summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xCommModule/client.pl6
-rwxr-xr-xCommModule/server.pl25
-rw-r--r--Makefile7
-rwxr-xr-xcacertupload.pl59
-rw-r--r--includes/account.php287
-rw-r--r--includes/account_stuff.php363
-rw-r--r--includes/general.php210
-rw-r--r--includes/general_stuff.php18
-rw-r--r--includes/keygen.php128
-rw-r--r--includes/lib/account.php98
-rw-r--r--includes/lib/check_weak_key.php323
-rw-r--r--includes/lib/general.php163
-rw-r--r--includes/lib/l10n.php343
-rw-r--r--includes/loggedin.php29
-rw-r--r--includes/mysql.php.sample5
-rw-r--r--includes/notary.inc.php675
-rw-r--r--includes/tverify_stuff.php2
-rw-r--r--includes/wot.inc.php640
-rw-r--r--locale/.gitignore3
-rw-r--r--locale/Makefile184
-rw-r--r--locale/escape_special_chars.php80
-rwxr-xr-xlocale/make.php35
-rw-r--r--pages/account/0.php3
-rw-r--r--pages/account/10.php3
-rw-r--r--pages/account/12.php16
-rw-r--r--pages/account/13.php22
-rw-r--r--pages/account/14.php10
-rw-r--r--pages/account/16.php2
-rw-r--r--pages/account/17.php122
-rw-r--r--pages/account/18.php29
-rw-r--r--pages/account/22.php12
-rw-r--r--pages/account/24.php26
-rw-r--r--pages/account/25.php28
-rw-r--r--pages/account/27.php16
-rw-r--r--pages/account/29.php4
-rw-r--r--pages/account/30.php3
-rw-r--r--pages/account/31.php2
-rw-r--r--pages/account/32.php6
-rw-r--r--pages/account/33.php17
-rw-r--r--pages/account/34.php2
-rw-r--r--pages/account/35.php117
-rw-r--r--[-rwxr-xr-x]pages/account/37.php21
-rw-r--r--[-rwxr-xr-x]pages/account/38.php25
-rw-r--r--pages/account/4.php175
-rw-r--r--[-rwxr-xr-x]pages/account/40.php59
-rw-r--r--pages/account/41.php21
-rw-r--r--pages/account/43.php551
-rw-r--r--pages/account/49.php16
-rw-r--r--pages/account/5.php7
-rw-r--r--pages/account/57.php107
-rw-r--r--pages/account/58.php61
-rw-r--r--pages/help/0.php19
-rw-r--r--pages/help/2.php69
-rw-r--r--pages/help/3.php78
-rw-r--r--pages/help/4.php35
-rw-r--r--pages/help/5.php8
-rw-r--r--pages/help/6.php18
-rw-r--r--pages/help/7.php16
-rw-r--r--pages/help/8.php10
-rw-r--r--pages/help/9.php51
-rw-r--r--pages/index/0.php49
-rw-r--r--pages/index/1.php46
-rw-r--r--pages/index/10.php13
-rw-r--r--pages/index/11.php54
-rw-r--r--pages/index/12.php21
-rw-r--r--pages/index/13.php24
-rw-r--r--pages/index/16.php2
-rw-r--r--pages/index/21.php10
-rw-r--r--pages/index/3.php61
-rw-r--r--pages/index/4.php10
-rw-r--r--pages/index/6.php4
-rw-r--r--pages/index/8.php18
-rw-r--r--pages/wot/10.php23
-rw-r--r--pages/wot/11.php52
-rw-r--r--pages/wot/14.php47
-rw-r--r--pages/wot/15.php29
-rw-r--r--pages/wot/2.php25
-rw-r--r--pages/wot/4.php74
-rw-r--r--pages/wot/5.php19
-rw-r--r--pages/wot/6.php173
-rw-r--r--pages/wot/9.php9
-rwxr-xr-xpassword.dat.sample2
-rw-r--r--scripts/37de-blit2011-email.txt18
-rw-r--r--scripts/37de-blit2011-mail.php.txt106
-rw-r--r--scripts/38us-fudcon2012-email.txt17
-rw-r--r--scripts/38us-fudcon2012-mail.php.txt107
-rw-r--r--scripts/39uk-ate-manchester-email.txt40
-rw-r--r--scripts/39uk-ate-manchester-mail.php.txt108
-rw-r--r--scripts/40de-ate-hamburg-email.txt66
-rw-r--r--scripts/40de-ate-hamburg-mail.php.txt112
-rw-r--r--scripts/41de-ate-jena-email.txt33
-rw-r--r--scripts/41de-ate-jena-mail.php.txt109
-rw-r--r--scripts/42de-ate-leipzig-email.txt39
-rw-r--r--scripts/42de-ate-leipzig-mail.php.txt114
-rw-r--r--scripts/43de-ate-karlsruhe-email.txt103
-rw-r--r--scripts/43de-ate-karlsruhe-mail.php.txt155
-rw-r--r--scripts/44de-ate-duesseldorf-email.txt104
-rw-r--r--scripts/44de-ate-duesseldorf-mail.php.txt160
-rw-r--r--scripts/45au-ate-melbourne-email.txt32
-rw-r--r--scripts/45au-ate-melbourne-mail.php.txt106
-rw-r--r--scripts/46us-ate-raleigh-email.txt41
-rw-r--r--scripts/46us-ate-raleigh-mail.php.txt112
-rw-r--r--scripts/47us-fudcon-lawrence-email.txt26
-rw-r--r--scripts/47us-fudcon-lawrence-mail.php.txt109
-rw-r--r--scripts/48de-ate-kiel-email.txt68
-rw-r--r--scripts/48de-ate-kiel-mail.php.txt114
-rw-r--r--[-rwxr-xr-x]scripts/DumpWeakCerts.pl0
-rw-r--r--scripts/assurer.php2
-rwxr-xr-xscripts/cron/permissionreview.php217
-rwxr-xr-xscripts/cron/removedead.php (renamed from scripts/removedead.php)11
-rwxr-xr-xscripts/cron/updatesort.php (renamed from scripts/updatesort.php)17
-rwxr-xr-xscripts/cron/warning.php (renamed from scripts/warning.php)57
-rwxr-xr-xscripts/db_migrations/version1.sh164
-rwxr-xr-xscripts/db_migrations/version2.sh96
-rw-r--r--[-rwxr-xr-x]scripts/mail-weak-keys.php0
-rw-r--r--[-rwxr-xr-x]scripts/mass-revoke.php0
-rw-r--r--scripts/oa01-allowance.php.txt93
-rw-r--r--scripts/oa01-allowance.txt159
-rw-r--r--scripts/oa02-mailingtextCats.txt71
-rw-r--r--scripts/oa02-mailingtextPoints.txt79
-rw-r--r--scripts/oa02-mailingtextPointsCats.txt82
-rw-r--r--scripts/oa02-orgainformation.php.txt119
-rw-r--r--scripts/resetpermissions.php71
-rw-r--r--scripts/send_thawte.php.txt167
-rw-r--r--scripts/thawte_DE.txt35
-rw-r--r--scripts/thawte_EN.txt35
-rw-r--r--scripts/thawte_ES.txt31
-rw-r--r--scripts/thawte_FR.txt31
-rw-r--r--scripts/thawte_NL.txt35
-rw-r--r--scripts/thawte_RU.txt31
-rw-r--r--www/.htaccess2
-rw-r--r--www/account.php47
-rw-r--r--www/advertising.php6
-rw-r--r--www/api/ccsr.php3
-rw-r--r--www/cap.html.php4
-rw-r--r--www/cap.php68
-rw-r--r--www/capnew.php62
-rw-r--r--www/cats/cats_import.php9
-rw-r--r--www/certs/CAcert_Root_Certificates.msibin0 -> 1593344 bytes
-rw-r--r--www/coap.html.php14
-rw-r--r--www/coapnew.php74
-rw-r--r--www/disputes.php16
-rw-r--r--www/index.php93
-rw-r--r--www/keygenIE.js609
-rw-r--r--www/policy/AssurancePolicy.html751
-rw-r--r--www/policy/AssurancePolicy.php727
-rw-r--r--www/policy/CAcertCommunityAgreement.html542
-rw-r--r--www/policy/CAcertCommunityAgreement.php516
-rw-r--r--www/policy/CertificationPracticeStatement.html3918
-rw-r--r--www/policy/CertificationPracticeStatement.php4095
-rw-r--r--www/policy/DisputeResolutionPolicy.html678
-rw-r--r--www/policy/DisputeResolutionPolicy.php643
-rw-r--r--www/policy/NRPDisclaimerAndLicence.html19
-rw-r--r--www/policy/NRPDisclaimerAndLicence.php18
-rw-r--r--www/policy/OrganisationAssurancePolicy.html412
-rw-r--r--www/policy/OrganisationAssurancePolicy.php383
-rw-r--r--www/policy/PolicyOnJuniorAssurersMembers.html202
-rw-r--r--www/policy/PolicyOnPolicy.html347
-rw-r--r--www/policy/PolicyOnPolicy.php291
-rw-r--r--www/policy/PrivacyPolicy.html79
-rw-r--r--www/policy/PrivacyPolicy.php4
-rw-r--r--www/policy/RootDistributionLicense.html126
-rw-r--r--www/policy/RootDistributionLicense.php130
-rw-r--r--www/policy/images/cacert-draft.png (renamed from www/policy/cacert-draft.png)bin4796 -> 4796 bytes
-rw-r--r--www/policy/images/cacert-policy.pngbin0 -> 5030 bytes
-rw-r--r--www/policy/images/valid-html401-blue.pngbin0 -> 1669 bytes
-rw-r--r--www/policy/images/valid-html50-blue.pngbin0 -> 1438 bytes
-rw-r--r--www/policy/images/valid-xhtml11-blue.pngbin0 -> 2037 bytes
-rw-r--r--www/policy/index.php16
-rw-r--r--www/styles/default.css10
-rw-r--r--www/ttp.php28
-rw-r--r--www/wot.php489
172 files changed, 16015 insertions, 9253 deletions
diff --git a/CommModule/client.pl b/CommModule/client.pl
index 4e09c46..bf92b27 100755
--- a/CommModule/client.pl
+++ b/CommModule/client.pl
@@ -540,7 +540,7 @@ sub OpenPGPextractExpiryDate ($)
print OUT $_;
unless ($r)
{
- if ( /^\s*version \d+, created (\d+), md5len 0, sigclass \d+\s*$/ )
+ if ( /^\s*version \d+, created (\d+), md5len 0, sigclass (?:0x[0-9a-fA-F]+|\d+)\s*$/ )
{
SysLog "Detected CTS: $1\n";
$cts = int($1);
@@ -595,7 +595,7 @@ sub OpenPGPextractExpiryDate ($)
# Sets the locale according to the users preferred language
sub setUsersLanguage($)
{
- my $lang="de_DE";
+ my $lang="en_US";
print "Searching for the language of the user $_[0]\n";
my @a=$dbh->selectrow_array("select language from users where id='".int($_[0])."'");
$lang = $1 if($a[0]=~m/(\w+_[\w.@]+)/);
@@ -887,7 +887,7 @@ sub HandleCerts($$)
my $body = _("Hi")." $user{fname},\n\n";
$body .= sprintf(_("You can collect your certificate for %s by going to the following location:")."\n\n", $row{'email'}.$row{'CN'});
$body .= "https://www.cacert.org/account.php?id=".($server?"15":"6")."&cert=$row{id}\n\n";
- $body .= _("If you have not imported CAcert´s root certificate, please go to:")."\n";
+ $body .= _("If you have not imported CAcert's root certificate, please go to:")."\n";
$body .= "https://www.cacert.org/index.php?id=3\n";
$body .= "Root cert fingerprint = A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B\n";
$body .= "Root cert fingerprint = 135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33\n\n";
diff --git a/CommModule/server.pl b/CommModule/server.pl
index eb5113a..6084042 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -502,9 +502,28 @@ sub SignX509($$$$$$$$)
{
open OUT,">$wid/extfile";
print OUT "basicConstraints = critical, CA:FALSE\n";
+ print OUT "keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement\n";
print OUT "extendedKeyUsage = clientAuth, serverAuth, nsSGC, msSGC\n";
- print OUT "keyUsage = digitalSignature, keyEncipherment\n";
print OUT "authorityInfoAccess = OCSP;URI:$OCSPUrl\n";
+
+ my $CRLUrl="";
+ if($root==0)
+ {
+ $CRLUrl="http://crl.cacert.org/revoke.crl";
+ }
+ elsif($root==1)
+ {
+ $CRLUrl="http://crl.cacert.org/class3-revoke.crl";
+ }
+ elsif($root==2)
+ {
+ $CRLUrl="http://crl.cacert.org/class3s-revoke.crl";
+ }
+ else
+ {
+ $CRLUrl="http://crl.cacert.org/root${root}.crl";
+ }
+ print OUT "crlDistributionPoints = URI:${CRLUrl}\n";
print OUT "subjectAltName = $san\n" if(length($san));
close OUT;
$extfile=" -extfile $wid/extfile ";
@@ -936,10 +955,10 @@ sub analyze($)
if($bytes[1] == 0) # NUL Request
{
SysLog "NUL Request detected.\n";
- if($fields[1])
+ if($fields[1] =~ /^\d+\.\d+$/)
{
open OUT,">timesync.sh";
- print OUT "date -u $fields[1]\n";
+ print OUT "date -u '$fields[1]'\n";
print OUT "hwclock --systohc\n";
close OUT;
}
diff --git a/Makefile b/Makefile
deleted file mode 100644
index 914d979..0000000
--- a/Makefile
+++ /dev/null
@@ -1,7 +0,0 @@
-all:
- xgettext -s -o messages.po --no-wrap --foreign-user includes/*.php www/*.php pages/account/*.php pages/index/*.php pages/wot/*.php pages/gpg/*.php pages/disputes/*.php pages/help/*.php pages/disputes/*.php scripts/removedead.php
- perl cacertupload.pl
- cd locale; php make.php
-
-other: all
- cat messages.po|sed "s/CHARSET/iso-8859-1/"|sed "s/PACKAGE VERSION/CAcert/"|sed "s/This file is put in the public domain./This file is distributed under the same license as the CAcert package./"|sed "s/# SOME DESCRIPTIVE TITLE.//" > messages.po
diff --git a/cacertupload.pl b/cacertupload.pl
deleted file mode 100755
index 991570b..0000000
--- a/cacertupload.pl
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/perl
-
-#LibreSSL - CAcert web application
-#Copyright (C) 2004-2008 CAcert Inc.
-#
-#This program is free software; you can redistribute it and/or modify
-#it under the terms of the GNU General Public License as published by
-#the Free Software Foundation; version 2 of the License.
-#
-#This program is distributed in the hope that it will be useful,
-#but WITHOUT ANY WARRANTY; without even the implied warranty of
-#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-#GNU General Public License for more details.
-#
-#You should have received a copy of the GNU General Public License
-#along with this program; if not, write to the Free Software
-#Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-
-use LWP::UserAgent;
-$ua = LWP::UserAgent->new(agent => 'Translingo Client 1.0');
-use HTTP::Request::Common qw(POST);
-
-my $translingo_password;
-my $translingo_account;
-
-# Read Account&Password from file
-eval `cat password.dat`;
-
-$ua->cookie_jar({});
-$ua->timeout(10000);
-
-my $req = POST 'http://translingo.cacert.org/login.php',
-[
-];
-# ggf. Referer faken
-$req->referer('http://translingo.cacert.org/');
- $ua->request($req)->as_string;
-
-# 1.Test - Umgebung
-my $req = POST 'http://translingo.cacert.org/login.php',
-[
- username => $translingo_account,
- password => $translingo_password,
- submit => 'Login',
-];
-# ggf. Referer faken
-$req->referer('http://translingo.cacert.org/');
-$ua->request($req)->as_string;
-
-# 2.Test - FileUpload
-my $req = POST 'http://translingo.cacert.org/upload.php',
-Content_Type => 'form-data',
-Content => [
- project => '1',
- fileformat => '1',
- pofile => ["messages.po" => "messages.po", 'Content_Type' => "application/x-gettext"],
-];
-print $ua->request($req)->as_string;
-
diff --git a/includes/account.php b/includes/account.php
index 14702b9..4aed5ed 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -10,12 +10,14 @@
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
require_once("../includes/loggedin.php");
+ require_once("../includes/lib/l10n.php");
+ require_once('lib/check_weak_key.php');
loadem("account");
@@ -35,6 +37,12 @@
exit;
}
+ if ($process == _("Cancel"))
+ {
+ // General reset CANCEL process requests
+ $process = "";
+ }
+
if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
{
@@ -75,7 +83,7 @@
if($checkemail != "OK")
{
showheader(_("My CAcert.org Account!"));
- if (substr($checkemail, 0, 1) == "4")
+ if (substr($checkemail, 0, 1) == "4")
{
echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
} else {
@@ -116,9 +124,9 @@
exit;
}
$row = mysql_fetch_assoc($res);
- $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
- $body .= _("You are receiving this email because you or someone else")."\n";
- $body .= _("has changed the default email on your account.")."\n\n";
+ $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
+ $body .= _("You are receiving this email because you or someone else ".
+ "has changed the default email on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -144,6 +152,9 @@
{
foreach($_REQUEST['delid'] as $id)
{
+ if (0==$delcount) {
+ echo _('The following email addresses have been removed:')."<br>\n";
+ }
$id = intval($id);
$query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
`email`!='".$_SESSION['profile']['email']."'";
@@ -152,7 +163,7 @@
{
$row = mysql_fetch_assoc($res);
echo $row['email']."<br>\n";
- $query = "select `emailcerts`.`id`
+ $query = "select `emailcerts`.`id`
from `emaillink`,`emailcerts` where
`emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
`revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
@@ -160,7 +171,7 @@
$dres = mysql_query($query);
while($drow = mysql_fetch_assoc($dres))
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
-
+
$query = "update `email` set `deleted`=NOW() where `id`='$id'";
mysql_query($query);
$delcount++;
@@ -171,10 +182,8 @@
{
echo _("You did not select any email accounts for removal.");
}
- if($delcount > 0)
+ if(0 == $delcount)
{
- echo _("The following accounts have been removed:")."<br>\n";
- } else {
echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
}
@@ -307,9 +316,9 @@
showfooter();
exit;
}
-
+
$query = "insert into emailcerts set
- `CN`='$defaultemail',
+ `CN`='$defaultemail',
`keytype`='NS',
`memid`='".intval($_SESSION['profile']['id'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
@@ -339,7 +348,7 @@
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
if($csr == "")
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
-
+
if (($weakKey = checkWeakKeyCSR($csr)) !== "")
{
$id = 4;
@@ -348,7 +357,7 @@
showfooter();
exit;
}
-
+
$tmpfname = tempnam("/tmp", "id4CSR");
$fp = fopen($tmpfname, "w");
fputs($fp, $csr);
@@ -407,13 +416,14 @@
showfooter();
exit;
}
- $query = "insert into emailcerts set
- `CN`='$defaultemail',
+ $query = "insert into emailcerts set
+ `CN`='$defaultemail',
`keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
`memid`='".$_SESSION['profile']['id']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."',
`codesign`='".$_SESSION['_config']['codesign']."',
+ `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -566,7 +576,7 @@
{
showheader(_("My CAcert.org Account!"));
//echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
- if (substr($checkemail, 0, 1) == "4")
+ if (substr($checkemail, 0, 1) == "4")
{
echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
} else {
@@ -613,10 +623,31 @@
{
$row = mysql_fetch_assoc($res);
echo $row['domain']."<br>\n";
- mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
- $dres = mysql_query("select * from `domlink` where `domid`='$id'");
+
+ $dres = mysql_query(
+ "select `domaincerts`.`id`
+ from `domaincerts`
+ where `domaincerts`.`domid` = '$id'
+ union distinct
+ select `domaincerts`.`id`
+ from `domaincerts`, `domlink`
+ where `domaincerts`.`id` = `domlink`.`certid`
+ and `domlink`.`domid` = '$id'");
while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
+ {
+ mysql_query(
+ "update `domaincerts`
+ set `revoked`='1970-01-01 10:00:01'
+ where `id` = '".$drow['id']."'
+ and `revoked` = 0
+ and UNIX_TIMESTAMP(`expire`) -
+ UNIX_TIMESTAMP() > 0");
+ }
+
+ mysql_query(
+ "update `domains`
+ set `deleted`=NOW()
+ where `id` = '$id'");
}
}
}
@@ -637,7 +668,7 @@
// In case the CSR is missing the ---BEGIN lines, add them automatically:
$CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
}
-
+
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
showheader(_("My CAcert.org Account!"));
@@ -645,7 +676,7 @@
showfooter();
exit;
}
-
+
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
@@ -690,7 +721,7 @@
showfooter();
exit;
}
-
+
if (($weakKey = checkWeakKeyCSR(file_get_contents(
$_SESSION['_config']['tmpfname']))) !== "")
{
@@ -699,7 +730,7 @@
showfooter();
exit;
}
-
+
$id = 11;
if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
{
@@ -743,13 +774,13 @@
if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
{
- $query = "insert into `domaincerts` set
+ $query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
- $query = "insert into `domaincerts` set
+ $query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
@@ -815,24 +846,24 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
continue;
}
-
+
$row = mysql_fetch_assoc($res);
-
+
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
{
echo $weakKey, "<br/>\n";
continue;
}
-
+
mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
- $query = "insert into `domaincerts` set
- `domid`='".$row['domid']."',
+ $query = "insert into `domaincerts` set
+ `domid`='".$row['domid']."',
`CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',".
//`csr_name`='".$row['csr_name']."', // RACE CONDITION
"`created`='".$row['created']."',
- `modified`=NOW(),
+ `modified`=NOW(),
`rootcert`='".$row['rootcert']."',
`type`='".$row['type']."',
`pkhash`='".$row['pkhash']."'";
@@ -916,7 +947,7 @@
foreach($_REQUEST['revokeid'] as $id)
{
$id = intval($id);
- $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
+ $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
`domains`.`memid`='".$_SESSION['profile']['id']."'";
@@ -947,7 +978,7 @@
foreach($_REQUEST['delid'] as $id)
{
$id = intval($id);
- $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
+ $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
`domains`.`memid`='".$_SESSION['profile']['id']."'";
@@ -982,7 +1013,7 @@
foreach($_REQUEST['revokeid'] as $id)
{
$id = intval($id);
- $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
+ $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -990,24 +1021,24 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
-
+
$row = mysql_fetch_assoc($res);
-
+
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
{
echo $weakKey, "<br/>\n";
continue;
}
-
+
mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
- $query = "insert into emailcerts set
- `memid`='".$row['memid']."',
+ $query = "insert into emailcerts set
+ `memid`='".$row['memid']."',
`CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',
- `keytype`='".$row['keytype']."',
- `csr_name`='".$row['csr_name']."',
- `created`='".$row['created']."',
+ `keytype`='".$row['keytype']."',
+ `csr_name`='".$row['csr_name']."',
+ `created`='".$row['created']."',
`modified`=NOW(),
`disablelogin`='".$row['disablelogin']."',
`codesign`='".$row['codesign']."',
@@ -1055,7 +1086,7 @@
foreach($_REQUEST['revokeid'] as $id)
{
$id = intval($id);
- $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
+ $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -1084,7 +1115,7 @@
foreach($_REQUEST['delid'] as $id)
{
$id = intval($id);
- $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
+ $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -1199,7 +1230,7 @@
$ddres = mysql_query($ddquery);
$ddrow = mysql_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total'];
-
+
if($_SESSION['profile']['points'] == 0)
{
$_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
@@ -1251,7 +1282,7 @@
where `id`='".$_SESSION['profile']['id']."'";
mysql_query($query);
- //!!!Should be rewritten
+ //!!!Should be rewritten
$_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
$_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
@@ -1290,6 +1321,8 @@
showheader(_("My CAcert.org Account!"));
if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
{
+ echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
+ '</h3>', "\n";
echo _("New Pass Phrases specified don't match or were blank.");
} else {
$score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
@@ -1306,18 +1339,25 @@
}
if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
+ echo '<h3 style="color:red">',
+ _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
echo _("The Pass Phrase you submitted was too short.");
} else if($score < 3) {
+ echo '<h3 style="color:red">',
+ _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
} else if($rc <= 0) {
+ echo '<h3 style="color:red">',
+ _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
echo _("You failed to correctly enter your current Pass Phrase.");
} else {
mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
where `id`='".$_SESSION['profile']['id']."'");
+ echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
- $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
- $body .= _("You are receiving this email because you or someone else")."\n";
- $body .= _("has changed the password on your account.")."\n";
+ $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
+ $body .= _("You are receiving this email because you or someone else ".
