summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/account.php17
-rw-r--r--includes/lib/account.php50
-rw-r--r--includes/lib/l10n.php131
-rw-r--r--pages/account/10.php65
-rw-r--r--pages/account/16.php102
-rw-r--r--pages/account/20.php61
-rw-r--r--pages/account/3.php131
-rw-r--r--pages/account/55.php235
-rw-r--r--pages/account/56.php82
-rw-r--r--pages/wot/9.php2
-rw-r--r--www/styles/default.css12
11 files changed, 586 insertions, 302 deletions
diff --git a/includes/account.php b/includes/account.php
index 99c65c5..b1ab984 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -289,6 +289,9 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
$csr = "";
if(trim($_REQUEST['optionalCSR']) == "")
{
@@ -386,6 +389,7 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -490,6 +494,7 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -763,6 +768,8 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 11)
@@ -807,6 +814,7 @@ function buildSubjectFromSession() {
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
$query = "insert into `domaincerts` set
@@ -814,6 +822,7 @@ function buildSubjectFromSession() {
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
showheader(_("My CAcert.org Account!"));
@@ -1467,6 +1476,8 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
$_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
if(@count($_SESSION['_config']['emails']) > 0)
@@ -1534,6 +1545,7 @@ function buildSubjectFromSession() {
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1629,6 +1641,7 @@ function buildSubjectFromSession() {
`subject`='".mysql_real_escape_string($csrsubject)."',
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1893,6 +1906,8 @@ function buildSubjectFromSession() {
$_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 21)
@@ -1967,6 +1982,7 @@ function buildSubjectFromSession() {
`created`=NOW(),
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
@@ -1976,6 +1992,7 @@ function buildSubjectFromSession() {
`created`=NOW(),
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
}
diff --git a/includes/lib/account.php b/includes/lib/account.php
index 4c4d5ac..dd8afd3 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -98,3 +98,53 @@ function fix_assurer_flag($userID = NULL)
return true;
}
+
+/**
+ * Supported hash algorithms for signing certificates
+ */
+class HashAlgorithms {
+ /**
+ * Default hash algorithm identifier for signing
+ * @var string
+ */
+ public static $default = 'sha256';
+
+ /**
+ * Get display strings for the supported hash algorithms
+ * @return array(string=>array('name'=>string, 'info'=>string))
+ * - [$hash_identifier]['name'] = Name that should be displayed in UI
+ * - [$hash_identifier]['info'] = Additional information that can help
+ * with the selection of a suitable algorithm
+ */
+ public static function getInfo() {
+ return array(
+ 'sha256' => array(
+ 'name' => 'SHA-256',
+ 'info' => _('Currently recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x) still shipped in Debian for example.'),
+ ),
+ 'sha384' => array(
+ 'name' => 'SHA-384',
+ 'info' => '',
+ ),
+ 'sha512' => array(
+ 'name' => 'SHA-512',
+ 'info' => _('Highest protection against hash collision attacks of the algorithms offered here.'),
+ ),
+ );
+ }
+
+ /**
+ * Check if the input is a supported hash algorithm identifier otherwise
+ * return the identifier of the default hash algorithm
+ *
+ * @param string $hash_identifier
+ * @return string The cleaned identifier
+ */
+ public static function clean($hash_identifier) {
+ if (array_key_exists($hash_identifier, self::getInfo() )) {
+ return $hash_identifier;
+ } else {
+ return self::$default;
+ }
+ }
+}
diff --git a/includes/lib/l10n.php b/includes/lib/l10n.php
index 85b7aff..e325add 100644
--- a/includes/lib/l10n.php
+++ b/includes/lib/l10n.php
@@ -22,10 +22,10 @@
class L10n {
/**
* These are tranlations we currently support.
- *
+ *
* If another translation is added, it doesn't suffice to have gettext set
* up, you also need to add it here, because it acts as a white list.
- *
+ *
* @var array("ISO-language code" => "native name of the language")
*/
public static $translations = array(
@@ -53,15 +53,15 @@ class L10n {
"zh-cn" => "&#x4e2d;&#x6587;(&#x7b80;&#x4f53;)",
"zh-tw" => "&#x4e2d;&#x6587;(&#33274;&#28771;)",
);
-
+
/**
* setlocale needs a language + region code for whatever reason so here's
* the mapping from a translation code to locales with the region that
* seemed the most common for this language
- *
+ *
* You probably never need this. Use {@link set_translation()} to change the
* language instead of manually calling setlocale().
