
include_once("../pages/account/19.php");
exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] != "yes") {
- $who = stripslashes($_REQUEST['who']);
- $email = stripslashes($_REQUEST['email']);
- $subject = stripslashes($_REQUEST['subject']);
- $message = stripslashes($_REQUEST['message']);
-
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, $email, "", "CAcert Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] == "yes") {
+ } else if($oldid == 40 && $_REQUEST['process'] != "") {
$who = stripslashes($_REQUEST['who']);
$email = stripslashes($_REQUEST['email']);
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
- sendmail("cacert-support@lists.cacert.org, $email", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
-
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
} else if($id == 51 && $_GET['img'] == "show") {
$query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0";
$res = mysql_query($query);
diff --git a/www/advertising.php b/www/advertising.php
index e987461..43e4f93 100644
--- a/www/advertising.php
+++ b/www/advertising.php
@@ -47,7 +47,7 @@
if($months < 1 || $months > 12)
{
$id = 1;
- $errmsg .= _("You can only place an advertisement for up to 12 months.<br />");
+ $errmsg .= _("You can only place an advertisement for up to 12 months.")."<br />";
$process="";
$oldid=0;
}
@@ -55,7 +55,7 @@
if(strlen($title) <= 5)
{
$id = 1;
- $errmsg .= _("Link title was too short.<br />");
+ $errmsg .= _("Link title was too short.")."<br />";
$process="";
$oldid=0;
}
@@ -63,7 +63,7 @@
if(strlen($link) <= 10)
{
$id = 1;
- $errmsg .= _("Link URI was too short.<br />");
+ $errmsg .= _("Link URI was too short.")."<br />";
$process="";
$oldid=0;
}
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index a4ec71e..7efdf8d 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -15,6 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+require_once '../../includes/lib/check_weak_key.php';
+
$username = mysql_real_escape_string($_REQUEST['username']);
$password = mysql_real_escape_string($_REQUEST['password']);
diff --git a/www/cap.php b/www/cap.php
index 73380e1..dc283fb 100644
--- a/www/cap.php
+++ b/www/cap.php
@@ -48,7 +48,7 @@
$this->SetFont('Arial','I',8);
if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','I',8);
- $this->Cell(0,0,'CAcert Inc. - P.O. Box 4107 - Denistone East NSW 2112 - Australia - http://www.CAcert.org',0,0,'C');
+ $this->Cell(0,0,'CAcert Inc. - PO Box 66 - Oatley NSW 2223 - Australia - http://www.CAcert.org',0,0,'C');
$this->Ln(3);
$this->SetFont('Arial','',6);
if($_SESSION['_config']['language'] == "ja")
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 56dd0cf..feb92d4 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -31,8 +31,8 @@ function sanitize_string($buffer) {
}
define ('UNDEFINED', 'nd');
-define ('ALLOWED_IP', '213.154.225.228');
-define ('ALLOWED_IP2', '193.238.157.112');
+define ('ALLOWED_IP', '213.154.225.243');
+define ('ALLOWED_IP2', '172.16.2.27');
define ('CONFIG_FILEPATH', '/www/');
$remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED;
diff --git a/www/certs/CAcert_Root_Certificates.msi b/www/certs/CAcert_Root_Certificates.msi
new file mode 100644
index 0000000..f60567e
--- /dev/null
+++ b/www/certs/CAcert_Root_Certificates.msi
Binary files differ
diff --git a/www/disputes.php b/www/disputes.php
index 5b78c1e..34a447a 100644
--- a/www/disputes.php
+++ b/www/disputes.php
@@ -17,6 +17,7 @@
*/ ?>
<?
require_once("../includes/loggedin.php");
+ require_once("../includes/notary.inc.php");
loadem("account");
@@ -58,24 +59,13 @@
{
$row = mysql_fetch_assoc($res);
echo $row['email']."<br>\n";
- $query = "select `emailcerts`.`id`
- from `emaillink`,`emailcerts` where
- `emailid`='$emailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
- `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
- group by `emailcerts`.`id`";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'");
-
- $do = `../scripts/runclient`;
- $query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'";
- mysql_query($query);
+ account_email_delete($row['id']);
}
mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");
- $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
- $rc = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
- $res = mysql_query("select * from `users` where `id`='$oldmemid'");
- $user = mysql_fetch_assoc($res);
+ $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
+ $rc2 = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
+ $res = mysql_query("select * from `users` where `id`='$oldmemid'");
+ $user = mysql_fetch_assoc($res);
if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email'])
{
mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'");
@@ -160,17 +150,13 @@
showheader(_("Domain Dispute"));
echo "<p>"._("You have opted to accept this dispute and the request will now remove this domain from the existing account, and revoke any current certificates.")."</p>";
echo "<p>"._("The following accounts have been removed:")."<br>\n";
+ //new account_domain_delete($domainid, $memberID)
$query = "select * from `domains` where `id`='$domainid' and deleted=0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
- echo $_SESSION['_config']['domain']."<br>\n";
- mysql_query("update `domains` set `deleted`=NOW() where `id`='$domainid'");
- $query = "select * from `domlink` where `domid`='$domainid'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
- $do = `../scripts/runserver`;
+ echo $_SESSION['_config']['domain']."<br>\n";
+ account_domain_delete($domainid);
}
mysql_query("update `disputedomain` set hash='',action='accept' where `id`='$domainid'");
showfooter();
@@ -236,6 +222,23 @@
exit;
}
+ //check if email belongs to locked account
+ $res = mysql_query("select 1 from `email`, `users` where `email`.`email`='$email' and `email`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1)");
+ if(mysql_num_rows($res) > 0)
+ {
+ showheader(_("Email Dispute"));
+ printf(_("Sorry, the email address '%s' cannot be disputed for administrative reasons. To solve this problem please get in contact with %s."), sanitizeHTML($email),"<a href='mailto:support@cacert.org'>support@cacert.org</a>");
+ $duser=$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'];
+ $body = sprintf("Someone has just attempted to dispute this email '%s', which belongs to a locked account:\n".
+ "Username(ID): %s (%s)\n".
+ "email: %s\n".
+ "IP/Hostname: %s\n", $email, $duser, $_SESSION['profile']['id'], $_SESSION['profile']['email'], $_SERVER['REMOTE_ADDR'].(array_key_exists('REMOTE_HOST',$_SERVER)?"/".$_SERVER['REMOTE_HOST']:""));
+ sendmail("support@cacert.org", "[CAcert.org] failed dispute on locked account", $body, $_SESSION['profile']['email'], "", "", $duser);
+
+ showfooter();
+ exit;
+ }
+
$res = mysql_query("select * from `disputeemail` where `email`='$email' and hash!=''");
if(mysql_num_rows($res) > 0)
{
@@ -264,7 +267,7 @@
echo _("You aren't allowed to dispute your own email addresses. Can't continue.");
showfooter();
exit;
- }
+ }
$res = mysql_query("select * from `users` where `id`='$oldmemid'");
$user = mysql_fetch_assoc($res);
@@ -308,6 +311,23 @@
exit;
}
+ //check if domain belongs to locked account
+ $res = mysql_query("select 1 from `domains`, `users` where `domains`.`domain`='$domain' and `domains`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1)");
+ if(mysql_num_rows($res) > 0)
+ {
+ showheader(_("Domain Dispute"));
+ printf(_("Sorry, the domain '%s' cannot be disputed for administrative reasons. To solve this problem please get in contact with %s."), sanitizeHTML($domain),"<a href='mailto:support@cacert.org'>support@cacert.org</a>");
+ $duser=$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'];
+ $body = sprintf("Someone has just attempted to dispute this domain '%s', which belongs to a locked account:\n".
+ "Username(ID): %s (%s)\n".
+ "email: %s\n".
+ "IP/Hostname: %s\n", $domain, $duser, $_SESSION['profile']['id'], $_SESSION['profile']['email'], $_SERVER['REMOTE_ADDR'].(array_key_exists('REMOTE_HOST',$_SERVER)?"/".$_SERVER['REMOTE_HOST']:""));
+ sendmail("support@cacert.org", "[CAcert.org] failed dispute on locked account", $body, $_SESSION['profile']['email'], "", "", $duser);
+
+ showfooter();
+ exit;
+ }
+
$query = "select * from `disputedomain` where `domain`='$domain' and hash!=''";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
@@ -319,12 +339,20 @@
}
unset($oldid);
$query = "select * from `domains` where `domain`='$domain' and `deleted`=0";
- $email = ""; if(array_key_exists('email',$_REQUEST)) $email=trim(mysql_real_escape_string($_REQUEST['email']));
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
+ $query = "select 1 from `orgdomains` where `domain`='$domain'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ showheader(_("Domain Dispute"));
+ printf(_("The domain '%s' is included in an organisation account. Please send a mail to %s to dispute this domain."), sanitizeHTML($domain),'<a href="mailto:support@cacert.org">support@cacert.org</a>');
+ showfooter();
+ exit;
+ }
showheader(_("Domain Dispute"));
- printf(_("The domain '%s' doesn't exist in the system. Can't continue."), sanitizeHTML($email));
+ printf(_("The domain '%s' doesn't exist in the system. Can't continue."), sanitizeHTML($domain));
showfooter();
exit;
}
@@ -336,7 +364,7 @@
echo _("You aren't allowed to dispute your own domains. Can't continue.");
showfooter();
exit;
- }
+ }
$domainid = $row['id'];
$_SESSION['_config']['domainid'] = $domainid;
diff --git a/www/gpg.php b/www/gpg.php
index 345b559..829bbcf 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -17,6 +17,8 @@
*/ ?>
<?