+ "has changed the password on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -1439,9 +1479,9 @@
showfooter();
exit;
}
-
- $query = "insert into `orgemailcerts` set
- `CN`='$defaultemail',
+
+ $query = "insert into `orgemailcerts` set
+ `CN`='$defaultemail',
`keytype`='NS',
`orgid`='".$org['orgid']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
@@ -1470,7 +1510,7 @@
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
-
+
if (($weakKey = checkWeakKeyCSR($csr)) !== "")
{
$id = 17;
@@ -1479,7 +1519,7 @@
showfooter();
exit;
}
-
+
$tmpfname = tempnam("/tmp", "id17CSR");
$fp = fopen($tmpfname, "w");
fputs($fp, $csr);
@@ -1529,8 +1569,8 @@
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
- $query = "insert into `orgemailcerts` set
- `CN`='$defaultemail',
+ $query = "insert into `orgemailcerts` set
+ `CN`='$defaultemail',
`keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
`orgid`='".$org['orgid']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
@@ -1586,29 +1626,29 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
-
+
$row = mysql_fetch_assoc($res);
-
+
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
{
echo $weakKey, "<br/>\n";
continue;
}
-
+
mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- $query = "insert into `orgemailcerts` set
- `orgid`='".$row['orgid']."',
+ $query = "insert into `orgemailcerts` set
+ `orgid`='".$row['orgid']."',
`CN`='".$row['CN']."',
`subject`='".$row['subject']."',
- `keytype`='".$row['keytype']."',
- `csr_name`='".$row['csr_name']."',
- `created`='".$row['created']."',
+ `keytype`='".$row['keytype']."',
+ `csr_name`='".$row['csr_name']."',
+ `created`='".$row['created']."',
`modified`=NOW(),
`codesign`='".$row['codesign']."',
`rootcert`='".$row['rootcert']."'";
@@ -1706,7 +1746,7 @@
if($process != "" && $oldid == 20)
{
$CSR = clean_csr($_REQUEST['CSR']);
-
+
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
$id = 20;
@@ -1715,7 +1755,7 @@
showfooter();
exit;
}
-
+
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
@@ -1765,7 +1805,7 @@
if($process != "" && $oldid == 21)
{
$id = 21;
-
+
if(!file_exists($_SESSION['_config']['tmpfname']))
{
showheader(_("My CAcert.org Account!"));
@@ -1773,7 +1813,7 @@
showfooter();
exit;
}
-
+
if (($weakKey = checkWeakKeyCSR(file_get_contents(
$_SESSION['_config']['tmpfname']))) !== "")
{
@@ -1822,7 +1862,7 @@
if(is_array($_SESSION['_config']['rows']))
foreach($_SESSION['_config']['rows'] as $row)
$csrsubject .= "/commonName=$row";
- $SAN="";
+ $SAN="";
if(is_array($_SESSION['_config']['altrows']))
foreach($_SESSION['_config']['altrows'] as $subalt)
{
@@ -1841,7 +1881,7 @@
if($_SESSION['_config']['rowid']['0'] > 0)
{
- $query = "insert into `orgdomaincerts` set
+ $query = "insert into `orgdomaincerts` set
`CN`='".$_SESSION['_config']['rows']['0']."',
`orgid`='".$org['id']."',
`created`=NOW(),
@@ -1849,7 +1889,7 @@
`rootcert`='".$_SESSION['_config']['rootcert']."',
`type`='$type'";
} else {
- $query = "insert into `orgdomaincerts` set
+ $query = "insert into `orgdomaincerts` set
`CN`='".$_SESSION['_config']['altrows']['0']."',
`orgid`='".$org['id']."',
`created`=NOW(),
@@ -1907,29 +1947,29 @@
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
-
+
$row = mysql_fetch_assoc($res);
-
+
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
{
echo $weakKey, "<br/>\n";
continue;
}
-
+
mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- $query = "insert into `orgdomaincerts` set
- `orgid`='".$row['orgid']."',
+ $query = "insert into `orgdomaincerts` set
+ `orgid`='".$row['orgid']."',
`CN`='".$row['CN']."',
- `csr_name`='".$row['csr_name']."',
+ `csr_name`='".$row['csr_name']."',
`created`='".$row['created']."',
- `modified`=NOW(),
- `subject`='".$row['subject']."',
+ `modified`=NOW(),
+ `subject`='".$row['subject']."',
`type`='".$row['type']."',
`rootcert`='".$row['rootcert']."'";
mysql_query($query);
@@ -2129,9 +2169,9 @@
if($oldid == 29 && $process != "")
{
- $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
+ $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
- $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
+ $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
{
@@ -2141,20 +2181,20 @@
}
}
- if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
+ if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
{
- $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
+ $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
- `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+ `orgdomains`.`id`='".intval($domid)."'";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
- $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
+ $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
`orgemaillink`.`domid`=`orgdomains`.`id` and
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
- `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+ `orgdomains`.`id`='".intval($domid)."'";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
@@ -2162,23 +2202,23 @@
if($oldid == 29 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
- mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
+ $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
+ mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
- echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+ echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
showfooter();
exit;
}
if($oldid == 30 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
+ $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
$domain = $row['domain'];
- mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
+ mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
- echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+ echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
showfooter();
exit;
}
@@ -2189,13 +2229,13 @@
$orgid = 0;
}
- if($oldid == 31 && $process != _("Cancel"))
+ if($oldid == 31 && $process != "")
{
$query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
$dres = mysql_query($query);
while($drow = mysql_fetch_assoc($dres))
{
- $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
+ $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
`orgdomains`.`id`='".intval($drow['id'])."'";
@@ -2207,7 +2247,7 @@
mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
}
- $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
+ $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
`orgemaillink`.`domid`=`orgdomains`.`id` and
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
`orgdomains`.`id`='".intval($drow['id'])."'";
@@ -2230,8 +2270,7 @@
$orgid = 0;
}
- if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
- $id == 35 || $oldid == 35)
+ if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
{
$query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
$_macc = mysql_num_rows(mysql_query($query));
@@ -2244,6 +2283,19 @@
}
}
+ if($id == 35 || $oldid == 35)
+ {
+ $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
+ $is_orguser = mysql_num_rows(mysql_query($query));
+ if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You don't have access to this area.");
+ showfooter();
+ exit;
+ }
+ }
+
if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
{
$orgid = intval($_SESSION['_config']['orgid']);
@@ -2273,8 +2325,21 @@
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
} else {
$row = mysql_fetch_assoc($res);
- mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
- `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
+ if ( !is_assurer(intval($row['id'])) )
+ {
+ $id = $oldid;
+ $oldid=0;
+ $_SESSION['_config']['errmsg'] =
+ _("The user is not an Assurer yet");
+ } else {
+ mysql_query(
+ "insert into `org`
+ set `memid`='".intval($row['id'])."',
+ `orgid`='".intval($_SESSION['_config']['orgid'])."',
+ `masteracc`='$masteracc',
+ `OU`='$OU',
+ `comments`='$comments'");
+ }
}
}
@@ -2336,7 +2401,7 @@
{
csrf_check("mainlang");
$lang = mysql_real_escape_string($_REQUEST['lang']);
- foreach($_SESSION['_config']['translations'] as $key => $val)
+ foreach(L10n::$translations as $key => $val)
{
if($key == $lang)
{
@@ -2397,7 +2462,7 @@
exit;
}
- if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
+ if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
$_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
{
@@ -2551,9 +2616,9 @@
printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email']));
- $body = sprintf(_("Hi %s,"),$row['fname'])."\n";
- $body .= _("You are receiving this email because a CAcert administrator")."\n";
- $body .= _("has changed the password on your account.")."\n";
+ $body = sprintf(_("Hi %s,"),$row['fname'])."\n\n";
+ $body .= _("You are receiving this email because a CAcert administrator ".
+ "has changed the password on your account.")."\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
@@ -2614,7 +2679,7 @@
showfooter();
exit;
}
-
+
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
showheader(_("My CAcert.org Account!"));
@@ -2623,7 +2688,7 @@
exit;
}
- $query = "insert into `domaincerts` set
+ $query = "insert into `domaincerts` set
`CN`='".$_SESSION['_config']['0.CN']."',
`domid`='".$_SESSION['_config']['row']['id']."',
`created`=NOW()";
@@ -2687,7 +2752,7 @@
if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0)
{
- csrf_check('admactlock');
+ csrf_check('admactlock');
$memid = $_REQUEST['userid'] = intval($_REQUEST['locked']);
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
@@ -2912,7 +2977,7 @@
while($row = mysql_fetch_assoc($res))
$body .= $row['comment']."\n";
$body .= "\n";
-
+
$body .= _("Best regards")."\n";
$body .= _("CAcert Support Team");
sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify");
@@ -2933,7 +2998,7 @@
$body .= "\n";
$body .= _("You are welcome to try submitting another request at any time in the future, please make sure you take the reviewer comments into consideration or you risk having your application rejected again.")."\n\n";
-
+
$body .= _("Best regards")."\n";
$body .= _("CAcert Support Team");
sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify");
@@ -2951,6 +3016,4 @@
$_SESSION['_config']['orgid'] = intval($orgid);
if(intval($memid) > 0)
$_SESSION['_config']['memid'] = intval($memid);
- if(intval($domid) > 0)
- $_SESSION['_config']['domid'] = intval($domid);
?>
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index b6fdd7a..b9544e0 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -209,7 +209,7 @@ function hideall() {
<ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
</div>
<? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
<ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
@@ -262,6 +262,7 @@ function hideall() {
<ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?=_("New Ad")?></a></li><li><a href="advertising.php?id=0"><?=_("View Ads")?></a></li></ul>
</div>
<? } ?>
+ <? include("about_menu.php"); ?>
</div>
<div id="content">
<div class="story">
@@ -277,368 +278,10 @@ function hideall() {
?>
</div>
</div>
- <div id="siteInfo"><a href="account.php?id=37"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
+ <div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
<a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> | <a href="account.php?id=40"><?=_("Contact Us")?></a>
| &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
</div>
</body>
</html><?
}
-
- /**
- * Produces a log entry with the error message with log level E_USER_WARN
- * and a random ID an returns a message that can be displayed to the user
- * including the generated ID
- *
- * @param $errormessage string
- * The error message that should be logged
- * @return string containing the generated ID that can be displayed to the
- * user
- */
- function failWithId($errormessage) {
- $errorId = rand();
- trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
- return sprintf(_("Something went wrong when processing your request. ".
- "Please contact %s for help and provide them with the ".
- "following ID: %d"),
- "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
- "ID%3A%20$errorId'>support@cacert.org</a>",
- $errorId);
- }
-
- /**
- * Checks whether the given CSR contains a vulnerable key
- *
- * @param $csr string
- * The CSR to be checked
- * @param $encoding string [optional]
- * The encoding the CSR is in (for the "-inform" parameter of OpenSSL,
- * currently only "PEM" (default) or "DER" allowed)
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyCSR($csr, $encoding = "PEM")
- {
- // non-PEM-encodings may be binary so don't use echo
- $descriptorspec = array(
- 0 => array("pipe", "r"), // STDIN for child
- 1 => array("pipe", "w"), // STDOUT for child
- );
- $encoding = escapeshellarg($encoding);
- $proc = proc_open("openssl req -inform $encoding -text -noout",
- $descriptorspec, $pipes);
-
- if (is_resource($proc))
- {
- fwrite($pipes[0], $csr);
- fclose($pipes[0]);
-
- $csrText = "";
- while (!feof($pipes[1]))
- {
- $csrText .= fread($pipes[1], 8192);
- }
- fclose($pipes[1]);
-
- if (($status = proc_close($proc)) !== 0 || $csrText === "")
- {
- return _("I didn't receive a valid Certificate Request, hit ".
- "the back button and try again.");
- }
- } else {
- return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
- }
-
-
- return checkWeakKeyText($csrText);
- }
-
- /**
- * Checks whether the given X509 certificate contains a vulnerable key
- *
- * @param $cert string
- * The X509 certificate to be checked
- * @param $encoding string [optional]
- * The encoding the certificate is in (for the "-inform" parameter of
- * OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyX509($cert, $encoding = "PEM")
- {
- // non-PEM-encodings may be binary so don't use echo
- $descriptorspec = array(
- 0 => array("pipe", "r"), // STDIN for child
- 1 => array("pipe", "w"), // STDOUT for child
- );
- $encoding = escapeshellarg($encoding);
- $proc = proc_open("openssl x509 -inform $encoding -text -noout",
- $descriptorspec, $pipes);
-
- if (is_resource($proc))
- {
- fwrite($pipes[0], $cert);
- fclose($pipes[0]);
-
- $certText = "";
- while (!feof($pipes[1]))
- {
- $certText .= fread($pipes[1], 8192);
- }
- fclose($pipes[1]);
-
- if (($status = proc_close($proc)) !== 0 || $certText === "")
- {
- return _("I didn't receive a valid Certificate Request, hit ".
- "the back button and try again.");
- }
- } else {
- return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
- }
-
-
- return checkWeakKeyText($certText);
- }
-
- /**
- * Checks whether the given SPKAC contains a vulnerable key
- *
- * @param $spkac string
- * The SPKAC to be checked
- * @param $spkacname string [optional]
- * The name of the variable that contains the SPKAC. The default is
- * "SPKAC"
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
- {
- /* Check for the debian OpenSSL vulnerability */
-
- $spkac = escapeshellarg($spkac);
- $spkacname = escapeshellarg($spkacname);
- $spkacText = `echo $spkac | openssl spkac -spkac $spkacname`;
- if ($spkacText === null) {
- return _("I didn't receive a valid Certificate Request, hit the ".
- "back button and try again.");
- }
-
- return checkWeakKeyText($spkacText);
- }
-
- /**
- * Checks whether the given text representation of a CSR or a SPKAC contains
- * a weak key
- *
- * @param $text string
- * The text representation of a key as output by the
- * "openssl <foo> -text -noout" commands
- * @return string containing the reason if the key is considered weak,
- * empty string otherwise
- */
- function checkWeakKeyText($text)
- {
- /* Which public key algorithm? */
- if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
- $algorithm))
- {
- return failWithId("checkWeakKeyText(): Couldn't extract the ".
- "public key algorithm used");
- } else {
- $algorithm = $algorithm[1];
- }
-
-
- if ($algorithm === "rsaEncryption")
- {
- if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
- $keysize))
- {
- return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
- "key size");
- } else {
- $keysize = intval($keysize[1]);
- }
-
- if ($keysize < 1024)
- {
- return sprintf(_("The keys that you use are very small ".
- "and therefore insecure. Please generate stronger ".
- "keys. More information about this issue can be ".
- "found in %sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
- "</a>");
- } elseif ($keysize < 2048) {
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for small ".
- "key (< 2048 bit) requested", E_USER_NOTICE);
- }
-
-
- $debianVuln = checkDebianVulnerability($text, $keysize);
- if ($debianVuln === true)
- {
- return sprintf(_("The keys you use have very likely been ".
- "generated with a vulnerable version of OpenSSL which ".
- "was distributed by debian. Please generate new keys. ".
- "More information about this issue can be found in ".
- "%sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#DebianVulnerability'>",
- "</a>");
- } elseif ($debianVuln === false) {
- // not vulnerable => do nothing
- } else {
- return failWithId("checkWeakKeyText(): Something went wrong in".
- "checkDebianVulnerability()");
- }
-
- if (!preg_match('/^\s*Exponent: (\d+) \(0x[0-9a-fA-F]+\)$/m', $text,
- $exponent))
- {
- return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
- "exponent");
- } else {
- $exponent = $exponent[1]; // exponent might be very big =>
- //handle as string using bc*()
-
- if (bccomp($exponent, "3") === 0)
- {
- return sprintf(_("The keys you use might be insecure. ".
- "Although there is currently no known attack for ".
- "reasonable encryption schemes, we're being ".
- "cautious and don't allow certificates for such ".
- "keys. Please generate stronger keys. More ".
- "information about this issue can be found in ".
- "%sthe wiki%s"),
- "<a href='//wiki.cacert.org/WeakKeys#SmallExponent'>",
- "</a>");
- } elseif (!(bccomp($exponent, "65537") >= 0 &&
- (bccomp($exponent, "100000") === -1 ||
- // speed things up if way smaller than 2^256
- bccomp($exponent, bcpow("2", "256")) === -1) )) {
- // 65537 <= exponent < 2^256 recommended by NIST
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for ".
- "unsuitable exponent '$exponent' requested",
- E_USER_NOTICE);
- }
- }
- }
-
- /* No weakness found */
- return "";
- }
-
- /**
- * Reimplement the functionality of the openssl-vulnkey tool
- *
- * @param $text string
- * The text representation of a key as output by the
- * "openssl <foo> -text -noout" commands
- * @param $keysize int [optional]
- * If the key size is already known it can be provided so it doesn't
- * have to be parsed again. This also skips the check whether the key
- * is an RSA key => use wisely
- * @return TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
- */
- function checkDebianVulnerability($text, $keysize = 0)
- {
- $keysize = intval($keysize);
-
- if ($keysize === 0)
- {
- /* Which public key algorithm? */
- if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
- $algorithm))
- {
- trigger_error("checkDebianVulnerability(): Couldn't extract ".
- "the public key algorithm used", E_USER_WARNING);
- return null;
- } else {
- $algorithm = $algorithm[1];
- }
-
- if ($algorithm !== "rsaEncryption") return false;
-
- /* Extract public key size */
- if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
- $keysize))
- {
- trigger_error("checkDebianVulnerability(): Couldn't parse the ".
- "RSA key size", E_USER_WARNING);
- return null;
- } else {
- $keysize = intval($keysize[1]);
- }
- }
-
- // $keysize has been made sure to contain an int
- $blacklist = "/usr/share/openssl-blacklist/blacklist.RSA-$keysize";
- if (!(is_file($blacklist) && is_readable($blacklist)))
- {
- if (in_array($keysize, array(512, 1024, 2048, 4096)))
- {
- trigger_error("checkDebianVulnerability(): Blacklist for ".
- "$keysize bit keys not accessible. Expected at ".
- "$blacklist", E_USER_ERROR);
- return null;
- }
-
- trigger_error("checkDebianVulnerability(): $blacklist is not ".
- "readable. Unsupported key size?", E_USER_WARNING);
- return false;
- }
-
-
- /* Extract RSA modulus */
- if (!preg_match('/^\s*Modulus \(\d+ bit\):\n'.
- '((?:\s*[0-9a-f][0-9a-f]:(?:\n)?)+[0-9a-f][0-9a-f])$/m',
- $text, $modulus))
- {
- trigger_error("checkDebianVulnerability(): Couldn't extract the ".
- "RSA modulus", E_USER_WARNING);
- return null;
- } else {
- $modulus = $modulus[1];
- // strip whitespace and colon leftovers
- $modulus = str_replace(array(" ", "\t", "\n", ":"), "", $modulus);
-
- // when using "openssl xxx -text" first byte was 00 in all my test
- // cases but 00 not present in the "openssl xxx -modulus" output
- if ($modulus[0] === "0" && $modulus[1] === "0")
- {
- $modulus = substr($modulus, 2);
- } else {
- trigger_error("checkDebianVulnerability(): First byte is not ".
- "zero", E_USER_NOTICE);
- }
-
- $modulus = strtoupper($modulus);
- }
-
-
- /* calculate checksum and look it up in the blacklist */
- $checksum = substr(sha1("Modulus=$modulus\n"), 20);
-
- // $checksum and $blacklist should be safe, but just to make sure
- $checksum = escapeshellarg($checksum);
- $blacklist = escapeshellarg($blacklist);
- exec("grep $checksum $blacklist", $dummy, $debianVuln);
- if ($debianVuln === 0) // grep returned something => it is on the list
- {
- return true;
- } elseif ($debianVuln === 1) { // grep returned nothing
- return false;
- } else {
- trigger_error("checkDebianVulnerability(): Something went wrong ".
- "when looking up the key with checksum $checksum in the ".
- "blacklist $blacklist", E_USER_ERROR);
- return null;
- }
-
- // Should not get here
- return null;
- }
-?>
diff --git a/includes/general.php b/includes/general.php
index 16b75e4..bcbe38d 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -15,6 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+ require_once(dirname(__FILE__)."/lib/general.php");
+
session_name("cacert");
session_start();
@@ -38,6 +41,8 @@
$_SESSION['_config']['filepath'] = "/www";
require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
+ require_once($_SESSION['_config']['filepath'].'/includes/lib/account.php');
+ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
if(array_key_exists('HTTP_HOST',$_SERVER) &&
$_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] &&
@@ -69,122 +74,8 @@
}
}
- $lang = "";
- if(array_key_exists("lang",$_REQUEST))
- $lang=mysql_escape_string(substr(trim($_REQUEST['lang']), 0, 5));
- if($lang != "")
- $_SESSION['_config']['language'] = $lang;
-
- //if($_SESSION['profile']['id'] == 1 && 1 == 2)
- // echo $_SESSION['_config']['language'];
-
- $_SESSION['_config']['translations'] = array(
- "ar_JO" => "&#1575;&#1604;&#1593;&#1585;&#1576;&#1610;&#1577;",
- "bg_BG" => "&#1041;&#1098;&#1083;&#1075;&#1072;&#1088;&#1089;&#1082;&#1080;",
- "cs_CZ" => "&#268;e&scaron;tina",
- "da_DK" => "Dansk",
- "de_DE" => "Deutsch",
- "el_GR" => "&Epsilon;&lambda;&lambda;&eta;&nu;&iota;&kappa;&#940;",
- "en_AU" => "English",
- "eo_EO" => "Esperanto",
- "es_ES" => "Espa&#xf1;ol",
- "fa_IR" => "Farsi",
- "fi_FI" => "Suomi",
- "fr_FR" => "Fran&#xe7;ais",
- "he_IL" => "&#1506;&#1489;&#1512;&#1497;&#1514;",
- "hr_HR" => "Hrvatski",
- "hu_HU" => "Magyar",
- "is_IS" => "&Iacute;slenska",
- "it_IT" => "Italiano",
- "ja_JP" => "&#26085;&#26412;&#35486;",
- "ka_GE" => "Georgian",
- "nl_NL" => "Nederlands",
- "pl_PL" => "Polski",
- "pt_PT" => "Portugu&#xea;s",
- "pt_BR" => "Portugu&#xea;s Brasileiro",
- "ru_RU" => "&#x420;&#x443;&#x441;&#x441;&#x43a;&#x438;&#x439;",
- "ro_RO" => "Rom&acirc;n&#259;",
- "sv_SE" => "Svenska",
- "tr_TR" => "T&#xfc;rk&#xe7;e",
- "zh_CN" => "&#x4e2d;&#x6587;(&#x7b80;&#x4f53;)");
-
- $value=array();
-
- if(!(array_key_exists('language',$_SESSION['_config']) && $_SESSION['_config']['language'] != ""))
- {
- $bits = explode(",", strtolower(str_replace(" ", "", mysql_real_escape_string(array_key_exists('HTTP_ACCEPT_LANGUAGE',$_SERVER)?$_SERVER['HTTP_ACCEPT_LANGUAGE']:""))));
- foreach($bits as $lang)
- {
- $b = explode(";", $lang);
- if(count($b)>1 && substr($b[1], 0, 2) == "q=")
- $c = floatval(substr($b[1], 2));
- else
- $c = 1;
- $value["$c"] = trim($b[0]);
- }
-
- krsort($value);
-
- reset($value);
-
- foreach($value as $key => $val)
- {
- $val = substr(escapeshellarg($val), 1, -1);
- $short = substr($val, 0, 2);
- if($val == "en" || $short == "en")
- {
- $_SESSION['_config']['language'] = "en";
- break;
- }
- if(file_exists($_SESSION['_config']['filepath']."/locale/$val/LC_MESSAGES/messages.mo"))
- {
- $_SESSION['_config']['language'] = $val;
- break;
- }
- if(file_exists($_SESSION['_config']['filepath']."/locale/$short/LC_MESSAGES/messages.mo"))
- {
- $_SESSION['_config']['language'] = $short;
- break;
- }
- }
- }
- if(!array_key_exists('_config',$_SESSION) || !array_key_exists('language',$_SESSION['_config']) || strlen($_SESSION['_config']['language']) != 5)
- {
- $lang = array_key_exists('language',$_SESSION['_config'])?$_SESSION['_config']['language']:"";
- $_SESSION['_config']['language'] = "en_AU";
- foreach($_SESSION['_config']['translations'] as $key => $val)
- {
- if(substr($lang, 0, 2) == substr($key, 0, 2))
- {
- $_SESSION['_config']['language'] = $val;
- break;
- }
- }
- }
-
- $_SESSION['_config']['recode'] = "html..latin-1";
- if($_SESSION['_config']['language'] == "zh_CN")
- {
- $_SESSION['_config']['recode'] = "html..gb2312";
- } else if($_SESSION['_config']['language'] == "pl_PL" || $_SESSION['_config']['language'] == "hu_HU") {
- $_SESSION['_config']['recode'] = "html..ISO-8859-2";
- } else if($_SESSION['_config']['language'] == "ja_JP") {
- $_SESSION['_config']['recode'] = "html..SHIFT-JIS";
- } else if($_SESSION['_config']['language'] == "ru_RU") {
- $_SESSION['_config']['recode'] = "html..ISO-8859-5";
- } else if($_SESSION['_config']['language'] == "lt_LT") {
- $_SESSION['_config']['recode'] = "html..ISO-8859-13";
- }
-
- putenv("LANG=".$_SESSION['_config']['language']);
- setlocale(LC_ALL, $_SESSION['_config']['language']);
- $domain = 'messages';
- bindtextdomain($domain, $_SESSION['_config']['filepath']."/locale");
- textdomain($domain);
-
- //if($_SESSION['profile']['id'] == -1)
- // echo $_SESSION['_config']['language']." - ".$_SESSION['_config']['filepath']."/locale";
-
+ L10n::detect_language();
+ L10n::init_gettext();
if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0)
{
@@ -248,8 +139,7 @@
}
}
- function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
- {
+ function checkpwlight($pwd) {
$points = 0;
if(strlen($pwd) > 15)
@@ -279,7 +169,19 @@
$points++;
//echo "Points due to length and charset: $points<br/>";
+
+ // check for historical password proposal
+ if ($pwd === "Fr3d Sm|7h") {
+ return 0;
+ }
+
+ return $points;
+ }
+ function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
+ {
+ $points = checkpwlight($pwd);
+
if(@strstr(strtolower($pwd), strtolower($email)))
$points--;
@@ -316,7 +218,8 @@
//echo "Points due to name matches: $points<br/>";
- $do = `grep '$pwd' /usr/share/dict/american-english`;
+ $shellpwd = escapeshellarg($pwd);
+ $do = `grep $shellpwd /usr/share/dict/american-english`;
if($do)
$points--;
@@ -588,10 +491,6 @@
return(0);
}
- if($points >= 300)
- return(200);
- if($points >= 200)
- return(150);
if($points >= 150)
return(35);
if($points >= 140)
@@ -620,14 +519,6 @@
return(utf8_decode($data));
}
- function screenshot($img)
- {
- if(file_exists("../screenshots/".$_SESSION['_config']['language']."/$img"))
- return("/screenshots/".$_SESSION['_config']['language']."/$img");
- else
- return("/screenshots/en/$img");
- }
-
function signmail($to, $subject, $message, $from, $replyto = "")
{
if($replyto == "")
@@ -836,51 +727,8 @@
$text=preg_replace("/[^\w-.@]/","",$text);
return($text);
}
-
- function fix_assurer_flag($userID)
- {
- // Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
- $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).