- *
+ *
* @var array(string => string)
*/
private static $locales = array(
@@ -101,11 +101,11 @@ class L10n {
"zh-cn" => "zh_CN",
"zh-tw" => "zh_TW",
);
-
+
/**
* Auto-detects the language that should be used and sets it. Only works for
* HTTP, not in a command line script.
- *
+ *
* Priority:
* <ol>
* <li>explicit parameter "lang" passed in HTTP (e.g. via GET)</li>
@@ -128,10 +128,10 @@ class L10n {
return;
}
}
-
-
+
+
$languages = array();
-
+
// parse Accept-Language header
if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER)) {
$bits = explode(",", strtolower(
@@ -144,29 +144,29 @@ class L10n {
$c = floatval(substr($b[1], 2));
else
$c = 1;
-
+
if ($c != 0)
{
$languages[trim($b[0])] = $c;
}
}
}
-
+
// check if there is an explicit language given as parameter
if(array_key_exists("lang",$_REQUEST) && trim($_REQUEST["lang"]) != "")
{
// higher priority than those values in the header
$languages[strtolower(trim($_REQUEST["lang"]))] = 2.0;
}
-
+
arsort($languages, SORT_NUMERIC);
-
+
// this is used to be compatible with browsers like internet
// explorer which only provide the language code including the
// region not without. Also handles the fallback to English (qvalues
// may only have three digits after the .)
$fallbacks = array("en" => 0.0005);
-
+
foreach($languages as $lang => $qvalue)
{
// ignore any non-conforming values (that's why we don't need to
@@ -179,7 +179,7 @@ class L10n {
}
$lang_prefix = $matches[1]; // usually two-letter language code
$fallbacks[$lang_prefix] = $qvalue;
-
+
$chosen_translation = "";
if ($lang === '*') {
// According to the standard '*' matches anything but any
@@ -202,7 +202,7 @@ class L10n {
}
}
}
-
+
if ($chosen_translation !== "")
{
if (self::set_translation($chosen_translation)) {
@@ -210,7 +210,7 @@ class L10n {
}
}
}
-
+
// No translation found yet => try the prefixes
arsort($fallbacks, SORT_NUMERIC);
foreach ($fallbacks as $lang => $qvalue) {
@@ -218,16 +218,47 @@ class L10n {
return;
}
}
-
+
// should not get here, as the fallback of "en" is provided and that
// should always work => log an error
trigger_error("L10n::detect_language(): could not set language",
E_USER_WARNING);
}
-
+
+ /**
+ * Normalise the translation code (e.g. from the old codes to the new)
+ *
+ * @return string
+ * a translation code or the empty string if it can't be normalised
+ */
+ public static function normalise_translation($translation_code) {
+ // check $translation_code against whitelist
+ if (array_key_exists($translation_code, self::$translations) ) {
+ return $translation_code;
+ }
+
+ // maybe it's a locale as previously used in the system? e.g. en_AU
+ if (preg_match('/^([a-z][a-z])_([A-Z][A-Z])$/', $translation_code, $matches) !== 1) {
+ return '';
+ }
+
+ $lang_code = $matches[1];
+ $region_code = strtolower($matches[2]);
+
+ if (array_key_exists("${lang_code}-${region_code}", self::$translations)) {
+ return "${lang_code}-${region_code}";
+ }
+
+ if (array_key_exists($lang_code, self::$translations)) {
+ return $lang_code;
+ }
+
+ return '';
+ }
+
/**
* Get the set translation
- *
+ *
* @return string
* a translation code or the empty string if not set
*/
@@ -238,13 +269,13 @@ class L10n {
return "";
}
}
-
+
/**
* Set the translation to use.