require_once("../includes/loggedin.php");
+ require_once("../includes/lib/general.php");
+ require_once('../includes/notary.inc.php');
$id = 0; if(array_key_exists('id',$_REQUEST)) $id=intval($_REQUEST['id']);
$oldid = $_REQUEST['oldid'] = array_key_exists('oldid',$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
@@ -52,7 +54,7 @@ if(0)
{
showheader(_("Welcome to CAcert.org"));
echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience.";
-
+
exit(0);
}
}
@@ -82,17 +84,44 @@ function verifyEmail($email)
$state=0;
if($oldid == "0" && $CSR != "")
{
- $debugkey = $gpgkey = clean_gpgcsr($CSR);
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
- $tnam = tempnam('/tmp/', '__gpg');
- $fp = fopen($tnam, 'w');
- fwrite($fp, $gpgkey);
- fclose($fp);
- $debugpg = $gpg = trim(`gpg --with-colons --homedir /tmp 2>&1 < $tnam`);
- unlink($tnam);
+ $err = runCommand('mktemp --directory /tmp/cacert_gpg.XXXXXXXXXX',
+ "",
+ $tmpdir);
+ if (!$tmpdir)
+ {
+ $err = true;
+ }
+
+ if (!$err)
+ {
+ $err = runCommand("gpg --with-colons --homedir $tmpdir 2>&1",
+ clean_gpgcsr($CSR),
+ $gpg);
+
+ `rm -r $tmpdir`;
+ }
+
+ if ($err)
+ {
+ showheader(_("Welcome to CAcert.org"));
+
+ echo "<p style='color:#ff0000'>"._("There was an error parsing your key.")."</p>";
+ unset($_REQUEST['process']);
+ $id = $oldid;
+ unset($oldid);
+ exit();
+ }
$lines = "";
- $gpgarr = explode("\n", $gpg);
+ $gpgarr = explode("\n", trim($gpg));
foreach($gpgarr as $line)
{
#echo "Line[]: $line <br/>\n";
@@ -143,7 +172,7 @@ function verifyEmail($email)
$uidformatwrong=0;
if(sizeof($bits)<10) $uidformatwrong=1;
-
+
if(preg_match("/\@.*\@/",$bits[9]))
{
showheader(_("Welcome to CAcert.org"));
@@ -251,7 +280,6 @@ function verifyEmail($email)
}
$resulttable.="</table>";
-
if($nok==0)
{
showheader(_("Welcome to CAcert.org"));
@@ -261,7 +289,6 @@ function verifyEmail($email)
unset($_REQUEST['process']);
$id = $oldid;
unset($oldid);
- $do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`;
exit();
}
elseif($nerr)
@@ -275,17 +302,27 @@ function verifyEmail($email)
if($oldid == "0" && $CSR != "")
{
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
+ //set variable for comment
+ if(trim($_REQUEST['description']) == ""){
+ $description= "";
+ }else{
+ $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+ }
+
$query = "insert into `gpg` set `memid`='".intval($_SESSION['profile']['id'])."',
`email`='".mysql_real_escape_string($lastvalidemail)."',
`level`='1',
`expires`='".mysql_real_escape_string($expires)."',
`multiple`='".mysql_real_escape_string($multiple)."',
- `keyid`='".mysql_real_escape_string($keyid)."'";
+ `keyid`='".mysql_real_escape_string($keyid)."',
+ `description`='".mysql_real_escape_string($description)."'";
mysql_query($query);
- $id = mysql_insert_id();
+ $insert_id = mysql_insert_id();
- $cwd = '/tmp/gpgspace'.$id;
+ $cwd = '/tmp/gpgspace'.$insert_id;
mkdir($cwd,0755);
$fp = fopen("$cwd/gpg.csr", "w");
@@ -296,7 +333,8 @@ function verifyEmail($email)
system("gpg --homedir $cwd --import $cwd/gpg.csr");
- $debugpg = $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`);
+ $cmd_keyid = escapeshellarg($keyid);
+ $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $cmd_keyid 2>&1`);
$lines = "";
$gpgarr = explode("\n", $gpg);
foreach($gpgarr as $line)
@@ -334,7 +372,7 @@ function verifyEmail($email)
}
$mail="";
- if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
+ if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
//echo "Found: ".$match[1];
$mail = trim(hex2bin($match[1]));
}
@@ -342,7 +380,7 @@ function verifyEmail($email)
{
//echo "Not found!\n";
}
-
+
$emailok=verifyEmail($mail);
$uidid=$bits[7];
@@ -384,95 +422,90 @@ function verifyEmail($email)
}
}
+ if(count($ToBeDeleted)>0)
+ {
+ $descriptorspec = array(
+ 0 => array("pipe", "r"), // stdin is a pipe that the child will read from
+ 1 => array("pipe", "w"), // stdout is a pipe that the child will write to
+ 2 => array("pipe", "w") // stderr is a file to write to
+ );
+ $stderr = fopen('php://stderr', 'w');
+ //echo "Keyid: $keyid\n";
- if(count($ToBeDeleted)>0)
- {
+ $cmd_keyid = escapeshellarg($keyid);
+ $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $cmd_keyid", $descriptorspec, $pipes);
+ //echo "Process: $process\n";
+ //fputs($stderr,"Process: $process\n");
- $descriptorspec = array(
- 0 => array("pipe", "r"), // stdin is a pipe that the child will read from
- 1 => array("pipe", "w"), // stdout is a pipe that the child will write to
- 2 => array("pipe", "w") // stderr is a file to write to
- );
-
- $stderr = fopen('php://stderr', 'w');
-
-
- //echo "Keyid: $keyid\n";
-
- $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes);
-
- //echo "Process: $process\n";
- //fputs($stderr,"Process: $process\n");
-
- if (is_resource($process)) {
- //echo("it is a resource\n");
- // $pipes now looks like this:
- // 0 => writeable handle connected to child stdin
- // 1 => readable handle connected to child stdout
- // Any error output will be appended to /tmp/error-output.txt
- while (!feof($pipes[1]))
- {
- $buffer = fgets($pipes[1], 4096);
- //echo $buffer;
-
- if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n")
- {
- fputs($pipes[0],"yes\n");
- }
- elseif($buffer == "[GNUPG:] GOT_IT\n")
- {
- }
- elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer))
- {
- fputs($pipes[0],"yes\n");
- }
- elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer))
- {
- if(count($ToBeDeleted)>0)
- {
- $delthisuid=array_pop($ToBeDeleted);
- //echo "Deleting an UID $delthisuid\n";
- fputs($pipes[0],"uid ".$delthisuid."\n");
- }
- else
- {
- //echo "Saving\n";
- fputs($pipes[0],$state?"save\n":"deluid\n");
- $state++;
- }
- }
- elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n")
- {
- }
- elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer))
- {
- echo "Key expired!\n";
- exit;
- }
- elseif($buffer == "")
- {
- //echo "Empty!\n";
- }
- else
- {
- echo "ERROR: UNKNOWN $buffer\n";
- }
+ if (is_resource($process)) {
+ //echo("it is a resource\n");
+ // $pipes now looks like this:
+ // 0 => writeable handle connected to child stdin
+ // 1 => readable handle connected to child stdout
+ // Any error output will be appended to /tmp/error-output.txt
+ while (!feof($pipes[1]))
+ {
+ $buffer = fgets($pipes[1], 4096);
+ //echo $buffer;
+
+ if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n")
+ {
+ fputs($pipes[0],"yes\n");
+ }
+ elseif($buffer == "[GNUPG:] GOT_IT\n")
+ {
+ }
+ elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer))
+ {
+ fputs($pipes[0],"yes\n");
+ }
+ elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer))
+ {
+ if(count($ToBeDeleted)>0)
+ {
+ $delthisuid=array_pop($ToBeDeleted);
+ //echo "Deleting an UID $delthisuid\n";
+ fputs($pipes[0],"uid ".$delthisuid."\n");
+ }
+ else
+ {
+ //echo "Saving\n";
+ fputs($pipes[0],$state?"save\n":"deluid\n");
+ $state++;
+ }
+ }
+ elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n")
+ {
+ }
+ elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer))
+ {
+ echo "Key expired!\n";
+ exit;
+ }
+ elseif($buffer == "")
+ {
+ //echo "Empty!\n";
+ }
+ else
+ {
+ echo "ERROR: UNKNOWN $buffer\n";
+ }
}
//echo "Fertig\n";
fclose($pipes[0]);
-
+
//echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
-
+
// It is important that you close any pipes before calling
// proc_close in order to avoid a deadlock
$return_value = proc_close($process);
-
+
//echo "command returned $return_value\n";
}
else
@@ -484,15 +517,16 @@ function verifyEmail($email)
}
- $csrname=generatecertpath("csr","gpg",$id);
- $do=`gpg --homedir $cwd --batch --export-options export-minimal --export $keyid >$csrname`;
+ $csrname=generatecertpath("csr","gpg",$insert_id);
+ $cmd_keyid = escapeshellarg($keyid);
+ $do=`gpg --homedir $cwd --batch --export-options export-minimal --export $cmd_keyid >$csrname`;
- mysql_query("update `gpg` set `csr`='$csrname' where `id`='$id'");
- waitForResult('gpg', $id);
+ mysql_query("update `gpg` set `csr`='$csrname' where `id`='$insert_id'");
+ waitForResult('gpg', $insert_id);
showheader(_("Welcome to CAcert.org"));
echo $resulttable;
- $query = "select * from `gpg` where `id`='$id' and `crt`!=''";
+ $query = "select * from `gpg` where `id`='$insert_id' and `crt`!=''";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -500,7 +534,7 @@ function verifyEmail($email)
echo _("If this is a re-occuring problem, please send a copy of the key you are trying to signed to support@cacert.org. Thank you.");
} else {
echo "<pre>";
- readfile(generatecertpath("crt","gpg",$id));
+ readfile(generatecertpath("crt","gpg",$insert_id));
echo "</pre>";
}
@@ -508,6 +542,23 @@ function verifyEmail($email)
exit;
}
+ if($oldid == 2 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+ {
+ showheader(_("My CAcert.org Account!"));
+ foreach($_REQUEST as $id => $val)
+ {
+ if(substr($id,0,14)=="check_comment_")
+ {
+ $cid = intval(substr($id,14));
+ $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+ mysql_query("update `gpg` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+ }
+ }
+ echo(_("Certificate settings have been changed.")."<br/>\n");
+ showfooter();
+ exit;
+ }
+
$id = intval($id);
showheader(_("Welcome to CAcert.org"));
diff --git a/www/images/btn_paynowCC_LG.gif b/www/images/btn_paynowCC_LG.gif
index f2edb8f..99fda23 100644
--- a/www/images/btn_paynowCC_LG.gif
+++ b/www/images/btn_paynowCC_LG.gif
Binary files differ
diff --git a/www/images/btn_subscribeCC_LG.gif b/www/images/btn_subscribeCC_LG.gif
new file mode 100644
index 0000000..a5cd278
--- /dev/null
+++ b/www/images/btn_subscribeCC_LG.gif
Binary files differ
diff --git a/www/index.php b/www/index.php
index 41b6d7a..c7cc03e 100644
--- a/www/index.php
+++ b/www/index.php
@@ -18,6 +18,7 @@
require_once('../includes/lib/l10n.php');
+
$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
$oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
$process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
@@ -544,6 +545,8 @@ require_once('../includes/lib/l10n.php');
`regional`='".$_SESSION['signup']['regional']."',
`radius`='".$_SESSION['signup']['radius']."'";
mysql_query($query);
+ include_once("../includes/notary.inc.php");
+ write_user_agreement($memid, "CCA", "account creation", "", 1);
$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
@@ -563,6 +566,13 @@ require_once('../includes/lib/l10n.php');
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
$secrethash = $_REQUEST['secrethash2'];
+
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "")
{
@@ -603,26 +613,23 @@ require_once('../includes/lib/l10n.php');
}
}
- if($oldid == 11 && $process != "" && $_REQUEST['support'] != "yes")
- {
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- }
-
- if($oldid == 11 && $process != "" && $_REQUEST['support'] == "yes")
+ if($oldid == 11 && $process != "")
{
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
}
if(!array_key_exists('signup',$_SESSION) || $_SESSION['signup']['year'] < 1900)
diff --git a/www/keygenIE.js b/www/keygenIE.js
new file mode 100644
index 0000000..be2d184
--- /dev/null
+++ b/www/keygenIE.js
@@ -0,0 +1,609 @@
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+var CAcert_keygen_IE = function () {
+
+ /// Makes a new DOM text node
+ var textnode = function (text) {
+ return document.createTextNode(text);
+ }
+
+ /// makes a new <p> element
+ var paragraph = function (text) {
+ var paragraph = document.createElement("p");
+ paragraph.appendChild(textnode(text));
+ return paragraph;
+ }
+
+ /// makes a new <pre> elemtent
+ var pre = function (text) {
+ var pre = document.createElement("pre");
+ pre.appendChild(textnode(text));
+ return pre;
+ }
+
+ /// makes a new <option> element
+ var option = function (text, value) {
+ var option = document.createElement("option");
+ if (value !== undefined) {
+ option.setAttribute("value", value);
+ }
+ option.appendChild(textnode(text));
+ return option;
+ }
+
+ /// Removes all child nodes from the element
+ var removeChildren = function (element) {
+ element.innerHTML = "";
+ }
+
+ /// Show error message to user from exception
+ var showError = function (message, exception) {
+ window.alert(
+ message +
+ "\n\nError: " + exception.message +
+ " (0x" + (0xFFFFFFFF + exception.number + 1).toString(16) +
+ " / " + exception.number + ")"
+ );
+ }
+
+ // Get important elements from the DOM
+ var form = document.getElementById("CertReqForm");
+ var securityLevel = document.getElementById("SecurityLevel");
+ var customSettings = document.getElementById("customSettings");
+ var provider = document.getElementById("CspProvider");
+ var algorithm = document.getElementById("algorithm");
+ var algorithmParagraph = document.getElementById("algorithmParagraph");
+ var keySize = document.getElementById("keySize");
+ var keySizeMin = document.getElementById("keySizeMin");
+ var keySizeMax = document.getElementById("keySizeMax");
+ var keySizeStep = document.getElementById("keySizeStep");
+ var genReq = document.getElementById("GenReq");
+ var csr = document.getElementById("CSR");
+ var noActiveX = document.getElementById("noActiveX");
+ var generatingKeyNotice = document.getElementById("generatingKeyNotice");
+ var createRequestErrorChooseAlgorithm = document.getElementById("createRequestErrorChooseAlgorithm");
+ var createRequestErrorConfirmDialogue = document.getElementById("createRequestErrorConfirmDialogue");
+ var createRequestErrorConnectDevice = document.getElementById("createRequestErrorConnectDevice");
+ var createRequestError = document.getElementById("createRequestError");