- '\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
- ' AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100'); // Challenge has been passed and non-expired points >= 100
-
- // Reset flag if requirements are not met
- $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID).
- '\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
- ' OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `n`.`expire` < now()) < 100)');
- }
-
- // returns 0 if $userID is an Assurer
- // Otherwise :
- // Bit 0 is always set
- // Bit 1 is set if 100 Assurance Points are not reached
- // Bit 2 is set if Assurer Test is missing
- // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
- function get_assurer_status($userID)
- {
- $Result = 0;
- $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
- ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
- if(mysql_num_rows($query) < 1)
- {
- $Result |= 5;
- }
-
- $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
- $row = mysql_fetch_assoc($query);
- if ($row['points'] < 100) {
- $Result |= 3;
- }
-
- $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
- $row = mysql_fetch_assoc($query);
- if ($row['assurer_blocked'] > 0) {
- $Result |= 9;
- }
-
- return $Result;
- }
+
// returns text message to be shown to the user given the result of is_no_assurer
function no_assurer_text($Status)
{
@@ -920,10 +768,13 @@
if($newlayout)
{
$name="../$type/$kind/".intval($id/1000)."/$kind-".intval($id).".$type";
- mkdir("../csr/$kind",0777);
- mkdir("../crt/$kind",0777);
- mkdir("../csr/$kind/".intval($id/1000));
- mkdir("../crt/$kind/".intval($id/1000));
+ if (!is_dir("../csr")) { mkdir("../csr",0777); }
+ if (!is_dir("../crt")) { mkdir("../crt",0777); }
+
+ if (!is_dir("../csr/$kind")) { mkdir("../csr/$kind",0777); }
+ if (!is_dir("../crt/$kind")) { mkdir("../crt/$kind",0777); }
+ if (!is_dir("../csr/$kind/".intval($id/1000))) { mkdir("../csr/$kind/".intval($id/1000)); }
+ if (!is_dir("../crt/$kind/".intval($id/1000))) { mkdir("../crt/$kind/".intval($id/1000)); }
}
return $name;
}
@@ -946,4 +797,5 @@
return $res;
}
+
?>
diff --git a/includes/general_stuff.php b/includes/general_stuff.php
index 088c39e..10c4e0a 100644
--- a/includes/general_stuff.php
+++ b/includes/general_stuff.php
@@ -16,6 +16,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
+
if(!function_exists("showheader"))
{
function showbodycontent($title = "CAcert.org", $title2 = "")
@@ -36,7 +38,7 @@ google_color_text = "000000";
google_color_border = "FFFFFF";
//-->
</script>
-<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><? } else {
+<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><? } else {
?><h2><?=_("Free digital certificates!")?></h2><? } ?></div>
</div>
<div id="pageNav">
@@ -45,22 +47,22 @@ google_color_border = "FFFFFF";
<? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
<a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=1"><?=_("Join")?></a>
<? } ?>
- <a href="/policy/CAcertCommunityAgreement.php"><?=_("Community Agreement")?></a>
+ <a href="/policy/CAcertCommunityAgreement.html"><?=_("Community Agreement")?></a>
<a href="/index.php?id=3"><?=_("Root Certificate")?></a>
</div>
<? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
<div class="relatedLinks">
<h3 class="pointer"><?=_("My Account")?></h3>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Password Login")?></a>
+ <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Password Login")?></a>
<a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?=_("Net Cafe Login")?></a>
+ <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?=_("Net Cafe Login")?></a>
<a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Certificate Login")?></a>
</div>
<? } ?>
<? include("about_menu.php"); ?>
<div class="relatedLinks">
<h3 class="pointer" onclick="explode('trans')">+ <?=_("Translations")?></h3>
- <ul class="menu" id="trans"><? foreach($_SESSION['_config']['translations'] as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?=$key?>"><?=$val?></a></li><? } ?></ul>
+ <ul class="menu" id="trans"><? foreach(L10n::$translations as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?=$key?>"><?=$val?></a></li><? } ?></ul>
</div>
<? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
<div class="relatedLinks">
@@ -131,12 +133,12 @@ if(!function_exists("showfooter"))
</div>
<? include("sponsorinfo.php") ?>
<div id="siteInfo">
- <a href="/index.php?id=12"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
+ <a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
<a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> |
<a href="/index.php?id=51"><?=_("Mission Statement")?></a> | <a href="/index.php?id=11"><?=_("Contact Us")?></a> |
&copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
-</div>
-</body>
+</div>
+</body>
</html><?
}
}
diff --git a/includes/keygen.php b/includes/keygen.php
new file mode 100644
index 0000000..09ec7f9
--- /dev/null
+++ b/includes/keygen.php
@@ -0,0 +1,128 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
+
+ <noscript>
+ <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
+ <p><?=_('If you don\'t want to do that for any reason, you can use '.
+ 'manually created certificate requests instead.')?></p>
+ </noscript>
+
+ <div id="noActiveX" style="color:red">
+ <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
+ <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
+ 'later versions you have to add this website to the list of trusted sites '.
+ 'in the internet settings.')?></p>
+ <p><?php
+ printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
+ 'Websites", click on "Custom Level", set "ActiveX control '.
+ 'elements that are not marked as safe initialized on start in '.
+ 'scripts" to "Confirm" and click "OK". Now click "Sites", add '.
+ '"%s" and "%s" to your list of trusted sites and make the '.
+ 'changes come into effect by clicking "Close" and "OK".'),
+ 'https://'.$_SESSION['_config']['normalhostname'],
+ 'https://'.$_SESSION['_config']['securehostname'])?>
+ </p>
+ </div>
+
+ <form method="post" style="display:none" action="account.php"
+ id="CertReqForm">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>" />
+ <input type="hidden" id="CSR" name="CSR" />
+ <input type="hidden" name="keytype" value="MS" />
+
+ <p><?=_('Security level')?>:
+ <select id="SecurityLevel">
+ <option value="high" selected="selected"><?=_('High')?></option>
+ <option value="medium"><?=_('Medium')?></option>
+ <option value="custom"><?=_('Custom')?>&hellip;</option>
+ </select>
+ </p>
+
+ <fieldset id="customSettings" style="display:none">
+ <legend><?=_('Custom Parameters')?></legend>
+
+ <p><?=_('Cryptography Provider')?>:
+ <select id="CspProvider"></select>
+ </p>
+ <p><?=_('Algorithm')?>: <select id="algorithm"></select></p>
+ <p><?=_('Keysize')?>:
+ <input id="keySize" type="number" />
+ <?=_('Minimum Size')?>: <span id="keySizeMin"></span>,
+ <?=_('Maximum Size')?>: <span id="keySizeMax"></span>,
+ <?php
+ // TRANSLATORS: this specifies the step between two valid key
+ // sizes. E.g. if the step is 512 and the minimum is 1024 and
+ // the maximum is 2048, then only 1024, 1536 and 2048 bits may
+ // be specified as key size.
+ echo _('Step')?>: <span id="keySizeStep"></span></p>
+ <p style="color:red"><?php
+ printf(_('Please note that RSA key sizes smaller than %d bit '.
+ 'will not be accepted by CAcert.'),
+ 1024)?>
+ </p>
+ </fieldset>
+
+ <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
+ <p id="generatingKeyNotice" style="display:none">
+ <?=_('Generating your key. Please wait')?>&hellip;</p>
+ </form>
+
+ <!-- Error messages used in the JavaScript. Defined here so they can be
+ translated without passing the JavaScript code through PHP -->
+ <p id="createRequestErrorChooseAlgorithm" style="display:none">
+ <?=_('Could not generate certificate request. Probably you need to '.
+ 'choose a different algorithm.')?>
+ </p>
+ <p id="createRequestErrorConfirmDialogue" style="display:none">
+ <?=_('Could not generate certificate request. Please confirm the '.
+ 'dialogue if you are asked if you want to generate the key.')?>
+ </p>
+ <p id="createRequestErrorConnectDevice" style="display:none">
+ <?=_('Could not generate certificate request. Please make sure the '.
+ 'cryptography device (e.g. the smartcard) is connected.')?>
+ </p>
+ <p id="createRequestError" style="display:none">
+ <?=_('Could not generate certificate request.')?>
+ </p>
+ <p id="invalidKeySizeError" style="display:none">
+ <?=_('You have specified an invalid key size')?>
+ </p>
+ <p id="unsupportedPlatformError" style="display:none">
+ <?=_('Could not initialize the cryptographic module for your '.
+ 'platform. Currently we support Microsoft Windows XP, Vista '.
+ 'and 7. If you\'re using one of these platforms and see this '.
+ 'error message anyway you might have to enable ActiveX as '.
+ 'described in the red explanation text and accept loading of '.
+ 'the module.')?>
+ </p>
+
+ <script type="text/javascript" src="keygenIE.js"></script>
+
+<? } else { ?>
+ <p>
+ <form method="post" action="account.php">
+ <input type="hidden" name="keytype" value="NS">
+ <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
+
+ <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ </form>
+ </p>
+<? }
diff --git a/includes/lib/account.php b/includes/lib/account.php
new file mode 100644
index 0000000..e311668
--- /dev/null
+++ b/includes/lib/account.php
@@ -0,0 +1,98 @@
+<?php
+/*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/**
+ * Function to recalculate the cached Assurer status
+ *
+ * @param int $userID
+ * if the user ID is not given the flag will be recalculated for all users
+ *
+ * @return bool
+ * false if there was an error on fixing the flag. This does NOT return the
+ * new value of the flag
+ */
+function fix_assurer_flag($userID = NULL)
+{
+ // Update Assurer-Flag on users table if 100 points and CATS passed.
+ //
+ // We may have some performance issues here if no userID is given
+ // there are ~150k assurances and ~220k users currently
+ // but the exists-clause on cats_passed should be a good filter
+ $sql = '
+ UPDATE `users` AS `u` SET `assurer` = 1
+ WHERE '.(
+ ($userID === NULL) ?
+ '`u`.`assurer` = 0' :
+ '`u`.`id` = \''.intval($userID).'\''
+ ).'
+ AND EXISTS(
+ SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv`
+ WHERE `cp`.`variant_id` = `cv`.`id`
+ AND `cv`.`type_id` = 1
+ AND `cp`.`user_id` = `u`.`id`
+ )
+ AND (
+ SELECT SUM(`points`) FROM `notary` AS `n`
+ WHERE `n`.`to` = `u`.`id`
+ AND (`n`.`expire` > now()
+ OR `n`.`expire` IS NULL)
+ ) >= 100';
+
+ $query = mysql_query($sql);
+ if (!$query) {
+ return false;
+ }
+ // Challenge has been passed and non-expired points >= 100
+
+ // Reset flag if requirements are not met
+ //
+ // Also a bit performance critical but assurer flag is only set on
+ // ~5k accounts
+ $sql = '
+ UPDATE `users` AS `u` SET `assurer` = 0
+ WHERE '.(
+ ($userID === NULL) ?
+ '`u`.`assurer` <> 0' :
+ '`u`.`id` = \''.intval($userID).'\''
+ ).'
+ AND (
+ NOT EXISTS(
+ SELECT 1 FROM `cats_passed` AS `cp`,
+ `cats_variant` AS `cv`
+ WHERE `cp`.`variant_id` = `cv`.`id`
+ AND `cv`.`type_id` = 1
+ AND `cp`.`user_id` = `u`.`id`
+ )
+ OR (
+ SELECT SUM(`points`) FROM `notary` AS `n`
+ WHERE `n`.`to` = `u`.`id`
+ AND (
+ `n`.`expire` > now()
+ OR `n`.`expire` IS NULL
+ )
+ ) < 100
+ )';
+
+ $query = mysql_query($sql);
+ if (!$query) {
+ return false;
+ }
+
+ return true;
+} \ No newline at end of file
diff --git a/includes/lib/check_weak_key.php b/includes/lib/check_weak_key.php
new file mode 100644
index 0000000..ca13ba2
--- /dev/null
+++ b/includes/lib/check_weak_key.php
@@ -0,0 +1,323 @@
+<?php /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+// failWithId()
+require_once 'general.php';
+
+
+/**
+* Checks whether the given CSR contains a vulnerable key
+*
+* @param $csr string
+* The CSR to be checked
+* @param $encoding string [optional]
+* The encoding the CSR is in (for the "-inform" parameter of OpenSSL,
+* currently only "PEM" (default) or "DER" allowed)
+* @return string containing the reason if the key is considered weak,
+* empty string otherwise
+*/
+function checkWeakKeyCSR($csr, $encoding = "PEM")
+{
+ $encoding = escapeshellarg($encoding);
+ $status = runCommand("openssl req -inform $encoding -text -noout",
+ $csr, $csrText);
+ if ($status === true) {
+ return failWithId("checkWeakKeyCSR(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $csrText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit ".
+ "the back button and try again.");
+ }
+
+ return checkWeakKeyText($csrText);
+}
+
+/**
+ * Checks whether the given X509 certificate contains a vulnerable key
+ *
+ * @param $cert string
+ * The X509 certificate to be checked
+ * @param $encoding string [optional]
+ * The encoding the certificate is in (for the "-inform" parameter of
+ * OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeyX509($cert, $encoding = "PEM")
+{
+ $encoding = escapeshellarg($encoding);
+ $status = runCommand("openssl x509 -inform $encoding -text -noout",
+ $cert, $certText);
+ if ($status === true) {
+ return failWithId("checkWeakKeyX509(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $certText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit ".
+ "the back button and try again.");
+ }
+
+ return checkWeakKeyText($certText);
+}
+
+/**
+ * Checks whether the given SPKAC contains a vulnerable key
+ *
+ * @param $spkac string
+ * The SPKAC to be checked
+ * @param $spkacname string [optional]
+ * The name of the variable that contains the SPKAC. The default is
+ * "SPKAC"
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
+{
+ $spkacname = escapeshellarg($spkacname);
+ $status = runCommand("openssl spkac -spkac $spkacname", $spkac, $spkacText);
+ if ($status === true) {
+ return failWithId("checkWeakKeySPKAC(): Failed to start OpenSSL");
+ }
+
+ if ($status !== 0 || $spkacText === "") {
+ return _("I didn't receive a valid Certificate Request. Hit the ".
+ "back button and try again.");
+ }
+
+ return checkWeakKeyText($spkacText);
+}
+
+/**
+ * Checks whether the given text representation of a CSR or a SPKAC contains
+ * a weak key
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @return string containing the reason if the key is considered weak,
+ * empty string otherwise
+ */
+function checkWeakKeyText($text)
+{
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't extract the ".
+ "public key algorithm used.\nData:\n$text");
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+
+ if ($algorithm === "rsaEncryption")
+ {
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "key size.\nData:\n$text");
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+
+ if ($keysize < 1024)
+ {
+ return sprintf(_("The keys that you use are very small ".
+ "and therefore insecure. Please generate stronger ".
+ "keys. More information about this issue can be ".
+ "found in %sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
+ "</a>");
+ } elseif ($keysize < 2048) {
+ // not critical but log so we have some statistics about
+ // affected users
+ trigger_error("checkWeakKeyText(): Certificate for small ".
+ "key (< 2048 bit) requested", E_USER_NOTICE);
+ }
+
+
+ $debianVuln = checkDebianVulnerability($text, $keysize);
+ if ($debianVuln === true)
+ {
+ return sprintf(_("The keys you use have very likely been ".
+ "generated with a vulnerable version of OpenSSL which ".
+ "was distributed by debian. Please generate new keys. ".
+ "More information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#DebianVulnerability'>",
+ "</a>");
+ } elseif ($debianVuln === false) {
+ // not vulnerable => do nothing
+ } else {
+ return failWithId("checkWeakKeyText(): Something went wrong in".
+ "checkDebianVulnerability().\nKeysize: $keysize\n".
+ "Data:\n$text");
+ }
+
+ if (!preg_match('/^\s*Exponent: (\d+) \(0x[0-9a-fA-F]+\)$/m', $text,
+ $exponent))
+ {
+ return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
+ "exponent.\nData:\n$text");
+ } else {
+ $exponent = $exponent[1]; // exponent might be very big =>
+ //handle as string using bc*()
+
+ if (bccomp($exponent, "3") === 0)
+ {
+ return sprintf(_("The keys you use might be insecure. ".
+ "Although there is currently no known attack for ".
+ "reasonable encryption schemes, we're being ".
+ "cautious and don't allow certificates for such ".
+ "keys. Please generate stronger keys. More ".
+ "information about this issue can be found in ".
+ "%sthe wiki%s"),
+ "<a href='//wiki.cacert.org/WeakKeys#SmallExponent'>",
+ "</a>");
+ } elseif (!(bccomp($exponent, "65537") >= 0 &&
+ (bccomp($exponent, "100000") === -1 ||
+ // speed things up if way smaller than 2^256
+ bccomp($exponent, bcpow("2", "256")) === -1) )) {
+ // 65537 <= exponent < 2^256 recommended by NIST
+ // not critical but log so we have some statistics about
+ // affected users
+ trigger_error("checkWeakKeyText(): Certificate for ".
+ "unsuitable exponent '$exponent' requested",
+ E_USER_NOTICE);
+ }
+ }
+ }
+
+ /* No weakness found */
+ return "";
+}
+
+/**
+ * Reimplement the functionality of the openssl-vulnkey tool
+ *
+ * @param $text string
+ * The text representation of a key as output by the
+ * "openssl <foo> -text -noout" commands
+ * @param $keysize int [optional]
+ * If the key size is already known it can be provided so it doesn't
+ * have to be parsed again. This also skips the check whether the key
+ * is an RSA key => use wisely
+ * @return TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
+ */
+function checkDebianVulnerability($text, $keysize = 0)
+{
+ $keysize = intval($keysize);
+
+ if ($keysize === 0)
+ {
+ /* Which public key algorithm? */
+ if (!preg_match('/^\s*Public Key Algorithm: ([^\s]+)$/m', $text,
+ $algorithm))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract ".
+ "the public key algorithm used.\nData:\n$text",
+ E_USER_WARNING);
+ return null;
+ } else {
+ $algorithm = $algorithm[1];
+ }
+
+ if ($algorithm !== "rsaEncryption") return false;
+
+ /* Extract public key size */
+ if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text,
+ $keysize))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't parse the ".
+ "RSA key size.\nData:\n$text", E_USER_WARNING);
+ return null;
+ } else {
+ $keysize = intval($keysize[1]);
+ }
+ }
+
+ // $keysize has been made sure to contain an int
+ $blacklist = "/usr/share/openssl-blacklist/blacklist.RSA-$keysize";
+ if (!(is_file($blacklist) && is_readable($blacklist)))
+ {
+ if (in_array($keysize, array(512, 1024, 2048, 4096)))
+ {
+ trigger_error("checkDebianVulnerability(): Blacklist for ".
+ "$keysize bit keys not accessible. Expected at ".
+ "$blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ trigger_error("checkDebianVulnerability(): $blacklist is not ".
+ "readable. Unsupported key size?", E_USER_WARNING);
+ return false;
+ }
+
+
+ /* Extract RSA modulus */
+ if (!preg_match('/^\s*Modulus \(\d+ bit\):\n'.
+ '((?:\s*[0-9a-f][0-9a-f]:(?:\n)?)+[0-9a-f][0-9a-f])$/m',
+ $text, $modulus))
+ {
+ trigger_error("checkDebianVulnerability(): Couldn't extract the ".
+ "RSA modulus.\nData:\n$text", E_USER_WARNING);
+ return null;
+ } else {
+ $modulus = $modulus[1];
+ // strip whitespace and colon leftovers
+ $modulus = str_replace(array(" ", "\t", "\n", ":"), "", $modulus);
+
+ // when using "openssl xxx -text" first byte was 00 in all my test
+ // cases but 00 not present in the "openssl xxx -modulus" output
+ if ($modulus[0] === "0" && $modulus[1] === "0")
+ {
+ $modulus = substr($modulus, 2);
+ } else {
+ trigger_error("checkDebianVulnerability(): First byte is not ".
+ "zero", E_USER_NOTICE);
+ }
+
+ $modulus = strtoupper($modulus);
+ }
+
+
+ /* calculate checksum and look it up in the blacklist */
+ $checksum = substr(sha1("Modulus=$modulus\n"), 20);
+
+ // $checksum and $blacklist should be safe, but just to make sure
+ $checksum = escapeshellarg($checksum);
+ $blacklist = escapeshellarg($blacklist);
+ $debianVuln = runCommand("grep $checksum $blacklist");
+ if ($debianVuln === 0) // grep returned something => it is on the list
+ {
+ return true;
+ } elseif ($debianVuln === 1) {
+ // grep returned nothing
+ return false;
+ } else {
+ trigger_error("checkDebianVulnerability(): Something went wrong ".
+ "when looking up the key with checksum $checksum in the ".
+ "blacklist $blacklist", E_USER_ERROR);
+ return null;
+ }
+
+ // Should not get here
+ return null;
+}
diff --git a/includes/lib/general.php b/includes/lib/general.php
new file mode 100644
index 0000000..85b132d
--- /dev/null
+++ b/includes/lib/general.php
@@ -0,0 +1,163 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/**
+ * Checks if the user may log in and retrieve the user id
+ *
+ * Usually called with $_SERVER['SSL_CLIENT_M_SERIAL'] and
+ * $_SERVER['SSL_CLIENT_I_DN_CN']
+ *
+ * @param $serial string
+ * usually $_SERVER['SSL_CLIENT_M_SERIAL']
+ * @param $issuer_cn string
+ * usually $_SERVER['SSL_CLIENT_I_DN_CN']
+ * @return int
+ * the user id, -1 in case of error
+ */
+function get_user_id_from_cert($serial, $issuer_cn)
+{
+ $query = "select `memid` from `emailcerts` where
+ `serial`='".mysql_escape_string($serial)."' and
+ `rootcert`= (select `id` from `root_certs` where
+ `Cert_Text`='".mysql_escape_string($issuer_cn)."') and
+ `revoked`=0 and disablelogin=0 and
+ UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+ return intval($row['memid']);
+ }
+
+ return -1;
+}
+
+/**
+ * Produces a log entry with the error message with log level E_USER_WARN
+ * and a random ID an returns a message that can be displayed to the user
+ * including the generated ID
+ *
+ * @param $errormessage string
+ * The error message that should be logged
+ * @return string containing the generated ID that can be displayed to the
+ * user
+ */
+function failWithId($errormessage) {
+ $errorId = rand();
+ trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
+ return sprintf(_("Something went wrong when processing your request. ".
+ "Please contact %s for help and provide them with the ".