- *
+ *
* @param string $translation_code
* the translation code as specified in the keys of {@link $translations}
- *
+ *
* @return bool
* <ul>
* <li>true if the translation has been set successfully</li>
@@ -255,27 +286,11 @@ class L10n {
* </ul>
*/
public static function set_translation($translation_code) {
- // check $translation_code against whitelist
- if ( !array_key_exists($translation_code, self::$translations) ) {
- // maybe it's a locale as previously used in the system? e.g. en_AU
- if ( preg_match('/^([a-z][a-z])_([A-Z][A-Z])$/', $translation_code,
- $matches) !== 1 ) {
- return false;
- }
-
- $lang_code = $matches[1];
- $region_code = strtolower($matches[2]);
-
- if ( array_key_exists("${lang_code}-${region_code}",
- self::$translations) ) {
- $translation_code = "${lang_code}-${region_code}";
- } elseif ( array_key_exists($lang_code, self::$translations) ) {
- $translation_code = $lang_code;
- } else {
- return false;
- }
+ $translation_code = self::normalise_translation($translation_code);
+ if (empty($translation_code)) {
+ return false;
}
-
+
// map translation to locale
if ( !array_key_exists($translation_code, self::$locales) ) {
// weird. maybe you added a translation but haven't added a
@@ -285,7 +300,7 @@ class L10n {
return false;
}
$locale = self::$locales[$translation_code];
-
+
// set up locale
if ( !putenv("LANG=$locale") ) {
trigger_error("L10n::set_translation(): could not set the ".
@@ -297,42 +312,42 @@ class L10n {
"LC_ALL to $locale", E_USER_WARNING);
return false;
}
-
-
+
+
// only set if we're running in a server not in a script
if (isset($_SESSION)) {
// save the setting
$_SESSION['_config']['language'] = $translation_code;
-
-
+
+
// Set up the recode settings needed e.g. in PDF creation
$_SESSION['_config']['recode'] = "html..latin-1";
-
+
if($translation_code === "zh-cn" || $translation_code === "zh-tw")
{
$_SESSION['_config']['recode'] = "html..gb2312";
-
+
} else if($translation_code === "pl" || $translation_code === "hu") {
$_SESSION['_config']['recode'] = "html..ISO-8859-2";
-
+
} else if($translation_code === "ja") {
$_SESSION['_config']['recode'] = "html..SHIFT-JIS";
-
+
} else if($translation_code === "ru") {
$_SESSION['_config']['recode'] = "html..ISO-8859-5";
-
+
} else if($translation_code == "lt") { // legacy, keep for reference
$_SESSION['_config']['recode'] = "html..ISO-8859-13";
-
+
}
}
-
+
return true;
}
-
+
/**
* Sets up the text domain used by gettext
- *
+ *
* @param string $domain
* the gettext domain that should be used, defaults to "messages"
*/
diff --git a/pages/account/10.php b/pages/account/10.php
index 8908400..17999a7 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -30,17 +30,66 @@
<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
<form method="post" action="account.php">
+<p><label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <input type="text" id="description" name="description" maxlength="80" size="80" />
+</p>
+<p><label for="CSR"><?=_("Paste your CSR (Certificate Signing Request) below...")?></label><br />
+ <textarea id="CSR" name="CSR" cols="80" rows="15"></textarea>
+</p>
+
+<fieldset>
+<legend>
+ <input type="checkbox" id="expertbox" onchange="showExpert(this.checked)" style="display:none" />
+ <label for="expertbox"><?=_("Advanced Options")?></label>
+</legend>
+<div id="advanced_options">
+
<? if($_SESSION['profile']['points'] >= 50) { ?>
-<input type="radio" name="rootcert" value="1"/> <?=_("Sign by class 1 root certificate")?><br />
-<input type="radio" name="rootcert" value="2" checked/> <?=_("Sign by class 3 root certificate")?><br />
+<ul class="no_indent">
+ <li>
+ <input type="radio" id="root1" name="rootcert" value="1" />
+ <label for="root1"><?=_("Sign by class 1 root certificate")?></label>
+ </li>
+ <li>
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" />
+ <label for="root2"><?=_("Sign by class 3 root certificate")?></label>
+ </li>
+</ul>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<? } ?>
-<p><?=_("Optional comment, only used in the certificate overview")?><br>
- <input type="text" name="description" maxlength="80" size=80/></p>
-<p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br />
-<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
- <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
+
+<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
+<ul class="no_indent">
+<?
+foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+?>
+ <li>
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
+ </li>
+<?
