summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-01-15 01:03:11 +0100
committerMichael Tänzer <neo@nhng.de>2014-01-15 01:03:11 +0100
commitbc5cb72198019f4b27aa8e11b250c65cc8ca5717 (patch)
tree2970ddbd2bfcb5caf8224377ea203f1ccaf7ff1d /includes
parent41e6ea88f5a2a6ac374f26f2239f87e1d7164255 (diff)
parent1cbbc32a0b73db83460cf947228bb12ef339ac5a (diff)
downloadcacert-devel-bc5cb72198019f4b27aa8e11b250c65cc8ca5717.tar.gz
cacert-devel-bc5cb72198019f4b27aa8e11b250c65cc8ca5717.tar.xz
cacert-devel-bc5cb72198019f4b27aa8e11b250c65cc8ca5717.zip
Merge remote-tracking branch 'origin/bug-1137' into release
Diffstat (limited to 'includes')
-rw-r--r--includes/notary.inc.php71
1 files changed, 43 insertions, 28 deletions
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index 1f0ec92..b34b2f4 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -639,10 +639,16 @@
$res = mysql_query($query);
}
+ /**
+ * get_user_agreement_status()
+ * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
+ * @param mixed $memid
+ * @param string $type
+ * @return
+ */
function get_user_agreement_status($memid, $type="CCA"){
- //returns 0 - no user agreement, 1- at least one entry
$query="SELECT u.`document` FROM `user_agreements` u
- WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
+ WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
$res = mysql_query($query);
if(mysql_num_rows($res) <=0){
return 0;
@@ -651,53 +657,62 @@
}
}
+ /**
+ * get_first_user_agreement()
+ * returns the first user_agreement entry of the requested type depending on thes status of active of a given user
+ * @param mixed $memid
+ * @param integer $active, 0 - passive, 1 -active
+ * @param string $type
+ * @return
+ */
function get_first_user_agreement($memid, $active=1, $type="CCA"){
//returns an array (`document`,`date`,`method`, `comment`,`active`)
- if($active==1){
- $filter="u.`memid`=".$memid;
- }else{
- $filter="u.`secmemid`=".$memid;
- }
- $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
- WHERE u.`document` = '".$type."' AND ".$filter."
- ORDER BY u.`date` Limit 1;";
+ $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
+ WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) . " AND u.`active`=" . intval($active) .
+ " ORDER BY u.`date` Limit 1;";
$res = mysql_query($query);
if(mysql_num_rows($res) >0){
- $row = mysql_fetch_assoc($res);
- $rec['document']= $row['document'];
- $rec['date']= $row['date'];
- $rec['method']= $row['method'];
- $rec['comment']= $row['comment'];
- $rec['active']= $row['active'];
+ $rec = mysql_fetch_assoc($res);
}else{
$rec=array();
}
return $rec;
}
+ /**
+ * get_last_user_agreement()
+ * returns the last user_agreement entry of a given type and of a given user
+ * @param mixed $memid
+ * @param string $type
+ * @return
+ */
function get_last_user_agreement($memid, $type="CCA"){
//returns an array (`document`,`date`,`method`, `comment`,`active`)
- $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
- union
- (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
+ $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ;
$res = mysql_query($query);
if(mysql_num_rows($res) >0){
- $row = mysql_fetch_assoc($res);
- $rec['document']= $row['document'];
- $rec['date']= $row['date'];
- $rec['method']= $row['method'];
- $rec['comment']= $row['comment'];
- $rec['active']= $row['active'];
+ $rec = mysql_fetch_assoc($res);
}else{
$rec=array();
}
return $rec;
}
- function delete_user_agreement($memid, $type="CCA"){
+ /**
+ * delete_user_agreement()
+ * deletes all entries for a given type from user_agreement of a given user, if type is not given all
+ * @param mixed $memid
+ * @param string $type
+ * @return
+ */
+ function delete_user_agreement($memid, $type=false){
//deletes all entries to an user for the given type of user agreements
- mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
- mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
+ if ($type === false) {
+ $filter = '';
+ } else {
+ $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
+ }
+ mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
}
// functions for 6.php (assure somebody)