+ "following ID: %d"),
+ "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
+ "ID%3A%20$errorId'>support@cacert.org</a>",
+ $errorId);
+}
+
+
+/**
+ * Runs a command on the shell and return it's exit code and output
+ *
+ * @param string $command
+ * The command to run. Make sure that you escapeshellarg() any non-constant
+ * parts as this is executed on a shell!
+ * @param string|bool $input
+ * The input that is passed to the command via STDIN, if true the real
+ * STDIN is passed through
+ * @param string|bool $output
+ * The output the command wrote to STDOUT (this is passed as reference),
+ * if true the output will be written to the real STDOUT. Output is ignored
+ * by default
+ * @param string|bool $errors
+ * The output the command wrote to STDERR (this is passed as reference),
+ * if true (default) the output will be written to the real STDERR
+ *
+ * @return int|bool
+ * The exit code of the command, true if the execution of the command
+ * failed (true because then
+ * <code>if (runCommand('echo "foo"')) handle_error();</code> will work)
+ */
+function runCommand($command, $input = "", &$output = null, &$errors = true) {
+ $descriptorspec = array();
+
+ if ($input !== true) {
+ $descriptorspec[0] = array("pipe", "r"); // STDIN for child
+ }
+
+ if ($output !== true) {
+ $descriptorspec[1] = array("pipe", "w"); // STDOUT for child
+ }
+
+ if ($errors !== true) {
+ $descriptorspec[2] = array("pipe", "w"); // STDERR for child
+ }
+
+ $proc = proc_open($command, $descriptorspec, $pipes);
+
+ if (is_resource($proc))
+ {
+ if ($input !== true) {
+ fwrite($pipes[0], $input);
+ fclose($pipes[0]);
+ }
+
+ if ($output !== true) {
+ $output = stream_get_contents($pipes[1]);
+ }
+
+ if ($errors !== true) {
+ $errors = stream_get_contents($pipes[2]);
+ }
+
+ return proc_close($proc);
+
+ } else {
+ return true;
+ }
+}
+
+ // returns 0 if $userID is an Assurer
+ // Otherwise :
+ // Bit 0 is always set
+ // Bit 1 is set if 100 Assurance Points are not reached
+ // Bit 2 is set if Assurer Test is missing
+ // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
+ function get_assurer_status($userID)
+ {
+ $Result = 0;
+ $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
+ ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
+ if(mysql_num_rows($query) < 1)
+ {
+ $Result |= 5;
+ }
+
+ $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
+ $row = mysql_fetch_assoc($query);
+ if ($row['points'] < 100) {
+ $Result |= 3;
+ }
+
+ $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
+ $row = mysql_fetch_assoc($query);
+ if ($row['assurer_blocked'] > 0) {
+ $Result |= 9;
+ }
+
+ return $Result;
+ }
+ \ No newline at end of file
diff --git a/includes/lib/l10n.php b/includes/lib/l10n.php
new file mode 100644
index 0000000..85b7aff
--- /dev/null
+++ b/includes/lib/l10n.php
@@ -0,0 +1,343 @@
+<?php /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/**
+ * This class provides some functions for language handling
+ */
+class L10n {
+ /**
+ * These are tranlations we currently support.
+ *
+ * If another translation is added, it doesn't suffice to have gettext set
+ * up, you also need to add it here, because it acts as a white list.
+ *
+ * @var array("ISO-language code" => "native name of the language")
+ */
+ public static $translations = array(
+ "ar" => "&#1575;&#1604;&#1593;&#1585;&#1576;&#1610;&#1577;",
+ "bg" => "&#1041;&#1098;&#1083;&#1075;&#1072;&#1088;&#1089;&#1082;&#1080;",
+ "cs" => "&#268;e&scaron;tina",
+ "da" => "Dansk",
+ "de" => "Deutsch",
+ "el" => "&Epsilon;&lambda;&lambda;&eta;&nu;&iota;&kappa;&#940;",
+ "en" => "English",
+ "es" => "Espa&#xf1;ol",
+ "fi" => "Suomi",
+ "fr" => "Fran&#xe7;ais",
+ "hu" => "Magyar",
+ "it" => "Italiano",
+ "ja" => "&#26085;&#26412;&#35486;",
+ "lv" => "Latvie&scaron;u",
+ "nl" => "Nederlands",
+ "pl" => "Polski",
+ "pt" => "Portugu&#xea;s",
+ "pt-br" => "Portugu&#xea;s Brasileiro",
+ "ru" => "&#x420;&#x443;&#x441;&#x441;&#x43a;&#x438;&#x439;",
+ "sv" => "Svenska",
+ "tr" => "T&#xfc;rk&#xe7;e",
+ "zh-cn" => "&#x4e2d;&#x6587;(&#x7b80;&#x4f53;)",
+ "zh-tw" => "&#x4e2d;&#x6587;(&#33274;&#28771;)",
+ );
+
+ /**
+ * setlocale needs a language + region code for whatever reason so here's
+ * the mapping from a translation code to locales with the region that
+ * seemed the most common for this language
+ *
+ * You probably never need this. Use {@link set_translation()} to change the
+ * language instead of manually calling setlocale().
+ *
+ * @var array(string => string)
+ */
+ private static $locales = array(
+ "ar" => "ar_JO",
+ "bg" => "bg_BG",
+ "cs" => "cs_CZ",
+ "da" => "da_DK",
+ "de" => "de_DE",
+ "el" => "el_GR",
+ "en" => "en_US",
+ "es" => "es_ES",
+ "fa" => "fa_IR",
+ "fi" => "fi_FI",
+ "fr" => "fr_FR",
+ "he" => "he_IL",
+ "hr" => "hr_HR",
+ "hu" => "hu_HU",
+ "id" => "id_ID",
+ "is" => "is_IS",
+ "it" => "it_IT",
+ "ja" => "ja_JP",
+ "ka" => "ka_GE",
+ "ko" => "ko_KR",
+ "lv" => "lv_LV",
+ "nb" => "nb_NO",
+ "nl" => "nl_NL",
+ "pl" => "pl_PL",
+ "pt" => "pt_PT",
+ "pt-br" => "pt_BR",
+ "ro" => "ro_RO",
+ "ru" => "ru_RU",
+ "sl" => "sl_SI",
+ "sv" => "sv_SE",
+ "th" => "th_TH",
+ "tr" => "tr_TR",
+ "uk" => "uk_UA",
+ "zh-cn" => "zh_CN",
+ "zh-tw" => "zh_TW",
+ );
+
+ /**
+ * Auto-detects the language that should be used and sets it. Only works for
+ * HTTP, not in a command line script.
+ *
+ * Priority:
+ * <ol>
+ * <li>explicit parameter "lang" passed in HTTP (e.g. via GET)</li>
+ * <li>existing setting in the session (stick to the setting we had before)
+ * </li>
+ * <li>auto-detect via the HTTP Accept-Language header sent by the user
+ * agent</li>
+ * </ol>
+ */
+ public static function detect_language() {
+ if ( (self::get_translation() != "")
+ // already set in the session?
+ &&
+ !(array_key_exists("lang", $_REQUEST) &&
+ trim($_REQUEST["lang"]) != "")
+ // explicit parameter?
+ )
+ {
+ if ( self::set_translation(self::get_translation()) ) {
+ return;
+ }
+ }
+
+
+ $languages = array();
+
+ // parse Accept-Language header
+ if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER)) {
+ $bits = explode(",", strtolower(
+ str_replace(" ", "", $_SERVER['HTTP_ACCEPT_LANGUAGE'])
+ ));
+ foreach($bits as $lang)
+ {
+ $b = explode(";", $lang);
+ if(count($b)>1 && substr($b[1], 0, 2) == "q=")
+ $c = floatval(substr($b[1], 2));
+ else
+ $c = 1;
+
+ if ($c != 0)
+ {
+ $languages[trim($b[0])] = $c;
+ }
+ }
+ }
+
+ // check if there is an explicit language given as parameter
+ if(array_key_exists("lang",$_REQUEST) && trim($_REQUEST["lang"]) != "")
+ {
+ // higher priority than those values in the header
+ $languages[strtolower(trim($_REQUEST["lang"]))] = 2.0;
+ }
+
+ arsort($languages, SORT_NUMERIC);
+
+ // this is used to be compatible with browsers like internet
+ // explorer which only provide the language code including the
+ // region not without. Also handles the fallback to English (qvalues
+ // may only have three digits after the .)
+ $fallbacks = array("en" => 0.0005);
+
+ foreach($languages as $lang => $qvalue)
+ {
+ // ignore any non-conforming values (that's why we don't need to
+ // mysql_real_escape() or escapeshellarg(), but take care of
+ // the '*')
+ // spec: ( ( 1*8ALPHA *( "-" 1*8ALPHA ) ) | "*" )
+ if ( preg_match('/^(?:([a-zA-Z]{1,8})(?:-[a-zA-Z]{1,8})*|\*)$/',
+ $lang, $matches) !== 1 ) {
+ continue;
+ }
+ $lang_prefix = $matches[1]; // usually two-letter language code
+ $fallbacks[$lang_prefix] = $qvalue;
+
+ $chosen_translation = "";
+ if ($lang === '*') {
+ // According to the standard '*' matches anything but any
+ // language explicitly specified. So in theory if there
+ // was an explicit mention of "en" with a lower priority
+ // this would be incorrect, but that's too much trouble.
+ $chosen_translation = "en";
+ } else {
+ $lang_length = strlen($lang);
+ foreach (self::$translations as $translation => $ignore)
+ {
+ // May match exactly or on every '-'
+ if ( $translation === $lang ||
+ substr($translation, 0, $lang_length + 1)
+ === $lang.'-'
+ )
+ {
+ $chosen_translation = $translation;
+ break;
+ }
+ }
+ }
+
+ if ($chosen_translation !== "")
+ {
+ if (self::set_translation($chosen_translation)) {
+ return;
+ }
+ }
+ }
+
+ // No translation found yet => try the prefixes
+ arsort($fallbacks, SORT_NUMERIC);
+ foreach ($fallbacks as $lang => $qvalue) {
+ if (self::set_translation($lang)) {
+ return;
+ }
+ }
+
+ // should not get here, as the fallback of "en" is provided and that
+ // should always work => log an error
+ trigger_error("L10n::detect_language(): could not set language",
+ E_USER_WARNING);
+ }
+
+ /**
+ * Get the set translation
+ *
+ * @return string
+ * a translation code or the empty string if not set
+ */
+ public static function get_translation() {
+ if (array_key_exists('language', $_SESSION['_config'])) {
+ return $_SESSION['_config']['language'];
+ } else {
+ return "";
+ }
+ }
+
+ /**
+ * Set the translation to use.
+ *
+ * @param string $translation_code
+ * the translation code as specified in the keys of {@link $translations}
+ *
+ * @return bool
+ * <ul>
+ * <li>true if the translation has been set successfully</li>
+ * <li>false if the $translation_code was not contained in the white
+ * list or could not be set for other reasons (e.g. setlocale()
+ * failed because the locale has not been set up on the system -
+ * details will be logged)</li>
+ * </ul>
+ */
+ public static function set_translation($translation_code) {
+ // check $translation_code against whitelist
+ if ( !array_key_exists($translation_code, self::$translations) ) {
+ // maybe it's a locale as previously used in the system? e.g. en_AU
+ if ( preg_match('/^([a-z][a-z])_([A-Z][A-Z])$/', $translation_code,
+ $matches) !== 1 ) {
+ return false;
+ }
+
+ $lang_code = $matches[1];
+ $region_code = strtolower($matches[2]);
+
+ if ( array_key_exists("${lang_code}-${region_code}",
+ self::$translations) ) {
+ $translation_code = "${lang_code}-${region_code}";
+ } elseif ( array_key_exists($lang_code, self::$translations) ) {
+ $translation_code = $lang_code;
+ } else {
+ return false;
+ }
+ }
+
+ // map translation to locale
+ if ( !array_key_exists($translation_code, self::$locales) ) {
+ // weird. maybe you added a translation but haven't added a
+ // translation to locale mapping in self::locales?
+ trigger_error("L10n::set_translation(): could not map the ".
+ "translation $translation_code to a locale", E_USER_WARNING);
+ return false;
+ }
+ $locale = self::$locales[$translation_code];
+
+ // set up locale
+ if ( !putenv("LANG=$locale") ) {
+ trigger_error("L10n::set_translation(): could not set the ".
+ "environment variable LANG to $locale", E_USER_WARNING);
+ return false;
+ }
+ if ( !setlocale(LC_ALL, $locale) ) {
+ trigger_error("L10n::set_translation(): could not setlocale() ".
+ "LC_ALL to $locale", E_USER_WARNING);
+ return false;
+ }
+
+
+ // only set if we're running in a server not in a script
+ if (isset($_SESSION)) {
+ // save the setting
+ $_SESSION['_config']['language'] = $translation_code;
+
+
+ // Set up the recode settings needed e.g. in PDF creation
+ $_SESSION['_config']['recode'] = "html..latin-1";
+
+ if($translation_code === "zh-cn" || $translation_code === "zh-tw")
+ {
+ $_SESSION['_config']['recode'] = "html..gb2312";
+
+ } else if($translation_code === "pl" || $translation_code === "hu") {
+ $_SESSION['_config']['recode'] = "html..ISO-8859-2";
+
+ } else if($translation_code === "ja") {
+ $_SESSION['_config']['recode'] = "html..SHIFT-JIS";
+
+ } else if($translation_code === "ru") {
+ $_SESSION['_config']['recode'] = "html..ISO-8859-5";
+
+ } else if($translation_code == "lt") { // legacy, keep for reference
+ $_SESSION['_config']['recode'] = "html..ISO-8859-13";
+
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Sets up the text domain used by gettext
+ *
+ * @param string $domain
+ * the gettext domain that should be used, defaults to "messages"
+ */
+ public static function init_gettext($domain = 'messages') {
+ bindtextdomain($domain, $_SESSION['_config']['filepath'].'/locale');
+ textdomain($domain);
+ }
+} \ No newline at end of file
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 355527f..5734fad 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -16,6 +16,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+ include_once("../includes/lib/general.php");
+ require_once("../includes/lib/l10n.php");
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
{
@@ -41,14 +43,11 @@
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
{
- $query = "select * from `emailcerts` where `serial`='${_SERVER['SSL_CLIENT_M_SERIAL']}' and `revoked`=0 and disablelogin=0 and
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
+ $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+ $_SERVER['SSL_CLIENT_I_DN_CN']);
- if(mysql_num_rows($res) > 0)
+ if($user_id >= 0)
{
- $row = mysql_fetch_assoc($res);
-
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
foreach($_SESSION as $key)
@@ -61,7 +60,8 @@
session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ "select * from `users` where `id`='".$user_id."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else
@@ -111,18 +111,12 @@
if($_SESSION['profile']['language'] == "")
{
- $query = "update `users` set `language`='".$_SESSION['_config']['language']."'
+ $query = "update `users` set `language`='".L10n::get_translation()."'
where `id`='".$_SESSION['profile']['id']."'";
mysql_query($query);
} else {
- $_SESSION['_config']['language'] = $_SESSION['profile']['language'];
-
- putenv("LANG=".$_SESSION['_config']['language']);
- setlocale(LC_ALL, $_SESSION['_config']['language']);
-
- $domain = 'messages';
- bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
- textdomain("$domain");
+ L10n::set_translation($_SESSION['profile']['language']);
+ L10n::init_gettext();
}
}
@@ -131,13 +125,12 @@
$normalhost=$_SESSION['_config']['normalhostname'];
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
- foreach($_SESSION as $key)
+ foreach($_SESSION as $key => $value)
{
unset($_SESSION[$key]);
unset($$key);
session_unregister($key);
}
- unset($_SESSION);
header("location: https://".$normalhost."/index.php");
exit;
diff --git a/includes/mysql.php.sample b/includes/mysql.php.sample
index ff5cfc3..10185fc 100644
--- a/includes/mysql.php.sample
+++ b/includes/mysql.php.sample
@@ -28,7 +28,7 @@
function sendmail($to, $subject, $message, $from, $replyto = "", $toname = "", $fromname = "", $errorsto = "returns@cacert.org", $extra="")
{
- $lines = explode('\n', $message);
+ $lines = explode("\n", $message);
$message = "";
foreach($lines as $line)
{
@@ -64,7 +64,8 @@
fputs($smtp, "DATA\r\n");
$InputBuffer = fgets($smtp, 1024);
fputs($smtp, "X-Mailer: CAcert.org Website\r\n");
- fputs($smtp, "X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
+ if (array_key_exists("REMOTE_ADDR", $_SERVER))
+ fputs($smtp, "X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
fputs($smtp, "Sender: $errorsto\r\n");
fputs($smtp, "Errors-To: $errorsto\r\n");
if($replyto != "")
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
new file mode 100644
index 0000000..d6f86a8
--- /dev/null
+++ b/includes/notary.inc.php
@@ -0,0 +1,675 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ function query_init ($query)
+ {
+ return mysql_query($query);
+ }
+
+ function query_getnextrow ($res)
+ {
+ $row1 = mysql_fetch_assoc($res);
+ return $row1;
+ }
+
+ function query_get_number_of_rows ($resultset)
+ {
+ return intval(mysql_num_rows($resultset));
+ }
+
+ function get_number_of_assurances ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
+ function get_number_of_assurees ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
+ function get_top_assurer_position ($no_of_assurances)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting'
+ GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
+ return intval(query_get_number_of_rows($res)+1);
+ }
+
+ function get_top_assuree_position ($no_of_assurees)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting'
+ GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
+ return intval(query_get_number_of_rows($res)+1);
+ }
+
+ function get_given_assurances ($userid)
+ {
+ $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
+ return $res;
+ }
+
+ function get_received_assurances ($userid)
+ {
+ $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
+ return $res;
+ }
+
+ function get_given_assurances_summary ($userid)
+ {
+ $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
+ return $res;
+ }
+
+ function get_received_assurances_summary ($userid)
+ {
+ $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
+ return $res;
+ }
+
+ function get_user ($userid)
+ {
+ $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
+ return mysql_fetch_assoc($res);
+ }
+
+ function get_cats_state ($userid)
+ {
+
+ $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
+ WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
+ return mysql_num_rows($res);
+ }
+
+ function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
+ {
+ $apoints = max($row['points'],$row['awarded']);
+ $points += $apoints;
+ $experience = "&nbsp;";
+ $revoked = false; # to be coded later (after DB-upgrade)
+ if ($row['method'] == "Face to Face Meeting")
+ {
+ $sum_experience = $sum_experience +2;
+ $experience = "2";
+ }
+ return $apoints;
+ }
+
+ function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
+ {
+ $awarded = calc_points($row);
+ $revoked = false;
+
+ if ($awarded > 100)
+ {
+ $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
+ $awarded = 100;
+ }
+ else
+ $experience = 0;
+
+ switch ($row['method'])
+ {
+ case 'Thawte Points Transfer':
+ case 'CT Magazine - Germany':
+ case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
+ $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
+ $experience=0;
+ $revoked=true;
+ break;
+ default:
+ $points += $awarded;
+ }
+ $sumexperience = $sumexperience + $experience;
+ }
+
+
+ function show_user_link ($name,$userid)
+ {
+ $name = trim($name);
+ if($name == "")
+ {
+ if ($userid == 0)
+ $name = _("System");
+ else
+ $name = _("Deleted account");
+ }
+ else
+ $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
+ return $name;
+ }
+
+ function show_email_link ($email,$userid)
+ {
+ $email = trim($email);
+ if($email != "")
+ $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
+ return $email;
+ }
+
+ function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
+ {
+ $num_of_assurances = get_number_of_assurances (intval($userid));
+ $rank_of_assurer = get_top_assurer_position($num_of_assurances);
+ }
+
+ function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
+ {
+ $num_of_assurees = get_number_of_assurees (intval($userid));
+ $rank_of_assuree = get_top_assuree_position($num_of_assurees);
+ }
+
+
+// ************* html table definitions ******************
+
+ function output_ranking($userid)
+ {
+ get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
+ get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
+
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="title"><?=_("Assurer Ranking")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
+ </tr>
+</table>
+<br/>
+<?
+ }
+
+ function output_assurances_header($title,$support)
+ {
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+<?
+ if ($support == "1")
+ {
+?>
+ <td colspan="10" class="title"><?=$title?></td>
+<?
+ } else {
+?>
+ <td colspan="7" class="title"><?=$title?></td>
+<? }
+?>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("ID")?></strong></td>
+ <td class="DataTD"><strong><?=_("Date")?></strong></td>
+<?
+ if ($support == "1")
+ {
+?>
+ <td class="DataTD"><strong><?=_("When")?></strong></td>
+ <td class="DataTD"><strong><?=_("Email")?></strong></td>
+<? } ?>
+ <td class="DataTD"><strong><?=_("Who")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Location")?></strong></td>
+ <td class="DataTD"><strong><?=_("Method")?></strong></td>
+ <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
+<?
+ if ($support == "1")
+ {
+?>
+ <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
+<?
+ }
+?>
+ </tr>
+<?
+ }
+
+ function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
+ {
+?>
+ <tr>
+ <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD">&nbsp;</td>
+ <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
+ <td class="DataTD"><?=$sumexperience?></td>
+<?
+ if ($support == "1")
+ {
+?>
+ <td class="DataTD">&nbsp;</td>
+<?
+ }
+?>
+
+ </tr>
+</table>
+<br/>
+<?
+ }
+
+ function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
+ {
+
+ $tdstyle="";
+ $emopen="";
+ $emclose="";
+
+ if ($awarded == $points)
+ {
+ if ($awarded == "0")
+ {
+ if ($when < "2006-09-01")
+ {
+ $tdstyle="style='background-color: #ffff80'";
+ $emopen="<em>";
+ $emclose="</em>";
+ }
+ }
+ }
+?>
+ <tr>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
+<?
+ if ($support == "1")
+ {
+?>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
+<? }
+?>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
+<?
+ if ($support == "1")
+ {
+ if ($revoked == true)
+ {
+?>
+ <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
+<? } else {
+?>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+<?
+ }
+ }
+?>
+ </tr>
+<?
+ }
+
+ function output_summary_header()
+ {
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("Description")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Remark")?></strong></td>
+ </tr>
+<?
+ }
+
+ function output_summary_footer()
+ {
+?>
+</table>
+<br/>
+<?
+ }
+
+ function output_summary_row($title,$points,$points_countable,$remark)
+ {
+?>
+ <tr>
+ <td class="DataTD"><strong><?=$title?></strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD"><?=$points_countable?></td>
+ <td class="DataTD"><?=$remark?></td>
+ </tr>
+<?
+ }
+
+
+// ************* output given assurances ******************
+
+ function output_given_assurances_content($userid,&$points,&$sum_experience,$support)
+ {
+ $points = 0;
+ $sumexperience = 0;
+ $res = get_given_assurances(intval($userid));
+ while($row = mysql_fetch_assoc($res))
+ {
+ $fromuser = get_user (intval($row['to']));
+ $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
+ $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
+ $email = show_email_link ($fromuser['email'],intval($row['to']));
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+ }
+ }
+
+// ************* output received assurances ******************
+
+ function output_received_assurances_content($userid,&$points,&$sum_experience,$support)
+ {
+ $points = 0;
+ $sumexperience = 0;
+ $res = get_received_assurances(intval($userid));
+ while($row = mysql_fetch_assoc($res))
+ {
+ $fromuser = get_user (intval($row['from']));
+ calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
+ $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
+ $email = show_email_link ($fromuser['email'],intval($row['from']));
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+ }
+ }
+
+// ************* output summary table ******************
+
+ function check_date_limit ($userid,$age)
+ {
+ $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
+ $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
+ return intval(query_get_number_of_rows($res));
+ }
+
+ function calc_points($row)
+ {
+ $awarded = intval($row['awarded']);
+ if ($awarded == "")
+ $awarded = 0;
+ if (intval($row['points']) < $awarded)
+ $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
+ else
+ $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
+ switch ($row['method'])
+ {
+ case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
+ case 'CT Magazine - Germany': // revoke c't (only one test-entry)
+ case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
+ $points = 0;
+ break;
+ case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
+ if ($points <= 2) // maybe limit to 35/50 pts in the future?
+ $points = 0;
+ break;
+ case 'Unknown': // to be revoked in the future? limit to max 50 pts?
+ case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
+ case '': // to be revoked in the future? limit to max 50 pts?