+}
+?>
+</ul>
+
+</div>
+</fieldset>
+
+<p><input type="checkbox" id="CCA" name="CCA" /> <label for="CCA"><strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please note: You need to accept the CCA to proceed.")?></label></p>
<input type="submit" name="process" value="<?=_("Submit")?>" />
<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
+
+
+<script language="javascript">
+function showExpert(a)
+{
+ var options=document.getElementById("advanced_options");
+ options.style.display = (a) ? "" : "none";
+
+ var checkbox=document.getElementById("expertbox");
+ checkbox.style.display = "";
+}
+showExpert(false);
+</script>
diff --git a/pages/account/16.php b/pages/account/16.php
index db8a8f5..8783bc5 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -25,47 +25,101 @@
<tr>
<td class="DataTD"><?=_("Add")?></td>
<td class="DataTD"><?=_("Address")?></td>
-<? if(array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_config']['emails']))
- foreach($_SESSION['_config']['emails'] as $val) { ?>
+<?
+if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_config']['emails'])) {
+ $i = 1;
+ foreach($_SESSION['_config']['emails'] as $val) {
+?>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="emails[]" value="<?=$val?>"/></td>
+ <td class="DataTD"><label for="email<?=$i?>"><?=_("Email")?></label></td>
+ <td class="DataTD"><input type="text" id="email<?=$i?>" name="emails[]" value="<?=$val?>"/></td>
</tr>
-<? } ?>
+<?
+ $i++;
+ }
+} ?>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="emails[]"/></td>
+ <td class="DataTD"><label for="email0"><?=_("Email")?></td>
+ <td class="DataTD"><input type="text" id="email0" name="emails[]"/></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Name")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
+ <td class="DataTD"><label for="name"><?=_("Name")?></label></td>
+ <td class="DataTD"><input type="text" id="name" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Department")?>:</td>
- <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?(sanitizeHTML($_SESSION['_config']['OU'])):''?>"/></td>
+ <td class="DataTD"><label for="OU"><?=_("Department")?></label></td>
+ <td class="DataTD"><input type="text" id="OU" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?(sanitizeHTML($_SESSION['_config']['OU'])):''?>"/></td>
</tr>
- <tr>
+
+ <tr name="expertoff" style="display:none">
+ <td class="DataTD">
+ <input type="checkbox" id="expertbox" name="expertbox" onchange="showExpert(this.checked)" />
+ </td>
+ <td class="DataTD">
+ <label for="expertbox"><?=_("Show advanced options")?></label>
+ </td>
+ </tr>
+ <tr name="expert">
+ <td class="DataTD" colspan="2" align="left">
+ <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?=_("Sign by class 3 root certificate")?></label><br />
+ <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 60))?>
+ </td>
+ </tr>
+
+ <tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
- <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
- <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 60))?>
+ <?=_("Hash algorithm used when signing the certificate:")?><br />
+ <?
+ foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+ ?>
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
+ <?
+ }
+ ?>
</td>
</tr>
+
<? if($_SESSION['profile']['codesign'] && $_SESSION['profile']['points'] >= 100) { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td>
+ <tr name="expert">
+ <td class="DataTD" colspan="2" align="left">
+ <input type="checkbox" id="codesign" name="codesign" value="1" />
+ <label for="codesign"><?=_("Code Signing")?></label>
+ </td>
</tr>
<? } ?>
- <tr>
- <td class="DataTD" colspan="2" align="left">
- <?=_("Optional comment, only used in the certificate overview")?><br />
- <input type="text" name="description" maxlength="80" size=80 />
- </td>
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <input type="text" id="description" name="description" maxlength="80" size="80" />
+ </td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
- <input type="submit" name="process" value="<?=_("Next")?>" /></td>
+ <td class="DataTD" colspan="2">
+ <input type="submit" name="add_email" value="<?=_("Add Another Email Address")?>">
+ <input type="submit" name="process" value="<?=_("Next")?>" />
+ </td>
</tr>
</table>
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
+
+<script language="javascript">
+function showExpert(a)
+{
+ b=document.getElementsByName("expert");
+ for(i=0;b.length>i;i++)
+ {
+ if(!a) {b[i].setAttribute("style","display:none"); }
+ else {b[i].removeAttribute("style");}
+ }
+ b=document.getElementsByName("expertoff");
+ for(i=0;b.length>i;i++)
+ {
+ b[i].removeAttribute("style");
+ }
+
+}
+showExpert(false);
+</script>
diff --git a/pages/account/20.php b/pages/account/20.php
index ee16dd4..89bbc30 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -27,13 +27,60 @@