+ var invalidKeySizeError = document.getElementById("invalidKeySizeError");
+ var unsupportedPlatformError = document.getElementById("unsupportedPlatformError");
+
+ /// Initialise the CertEnroll code (Vista and higher)
+ /// returns false if initialisation fails
+ var initCertEnroll = function () {
+ var factory = null;
+ var providerList = null;
+ var cspStats = null;
+
+ // Try to initialise the ActiveX element. Requires permissions by the user
+ try {
+ factory = new ActiveXObject("X509Enrollment.CX509EnrollmentWebClassFactory");
+ if (!factory) {
+ throw {
+ name: "NoObjectError",
+ message: "Got null at object creation"
+ };
+ }
+
+ // also try to create a useless object here so the library gets
+ // initialised and we don't need to check everytime later
+ factory.CreateObject("X509Enrollment.CObjectId");
+
+ form.style.display = "";
+ noActiveX.style.display = "none";
+ } catch (e) {
+ return false;
+ }
+
+ /// Get the selected provider
+ var getProvider = function () {
+ var providerIndex = provider.options[provider.selectedIndex].value;
+ return providerList.ItemByIndex(providerIndex);
+ }
+
+ /// Get the selected algorithm
+ var getAlgorithm = function () {
+ var algorithmIndex = algorithm.options[algorithm.selectedIndex].value;
+ return alg = cspStats.ItemByIndex(algorithmIndex).CspAlgorithm;
+ }
+
+ /// Get the selected key size
+ var getKeySize = function () {
+ var alg = getAlgorithm();
+
+ var bits = parseInt(keySize.value, 10);
+ if (
+ (bits < alg.MinLength) ||
+ (bits > alg.MaxLength) ||
+ (
+ alg.IncrementLength &&
+ ((bits - alg.MinLength) % alg.IncrementLength !== 0)
+ )
+ ) {
+ return false;
+ }
+
+ return bits;
+ }
+
+ /// Fill the key size list
+ var getKeySizeList = function () {
+ if (!cspStats) {
+ return false;
+ }
+
+ var alg = getAlgorithm();
+
+ // HTML5 attributes
+ keySize.setAttribute("min", alg.MinLength);
+ keySize.setAttribute("max", alg.MaxLength);
+ keySize.setAttribute("step", alg.IncrementLength);
+ keySize.setAttribute("value", alg.DefaultLength);
+ keySize.value = ""+alg.DefaultLength;
+
+ // ugly, but buggy otherwise if done with text nodes
+ keySizeMin.innerHTML = alg.MinLength;
+ keySizeMax.innerHTML = alg.MaxLength;
+ keySizeStep.innerHTML = alg.IncrementLength;
+
+ return true;
+ }
+
+ /// Fill the algorithm list
+ var getAlgorithmList = function () {
+ var i;
+
+ if (!providerList) {
+ return false;
+ }
+
+ var csp = getProvider();
+
+ cspStats = providerList.GetCspStatusesFromOperations(
+ 0x1c, //XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION
+ //0x10, //XCN_NCRYPT_SIGNATURE_OPERATION
+ //0x8, //XCN_NCRYPT_SECRET_AGREEMENT_OPERATION
+ //0x4, //XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION
+ csp
+ );
+
+ removeChildren(algorithm);
+ for (i = 0; i < cspStats.Count; i++) {
+ var alg = cspStats.ItemByIndex(i).CspAlgorithm;
+ algorithm.appendChild(option(alg.Name, i));
+ }
+
+ return getKeySizeList();
+ }
+
+ /// Fill the crypto provider list
+ var getProviderList = function () {
+ var i;
+
+ var csps = factory.CreateObject("X509Enrollment.CCspInformations");
+
+ // Get provider information
+ csps.AddAvailableCsps();
+
+ removeChildren(provider);
+
+ for (i = 0; i < csps.Count; i++) {
+ var csp = csps.ItemByIndex(i);
+ provider.appendChild(option(csp.Name, i));
+ }
+
+ providerList = csps;
+
+ return getAlgorithmList();
+ }
+
+ /// Generate a key and create and submit the actual CSR
+ var createCSR = function () {
+ var providerName, algorithmOid, bits;
+
+ var level = securityLevel.options[securityLevel.selectedIndex];
+ if (level.value === "custom") {
+ providerName = getProvider().Name;
+ var alg = getAlgorithm();
+ algorithmOid = alg.GetAlgorithmOid(0, 0)
+ bits = getKeySize();
+ if (!bits) {
+ window.alert(invalidKeySizeError.innerHTML);
+ return false;
+ }
+ } else {
+ providerName = "Microsoft Software Key Storage Provider";
+
+ algorithmOid = factory.CreateObject("X509Enrollment.CObjectId");
+ algorithmOid.InitializeFromValue("1.2.840.113549.1.1.1"); // RSA
+ // "1.2.840.10040.4.1" == DSA
+ // "1.2.840.10046.2.1" == DH
+
+ if (level.value === "high") {
+ bits = 4096;
+ } else { // medium
+ bits = 2048;
+ }
+ }
+
+ var privateKey = factory.CreateObject("X509Enrollment.CX509PrivateKey");
+ privateKey.ProviderName = providerName;
+ privateKey.Algorithm = algorithmOid;
+ privateKey.Length = bits;
+ privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES
+
+ var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");
+ request.InitializeFromPrivateKey(
+ 1, // ContextUser
+ privateKey,
+ "" // don't use a template
+ );
+
+ var enroll = factory.CreateObject("X509Enrollment.CX509Enrollment");
+ enroll.InitializeFromRequest(request);
+
+ generatingKeyNotice.style.display = "";
+
+ // The request needs to be created after we return so the "please wait"
+ // message gets rendered
+ var createCSRHandler = function () {
+ try {
+ csr.value = enroll.CreateRequest(0x1); //XCN_CRYPT_STRING_BASE64
+ form.submit();
+ } catch (e) {
+ showError(createRequestErrorChooseAlgorithm.innerHTML, e);
+ }
+
+ generatingKeyNotice.style.display = "none";
+ }
+
+ window.setTimeout(createCSRHandler, 0);
+
+ // Always return false, form is submitted by deferred method
+ return false;
+ }
+
+ /// Call if securityLevel has changed
+ var refreshSecurityLevel = function () {
+ var level = securityLevel.options[securityLevel.selectedIndex];
+ if (level.value === "custom") {
+ getProviderList();
+ customSettings.style.display = "";
+ } else {
+ customSettings.style.display = "none";
+ }
+ }
+
+ securityLevel.onchange = refreshSecurityLevel;
+ provider.onchange = getAlgorithmList;
+ algorithm.onchange = getKeySizeList;
+ genReq.onclick = createCSR;
+
+ return true;
+ } // end of initCertEnroll()
+
+ /// Initialise Xenroll code (XP and lower)
+ /// returns false if initialisation fails
+ var initXEnroll = function () {
+ cenroll = null;
+
+ providerTypes = Array(
+ 1, //PROV_RSA_FULL
+ 2, //PROV_RSA_SIG
+ 3, //PROV_DSS
+ 4, //PROV_FORTEZZA
+ 5, //PROV_MS_EXCHANGE
+ 6, //PROV_SSL
+ 12, //PROV_RSA_SCHANNEL
+ 13, //PROV_DSS_DH
+ 14, //PROV_EC_ECDSA_SIG
+ 15, //PROV_EC_ECNRA_SIG
+ 16, //PROV_EC_ECDSA_FULL
+ 17, //PROV_EC_ECNRA_FULL
+ 18, //PROV_DH_SCHANNEL
+ 20, //PROV_SPYRUS_LYNKS
+ 21, //PROV_RNG
+ 22, //PROV_INTEL_SEC
+ 23, //PROV_REPLACE_OWF
+ 24 //PROV_RSA_AES
+ );
+
+ algClasses = Array(
+ 1 << 13, //ALG_CLASS_SIGNATURE
+ //2 << 13, //ALG_CLASS_MSG_ENCRYPT
+ //3 << 13, //ALG_CLASS_DATA_ENCRYPT
+ //4 << 13, //ALG_CLASS_HASH
+ 5 << 13 //ALG_CLASS_KEY_EXCHANGE
+ );
+
+ // Try to initialise the ActiveX element.
+ try {
+ cenroll = new ActiveXObject("CEnroll.CEnroll");
+
+ if (!cenroll) {
+ throw {
+ name: "NoObjectError",
+ message: "Got null at object creation"
+ };
+ }
+
+ form.style.display = "";
+ algorithm.disabled = true;
+ noActiveX.style.display = "none";
+ } catch (e) {
+ return false;
+ }
+
+ /// Get the name of the selected provider
+ var getProviderName = function () {
+ return provider.options[provider.selectedIndex].text;
+ }
+
+ /// Get the type of the selected provider
+ var getProviderType = function () {
+ return parseInt(provider.options[provider.selectedIndex].value, 10);
+ }
+
+ var refreshProvider = function () {
+ cenroll.ProviderName = getProviderName();
+ cenroll.ProviderType = getProviderType();
+ }
+
+ /// Get the ID of the selected algorithm
+ var getAlgorithmId = function () {
+ return parseInt(algorithm.options[algorithm.selectedIndex].value, 10);
+ }
+
+ /// Minimum bit length for exchange keys
+ var getMinExKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLen(true, true);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Maximum bit length for exchange keys
+ var getMaxExKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLen(false, true);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Step size for exchange keys
+ /// This might not be available on older platforms
+ var getStepExKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLenEx(3, 1);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Minimum bit length for signature keys
+ var getMinSigKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLen(true, false);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Maximum bit length for signature keys
+ var getMaxSigKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLen(false, false);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Step size for signature keys
+ /// This might not be available on older platforms
+ var getStepSigKeyLength = function () {
+ refreshProvider();
+
+ try {
+ return cenroll.GetKeyLenEx(3, 2);
+ } catch (e) {
+ return false;
+ }
+ }
+
+ /// Get the selected key size
+ var getKeySize = function () {
+ var bits = parseInt(keySize.value, 10);
+ if (
+ (bits < getMinSigKeyLength()) ||
+ (bits > getMaxSigKeyLength()) ||
+ (
+ getStepSigKeyLength() &&
+ ((bits - getMinSigKeyLength()) % getStepSigKeyLength() !== 0)
+ )
+ ) {
+ return false;
+ }
+
+ return bits;
+ }
+
+ var getKeySizeLimits = function () {
+ // HTML5 attributes
+ keySize.setAttribute("min", getMinSigKeyLength());
+ keySize.setAttribute("max", getMaxSigKeyLength());
+ if (getStepSigKeyLength()) {
+ keySize.setAttribute("step", getStepSigKeyLength());
+ }
+
+ // ugly, but buggy otherwise if done with text nodes
+ keySizeMin.innerHTML = getMinSigKeyLength();
+ keySizeMax.innerHTML = getMaxSigKeyLength();
+ keySizeStep.innerHTML = getStepSigKeyLength();
+
+ if (getMinSigKeyLength() === getMaxSigKeyLength()) {
+ keySize.value = getMaxSigKeyLength();
+ }
+
+ return true;
+ }
+
+ /// Fill the algorithm selection box
+ var getAlgorithmList = function () {
+ var i, j;
+
+ refreshProvider();
+
+ removeChildren(algorithm);
+
+ for (i = 0; i < algClasses.length; ++i) {
+ for (j = 0; true; ++j) {
+ try {
+ var algId = cenroll.EnumAlgs(j, algClasses[i]);
+ var algName = cenroll.GetAlgName(algId);
+ algorithm.appendChild(option(algName, algId));
+ } catch (e) {
+ break;
+ }
+ }
+ }
+
+ getKeySizeLimits();
+ }
+
+ /// Fill the provider selection box
+ var getProviderList = function () {
+ var i, j;
+
+ removeChildren(provider);
+
+ for (i = 0; i < providerTypes.length; ++i) {
+ cenroll.providerType = providerTypes[i];
+
+ var providerName = "invalid";
+ for (j = 0; true; ++j) {
+ try {
+ providerName = cenroll.enumProviders(j, 0);
+ provider.appendChild(option(providerName, providerTypes[i]));
+ } catch (e) {
+ break;
+ }
+ }
+ }
+
+ return getAlgorithmList();
+ }
+
+ var createCSR = function () {
+ var providerName, bits;
+
+ var level = securityLevel.options[securityLevel.selectedIndex];
+ if (level.value === "custom") {
+ refreshProvider();
+
+ bits = getKeySize();
+ if (bits === false) {
+ window.alert(invalidKeySizeError.innerHTML);
+ return false;
+ }
+ } else {
+ cenroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
+ cenroll.ProviderType = 1; //PROV_RSA_FULL
+
+ if (level.value === "high") {
+ bits = 4096;
+ } else { // medium
+ bits = 2048;
+ }
+ }
+
+ cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits
+ //cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE
+
+ generatingKeyNotice.style.display = "";
+
+ // The request needs to be created after we return so the "please wait"
+ // message gets rendered
+ var createCSRHandler = function () {
+ try {
+ csr.value = cenroll.createPKCS10("", "1.3.6.1.5.5.7.3.2");
+ form.submit();
+ } catch (e) {
+ if (e.number === -2147023673) {
+ // 0x800704c7 => dialogue declined
+ showError(createRequestErrorConfirmDialogue.innerHTML, e);
+ } else if (e.number === -2146435043) {
+ // 0x8010001d => crypto-device not connected
+ showError(createRequestErrorConnectDevice.innerHTML, e);
+ } else {
+ showError(createRequestError.innerHTML, e);
+ }
+ }
+
+ generatingKeyNotice.style.display = "none";
+ cenroll.Reset();
+ }
+
+ window.setTimeout(createCSRHandler, 0);
+
+ // Always return false, form is submitted by deferred method
+ return false;
+ }
+
+ /// Call if securityLevel has changed
+ var refreshSecurityLevel = function () {
+ var level = securityLevel.options[securityLevel.selectedIndex];
+ if (level.value === "custom") {
+ getProviderList();
+ customSettings.style.display = "";
+ } else {
+ customSettings.style.display = "none";
+ }
+ }
+
+ securityLevel.onchange = refreshSecurityLevel;
+ provider.onchange = getAlgorithmList;
+ algorithm.onchange = getKeySizeLimits;
+ genReq.onclick = createCSR;
+
+ return true;
+ };
+
+ // Run the init functions until one is successful
+ if (initCertEnroll()) {
+ form.style.display = "";
+ noActiveX.style.display = "none";
+ } else if (initXEnroll()) {
+ form.style.display = "";
+ noActiveX.style.display = "none";
+ } else {
+ window.alert(unsupportedPlatformError.innerHTML);
+ }
+} ();
diff --git a/www/policy/CertificationPracticeStatement.php b/www/policy/CertificationPracticeStatement.php
index e17056b..b18273c 100644
--- a/www/policy/CertificationPracticeStatement.php
+++ b/www/policy/CertificationPracticeStatement.php
@@ -69,7 +69,7 @@ a:hover {
<a href="PolicyOnPolicy.html"><img src="cacert-draft.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
Creation date: 20060726<br />
Status: DRAFT p20091108<br />
-<!-- $Id: CertificationPracticeStatement.php,v 1.2 2011-07-27 10:41:01 wytze Exp $ -->
+<!-- $Id: CertificationPracticeStatement.php,v 1.3 2012-07-27 16:00:29 wytze Exp $ -->
<font size="-1">
@@ -3203,54 +3203,50 @@ The form of the PGP signatures depends on several factors, therefore no stipulat
<h4><a name="p7.1.2" id="p7.1.2">7.1.2. Certificate extensions</a></h4>
<p>
-Client certificates include the following extensions:.