+ case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
+ break;
+ default: // should never happen ... ;-)
+ $points = 0;
+ }
+ if ($points < 0) // ignore negative points (bug needs to be fixed)
+ $points = 0;
+ return $points;
+ }
+
+ function max_points($userid)
+ {
+ return output_summary_content ($userid,0);
+ }
+
+ function output_summary_content($userid,$display_output)
+ {
+ $sum_points = 0;
+ $sum_experience = 0;
+ $sum_experience_other = 0;
+ $max_points = 100;
+ $max_experience = 50;
+
+ $experience_limit_reached_txt = _("Limit reached");
+
+ if (check_date_limit($userid,18) != 1)
+ {
+ $max_experience = 10;
+ $experience_limit_reached_txt = _("Limit given by PoJAM reached");
+ }
+ if (check_date_limit($userid,14) != 1)
+ {
+ $max_experience = 0;
+ $experience_limit_reached_txt = _("Limit given by PoJAM reached");
+ }
+
+ $res = get_received_assurances_summary($userid);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $points = calc_points ($row);
+
+ if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
+ {
+ $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
+ $points = $max_points;
+ }
+ $sum_points += $points*intval($row['number']);
+ }
+
+ $res = get_given_assurances_summary($userid);
+ while($row = mysql_fetch_assoc($res))
+ {
+ switch ($row['method'])
+ {
+ case 'Face to Face Meeting': // count Face to Face only
+ $sum_experience += 2*intval($row['number']);
+ break;
+ }
+
+ }
+
+ if ($sum_points > $max_points)
+ {
+ $sum_points_countable = $max_points;
+ $remark_points = _("Limit reached");
+ }
+ else
+ {
+ $sum_points_countable = $sum_points;
+ $remark_points = "&nbsp;";
+ }
+ if ($sum_experience > $max_experience)
+ {
+ $sum_experience_countable = $max_experience;
+ $remark_experience = $experience_limit_reached_txt;
+ }
+ else
+ {
+ $sum_experience_countable = $sum_experience;
+ $remark_experience = "&nbsp;";
+ }
+
+ if ($sum_experience_countable + $sum_experience_other > $max_experience)
+ {
+ $sum_experience_other_countable = $max_experience-$sum_experience_countable;
+ $remark_experience_other = $experience_limit_reached_txt;
+ }
+ else
+ {
+ $sum_experience_other_countable = $sum_experience_other;
+ $remark_experience_other = "&nbsp;";
+ }
+
+ if ($sum_points_countable < $max_points)
+ {
+ if ($sum_experience_countable != 0)
+ $remark_experience = _("Points on hold due to less assurance points");
+ $sum_experience_countable = 0;
+ if ($sum_experience_other_countable != 0)
+ $remark_experience_other = _("Points on hold due to less assurance points");
+ $sum_experience_other_countable = 0;
+ }
+
+ $issue_points = 0;
+ $cats_test_passed = get_cats_state ($userid);
+ if ($cats_test_passed == 0)
+ {
+ $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
+ if ($sum_points_countable < $max_points)
+ {
+ $issue_points_txt = "<strong style='color: red'>";
+ $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
+ $issue_points_txt .= "</strong>";
+ }
+ }
+ else
+ {
+ $experience_total = $sum_experience_countable+$sum_experience_other_countable;
+ $issue_points_txt = "";
+ if ($sum_points_countable == $max_points)
+ $issue_points = 10;
+ if ($experience_total >= 10)
+ $issue_points = 15;
+ if ($experience_total >= 20)
+ $issue_points = 20;
+ if ($experience_total >= 30)
+ $issue_points = 25;
+ if ($experience_total >= 40)
+ $issue_points = 30;
+ if ($experience_total >= 50)
+ $issue_points = 35;
+ if ($issue_points != 0)
+ $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
+ }
+ if ($display_output)
+ {
+ output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
+ output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
+ output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
+ output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
+ }
+ return $issue_points;
+ }
+
+ function output_given_assurances($userid,$support)
+ {
+ output_assurances_header(_("Assurance Points You Issued"),$support);
+ output_given_assurances_content($userid,$points,$sum_experience,$support);
+ output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
+ }
+
+ function output_received_assurances($userid,$support)
+ {
+ output_assurances_header(_("Your Assurance Points"),$support);
+ output_received_assurances_content($userid,$points,$sum_experience,$support);
+ output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
+ }
+
+ function output_summary($userid)
+ {
+ output_summary_header();
+ output_summary_content($userid,1);
+ output_summary_footer();
+ }
+
+ function output_end_of_page()
+ {
+?>
+ <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
+<?
+ }
+
+ //functions to do with recording user agreements
+ function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
+ // write a new record to the table user_agreement
+ $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
+ ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
+ $res = mysql_query($query);
+ }
+
+ function get_user_agreement_status($memid, $type="CCA"){
+ //returns 0 - no user agreement, 1- at least one entry
+ $query="SELECT u.`document` FROM `user_agreements` u
+ WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <=0){
+ return 0;
+ }else{
+ return 1;
+ }
+ }
+
+ function get_first_user_agreement($memid, $active=1, $type="CCA"){
+ //returns an array (`document`,`date`,`method`, `comment`,`active`)
+ if($active==1){
+ $filter="u.`memid`=".$memid;
+ }else{
+ $filter="u.`secmemid`=".$memid;
+ }
+ $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
+ WHERE u.`document` = '".$type."' AND ".$filter."
+ ORDER BY u.`date` Limit 1;";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) >0){
+ $row = mysql_fetch_assoc($res);
+ $rec['document']= $row['document'];
+ $rec['date']= $row['date'];
+ $rec['method']= $row['method'];
+ $rec['comment']= $row['comment'];
+ $rec['active']= $row['active'];
+ }else{
+ $rec=array();
+ }
+ return $rec;
+ }
+
+ function get_last_user_agreement($memid, $type="CCA"){
+ //returns an array (`document`,`date`,`method`, `comment`,`active`)
+ $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
+ union
+ (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) >0){
+ $row = mysql_fetch_assoc($res);
+ $rec['document']= $row['document'];
+ $rec['date']= $row['date'];
+ $rec['method']= $row['method'];
+ $rec['comment']= $row['comment'];
+ $rec['active']= $row['active'];
+ }else{
+ $rec=array();
+ }
+ return $rec;
+}
+
+ function delete_user_agreement($memid, $type="CCA"){
+ //deletes all entries to an user for the given type of user agreements
+ mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
+ mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
+ }
+
+?>
diff --git a/includes/tverify_stuff.php b/includes/tverify_stuff.php
index 46f49f6..93f7c32 100644
--- a/includes/tverify_stuff.php
+++ b/includes/tverify_stuff.php
@@ -66,7 +66,7 @@ if(!function_exists("showfooter"))
</div>
</div>
<div id="siteInfo">
- <a href="/index.php?id=12"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
+ <a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
<a href="/index.php?id=10"><?=_("Privacy Policy")?></a> |
<a href="/index.php?id=51"><?=_("Mission Statement")?></a> | <a href="/index.php?id=11"><?=_("Contact Us")?></a> |
<a href="/index.php?id=19"><?=_("Further Information")?></a> | &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
new file mode 100644
index 0000000..9471bee
--- /dev/null
+++ b/includes/wot.inc.php
@@ -0,0 +1,640 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ function query_init ($query)
+ {
+ return mysql_query($query);
+ }
+
+ function query_getnextrow ($res)
+ {
+ $row1 = mysql_fetch_assoc($res);
+ return $row1;
+ }
+
+ function query_get_number_of_rows ($resultset)
+ {
+ return intval(mysql_num_rows($resultset));
+ }
+
+ function get_number_of_assurances ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
+ function get_number_of_ttpassurances ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
+ function get_number_of_assurees ($userid)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
+ $row = query_getnextrow($res);
+
+ return intval($row['list']);
+ }
+
+ function get_top_assurer_position ($no_of_assurances)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting'
+ GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
+ return intval(query_get_number_of_rows($res)+1);
+ }
+
+ function get_top_assuree_position ($no_of_assurees)
+ {
+ $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+ WHERE `method` = 'Face to Face Meeting'
+ GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
+ return intval(query_get_number_of_rows($res)+1);
+ }
+
+ function get_given_assurances ($userid)
+ {
+ $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
+ return $res;
+ }
+
+ function get_received_assurances ($userid)
+ {
+ $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
+ return $res;
+ }
+
+ function get_given_assurances_summary ($userid)
+ {
+ $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
+ return $res;
+ }
+
+ function get_received_assurances_summary ($userid)
+ {
+ $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
+ return $res;
+ }
+
+ function get_user ($userid)
+ {
+ $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
+ return mysql_fetch_assoc($res);
+ }
+
+ function get_cats_state ($userid)
+ {
+
+ $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
+ WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
+ return mysql_num_rows($res);
+ }
+
+ function calc_experience ($row,&$points,&$experience,&$sum_experience)
+ {
+ $apoints = max($row['points'], $row['awarded']);
+
+ $points += $apoints;
+
+ $experience = "&nbsp;";
+ if ($row['method'] == "Face to Face Meeting")
+ {
+ $sum_experience = $sum_experience +2;
+ $experience = "2";
+ }
+ return $apoints;
+ }
+
+ function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
+ {
+ $awarded = calc_points($row);
+
+ if ($awarded > 100)
+ {
+ $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
+ $awarded = 100;
+ }
+ else
+ $experience = 0;
+
+ switch ($row['method'])
+ {
+ case 'Thawte Points Transfer':
+ case 'CT Magazine - Germany':
+ case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
+ $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
+ $experience=0;
+ break;
+ default:
+ $points += $awarded;
+ }
+ $sumexperience = $sumexperience + $experience;
+ }
+
+
+ function show_user_link ($name,$userid)
+ {
+ $name = trim($name);
+ if($name == "")
+ {
+ if ($userid == 0)
+ $name = _("System");
+ else
+ $name = _("Deleted account");
+ }
+ else
+ $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
+ return $name;
+ }
+
+ function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
+ {
+ $num_of_assurances = get_number_of_assurances (intval($userid));
+ $rank_of_assurer = get_top_assurer_position($num_of_assurances);
+ }
+
+ function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
+ {
+ $num_of_assurees = get_number_of_assurees (intval($userid));
+ $rank_of_assuree = get_top_assuree_position($num_of_assurees);
+ }
+
+
+// ************* html table definitions ******************
+
+ function output_ranking($userid)
+ {
+ get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
+ get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
+
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="title"><?=_("Assurer Ranking")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
+ </tr>
+</table>
+<br/>
+<?
+ }
+
+ function output_assurances_header($title)
+ {
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="7" class="title"><?=$title?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("ID")?></strong></td>
+ <td class="DataTD"><strong><?=_("Date")?></strong></td>
+ <td class="DataTD"><strong><?=_("Who")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Location")?></strong></td>
+ <td class="DataTD"><strong><?=_("Method")?></strong></td>
+ <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
+ </tr>
+<?
+ }
+
+ function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
+ {
+?>
+ <tr>
+ <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD">&nbsp;</td>
+ <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
+ <td class="DataTD"><?=$sumexperience?></td>
+ </tr>
+</table>
+<br/>
+<?
+ }
+
+ function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience)
+ {
+
+ $tdstyle="";
+ $emopen="";
+ $emclose="";
+
+ if ($awarded == $points)
+ {
+ if ($awarded == "0")
+ {
+ if ($when < "2006-09-01")
+ {
+ $tdstyle="style='background-color: #ffff80'";
+ $emopen="<em>";
+ $emclose="</em>";
+ }
+ }
+ }
+
+?>
+ <tr>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
+ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
+ </tr>
+<?
+ }
+
+ function output_summary_header()
+ {
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><strong><?=_("Description")?></strong></td>
+ <td class="DataTD"><strong><?=_("Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
+ <td class="DataTD"><strong><?=_("Remark")?></strong></td>
+ </tr>
+<?
+ }
+
+ function output_summary_footer()
+ {
+?>
+</table>
+<br/>
+<?
+ }
+
+ function output_summary_row($title,$points,$points_countable,$remark)
+ {
+?>
+ <tr>
+ <td class="DataTD"><strong><?=$title?></strong></td>
+ <td class="DataTD"><?=$points?></td>
+ <td class="DataTD"><?=$points_countable?></td>
+ <td class="DataTD"><?=$remark?></td>
+ </tr>
+<?
+ }
+
+
+// ************* output given assurances ******************
+
+ function output_given_assurances_content($userid,&$points,&$sum_experience)
+ {
+ $points = 0;
+ $sumexperience = 0;
+ $res = get_given_assurances(intval($userid));
+ while($row = mysql_fetch_assoc($res))
+ {
+ $fromuser = get_user (intval($row['to']));
+ $apoints = calc_experience ($row,$points,$experience,$sum_experience);
+ $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
+ }
+ }
+
+// ************* output received assurances ******************
+
+ function output_received_assurances_content($userid,&$points,&$sum_experience)
+ {
+ $points = 0;
+ $sumexperience = 0;
+ $res = get_received_assurances(intval($userid));
+ while($row = mysql_fetch_assoc($res))
+ {
+ $fromuser = get_user (intval($row['from']));
+ calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
+ $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
+ output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
+ }
+ }
+
+// ************* output summary table ******************
+
+ function check_date_limit ($userid,$age)
+ {
+ $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
+ $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
+ return intval(query_get_number_of_rows($res));
+ }
+
+ function calc_points($row)
+ {
+ $awarded = intval($row['awarded']);
+ if ($awarded == "")
+ $awarded = 0;
+ if (intval($row['points']) < $awarded)
+ $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
+ else
+ $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
+ switch ($row['method'])
+ {
+ case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
+ case 'CT Magazine - Germany': // revoke c't (only one test-entry)
+ case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
+ $points = 0;
+ break;
+ case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
+ if ($points <= 2) // maybe limit to 35/50 pts in the future?
+ $points = 0;
+ break;
+ case 'Unknown': // to be revoked in the future? limit to max 50 pts?
+ case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
+ case 'TTP-Assisted': // TTP assurances, limit to 35
+ case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
+ case '': // to be revoked in the future? limit to max 50 pts?
+ case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
+ break;
+ default: // should never happen ... ;-)
+ $points = 0;
+ }
+ if ($points < 0) // ignore negative points (bug needs to be fixed)
+ $points = 0;
+ return $points;
+ }
+
+ function max_points($userid)
+ {
+ return output_summary_content ($userid,0);
+ }
+
+ function output_summary_content($userid,$display_output)
+ {
+ $sum_points = 0;
+ $sum_experience = 0;
+ $sum_experience_other = 0;
+ $max_points = 100;
+ $max_experience = 50;
+
+ $experience_limit_reached_txt = _("Limit reached");
+
+ if (check_date_limit($userid,18) != 1)
+ {
+ $max_experience = 10;
+ $experience_limit_reached_txt = _("Limit given by PoJAM reached");
+ }
+ if (check_date_limit($userid,14) != 1)
+ {
+ $max_experience = 0;
+ $experience_limit_reached_txt = _("Limit given by PoJAM reached");
+ }
+
+ $res = get_received_assurances_summary($userid);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $points = calc_points ($row);
+
+ if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
+ {
+ $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
+ $points = $max_points;
+ }
+ $sum_points += $points*intval($row['number']);
+ }
+
+ $res = get_given_assurances_summary($userid);
+ while($row = mysql_fetch_assoc($res))
+ {
+ switch ($row['method'])
+ {
+ case 'Face to Face Meeting': // count Face to Face only
+ $sum_experience += 2*intval($row['number']);
+ break;
+ }
+
+ }
+
+ if ($sum_points > $max_points)
+ {
+ $sum_points_countable = $max_points;
+ $remark_points = _("Limit reached");
+ }
+ else
+ {
+ $sum_points_countable = $sum_points;
+ $remark_points = "&nbsp;";
+ }
+ if ($sum_experience > $max_experience)
+ {
+ $sum_experience_countable = $max_experience;
+ $remark_experience = $experience_limit_reached_txt;
+ }
+ else
+ {
+ $sum_experience_countable = $sum_experience;
+ $remark_experience = "&nbsp;";
+ }
+
+ if ($sum_experience_countable + $sum_experience_other > $max_experience)
+ {
+ $sum_experience_other_countable = $max_experience-$sum_experience_countable;
+ $remark_experience_other = $experience_limit_reached_txt;
+ }
+ else
+ {
+ $sum_experience_other_countable = $sum_experience_other;
+ $remark_experience_other = "&nbsp;";
+ }
+
+ if ($sum_points_countable < $max_points)
+ {
+ if ($sum_experience_countable != 0)
+ $remark_experience = _("Points on hold due to less assurance points");
+ $sum_experience_countable = 0;
+ if ($sum_experience_other_countable != 0)
+ $remark_experience_other = _("Points on hold due to less assurance points");
+ $sum_experience_other_countable = 0;
+ }
+
+ $issue_points = 0;
+ $cats_test_passed = get_cats_state ($userid);
+ if ($cats_test_passed == 0)
+ {
+ $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
+ if ($sum_points_countable < $max_points)
+ {
+ $issue_points_txt = "<strong style='color: red'>";
+ $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
+ $issue_points_txt .= "</strong>";
+ }
+ }
+ else
+ {
+ $experience_total = $sum_experience_countable+$sum_experience_other_countable;
+ $issue_points_txt = "";
+ if ($sum_points_countable == $max_points)
+ $issue_points = 10;
+ if ($experience_total >= 10)
+ $issue_points = 15;
+ if ($experience_total >= 20)
+ $issue_points = 20;
+ if ($experience_total >= 30)
+ $issue_points = 25;
+ if ($experience_total >= 40)
+ $issue_points = 30;
+ if ($experience_total >= 50)
+ $issue_points = 35;
+ if ($issue_points != 0)
+ $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
+ }
+ if ($display_output)
+ {
+ output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
+ output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
+ output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
+ output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
+ }
+ return $issue_points;
+ }
+
+ function output_given_assurances($userid)
+ {
+ output_assurances_header(_("Assurance Points You Issued"));
+ output_given_assurances_content($userid,$points,$sum_experience);
+ output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
+ }
+
+ function output_received_assurances($userid)
+ {
+ output_assurances_header(_("Your Assurance Points"));
+ output_received_assurances_content($userid,$points,$sum_experience);
+ output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
+ }
+
+ function output_summary($userid)
+ {
+ output_summary_header();
+ output_summary_content($userid,1);
+ output_summary_footer();
+ }
+
+ function output_end_of_page()
+ {
+?>
+ <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
+<?
+ }
+
+// functions for 6.php (assure somebody)
+
+function AssureHead($confirmation,$checkname)
+{
+?>
+<form method="post" action="wot.php">
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
+ <tr>
+ <td colspan="2" class="title"><?=$confirmation?></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+ </tr>
+<?
+ }
+
+function AssureTextLine($field1,$field2)
+{
+?>
+ <tr>
+ <td class="DataTD"><?=$field1?>:</td>
+ <td class="DataTD"><?=$field2?></td>
+ </tr>
+<?
+}
+
+function AssureCCABoxLine($type,$text)
+{
+ return;
+ AssureBoxLine($type,$text);
+}
+
+function AssureBoxLine($type,$text,$checked)
+{
+?>
+ <tr>
+ <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
+ <td class="DataTD"><?=$text?></td>
+ </tr>
+<?
+}
+
+function AssureMethodLine($text,$methods,$remark)
+{
+ if (count($methods) != 1)
+ {
+?>
+ <tr>
+ <td class="DataTD"><?=$text?></td>
+ <td class="DataTD">
+ <select name="method">
+<?
+ foreach($methods as $val) { ?>
+ <option value="<?=$val?>"> <?=$val?></option>
+
+<? } ?>
+ </select>
+ </br><?=$remark?>
+ </td>
+ </tr>
+<?
+ } else {
+?>
+ <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
+<?
+ }
+}
+
+function AssureInboxLine($type,$field,$value,$description)
+{
+?>
+ <tr>
+ <td class="DataTD"><?=$field?>:</td>
+ <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+ </tr>
+<?
+}
+
+function AssureFoot($oldid,$confirm)
+{?>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+ </tr>
+ </table>
+ <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
+ <input type="hidden" name="oldid" value="<?=$oldid?>">
+</form>
+<?
+}
+
diff --git a/locale/.gitignore b/locale/.gitignore
index 94fd7c6..ac93223 100644
--- a/locale/.gitignore
+++ b/locale/.gitignore
@@ -1,5 +1,6 @@
# Language files are imported from translingo
# => Ignore them
-# Use make.php if you need new ones
+# Use make if you need new ones
*.po
+*.pot
*.mo
diff --git a/locale/Makefile b/locale/Makefile
new file mode 100644
index 0000000..4215a4f
--- /dev/null
+++ b/locale/Makefile
@@ -0,0 +1,184 @@
+#
+# This Makefile will download the translations from our translation server (if
+# they don't exist yet) and compile them. Try target help for more information
+#
+
+################################################################################
+### Download ###
+################################################################################
+
+DOWNLOAD_SERVER := translations.cacert.org
+PO_URL_TEMPLATE := http://$(DOWNLOAD_SERVER)/export/cacert/%/messages.po
+
+# Only use languages that have 10% or more of translated strings
+AUTO_LANGS := \
+en \
+de \
+nl \
+pt_BR \
+fr \
+sv \
+it \
+es \
+hu \
+fi \
+ja \
+bg \
+pt \
+da \
+pl \
+zh_CN \
+ru \
+lv \
+cs \
+zh_TW \
+el \
+tr \
+ar \
+
+LANGS := \
+ar \
+bg \
+cs \
+da \
+de \
+el \
+en \
+es \
+fa \
+fi \
+fr \
+he \
+hr \
+hu \
+id \
+is \
+it \
+ja \
+ka \
+ko \
+lv \
+nb \
+nl \
+pl \
+pt \
+pt_BR \
+ro \
+ru \
+sl \
+sv \
+th \
+tr \
+uk \
+zh_CN \
+zh_TW \
+
+
+PO_FILE_TEMPLATE := %/messages.po
+MO_FILE_TEMPLATE := %/LC_MESSAGES/messages.mo
+
+
+# target: all - Build locales downloading po files
+.PHONY: all
+all: $(AUTO_LANGS)
+
+
+# target: help - Display callable targets
+.PHONY: help
+help:
+ @egrep "^# target:" [Mm]akefile
+
+
+# target: clean - remove the build directories
+RM := rm -rf
+.PHONY: clean
+clean:
+ -$(RM) $(LANGS:%=%/)
+
+
+# target: <lang> - build this particular language
+.PHONY: $(LANGS)
+$(LANGS): %: $(MO_FILE_TEMPLATE)
+
+
+$(LANGS:%=$(MO_FILE_TEMPLATE)): $(MO_FILE_TEMPLATE): $(PO_FILE_TEMPLATE)
+ mkdir -p $(@D)
+#filter obsolete translations
+ grep --invert-match '^#~ ' $< | \
+ msgfmt --check --output-file $@ -
+
+
+.PHONY: $(LANGS:%=$(PO_FILE_TEMPLATE))
+$(LANGS:%=$(PO_FILE_TEMPLATE)):
+ mkdir -p $(@D)
+ wget --output-document - '$(@:$(PO_FILE_TEMPLATE)=$(PO_URL_TEMPLATE))' | \
+ php -f escape_special_chars.php \
+ > $@
+
+
+
+
+################################################################################
+### Upload ###
+################################################################################
+
+UPLOAD_SERVER := $(DOWNLOAD_SERVER)
+SSH_USER := critical
+SSH_OPTIONS :=
+SCP_OPTIONS := $(SSH_OPTIONS)
+
+FILE_OWNER := www-data
+
+POT_UPLOAD_PATH := /var/www/Pootle/po/cacert/templates/messages.pot
+MANAGE_PY := /var/www/Pootle/manage.py
+
+VERSION := Production
+DESCRITPION := LibreSSL - CAcert web application (localisation files)
+COPYRIGHT_YEAR := 2004-$(shell date +\%Y)
+PACKAGE := LibreSSL
+
+GETTEXT_FILE_PATTERN := \
+../CommModule/client.pl \
+../includes/*.php \
+../includes/*/*.php \
+../pages/*/*.php \
+../scripts/*.php \
+../www/*.php \
+../www/*/*.php \
+# ../tverify/*.php \
+# ../tverify/*/*.php \
+
+GETTEXT_FILES := $(wildcard $(GETTEXT_FILE_PATTERN))
+
+# target: template - create the gettext template file, if you want to upload it
+# target: onto the translation server you can directly use the
+# target: target "upload"
+.PHONY: template
+template: messages.pot
+
+# target: template.clean - remove anything that was created during the build of
+# target: the template file
+.PHONY: template.clean
+template.clean:
+ -$(RM) messages.pot
+
+
+# target: upload - upload the template to the translation server
+.PHONY: upload
+upload: messages.pot
+ scp $(SCP_OPTIONS) messages.pot $(SSH_USER)@$(UPLOAD_SERVER):$(POT_UPLOAD_PATH)
+ ssh $(SSH_OPTIONS) $(SSH_USER)@$(UPLOAD_SERVER) "sudo -u $(FILE_OWNER) pootle-update cacert"
+
+# target: upload.clean - remove anything that was created during the upload
+.PHONY: upload.clean
+upload.clean: template.clean
+
+messages.pot: $(GETTEXT_FILES)
+ xgettext --output - --sort-by-file --copyright-holder "CAcert Inc." \
+ --package-name "CAcert" --package-version "$(VERSION)" \
+ --msgid-bugs-address "translations-admin@cacert.org" \
+ --add-comments=TRANSLATORS $^ | \
+ # replace place holders in the lines before the first msgid\
+ sed '1,/^msgid/ { s/SOME DESCRIPTIVE TITLE/$(DESCRITPION)/; s/YEAR/$(COPYRIGHT_YEAR)/; s/PACKAGE/$(PACKAGE)/ }' \
+ > $@
+
diff --git a/locale/escape_special_chars.php b/locale/escape_special_chars.php
new file mode 100644
index 0000000..0f494f1
--- /dev/null
+++ b/locale/escape_special_chars.php
@@ -0,0 +1,80 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+/* Convert special characters in UTF-8 encoded PO files to HTML entities */
+
+define('MSGSTR', 'msgstr');
+define('MSGSTR_LEN', strlen(MSGSTR));
+define('MSGID', 'msgid');
+define('MSGID_LEN', strlen(MSGID));
+
+function is_msgstr($line) {
+ if (strlen($line) < MSGSTR_LEN) {
+ return false;
+ }
+
+ return substr_compare($line, MSGSTR, 0, MSGSTR_LEN) === 0;
+}
+
+function is_msgid($line) {
+ if (strlen($line) < MSGID_LEN) {
+ return false;
+ }
+
+ return substr_compare($line, MSGID, 0, MSGID_LEN) === 0;
+}
+
+
+////////////// Main //////////////
+
+// Skip the metadata (first msgid/msgstr pair)
+while (!feof(STDIN)) {
+ $line = fgets(STDIN);
+
+ echo $line;
+
+ if (is_msgstr($line)) {
+ break;
+ }
+}
+
+// determines if the current line belongs to a msgid or a msgstr
+$msgstr = false;
+
+while (!feof(STDIN)) {
+ $line = fgets(STDIN);
+
+ if (is_msgstr($line)) {
+ $msgstr = true;
+ } elseif (is_msgid($line)) {
+ $msgstr = false;
+ }
+
+ if ($msgstr) {
+ // Escape everything that has a special HTML entity such as
+ // &gt; or &auml; except quote characters
+ $line = htmlentities($line, ENT_NOQUOTES, "UTF-8");
+
+ // Escape everything else -> all characters that don't have a special
+ // HTML entity but are outside the ASCII range
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ }
+ echo $line;
+}
diff --git a/locale/make.php b/locale/make.php
deleted file mode 100755
index 859d75e..0000000
--- a/locale/make.php
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/usr/bin/php -q
-<?
