diff options
| -rw-r--r-- | includes/account_stuff.php | 6 | ||||
| -rw-r--r-- | includes/notary.inc.php | 32 | ||||
| -rw-r--r-- | pages/wot/17.php | 76 | ||||
| -rw-r--r-- | www/wot.php | 85 |
4 files changed, 185 insertions, 14 deletions
diff --git a/includes/account_stuff.php b/includes/account_stuff.php index da328a3..9ff794d 100644 --- a/includes/account_stuff.php +++ b/includes/account_stuff.php @@ -101,7 +101,9 @@ case 506: case 509: case 511: - case 512: $expand = " explode('WoT');"; break; // Find Assurer + case 512: // Find Assurer + case 516: // TTP form + case 517: $expand = " explode('WoT');"; break; // Assurer check case 1000: case 1001: case 1002: // View GPG key @@ -219,7 +221,7 @@ function hideall() { <? } ?> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> - <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?></ul> + <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><a href="wot.php?id=17"><?=_("Check Assurer Status")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul> </div> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><? diff --git a/includes/notary.inc.php b/includes/notary.inc.php index 63c426e..40170ad 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -1569,8 +1569,29 @@ function get_user_agreements($memid, $type=null, $active=null){ return $return_str; } + //user function + function get_user_id_from_email($email){ + $email = mysql_real_escape_string(trim($email)); + $res = query_init ("select `id` from `users` where `email` = '" . $email . "'"); + $row = query_getnextrow($res); + + return intval($row['id']); + } + + function get_number_of_adminlog_entries($uid, $typeid, $hours=1){ + $uid = intval($uid); + $typeid = intval($typeid); + $hours = intval($hours); + $res = query_init ("SELECT count(*) AS `no` FROM `adminlog` + WHERE `adminid` = " . $uid . " AND `actiontypeid`=" . $typeid . " and `when` > NOW() - INTERVAL " . $hours . " HOUR " ); + $row = query_getnextrow($res); + + return intval($row['no']); + } + /** - * Write some information to the adminlog + * write_se_log() + * writes an information to the adminlog * * @param int $uid - id of the user account * @param int $adminid - id of the admin @@ -1578,15 +1599,16 @@ function get_user_agreements($memid, $type=null, $active=null){ * @param string $info - the ticket / arbitration number or other information * @return bool - true := success, false := error */ -function write_se_log($uid, $adminid, $type, $info){ +function write_se_log($uid, $adminid, $type, $info, $typeid=1){ //records all support engineer actions changing a user account $uid = intval($uid); $adminid = intval($adminid); $type = mysql_real_escape_string($type); $info = mysql_real_escape_string($info); - $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values - (Now(), $uid, $adminid, '$type', '$info')"; - return mysql_query($query); + $typeid = intval($typeid); + $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`,`actiontypeid`) values + (Now(), $uid, $adminid, '$type', '$info', '$typeid')"; + mysql_query($query); } /** diff --git a/pages/wot/17.php b/pages/wot/17.php new file mode 100644 index 0000000..657f990 --- /dev/null +++ b/pages/wot/17.php @@ -0,0 +1,76 @@ +<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2008 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ +include_once("../includes/shutdown.php"); +require_once("../includes/lib/l10n.php"); + +if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") +{ + ?><font color="orange" size="+1"> + <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?> + </font> + <?unset($_SESSION['_config']['error']); +} + +if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { + unset($_SESSION['_config']['noemailfound']); +} + +?> +<form method="post" action="wot.php" name="form1"> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="2" class="title"><?=_('Check Assurer Status')?></td> + </tr> + <tr> + <td class="DataTD"><?=_('Email to check')?>:</td> +<? if(array_key_exists('remindersent',$_SESSION['_config']) && $_SESSION['_config']['remindersent'] == 1) { unset($_SESSION['_config']['remindersent']) ?> + <td class="DataTD"><input type="text" name="email" id="email" value=""></td> + <? } else { ?