+ Client certificates include the following extensions:
</p>
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment,cRLSign
- </li><li>
- </li><li>
- extendedKeyUsage=emailProtection,clientAuth,serverAuth,msEFS,msSGC,nsSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
- </li><li>
- subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=emailProtection,clientAuth,msEFS,msSGC,nsSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<ul class="q">
<li> what about Client Certificates Adobe Signing extensions ?</li>
<li> SubjectAltName should become critical if DN is removed http://tools.ietf.org/html/rfc5280#section-4.2.1.6</li>
</ul>
-
<p>
-Server certificates include the following extensions:
+ Server certificates include the following extensions:
</p>
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment
- </li><li>
- extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
- </li><li>
- subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<p>
-Code-Signing certificates include the following extensions:
+ Code-Signing certificates include the following extensions:
</p>
-
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment
- </li><li>
- extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<ul class="q">
<li> what about subjectAltName for Code-signing</li>
</ul>
diff --git a/www/policy/DisputeResolutionPolicy.php b/www/policy/DisputeResolutionPolicy.php
index a97789b..40fca3a 100644
--- a/www/policy/DisputeResolutionPolicy.php
+++ b/www/policy/DisputeResolutionPolicy.php
@@ -1,60 +1,95 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
+<?='<?xml version="1.0" encoding="utf-8"?>'?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
<head>
-<title>Dispute Resulution Policy</title>
+ <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8" />
+ <title>Dispute Resulution Policy</title>
+<style type="text/css">
+<!--
+.first-does-not-work {
+ color : red;
+}
+.comment {
+ color : steelblue;
+}
+.q {
+ color : green;
+ font-weight: bold;
+ text-align: center;
+ font-style:italic;
+}
+.change {
+ color : blue;
+ font-weight: bold;
+}
+.change2 {
+ color : steelblue;
+}
+.strike {
+ color : blue;
+ text-decoration:line-through;
+}
+.draftadd {
+ color : darkblue;
+ font-weight: bold;
+ font-style: italic;
+}
+.draftdrop {
+ color : darkblue;
+ text-decoration:line-through;
+ font-style: italic;
+}
+-->
+</style>
+
</head>
<body>
-<table width="100%">
-<tr>
-<td> DRP </td>
-<td> </td>
-<td width="20%"> Teus Hagen </td>
-</tr>
-<tr>
-<td> POLICY&nbsp;<a href="http://wiki.cacert.org/wiki/TopMinutes-20070917">m20070919.3</a> </td>
-<td> </td>
-<td>
- $Date: 2008-01-18 22:56:31 $
- <!--
- to get this to work, we have to do this:
- svn propset svn:keywords "Date" PolicyOnPolicy.html
- except it does not work through the website.
- -->
-</td>
-</tr>
+<div class="comment">
+<table width="100%">
<tr>
-<td> COD7 </td>
-<td> </td>
-<td> <!-- contributors --> </td>
-</tr>
-
+<td>
+ Name: DRP <a style="color: steelblue" href="//svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD7</a><br />
+ Status: POLICY <a style="color: steelblue" href="//wiki.cacert.org/wiki/TopMinutes-20070917">m20070919.3</a><br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span class="draftadd">DRAFT p20110108 p20121213</span> <br />
+ Editor: <a style="color: steelblue" href="//wiki.cacert.org/TeusHagen">Teus Hagen
+</a><br />
+ Licence: <a style="color: steelblue" href="//wiki.cacert.org/Policy#Licence" title="this document is Copyright &copy; CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy" > CC-by-sa+DRP </a><br /></td>
+<td valign="top" align="right">
+ <a href="//www.cacert.org/policy/PolicyOnPolicy.php"><img src="/images/cacert-policy.png" alt="TTP-Assist Status - POLICY" height="31" width="88" style="border-style: none;" /></a><br />
+ <a href="//www.cacert.org/policy/PolicyOnPolicy.php"><img src="/images/cacert-draft.png" alt="TTP-Assist Status - DRAFT" height="31" width="88" style="border-style: none;" /></a>
-<tr> <!-- title only -->
-<td> </td>
-<td > <b>Dispute&nbsp;Resolution&nbsp;Policy</b> </td>
-<td> </td>
+</td>
</tr>
-
</table>
+</div>
-<h2> <a name="0"> 0. </a> Introduction</h2>
+<h1> Dispute&nbsp;Resolution&nbsp;Policy </h1>
+
+<h2 id="s0"> 0. Introduction</h2>
<p>
-This is the Dispute Resolution Policy for CAcert.
+This is the Dispute Resolution Policy
+<span class="draftdrop">for CAcert</span>
+<span class="draftadd">for the CAcert Community, consisting of CAcert Inc and Members who agree to the CAcert Community Agreement (CCA)</span>.
Disputes arising out of
-operations by CAcert and interactions between
-users may be addressed through this policy.
+operations by CAcert
+<span class="draftadd">Inc</span>
+and interactions between
+<span class="draftadd">
+Members
+</span>
+may be addressed through this policy.
This document also presents the rules for
resolution of disputes.
</p>
-<h3> <a name="0.1"> 0.1 </a> Nature of Disputes </h3>
+<h3 id="s0.1"> 0.1 Nature of Disputes </h3>
<p>
Disputes include:
@@ -64,9 +99,12 @@ Disputes include:
Requests for non-routine support actions.
CAcert support team has no authority to
act outside the normal support facilities made
- available to Users;
+ available to
+ <span class="draftadd">
+ Members;
+ </span>
</li><li>
- Classical disputes where a User or another
+ Classical disputes where a <span class="draftadd">Member</span> or another
assert claims and demand remedies;
</li><li>
Requests by external organisations, including
@@ -75,15 +113,15 @@ Disputes include:
Events initiated for training purposes.
</li></ul>
-<h2> <a name="1"> 1. </a> Filing</h2>
+<h2 id="s1"> 1. Filing</h2>
-<h3> <a name="1.1"> 1.1 </a> Filing Party</h3>
+<h3 id="s1.1"> 1.1 Filing Party</h3>
<p>
Anyone may file a dispute.
In filing, they become <i>Claimants</i>.
</p>
-<h3> <a name="1.2">1.2 </a> Channel for Filing</h3>
+<h3 id="s1.2"> 1.2 Channel for Filing</h3>
<p>
Disputes are filed by being sent to the normal
@@ -96,7 +134,7 @@ Such fees as are imposed on filing will be specified
on the dispute resolution page of the website.
</p>
-<h3> <a name="1.3">1.3 </a> Case Manager</h3>
+<h3 id="s1.3"> 1.3 Case Manager</h3>
<p>
The Case Manager (CM) takes control of the filing.
</p>
@@ -120,10 +158,10 @@ The Case Manager (CM) takes control of the filing.
<p>
The personnel within the CAcert support team
are Case Managers, by default, or as directed
-by the Dispute Resolution Officer.
+by the Dispute Resolution Officer <span class="change2">(DRO)</span>.
</p>
-<h3> <a name="1.4">1.4 </a> Contents</h3>
+<h3 id="s1.4"> 1.4 Contents</h3>
<p>
The filing must specify:
</p>
@@ -135,13 +173,13 @@ The filing must specify:
being the <i>Respondent(s)</i>.
This will be CAcert in the
case of requests for support actions.
- It may be a User (possibly unidentified) in the
- case where one User has given rise to a complaint against another.
+ It may be a <span class="draftadd">Member</span> (possibly unidentified) in the
+ case where one <span class="draftadd">Member</span> has given rise to a complaint against another.
</li><li>
The <i>Complaint</i>.
For example, a trademark has been infringed,
privacy has been breached,
- or a user has defrauded using a certificate.
+ or a <span class="draftadd">Member</span> has defrauded using a certificate.
</li><li>
The action(s) requested by the filing party
(technically, called the <i>relief</i>).
@@ -157,11 +195,12 @@ may refile with the additional information,
attaching the original messages.
</p>
-<h3> <a name="1.5">1.5 </a> The Arbitrator</h3>
+<h3 id="s1.5"> 1.5 The Arbitrator</h3>
<p>
The Case Manager selects the Arbitrator according
-to the mechanism managed by the Dispute Resolution Officer
+to the mechanism managed by the
+<span class="change2">DRO</span> <!-- Dispute Resolution Officer -->
and approved from time to time.
This mechanism is to maintain a list of Arbitrators available for
dispute resolution.
@@ -174,24 +213,31 @@ closed with status "declined."
</p>
<p>
-Arbitrators are experienced Assurers of CAcert.
+Arbitrators are experienced Assurers <span class="draftdrop">of CAcert</span>.
They should be independent and impartial, including
-of CAcert itself where it becomes a party.
+of CAcert <span class="draftadd">Inc.</span> itself where it becomes a party.
</p>
-<h2> <a name="2"> 2. </a> The Arbitration</h2>
+<h2 id="s2"> 2. The Arbitration</h2>
-<h3> <a name="2.1">2.1 </a> Authority</h3>
+<h3 id="s2.1"> 2.1 Authority</h3>
<p>
-The Board of CAcert and the Users vest in Arbitrators
+The Board of CAcert <span class="draftadd">Inc.</span> and the
+<span class="draftadd">
+Members of the Community
+</span>
+ vest in Arbitrators
full authority to hear disputes and deliver rulings
-which are binding on CAcert and the Users.
+which are binding on CAcert <span class="draftadd">Inc.</span> and the
+<span class="draftadd">
+Members.
+</span>
</p>
-<h3> <a name="2.2">2.2 </a> Preliminaries</h3>
+<h3 id="s2.2"> 2.2 Preliminaries</h3>
<p>
The Arbitrator conducts some preliminaries:
@@ -208,29 +254,54 @@ The Arbitrator conducts some preliminaries:
agree, are under such jurisdiction, and it is deemed
more appropriate.
However, this is strictly limited to those parties,
- and especially, CAcert and other parties
- remains under the governing law.
+ and especially, CAcert <span class="draftadd">Inc.</span> and other parties
+ remain under the governing law.
</li><li>
The Arbitrator reviews the Respondents and Claimants
with a view to dismissal or joining of additional parties.
- E.g., support personel may be joined if emergency action was
+ E.g., support personnel may be joined if emergency action was
taken.
</li><li>
- Any parties that are not Users and are not bound
- by the CPS are given the opportunity to enter into
- CAcert and be bound by the CPS and these rules of arbitration.
- If these Non-Related Persons (NRPs) remain outside,
+ Any parties that are not
+ <span class="draftadd">
+ Members
+ </span>
+ and are not bound by the
+ <span class="draftdrop">CPS</span> <span class="draftadd">CCA</span>
+ are given the opportunity to enter into
+ CAcert and be bound by the
+ <span class="draftdrop">CPS</span> <span class="draftadd">CCA</span>
+ and these rules of arbitration.
+ If
+ <!-- <span class="draftdrop">these Non-Related Persons (NRPs)</span> <span class="change">they</span> -->
+ these Non-Related Persons (NRPs)
+ remain outside,
their rights and remedies under CAcert's policies
- and forum are strictly limited to that specified in the
- Non-Related Persons -- Disclaimer and Licence.
- NRPs may proceed with Arbitration subject to preliminary orders
+ and forum are strictly limited to
+ <span class="strike">that</span> <span class="change2">those</span>
+ specified in the
+ <span class="draftdrop">Non-Related Persons -- Disclaimer and Licence</span> <span class="draftadd">Root Distribution License</span>.
+ NRPs
+ may proceed with Arbitration subject to preliminary orders
of the Arbitrator.
</li><li>
- Participating Users may not resign until the completion of the case.
+ Participating
+ <span class="draftadd">
+ Members
+ </span>
+ may not resign
+ <span class="change2">
+ from the Community
+ </span>
+ until the completion of the case.
</li><li>
The Arbitrator confirms that all parties accept
the forum of dispute resolution.
- This is especially important where a User might be
+ This is especially important where a
+ <span class="draftadd">
+ Member
+ </span>
+ might be
in a country with no Arbitration Act in law, or
where there is reason to believe that a party might
go to an external court.
@@ -240,12 +311,12 @@ The Arbitrator conducts some preliminaries:
represented, but are not encouraged to do so,
bearing in mind the volunteer nature of the
organisation and the size of the dispute.
- If they do so they must declare such, including any
- changes.
+ If they do so<span class="change2">,</span>
+ they must declare such, including any changes.
</li><li>
The Arbitrator may appoint experienced Assurers
to assist and represent parties, especially for NRPs.
- The Case Manager must not to provide such assistance.
+ The Case Manager must not provide such assistance.