- $lang = array( "bg" => "bg_BG", "da" => "da_DK", "de" => "de_DE", "es" => "es_ES",
- "fr" => "fr_FR", "fi" => "fi_FI", "he" => "he_IL", "hr" => "hr_HR",
- "hu" => "hu_HU", "it" => "it_IT", "ja" => "ja_JP", "nl" => "nl_NL",
- "pt" => "pt_PT", "ro" => "ro_RO", "ru" => "ru_RU", "fa" => "fa_IR",
- "sv" => "sv_SE", "tr" => "tr_TR", "zh" => "zh_CN", "ar" => "ar_SY",
- "el" => "el_GR", "tl" => "tl_PH", "pl" => "pl_PL", "cs" => "cs_CZ",
- "ka" => "ka_GE", "is" => "is_IS", "ko" => "ko_KR", "nb" => "nb_NO");
-
- if($argc > 1)
- {
- foreach($argv as $key)
- {
- $val = $lang[$key];
- if($val != "")
- {
- $do = `wget -O $key.po "http://translingo.cacert.org/export2.php?pid=1&editlanguage=$val" 2>&1`;
-echo $do;
- echo `mkdir -p $key/LC_MESSAGES/`;
- $do = `msgfmt -o $key/LC_MESSAGES/messages.mo $key.po 2>&1`;
-echo $do;
- }
- }
- } else {
- foreach($lang as $key => $val)
- {
- $do = `wget -O $key.po "http://translingo.cacert.org/export2.php?pid=1&editlanguage=$val" 2>&1`;
-echo $do;
- echo `mkdir -p $key/LC_MESSAGES/`;
- $do = `msgfmt -o $key/LC_MESSAGES/messages.mo $key.po 2>&1`;
-echo $do;
- }
- }
-?>
diff --git a/pages/account/0.php b/pages/account/0.php
index 84b581e..b9b150c 100644
--- a/pages/account/0.php
+++ b/pages/account/0.php
@@ -29,5 +29,4 @@
<p><?=_("Once you have verified your company you will see these menu options. They allow you to issue as many certificates as you like without proving individual email accounts as you like, further more you are able to get your company details on the certificate.")?></p>
<h4><?=_("CAcert Web of Trust")?></h4>
<p><?=_("The Web of Trust system CAcert uses is similar to that many involved with GPG/PGP use, they hold face to face meetings to verify each others photo identities match their GPG/PGP key information. CAcert differs however in that we have modified things to work within the PKI framework, for you to gain trust in the system you must first locate someone already trusted. The trust person depending how many people they've trusted or meet before will determine how many points they can issue to you (the number of points they can issue is listed in the locate assurer section). Once you've met up you can show your ID and you will need to fill out a CAP form which the person assuring your details must retain for verification reasons.")?></p>
-<p><b><?=_("The former TTP (Trusted Third Party) System has been stopped, and is currently not available.")?></b></p>
-<? // "You can also get trust points via the Trust Third Party system where you go to a lawyer, bank manager, accountant, or public notary/juctise of the peace and they via your ID and fill in the TTP form to state they have viewed your ID documents and it appears authentic and true. More information on the TTP system can be found in the TTP sub-menu</p> ?>
+<p><b><?=sprintf(_("For information about the TTP-assisted-assurance program please read %s"),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?></b></p>
diff --git a/pages/account/10.php b/pages/account/10.php
index 704a05c..a394695 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -26,7 +26,8 @@
<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
-<p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not. If you are a valid organisation and would like more details to appear on certificates, you will need to have at least 50 assurance points and you need to send us a copy of your document of incorporation. Then we can add those details to your certificates. Contact us for more information on our organisational services.")?> ***</b></p>
+<p><b>*** <?=_("Please note: All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
+<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
<form method="post" action="account.php">
<? if($_SESSION['profile']['points'] >= 50) { ?>
diff --git a/pages/account/12.php b/pages/account/12.php
index 40135be..fa8b41a 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -19,12 +19,13 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
</tr>
@@ -33,9 +34,9 @@
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`id` as `id`
+ UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
from `domaincerts`,`domains`
- where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
+ where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
if($viewall != 1)
{
$query .= "AND `revoked`=0 AND `renewed`=0 ";
@@ -48,7 +49,7 @@
{
?>
<tr>
- <td colspan="5" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="6" class="DataTD"><?=_("No certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -74,17 +75,20 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="6"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+ </tr>
</table>
<input type="hidden" name="oldid" value="<?=$id?>">
<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>" />
</form>
-<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
diff --git a/pages/account/13.php b/pages/account/13.php
index e8dad73..c2b7cc5 100644
--- a/pages/account/13.php
+++ b/pages/account/13.php
@@ -25,18 +25,18 @@
$day = intval(substr($user['dob'], 8, 2));
$body = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
- $body .= _("You receive this automatic mail since you yourself or")."\n";
- $body .= _("someone else looked up your secret questions and answers")."\n";
- $body .= _("for a forgotten password.")."\n\n";
- $body .= _("If it was you who looked up or changed that data, or clicked")."\n";
- $body .= _("through the menu in your account, everything is in best order and")."\n";
- $body .= _("you can ignore this mail.")."\n\n";
- $body .= _("But if you received this mail without a recognisable reason,")."\n";
- $body .= _("there is a danger that an unauthorised person accessed your")."\n";
- $body .= _("account, and you should promptly change your password and your")."\n";
- $body .= _("secret questions and answers.")."\n\n";
+ $body .= _("You receive this automatic mail since you yourself or someone ".
+ "else looked up your secret questions and answers for a forgotten ".
+ "password.\n\n".
+ "If it was you who looked up or changed that data, or clicked ".
+ "through the menu in your account, everything is in best order ".
+ "and you can ignore this mail.\n\n".
+ "But if you received this mail without a recognisable reason, ".
+ "there is a danger that an unauthorised person accessed your ".
+ "account, and you should promptly change your password and your ".
+ "secret questions and answers.")."\n\n";
- $body .= _("With kind regards,")."\n\n"._("CAcert Support");
+ $body .= _("Best regards")."\n"._("CAcert Support");
sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
?>
diff --git a/pages/account/14.php b/pages/account/14.php
index 342ab46..29aeb21 100644
--- a/pages/account/14.php
+++ b/pages/account/14.php
@@ -15,6 +15,16 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+<?
+ if (intval($_REQUEST['force']) === 1)
+{
+?>
+
+<p style="border:dotted 1px #900;padding:0.3em;bold;color:#ffffff;background-color:#ff0000;"><strong><center>
+<?=_("For your own security you should change your pass phrase immediately!"); ?></center></strong>
+</p>
+<?}?>
+
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
diff --git a/pages/account/16.php b/pages/account/16.php
index 3e582e3..514ecfd 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -57,7 +57,7 @@
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Another Email")?>">
+ <td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
<input type="submit" name="process" value="<?=_("Next")?>"></td>
</tr>
</table>
diff --git a/pages/account/17.php b/pages/account/17.php
index 2ba5390..8ac8b65 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -14,124 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?>
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/18.php b/pages/account/18.php
index 5ee1a3b..13dcc30 100644
--- a/pages/account/18.php
+++ b/pages/account/18.php
@@ -19,36 +19,38 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<?
- $query = "select UNIX_TIMESTAMP(`created`) as `created`,
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
- UNIX_TIMESTAMP(`expire`) as `expired`,
- `expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `id`
- from `orgemailcerts`, `org`
- where `memid`='".intval($_SESSION['profile']['id'])."' and
- `org`.`orgid`=`orgemailcerts`.`orgid` ";
+ $query = "select UNIX_TIMESTAMP(`oemail`.`created`) as `created`,
+ UNIX_TIMESTAMP(`oemail`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+ UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
+ `oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
+ UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
+ `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`
+ from `orgemailcerts` as `oemail`, `org`
+ where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
+ `org`.`orgid`=`oemail`.`orgid` ";
if($viewall != 1)
{
- $query .= "AND `revoked`=0 AND `renewed`=0 ";
+ $query .= "AND `oemail`.`revoked`=0 AND `oemail`.`renewed`=0 ";
$query .= "HAVING `timeleft` > 0 AND `revoked`=0 ";
}
- $query .= "ORDER BY `modified` desc";
+ $query .= "ORDER BY `oemail`.`modified` desc";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="5" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="6" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -78,12 +80,13 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
<? } ?>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
diff --git a/pages/account/22.php b/pages/account/22.php
index 565cb5f..9df8200 100644
--- a/pages/account/22.php
+++ b/pages/account/22.php
@@ -19,12 +19,13 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -33,7 +34,9 @@
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired`,
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `orgdomaincerts`.`id` as `id`
+ UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
+ `orgdomaincerts`.`serial`,
+ `orgdomaincerts`.`id` as `id`
from `orgdomaincerts`,`org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
if($viewall != 1)
@@ -48,7 +51,7 @@
{
?>
<tr>
- <td colspan="5" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -74,12 +77,13 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
diff --git a/pages/account/24.php b/pages/account/24.php
index 19faa9f..14a47c0 100644
--- a/pages/account/24.php
+++ b/pages/account/24.php
@@ -15,6 +15,16 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+<?
+ // Reset session variables regarding Org's, present empty form
+ if (array_key_exists('O',$_SESSION['_config'])) $_SESSION['_config']['O'] = "";
+ if (array_key_exists('contact',$_SESSION['_config'])) $_SESSION['_config']['contact'] = "";
+ if (array_key_exists('L',$_SESSION['_config'])) $_SESSION['_config']['L'] = "";
+ if (array_key_exists('ST',$_SESSION['_config'])) $_SESSION['_config']['ST'] = "";
+ if (array_key_exists('C',$_SESSION['_config'])) $_SESSION['_config']['C'] = "";
+ if (array_key_exists('comments',$_SESSION['_config'])) $_SESSION['_config']['comments'] = "";
+
+?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
@@ -22,27 +32,31 @@
</tr>
<tr>
<td class="DataTD"><?=_("Organisation Name")?>:</td>
- <td class="DataTD"><input type="text" name="O" value="<?=array_key_exists('O',$_SESSION['_config'])?$_SESSION['_config']['O']:""?>" maxlength="50"></td>
+ <td class="DataTD"><input type="text" name="O" value="" maxlength="50" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Contact Email")?>:</td>
- <td class="DataTD"><input type="text" name="contact" value="<?=array_key_exists('contact',$_SESSION['_config'])?$_SESSION['_config']['contact']:""?>"></td>
+ <td class="DataTD"><input type="text" name="contact" value="" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Town/Suburb")?>:</td>
- <td class="DataTD"><input type="text" name="L" value="<?=array_key_exists('L',$_SESSION['_config'])?$_SESSION['_config']['L']:""?>"></td>
+ <td class="DataTD"><input type="text" name="L" value="" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("State/Province")?>:</td>
- <td class="DataTD"><input type="text" name="ST" value="<?=array_key_exists('ST',$_SESSION['_config'])?$_SESSION['_config']['ST']:""?>"></td>
+ <td class="DataTD"><input type="text" name="ST" value="" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Country")?>:</td>
- <td class="DataTD"><input type="text" name="C" value="<?=array_key_exists('C',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['C']):""?>" size="5">(2 letter <a href="http://www.iso.org/iso/english_country_names_and_code_elements">ISO code</a>)</td>
+ <td class="DataTD"><input type="text" name="C" value="" size="5">
+ <?php printf(_('(2 letter %s ISO code %s )'),
+ '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
+ '</a>')?>
+ </td>
</tr>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
- <td class="DataTD"><textarea name="comments" cols="35" rows="5"><?=array_key_exists('comments',$_SESSION['_config'])?$_SESSION['_config']['comments']:""?></textarea></td>
+ <td class="DataTD"><textarea name="comments" cols="60" rows="10"></textarea></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
diff --git a/pages/account/25.php b/pages/account/25.php
index ab0e6b2..a70f608 100644
--- a/pages/account/25.php
+++ b/pages/account/25.php
@@ -19,6 +19,15 @@
<tr>
<td colspan="5" class="title"><?=_("Organisations")?></td>
</tr>
+
+<tr>
+ <td colspan="5" class="title"><?=_("Order by:")?>
+ <a href="account.php?id=25"><?=_("Id")?></a> -
+ <a href="account.php?id=25&amp;ord=1"><?=_("Country")?></a> -
+ <a href="account.php?id=25&amp;ord=2"><?=_("Name")?></a>
+ </td>
+</tr>
+
<tr>
<td class="DataTD" width="350"><?=_("Organisation")?></td>
<td class="DataTD"><?=_("Domains")?></td>
@@ -27,7 +36,24 @@
<td class="DataTD"><?=_("Delete")?></td>
</tr>
<?
- $query = "select * from `orginfo` ORDER BY `id`";
+ $order = 0;
+ if (array_key_exists('ord',$_REQUEST)) {
+ $order = intval($_REQUEST['ord']);
+ }
+
+ $order_by = "`id`";
+ switch ($order) {
+ case 1:
+ $order_by = "`C`,`O`";
+ break;
+ case 2:
+ $order_by = "`O`";
+ break;
+ // the 0 and default case are handled by the preset
+ }
+
+ // Safe because $order_by only contains fixed strings
+ $query = sprintf("select * from `orginfo` ORDER BY %s", $order_by);
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
diff --git a/pages/account/27.php b/pages/account/27.php
index 2cd52a8..a1086d4 100644
--- a/pages/account/27.php
+++ b/pages/account/27.php
@@ -25,27 +25,31 @@
</tr>
<tr>
<td class="DataTD"><?=_("Organisation Name")?>:</td>
- <td class="DataTD"><input type="text" name="O" value="<?=$row['O']?>"></td>
+ <td class="DataTD"><input type="text" name="O" value="<?=$row['O']?>" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Contact Email")?>:</td>
- <td class="DataTD"><input type="text" name="contact" value="<?=($row['contact'])?>"></td>
+ <td class="DataTD"><input type="text" name="contact" value="<?=($row['contact'])?>" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Town/Suburb")?>:</td>
- <td class="DataTD"><input type="text" name="L" value="<?=($row['L'])?>"></td>
+ <td class="DataTD"><input type="text" name="L" value="<?=($row['L'])?>" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("State/Province")?>:</td>
- <td class="DataTD"><input type="text" name="ST" value="<?=($row['ST'])?>"></td>
+ <td class="DataTD"><input type="text" name="ST" value="<?=($row['ST'])?>" size="90"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Country")?>:</td>
- <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>"></td>
+ <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>" size="5">
+ <?php printf(_('(2 letter %s ISO code %s )'),
+ '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
+ '</a>')?>
+ </td>
</tr>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
- <td class="DataTD"><textarea name="comments" cols=15 rows=5><?=($row['comments'])?></textarea></td>
+ <td class="DataTD"><textarea name="comments" cols=60 rows=10><?=($row['comments'])?></textarea></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
diff --git a/pages/account/29.php b/pages/account/29.php
index c1a3def..4229b3b 100644
--- a/pages/account/29.php
+++ b/pages/account/29.php
@@ -35,10 +35,12 @@
<td class="DataTD"><input type="text" name="domainname" value="<?=sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD"><input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+ <td class="DataTD"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="oldid" value="<?=intval($id)?>">
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/30.php b/pages/account/30.php
index 30c86f3..04ad229 100644
--- a/pages/account/30.php
+++ b/pages/account/30.php
@@ -34,12 +34,13 @@
<td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s and all certificates issued under this domain?"), sanitizeHTML($row['domain'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>">
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
<input type="submit" name="process" value="<?=_("Delete")?>"></td>
</tr>
</table>
<input type="hidden" name="oldid" value="<?=intval($id)?>">
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
<input type="hidden" name="domain" value="<?=sanitizeHTML($row['domain'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/31.php b/pages/account/31.php
index d91a77a..9f3d27e 100644
--- a/pages/account/31.php
+++ b/pages/account/31.php
@@ -29,7 +29,7 @@
<td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s and all certificates issued under this organisation?"), sanitizeHTML($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>">
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
<input type="submit" name="process" value="<?=_("Delete")?>"></td>
</tr>
</table>
diff --git a/pages/account/32.php b/pages/account/32.php
index 00dc1ea..a05c927 100644
--- a/pages/account/32.php
+++ b/pages/account/32.php
@@ -38,10 +38,10 @@
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['memid'])."'"));
?>
<tr>
- <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+ <td class="DataTD"><a href='mailto:<?=sanitizeHTML($user['email'])?>'><?=sanitizeHTML($user['fname'])?> <?=sanitizeHTML($user['lname'])?></a></td>
<td class="DataTD"><?=($row['masteracc'])?></a></td>
- <td class="DataTD"><?=($row['OU'])?></a></td>
- <td class="DataTD"><?=($row['comments'])?></a></td>
+ <td class="DataTD"><?=sanitizeHTML($row['OU'])?></a></td>
+ <td class="DataTD"><?=sanitizeHTML($row['comments'])?></a></td>
<? if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<td class="DataTD"><a href="account.php?id=34&amp;orgid=<?=$row['orgid']?>&amp;memid=<?=$row['memid']?>"><?=_("Delete")?></a></td>
<? } else { ?>
diff --git a/pages/account/33.php b/pages/account/33.php
index 4da8bed..9e2f67a 100644
--- a/pages/account/33.php
+++ b/pages/account/33.php
@@ -18,6 +18,13 @@
<?
$query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
$row = mysql_fetch_assoc(mysql_query($query));
+
+ // Reset session variables regarding OrgAdmin's, present empty form
+ if (array_key_exists('email',$_SESSION['_config'])) $_SESSION['_config']['email']="";
+ if (array_key_exists('OU',$_SESSION['_config'])) $_SESSION['_config']['OU'] = "";
+ if (array_key_exists('masteracc',$_SESSION['_config'])) $_SESSION['_config']['masteracc'] = 0;
+ if (array_key_exists('comments',$_SESSION['_config'])) $_SESSION['_config']['comments'] = "";
+
?>
<form method="post" action="account.php">
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
@@ -27,24 +34,24 @@
</tr>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['email']):""?>"></td>
+ <td class="DataTD"><input type="text" name="email" value=""></td>
</tr>
<tr>
<td class="DataTD"><?=_("Department")?>:</td>
- <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?$_SESSION['_config']['OU']:""?>"></td>
+ <td class="DataTD"><input type="text" name="OU" value=""></td>
</tr>
<? if($_SESSION['profile']['orgadmin'] == 1) { ?>
<tr>
<td class="DataTD"><?=_("Master Account")?>:</td>
<td class="DataTD"><select name="masteracc">
- <option value="0">No</option>
- <option value="1"<? if(array_key_exists('masteracc',$_SESSION['_config']) && $_SESSION['_config']['masteracc'] == 1) echo " selected='selected'"; ?>>Yes</option>
+ <option value="0">No</option> // make default option as of SA telco 2011-08-02 on bug 966
+ <option value="1">Yes</option>
</select></td>
</tr>
<? } ?>
<tr>
<td class="DataTD"><?=_("Comments")?>:</td>
- <td class="DataTD"><input type="text" name="comments" value="<?=array_key_exists('comments',$_SESSION['_config'])?$_SESSION['_config']['comments']:""?>"></td>
+ <td class="DataTD"><textarea name="comments" cols="30" rows="5"></textarea></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
diff --git a/pages/account/34.php b/pages/account/34.php
index 25ad1db..b11bc7d 100644
--- a/pages/account/34.php
+++ b/pages/account/34.php
@@ -35,7 +35,7 @@
<td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s from administering this organisation?"), sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>">
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
<input type="submit" name="process" value="<?=_("Delete")?>"></td>
</tr>
</table>
diff --git a/pages/account/35.php b/pages/account/35.php
index 3a4714f..05c7f2b 100644
--- a/pages/account/35.php
+++ b/pages/account/35.php
@@ -15,44 +15,89 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
- <tr>
- <td colspan="3" class="title"><?=_("Organisations")?></td>
- </tr>
- <tr>
- <td class="DataTD">#</td>
- <td class="DataTD"><?=_("Organisation")?></td>
- <td class="DataTD"><?=_("Admins")?></td>
- </tr>
-<?
- $query = "select * from `orginfo`,`org` where `orginfo`.`id`=`org`.`orgid` and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- //number of admins for the org
- $r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
- $admincount = mysql_num_rows($r2);
- // number of domains for the org
- $r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
- $domcount = mysql_num_rows($r2);
-?>
- <tr>
- <td class="DataTD"><?=intval($row['id'])?></td>
- <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=sanitizeHTML($row['C'])?></td>
- <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
- </tr>
<?
- // display the domains of each organisation
- $query3 = "select * from `orgdomains` where `orgid`='".intval($row['id'])."'";
- $res3 = mysql_query($query3);
- while($detailorg = mysql_fetch_assoc($res3))
+$query = "select *
+ from `orginfo`,`org`
+ where `orginfo`.`id`=`org`.`orgid`
+ and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+while($row = mysql_fetch_assoc($res))
+{
+ ?>
+ <tr>
+ <td colspan="3" class="title"><?=_("Organisation")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Organisation Name")?>:</td>
+ <td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Contact Email")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Town/Suburb")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['L'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("State/Province")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Country")?>:</td>
+ <td colspan="2" class="DataTD"><?=($row['C'])?></td>
+ </tr>
+ <?
+
+ //domain info
+ $query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
+ $res1 = mysql_query($query);
+ while($domain = mysql_fetch_assoc($res1))
+ {
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Domain")?></td>
+ <td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+ </tr>
+ <?
+ }
+
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Administrator")?></td>
+ <td class="DataTD"><?=_("Master Account")?></td>
+ <td class="DataTD"><?=_("Department")?></td>
+ </tr>
+ <?
+
+ //org admins
+ $query = "select * from `org` where `orgid`='".intval($row['id'])."'";
+ $res2 = mysql_query($query);
+ while($org = mysql_fetch_assoc($res2))
{
-?>
- <tr>
- <td class="DataTD"><?=intval($detailorg['id'])?></td>
- <td class="DataTD"><?=_("Domain available")?></td>
- <td class="DataTD"><?=sanitizeHTML($detailorg['domain'])?></td>
- </tr>
-<? } } ?>
+ $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+ ?>
+ <tr>
+ <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+ <td class="DataTD"><?=($org['masteracc'])?></td>
+ <td class="DataTD"><?=($org['OU'])?></td>
+ </tr>
+ <?
+
+ if(intval($org['masteracc']) === 1 &&
+ intval($org['memid']) === intval($_SESSION['profile']['id']))
+ {
+ $master="account.php?id=32&amp;orgid=".intval($row['id']);
+ ?>
+ <tr>
+ <td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+ </tr>
+ <?