<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
<form method="post" action="account.php">
-<input type="radio" name="rootcert" value="1" /> <?=_("Sign by class 1 root certificate")?><br />
-<input type="radio" name="rootcert" value="2" checked /> <?=_("Sign by class 3 root certificate")?><br />
-<p> <?=_("Optional comment, only used in the certificate overview")?><br />
- <input type="text" name="description" maxlength="80" size=80 /></p>
+<p><label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <input type="text" id="description" name="description" maxlength="80" size="80" />
+</p>
+<p><label for="CSR"><?=_("Paste your CSR (Certificate Signing Request) below...")?></label><br />
+ <textarea id="CSR" name="CSR" cols="80" rows="15"></textarea>
+</p>
+
+<fieldset>
+<legend>
+ <input type="checkbox" id="expertbox" onchange="showExpert(this.checked)" style="display:none" />
+ <label for="expertbox"><?=_("Advanced Options")?></label>
+</legend>
+<div id="advanced_options">
+<ul class="no_indent">
+ <li>
+ <input type="radio" id="root1" name="rootcert" value="1" />
+ <label for="root1"><?=_("Sign by class 1 root certificate")?></label>
+ </li>
+ <li>
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" />
+ <label for="root2"><?=_("Sign by class 3 root certificate")?></label>
+ </li>
+</ul>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
-<p><?=_("Paste your CSR below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br />
+
+<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
+<ul class="no_indent">
+<?
+foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+?>
+ <li>
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
+ </li>
+<?
+}
+?>
+</ul>
+
+</div>
+</fieldset>
+
<input type="submit" name="process" value="<?=_("Submit")?>" />
<input type="hidden" name="oldid" value="<?=$id?>" />
-</form> \ No newline at end of file
+</form>
+
+<script language="javascript">
+function showExpert(a)
+{
+ var options=document.getElementById("advanced_options");
+ options.style.display = (a) ? "" : "none";
+
+ var checkbox=document.getElementById("expertbox");
+ checkbox.style.display = "";
+}
+showExpert(false);
+</script>
diff --git a/pages/account/3.php b/pages/account/3.php
index 7e34300..cd62ce0 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -34,6 +34,7 @@
<tr>
<td class="DataTD"><?=_("Add")?></td>
<td class="DataTD"><?=_("Address")?></td>
+ </tr>
<?
$query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
@@ -41,8 +42,8 @@
while($row = mysql_fetch_assoc($res))
{ ?>
<tr>
- <td class="DataTD"><input type="checkbox" name="addid[]" value="<?=intval($row['id'])?>"></td>
- <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
+ <td class="DataTD"><input type="checkbox" id="addid<?=intval($row['id'])?>" name="addid[]" value="<?=intval($row['id'])?>"></td>
+ <td class="DataTD" align="left"><label for="addid<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></label></td>
</tr>
<? }
if($_SESSION['profile']['points'] >= 50)
@@ -52,81 +53,120 @@ if($_SESSION['profile']['points'] >= 50)
$lname = $_SESSION['profile']['lname'];
$suffix = $_SESSION['profile']['suffix'];
?>
- <td class="DataTD" colspan="2" align="left">
- <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
- <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
- <?=str_replace("\n", "<br />\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
- </td>
- </tr>
<tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="incname" value="0" checked /> <?=_("No Name")?><br />
- <? if($fname && $lname) { ?><input type="radio" name="incname" value="1" /> <?=_("Include")?> '<?=$fname." ".$lname?>'<br /><? } ?>
- <? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br /><? } ?>
- <? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3" /> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br /><? } ?>
- <? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br /><? } ?>
+ <input type="radio" id="incname0" name="incname" value="0" checked="checked" />
+ <label for="incname0"><?=_("No Name")?></label><br />
+ <? if($fname && $lname) { ?>
+ <input type="radio" id="incname1" name="incname" value="1" />
+ <label for="incname1"><?=_("Include")?> '<?=$fname." ".$lname?>'</label><br />
+ <? } ?>
+ <? if($fname && $mname && $lname) { ?>
+ <input type="radio" id="incname2" name="incname" value="2" />
+ <label for="incname2"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'</label><br />
+ <? } ?>
+ <? if($fname && $lname && $suffix) { ?>
+ <input type="radio" id="incname3" name="incname" value="3" />
+ <label for="incname3"><?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'</label><br />
+ <? } ?>
+ <? if($fname && $mname && $lname && $suffix) { ?>
+ <input type="radio" id="incname4" name="incname" value="4" />
+ <label for="incname4"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'</label><br />
+ <? } ?>
</td>
</tr>