</li><li>
The Arbitrator is bound to maintain the balance
of legal fairness.
@@ -255,16 +326,18 @@ The Arbitrator conducts some preliminaries:
to emergency actions already taken.
</li><li>
The Arbitrator may request any written pleadings,
- counterclaim, and/or statements of defence.
+ counterclaims, and/or statements of defence.
</li></ul>
-<h3> <a name="2.3">2.3 </a> Jurisdiction </h3>
+<h3 id="s2.3"> 2.3 Jurisdiction </h3>
<p>
-Jurisidiction - the right or power to hear and rule on
+Jurisdiction - the right or power to hear and rule on
disputes - is initially established by clauses in the
-User agreements for all CAcert Users.
+<span class="draftadd">
+CAcert Community Agreement.
+</span>
The agreement must establish:
</p>
@@ -292,7 +365,7 @@ to be considered carefully:
</p>
<ul><li>
- Where NRPs, being not members of CAcert and not
+ Where NRPs, being not Members of CAcert and not
bound by agreement, are parties to the dispute.
E.g., intellectual property disputes may involve
NRPs and their trademarks;
@@ -301,7 +374,11 @@ to be considered carefully:
proceedings,
e.g., fraud;
</li><li>
- Contracts between Users that were formed without
+ Contracts between
+ <span class="draftadd">
+ Members
+ </span>
+ that were formed without
a clause to seek arbitration in the forum;
</li><li>
Areas where laws fall outside the Arbitration Act,
@@ -321,7 +398,7 @@ another forum, the Arbitrator should seek the agreement
of the NRP to file the ruling as part of the new case.
</p>
-<h3> <a name="2.4">2.4 </a> Basis in Law </h3>
+<h3 id="s2.4"> 2.4 Basis in Law </h3>
<p>
Each country generally has an Arbitration Act
@@ -329,7 +406,12 @@ that elevates Arbitration as a strong dispute
resolution forum.
The Act generally defers to Arbitration
if the parties have so agreed.
-That is, as Users of CAcert, you agree to resolve
+That is, as
+ <span class="draftadd">
+ Members
+ </span>
+<span class="draftdrop">users of CAcert</span>,
+you agree to resolve
all disputes before CAcert's forum.
This is sometimes called <i>private law</i>
or <i>alternative dispute resolution</i>.
@@ -338,13 +420,16 @@ or <i>alternative dispute resolution</i>.
<p>
As a matter of public policy, courts will generally
refer any case back to Arbitration.
-Users should understand that they will have
+ <span class="draftadd">
+ Members
+ </span>
+should understand that they will have
strictly limited rights to ask the courts to
seek to have a case heard or to override a Ruling.
</p>
-<h3> <a name="2.5">2.5 </a> External Courts </h3>
+<h3 id="s2.5"> 2.5 External Courts </h3>
<p>
When an external court claims and asserts its jurisdiction,
@@ -362,17 +447,20 @@ seek to have a case heard or to override a Ruling.
court, and rules.
The Arbitrator may rule to reject the order,
for jurisdiction or other reasons.
- By way of example, if all Parties are registered Users,
+ By way of example, if all Parties are
+ <span class="draftadd">
+ Members,
+ </span>
then jurisdiction more normally falls within the forum.
If the Arbitrator rules to reject,
- he should do so only after consulting with CAcert counsel.
+ he should do so only after consulting with CAcert <span class="draftadd">Inc.</span> counsel.
The Arbitrator's jurisidiction is ordinarily that of
dealing with the order, and
not that which the external court has claimed to.
</p>
-<h3> <a name="2.6">2.6 </a> Process</h3>
+<h3 id="s2.6"> 2.6 Process</h3>
<p>
The Arbitrator follows the procedure:
@@ -382,8 +470,11 @@ The Arbitrator follows the procedure:
<ol><li>
Establish the facts.
The Arbitrator collects the evidence from the parties.
- The Arbitrator may order CAcert or Users under
- jurisdiction to provide support or information.
+ The Arbitrator may order CAcert <span class="draftadd">Inc.</span> or
+ <span class="draftadd">
+ Members
+ </span>
+ under jurisdiction to provide support or information.
The Arbitrator may use email, phone or face-to-face
meetings as proceedings.
</li><li>
@@ -392,15 +483,23 @@ The Arbitrator follows the procedure:
The Arbitrator may request that the parties
submit their views.
The Arbitrator also works to the mission of CAcert,
- the benefit of all Users, and the community as a whole.
- The Arbitrator may any assistance.
+ the benefit of all
+ <span class="draftadd">
+ Members
+ </span>
+ , and the community as a whole.
+ The Arbitrator may
+ <span class="draftadd">
+ seek
+ </span>
+ any assistance.
</li><li>
Makes a considered Ruling.
</li></ol>
-<h2> <a name="3"> 3. </a> The Ruling</h2>
+<h2 id="s3"> 3. The Ruling</h2>
-<h3> <a name="3.1">3.1 </a> The Contents </h3>
+<h3 id="s3.1"> 3.1 The Contents </h3>
<p>
The Arbitrator records:
@@ -420,11 +519,11 @@ The Arbitrator records:
</li></ol>
-<h3> <a name="3.2">3.2 </a> Process </h3>
+<h3 id="s3.2"> 3.2 Process </h3>
<p>
Once the Ruling is delivered, the case is closed.
The Case Manager is responsible for recording the
-Ruling, publishing it, and advising users.
+Ruling, publishing it, and advising <span class="draftadd">Members</span>.
</p>
<p>
@@ -440,53 +539,94 @@ Arbitrator declare the Ruling private <i>under seal</i>.
Such a declaration must be reviewed in its entirety
by the Board,
and the Board must confirm or deny that declaration.
-If it confirms, the existance of any Rulings under seal
-must be published to the Users in a timely manner
+If it confirms, the existence of any Rulings under seal
+must be published to the
+ <span class="draftadd">
+ Members
+ </span>
+in a timely manner
(within days).
</p>
-<h3> <a name="3.3">3.3 </a> Binding and Final </h3>
-
-<p>
-The Ruling is binding and final on CAcert and all Users.
-Ordinarily, all Users agree to be bound by this dispute
-resolution policy. Users must declare in the Preliminaries
+<h3 id="s3.3"> 3.3 Binding and Final </h3>
+
+<p>
+The Ruling is
+<!-- (DRAFT p20110108) -->
+<span class="draftadd">ordinarily final and binding </span>
+<span class="draftdrop">binding and final</span>
+on CAcert <span class="draftadd">Inc.</span> and all
+ <span class="draftadd">
+ Members
+ </span>
+.
+Ordinarily, all
+ <span class="draftadd">
+ Members
+ </span>
+ agree to be bound by this dispute
+resolution policy.
+ <span class="draftadd">
+ Members
+ </span>
+must declare in the Preliminaries
any default in agreement or binding.
</p>
<p>
-If a person who is not a User is a party to the dispute,
+If a person who is not a
+ <span class="draftadd">
+ Member
+ </span>
+is a party to the dispute,
then the Ruling is not binding and final on that person,
but the Ruling must be presented in filing any dispute
in another forum such as the person's local courts.
</p>
-<h3> <a name="3.4">3.4 </a> Re-opening the Case or Appeal </h3>
+<h3 id="s3.4"> 3.4 <span class="draftadd">Review for Appeal (DRAFT p20110108)</span> &nbsp;&nbsp;&nbsp;&nbsp; <span class="draftdrop">Re-opening the Case or Appeal</span> </h3>
<p>
-In the case of clear injustices, egregious behaviour or
-unconscionable Rulings, parties may seek to re-open the
-case by filing a dispute. The new Arbitrator
-reviews the new dispute,
+In the <span class="draftadd">event</span> <span class="draftdrop">case</span> of clear injustices, egregious behaviour or
+unconscionable Rulings,
+<span class="draftadd">
+a review may be requested by filing a dispute (DRAFT p20110108).
+</span>
+<span class="draftdrop">
+parties may seek to re-open the
+case by filing a dispute.
+</span>
+The new Arbitrator reviews the new dispute,
re-examines and reviews the entire case, then rules on
whether the case may be re-opened or not.
</p>
<p>
+<span class="draftadd">
+If the Review Arbitrator rules the case be re-opened,
+then the Review Arbitrator refers the case to an Appeal Panel of 3.
+The Appeal Panel is led by a Senior Arbitrator,
+and is formed according to procedures established
+by the DRO from time to time.
+The Appeal Panel hears the case and delivers a final and binding Ruling.
+ (DRAFT p20110108)
+</span>
+<span class="draftdrop">
If the new Arbitrator rules the case be re-opened,
then it is referred to the Board of CAcert Inc.
The Board hears the case and delivers a final
and binding Ruling.
+</span>
</p>
-<h3> <a name="3.5">3.5 </a> Liability </h3>
+<h3 id="s3.5"> 3.5 Liability </h3>
<p>
All liability of the Arbitrator for any act in
connection with deciding a dispute is excluded
by all parties, provided such act does not constitute
an intentional breach of duty.
-All liability of the Arbitrators, CAcert, its officers and its
+All liability of the Arbitrators, CAcert <span class="draftadd">Inc.</span>, its officers and its
employees (including Case Manager)
for any other act or omission in connection with
arbitration proceedings is excluded, provided such acts do not
@@ -495,15 +635,18 @@ constitute an intentional or grossly negligent breach of duty.
<p>
The above provisions may only be overridden by
-appeal process (by means of a new dispute causing
-referral to the Board).
+appeal process
+ (by means of a new dispute causing referral to the Board).
+
</p>
-<h3> <a name="3.6">3.6 </a> Remedies </h3>
+<h3 id="s3.6"> 3.6 Remedies </h3>
<p>
The Arbitrator generally instructs using internal remedies,
-that is ones that are within the general domain of CAcert,
+that is ones that are within the general domain of
+<span class="draftdrop">CAcert</span>
+<span class="draftadd">the Community</span>,
but there are some external remedies at his disposal.
He may rule and instruct any of the parties on these issues.
</p>
@@ -515,7 +658,7 @@ He may rule and instruct any of the parties on these issues.
</li><li>
writing documentation
</li><li>
- serve in role - support, dispute arbitration
+ serve in <span class="change2">a</span> role - support, dispute arbitration
</li></ul>
or others as decided.
@@ -531,7 +674,10 @@ He may rule and instruct any of the parties on these issues.
</li><li>
Monetary fine up to the liability cap established for
- each party as described in the Registered User Agreement.
+ each party as described in the
+ <span class="draftadd">
+ CAcert Community Agreement.
+ </span>
</li><li>
Exclusion from community.
@@ -548,20 +694,25 @@ He may rule and instruct any of the parties on these issues.
The Arbitrator is not limited within the general domain
of CAcert, and may instruct novel remedies as seen fit.
Novel remedies outside the domain may be routinely
-confirmed by the Board by way of appeals process,
+confirmed by the Board by way of appeal process,
in order to establish precedent.
+
</p>
-<h2> <a name="4"> 4. </a> Appendix</h2>
+<h2 id="s4"> 4. Appendix</h2>
-<h3> <a name="4.1">4.1 </a> The Advantages of this Forum </h3>
+<h3 id="s4.1"> 4.1 The Advantages of this Forum </h3>
<p>
-The advantage of this process for Users is:
+The advantage of this process for
+ <span class="draftadd">
+ Members
+ </span>
+ is:
</p>
<ul><li>
- CAcert and Users operate across many jurisdictions.
+ CAcert and <span class="draftadd">Members</span> operate across many jurisdictions.
Arbitration allows us to select a single set of
rules across all jurisdictions.
</li><li>
@@ -572,7 +723,7 @@ The advantage of this process for Users is:
authority to act.
Good governance is thus maintained.
</li><li>
- This forum allows CAcert Users to look after themselves
+ This forum allows CAcert <span class="draftadd">Members</span> to look after themselves
in a community, without exposing each other to potentially
disastrous results in strange courts from foreign lands.
</li><li>
@@ -588,18 +739,21 @@ The advantage of this process for Users is:
other external agencies.
</li></ul>
-<h3> <a name="4.2">4.2 </a> The Disadvantages of this Forum </h3>
+<h3 id="s4.2"> 4.2 The Disadvantages of this Forum </h3>
<p>
Some disadvantages exist.
</p>
<ul><li>
- Users may have their rights trampled over.
+ <span class="draftadd">Members</span> may have their rights trampled over.
In such a case, the community should strive to
- re-open the case and refer it to the board.
+ re-open the case
+ and refer it to the board.
+
+
</li><li>
- Users may feel overwhelmed by the formality
+ <span class="draftadd">Members</span> may feel overwhelmed by the formality
of the process.
It is kept formal so as to establish good and proper
authority to act; otherwise, support and other
@@ -613,7 +767,7 @@ Some disadvantages exist.
they should also depart the community.
</li></ul>
-<h3> <a name="4.3">4.3 </a> Process and Flow </h3>
+<h3 id="s4.3"> 4.3 Process and Flow </h3>
<p>
To the extent reasonable, the Arbitrator conducts
@@ -635,5 +789,6 @@ Note also that many elements of legal proceedings are
deliberately left out of the rules.