+ }
+ }
+} ?>
</table>
diff --git a/pages/account/37.php b/pages/account/37.php
index 4b021e0..48c737a 100755..100644
--- a/pages/account/37.php
+++ b/pages/account/37.php
@@ -15,17 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("About CAcert.org")?></H3>
-
-<p><?=_("CAcert.org is a community driven, Certificate Authority that issues certificates to the public at large for free.")?></p>
-
-<p><? printf(_("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically with the X.509 family of standards. We have compiled a %sdocument base%s that has helpful hints and tips on setting up encryption with common software, and general information about Public Key Infrastructures (PKI)."), "<a href='http://wiki.cacert.org/'>", "</a>"); ?></p>
-
-<p><?=_("For the enthusiast looking to dip their toe in the water, we have an easy way of obtaining certificates you can use with your email program. You can use these not only to encrypt, but to prove to your friends and family that your email really does come from you.")?></p>
-
-<p><?=_("For administrators looking to protect the services they offer, we provide host and wild card certificates which you can issue almost immediately. Not only can you use these to protect websites, but also POP3, SMTP and IMAP connections, to list but a few. Unlike other certificate authorities, we don't limit the strength of the certificates, or the use of wild card certificates. Everyone should have the right to security and to protect their privacy, not just those looking to run ecommerce sites.")?></p>
-
-<p><?=_("If you're extremely serious about encryption, you can join CAcert's Assurance Programme and Web of Trust. This allows you to have your identity verified to obtain added benefits, including longer length certificates and the ability to include your name on email certificates."); ?></p>
-
-<p><?=_("CAcert Inc. is a non-profit association, incorporated in New South Wales Australia.")?></p>
-<p><?=_("More information about CAcert Incorporated:")?><a href="http://wiki.cacert.org/wiki/CAcertIncorporated">http://wiki.cacert.org/wiki/CAcertIncorporated</a></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/FAQ/AboutUs">', '</a>');
+?>
+</p>
diff --git a/pages/account/38.php b/pages/account/38.php
index 34cbea4..7caddb0 100755..100644
--- a/pages/account/38.php
+++ b/pages/account/38.php
@@ -14,27 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<H3><?=_("Donations")?></H3><br>
+*/
-<h4><?=_("If I'd like to donate to CAcert Inc., how can I do it?")?></h4>
-
-<p><?=_("CAcert Inc. is a non-profit association which is legally able to accept donations. CAcert adheres to strict guidelines about how this money can to be used. If you'd like to make a donation, you can do so via")?>
-
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="<?=_("CAcert Donation through PayPal")?>">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCA1pOad7SD8OtSdvHxI3CItmi2sb2eq/1UZbQboNkJTwlaTbTZfoWzBuFmimBR/Qz21Z+L7wFa7XxfhwRLC4V/X4uTJVAIDaKsdTXFNx51EMu+LyiP1O+7GxcdNR7njwvndIaHN0HZIdidpG8jFPP/8ZsLaPe2/Dh2S7344wSuUDELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIYn0dsk7tIRmAgaBNejWqE2RRr+Tsb3fVlcbuG98Bq+zaMO5g8n8i3DnBjIoSJNb+ZuSj53oWrh/+HCY4EY1Rg3qHiUSMOS/o9k75UR7C+ez0R9tmZ2eQrdxlqTVuvENRA0W5z6iTJYog5XhMoKScOFUBaIr9zxjETUY2Y1V3X8qRFIe0YWlYRYbePs2p/IDatirUFhOJSff0ancU2GZULRy0PiZHtzbm8Gy/oIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDcxMTAzMDcxMDI1WjAjBgkqhkiG9w0BCQQxFgQU8tPwGUvNb8eYe8Pfhe9YutgXm/YwDQYJKoZIhvcNAQEBBQAEgYBpwhhgz5ED5qxBosfMaifzIr2anV5ScQqqQbC1hphWBQ4e2PT5+TQWCcQkrTh2UTp3vC81Y8vYZ+fussa+zPBE8DmeFDfzpLJo+TQHZUiKxWUDu6drv3o3mV3VjAkaqIhAdubhEOxj2bbKND3IRT1lfIVVSUipndKzRjukZJK39A==-----END PKCS7-----">
-</form>
-
-<p><?=_("If you are located in Australia, please use bank transfer instead:")?></p>
-
-<pre>
-Account Name: CAcert Inc
-BSB: 032073
-Account No.: 180264
-</pre>
-
-<p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
-
-<p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+require_once(dirname(__FILE__)."/../index/13.php");
diff --git a/pages/account/4.php b/pages/account/4.php
index a4d6597..8ac8b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -14,177 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- // Vista:
- Set csps = CreateObject("X509Enrollment.CCspInformations")
- If IsObject(csps) Then
- csps.AddAvailableCsps()
- Document.CertReqForm.keytype.value="VI"
- For j = 0 to csps.Count-1
- Set oOption = document.createElement("OPTION")
- oOption.text = csps.ItemByIndex(j).Name
- oOption.value = j
- Document.CertReqForm.CspProvider.add(oOption)
- Next
-
- Else
-
- // 2000,XP:
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
- End If
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
-
-
- // Vista
- if Document.CertReqForm.keytype.value="VI" Then
-
- Dim g_objClassFactory
- Dim obj
- Dim objPrivateKey
- Dim g_objRequest
- Dim g_objRequestCMC
-
- Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
- Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
- Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
- Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
- //Msgbox exit function
- objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
- // "Microsoft Enhanced RSA and AES Cryptographic Provider"
- objPrivateKey.ProviderType = "24"
- objPrivateKey.KeySpec = "1"
- objPrivateKey.ExportPolicy = 1
- objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
- Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
- objDN.Encode("CN=CAcertRequest")
- objRequest.Subject = objDN
-
- // obj.Initialize(1)
- obj.InitializeFromRequest(objRequest)
- obj.CertificateDescription="Description"
- obj.CertificateFriendlyName="FriendlyName"
- CSR=obj.CreateRequest(1)
- If len(CSR)<>0 Then Exit Function
- Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
-
- else
- // XP
-
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- End if
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/40.php b/pages/account/40.php
index 1b76f9c..a809595 100755..100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -23,21 +23,32 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><b><?=_("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p>
<p><b><?=_("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p>
<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
-<p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="http://www.CAcert.org/help.php"><?=_("Go here for more details.")?></a></p>
+<p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?=_("Go here for more details.")?></a></p>
<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" name="form1">
+<form method="post" action="account.php" name="form1">
<input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="support" value="yes">
+<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
- <table border="0">
- <tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+ <p class="robotic" id="pot">
+ <label>If you're human leave this blank:</label>
+ <input name="robotest" type="text" id="robotest" class="robotest" />
+ </p>
+<table border="0">
+ <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+ <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+ <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+ <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+
+ <tr>
+ <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+ <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ </tr>
</table>
</form>
@@ -50,31 +61,15 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
-<p><b><?=_("Sensitive Information")?></b></p>
-<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="https://www.cacert.org/index.php" name="form2">
- <input type="hidden" name="secrethash2" value="">
- <input type="hidden" name="oldid" value="<?=$id?>">
- <table border="0">
- <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
- </table>
-</form>
-
<p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
+<p><?=sprintf(_("Please use any of the following ways to report security ".
+ "issues: You can use the above contact form for sensitive information. ".
+ "You can email us to %s. You can file a bugreport on %s and mark it as ".
+ "private."),
+ "<a href='mailto:support@cacert.org'>support@cacert.org</a>",
+ "<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
<script type="text/javascript">
<!--
diff --git a/pages/account/41.php b/pages/account/41.php
index e44eec9..d61d8db 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -14,21 +14,24 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
+*/
+
+require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
+?>
+
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
<td colspan="2" class="title"><?=_("My Language Settings")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("My prefered language")?>:</td>
+ <td class="DataTD"><?=_("My preferred language")?>:</td>
<td class="DataTD"><select name="lang">
<?
-echo $_SESSION['_config']['language'];
- foreach($_SESSION['_config']['translations'] as $key => $val)
+ foreach(L10n::$translations as $key => $val)
{
echo "<option value='$key'";
- if($key == $_SESSION['_config']['language'])
+ if($key == L10n::get_translation())
echo " selected";
echo ">$val</option>\n";
}
@@ -70,8 +73,12 @@ echo $_SESSION['_config']['language'];
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
- echo "<option value='".sanitizeHTML($row['locale'])."'";
- echo ">".$row['country']." - ".$row['lang']."</option>\n";
+ printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
+ sanitizeHTML($row['locale']),
+ sanitizeHTML($row['locale']),
+ $row['lang'],
+ $row['country']
+ );
}
?>
</select>
diff --git a/pages/account/43.php b/pages/account/43.php
index a286ec6..d34362d 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -16,15 +16,18 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
+include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
+
+
if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0)
{
$assurance = mysql_escape_string(intval($_REQUEST['assurance']));
$row = 0;
$res = mysql_query("select `to` from `notary` where `id`='$assurance'");
- if ($res) {
+ if ($res) {
$row = mysql_fetch_assoc($res);
}
- mysql_query("delete from `notary` where `id`='$assurance'");
+ mysql_query("delete from `notary` where `id`='$assurance'");
if ($row) {
fix_assurer_flag($row['to']);
}
@@ -38,14 +41,26 @@
//if(!strstr($email, "%"))
// $emailsearch = "%$email%";
- if(intval($email) > 0)
- $emailsearch = "";
-
- $query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
- where `users`.`id`=`email`.`memid` and
- (`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
- `email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
- group by `users`.`id` limit 100";
+ // bug-975 ted+uli changes --- begin
+ if(preg_match("/^[0-9]+$/", $email)) {
+ // $email consists of digits only ==> search for IDs
+ // Be defensive here (outer join) if primary mail is not listed in email table
+ $query = "select `users`.`id` as `id`, `email`.`email` as `email`
+ from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
+ where (`email`.`id`='$email' or `users`.`id`='$email')
+ and `users`.`deleted`=0
+ group by `users`.`id` limit 100";
+ } else {
+ // $email contains non-digits ==> search for mail addresses
+ // Be defensive here (outer join) if primary mail is not listed in email table
+ $query = "select `users`.`id` as `id`, `email`.`email` as `email`
+ from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
+ where (`email`.`email` like '$emailsearch'
+ or `users`.`email` like '$emailsearch')
+ and `users`.`deleted`=0
+ group by `users`.`id` limit 100";
+ }
+ // bug-975 ted+uli changes --- end
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
@@ -138,7 +153,7 @@
{
echo "<option";
if($day == $i)
- echo " selected='selected'";
+ echo " selected='selected'";
echo ">$i</option>";
}
?>
@@ -158,6 +173,10 @@
<input type="submit" value="Go"></form></nobr></td>
</tr>
<tr>
+ <td class="DataTD"><?=_("CCA accepted")?>:</td>
+ <td class="DataTD"><a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>"><?=intval(get_user_agreement_status($row['id'])) ? _("Yes") : _("No") ?></a></td>
+ </tr>
+ <tr>
<td class="DataTD"><?=_("Trainings")?>:</td>
<td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
</tr>
@@ -178,7 +197,7 @@
<td class="DataTD"><a href="account.php?id=43&amp;codesign=<?=$row['id']?>&amp;csrf=<?=make_csrf('admcodesign')?>"><?=$row['codesign']?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Org Admin")?>:</td>
+ <td class="DataTD"><?=_("Org Assurer")?>:</td>
<td class="DataTD"><a href="account.php?id=43&amp;orgadmin=<?=$row['id']?>&amp;csrf=<?=make_csrf('admorgadmin')?>"><?=$row['orgadmin']?></a></td>
</tr>
<tr>
@@ -317,16 +336,476 @@
</table>
<br>
<? } ?>
+<? // Begin - Debug infos ?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="2" class="title"><?=_("Account State")?></td>
+ </tr>
+
+<?
+ // --- bug-975 begin ---
+ // potential db inconsistency like in a20110804.1
+ // Admin console -> don't list user account
+ // User login -> impossible
+ // Assurer, assure someone -> user displayed
+ /* regular user account search with regular settings
+
+ --- Admin Console find user query
+ $query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
+ where `users`.`id`=`email`.`memid` and
+ (`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
+ `email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
+ group by `users`.`id` limit 100";
+ => requirements
+ 1. email.hash = ''
+ 2. email.deleted = 0
+ 3. users.deleted = 0
+ 4. email.email = primary-email (???) or'd
+ not covered by admin console find user routine, but may block users login
+ 5. users.verified = 0|1
+ further "special settings"
+ 6. users.locked (setting displayed in display form)
+ 7. users.assurer_blocked (setting displayed in display form)
+
+ --- User login user query
+ select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
+ `password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0
+ => requirements
+ 1. users.verified = 1
+ 2. users.deleted = 0
+ 3. users.locked = 0
+ 4. users.email = primary-email
+ --- Assurer, assure someone find user query
+ select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
+ and `deleted`=0
+ => requirements
+ 1. users.deleted = 0
+ 2. users.email = primary-email
+ Admin User Assurer
+ bit Console Login assure someone
+
+ 1. email.hash = '' Yes No No
+ 2. email.deleted = 0 Yes No No
+ 3. users.deleted = 0 Yes Yes Yes
+ 4. users.verified = 1 No Yes No
+ 5. users.locked = 0 No Yes No
+ 6. users.email = prim-email No Yes Yes
+ 7. email.email = prim-email Yes No No
+
+ full usable account needs all 7 requirements fulfilled
+ so if one setting isn't set/cleared there is an inconsistency either way
+ if eg email.email is not avail, admin console cannot open user info
+ but user can login and assurer can display user info
+ if user verified is not set to 1, admin console displays user record
+ but user cannot login, but assurer can search for the user and the data displays
+
+ consistency check:
+ 1. search primary-email in users.email
+ 2. search primary-email in email.email
+ 3. userid = email.memid
+ 4. check settings from table 1. - 5.
+
+ */
+
+ $inconsistency = 0;
+ $inconsistencydisp = "";
+ $inccause = "";
+ // current userid intval($row['id'])
+ $query = "select `email` as `uemail`, `deleted` as `udeleted`, `verified`, `locked`
+ from `users` where `id`='".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $uemail = $drow['uemail'];
+ $udeleted = $drow['udeleted'];
+ $uverified = $drow['verified'];
+ $ulocked = $drow['locked'];
+
+ $query = "select `hash`, `email` as `eemail` from `email`
+ where `memid`='".intval($row['id'])."' and
+ `email` ='".$uemail."' and
+ `deleted` = 0";
+ $dres = mysql_query($query);
+ if ($drow = mysql_fetch_assoc($dres)) {
+ $drow['edeleted'] = 0;
+ } else {
+ // try if there are deleted entries
+ $query = "select `hash`, `deleted` as `edeleted`, `email` as `eemail` from `email`
+ where `memid`='".intval($row['id'])."' and
+ `email` ='".$uemail."'";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ }
+
+ if ($drow) {
+ $eemail = $drow['eemail'];
+ $edeleted = $drow['edeleted'];
+ $ehash = $drow['hash'];
+ if ($udeleted!=0) {
+ $inconsistency += 1;
+ $inccause .= (empty($inccause)?"":"<br>")._("Users record set to deleted");
+ }
+ if ($uverified!=1) {
+ $inconsistency += 2;
+ $inccause .= (empty($inccause)?"":"<br>")._("Users record verified not set");
+ }
+ if ($ulocked!=0) {
+ $inconsistency += 4;
+ $inccause .= (empty($inccause)?"":"<br>")._("Users record locked set");
+ }
+ if ($edeleted!=0) {
+ $inconsistency += 8;
+ $inccause .= (empty($inccause)?"":"<br>")._("Email record set deleted");
+ }
+ if ($ehash!='') {
+ $inconsistency += 16;
+ $inccause .= (empty($inccause)?"":"<br>")._("Email record hash not unset");
+ }
+ } else {
+ $inconsistency = 32;
+ $inccause = _("Prim. email, Email record doesn't exist");
+ }
+ if ($inconsistency>0) {
+ // $inconsistencydisp = _("Yes");
+?>
+ <tr>
+ <td class="DataTD"><?=_("Account inconsistency")?>:</td>
+ <td class="DataTD"><?=$inccause?><br>code: <?=$inconsistency?></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="DataTD" style="max-width: 75ex">
+ <?=_("Account inconsistency can cause problems in daily account ".
+ "operations and needs to be fixed manually through arbitration/critical ".
+ "team.")?>
+ </td>
+ </tr>
+<? }
+
+ // --- bug-975 end ---
+?>
+</table>
+<br>
<?
- if(array_key_exists('assuredto',$_GET) && $_GET['assuredto'] == "yes") {
+ // End - Debug infos
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="6" class="title"><?=_("Certificates")?></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Cert Type")?>:</td>
+ <td class="DataTD"><?=_("Total")?></td>
+ <td class="DataTD"><?=_("Valid")?></td>
+ <td class="DataTD"><?=_("Expired")?></td>
+ <td class="DataTD"><?=_("Revoked")?></td>
+ <td class="DataTD"><?=_("Latest Expire")?></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Server")?>:</td>
+ <?
+ $query = "select COUNT(*) as `total`,
+ MAX(`domaincerts`.`expire`) as `maxexpire`
+ from `domains` inner join `domaincerts`
+ on `domains`.`id` = `domaincerts`.`domid`
+ where `domains`.`memid` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $total = $drow['total'];
+
+ $maxexpire = "0000-00-00 00:00:00";
+ if ($drow['maxexpire']) {
+ $maxexpire = $drow['maxexpire'];
+ }
+
+ if($total > 0) {
+ $query = "select COUNT(*) as `valid`
+ from `domains` inner join `domaincerts`
+ on `domains`.`id` = `domaincerts`.`domid`
+ where `domains`.`memid` = '".intval($row['id'])."'
+ and `revoked` = '0000-00-00 00:00:00'
+ and `expire` > NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $valid = $drow['valid'];
+
+ $query = "select COUNT(*) as `expired`
+ from `domains` inner join `domaincerts`
+ on `domains`.`id` = `domaincerts`.`domid`
+ where `domains`.`memid` = '".intval($row['id'])."'
+ and `expire` <= NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $expired = $drow['expired'];
+
+ $query = "select COUNT(*) as `revoked`
+ from `domains` inner join `domaincerts`
+ on `domains`.`id` = `domaincerts`.`domid`
+ where `domains`.`memid` = '".intval($row['id'])."'
+ and `revoked` != '0000-00-00 00:00:00'";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $revoked = $drow['revoked'];
+ ?>
+ <td class="DataTD"><?=intval($total)?></td>
+ <td class="DataTD"><?=intval($valid)?></td>
+ <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"><?=intval($revoked)?></td>
+ <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?
+ substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?
+ } else { // $total > 0
+ ?>
+ <td colspan="5" class="DataTD"><?=_("None")?></td>
+ <?
+ } ?>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Client")?>:</td>
+ <?
+ $query = "select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
+ from `emailcerts`
+ where `memid` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $total = $drow['total'];
+
+ $maxexpire = "0000-00-00 00:00:00";
+ if ($drow['maxexpire']) {
+ $maxexpire = $drow['maxexpire'];
+ }
+
+ if($total > 0) {
+ $query = "select COUNT(*) as `valid`
+ from `emailcerts`
+ where `memid` = '".intval($row['id'])."'
+ and `revoked` = '0000-00-00 00:00:00'
+ and `expire` > NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $valid = $drow['valid'];
+
+ $query = "select COUNT(*) as `expired`
+ from `emailcerts`
+ where `memid` = '".intval($row['id'])."'
+ and `expire` <= NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $expired = $drow['expired'];
+
+ $query = "select COUNT(*) as `revoked`
+ from `emailcerts`
+ where `memid` = '".intval($row['id'])."'
+ and `revoked` != '0000-00-00 00:00:00'";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $revoked = $drow['revoked'];
+ ?>
+ <td class="DataTD"><?=intval($total)?></td>
+ <td class="DataTD"><?=intval($valid)?></td>
+ <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"><?=intval($revoked)?></td>
+ <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?
+ substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?
+ } else { // $total > 0
+ ?>
+ <td colspan="5" class="DataTD"><?=_("None")?></td>
+ <?
+ } ?>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("GPG")?>:</td>
+ <?
+ $query = "select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
+ from `gpg`
+ where `memid` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $total = $drow['total'];
+
+ $maxexpire = "0000-00-00 00:00:00";
+ if ($drow['maxexpire']) {
+ $maxexpire = $drow['maxexpire'];
+ }
+
+ if($total > 0) {
+ $query = "select COUNT(*) as `valid`
+ from `gpg`
+ where `memid` = '".intval($row['id'])."'
+ and `expire` > NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $valid = $drow['valid'];
+
+ $query = "select COUNT(*) as `expired`
+ from `emailcerts`
+ where `memid` = '".intval($row['id'])."'
+ and `expire` <= NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $expired = $drow['expired'];
+
+ ?>
+ <td class="DataTD"><?=intval($total)?></td>
+ <td class="DataTD"><?=intval($valid)?></td>
+ <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"></td>
+ <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?
+ substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?
+ } else { // $total > 0
+ ?>
+ <td colspan="5" class="DataTD"><?=_("None")?></td>
+ <?
+ } ?>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><a href="account.php?id=58&amp;userid=<?=intval($row['id'])?>"><?=_("Org Server")?></a>:</td>
+ <?
+ $query = "select COUNT(*) as `total`,
+ MAX(`orgcerts`.`expire`) as `maxexpire`
+ from `orgdomaincerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $total = $drow['total'];
+
+ $maxexpire = "0000-00-00 00:00:00";
+ if ($drow['maxexpire']) {
+ $maxexpire = $drow['maxexpire'];
+ }
+
+ if($total > 0) {
+ $query = "select COUNT(*) as `valid`
+ from `orgdomaincerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
+ and `orgcerts`.`expire` > NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $valid = $drow['valid'];
+
+ $query = "select COUNT(*) as `expired`
+ from `orgdomaincerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`expire` <= NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $expired = $drow['expired'];
+
+ $query = "select COUNT(*) as `revoked`
+ from `orgdomaincerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`revoked` != '0000-00-00 00:00:00'";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $revoked = $drow['revoked'];
+ ?>
+ <td class="DataTD"><?=intval($total)?></td>
+ <td class="DataTD"><?=intval($valid)?></td>
+ <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"><?=intval($revoked)?></td>
+ <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?
+ substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?
+ } else { // $total > 0
+ ?>
+ <td colspan="5" class="DataTD"><?=_("None")?></td>
+ <?
+ } ?>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Org Client")?>:</td>
+ <?
+ $query = "select COUNT(*) as `total`,
+ MAX(`orgcerts`.`expire`) as `maxexpire`
+ from `orgemailcerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $total = $drow['total'];
+
+ $maxexpire = "0000-00-00 00:00:00";
+ if ($drow['maxexpire']) {
+ $maxexpire = $drow['maxexpire'];
+ }
+
+ if($total > 0) {
+ $query = "select COUNT(*) as `valid`
+ from `orgemailcerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
+ and `orgcerts`.`expire` > NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $valid = $drow['valid'];
+
+ $query = "select COUNT(*) as `expired`
+ from `orgemailcerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`expire` <= NOW()";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $expired = $drow['expired'];
+
+ $query = "select COUNT(*) as `revoked`
+ from `orgemailcerts` as `orgcerts` inner join `org`
+ on `orgcerts`.`orgid` = `org`.`orgid`
+ where `org`.`memid` = '".intval($row['id'])."'
+ and `orgcerts`.`revoked` != '0000-00-00 00:00:00'";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $revoked = $drow['revoked'];
+ ?>
+ <td class="DataTD"><?=intval($total)?></td>
+ <td class="DataTD"><?=intval($valid)?></td>
+ <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"><?=intval($revoked)?></td>
+ <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?
+ substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?
+ } else { // $total > 0
+ ?>
+ <td colspan="5" class="DataTD"><?=_("None")?></td>
+ <?
+ } ?>
+ </tr>
+</table>
+<br>
+
+<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
+ (<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
+<br />
+<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredby"><?=_("Show Assurances the user gave")?></a>
+ (<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredby15"><?=_("New calculation")?></a>)
+<br />
+
+<?
+// if(array_key_exists('assuredto',$_GET) && $_GET['assuredto'] == "yes") {
+
+function showassuredto()
+{
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="7" class="title"><?=_("Assurance Points")?></td>
+ <td colspan="8" class="title"><?=_("Assurance Points")?></td>
</tr>
<tr>
+ <td class="DataTD"><b><?=_("ID")?></b></td>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Email")?></b></td>
@@ -336,7 +815,7 @@
<td class="DataTD"><b><?=_("Revoke")?></b></td>
</tr>
<?
- $query = "select * from `notary` where `to`='".intval($row['id'])."'";
+ $query = "select * from `notary` where `to`='".intval($_GET['userid'])."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
@@ -345,13 +824,14 @@
$points += $drow['points'];
?>
<tr>
+ <td class="DataTD"><?=$drow['id']?></td>
<td class="DataTD"><?=sanitizeHTML($drow['date'])?></td>
<td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($drow['from'])?>"><?=sanitizeHTML($fromuser['fname'])." ".sanitizeHTML($fromuser['lname'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>"><?=sanitizeHTML($fromuser['email'])?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['from'])?>"><?=sanitizeHTML($fromuser['email'])?></a></td>
<td class="DataTD"><?=intval($drow['points'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
@@ -360,20 +840,18 @@
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
-<? } else { ?>
- <tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;assuredto=yes"><?=_("Show Assurances the user got")?></a></td>
- </tr>
<? } ?>
-<br>
+
<?
