29 files changed, 1357 insertions, 305 deletions

diff --git a/CommModule/server.pl b/CommModule/server.pl
index eb5113a..c70bc9a 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -502,9 +502,28 @@ sub SignX509($$$$$$$$)
   {
     open OUT,">$wid/extfile";
     print OUT "basicConstraints = critical, CA:FALSE\n";
+    print OUT "keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement\n";
     print OUT "extendedKeyUsage = clientAuth, serverAuth, nsSGC, msSGC\n";
-    print OUT "keyUsage = digitalSignature, keyEncipherment\n";
     print OUT "authorityInfoAccess = OCSP;URI:$OCSPUrl\n";
+    
+    my $CRLUrl="";
+    if($root==0)
+    {
+        $CRLUrl="http://crl.cacert.org/revoke.crl";
+    }
+    elsif($root==1)
+    {
+        $CRLUrl="http://crl.cacert.org/class3-revoke.crl";
+    }
+    elsif($root==2)
+    {
+        $CRLUrl="http://crl.cacert.org/class3s-revoke.crl";
+    }
+    else
+    {
+        $CRLUrl="http://crl.cacert.org/root${root}.crl";
+    }
+    print OUT "crlDistributionPoints = URI:${CRLUrl}\n";
     print OUT "subjectAltName = $san\n" if(length($san));
     close OUT;
     $extfile=" -extfile $wid/extfile ";
diff --git a/includes/account.php b/includes/account.php
index 554713e..f84eb63 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2145,9 +2145,9 @@
 
 	if($oldid == 29 && $process != "")
 	{
-		$domain = mysql_real_escape_string(stripslashes(trim($domainname)));
+		$domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
 
-		$res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
+		$res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
 		$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
 		if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
 		{
@@ -2157,12 +2157,12 @@
 		}
 	}
 
-	if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
+	if(($oldid == 29 || $oldid == 30) && $process != "")      // _("Cancel") is handled in front of account.php
 	{
 		$query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where 
 				`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
 				`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
-				`orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+				`orgdomains`.`id`='".intval($domid)."'";
 		$res = mysql_query($query);
 		while($row = mysql_fetch_assoc($res))
 			mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
@@ -2170,7 +2170,7 @@
 		$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where 
 				`orgemaillink`.`domid`=`orgdomains`.`id` and
 				`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
-				`orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+				`orgdomains`.`id`='".intval($domid)."'";
 		$res = mysql_query($query);
 		while($row = mysql_fetch_assoc($res))
 			mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
@@ -2178,23 +2178,23 @@
 
 	if($oldid == 29 && $process != "")
 	{
-		$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
-		mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
+		$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
+		mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
 		showheader(_("My CAcert.org Account!"));
 		printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
-		echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+		echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
 		showfooter();
 		exit;
 	}
 
 	if($oldid == 30 && $process != "")
 	{
-		$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
+		$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
 		$domain = $row['domain'];
-		mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
+		mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
 		showheader(_("My CAcert.org Account!"));
 		printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
-		echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+		echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
 		showfooter();
 		exit;
 	}
@@ -2246,8 +2246,7 @@
 		$orgid = 0;
 	}
 
-	if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
-		$id == 35 || $oldid == 35)
+	if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
 	{
 		$query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
 		$_macc = mysql_num_rows(mysql_query($query));
@@ -2260,6 +2259,19 @@
 		}
 	}
 
+	if($id == 35 || $oldid == 35)
+	{
+		$query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
+		$is_orguser = mysql_num_rows(mysql_query($query));
+		if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
+		{
+			showheader(_("My CAcert.org Account!"));
+			echo _("You don't have access to this area.");
+			showfooter();
+			exit;
+		}
+	}
+
 	if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
 	{
 		$orgid = intval($_SESSION['_config']['orgid']);
@@ -2289,8 +2301,21 @@
 			$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
 		} else {
 			$row = mysql_fetch_assoc($res);
-			mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
-					`masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
+			if ( !is_assurer(intval($row['id'])) )
+			{
+				$id = $oldid;

+				$oldid=0;

+				$_SESSION['_config']['errmsg'] =
+						_("The user is not an Assurer yet");
+			} else {
+				mysql_query(
+					"insert into `org`
+						set `memid`='".intval($row['id'])."',
+							`orgid`='".intval($_SESSION['_config']['orgid'])."',
+							`masteracc`='$masteracc',
+							`OU`='$OU',
+							`comments`='$comments'");
+			}
 		}
 	}
 
@@ -2967,6 +2992,4 @@
 		$_SESSION['_config']['orgid'] = intval($orgid);
 	if(intval($memid) > 0)
 		$_SESSION['_config']['memid'] = intval($memid);
-	if(intval($domid) > 0)
-		$_SESSION['_config']['domid'] = intval($domid);
 ?>
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index 108bd57..794266a 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -209,7 +209,7 @@ function hideall() {
       <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
     </div>
 <? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
     <div class="relatedLinks">
       <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
       <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
diff --git a/includes/general.php b/includes/general.php
index 4919c84..9e2b131 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -487,10 +487,6 @@
 				return(0);
 		}
 
-		if($points >= 300)
-			return(200);
-		if($points >= 200)
-			return(150);
 		if($points >= 150)
 			return(35);
 		if($points >= 140)
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
index 884b97f..edc442a 100644
--- a/includes/wot.inc.php
+++ b/includes/wot.inc.php
@@ -536,4 +536,94 @@
 	<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
 <?
 	}
+
+// functions for 6.php (assure somebody)
+
+function AssureHead($confirmation,$checkname)
+{
+?>
+<form method="post" action="wot.php">
+	<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
+	<tr>
+		<td colspan="2" class="title"><?=$confirmation?></td>
+	</tr>
+	<tr>
+		<td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+	</tr>
+<?
+ } 
+
+function AssureTextLine($field1,$field2)
+{
+?>
+	<tr>
+		<td class="DataTD"><?=$field1?>:</td>
+		<td class="DataTD"><?=$field2?></td>
+	</tr>
+<?
+}
+
+function AssureCCABoxLine($type,$text)
+{
+	return;
+	AssureBoxLine($type,$text);
+}
+
+function AssureBoxLine($type,$text,$checked)
+{
 ?>
+	<tr>
+		<td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
+		<td class="DataTD"><?=$text?></td>
+	</tr>
+<?
+}
+
+function AssureMethodLine($text,$methods,$remark)
+{
+	if (count($methods) != 1)
+	{
+?>
+	<tr>
+		<td class="DataTD"><?=$text?></td>
+		<td class="DataTD">
+			<select name="method">
+<?
+			foreach($methods as $val) { ?>
+				<option value="<?=$val?>"> <?=$val?></option>
+
+<? } ?>
+			</select>
+			</br><?=$remark?>
+		</td>
+	</tr>
+<?
+	} else {
+?>
+	<input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
+<?
+	}
+}
+
+function AssureInboxLine($type,$field,$value,$description)
+{
+?>
+	<tr>
+		<td class="DataTD"><?=$field?>:</td>
+		<td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+	</tr>
+<?
+}
+
+function AssureFoot($oldid,$confirm)
+{?>
+	<tr>
+		<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+  	</tr>
+	</table>
+	<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
+	<input type="hidden" name="oldid" value="<?=$oldid?>">
+</form>
+<?
+}
+
diff --git a/locale/Makefile b/locale/Makefile
index b703fb2..1517066 100644
--- a/locale/Makefile
+++ b/locale/Makefile
@@ -112,8 +112,7 @@ $(LANGS:%=$(MO_FILE_TEMPLATE)): $(MO_FILE_TEMPLATE): $(PO_FILE_TEMPLATE)
 $(LANGS:%=$(PO_FILE_TEMPLATE)):
 	mkdir -p $(@D)
 	wget --output-document - '$(@:$(PO_FILE_TEMPLATE)=$(PO_URL_TEMPLATE))' | \
-		# convert UTF-8 characters to HTML entities \
-		php -r 'while (!feof(STDIN)) echo mb_convert_encoding(fgets(STDIN), "HTML-ENTITIES", "UTF-8");' \
+		php -f escape_special_chars.php \
 		> $@
 