</p>
+
</body>
</html>
diff --git a/www/policy/OrganisationAssurancePolicy.php b/www/policy/OrganisationAssurancePolicy.php
index 7d8699c..e462693 100644
--- a/www/policy/OrganisationAssurancePolicy.php
+++ b/www/policy/OrganisationAssurancePolicy.php
@@ -1,54 +1,51 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
-<head><title>Organisation Assurance Policy</title></head>
+<?='<?xml version="1.0" encoding="utf-8"?>'?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title> Organisation Assurance Policy </title>
+<style type="text/css">
+<!--
+.comment {
+ color : steelblue;
+}
+-->
+</style>
+
+</head>
<body>
+<div class="comment">
<table width="100%">
<tr>
-<td> OAP </td>
-<td> </td>
-<td width="20%"> Jens </td>
-</tr>
-
-<tr>
-<td> POLICY&nbsp;<a href="http://wiki.cacert.org/wiki/TopMinutes-20070917">m20070918.x</a> </td>
-<td> </td>
<td>
- $Date: 2008-01-18 22:56:31 $
- <!--
- to get this to work, we have to do this:
- svn propset svn:keywords "Date" file.html
- except it does not work through the website.
- -->
-</td>
-</tr>
+ Name: OAP <a style="color: steelblue" href="//svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD11</a><br />
-<tr>
-<td> COD11 </td>
-<td> </td>
-<td> </td>
-</tr>
+ Status: POLICY/DRAFT <a style="color: steelblue" href="//wiki.cacert.org/wiki/TopMinutes-20070917">m20070918.x </a><br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span class="draftadd">DRAFT p20080401.1 </span> <br />
+ Editor: Jens Paul <br />
+ Licence: <a style="color: steelblue" href="//wiki.cacert.org/Policy#Licence" title="this document is Copyright &copy; CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy" > CC-by-sa+DRP </a><br /></td>
+<td valign="top" align="right">
+ <a href="//www.cacert.org/policy/PolicyOnPolicy.html"><img src="/images/cacert-policy.png" alt="OAP Status - POLICY" height="31" width="88" style="border-style: none;" /></a><br />
+ <a href="//www.cacert.org/policy/PolicyOnPolicy.html"><img src="/images/cacert-draft.png" alt="OAP Status - DRAFT" height="31" width="88" style="border-style: none;" /></a>
-<tr>
-<td> </td>
-<td > <b>Organisation&nbsp;Assurance&nbsp;Policy</b> </td>
-<td> </td>
+</td>
</tr>
-
</table>
+</div>
+<h1> Organisation&nbsp;Assurance&nbsp;Policy </h1>
-<h2> <a name="0"> 0. </a> Preliminaries </h2>
+<h2 id="s0">0. Preliminaries </h2>
<p>
This policy describes how Organisation Assurers ("OAs")
conduct Assurances on Organisations.
It fits within the overall web-of-trust
-or Assurance process of Cacert.
+or Assurance process of CAcert.
</p>
<p>
@@ -56,7 +53,7 @@ This policy is not a Controlled document, for purposes of
Configuration Control Specification ("CCS").
</p>
-<h2> <a name="1"> 1. </a> Purpose </h2>
+<h2 id="s1"> 1. Purpose </h2>
<p>
Organisations with assured status can issue certificates
@@ -76,27 +73,31 @@ and as described in the CPS.
to this policy.
</li><li>
The organisation is within the jurisdiction
- and can be taken to Arbitration.
+ and can be taken to CAcert Arbitration.
</li></ul>
-<h2> <a name="2"> 2. </a> Roles and Structure </h2>
+<h2 id="s2"> 2. Roles and Structure </h2>
-<h3> <a name="2.1"> 2.1 </a> Assurance Officer </h3>
+<h3 id="s2.1"> 2.1 Assurance Officer </h3>
<p>
The Assurance Officer ("AO")
-manages this policy and reports to the board.
+manages this policy and reports to the CAcert Inc. Committee ("Board").
</p>
<p>
The AO manages all OAs and is responsible for process,
-the CAcert Organisation Assurance Programme form ("COAP"),
+the CAcert Organisation Assurance Programme ("COAP") form,
OA training and testing, manuals, quality control.
In these responsibilities, other Officers will assist.
</p>
+<p>
+The OA is appointed by the Board.
+Where the OA is failing the Board decides.
+</p>
-<h3> <a name="2.2"> 2.2 </a> Organisation Assurers </h3>
+<h3 id="s2.2"> 2.2 Organisation Assurers </h3>
<p>
</p>
@@ -141,11 +142,30 @@ In these responsibilities, other Officers will assist.
as supervised, trained and tested.
</li>
</ol>
+ </li>
+ <li>The OA can decide when a CAcert
+ (individual) Assurer
+ has done several OA Application Advises to appoint this
+ person to OA Assurer.
+ </li>
+
</ol>
+<h3 id="s2.3"> 2.3 Organisation Assurance Advisor ("OAA") </h3>
+ <p>In countries/states/provinces where no OA Assurers are
+ operating for an OA Application (COAP) the OA
+ can be advised by an experienced local CAcert
+ (individual) Assurer to take the decision
+ to accept the OA Application (COAP) of the organisation.
+ </p>
+ <p>
+ The local Assurer must have at least 150 Points,
+ should know the language, and know
+ the organisation trade office registry culture and quality.
+ </p>
-<h3> <a name="2.3"> 2.3 </a> Organisation Administrator </h3>
+<h3 id="s2.4"> 2.4 Organisation Administrator </h3>
<p>
The Administrator within each Organisation ("O-Admin")
@@ -175,9 +195,9 @@ and the issuing of certificates.
</ol>
-<h2> <a name="3"> 3. </a> Policies </h2>
+<h2 id="s3"> 3. Policies </h2>
-<h3> <a name="3.1"> 3.1 </a> Policy </h3>
+<h3 id="s3.1"> 3.1 Policy </h3>
<p>
There is one policy being this present document,
@@ -191,7 +211,7 @@ and several subsidiary policies.
<li> Organisations are assured under an appropriate subsidiary policy. </li>
</ol>
-<h3> <a name="3.2"> 3.2 </a> Subsidiary Policies </h3>
+<h3 id="s3.2"> 3.2 Subsidiary Policies </h3>
<p>
The nature of the Subsidiary Policies ("SubPols"):
@@ -210,7 +230,7 @@ The nature of the Subsidiary Policies ("SubPols"):
</li><li>
For OAs,
SubPol specifies the <i>tests of local knowledge</i>
- including the local organisational forms.
+ including the local organisation assurance COAP forms.
</li><li>
For assurances,
SubPol specifies the <i>local documentation forms</i>
@@ -221,7 +241,7 @@ The nature of the Subsidiary Policies ("SubPols"):
policy approval process.
</li></ol>
-<h3> <a name=""> </a> 3.3 Freedom to Assemble </h3>
+<h3 id="s3.3"> 3.3 Freedom to Assemble </h3>
<p>
Subsidiary Policies are open, accessible and free to enter.
@@ -254,9 +274,9 @@ Subsidiary Policies are open, accessible and free to enter.
</li></ol>
-<h2> <a name="4"> 4. </a> Process </h2>
+<h2 id="s4"> 4. Process </h2>
-<h3> <a name="4.1"> 4.1 </a> Standard of Organisation Assurance </h3>
+<h3 id="s4.1"> 4.1 Standard of Organisation Assurance </h3>
<p>
The essential standard of Organisation Assurance is:
</p>
@@ -276,7 +296,7 @@ The essential standard of Organisation Assurance is:
requestor can sign on behalf of the organisation.
</li><li>
the organisation has agreed to the terms of the
- Registered User Agreement,
+ CAcert Community Agreement
and is therefore subject to Arbitration.
</li></ol>
@@ -285,7 +305,7 @@ The essential standard of Organisation Assurance is:
are stated in the SubPol.
</p>
-<h3> <a name="4.2"> 4.2 </a> COAP </h3>
+<h3 id="s4.2"> 4.2 COAP </h3>
<p>
The COAP form documents the checks and the resultant
assurance results to meet the standard.
@@ -302,12 +322,13 @@ Additional information to be provided on form:
<li>additional contact information (as required by SubPol).</li>
</ol>
</li><li>
- administrator account names (1 or more)
+ administrator account name(s) (1 or more)
</li><li>
domain name(s)
</li><li>
- Agreement with registered user agreement.
- Statement and initials box for organsation
+ Agreement with
+ CAcert Community Agreement.
+ Statement and initials box for organisation
and also for OA.
</li><li>
Date of completion of Assurance.
@@ -322,17 +343,17 @@ and indication provided that the English is the
ruling language (due to Arbitration requirements).
</p>
-<h3> <a name="4.3"> 4.3 </a> Jurisdiction </h3>
+<h3 id="s4.3"> 4.3 Jurisdiction </h3>
<p>
Organisation Assurances are carried out by
-CAcert Inc under its Arbitration jurisdiction.
+CAcert Inc. under its Arbitration jurisdiction.
Actions carried out by OAs are under this regime.
</p>
<ol type="a"><li>
The organisation has agreed to the terms of the
- Registered User Agreement,
+ CAcert Community Agreement.
</li><li>
The organisation, the Organisation Assurers, CAcert and
other related parties are bound into CAcert's jurisdiction
@@ -340,12 +361,13 @@ Actions carried out by OAs are under this regime.
</li><li>
The OA is responsible for ensuring that the
organisation reads, understands, intends and
- agrees to the registered user agreement.
+ agrees to the
+ CAcert Community Agreement.
This OA responsibility should be recorded on COAP
(statement and initials box).
</li></ol>
-<h2> <a name="5"> 5. </a> Exceptions </h2>
+<h2 id="s5"> 5. Exceptions </h2>
<ol type="a"><li>
@@ -375,5 +397,6 @@ Actions carried out by OAs are under this regime.
E.g., registration as DBA or holding of registered trade mark.
This means that the anglo law tradition of unregistered DBAs
is not accepted without further proof.
-</li></ol>
-
+ </li></ol>
+</body>
+</html>
diff --git a/www/policy/PrivacyPolicy.html b/www/policy/PrivacyPolicy.html
index 6670e92..8aa0837 100644
--- a/www/policy/PrivacyPolicy.html
+++ b/www/policy/PrivacyPolicy.html
@@ -105,8 +105,8 @@ Governmental warrants and civil supoenas will be processed through the dispute r
<p>If you need to contact us in writing, address your mail to:</p>
<p>
CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
+PO Box 66 <br>
+Oatley NSW 2223<br>
Australia
</p>
diff --git a/www/sqldump.php b/www/sqldump.php
index 9476f6f..f30b4d0 100644
--- a/www/sqldump.php
+++ b/www/sqldump.php
@@ -15,24 +15,24 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- header("content-type: text/plain");
+ header("content-type: text/plain");
?>
# CAcert SQL Dump
-# version 0.0.2
+# version 0.0.3
#
# Generation Time: <?=date('r')?>
#
# Database: `cacert`
#
<?