<? } ?>
-<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
+
<tr>
<td class="DataTD">
- <input type="checkbox" name="codesign" value="1" />
+ <input type="checkbox" id="login" name="login" value="1" checked="checked" />
</td>
<td class="DataTD" align="left">
- <?=_("Code Signing")?><br />
- <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
+ <label for="login"><?=_("Enable certificate login with this certificate")?><br />
+ <?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?></label>
</td>
</tr>
-<? } ?>
-
<tr>
+ <td class="DataTD" colspan="2" align="left">
+ <label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <input type="text" id="description" name="description" maxlength="100" size="100" />
+ </td>
+ </tr>
+
+ <tr name="expertoff" style="display:none">
<td class="DataTD">
- <input type="checkbox" name="login" value="1" checked="checked" />
+ <input type="checkbox" id="expertbox" name="expertbox" onchange="showExpert(this.checked)" />
</td>
- <td class="DataTD"> <?=_("Enable certificate login with this certificate")?><br />
- <?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?><br/>
+ <td class="DataTD" align="left">
+ <label for="expertbox"><?=_("Show advanced options")?></label>
</td>
</tr>
- <tr>
- <td class="DataTD" colspan="2" align="left">
- <?=_("Optional comment, only used in the certificate overview")?><br />
- <input type="text" name="description" maxlength="100" size="100" />
- </td>
+
+<?
+if($_SESSION['profile']['points'] >= 50)
+{
+?>
+ <tr name="expert">
+ <td class="DataTD" colspan="2" align="left">
+ <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?=_("Sign by class 3 root certificate")?></label><br />
+ <?=str_replace("\n", "<br />\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 125))?>
+ </td>
</tr>
+<? } ?>
- <tr name="expertoff" style="display:none">
+ <tr name="expert">
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Hash algorithm used when signing the certificate:")?><br />
+ <?
+ foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+ ?>
+ <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
+ <?
+ }
+ ?>
+ </td>
+ </tr>
+
+<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
+ <tr name="expert">
<td class="DataTD">
- <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)" />
+ <input type="checkbox" id="codesign" name="codesign" value="1" />
</td>
+ <td class="DataTD" align="left">
+ <label for="codesign"><?=_("Code Signing")?><br />
+ <?=_("Please note: By ticking this box you will automatically have your name included in the certificate.")?></label>
+ </td>
+ </tr>
+<? } ?>
+
+ <tr name="expert">
<td class="DataTD">
- <?=_("Show advanced options")?>
+ <input type="checkbox" id="SSO" name="SSO" value="1" />
+ </td>
+ <td class="DataTD" align="left">
+ <label for="SSO"><?=_("Add Single Sign On ID Information")?><br />
+ <?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
+ <a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a></label>
</td>
</tr>
<tr name="expert">
- <td class="DataTD" colspan="2" align="left">
- <input type="radio" name="SSO" value="0" checked /> <?=_("No Single Sign On ID")?><br />
- <input type="radio" name="SSO" value="1" /> <?=_("Add Single Sign On ID Information")?><br />
- <?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
- <a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a>
+ <td class="DataTD" colspan="2">
+ <label for="optionalCSR"><?=_("Optional Client CSR, no information on the certificate will be used")?></label><br />
+ <textarea id="optionalCSR" name="optionalCSR" cols="80" rows="5"></textarea>
</td>
</tr>
- <tr name="expert">
- <td class="DataTD" colspan="2"><?=_("Optional Client CSR, no information on the certificate will be used")?></td>
- </tr>
- <tr name="expert">
- <td class="DataTD" colspan="2"><textarea name="optionalCSR" cols="80" rows="5"></textarea></td>
- </tr>
- <tr>
+ <tr>
<td class="DataTD">
- <input type="checkbox" name="CCA" />
+ <input type="checkbox" id="CCA" name="CCA" />
</td>
<td class="DataTD" align="left">
- <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
- <?=_("Please Note: You need to accept the CCA to proceed.")?>
+ <label for="CCA"><strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please note: You need to accept the CCA to proceed.")?></label>
</td>
</tr>
<tr>
@@ -154,4 +194,3 @@ function showExpert(a)
}
showExpert(false);
</script>
-
diff --git a/pages/account/55.php b/pages/account/55.php
index 6793a71..24cc86d 100644
--- a/pages/account/55.php
+++ b/pages/account/55.php
@@ -1,113 +1,122 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
- if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
- $user_id = intval($_SESSION['profile']['id']);
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="5" class="title"><?=_("Your passed Tests")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
- </tr>
-</table>
-<?