 
diff --git a/locale/escape_special_chars.php b/locale/escape_special_chars.php
new file mode 100644
index 0000000..32de390
--- /dev/null
+++ b/locale/escape_special_chars.php
@@ -0,0 +1,71 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012  CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+
+/* Convert special characters in UTF-8 encoded PO files to HTML entities */
+
+define('MSGSTR', 'msgstr');
+define('MSGSTR_LEN', strlen(MSGSTR));
+define('MSGID', 'msgid');
+define('MSGID_LEN', strlen(MSGID));
+
+function is_msgstr($line) {
+	if (strlen($line) < MSGSTR_LEN) {
+		return false;
+	}
+	
+	return substr_compare($line, MSGSTR, 0, MSGSTR_LEN) === 0;
+}
+
+function is_msgid($line) {
+	if (strlen($line) < MSGID_LEN) {
+		return false;
+	}
+	
+	return substr_compare($line, MSGID, 0, MSGID_LEN) === 0;
+}
+
+// Skip the metadata (first msgid/msgstr pair)
+while (!feof(STDIN)) {
+	$line = fgets(STDIN);
+	
+	echo $line;
+	
+	if (is_msgstr($line)) {
+		break;
+	}
+}
+
+// determines if the current line belongs to a msgid or a msgstr
+$msgstr = false;
+
+while (!feof(STDIN)) {
+	$line = fgets(STDIN);
+	
+	if (is_msgstr($line)) {
+		$msgstr = true;
+	} elseif (is_msgid($line)) {
+		$msgstr = false;
+	}
+	
+	if ($msgstr) {
+		$line = htmlentities($line, ENT_NOQUOTES, "UTF-8");
+	}
+	echo $line;
+}
diff --git a/pages/account/29.php b/pages/account/29.php
index c1a3def..4229b3b 100644
--- a/pages/account/29.php
+++ b/pages/account/29.php
@@ -35,10 +35,12 @@
     <td class="DataTD"><input type="text" name="domainname" value="<?=sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
   </tr>
   <tr>
-    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+    <td class="DataTD"><input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+    <td class="DataTD"><input type="submit" name="process" value="<?=_("Update")?>"></td>
   </tr>
 </table>
 <input type="hidden" name="oldid" value="<?=intval($id)?>">
 <input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
 
 </form>
diff --git a/pages/account/30.php b/pages/account/30.php
index 33eeca8..04ad229 100644
--- a/pages/account/30.php
+++ b/pages/account/30.php
@@ -41,5 +41,6 @@
 <input type="hidden" name="oldid" value="<?=intval($id)?>">
 <input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
 <input type="hidden" name="domain" value="<?=sanitizeHTML($row['domain'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
 
 </form>
diff --git a/pages/account/35.php b/pages/account/35.php
index 3a4714f..05c7f2b 100644
--- a/pages/account/35.php
+++ b/pages/account/35.php
@@ -15,44 +15,89 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
-  <tr>
-    <td colspan="3" class="title"><?=_("Organisations")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD">#</td>
-    <td class="DataTD"><?=_("Organisation")?></td>
-    <td class="DataTD"><?=_("Admins")?></td>
-  </tr>
-<?
-	$query = "select * from `orginfo`,`org` where `orginfo`.`id`=`org`.`orgid` and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
-	$res = mysql_query($query);
-	while($row = mysql_fetch_assoc($res))
-	{
-		//number of admins for the org
-		$r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
-		$admincount = mysql_num_rows($r2);
 
-		// number of domains for the org
-		$r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
-		$domcount = mysql_num_rows($r2);
-?>
-  <tr>
-    <td class="DataTD"><?=intval($row['id'])?></td>
-    <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=sanitizeHTML($row['C'])?></td>
-    <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
-  </tr>
 <?
-	// display the domains of each organisation
-	$query3 = "select * from `orgdomains` where `orgid`='".intval($row['id'])."'";
-	$res3 = mysql_query($query3);
-	while($detailorg = mysql_fetch_assoc($res3))
+$query = "select *
+			from `orginfo`,`org`
+			where `orginfo`.`id`=`org`.`orgid`
+			and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+while($row = mysql_fetch_assoc($res))
+{
+	?>
+	<tr>
+		<td colspan="3" class="title"><?=_("Organisation")?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Organisation Name")?>:</td>
+		<td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Contact Email")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Town/Suburb")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['L'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("State/Province")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Country")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['C'])?></td>
+	</tr>
+	<?
+	
+	//domain info
+	$query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
+	$res1 = mysql_query($query);
+	while($domain = mysql_fetch_assoc($res1))
+	{
+		?>
+		<tr>
+			<td class="DataTD"><?=_("Domain")?></td>
+			<td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+		</tr>
+		<?
+	}
+	
+	?>
+	<tr>
+		<td class="DataTD"><?=_("Administrator")?></td>
+		<td class="DataTD"><?=_("Master Account")?></td>
+		<td class="DataTD"><?=_("Department")?></td>
+	</tr>
+	<?
+	
+	//org admins
+	$query = "select * from `org` where `orgid`='".intval($row['id'])."'";
+	$res2 = mysql_query($query);
+	while($org = mysql_fetch_assoc($res2))
 	{
-?>
-  <tr>
-    <td class="DataTD"><?=intval($detailorg['id'])?></td>
-    <td class="DataTD"><?=_("Domain available")?></td>
-    <td class="DataTD"><?=sanitizeHTML($detailorg['domain'])?></td>
-  </tr>		
-<? } } ?>
+		$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+		?> 
+		<tr>
+			<td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+			<td class="DataTD"><?=($org['masteracc'])?></td>
+			<td class="DataTD"><?=($org['OU'])?></td>
+		</tr>
+		<?
+		
+		if(intval($org['masteracc']) === 1 &&
+				 intval($org['memid']) === intval($_SESSION['profile']['id']))
+		{ 
+			$master="account.php?id=32&amp;orgid=".intval($row['id']);
+			?>
+			<tr>
+				<td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+			</tr>
+			<?
+		}
+	} 
+} ?>
 </table>
diff --git a/pages/account/38.php b/pages/account/38.php
index f311bf5..7caddb0 100644
--- a/pages/account/38.php
+++ b/pages/account/38.php
@@ -14,31 +14,6 @@
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<H3><?=_("Donations")?></H3><br>
+*/
 