> + <td class="DataTD"><input type="text" name="email" id="email" value="<?=array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):""?>"></td> + <? } ?> + </tr> + <tr> + <td class="DataTD"><?=_('Reason why the assurer status is needed')?>:</td> + <td class="DataTD"><select name="reason"><option>--</option> + <option><?=_('Assurance')?></option> + <option><?=_('Event Preparation')?></option> + <option><?=_('Arbitration')?></option> + <option><?=_('CARS check')?></option> + <option><?=_('CATS certificate creation')?></option> + <option><?=_('Organisation Assurance')?></option> + </select></td> + </tr> + <tr> + <td class="DataTD" colspan="2"><?=_('If you request the assurer status the result is send via mail to the person of whom you request the status of.')?></td> + </tr> + <tr> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> + </tr> +</table> +<input type="hidden" name="oldid" value="<?=$id?>"> +</form> +<SCRIPT LANGUAGE="JavaScript"> +//<![CDATA[ + function my_init() + { + document.getElementById("email").focus(); + } + + window.onload = my_init(); +//]]> +</script> diff --git a/www/wot.php b/www/wot.php index a7195e3..808d57f 100644 --- a/www/wot.php +++ b/www/wot.php @@ -80,8 +80,11 @@ function show_page($target,$message,$error) case 'MyPointsNew': includeit(15, "wot"); break; case '16': - case 'TTPForm': includeit(16, "wot"); - break; + case 'TTPForm': includeit(16, "wot"); + break; + case '17': + case 'AssurerCheck': includeit(17, "wot"); + break; } showfooter(); @@ -124,6 +127,7 @@ function send_reminder() if(array_key_exists('location',$_POST) && $_POST['location'] != "") $_SESSION['_config']['location'] = $_POST['location']; + $id=array_key_exists('id',$_REQUEST)?intval($_REQUEST['id']):0; $oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0; if($oldid == 12) @@ -555,9 +559,76 @@ function send_reminder() exit; } -// showheader(_("My CAcert.org Account!")); -// echo "ID now = ".$id."/".$oldid.">>".$iecho; -// includeit($id, "wot"); -// showfooter(); + // Assurer Check + if($oldid == 17 ) + { + $oldid = 0; + $id = 17; + $number = 5; + $email = mysql_real_escape_string(trim($_REQUEST['email'])); + $reason = mysql_real_escape_string(trim($_REQUEST['reason'])); + $uid = get_user_id_from_email($email); + + if ($uid == 0) { + show_page("AssurerCheck", "", _("I'm sorry, there was no email matching what you entered in the system. Please double check your information.")); + exit; + } + + if ($reason == "--") { + show_page("AssurerCheck", "" ,_("I'm sorry, there was no reason given why you need to check the assurer status.")); + exit; + } + + if (get_number_of_adminlog_entries($_SESSION['profile']['id'],1000,1) > $number) { + show_page("AssurerCheck", "", sprintf(_("I'm sorry, you reached the maximum requests of %s per hour. Please wait until you try it again."),$number)); + exit; + } + + if (is_assurer($uid)) { + $status = _('Is assurer'); + } else { + $status = _('Is no assurer'); + } + + write_se_log($uid, $_SESSION['profile']['id'], 'User Assurer status check', '', 1000); + + $assurer = get_user($uid); + + //mail to member + $my_translation = L10n::get_translation(); + L10n::set_translation($assurer['language']); + + $subject = "[CAcert.org] ". _("Assurer status report for you"); + + $body = sprintf(_("Hi %s,"), $assurer['fname'])."\n\n"; + $body .= sprintf(_("%s %s (%s) has requested your assurer status for %s."), + $_SESSION['profile']['fname'], + $_SESSION['profile']['lname'], + $_SESSION['profile']['email'], + $reason)."\n\n"; + $body .= sprintf(_("The transmitted result: %s"), $status)."\n"; + $body .= _("Best regards")."\n"; + $body .= _("CAcert Support Team"); + + sendmail($assurer['email'], "[CAcert.org] ". $subject, $body, + "support@cacert.org", //from + "", //replyto + "", //toname + "CAcert Support"); //fromname + + L10n::set_translation($my_translation); + + showheader(_("My CAcert.org Account!"));?> + <p> + <?=sprintf(_('The assurer status for %s %s (%s) is: %s'), + $assurer['fname'], + $assurer['lname'], + $assurer['email'], + $status) . '<br/>'. _('The mail with the status request has been sent to the email address above.'); ?> + </p> + <? + showfooter(); + exit; + } + show_page ($id,"",""); -?> |