- $tables = mysql_list_tables('cacert');
- while(list($table_name) = mysql_fetch_array($tables))
- {
- echo "# --------------------------------------------------------\n\n";
- echo "#\n# Table structure for table `$table_name`\n#\n\n";
+ $tables = mysql_query("SHOW TABLES");
+ while(list($table_name) = mysql_fetch_array($tables))
+ {
+ echo "# --------------------------------------------------------\n\n";
+ echo "#\n# Table structure for table `$table_name`\n#\n\n";
- echo "DROP TABLE IF EXISTS `$table_name`;\n";
- $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE `cacert`.`$table_name`"));
- echo $create['Create Table'].";\n\n";
- }
+ echo "DROP TABLE IF EXISTS `$table_name`;\n";
+ $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE `$table_name`"));
+ echo $create['Create Table'].";\n\n";
+ }
?>
diff --git a/www/styles/default.css b/www/styles/default.css
index 9fdd85c..4d4db6a 100644
--- a/www/styles/default.css
+++ b/www/styles/default.css
@@ -6,20 +6,22 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
-/* url("/siteimages/bg_grad.jpg") fixed; */
+ background: #cccccc;
+/* url("/siteimages/bg_grad.jpg") fixed; */
}
+
/******* hyperlink and anchor tag styles *******/
a:link, a:visited {
- color: #005FA9;
+ color: #005fa9;
text-decoration: none;
}
@@ -27,87 +29,87 @@ a:hover {
text-decoration: underline;
}
+
/************** header tag styles **************/
-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
+h2 {
+ font: bold 114% Arial ,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
}
-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h3 {
+ font: bold 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h3.pointer{
- cursor: pointer;
- /* cursor: hand; */
+h3.pointer {
+ cursor: pointer;
+ /* cursor: hand; */
}
-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
+h4 {
+ font: bold 100% Arial ,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
}
-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h5 {
+ font: 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
/*************** list tag styles ***************/
ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}
-ul {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ul.no_indent {
+ list-style: none;
+ padding: 0px;
}
+
/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
- position:absolute;
+
+#pagecell1 {
+ position: absolute;
top: 2%;
left: 2%;
right: 2%;
width: 96%;
background-color: #ffffff;
-
}
#tl {
- position:absolute;
+ position: absolute;
top: -1px;
left: -1px;
margin: 0px;
@@ -116,7 +118,7 @@ border-left: 1px dotted #000;
}
#tr {
- position:absolute;
+ position: absolute;
top: -1px;
right: -1px;
margin: 0px;
@@ -124,43 +126,43 @@ border-left: 1px dotted #000;
z-index: 100;
}
-#masthead{
+#masthead {
position: absolute;
top: 0px;
left: 2%;
right: 2%;
- width:95.6%;
-
+ width: 95.6%;
}
-#pageNav{
+#pageNav {
float: right;
- width:178px;
+ width: 178px;
padding: 0px;
background-color: #F5f7f7;
border-left: 1px solid #cccccc;
font: small Verdana,sans-serif;
}
-#content{
+#content {
padding: 0px 10px 0px 0px;
- margin:0px 178px 0px 0px;
+ margin: 0px 178px 0px 0px;
}
/***********************************************/
/* Component Divs */
/***********************************************/
-#siteName{
+#siteName {
margin: 0px;
padding: 16px 0px 8px 0px;
color: #ffffff;
font-weight: normal;
}
+
/************** utility styles *****************/
-#utility{
+#utility {
font: 75% Verdana,sans-serif;
position: absolute;
top: 16px;
@@ -168,7 +170,7 @@ border-left: 1px dotted #000;
color: #919999;
}
-#utility a{
+#utility a {
color: #ffffff;
}
@@ -176,46 +178,48 @@ border-left: 1px dotted #000;
text-decoration: underline;
}
+
/************** pageName styles ****************/
-#pageName{
+#pageName {
padding: 0px 0px 14px 10px;
margin: 0px;
- border-bottom:1px solid #ccd2d2;
+ border-bottom: 1px solid #ccd2d2;
z-index: 2;
}
-#pageName h2{
+#pageName h2 {
font: bold 175% Arial,sans-serif;
color: #000000;
- margin:0px;
+ margin: 0px;
padding: 0px;
}
+
/*
#pageLogo {
- position: absolute;
- top: 8px;
- left: 10px;
- z-index: 5;
+ position: absolute;
+ top: 8px;
+ left: 10px;
+ z-index: 5;
}
*/
+
/************* globalNav styles ****************/
-#globalNav{
-position: relative;
-width: 100%;
-min-width: 640px;
-height: 32px;
-color: #cccccc;
-padding: 0px;
-margin: 0px;
-background-image: url("siteimages/glbnav_background.gif");
+#globalNav {
+ position: relative;
+ width: 100%;
+ min-width: 640px;
+ height: 32px;
+ color: #cccccc;
+ padding: 0px;
+ margin: 0px;
+ background-image: url("siteimages/glbnav_background.gif");
}
-#globalNav img{
- margin-bottom: -4px;
-
+#globalNav img {
+ margin-bottom: -4px;
}
#gnl {
@@ -230,7 +234,7 @@ background-image: url("siteimages/glbnav_background.gif");
right:0px;
}
-#globalLink{
+#globalLink {
position: absolute;
top: 6px;
height: 22px;
@@ -243,24 +247,27 @@ background-image: url("siteimages/glbnav_background.gif");
a.glink, a.glink:visited {
- font-size: small;
- color: #000000;
+ font-size: small;
+ color: #000000;
font-weight: bold;
margin: 0px;
padding: 2px 5px 4px 5px;
- border-right: 1px solid #8FB8BC;
+ border-right: 1px solid #8fb8bc;
}
a.glink:hover {
- background-image: url("siteimages/glblnav_selected.gif");
+ background-image: url("siteimages/glblnav_selected.gif");
text-decoration: none;
}
-.skipLinks {display: none;}
+.skipLinks {
+ display: none;
+}
+
/************ subglobalNav styles **************/
-.subglobalNav{
+.subglobalNav {
position: absolute;
top: 84px;
left: 0px;
@@ -281,13 +288,15 @@ a.glink:hover {
color: #cccccc;
}
+
/*************** search styles *****************/
/*
#listshow {
z-order: 101;
}
*/
-#search{
+
+#search {
position: absolute;
top: 125px;
right: 0px;
@@ -302,46 +311,46 @@ a.glink:hover {
font-size: 11px;
}
-#search1{
+#search1 {
position: absolute;
top: 85px;
right: 300px;
}
-#search2{
+#search2 {
position: absolute;
top: 100px;
right: 300px;
}
-#search3{
+#search3 {
position: absolute;
top: 85px;
right: 240px;
}
-#search4{
+#search4 {
position: absolute;
top: 100px;
right: 226px;
}
-#googlead{
+#googlead {
position: absolute;
top: 5px;
right: 0px;
z-index: -10;
}
-#search input{
- font-size: 70%;
- margin: 0px 0px 0px 10px;
+#search input {
+ font-size: 70%;
+ margin: 0px 0px 0px 10px;
}
-
+
#search a:link, #search a:visited {
font-size: 80%;
font-weight: bold;
-
+
}
#search a:hover {
@@ -351,40 +360,42 @@ a.glink:hover {
/************* breadCrumb styles ***************/
-#breadCrumb{
+#breadCrumb {
padding: 5px 0px 5px 10px;
font: small Verdana,sans-serif;
- color: #AAAAAA;
+ color: #aaaaaa;
}
-#breadCrumb a{
- color: #AAAAAA;
+#breadCrumb a {
+ color: #aaaaaa;
}
#breadCrumb a:hover {
- color: #005FA9;
+ color: #005fa9;
text-decoration: underline;
}
/************** feature styles *****************/
-.feature{
+.feature {
padding: 0px 0px 10px 10px;
font-size: 80%;
min-height: 200px;
height: 200px;
}
-.feature {height: auto;}
+.feature {
+ height: auto;
+}
-.feature h3{
+.feature h3 {
font: bold 175% Arial,sans-serif;
color: #000000;
padding: 30px 0px 5px 0px;
}
-.feature img{
+.feature img {
float: left;
padding: 0px 10px 0px 0px;
}
@@ -398,7 +409,7 @@ a.glink:hover {
min-height: 450px;
}
-.story h3{
+.story h3 {
font: bold 125% Arial,sans-serif;
color: #000000;
}
@@ -407,10 +418,10 @@ a.glink:hover {
padding: 0px 0px 10px 0px;
}
-.story a.capsule{
+.story a.capsule {
font: bold 1em Arial,sans-serif;
color: #005FA9;
- display:block;
+ display: block;
padding-bottom: 5px;
}
@@ -418,14 +429,14 @@ a.glink:hover {
text-decoration: underline;
}
-td.storyLeft{
+td.storyLeft {
padding-right: 12px;
}
/************** siteInfo styles ****************/
-#siteInfo{
+#siteInfo {
clear: both;
border-top: 1px solid #cccccc;
font-size: small;
@@ -433,15 +444,15 @@ td.storyLeft{
padding: 10px 10px 10px 10px;
}
+
/************ sectionLinks styles **************/
-#sectionLinks{
+#sectionLinks {
margin: 0px;
padding: 0px;
-
}
-#sectionLinks h3{
+#sectionLinks h3 {
padding: 10px 0px 2px 10px;
border-bottom: 1px solid #cccccc;
}
@@ -450,7 +461,7 @@ td.storyLeft{
display: block;
border-top: 1px solid #ffffff;
border-bottom: 1px solid #cccccc;
- background-image: url("siteimages/bg_nav.jpg");
+ background-image: url("siteimages/bg_nav.jpg");
font-weight: bold;
padding: 3px 0px 3px 10px;
color: #21536A;
@@ -467,83 +478,84 @@ td.storyLeft{
/************* relatedLinks styles **************/
-.relatedLinks{
+.relatedLinks {
margin: 0px;
padding: 0px 0px 10px 10px;
border-bottom: 1px solid #cccccc;
}
-.relatedLinks h3{
+.relatedLinks h3 {
padding: 10px 0px 2px 0px;
}
-.relatedLinks a{
- display: block;
+.relatedLinks a {
+ display: block;
}
/**************** advert styles *****************/
-#advert{
+#advert {
padding: 10px;
}
-#advert img{
+#advert img {
display: block;
}
+
/********************* end **********************/
.DataTD input, .DataTD textarea {
- FONT-SIZE: 92%;
+ font-size: 92%;
}
.DataTD select, .DataTD option {
- FONT-SIZE: 92%;
+ font-size: 92%;
}
.DataTD {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
background: #ffffff;
padding: 1px 5px 1px 5px;
- border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border: 1px #cfcfcf solid;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}
.DataTDGrey {
background-color: #EFEDED;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}
.DataTDNotDotted {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
background: #ffffff;
padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF solid;
- border-right: 1px #CFCFCF solid;
+ border-left: 1px #cfcfcf solid;
+ border-right: 1px #cfcfcf solid;
}
.wrapper {
@@ -554,100 +566,142 @@ td.storyLeft{
}
td.greytxt {
- color: #CCCCCC;
+ color: #cccccc;
font-size: smaller;
text-align: right;
vertical-align: bottom;
}
.title {
- background: #E2E2E2;
- font-weight:BOLD;
+ background: #e2e2e2;
+ font-weight: bold;
padding: 1px 5px 1px 5px;
- border: 1px solid #CFCFCF;
- border-bottom: 3px double #CFCFCF;
+ border: 1px solid #cfcfcf;
+ border-bottom: 3px double #cfcfcf;
border-top: 1px solid #656565;
text-align: center;
}
.errmsg {
- font-weight: BOLD;
+ font-weight: bold;
color: #FF0000;
}
-.ac_menu
-{
- border:1px solid black
+.ac_menu {
+ border: 1px solid black
}
-.ac_normal
-{
- background-color:#ffffff;
- cursor:pointer;
+
+.ac_normal {
+ background-color: #ffffff;
+ cursor: pointer;
}
-.ac_highlight
-{
- background-color:#3366cc;
- color:white;
- cursor:pointer;
+
+.ac_highlight {
+ background-color: #3366cc;
+ color: white;
+ cursor: pointer;
}
-.ac_normal .a
-{
- font-size:13px;
- color:black;
+
+.ac_normal .a {
+ font-size: 13px;
+ color: black;
}
-.ac_highlight .a
-{
- font-size:13px;
+
+.ac_highlight .a {
+ font-size: 13px;
}
-.ac_normal .d
-{
- float:right;
- font-size:10px;
- color:green;
+
+.ac_normal .d {
+ float: right;
+ font-size: 10px;
+ color: green;
}
-.ac_highlight .d
-{
- float:right;
- font-size:10px;
+
+.ac_highlight .d {
+ float: right;
+ font-size: 10px;
}
+
/************** sponsorInfo styles ****************/
div.sponsorinfo {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: #000000;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: #000000;
+ padding: 10px 10px 10px 10px;
}
img.sponsorlogo {
- margin-left: 10px;
- margin-right: 10px;
- border: 0px none;
- vertical-align: middle;
+ margin-left: 10px;
+ margin-right: 10px;
+ border: 0px none;
+ vertical-align: middle;
}
+
/************ Newsbox *************/
-#lnews { /* class for the text "Latest News" */
- font-size: small;
- font-variant: small-caps;
+#lnews { /* class for the text "Latest News" */
+ font-size: small;
+ font-variant: small-caps;
}
div.newsbox {
- border-top: 1px solid #cccccc;
- color: #101010;
- padding: 10px 10px 10px 10px;
+ border-top: 1px solid #cccccc;
+ color: #101010;
+ padding: 10px 10px 10px 10px;
}
+
/************ SQL Performance ***********/
div.footerbar {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: black;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: black;
+ padding: 10px 10px 10px 10px;
+}
+
+
+/************ Honeypot ***********/
+
+.robotic {
+ display: none;
+}
+
+
+/************ unicode fallbacks ***********/
+
+/* Some embedding of font */
+@font-face {
+ font-family: 'Source Code Pro';
+ src: local('Source Code Pro');
+/* src: url(/res/fonts/SourceCodePro-Medium.ttf); */
}
+@font-face {
+ font-family: 'Last Resort';
+ src: local('LastResort');
+/* src: url(/res/fonts/LastResort.ttf); */
+}
+
+.accountdetail {
+ font-family: 'Source Code Pro', 'Lucida Console', 'Arial Unicode MS', monospace, 'Last Resort';
+ font-size: 1.1em;
+}
+
+.accountdetail.fname {
+}
+
+.accountdetail.mname {
+}
+
+.accountdetail.lname {
+ font-weight: bold;
+}
+
+.accountdetail.suffix {
+}
diff --git a/www/wot.php b/www/wot.php
index 66bf7cb..8395a58 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -18,6 +18,8 @@
<?
require_once("../includes/loggedin.php");
require_once("../includes/lib/l10n.php");
+require_once("../includes/notary.inc.php");
+
function show_page($target,$message,$error)
@@ -87,34 +89,32 @@ function send_reminder()
{
$body = "";
$my_translation = L10n::get_translation();
-
+
$_SESSION['_config']['reminder-lang'] = $_POST['reminder-lang'];
-
+
$reminder_translations[] = $_POST['reminder-lang'];
if ( !in_array("en", $reminder_translations, $strict=true) ) {
$reminder_translations[] = "en";
}
-
+
foreach ($reminder_translations as $translation) {
L10n::set_translation($translation);
-
+
$body .= L10n::$translations[$translation].":\n\n";
$body .= sprintf(_("This is a short reminder that you filled out forms to become trusted with CAcert.org, and %s has attempted to issue you points. Please create your account at %s as soon as possible and then notify %s so that the points can be issued."), $_SESSION['profile']['fname']." (".$_SESSION['profile']['email'].")", "http://www.cacert.org", $_SESSION['profile']['fname'])."\n\n";
$body .= _("Best regards")."\n";
$body .= _("CAcert Support Team")."\n\n";
}
-
+
L10n::set_translation($reminder_translations[0]); // for the subject
sendmail($_POST['email'], "[CAcert.org] "._("Reminder Notice"), $body, $_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']);
-
+
L10n::set_translation($my_translation);
-
+
$_SESSION['_config']['remindersent'] = 1;
$_SESSION['_config']['error'] = _("A reminder notice has been sent.");
}
-
-
loadem("account");
if(array_key_exists('date',$_POST) && $_POST['date'] != "")
$_SESSION['_config']['date'] = $_POST['date'];
@@ -122,13 +122,47 @@ function send_reminder()
if(array_key_exists('location',$_POST) && $_POST['location'] != "")
$_SESSION['_config']['location'] = $_POST['location'];
- $oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0;
+ $oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0;
if($oldid == 12)
$id = $oldid;
+ if($oldid == 4)
+ {
+ if ($_POST['ttp']!='') {
+ //This mail does not need to be translated
+ $body = "Hi TTP adminstrators,\n\n";
+ $body .= "User ".$_SESSION['profile']['fname']." ".