-<h4><?=_("If I'd like to donate to CAcert Inc., how can I do it?")?></h4>
-
-<p>
-<?
-printf(_("CAcert Inc. is a non-profit association which is legally able to accept donations. CAcert adheres to %sstrict guidelines%s about how this money can to be used. If you'd like to make a donation, you can do so via"),
-	'<a href="//wiki.cacert.org/FAQ/DonationsGuideline">', '</a>');
-?> 
-
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="<?=_("CAcert Donation through PayPal")?>">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCA1pOad7SD8OtSdvHxI3CItmi2sb2eq/1UZbQboNkJTwlaTbTZfoWzBuFmimBR/Qz21Z+L7wFa7XxfhwRLC4V/X4uTJVAIDaKsdTXFNx51EMu+LyiP1O+7GxcdNR7njwvndIaHN0HZIdidpG8jFPP/8ZsLaPe2/Dh2S7344wSuUDELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIYn0dsk7tIRmAgaBNejWqE2RRr+Tsb3fVlcbuG98Bq+zaMO5g8n8i3DnBjIoSJNb+ZuSj53oWrh/+HCY4EY1Rg3qHiUSMOS/o9k75UR7C+ez0R9tmZ2eQrdxlqTVuvENRA0W5z6iTJYog5XhMoKScOFUBaIr9zxjETUY2Y1V3X8qRFIe0YWlYRYbePs2p/IDatirUFhOJSff0ancU2GZULRy0PiZHtzbm8Gy/oIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDcxMTAzMDcxMDI1WjAjBgkqhkiG9w0BCQQxFgQU8tPwGUvNb8eYe8Pfhe9YutgXm/YwDQYJKoZIhvcNAQEBBQAEgYBpwhhgz5ED5qxBosfMaifzIr2anV5ScQqqQbC1hphWBQ4e2PT5+TQWCcQkrTh2UTp3vC81Y8vYZ+fussa+zPBE8DmeFDfzpLJo+TQHZUiKxWUDu6drv3o3mV3VjAkaqIhAdubhEOxj2bbKND3IRT1lfIVVSUipndKzRjukZJK39A==-----END PKCS7-----">
-</form>
-
-<p><?=_("If you are located in Australia, please use bank transfer instead:")?></p>
-
-<pre>
-Account Name: CAcert Inc
-BSB: 032073
-Account No.: 180264
-</pre>
-
-<p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
-
-<p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+require_once(dirname(__FILE__)."/../index/13.php");
diff --git a/pages/account/40.php b/pages/account/40.php
index 499bf4d..fa0c52f 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -74,7 +74,12 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
 </form>
 
 <p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
+<p><? sprintf(_("Please use any of the following ways to report security ".
+	"issues: You can use the above contact form for sensitive information. ".
+	"You can email us to %s. You can file a bugreport on %s and mark it as ".
+	"private."),
+	"<a href='mailto:support@cacert.org'>support@cacert.org</a>",
+	"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
 
 <p><b><?=_("Snail Mail")?></b></p>
 <p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
diff --git a/pages/index/13.php b/pages/index/13.php
index 68ee5ed..f2ea173 100644
--- a/pages/index/13.php
+++ b/pages/index/13.php
@@ -42,3 +42,16 @@ Account No.: 180264
 <p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
 
 <p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+
+
+<h3><?=_("Using Our Affiliate Partners")?></h3>
+
+<h4>Booking.com</h4>
+
+<p><?=_("If you do any trips where you need accommodation why not book via booking.com?")?></p>
+
+<p><?php
+	printf(_("For any booking done over %s started from this page CAcert gets a share of the provision. You do not pay more but you will support CAcert."),
+		'<a href="//www.booking.com/index.html?aid=346253">booking.com</a>');
+	?></p>
+
diff --git a/pages/wot/14.php b/pages/wot/14.php
index 21c5873..a827ee4 100644
--- a/pages/wot/14.php
+++ b/pages/wot/14.php
@@ -20,7 +20,11 @@
 
 <p><?=sprintf(_("If you have a %sSignaturecard%s (also called 'Buergerkarte'), you can digitally sign your assurance request here, and get 50 CAcert points:"),"<a href='http://www.buergerkarte.at/'>","</a>")?><br /></p>
 
-<p><?=sprintf(_("To get assured with your Signaturecard, you need the Software from <a href='http://www.buergerkarte.at/bku/'>http://www.buergerkarte.at/bku/</a>. To activate your E-Card, please go to <a href='https://www.sozialversicherung.at/signon2-Registrierung/'>https://www.sozialversicherung.at/signon2-Registrierung/</a>."))?></p>
+<p><?=sprintf(_("To get assured with your Signaturecard, you need the ".
+	"Software from %s. To activate your E-Card, please go to %s."),
+	"<a href='http://www.buergerkarte.at/bku/'>http://www.buergerkarte.at/bku/</a>",
+	"<a href='https://www.sozialversicherung.at/signon2-Registrierung/'>https://www.sozialversicherung.at/signon2-Registrierung/</a>"
+	)?></p>
 
 
 <pre><?=sanitizeHTML($_REQUEST['XMLResponse'])?></pre>
diff --git a/pages/wot/6.php b/pages/wot/6.php
index f8be9d7..28c1875 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -16,6 +16,7 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
 <?
+
         if(!array_key_exists('notarise',$_SESSION['_config']))
 	{
           echo "Error: No user data found.";
@@ -24,147 +25,35 @@
 
 	$row = $_SESSION['_config']['notarise'];
 