- } else {
- $user_id = intval($_REQUEST['userid']);
- $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
- {
- echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
- } else {
- $row = mysql_fetch_assoc($res);
- }
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="5" class="title"><?=_("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
- </tr>
-</table>
-
-<?
- }
-?>
-<br>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td class="DataTD"><b><?=_("Date")?></b></td>
- <td class="DataTD"><b><?=_("Test")?></b></td>
- <td class="DataTD"><b><?=_("Variant")?></b></td>
- </tr>
-<?
- $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
- " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
- " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'".
- " ORDER BY `CP`.`pass_date`";
-
- $res = mysql_query($query);
-
- $HaveTest=0;
- while($row = mysql_fetch_array($res, MYSQL_NUM))
- {
- if ($row[1] == "Assurer Challenge") {
- $HaveTest=1;
- }
-?>
- <tr>
- <td class="DataTD"><?=sanitizeHTML($row[0])?></td>
- <td class="DataTD"><?=sanitizeHTML($row[1])?></td>
- <td class="DataTD"><?=sanitizeHTML($row[2])?></td>
- </tr>
-<? }
-?>
-</table>
-<br>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
-<?
- if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
-?>
- <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr>
-<?
- } else {
- $query = 'SELECT `u`.id, `u`.`assurer`, SUM(`points`) FROM `users` AS `u`, `notary` AS `n` '.
- ' WHERE `u`.`id` = \''.(int)intval($_SESSION['profile']['id']).'\' AND `n`.`to` = `u`.`id` AND `expire` < now() and and `n`.`deleted` = 0'.
- ' GROUP BY `u`.id, `u`.`assurer`';
- $res = mysql_query($query);
- if (!$res) {
- print '<td colspan="3" class="DataTD">'._('Internal Error').'</td>'."\n";
- } else {
- $row = mysql_fetch_array($res, MYSQL_NUM);
- if ($HaveTest && ($row[2]>=100)) {
- if (!$row[1]) {
- // This should not happen...
- fix_assurer_flag($_SESSION['profile']['id']);
- }
-?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td>
-<? } elseif (($row[2]>=100) && !$HaveTest) {
-?> <td colspan="3" class="DataTD"><?=_("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td>
-<? } elseif ($HaveTest && ($row[2]<100)) {
-?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td>
-<? }
- }
- }
-?> </tr>
-</table>
-
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?
+ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+ $user_id = intval($_SESSION['profile']['id']);
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?=_("Your passed Tests")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
+ </tr>
+</table>
+<?
+ } else {
+ $user_id = intval($_REQUEST['userid']);
+ $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
+ } else {
+ $row = mysql_fetch_assoc($res);
+ }
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?=_("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
+ </tr>
+</table>
+
+<?
+ }
+?>
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="DataTD"><b><?=_("Date")?></b></td>
+ <td class="DataTD"><b><?=_("Test")?></b></td>
+ <td class="DataTD"><b><?=_("Variant")?></b></td>
+ </tr>
+<?
+ $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
+ " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
+ " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'".
+ " ORDER BY `CP`.`pass_date`";
+
+ $res = mysql_query($query);
+
+ $HaveTest=0;
+ while($row = mysql_fetch_array($res, MYSQL_NUM))
+ {
+ if ($row[1] == "Assurer Challenge") {
+ $HaveTest=1;
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=sanitizeHTML($row[0])?></td>
+ <td class="DataTD"><?=sanitizeHTML($row[1])?></td>
+ <td class="DataTD"><?=sanitizeHTML($row[2])?></td>
+ </tr>
+<? }
+?>
+</table>
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+<?
