diff options
| -rw-r--r-- | includes/account.php | 10 | ||||
| -rw-r--r-- | includes/notary.inc.php | 20 | ||||
| -rw-r--r-- | pages/account/13.php | 2 | ||||
| -rw-r--r-- | pages/account/43.php | 2 | ||||
| -rw-r--r-- | pages/account/59.php | 372 |
5 files changed, 216 insertions, 190 deletions
diff --git a/includes/account.php b/includes/account.php index a7a69c2..2960954 100644 --- a/includes/account.php +++ b/includes/account.php @@ -2701,7 +2701,7 @@ } //check if ticket number was entered - if ( $id == 43 or $oldid == 43 or $id == 44 or $oldid == 44) { + if ( $id == 43 || $oldid == 43 || $id == 44 || $oldid == 44) { $ticketvalidation = FALSE; if ($ticketno != "" ) { $ticketno = mysql_real_escape_string(trim($_REQUEST['ticketno'])); @@ -3238,11 +3238,11 @@ } */ if($id == 59){ - if ($oldid==43) { + if ($oldid == 43 && $_SESSION['profile']['admin'] == 1) { write_se_log($_REQUEST['userid'], $_SESSION['profile']['id'], 'View account history', $_REQUEST['ticketno']); - $support=1; - }ELSEIF ($oldid==13){ - $support=0; + $_SESSION['support']=1; + }ELSEIF ($oldid == 13 && $_REQUEST['userid'] == $_SESSION['profile']['id']){ + $_SESSION['support']=0; }ELSE{ showheader(_("My CAcert.org Account!")); echo _("You do not have access to this page."); diff --git a/includes/notary.inc.php b/includes/notary.inc.php index 83709c1..2b2fbe6 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -1268,8 +1268,8 @@ function get_se_log($userid){ * @param integer $viewall- states if expired certs should be visible , default = 0 - not visible * @return */ +//add to account/5.php function get_client_certs($userid,$viewall=0){ - //add to account/5.php $userid = intval($userid); $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`, UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, @@ -1428,7 +1428,7 @@ function output_log_agreement_header(){ <td class="DataTD bold"><?= _("Agreement") ?></td> <td class="DataTD bold"><?= _("Date") ?></td> <td class="DataTD bold"><?= _("Method") ?></td> - <td class="DataTD bold"><?= _("Comment") ?></td> + <td class="DataTD bold"><?= _("Active ") ?></td> </tr> <? } @@ -1445,7 +1445,7 @@ function output_log_agreement($row){ <td class="DataTD" ><?=$row['document']?></td> <td class="DataTD" ><?=$row['date']?></td> <td class="DataTD" ><?=$row['method']?></td> - <td class="DataTD"><?= ($row['active']==0)? _('No'):_('Yes')?></td> + <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td> </tr> <? } @@ -1534,8 +1534,8 @@ function output_log_se($row, $support=0){ * @return */ function output_client_cert_header($support=0){ - ?> //should be added to account/5.php + ?> <tr> <?if ($support !=1) { ?> <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> @@ -1630,8 +1630,8 @@ function output_client_cert($row, $support=0){ * @return */ function output_log_server_certs_header($support=0){ - ?> //should be entered in account/12.php + ?> <tr> <?if ($support !=1) { ?> <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> @@ -1707,7 +1707,7 @@ function output_gpg_certs_header($support=0){ <td class="DataTD"><?=_("Email Address")?></td> <td class="DataTD"><?=_("Expires")?></td> <td class="DataTD"><?=_("Key ID")?></td> - <?if (1==$support) { ?> + <?if ($support !=1) { ?> <td colspan="2" class="DataTD"><?=_("Comment *")?></td> <? }?> </tr> @@ -1733,7 +1733,7 @@ function output_gpg_certs($row, $support=0){ <tr> <? if($verified == _("Valid")) { ?> <td class="DataTD"><?=$verified?></td> - <?if (1==$support) { ?> + <?if ($support !=1) { ?> <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td> <? } else { ?> <td class="DataTD"><?=$row['email']?></td> @@ -1743,19 +1743,19 @@ function output_gpg_certs($row, $support=0){ <td class="DataTD"><?=$row['email']?></td> <? } else { ?> <td class="DataTD"><?=$verified?></td> - <?if (1==$support) { ?> + <?if ($support !=1) { ?> <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td> <? } else { ?> <td class="DataTD"><?=$row['email']?></td> <? } ?> <? } ?> <td class="DataTD"><?=$row['expires']?></td> - <?if (1==$support) { ?> + <?if ($support != 1) { ?> <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['keyid']?