-        if(!array_key_exists('pointsalready',$_SESSION['_config'])) $_SESSION['_config']['pointsalready']=0;
-
-
-	if($_SESSION['profile']['ttpadmin'] == 1 && $_SESSION['profile']['board'] == 1)
-	{
-		$methods = array("Face to Face Meeting", "Trusted Third Parties", "Thawte Points Transfer", "Administrative Increase", "CT Magazine - Germany");
-	} else if($_SESSION['profile']['ttpadmin'] == 1) {
-		$methods = array("Face to Face Meeting", "Trusted Third Parties");
-	}
-
-	$cap = "/cap.php?";
-	$name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
-	$_SESSION['_config']['wothash'] = md5($name."-".$row['dob']);
-	while(strstr($name, "  "))
-		$name = str_replace("  ", " ", $name);
-	$cap .= "name=".urlencode($name);
-	$cap .= "&amp;dob=".urlencode($row['dob']);
-	$cap .= "&amp;email=".urlencode($row['email']);
-	$name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
-	while(strstr($name, "  "))
-		$name = str_replace("  ", " ", $name);
-	$cap .= "&amp;assurer=".urlencode($name);
-	$cap .= "&amp;date=now";
-	$cap .= "&amp;maxpoints=".maxpoints();
-
-	$maxpoints = maxpoints();
-	if($maxpoints > 100)
-		$maxpoints = 100;
-
-        if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
-<form method="post" action="wot.php">
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
-  <tr>
-    <td colspan="2" class="title"><?=_("Assurance Confirmation")?></td>
-  </tr>
-<? if(array_key_exists('alreadydone',$_SESSION['_config']) && $_SESSION['_config']['alreadydone'] == 1) { ?>
-  <tr>
-    <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
-  </tr>
-<? 
- } if(100 - $_SESSION['_config']['pointsalready'] - $maxpoints < 0) { 
- ?>
-  <tr>
-    <td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
-  </tr>
-<? } 
-
-  $query = "select `verified` from `users` where `id`='".$row['id']."'";
-  $res = mysql_query($query);
-  $drow = mysql_fetch_assoc($res);
-  //if($_SESSION['_config']['verified'] <= 0) 
-  if($drow['verified']<=0)
-  { ?>
-  <tr>
-    <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("You are about to assure a person that isn't currently verified. If you continue and they do not verify their account within 48 hours the account could automatically be removed by the system.")?></b></td>
-  </tr>
-<? } ?>
-  <tr>
-    <td class="DataTD" colspan="2" align="left"><? printf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $row['fname']); ?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Name")?>:</td>
-    <td class="DataTD"><?=$row['fname']?> <?=$row['mname']?> <?=$row['lname']?> <?=$row['suffix']?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Date of Birth")?>:</td>
-    <td class="DataTD"><?=$row['dob']?> (<?=_("YYYY-MM-DD")?>)</td>
-  </tr>
-<? if($_SESSION['profile']['ttpadmin'] == 1) { ?>
-  <tr>
-    <td class="DataTD"><?=_("Method")?>:</td>
-    <td class="DataTD"><select name="method">
-<? foreach($methods as $val) { ?>
-		<option value="<?=$val?>"<? if(array_key_exists('method',$_POST) && $val == $_POST['method']) echo " selected"; ?>><?=$val?></option>
-<? } ?>
-	  </select>
-	</td>
-  </tr>
-  <tr>
-    <td class="DataTD" colspan="2"><?=_("Only tick the next box if the Assurance was face to face.")?></td>
-  </tr>
-<? } ?>
-  <tr>
-    <td class="DataTD"><input type="checkbox" name="certify" value="1"<? if(array_key_exists('certify',$_POST) && $_POST['certify'] == 1) echo " checked"; ?>></td>
-    <td class="DataTD"><? printf(_("I certify that %s %s %s has appeared in person"), $row['fname'], $row['mname'], $row['lname']); ?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Location")?>:</td>
-    <td class="DataTD"><input type="text" name="location" value="<?=array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:""?>"></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Date")?>:</td>
-    <td class="DataTD"><input type="text" name="date" value="<?=array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:""?>"><br><?=_("Only fill this in if you assured the person on a different day")?></td>
-  </tr>
-<? if($_SESSION['profile']['board'] == 1 && $_SESSION['_config']['pointsalready'] <= 150) { ?>
-  <tr>
-    <td class="DataTD" colspan="2"><?=_("Issuing a temporary increase will automatically boost their points to 200 points for a nomindated amount of days, after which the person will be reduced to 150 points regardless of the amount of points they had previously. Regardless of method chosen above it will be recorded in the system as an Administrative Increase and there is a maximum amount of 45 days that points can be issued for.")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><nobr><?=_("Temporary Increase")?>:</nobr><br><nobr><?=_("Number of days")?></nobr></td>
-    <td class="DataTD"><input type="text" name="expire" value="<?=intval(array_key_exists('expire',$_POST)?$_POST['expire']:0)?>"></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><nobr><?=_("Sponsoring Member")?>:</td>
-    <td class="DataTD"><select name="sponsor">
-<?
-	$query = "select * from `users` where `board`='1' and `id`!='".intval($_SESSION['profile']['id'])."'";
-	$res = mysql_query($query);
-	while($row = mysql_fetch_assoc($res))
-	{
+	if($_SESSION['profile']['ttpadmin'] == 1)
+//		$methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP");
+//	else
+		$methods = array("Face to Face Meeting", "Trusted 3rd Parties");
+	else
+		$methods = array("Face to Face Meeting");
+
+	$fname = $row['fname'];
+	$mname = $row['mname'];
+	$lname = $row['lname'];
+	$suffix = $row['suffix'];
+	$dob = $row['dob'];
+	$name = $fname." ".$mname." ".$lname." ".$suffix;
+	$_SESSION['_config']['wothash'] = md5($name."-".$dob);
+
+	include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+
+	AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
+	AssureTextLine(_("Name"),$name);
+	AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
+	AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+	AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
+	AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
+	AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+	AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
+	AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+	AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+	AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+	AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
+	AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
+	AssureFoot($id,_("I confirm this Assurance"));
 ?>
-		<option value="<?=$row['id']?>"<? if(array_key_exists('sponsor',$_POST) && $row['id'] == $_POST['sponsor']) echo " selected='selected'"; ?>><?=$row['fname']." ".$row['lname']?></option>
-<? } ?>
-	  </select>
-	</td>
-  </tr>
-<? } ?>
-  <tr>
-    <td class="DataTD"><input type="checkbox" name="assertion" value="1"<? if(array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1) echo " checked='checked'"; ?>></td>
-    <td class="DataTD"><?=_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible.")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><input type="checkbox" name="rules" value="1"<? if(array_key_exists('rules',$_POST) && $_POST['rules'] == 1) echo " checked='checked'"; ?>></td>
-    <td class="DataTD"><?=_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook.")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Policy")?>:</td>
-    <td class="DataTD"><a href="/policy/AssurancePolicy.php" target="_NEW"><?=_("Assurance Policy")?></a> - <a href="http://wiki.cacert.org/AssuranceHandbook2" target="_NEW"><?=_("Assurance Handbook")?></a></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Points")?>:<br><nobr>(Max <?=maxpoints()?>)</nobr></td>
-    <td class="DataTD"><input type="text" name="points" value=""></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("WoT Form")?>:</td>
-    <td class="DataTD"><a href="<?=$cap?>" target="_NEW">A4 - <?=_("WoT Form")?></a> <a href="<?=$cap?>&amp;format=letter" target="_NEW">US - <?=_("WoT Form")?></a></td>
-  </tr>
-  <tr>
-    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I confirm this Assurance")?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
-  </tr>
-</table>
-<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
diff --git a/scripts/40de-ate-hamburg-email.txt b/scripts/40de-ate-hamburg-email.txt
new file mode 100644
index 0000000..ddf7c0f
--- /dev/null
+++ b/scripts/40de-ate-hamburg-email.txt
@@ -0,0 +1,66 @@
+CAcert Assurer Training Event Hamburg [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Was sind die 2 wesentlichen Punkte der CCA die du einem Assuree vermitteln koennen sollst ?
+- Unter welchen Umstaenden koennen z.Bsp. niederlaendische Rufnamen akzeptiert werden? 
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 14. Februar 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Hamburg'
+
+Kontakt: events@cacert.org
+
+
+CAcert Assurer Training Event Hamburg [English]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Much has happened during the past 3 years. The old way of 
+orally-transmitted procedures has now gone, and our rules have been cast 
+into formal policies. New procedures (e.g. the Assurer Challenge) and 
+obligations (e.g. in the CAcert Community Agreement) have been approved. 
+The Assurer Training Events bring all this to you, the Community:
+
+- What you have to add onto the CAP form if you assure U18 people ?
+- What are the 2 essential topics regarding CCA you have to present an Assuree ?
+- When you can accept i.e. a Dutch "roepnaam" ?
+
+Answers to these and many other questions are given at the Assurer 
+Training Events (ATEs).
+
+ATE-Hamburg takes place on:
+Tuesday, Feb 14, 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+The Event-Team is looking forward to hearing from you.
+
+Details on Location and Transportation you will find under
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+Registration for ATE-Hamburg: please reply
+'I will attend: ATE-Hamburg'
+
+Contact: events@cacert.org
diff --git a/scripts/40de-ate-hamburg-mail.php.txt b/scripts/40de-ate-hamburg-mail.php.txt
new file mode 100644
index 0000000..54ec1b8
--- /dev/null
+++ b/scripts/40de-ate-hamburg-mail.php.txt
@@ -0,0 +1,112 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2009  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+	include_once("../includes/mysql.php");
+
+	$lines = "";
+	$fp = fopen("40de-ate-hamburg-email.txt", "r");
+	while(!feof($fp))
+	{
+		$line = trim(fgets($fp, 4096));
+		$lines .= wordwrap($line, 75, "\n")."\n";
+	}
+	fclose($fp);
+
+
+//	$locid = intval($_REQUEST['location']);
+//	$maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km] - changed to 350 to include glasgow + london
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld  
+//   $locid = 715191;        // Hamburg    
+//   $locid = 1102495;       // London     
+//   $locid = 520340;        // Duesseldorf
+//   $locid = 1260319;       // Muenchen   
+//   $locid = 606058;        // Frankfurt  