+ if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+?>
+ <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr>
+<?
+ } else {
+ $query = '
+ SELECT `u`.`id`,
+ `u`.`assurer`,
+ SUM(`points`)
+ FROM `users` AS `u`,
+ `notary` AS `n`
+ WHERE `u`.`id` = \''.intval($_SESSION['profile']['id']).'\'
+ AND `n`.`to` = `u`.`id`
+ AND `expire` < NOW()
+ AND `n`.`deleted` = 0
+ GROUP BY `u`.`id`, `u`.`assurer`
+ ';
+ $res = mysql_query($query);
+ if (!$res) {
+ print '<td colspan="3" class="DataTD">'._('Internal Error').'</td>'."\n";
+ } else {
+ $row = mysql_fetch_array($res, MYSQL_NUM);
+ if ($HaveTest && ($row[2]>=100)) {
+ if (!$row[1]) {
+ // This should not happen...
+ fix_assurer_flag($_SESSION['profile']['id']);
+ }
+?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td>
+<? } elseif (($row[2]>=100) && !$HaveTest) {
+?> <td colspan="3" class="DataTD"><?=_("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td>
+<? } elseif ($HaveTest && ($row[2]<100)) {
+?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td>
+<? }
+ }
+ }
+?> </tr>
+</table>
+
diff --git a/pages/account/56.php b/pages/account/56.php
index 348cc49..cabe8e0 100644
--- a/pages/account/56.php
+++ b/pages/account/56.php
@@ -1,41 +1,41 @@
-<? /*
-LibreSSL - CAcert web application
-Copyright (C) 2004-2008 CAcert Inc.
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; version 2 of the License.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?=_("List of Organisation Assurers:")?>
-
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="1" class="title"><?=_("Name")?></td>
- <td colspan="1" class="title"><?=_("Email")?></td>
- <td colspan="1" class="title"><?=_("Country")?></td>
- </tr>
- <?
- $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- ?>
- <tr>
- <td><?=sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td>
- <td><a href="mailto:<?=sanitizeHTML($row['email'])?>"><?=sanitizeHTML($row['email'])?></a></td>
- <td><?=sanitizeHTML($row['name'])?></td>
- </tr>
- <?
- }
-?>
-</table>
-
+<? /*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2008 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?=_("List of Organisation Assurers:")?>
+
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="1" class="title"><?=_("Name")?></td>
+ <td colspan="1" class="title"><?=_("Email")?></td>
+ <td colspan="1" class="title"><?=_("Country")?></td>
+ </tr>
+ <?
+ $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ ?>
+ <tr>
+ <td><?=sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td>
+ <td><a href="mailto:<?=sanitizeHTML($row['email'])?>"><?=sanitizeHTML($row['email'])?></a></td>
+ <td><?=sanitizeHTML($row['name'])?></td>
+ </tr>
+ <?
+ }
+?>
+</table>
+
diff --git a/pages/wot/9.php b/pages/wot/9.php
index 3cdf259..20f2c6d 100644
--- a/pages/wot/9.php
+++ b/pages/wot/9.php
@@ -26,7 +26,7 @@
} else {
$user = mysql_fetch_array($res);
- $userlang = $user['language'];
+ $userlang = L10n::normalise_translation($user['language']);
$points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
where `to`='".intval($user['id'])."' and `deleted`=0 group by `to` HAVING SUM(`points`) > 0"));
if($points <= 0) {
diff --git a/www/styles/default.css b/www/styles/default.css
index a7ba2a8..4ddfbba 100644
--- a/www/styles/default.css
+++ b/www/styles/default.css
@@ -94,6 +94,14 @@ ul.no_indent {
padding: 0px;
}
+.attach_ul {
+ margin-bottom: 0px;
+}
+
+.attach_ul + ul {
+ margin-top: 0px;
+}
+
/***********************************************/
/* Layout Divs */
@@ -414,10 +422,6 @@ a.glink:hover {
color: #000000;
}
-.story p {
- padding: 0px 0px 10px 0px;
-}
-
.story a.capsule {
font: bold 1em Arial,sans-serif;
color: #005FA9;