></a></td> <? } else { ?> <td class="DataTD"><?=$row['keyid']?></td> <? } ?> - <?if (1==$support) { ?> + <?if ($support !=1) { ?> <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td> <? } ?> diff --git a/pages/account/13.php b/pages/account/13.php index 7aa95f1..ea9811a 100644 --- a/pages/account/13.php +++ b/pages/account/13.php @@ -123,7 +123,7 @@ </tr> <? } ?> <tr> - <td colspan="2" class="title"><a href="account.php?id=59&userid=<?=$_SESSION['profile']['id']?>"><?=_('Show account history')?></a></td> + <td colspan="2" class="title"><a href="account.php?id=59&oldid=13&userid=<?=$_SESSION['profile']['id']?>"><?=_('Show account history')?></a></td> </tr> <tr> <td colspan="2" class="title"><a href="account.php?id=13&showdetails=<?=!$showdetails?>"><?=_("View secret question & answers and OTP phrases")?></a></td> diff --git a/pages/account/43.php b/pages/account/43.php index 5214043..bee4b20 100644 --- a/pages/account/43.php +++ b/pages/account/43.php @@ -392,7 +392,7 @@ if(intval($_REQUEST['userid']) > 0) { // show account history ?> <tr> - <td class="DataTD" colspan="2"><a href="account.php?id=59&userid=<?=intval($row['id'])?>&ticketno=<?=$ticketno?>"><?=_('Show account history')?></a></td> + <td class="DataTD" colspan="2"><a href="account.php?id=59&oldid=43&userid=<?=intval($row['id'])?>&ticketno=<?=$ticketno?>"><?=_('Show account history')?></a></td> </tr> </table> <br/> diff --git a/pages/account/59.php b/pages/account/59.php index f9aadab..0eaafc4 100644 --- a/pages/account/59.php +++ b/pages/account/59.php @@ -1,30 +1,30 @@ <?/* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. + LibreSSL - CAcert web application + Copyright (C) 2004-2008 CAcert Inc. - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); $colspandefault=2; -//$userid = intval($_REQUEST['userid']); +$userid = intval($_REQUEST['userid']); $res =get_user_data($userid); if(mysql_num_rows($res) <= 0) { - echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!"); - exit; + echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!"); + exit; } $row = mysql_fetch_assoc($res); @@ -34,113 +34,116 @@ $mname = $row['mname']; $lname = $row['lname']; $suffix = $row['suffix']; $dob = $row['dob']; -$name = $fname." ".$mname." ".$lname." ".$suffix; +$username = $fname." ".$mname." ".$lname." ".$suffix; $email = $row['email']; $alerts =get_alerts($userid); - - +$support=0; +if(intval($_REQUEST['oldid'])==43){ + $support=$_SESSION['profile']['admin']; +} ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="<? $colspandefault ?>" class="title"><?=sprintf(_('Account history of %s'),'username')?></td> - </tr> - <tr> - <td colspan="<? $colspandefault ?>" class="title"><?=_('User actions')?></td> - </tr> - <tr> - <td class="DataTD"><?=_('User name')?></td> - <td class="DataTD"><?=$name?></td> - </tr> - <tr> - <td class="DataTD"><?=_('Date of Birth')?></td> - <td class="DataTD"><?=$dob?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Is Assurer")?>:</td> - <td class="DataTD"><?= ($row['assurer']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Blocked Assurer")?>:</td> - <td class="DataTD"><?= ($row['assurer_blocked']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Account Locking")?>:</td> - <td class="DataTD"><?= ($row['locked']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Code Signing")?>:</td> - <td class="DataTD"><?= ($row['codesign']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Org Assurer")?>:</td> - <td class="DataTD"><?= ($row['orgadmin']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("TTP Admin")?>:</td> - <td class="DataTD"><?= $row['ttpadmin']._(' - 0 = none, 1 = TTP Admin, 2 = TTP TOPUP admin')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Location Admin")?>:</td> - <td class="DataTD"><?= ($row['locadmin']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Admin")?>:</td> - <td class="DataTD"><?= ($row['admin']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Ad Admin")?>:</td> - <td class="DataTD"><?= $row['adadmin']._(' - 0 = none, 1 = submit, 2 = approve')?></td> - </tr> - <td class="DataTD"><?=_("General Announcements")?