+//   $locid = 1775784;       // Stuttgart  
+//   $locid = 228950;        // Berlin  
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin  
+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, US
+//       $locid = 1486658;       // Potsdam
+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, US
+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 
+//       $locid = 2257312;       // Sydney, New South Wales, Australia
+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 
+//       $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany 
+//       $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//       $locid = 2102723;       // Washington (District of Columbia, ..., US
+//       $locid = 2177566;       // New York (Bronx), New York, United States
+//       $locid = 1486658;       // Potsdam  BLIT2011
+//       $locid = 2237836;  // Blacksburg (Montgomery), Virginia, United States
+
+// ATE Manchester 2012
+//       $locid = 1161640;  // Manchester, Manchester, United Kingdom
+//       $eventname = "ATE-Manchester";
+//       $city = "Manchester/Crewe UK";
+
+// ATE Hamburg, DE, Feb 14 2012 
+       $locid = 715191;        // Hamburg
+       $eventname = "ATE-Hamburg";
+       $city = "Feb 14, 2012";
+
+	$query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+	$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 
+			(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 
+			 COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 
+			FROM `locations`
+				inner join `users`  on `users`.`locid` = `locations`.`id` 
+				inner join `alerts` on `users`.`id`=`alerts`.`memid`
+				inner join `notary` on `users`.`id`=`notary`.`to`
+			WHERE 	(`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+			GROUP BY `users`.`id`
+			HAVING `distance` <= '$maxdist' 
+			ORDER BY `distance` ";
+	 echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    //	$query = "select * from `users` where `email` like 'cacerttest%'";
+
+	$res = mysql_query($query);
+	$xrows = mysql_num_rows($res);
+
+	while($row = mysql_fetch_assoc($res))
+	{
+    //    uncomment next line to send mails ...
+		sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	}
+  // 1x cc to events.cacert.org
+	sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	// 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+
+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+	echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/41de-ate-jena-email.txt b/scripts/41de-ate-jena-email.txt
new file mode 100644
index 0000000..f70dc85
--- /dev/null
+++ b/scripts/41de-ate-jena-email.txt
@@ -0,0 +1,33 @@
+CAcert Assurer Training Event Jena [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Donnerstag den 29. Maerz 2012, 19:00 - 22:00
+
+Adresse: Am Johannisfriedhof 2, Jena
+Gebaeude: Universitaetsrechenzentrum der Friedrich-Schiller-Universitaet Jena
+OSM: [http://osm.org/go/0MAe9XhNp-]
+Webseite: [http://www.uni-jena.de/URZ.html]
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-03-29ATE-Jena]
+Blog [http://blog.cacert.org/2012/03/550.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Jena'
+
+Kontakt: events@cacert.org
diff --git a/scripts/41de-ate-jena-mail.php.txt b/scripts/41de-ate-jena-mail.php.txt
new file mode 100644
index 0000000..5691f63
--- /dev/null
+++ b/scripts/41de-ate-jena-mail.php.txt
@@ -0,0 +1,109 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2009  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+	include_once("../includes/mysql.php");
+
+	$lines = "";
+	$fp = fopen("41de-ate-jena-email.txt", "r");
+	while(!feof($fp))
+	{
+		$line = trim(fgets($fp, 4096));
+		$lines .= wordwrap($line, 75, "\n")."\n";
+	}
+	fclose($fp);
+
+
+//	$locid = intval($_REQUEST['location']);
+//	$maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km] - changed to 350 to include glasgow + london
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld  
+//   $locid = 715191;        // Hamburg    
+//   $locid = 1102495;       // London     
+//   $locid = 520340;        // Duesseldorf
+//   $locid = 1260319;       // Muenchen   
+//   $locid = 606058;        // Frankfurt  
+//   $locid = 1775784;       // Stuttgart  
+//   $locid = 228950;        // Berlin  
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin  
+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, US
+//       $locid = 1486658;       // Potsdam
+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, US
+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 
+//       $locid = 2257312;       // Sydney, New South Wales, Australia
+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 
+//       $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany 
+//       $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//       $locid = 2102723;       // Washington (District of Columbia, ..., US
+//       $locid = 2177566;       // New York (Bronx), New York, United States
+//       $locid = 1486658;       // Potsdam  BLIT2011
+//       $locid = 2237836;  // Blacksburg (Montgomery), Virginia, United States
+//       $locid = 1161640;  // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012 
+       $locid = 803095;        // Jena, Thueringen, Germany
+       $eventname = "ATE-Jena";
+       $city = "Mar 29, 2012";
+
+
+	$query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+	$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 
+			(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 
+			 COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 
+			FROM `locations`
+				inner join `users`  on `users`.`locid` = `locations`.`id` 
+				inner join `alerts` on `users`.`id`=`alerts`.`memid`
+				inner join `notary` on `users`.`id`=`notary`.`to`
+			WHERE 	(`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+			GROUP BY `users`.`id`
+			HAVING `distance` <= '$maxdist' 
+			ORDER BY `distance` ";
+	 echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    //	$query = "select * from `users` where `email` like 'cacerttest%'";
+
+	$res = mysql_query($query);
+	$xrows = mysql_num_rows($res);
+
+	while($row = mysql_fetch_assoc($res))
+	{
+    //    uncomment next line to send mails ...
+		sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	}
+  // 1x cc to events.cacert.org
+	sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	// 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+
+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+	echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/42de-ate-leipzig-email.txt b/scripts/42de-ate-leipzig-email.txt
new file mode 100644
index 0000000..ea08a75
--- /dev/null
+++ b/scripts/42de-ate-leipzig-email.txt
@@ -0,0 +1,39 @@
+CAcert Assurer Training Event Leipzig
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 10. April 2012, 19:00 - 22:00
+(Dienstag nach Ostern)
+
+Adresse:
+ Universtität Leipzig / Institut für Informatik
+ Johannisgasse 26 / Raum 1-40
+ 04103 Leipzig
+Webseite:
+ [http://www.informatik.uni-leipzig.de/ifi/]
+Lageplan:
+ [http://www.fmi.uni-leipzig.de/cms/service/lageplan.html]
+
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-04-10ATE-Leipzig]
+Blog [http://blog.cacert.org/2012/03/555.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Leipzig'
+
+Kontakt: events@cacert.org
diff --git a/scripts/42de-ate-leipzig-mail.php.txt b/scripts/42de-ate-leipzig-mail.php.txt
new file mode 100644
index 0000000..d0c02b7
--- /dev/null
+++ b/scripts/42de-ate-leipzig-mail.php.txt
@@ -0,0 +1,114 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2009  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+	include_once("../includes/mysql.php");
+
+	$lines = "";
+	$fp = fopen("42de-ate-leipzig-email.txt", "r");
+	while(!feof($fp))
+	{
+		$line = trim(fgets($fp, 4096));
+		$lines .= wordwrap($line, 75, "\n")."\n";
+	}
+	fclose($fp);
+
+
+//	$locid = intval($_REQUEST['location']);
+//	$maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km] - changed to 350 to include glasgow + london
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld  
+//   $locid = 715191;        // Hamburg    
+//   $locid = 1102495;       // London     
+//   $locid = 520340;        // Duesseldorf
+//   $locid = 1260319;       // Muenchen   
+//   $locid = 606058;        // Frankfurt  
+//   $locid = 1775784;       // Stuttgart  
+//   $locid = 228950;        // Berlin  
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin  
+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, US
+//       $locid = 1486658;       // Potsdam
+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, US
+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 
+//       $locid = 2257312;       // Sydney, New South Wales, Australia
+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 
+//       $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany 
+//       $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//       $locid = 2102723;       // Washington (District of Columbia, ..., US
+//       $locid = 2177566;       // New York (Bronx), New York, United States
+//       $locid = 1486658;       // Potsdam  BLIT2011
+//       $locid = 2237836;  // Blacksburg (Montgomery), Virginia, United States
+//       $locid = 1161640;  // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012 
+//       $locid = 803095;        // Jena, Thueringen, Germany
+//       $eventname = "ATE-Jena";
+//       $city = "Mar 29, 2012";
+
+// ATE Leipzig, DE, Apr 10 2012 
+       $locid = 1067965;        // Leipzig, Sachsen, Germany
+       $eventname = "ATE-Leipzig";
+       $city = "Apr 10, 2012";
+
+
+	$query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+	$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 
+			(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 
+			 COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 
+			FROM `locations`
+				inner join `users`  on `users`.`locid` = `locations`.`id` 
+				inner join `alerts` on `users`.`id`=`alerts`.`memid`
+				inner join `notary` on `users`.`id`=`notary`.`to`
+			WHERE 	(`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+			GROUP BY `users`.`id`
+			HAVING `distance` <= '$maxdist' 
+			ORDER BY `distance` ";
+	 echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    //	$query = "select * from `users` where `email` like 'cacerttest%'";
+
+	$res = mysql_query($query);
+	$xrows = mysql_num_rows($res);
+
+	while($row = mysql_fetch_assoc($res))
+	{
+    //    uncomment next line to send mails ...
+		sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	}
+  // 1x cc to events.cacert.org
+	sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	// 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+
+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+	echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/43de-ate-karlsruhe-email.txt b/scripts/43de-ate-karlsruhe-email.txt
new file mode 100644
index 0000000..26af21c
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-email.txt
@@ -0,0 +1,103 @@
+[Deutsch]