+ $_SESSION['profile']['lname']." with email address '".
+ $_SESSION['profile']['email']."' is requesting a TTP assurances for ".
+ mysql_escape_string(stripslashes($_POST['country'])).".\n\n";
+ if ($_POST['ttptopup']=='1') {
+ $body .= "The user is also requesting TTP TOPUP.\n\n";
+ }else{
+ $body .= "The user is NOT requesting TTP TOPUP.\n\n";
+ }
+ $body .= "The user received ".intval($_SESSION['profile']['points'])." assurance points up to today.\n\n";
+ $body .= "Please start the TTP assurance process.";
+ sendmail("support@cacert.org", "[CAcert.org] TTP request.", $body, "support@cacert.org", "", "", "CAcert Website");
+
+ //This mail needs to be translated
+ $body =_("You are receiving this email because you asked for TTP assurance.")."\n\n";
+ if ($_POST['ttptopup']=='1') {
+ $body .=_("You are requesting TTP TOPUP.")."\n\n";
+ }else{
+ $body .=_("You are NOT requesting TTP TOPUP.")."\n\n";
+ }
+ $body .= _("Best regards")."\n";
+ $body .= _("CAcert Support Team");
+
+ sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You requested TTP assurances"), $body, "support@cacert.org", "", "", "CAcert Support");
+
+ }
+
+ }
+
if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6))
- if (!is_assurer($_SESSION['profile']['id']))
+ if (!is_assurer($_SESSION['profile']['id']))
{
show_page ("Exit","",get_assurer_reason($_SESSION['profile']['id']));
exit;
@@ -155,7 +189,7 @@ function send_reminder()
$_SESSION['_config']['noemailfound'] = 1;
show_page("EnterEmail","",_("I'm sorry, there was no email matching what you entered in the system. Please double check your information."));
exit;
- } else
+ } else
{
$_SESSION['_config']['noemailfound'] = 0;
$_SESSION['_config']['notarise'] = mysql_fetch_assoc($res);
@@ -165,6 +199,14 @@ function send_reminder()
exit;
}
}
+ $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `locked`=1";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) >= 1)
+ {
+ $_SESSION['_config']['noemailfound'] = 0;
+ show_page("EnterEmail","",_("This account is locked and can not be assured. For more information ask support@cacert.org."));
+ exit;
+ }
}
if($oldid == 5 || $oldid == 6)
@@ -195,37 +237,79 @@ function send_reminder()
if($oldid == 6)
{
$iecho= "c";
+ //date checks
+ if(trim($_REQUEST['date']) == '')
+ {
+ show_page("VerifyData","",_("You must enter the date when you met the assuree."));
+ exit;
+ }
+
+ if(!check_date_format(trim($_REQUEST['date'])))
+ {
+ show_page("VerifyData","",_("You must enter the date in this format: YYYY-MM-DD."));
+ exit;
+ }
+
+ if(!check_date_difference(trim($_REQUEST['date'])))
+ {
+ show_page("VerifyData","",_("You must not enter a date in the future."));
+ exit;
+ }
+
+ //proof of identity check and accept arbitration, implements CCA
if(!array_key_exists('assertion',$_POST) || $_POST['assertion'] != 1)
{
show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
exit;
}
-/* if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
+ //proof of CCA agreement by assuree after 2010-01-01
+ if((!array_key_exists('CCAAgreed',$_POST) || $_POST['CCAAgreed'] != 1) and (check_date_format(trim($_REQUEST['date']),2010)))
+ {
+ show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
+ exit;
+ }
+
+ //assurance done according to rules
+ if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
{
show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
exit;
}
-*/
- if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 ) && $_SESSION['profile']['ttpadmin'] != 1)
+ //met assuree in person, not appliciable for TTP / TTP Topup assurances
+ if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 ) && $_REQUEST['method'] != "Trusted 3rd Parties")
{
show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
exit;
}
- if($_SESSION['profile']['ttpadmin'] != 1 && $_POST['location'] == "")
+ //check location, min 3 characters
+ if(!array_key_exists('location',$_POST) || trim($_POST['location']) == "")
{
show_page("VerifyData","",_("You failed to enter a location of your meeting."));
exit;
}
- if($_REQUEST['points'] == "")
+ if(strlen(trim($_REQUEST['location']))<=2)
+ {
+ show_page("VerifyData","",_("You must enter a location with at least 3 characters eg town and country."));
+ exit;
+ }
+
+ //check for points in range 0-35, for nucleus 35 + 15 temporary
+ if($_REQUEST['points'] == "" || !is_numeric($_REQUEST['points']))
{
show_page("VerifyData","",_("You must enter the number of points you wish to allocate to this person."));
exit;
}
+ if($_REQUEST['points'] <0 || ($_REQUEST['points']>35))
+ {
+ show_page("VerifyData","",_("The number of points you entered are out of the range given by policy."));
+ exit;
+ }
+
$query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
@@ -247,7 +331,7 @@ $iecho= "c";
$newpoints = $awarded = $max;
if($newpoints < 0)
$newpoints = $awarded = 0;
-
+
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
$res = mysql_query($query);
$drow = mysql_fetch_assoc($res);
@@ -260,19 +344,19 @@ $iecho= "c";
$newpoints = $max - $drow['total'];
if($newpoints < 0)
$newpoints = 0;
-
+
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
$_POST['date'] = date("Y-m-d H:i:s");
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND
`to`='".$_SESSION['_config']['notarise']['id']."' AND
- `awarded`='$awarded' AND
+ `awarded`='$awarded' AND
`location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND
`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
- show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue."));
+ show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue."));
exit;
}
}
@@ -285,19 +369,21 @@ $iecho= "c";
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
`when`=NOW()";
- if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
- {
- $query .= ",\n`method`='Temporary Increase'";
- $query .= ",\n`expire`=DATE_ADD(NOW(), INTERVAL '".intval($_POST['expire'])."' DAY)";
- $query .= ",\n`sponsor`='".intval($_POST['sponsor'])."'";
- } else if($_SESSION['profile']['board'] == 1) {
- $query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'";
- } else if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) {
- $query .= ",\n`method`='Trusted Third Parties'";
+ //record active acceptance by Assurer
+ if (check_date_format(trim($_REQUEST['date']),2010)) {
+ write_user_agreement($_SESSION['profile']['id'], "CCA", "Assurance", "Assurer", 1, $_SESSION['_config']['notarise']['id']);
+ }
+ if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) {
+ $query .= ",\n`method`='TTP-Assisted'";
}
mysql_query($query);
fix_assurer_flag($_SESSION['_config']['notarise']['id']);
-
+ include_once("../includes/notary.inc.php");
+/*to be activated after CCA accept option is implemented in form
+ write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);}*/
+/* to be activated after the CCA recording is announced
+ write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']); */
+
if($_SESSION['profile']['points'] < 150)
{
$addpoints = 0;
@@ -313,13 +399,14 @@ $iecho= "c";
`method`='Administrative Increase',
`when`=NOW()";
mysql_query($query);
+
// No need to fix_assurer_flag here, this should only happen for assurers...
$_SESSION['profile']['points'] += $addpoints;
}
$my_translation = L10n::get_translation();
L10n::set_translation($_SESSION['_config']['notarise']['language']);
-
+
$body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n";
if($_POST['points'] != $newpoints)
$body .= sprintf(_("You were issued %s points however the system has rounded this down to %s and you now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n";
@@ -333,18 +420,13 @@ $iecho= "c";
if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0)
{
-// $body .= _("You now have over 100 points and can start assuring others.")."\n\n";
- $body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the")." ";
- $body .= _("Assurer Challenge")." ( https://cats.cacert.org )\n\n";
- $body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n\n";
+ $body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the Assurer Challenge")." ( https://cats.cacert.org )\n\n";
+ $body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n";
$body .= "https://www.cacert.org/wot.php?id=8\n\n";
- $body .= _("You can list your location by going to:")."\n\n";
+ $body .= _("You can list your location by going to:")."\n";
$body .= "https://www.cacert.org/wot.php?id=13\n\n";
}
- if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
- $body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time your points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";
-
$body .= _("Best regards")."\n";
$body .= _("CAcert Support Team");
@@ -358,34 +440,25 @@ $iecho= "c";
else
$body .= sprintf(_("You issued %s points and they now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n";
- if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
- $body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time their points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";
$body .= _("Best regards")."\n";
$body .= _("CAcert Support Team");
sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "support@cacert.org", "", "", "CAcert Support");
- if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
- {
- $body = sprintf("%s %s (%s) has issued a temporary increase to 200 points for %s %s (%s) for %s days. This action was sponsored by %s %s (%s).", $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'], $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'], intval($_POST['expire']), $sponsor['fname'], $sponsor['lname'], $sponsor['email'])."\n\n";
-
- sendmail("cacert-board@lists.cacert.org", "[CAcert.org] Temporary Increase Issued.", $body, "website@cacert.org", "", "", "CAcert Website");
- }
-
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";
?><form method="post" action="wot.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="2" class="title"><?=_("Assure Someone")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
- </tr>
+ <tr>
+ <td colspan="2" class="title"><?=_("Assure Someone")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Email")?>:</td>
+ <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ </tr>
</table>
<input type="hidden" name="oldid" value="5">
</form>
@@ -438,22 +511,57 @@ $iecho= "c";
$subject = $_REQUEST['subject'];
$userid = intval($_REQUEST['userid']);
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
- $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
+ $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
if($points > 0)
{
- sendmail($user['email'], "[CAcert.org] ".$_REQUEST['subject'], $_REQUEST['message'],
- $_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']);
- show_page("ContactAssurer",_("Your email has been sent to")." ".$user['fname'].".<br />[ <a href='javascript:history.go(-2)'>"._("Go Back")."</a> ]","");
+ $my_translation = L10n::get_translation();
+ L10n::set_translation($user['language']);
+
+ $subject = "[CAcert.org] ".sprintf(_("Message from %s"),
+ $_SESSION['profile']['fname']);
+
+ $body = sprintf(_("Hi %s,"), $user['fname'])."\n\n";
+ $body .= sprintf(_("%s %s has sent you a message via the ".
+ "contact an Assurer form on CAcert.org."),
+ $_SESSION['profile']['fname'],
+ $_SESSION['profile']['lname'])."\n\n";
+ $body .= sprintf(_("Subject: %s"), $_REQUEST['subject'])."\n";
+ $body .= _("Message:")."\n";
+ $body .= $_REQUEST['message']."\n\n";
+ $body .= "------------------------------------------------\n\n";
+ $body .= _("Please note, that this is NOT a message on behalf ".
+ "of CAcert but another CAcert community member. If ".
+ "you suspect that the contact form might have been ".
+ "abused, please write to support@cacert.org")."\n\n";
+ $body .= _("Best regards")."\n";
+ $body .= _("Your CAcert Community");
+
+ sendmail($user['email'], $subject, $body,
+ $_SESSION['profile']['email'], //from
+ "", //replyto
+ "", //toname
+ $_SESSION['profile']['fname']." ".
+ $_SESSION['profile']['lname']); //fromname
+
+ L10n::set_translation($my_translation);
+
+ showheader(_("My CAcert.org Account!"));?>
+ <p>
+ <? printf(_("Your email has been sent to %s."), $user['fname']); ?>
+ </p>
+ <p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p>
+ <?
+ showfooter();
exit;
} else {
show_page(0,"",_("Sorry, I was unable to locate that user."));
exit;
}
-
+
}
- }
- if($oldid == 9)
+ }
+ if($oldid == 9)
{
$oldid=0;
$id = 9;