>:</td> - <td class="DataTD"><?= ($alerts['general']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Country Announcements")?>:</td> - <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Regional Announcements")?>:</td> - <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Within 200km Announcements")?>:</td> - <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> - </tr> + <tr> + <td colspan="<?=$colspandefault ?>" class="title"><?=sprintf(_('Account history of %s'),$username)?></td> + </tr> + <tr> + <td colspan="<?=$colspandefault ?>" class="title"><?=_('User actions')?></td> + </tr> + <tr> + <td class="DataTD"><?=_('User name')?></td> + <td class="DataTD"><?=$username?></td> + </tr> + <tr> + <td class="DataTD"><?=_('Date of Birth')?></td> + <td class="DataTD"><?=$dob?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Is Assurer")?>:</td> + <td class="DataTD"><?= ($row['assurer']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Blocked Assurer")?>:</td> + <td class="DataTD"><?= ($row['assurer_blocked']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Account Locking")?>:</td> + <td class="DataTD"><?= ($row['locked']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Code Signing")?>:</td> + <td class="DataTD"><?= ($row['codesign']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Org Assurer")?>:</td> + <td class="DataTD"><?= ($row['orgadmin']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("TTP Admin")?>:</td> + <td class="DataTD"><?= $row['ttpadmin']._(' - 0 = none, 1 = TTP Admin, 2 = TTP TOPUP admin')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Location Admin")?>:</td> + <td class="DataTD"><?= ($row['locadmin']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Admin")?>:</td> + <td class="DataTD"><?= ($row['admin']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Ad Admin")?>:</td> + <td class="DataTD"><?= $row['adadmin']._(' - 0 = none, 1 = submit, 2 = approve')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("General Announcements")?>:</td> + <td class="DataTD"><?= ($alerts['general']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Country Announcements")?>:</td> + <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Regional Announcements")?>:</td> + <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Within 200km Announcements")?>:</td> + <td class="DataTD"><?= ($row['id']==0)? _('No'):_('Yes')?></td> + </tr> </table> <br/> <? $dres = get_email_address($userid,'',1); if(mysql_num_rows($dres) > 0) { ?> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="3" class="title"><?=_('Email addresses')?></td> - </tr> + <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="3" class="title"><?=_('Email addresses')?></td> + </tr> <? -output_log_email_header(); -while($drow = mysql_fetch_assoc($dres)) -{ - output_log_email($drow,$email); -} ?> + output_log_email_header(); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_email($drow,$email); + } ?> </table> <br/> -<? +<?} $dres = get_domains($userid,'',1); ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="3" class="title"><?=_('Domains')?></td> - </tr> + <tr> + <td colspan="3" class="title"><?=_('Domains')?></td> + </tr> <? if(mysql_num_rows($dres) > 0) { - output_log_domain_header(); - while($drow = mysql_fetch_assoc($dres)) - { - output_log_domain($drow,$email); - } + output_log_domains_header(); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_domains($drow,$email); + } }ELSE{?> - <td colspan="3" ><?=_('no entry avialable')?></td> + <td colspan="3" ><?=_('no entry avialable')?></td> <?}?> </table> <br/> @@ -149,19 +152,19 @@ if(mysql_num_rows($dres) > 0) { $dres = get_training_result($userid); ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="3" class="title"><?=_('Trainings')?></td> - </tr> + <tr> + <td colspan="3" class="title"><?=_('Trainings')?></td> + </tr> <? -if(mysql_num_rows($dres) > 0) { - output_log_training_header(); - while($drow = mysql_fetch_assoc($dres)) - { - output_log_training($drow); - } -}ELSE{ - ?><td colspan="3" ><?=_('no entry avialable')?></td><? -}?