+

+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher

+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.

+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:

+

+- Welcher Satz fehlt auf alten CAP Formularen?

+- Warum soll ich mir R/L/O einpraegen?

+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?

+

+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).

+

+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.

+

+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.

+

+Die kommende Veranstaltung in deiner Naehe findet statt am:

+

+- Dienstag, den 15. Mai 2012

+- in der Zeit von: 19:00 - ca. 22:00 Uhr

+- Raum: New York

+- im FZI Forschungszentrum Informatik 

+- Haid-und-Neu-Str. 10-14

+- 76131 Karlsruhe 

+

+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im

+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]

+Blog [http://blog.cacert.org/2012/04/559.html]

+

+Teilnehmer Registrierung mit Rueckantwort:

+ 'Ich moechte am ATE-Karlsruhe teilnehmen'

+

+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.

+

+Kontakt: events@cacert.org

+

+

+[French]

+

+Bon nombre de changements ont eu lieu au cours de la derniere annee au sein de CAcert. Beaucoup de regles "orales" ont ete transformees en reglements ("Policies"). De nouvelles procedures (par exemple le Challenge Assureur) et devoirs (par exemple le CAcert Community Agreement) ont ete activees. Les Assurer Training Events essaient de propager ces informations :

+

+- Que manque-t-il sur les "anciens" formulaires CAP ?

+- Pourquoi dois-je me souvenir de R/L/O ?

+- Que faire si une personne vous montre un document d'identite qui vous est inconnu ?

+

+Durant les Assurer Training Events (ATEs) vous recevrez les reponses a ces questions et a plein d'autres.

+

+De plus, les ATE vous permettent de vous entrainer a verifier les identites. Ceci sera audite afin de mesurer la qualite des assurances effectuees dans la routine quotidienne. On essaiera de vous induire en erreur. Vous aurez ainsi la possibilite de voir les problemes et d'apprendre a dejouer les pieges.

+

+Comme IanG l'a dit : il est fortement recommande aux assureurs de participer aux ATE. Le programmme contient des parties qui entrent directement en ligne de compte pour le succes de notre audit. Venez et decouvrez comment contribuer.

+

+Le prochain ATE qui aura lieu pres de chez vous sera :

+- Mardi le 15 mai 2012

+- de 19:00 a environ 22:00

+- Chambre: New York

+- dans le FZI Forschungszentrum Informatik

+- Haid-und-Neu-Str. 10-14

+- 76131 Karlsruhe

+

+NB : les exposes auront lieu en Allemand

+

+Plus de renseignements sur le lieu : 

+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]

+Blog [http://blog.cacert.org/2012/04/559.html]

+

+Pour participer, repondez a ce courriel : 'Je viendrais au ATE-Karlsruhe'

+

+Le comite d'organisation se rejouit de votre venue.

+

+Contact: events@cacert.org

+

+[English]

+

+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:

+

+- What is missing on the "old" CAP forms?

+- Why should I remember R/L/O?

+- What can you do if an Assuree shows an ID document unknown to you?

+

+These and more questions will be answered during the Assurer Training Events (ATEs)

+

+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.

+

+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.

+

+The next event held in your area will be:

+

+- Tuesday 15th Mai 2012

+- during 19:00 - ca. 22:00

+- Room: New York

+- in the FZI Forschungszentrum Informatik 

+- Haid-und-Neu-Str. 10-14

+- 76131 Karlsruhe 

+

+Details to the location can be found: 

+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]

+Blog [http://blog.cacert.org/2012/04/559.html]

+

+User reply for registration: 'I will attend the ATE-Karlsruhe'

+

+The event team is looking forward for your attendance:

+

+Contact: events@cacert.org

diff --git a/scripts/43de-ate-karlsruhe-mail.php.txt b/scripts/43de-ate-karlsruhe-mail.php.txt
new file mode 100644
index 0000000..afea2f2
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-mail.php.txt
@@ -0,0 +1,155 @@
+#!/usr/bin/php -q

+<? /*

+    LibreSSL - CAcert web application

+    Copyright (C) 2004-2009  CAcert Inc.

+

+    This program is free software; you can redistribute it and/or modify

+    it under the terms of the GNU General Public License as published by

+    the Free Software Foundation; version 2 of the License.

+

+    This program is distributed in the hope that it will be useful,

+    but WITHOUT ANY WARRANTY; without even the implied warranty of

+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+    GNU General Public License for more details.

+

+    You should have received a copy of the GNU General Public License

+    along with this program; if not, write to the Free Software

+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

+*/

+	include_once("../includes/mysql.php");

+

+	$lines = "";

+	$fp = fopen("43de-ate-karlsruhe-email.txt", "r");

+	while(!feof($fp))

+	{

+		$line = trim(fgets($fp, 4096));

+		$lines .= wordwrap($line, 75, "\n")."\n";

+	}

+	fclose($fp);

+

+

+//	$locid = intval($_REQUEST['location']);

+//	$maxdist = intval($_REQUEST['maxdist']);

+//  maxdist in [Km]

+  $maxdist = 200;

+

+

+// location      location.ID

+//   verified: 29.4.09 u.schroeter

+//   $locid = 7902857;       // Paris

+//   $locid = 238568;        // Bielefeld  

+//   $locid = 715191;        // Hamburg    

+//   $locid = 1102495;       // London     

+//   $locid = 520340;        // Duesseldorf

+//   $locid = 1260319;       // Muenchen   

+//   $locid = 606058;        // Frankfurt  

+//   $locid = 1775784;       // Stuttgart  

+//   $locid = 228950;        // Berlin  

+//   $locid = 606058;        // Frankfurt

+//   $locid = 599389;        // Flensburg

+//   $locid = 61065;        // Amsterdam, Eemnes

+//   $locid = 228950;        // Berlin  

+

+//  Software Freedom Day 19. Sept 2009

+//   $locid = 715191;        // Hamburg

+

+//  LISA2009 Baltimore, 1.11.2009

+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, United States   

+//     $city = "Baltimore, MD - Nov. 3rd 2009";

+

+//  OpenSourceTreffen-Muenchen, 20.11.2009

+//       $locid = 1260319;       // Muenchen   

+//       $city = "Muenchen - 20. Nov 2009";

+

+//  BLIT2009, Brandenburger Linux-Infotag, 21.11.2009

+//       $locid = 1486658;       // Potsdam

+//       $eventname = "Brandenburger Linux-Infotag (BLIT2009)";

+//       $city = "Potsdam - 21. Nov 2009";

+

+//  ATE-Goteborg, 16.12.2009

+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden

+//       $eventname = "ATE-Goteborg";

+//       $city = "Goteborg - Dec 16th 2009";

+

+//  Assurance Event Mission Hills CA, 15.01.2010

+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, United States 

+//       $eventname = "Assurance Event";

+//       $city = "Mission Hills CA - Jan 15th 2010";

+

+//  Assurance Event OSD Copenhagen DK, 5.03.2010

+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 

+//       $eventname = "Assurance Event OpenSource-Days 2010";

+//       $city = "Copenhagen DK - March 5th/6th 2010";

+

+// SCALE 8x Los Angeles, CA, Feb 19-21 2010 

+//       $locid = 2093625;       // Copenhagen, Kobenhavn*, Denmark 

+//       $eventname = "SCALE 8x 2010";

+//       $city = "Los Angeles, CA - February 19-21 2010";

+

+// ATE Sydney, AU, Mar 24 2010 

+//       $locid = 2257312;       // Sydney, New South Wales, Australia

+//       $eventname = "ATE-Sydney";

+//       $city = "March 24, 2010";

+

+// ATE Essen, DE, Sept 28 2010 

+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 

+//       $eventname = "ATE-Essen";

+//       $city = "September 28, 2010";

+

+// ATE Aachen, DE, Oct 4th 2010 

+//       $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany 

+//       $eventname = "ATE-Aachen";

+//       $city = "October 4th, 2010";

+

+// ATE Muenchen, DE, Apr 2nd 2011

+//       $locid = 1260319;       // Muenchen    

+//       $eventname = "ATE-Muenchen";

+//       $city = "2. April, 2011";

+

+// ATE Bonn, DE, Jun 8th 2011

+//       $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany

+//       $eventname = "ATE-Bonn";

+//       $city = "8. Juni, 2011";

+

+// ATE Karlsruhe, DE, May 15th 2012

+       $locid = 873779;       // Karlsruhe, Baden-Wuerttemberg, Germany

+       $eventname = "ATE-Karlsruhe";

+       $city = "15. May 2012";

+

+	$query = "select * from `locations` where `id`='$locid'";

+        $loc = mysql_fetch_assoc(mysql_query($query));

+

+	$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 

+			(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 

+			 COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 

+			FROM `locations`

+				inner join `users`  on `users`.`locid` = `locations`.`id` 

+				inner join `alerts` on `users`.`id`=`alerts`.`memid`

+				inner join `notary` on `users`.`id`=`notary`.`to`

+			WHERE 	(`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)

+			GROUP BY `users`.`id`

+			HAVING `distance` <= '$maxdist' 

+			ORDER BY `distance` ";

+	 echo $query;

+

+    // comment next line when starting to send mail not only to me 

+    //	$query = "select * from `users` where `email` like 'cacerttest%'";

+

+	$res = mysql_query($query);

+	$xrows = mysql_num_rows($res);

+

+	while($row = mysql_fetch_assoc($res))

+	{

+    //    uncomment next line to send mails ...

+		sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);

+	}

+  // 1x cc to events.cacert.org

+	sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);

+	// 1x mailing report to events.cacert.org

+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	

+

+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1

+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	

+	echo "invitation sent to $xrows recipients.\n";

+

+?>

diff --git a/scripts/cron/permissionreview.php b/scripts/cron/permissionreview.php
index 572c1fd..0f2fc2e 100755
--- a/scripts/cron/permissionreview.php
+++ b/scripts/cron/permissionreview.php
@@ -21,19 +21,71 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 require_once(dirname(__FILE__).'/../../includes/mysql.php');
 
 $BOARD_PRIVATE = 'cacert-board-private@lists.cacert.org';
+$ASSURANCE_OFFICER = 'ao@cacert.org';
+$ORGANISATION_ASSURANCE_OFFICER = 'oao@cacert.org';
 
+
+//defines to whom to send the lists
 $flags = array(
-	'admin' => 'Support Engineer',
-	'orgadmin' => 'Organisation Assurer',
-	'board' => 'Board Member',
-	'ttpadmin' => 'Trusted Third Party Admin',
-	'tverify' => 'Tverify Admin',
-	'locadmin' => 'Location Admin'
+	'admin' => array(
+			'name'    => 'Support Engineer',
+			'own'     => false, //Don't send twice
+			'board'   => true,
+			'support' => true,
+			'ao'      => false,
+			'oao'     => false
+			),
+	
+	'orgadmin' => array(
+			'name'    => 'Organisation Assurer',
+			'own'     => true,
+			'board'   => true,
+			'support' => true,
+			'ao'      => true,
+			'oao'     => true
+			),
+	
+	'board' => array(
+			'name'    => 'Board Member',
+			'own'     => false,
+			'board'   => true,
+			'support' => true,
+			'ao'      => true,
+			'oao'     => false
+			),
+	
+	'ttpadmin' => array(
+			'name'    => 'Trusted Third Party Admin',
+			'own'     => true,
+			'board'   => true,
+			'support' => true,
+			'ao'      => true,
+			'oao'     => true
+			),
+	
+	'tverify' => array(
+			'name'    => 'Tverify Admin',
+			'own'     => false,
+			'board'   => true,
+			'support' => true,
+			'ao'      => true,
+			'oao'     => false
+			),
+	
+	'locadmin' => array(
+			'name'    => 'Location Admin',
+			'own'     => false,
+			'board'   => true,
+			'support' => true,
+			'ao'      => false,
+			'oao'     => false
+			),
 	);
 
-$adminlist = array();
 
-foreach ($flags as $flag => $description) {
+// Build up list of various admins
+$adminlist = array();
+foreach ($flags as $flag => $flag_properties) {
 	$query = "select `fname`, `lname`, `email` from `users` where `$flag` = 1";
 	if(! $res = mysql_query($query) ) {
 		fwrite(STDERR,
@@ -45,52 +97,64 @@ foreach ($flags as $flag => $description) {
 		continue;
 	}
 	
-	$admins = array();
-	$adminlist[$flag] = "";
+	$adminlist[$flag] = array();
 	
 	while ($row = mysql_fetch_assoc($res)) {
-		$admins[] = $row;
-		$adminlist[$flag] .= "$row[fname] $row[lname] $row[email]\n";
+		$adminlist[$flag][] = $row;
 	}
 	
-	foreach ($admins as $admin) {
-		$message = <<<EOF
+	
+	// Send mail to admins of this group if 'own' is set
+	if ($flag_properties['own']) {
+		foreach ($adminlist[$flag] as $admin) {
+			$message = <<<EOF
 Hello $admin[fname],
 
-you get this message, because you are listed as $description on
+you get this message, because you are listed as $flag_properties[name] on
 CAcert.org. Please review the following list of persons with the same privilege
 and report to the responsible team leader or board
 ($BOARD_PRIVATE) if you spot any errors.
 
-$adminlist[$flag]
+
+EOF;
+			
+			foreach ($adminlist[$flag] as $colleague) {
+				$message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+			}
+			
+			$message .= <<<EOF
 
 
 Best Regards,
 CAcert Support
 EOF;
-		sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
+			
+			sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
+		}
 	}
 }
 
 
 
+// Send to support engineers
 $message = <<<EOF
-Dear Board Members,
+Dear Support Engineers,
 
 it's time for the permission review again. Here is the list of privileged users
-in the CAcert web application. Please review them and also ask the persons 
-responsible for an up-to-date copy of access lists not directly recorded in the
-web application (critical admins, software assessors etc.) 
+in the CAcert web application. Please review them.
 