> + if(mysql_num_rows($dres) > 0) { + output_log_training_header(); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_training($drow); + } + }ELSE{ + ?><td colspan="3" ><?=_('no entry avialable')?></td><? + }?> </table> <br/> @@ -169,90 +172,113 @@ if(mysql_num_rows($dres) > 0) { $dres = get_user_agreement($userid,'',1); ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="4" class="title"><?=_('User agreements')?></td> - </tr> + <tr> + <td colspan="4" class="title"><?=_('User agreements')?></td> + </tr> <? -if(mysql_num_rows($dres) > 0) { - output_log_agreement_header(); - while($drow = mysql_fetch_assoc($dres)) - { - output_log_agreement($drow); - } -}ELSE{ - ?><td colspan="4" ><?=_('no entry avialable')?></td><? -}?> + if(mysql_num_rows($dres) > 0) { + output_log_agreement_header(); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_agreement($drow); + } + }ELSE{ + ?><td colspan="4" ><?=_('no entry avialable')?></td><? + }?> </table> <br/> <? -$dres = get_client_certs($userid); +$dres = get_client_certs($userid,1); $colspan=10; if (1==$support) { - $colspan=7; + $colspan=7; } ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="<? $colspan?>" class="title"><?=_('Client certificates')?></td> - </tr> + <tr> + <td colspan="<?=$colspan?>" class="title"><?=_('Client certificates')?></td> + </tr> <? -if(mysql_num_rows($dres) > 0) { - output_client_cert_header($support); - while($drow = mysql_fetch_assoc($dres)) - { - output_client_cert($drow,$support); - } -}ELSE{ - ?><td colspan="<? $colspan?>" ><?=_('no entry avialable')?></td><? -}?> + if(mysql_num_rows($dres) > 0) { + output_client_cert_header($support); + while($drow = mysql_fetch_assoc($dres)) + { + output_client_cert($drow,$support); + } + }ELSE{ + ?><td colspan="<?=$colspan?>" ><?=_('no entry avialable')?></td><? + }?> </table> <br/> <? -$dres = get_server_certs($userid); -$colspan=8; -if (1==$support) { - $colspan=5; +$dres = get_server_certs($userid,1); +$colspan = 8; +if (1 == $support) { + $colspan = 5; } ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="<? $colspan?>" class="title"><?=_('Server certificates')?></td> - </tr> + <tr> + <td colspan="<?=$colspan?>" class="title"><?=_('Server certificates')?></td> + </tr> <? -if(mysql_num_rows($dres) > 0) { - output_log_server_certs_header($support); - while($drow = mysql_fetch_assoc($dres)) - { - output_log_server_certs($drow,$support); - } -}ELSE{ - ?><td colspan="<? $colspan?>" ><?=_('no entry avialable')?></td><? -}?> + if(mysql_num_rows($dres) > 0) { + output_log_server_certs_header($support); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_server_certs($drow,$support); + } + }ELSE{ + ?><td colspan="<?=$colspan?>" ><?=_('no entry avialable')?></td><? + }?> </table> <br/> <? -$dres = get_server_certs($userid); -$colspan=6; -if (1==$support) { - $colspan=4; +$dres = get_gpg_certs($userid,1); +$colspan = 6; +if (1 == $support) { + $colspan = 4; } ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="<? $colspan?>" class="title"><?=_('Server certificates')?></td> - </tr> + <tr> + <td colspan="<?=$colspan?>" class="title"><?=_('GPG/PGP certificates')?></td> + </tr> <? -if(mysql_num_rows($dres) > 0) { - output_log_server_certs_header($support); - while($drow = mysql_fetch_assoc($dres)) - { - output_log_server_certs($drow,$support); - } -}ELSE{ - ?><td colspan="<? $colspan?>" ><?=_('no entry avialable')?></td><? -}?> + if(mysql_num_rows($dres) > 0) { + output_gpg_certs_header($support); + while($drow = mysql_fetch_assoc($dres)) + { + output_gpg_certs($drow,$support); + } + }ELSE{ + ?><td colspan="<?=$colspan?>" ><?=_('no entry avialable')?></td><? + }?> +</table> +<br/> + +<? +$dres = get_se_log($userid); +$colspan = 2; +if (1 == $support) { + $colspan = 4; +} +?> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="<?=$colspan?>" class="title"><?=_('Admin log')?></td> + </tr> +<? + if(mysql_num_rows($dres) > 0) { + output_log_se_header($support); + while($drow = mysql_fetch_assoc($dres)) + { + output_log_se($drow,$support); + } + }ELSE{ + ?><td colspan="<?=$colspan?>" ><?=_('no entry avialable')?></td><? + }?> </table> -}
\ No newline at end of file |