 
 EOF;
 
-foreach ($flags as $flag => $description) {
-	$message .= <<<EOF
-List of ${description}s:
-$adminlist[$flag]
-
-EOF;
+foreach ($flags as $flag => $flag_properties) {
+	if ($flag_properties['support']) {
+		$message .= "List of $flag_properties[name]s:\n\n";
+		foreach ($adminlist[$flag] as $colleague) {
+			$message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+		}
+		
+		$message .= "\n\n";
+	}
 }
 
 $message .= <<<EOF
@@ -99,4 +163,55 @@ Best Regards,
 CAcert Support
 EOF;
 
-sendmail($BOARD_PRIVATE, "Permissions Review", $message, 'support@cacert.org');
+foreach ($adminlist['admin'] as $support_engineer) {
+	sendmail(
+			$support_engineer['email'],
+			"Permissions Review",
+			$message,
+			'support@cacert.org');
+}
+
+
+// Send to one-email addresses
+foreach (array(
+			'ao' => array(
+					'description' => 'Assurance Officer',
+					'email' => $ASSURANCE_OFFICER),
+			'oao' => array(
+					'description' => 'Organisation Assurance Officer',
+					'email' => $ORGANISATION_ASSURANCE_OFFICER),
+			'board' => array(
+					'description' => 'Board Members',
+					'email' => $BOARD_PRIVATE)
+		) as $key => $values) {
+	$message = <<<EOF
+Dear $values[description],
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them and also ask the persons 
+responsible for an up-to-date copy of access lists not directly recorded in the
+web application (critical admins, software assessors etc.) 
+
+
+
+EOF;
+	
+	foreach ($flags as $flag => $flag_properties) {
+		if ($flag_properties[$key]) {
+			$message .= "List of $flag_properties[name]s:\n\n";
+			foreach ($adminlist[$flag] as $colleague) {
+				$message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+			}
+			$message .= "\n\n";
+		}
+	}
+	
+	$message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+	
+	sendmail($values['email'], "Permissions Review", $message, 'support@cacert.org');
+}
diff --git a/scripts/resetpermissions.php b/scripts/resetpermissions.php
new file mode 100755
index 0000000..0bfdaa3
--- /dev/null
+++ b/scripts/resetpermissions.php
@@ -0,0 +1,71 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012  CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+
+require_once(dirname(__FILE__).'/../includes/mysql.php');
+
+$flags = array('board', 'tverify');
+
+foreach ($flags as $flag) {
+	echo "Resetting $flag flag:\n";
+	$query = "select `id`, `fname`, `lname`, `email` from `users`
+			where `$flag` = 1";
+	if(! $res = mysql_query($query) ) {
+		fwrite(STDERR,
+				"MySQL query for flag $flag failed:\n".
+				"\"$query\"\n".
+				mysql_error()
+		);
+	
+		continue;
+	}
+	
+	while ($row = mysql_fetch_assoc($res)) {
+		echo "$row[fname] $row[lname] $row[email]";
+		
+		$update = "update `users` set `$flag` = 0 where `id` = $row[id]";
+		if(! $res2 = mysql_query($update) ) {
+			echo " NOT RESET!!!\n";
+			fwrite(STDERR,
+					"MySQL query for $flag flag reset on user $row[id] failed:\n".
+					"\"$update\"\n".
+					mysql_error()
+			);
+			
+		} else {
+			
+			$message = <<<EOF
+Hi $row[fname],
+
+As per Arbitration a20110118.1 [1] the $flag permission has been removed
+from your account.
+
+[1] https://wiki.cacert.org/Arbitrations/a20110118.1
+
+Best Regards,
+CAcert Support
+EOF;
+			sendmail($row['email'], "Permissions have been reset", $message, 'support@cacert.org');
+			
+			echo " reset.\n";
+		}
+	}
+	
+	echo "\n\n";
+}
\ No newline at end of file
diff --git a/www/advertising.php b/www/advertising.php
index e987461..43e4f93 100644
--- a/www/advertising.php
+++ b/www/advertising.php
@@ -47,7 +47,7 @@
 		if($months < 1 || $months > 12)
 		{
 			$id = 1;
-			$errmsg .= _("You can only place an advertisement for up to 12 months.<br />");
+			$errmsg .= _("You can only place an advertisement for up to 12 months.")."<br />";
 			$process="";
 			$oldid=0;
 		}
@@ -55,7 +55,7 @@
 		if(strlen($title) <= 5)
 		{
 			$id = 1;
-			$errmsg .= _("Link title was too short.<br />");
+			$errmsg .= _("Link title was too short.")."<br />";
 			$process="";
 			$oldid=0;
 		}
@@ -63,7 +63,7 @@
 		if(strlen($link) <= 10)
 		{
 			$id = 1;
-			$errmsg .= _("Link URI was too short.<br />");
+			$errmsg .= _("Link URI was too short.")."<br />";
 			$process="";
 			$oldid=0;
 		}
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 56dd0cf..feb92d4 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -31,8 +31,8 @@ function sanitize_string($buffer) {
 }
 
 define ('UNDEFINED', 'nd');
-define ('ALLOWED_IP', '213.154.225.228');
-define ('ALLOWED_IP2', '193.238.157.112');
+define ('ALLOWED_IP', '213.154.225.243');
+define ('ALLOWED_IP2', '172.16.2.27');
 define ('CONFIG_FILEPATH', '/www/');
 
 $remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED;
diff --git a/www/policy/CertificationPracticeStatement.php b/www/policy/CertificationPracticeStatement.php
index e17056b..2a9bd11 100644
--- a/www/policy/CertificationPracticeStatement.php
+++ b/www/policy/CertificationPracticeStatement.php
@@ -3203,54 +3203,50 @@ The form of the PGP signatures depends on several factors, therefore no stipulat
 <h4><a name="p7.1.2" id="p7.1.2">7.1.2. Certificate extensions</a></h4>
 
 <p>
-Client certificates include the following extensions:.
+  Client certificates include the following extensions:
 </p>
-<ul><li>
-    basicConstraints=CA:FALSE (critical)
-  </li><li>
-    keyUsage=digitalSignature,keyEncipherment,cRLSign
-  </li><li>
-  </li><li>
-    extendedKeyUsage=emailProtection,clientAuth,serverAuth,msEFS,msSGC,nsSGC
-  </li><li>
-    authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
-  </li><li>
-    subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+  <li>basicConstraints=CA:FALSE (critical)</li>
+  <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+  <li>extendedKeyUsage=emailProtection,clientAuth,msEFS,msSGC,nsSGC</li>
+  <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+  <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced 
+    with the URI where the certificate revocation list relating to the 
+    certificate is found</li>
+  <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
   <ul class="q">
     <li> what about Client Certificates Adobe Signing extensions ?</li>
     <li> SubjectAltName should become critical if DN is removed http://tools.ietf.org/html/rfc5280#section-4.2.1.6</li>
   </ul>
 
-
 <p>
-Server certificates include the following extensions:
+  Server certificates include the following extensions:
 </p>
-<ul><li>
-    basicConstraints=CA:FALSE (critical)
-  </li><li>
-    keyUsage=digitalSignature,keyEncipherment
-  </li><li>
-    extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC
-  </li><li>
-    authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
-  </li><li>
-    subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+  <li>basicConstraints=CA:FALSE (critical)</li>
+  <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+  <li>extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC</li>
+  <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+  <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced 
+    with the URI where the certificate revocation list relating to the 
+    certificate is found</li>
+  <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
 
 <p>
-Code-Signing certificates include the following extensions:
+  Code-Signing certificates include the following extensions:
 </p>
-
-<ul><li>
-    basicConstraints=CA:FALSE (critical)
-  </li><li>
-    keyUsage=digitalSignature,keyEncipherment
-  </li><li>
-    extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC
-  </li><li>
-    authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
-</li></ul>
+<ul>
+  <li>basicConstraints=CA:FALSE (critical)</li>
+  <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+  <li>extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC</li>
+  <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+  <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced 
+    with the URI where the certificate revocation list relating to the 
+    certificate is found</li>
+  <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
   <ul class="q">
     <li> what about subjectAltName for Code-signing</li>
   </ul>
diff --git a/www/wot.php b/www/wot.php
index 66bf7cb..bf5d301 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -444,7 +444,14 @@ $iecho= "c";
 			{
 				sendmail($user['email'], "[CAcert.org] ".$_REQUEST['subject'], $_REQUEST['message'],
 					$_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']);
-				show_page("ContactAssurer",_("Your email has been sent to")." ".$user['fname'].".<br />[ <a href='javascript:history.go(-2)'>"._("Go Back")."</a> ]","");
+				
+				showheader(_("My CAcert.org Account!"));?>
+				<p>
+					<? printf(_("Your email has been sent to %s."), $user['fname']); ?>
+				</p>
+				<p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p>
+				<?
+				showfooter();
 				exit;
 			} else {
 				show_page(0,"",_("Sorry, I was unable to locate that user."));