- if(array_key_exists('assuredby',$_GET) && $_GET['assuredby'] == "yes") {
+function showassuredby()
+{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="7" class="title"><?=_("Assurance Points The User Issued")?></td>
+ <td colspan="8" class="title"><?=_("Assurance Points The User Issued")?></td>
</tr>
<tr>
+ <td class="DataTD"><b><?=_("ID")?></b></td>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Email")?></b></td>
@@ -383,7 +861,7 @@
<td class="DataTD"><b><?=_("Revoke")?></b></td>
</tr>
<?
- $query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
+ $query = "select * from `notary` where `from`='".intval($_GET['userid'])."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
@@ -392,13 +870,14 @@
$points += $drow['points'];
?>
<tr>
+ <td class="DataTD"><?=$drow['id']?></td>
<td class="DataTD"><?=$drow['date']?></td>
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['to']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
<td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>"><?=sanitizeHTML($fromuser['email'])?></a></td>
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
- <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
@@ -407,11 +886,21 @@
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
-<? } else { ?>
- <tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;assuredby=yes"><?=_("Show Assurances the user gave")?></a></td>
- </tr>
<? } ?>
<br><br>
-<? } } ?>
+<? } }
+
+switch ($_GET['shownotary'])
+ {
+ case 'assuredto': showassuredto();
+ break;
+ case 'assuredby': showassuredby();
+ break;
+ case 'assuredto15': output_received_assurances(intval($_GET['userid']),1);
+ break;
+ case 'assuredby15': output_given_assurances(intval($_GET['userid']),1);
+ break;
+ }
+
+?>
diff --git a/pages/account/49.php b/pages/account/49.php
index 688b9a4..0218fa0 100644
--- a/pages/account/49.php
+++ b/pages/account/49.php
@@ -34,7 +34,7 @@
if(mysql_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+ <td colspan="5" class="title"><?=_("Select Specific User Account Details")?></td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
@@ -58,7 +58,11 @@
$row = mysql_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
- printf(_("No personal domains found matching %s"), sanitizeHTML($domain));
+ ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?printf(_("No personal domains found matching %s"), sanitizeHTML($domain));?></td>
+ </tr>
+ </table><br><br><?
}
$query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domain' limit 100";
@@ -66,7 +70,7 @@
if(mysql_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+ <td colspan="5" class="title"><?=_("Select Specific Organisation Account Details")?></td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
@@ -90,7 +94,11 @@
$row = mysql_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
- printf(_("No organisational domains found matching %s"), sanitizeHTML($domain));
+ ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?printf(_("No organisational domains found matching %s"), sanitizeHTML($domain));?></td>
+ </tr>
+ </table><br><br><?
}
}
diff --git a/pages/account/5.php b/pages/account/5.php
index ee500c0..5c131ba 100644
--- a/pages/account/5.php
+++ b/pages/account/5.php
@@ -19,12 +19,13 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="7" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Login")?></td>
@@ -38,6 +39,7 @@
UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
`emailcerts`.`id`,
`emailcerts`.`CN`,
+ `emailcerts`.`serial`,
emailcerts.disablelogin as `disablelogin`
from `emailcerts`
where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
@@ -54,7 +56,7 @@
{
?>
<tr>
- <td colspan="5" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="7" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -84,6 +86,7 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
<? } ?>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD">
diff --git a/pages/account/57.php b/pages/account/57.php
new file mode 100644
index 0000000..76eee27
--- /dev/null
+++ b/pages/account/57.php
@@ -0,0 +1,107 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?
+ include_once($_SESSION['_config']['filepath'].'/includes/notary.inc.php');
+
+ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+
+ echo _('You do not have access to this page');
+
+ } else {
+ $user_id = intval($_REQUEST['userid']);
+ $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ } else {
+ $row = mysql_fetch_assoc($res);
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="5" class="title"><?=_('CCA agreement of').' '.sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname'])?></td>
+ </tr>
+</table>
+
+
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="DataTD"><b><?=_('CCA type')?></b></td>
+ <td class="DataTD"><b><?=_('Date')?></b></td>
+ <td class="DataTD"><b><?=_('Method')?></b></td>
+ <td class="DataTD"><b><?=_('Type')?></b></td>
+ </tr>
+<?
+ $data=get_first_user_agreement($user_id,1);
+ if (!isset($data['active'])){
+ $type='';
+ }else{
+ $type=_('active');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('First active CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+<?
+ $data=get_first_user_agreement($user_id,0);
+ if (!isset($data['active'])){
+ $type="";
+ }else{
+ $type=_('passive');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('First passive CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+<?
+ $data=get_last_user_agreement($user_id);
+ if (!isset($data['active'])){
+ $type="";
+ }elseif($data['active']==1){
+ $type=_('active');
+ }else{
+ $type=_('passive');
+ }
+?>
+ <tr>
+ <td class="DataTD"><?=_('Last CCA')?></td>
+ <td class="DataTD"><?=$data['date']?></td>
+ <td class="DataTD"><?=$data['method']?></td>
+ <td class="DataTD"><?=$type?></td>
+ </tr>
+</table>
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+<?
+ if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+?>
+ <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=$user_id ?>">back</a></td></tr>
+<? }
+?> </table>
+<?
+ }
+}
+?>
diff --git a/pages/account/58.php b/pages/account/58.php
new file mode 100644
index 0000000..1f6b1a0
--- /dev/null
+++ b/pages/account/58.php
@@ -0,0 +1,61 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+ echo _('You do not have access to this page');
+} else {
+ $user_id = intval($_REQUEST['userid']);
+ $query = "select `users`.`fname`, `users`.`mname`, `users`.`lname` from `users` where `id`='$user_id' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) != 1){
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ } else {
+ if ($row = mysql_fetch_assoc($res)){
+ $username=sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname']);
+ $query = "select `orginfo`.`o`, `org`.`masteracc`
+ FROM `orginfo`, `org`
+ WHERE `orginfo`.`id` = `org`.`orgid`
+ AND `org`.`memid`='$user_id' order by `orginfo`.`o`";
+ $res1 = mysql_query($query);?>
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?
+ if (mysql_num_rows($res1) <= 0) {?>
+ <tr>
+ <td colspan="2" class="title"><?=sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
+ </tr>
+ <?}else{?>
+ <tr>
+ <td colspan="2" class="title"><?=sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><b><?=_('Organisation')?></b></td>
+ <td class="DataTD"><b><?=_('Masteraccount')?></b></td>
+ </tr><?
+ while($drow = mysql_fetch_assoc($res1)){?>
+ <tr>
+ <td class="DataTD"><?=$drow['o']?></td>
+ <td class="DataTD"><?=$drow['masteracc'] ? _("Yes") : _("No") ?></td>
+ </tr>
+ <?}
+ }
+ ?></table>
+<? }else{
+ echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+ }
+ }
+}
+?>
diff --git a/pages/help/0.php b/pages/help/0.php
index 83f97bd..7aa9d3b 100644
--- a/pages/help/0.php
+++ b/pages/help/0.php
@@ -15,15 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<h3><?=_("Help!")?></h3>
-<p><?=_("Following are several tips you may find useful.")?></p>
-
-<ul>
-<li><a href='help.php?id=3'><?=_("Generating a new key pair and CSR for IIS 5.0")?></a></li>
-<li><a href='help.php?id=4'><?=_("How do I generate a private key and CSR using OpenSSL?")?></a></li>
-<li><a href='logos.php'><?=_("How do I get a secured by CAcert emblem on my site?")?></a></li>
-<li><a href='help.php?id=6'><?=_("How do I get a server certificate from CAcert?")?></a></li>
-<li><a href='help.php?id=7'><?=_("How does CAcert protect its root private key?")?></a></li>
-<li><a href='help.php?id=9'><?=_("How can I do a single sign on similar to CAcert using client certificates?")?></a></li>
-<li><a href='http://wiki.cacert.org/'><?=_("Unofficial FAQ/Wiki")?></a></li>
-</ul>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/0">', '</a>');
+?>
+</p>
diff --git a/pages/help/2.php b/pages/help/2.php
index 5dd86c4..a03a773 100644
--- a/pages/help/2.php
+++ b/pages/help/2.php
@@ -15,65 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<ul>
- <li><a href="#whatFor"><?=_("What is it for?")?></a></li>
- <li><a href="#whyEmails"><?=_("Why digitally sign your own emails?! (weirdo..)")?></a></li>
- <li><a href="#freedom"><?=_("How it prepares us to protect our freedom")?></a></li>
- <li><a href="#whyAdopt"><?=_("Why isn't it being adopted by everyone?")?></a></li>
- <li><a href="#whyAccept"><?=_("Why is the digital signature described as 'not valid/not trusted'?")?></a></li>
- <li><a href="#proof"><?=_("But, er, is this really proof of your email identity?")?></a></li>
- <li><a href="#gimme"><?=_("How do I create my own digital signature?!")?></a><br></li>
- <li><a href="#encrypt"><?=_("I can't wait to start sending encrypted emails!")?></a></li>
- <li><a href="#notes"><?=_("Notes for the strangely curious")?></a></li>
- <li><a href="#refs"><?=_("References")?></a></li>
-</ul>
-<br>
-<h3><a name="whatFor"></a><?=_("What is it for?")?></h3>
-<p><?=_("The purpose of digital signing is to prove, electronically, one's identity")?>. <?=_("You see this all the time on the Internet - every time you go to a secure page on a web site, for example to enter personal details, or to make a purchase, every day you browse web sites that have been digitally signed by a Certificate Authority that is accepted as having the authority to sign it. This is all invisible to the user, except that you may be aware that you are entering a secure zone (e.g. SSL and HTTPS).")?></p>
-<p><?=_("Your browser includes special digital (root) certificates from a number of these 'Certificate Authorities' by default, and all web sites use certificates that are validated by one of these companies, which you as a user implicitly trust every time you go to the secure part of a web site. (You might ask, who validates the security of the Certificate Authorities, and why should you trust them?!")?>.... <a href="#notes"><?=_("Good question")?></a>.)</p>
-<p><?=_("Digital signing thus provides security on the Internet.")?></p>
-
-<h3><a name="whyEmails"></a><?=_("Why digitally sign your own emails?! (weirdo..)")?></h3>
-<p><?=_("Emails are not secure. In fact emails are VERY not secure!")?></p>
-<p><?=_("To get from computer Internet User A to Internet User B an email may pass through tens of anonymous computers on the Internet. These 'Internet infrastructure' computers are all free to inspect and change the contents of your email as they see fit. Governments systematically browse the contents of all emails going in/out/within their country, e.g. the")?> <a href="http://www.cnn.com/2000/TECH/computing/07/28/uk.surveillance.idg/"><?=_("UK Government has done this since the year 2000")?></a>. (<a href="#freedom"><?=_("How it prepares us to protect our freedom")?></a>). <?=_("Ever requested a password that you lost to be emailed to you? That password was wide open to inspection by potential crackers.")?></p>
-<p><?=_("As anyone who has received an email containing a virus from a strange address knows, emails can be easily spoofed. The identity of the sender is very easy to forge via email. Thus a great advantage is that digital signing provides a means of ensuring that an email is really from the person you think it is. If everyone digitally signed their emails, it would be much easier to know whether an email is legitimate and unchanged and to the great relief of many, spamming would be much easier to control, and viruses that forge the sender's address would be obvious and therefore easier to control.")?></p>
-
-<h3><a name="freedom"></a><?=_("How it prepares us to protect our freedom")?></h3>
-<p><?=_("But perhaps, fundamentally, the most important reason for digital signing is awareness and privacy. It creates awareness of the (lack of) security of the Internet, and the tools that we can arm ourselves with to ensure our personal security. And in sensitising people to digital signatures, we become aware of the possibility of privacy and encryption.")?></p>
-<p><?=_("Most people would object if they found that all their postal letters are being opened, read and possibly recorded by the Government before being passed on to the intended recipient, resealed as if nothing had happened. And yet this is what happens every day with your emails (in the UK). There are some who have objected to this intrusion of privacy, but their voices are small and fall on deaf ears. However the most effective way to combat this intrusion is to seal the envelope shut in a miniature bank vault, i.e. encrypt your email. If all emails were encrypted, it would be very hard for Government, or other organisations/individual crackers, to monitor the general public. They would only realistically have enough resources to monitor those they had reason to suspect. Why? Because encryption can be broken, but it takes a lot of computing power and there wouldn't be enough to monitor the whole population of any given country.")?></p>
-<p><?=_("The reason digital signatures prepare us for encryption is that if everyone were setup to be able to generate their own digital signatures, it would be technically very easy to make the next step from digital signatures to encryption. And that would be great for privacy, the fight against spamming, and a safer Internet.")?></p>
-
-<h3><a name="whyAdopt"></a><?=_("Why isn't it being adopted by everyone?")?></h3>
-<p><?=_("Of the biggest reasons why most people haven't started doing this, apart from being slightly technical, the reason is financial. You need your own certificate to digitally sign your emails. And the Certificate Authorities charge money to provide you with your own certificate. Need I say more. Dosh = no thanks I'd rather walk home. But organisations are emerging to provide the common fool in the street with a free alternative. However, given the obvious lack of funding and the emphasis on money to get enrolled, these organisations do not yet have the money to get themselves established as trusted Certificate Authorities. Thus it is currently down to trust. The decision of the individual to trust an unknown Certificate Authority. However once you have put your trust in a Certificate Authority you can implicitly trust the digital signatures generated using their certificates. In other words, if you trust (and accept the certificate of) the Certificate Authority that I use, you can automatically trust my digital signature. Trust me!")?></p>
-
-<h3><a name="whyAccept"></a><?=_("Why is the digital signature described as 'not valid/not trusted'?")?></h3>
-<p><?=_("To fully understand, read the section directly above. I am using a free Certificate Authority to provide me with the ability to digitally sign my emails. As a result, this Certificate Authority is not (yet) recognised by your email software as it is a new organisation that is not yet fully established, although it is probably being included in the Mozilla browser. If you choose to, you can go the their site at CAcert.org to install the root certificate. You may be told that the certificate is untrusted - that is normal and I suggest that you continue installation regardless. Be aware that this implies your acceptance that you trust their secure distribution and storing of digital signatures, such as mine. (You already do this all the time). The CAcert.org root certificate will then automatically provide the safe validation of my digital signature, which I have entrusted to them. Or you can simply decide that you've wasted your time reading this and do nothing (humbug!). Shame on you! :-)")?></p>
-
-<h3><a name="proof"></a><?=_("But, er, is this really proof of your email identity?")?></h3>
-<p><?=_("Security is a serious matter. For a digital certificate with full rights to be issued to an individual by a Certificate Authority, stringent tests must be conducted, including meeting the physical person to verify their identity. At the current moment in time, my physical identity has not been verified by CAcert.org, but they have verified my email address. Installing their root certificate (see above) will thus automatically allow you to validate my digital signature. You can then be confident of the authenticity of my email address - only I have the ability to digitally sign my emails using my CAcert.org certificate, so if you get an email that I digitally signed and which is validated by your email software using the CAcert.org root certificate that you installed, you know it's from me. (Visually you get a simple indication that my email is signed and trusted). Technically, they haven't verified that I really am me! But you have the guarantee that emails from my address are sent by the person who physically administers that address, i.e. me! The only way that someone could forge my digital signature would be if they logged on to my home computer (using the password) and ran my email software (using the password) to send you a digitally signed email from my address. Although I have noticed the cats watching me logon...")?></p>
-
-<h3><a name="gimme"></a><?=_("Cool man! How do I create my own digital signature?!")?></h3>
-<p><?=_("Easy. Ish. Go to CAcert.org, install their root certificate and then follow their joining instructions. Once you have joined, request a certificate from the menu. You will receive an email with a link to the certificate. Click on the link from your email software, and hopefully it will be seamlessly installed. Next find the security section of the settings in your email software and configure digital signatures using the certificate you just downloaded. Hmm. Call me if you want, I'll guide you through it.")?></p>
-
-<h3><a name="encrypt"></a><?=_("I can't wait to start sending encrypted emails!")?></h3>
-<p><?=_("There's nothing to it. I mean literally, you can already start sending your emails encrypted. Assuming of course you have your own digital signature certificate (e.g. as per above), and the person you want to send an encrypted email to also has a digital signature certificate, and has recently sent you a digitally signed email with it. If all these conditions hold, you just have to change the settings in your email software to send the email encrypted and hey presto! Your email software (probably Outlook I guess) should suss out the rest.")?></p>
-
-<h3><a name="notes"></a><?=_("Notes for the strangely curious")?></h3>
-<p><?=_("You are putting your trust in people you don't know!")?><br><?=_("One assumes that if a site has an SSL certificate (that's what enables secure communication, for exchanging personal details, credit card numbers, etc. and gives the 'lock' icon in the browser) that they have obtained that certificate from a reliable source (a Certificate Authority), which has the appropriate stringent credentials for issuing something so vital to the security of the Internet, and the security of your communications. You have probably never even asked yourself the question of who decided to trust these Certificate Authorities, because your browser comes with their (root) certificates pre-installed, so any web site that you come across that has an SSL certificate signed by one of them, is automatically accepted (by your browser) as trustworthy.")?></p>
-<p><?=_("Thus, having now asked the question, you suppose that it's the people who make the browser software that have carefully decided who is a trustworthy Certificate Authority. Funnily enough, the mainstream browsers have not, historically, had public policies on how they decide whether a Certificate Authority gets added to their browser. All of the Certificate Authorities that have found themselves in the browser software, are big names, probably with big profits (so they must be doing a good job!).")?></p>
-<p><?=_("That situation has changed, and Internet Explorer, being the most obvious example, now insists that any Certificate Authorities are 'audited' by an 'independent' organisation, the American Institute for Certified Public Accountant's (AICPA). So now, if you have the money needed (from US$75000 up to US$250000 and beyond) you can get these accountants, who clearly know a lot about money, to approve you as having the required technical infrastructure and business processes to be a Certificate Authority. And they get a nice wad of money for the pleasure. And the Certificate Authorities, having a kind of monopoly as a result, charge a lot for certificates and also get a nice wad of money. And everyone's happy.")?></p>
-<p><?=_("But, with all this money, and all this responsibility, they must be taking a lot of care to ensure the Certificate Authorities do their jobs well, and keep doing their jobs well, right? Well right?!")?></p>
-<p><?=_("And they are making mistakes")?></p>
-<p><?=_("So if you don't pass the audit, you don't get to be a Certificate Authority. And to pass the audit, well, you've got to show that you can do a good job issuing certificates. That they're secure, you only give them to the right people, etc. So what happens when you make a mistake and you erroneously issue a certificate that risks the entire Internet browsing population, like Verisign did? Well, er, nothing actually. They already paid for their audit, and damn it, they're so big now, we couldn't possibly revoke their Certificate Authority status. (There's too much money at stake!)")?></p>
-
-<h3><?=_("So, dammit, what's the point of all this then?")?></h3>
-<p><?=_("The point is, as the current situation holds, you should be wary of anyone making decisions for you (i.e. pre-installed certificates in your browser), and you should be weary of anyone else's certificates that you install. But at the end of the day, it all boils down to trust. If an independent Certificate Authority seems to be reputable to you, and you can find evidence to support this claim, there's no reason why you shouldn't trust it any less than you implicitly trust the people who have already made mistakes.")?></p>
-<h3><a name="refs"></a><?=_("References")?></h3>
-<p><a href="http://www.schneier.com/paper-pki.pdf"><?=_("Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure")?></a> - http://www.counterpane.com/pki-risks.pdf</p>
-<p><a href="http://www.webtrust.org/certauth.htm"><?=_("WebTrust for Certification Authorities")?></a> - http://www.webtrust.org/certauth.htm</p>
-<p><a href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-017.asp"><?=_("Erroneous Verisign Issued Digital Certificates Pose Spoofing Hazard")?></a> - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-017.asp</p>
-<p><a href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/rootcert.asp"><?=_("Microsoft Root Certificate Program")?></a> - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/rootcert.asp</p>
-<p><a href="http://www.homeoffice.gov.uk/crimpol/crimreduc/regulation/index.html"><?=_("The Regulation of Investigational Powers Act (RIPA)</a> ('Snooping Bill' official gov site, UK)")?> - http://www.homeoffice.gov.uk/crimpol/crimreduc/regulation/index.html</p>
-<p><a href="http://www.cnn.com/2000/TECH/computing/07/28/uk.surveillance.idg/"><?=_("U.K. e-mail snooping bill passed")?></a> (UK) - http://www.cnn.com/2000/TECH/computing/07/28/uk.surveillance.idg/</p>
-<p><?=_("Disclaimer : These are the author's opinions, but they should not be considered 'truth' without personal verification. The author may have made mistakes and any mistakes will be willingly rectified by contacting the administrator of elucido.net, contact details available from the normal domain registration information services (e.g. whois.net).&nbsp; No recommendation to install a Certificate Authority's root certificate is either intended nor implied.")?></p>
-<p><? printf(_("The page has been reproduced on %s with explicit permission from %sthe author%s with the information being copyrighted to the author (name with held by request)"), "<a href='http://www.CAcert.org'>CAcert.org</a>", "<a href='http://elucido.net/'>", "</a>")?></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/2">', '</a>');
+?>
+</p>
diff --git a/pages/help/3.php b/pages/help/3.php
index b56823e..8cdeb08 100644
--- a/pages/help/3.php
+++ b/pages/help/3.php
@@ -15,74 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<h3><?=_("Generating a Key Pair and Certificate Signing Request (CSR) for a Microsoft Internet Information Server (IIS) 5.0.")?></h3>
-<p><?=_("To generate a public and private key pair and CSR for a Microsoft IIS 5 Server:")?></p>
- <ol class="tutorial">
- <li><b><?=_("Key generation process")?></b><br />
- <?=_("Under 'Administrative Tools', open the 'Internet Services Manager'. Then open up the properties window for the website you wish to request the certificate for. Right-clicking on the particular website will open up its properties.")?><br />
- <img src="iistutorial/image001.jpg" height="453" width="642" alt="<?=_("Screenshot of IIS 5.0")?>" /><br />
- <img src="iistutorial/image002.jpg" height="453" width="463" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Open Directory Security folder")?></b><br />
- <?=_("In the 'Directory Security' folder click on the 'Server Certificate' button in the 'Secure communications' section. If you have not used this option before the 'Edit' button will not be active.")?><br />
- <img src="iistutorial/image003.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Select 'Create a new certificate'")?></b><br />
- <?=_("Now 'Create a new certificate'.")?><br />
- <img src="iistutorial/image004.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Prepare the request")?></b><br />
- <?=_("You'll prepare the request now, but you can only submit the request via the online request forms. We do not accept CSRs via email.")?><br />
- <img src="iistutorial/image005.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Enter a certificate name and select Certificate strength")?></b><br />
- <?=_("Select 'Bit length'. We advise a key length of 1024 bits.")?><br />
- <img src="iistutorial/image006.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /><br />
- <br />
- <?=_("You have now created a public/private key pair. The private key is stored locally on your machine. The public portion is sent to CAcert in the form of a CSR.")?><br />
- <br />
- <?=_("You will now create a CSR. This information will be displayed on your certificate, and identifies the owner of the key to users. The CSR is only used to request the certificate. The following characters must be excluded from your CSR fields, or your certificate may not work:")?> <p style="color: red;">! @ # $ % ^ * ( ) ~ ? &gt; &lt; &amp; / \</p>
- </li>
- <li><b><?=_("Enter your Organisation Information")?></b><br />
- <?=_("Enter the Organisation name: this must be the full legal name of the Organisation that is applying for the certificate.")?><br />
- <br />
- <?=_("The Organisational Unit field is the 'free' field. It is often the department or Server name for reference.")?><br />
- <img src="iistutorial/image007.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Enter your Common Name")?></b><br />
- <?=_("The Common Name is the fully qualified host and Domain Name or website address that you will be securing. Both 'www.CAcert.org' and 'secure.CAcert.com' are valid Common Names. IP addresses are usually not used.")?><br />
- <img src="iistutorial/image008.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Enter the geographical details")?></b><br />
- <?=_("Your country, state and city.")?><br />
- <img src="iistutorial/image009.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Choose a filename to save the request to")?></b><br />
- <?=_("Select an easy to locate folder. You'll have to open this file up with Notepad. The CSR must be copied and pasted into our online form. Once the CSR has been submitted, you won't need this CSR any more as IIS won't reuse old CSR to generate new certificates.")?><br />
- <img src="iistutorial/image010.gif" height="386" width="503" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Confirm your request details")?></b></li>
- </ol>
-<p><?=_("Finish up and exit IIS Certificate Wizard")?></p>
-
-<h3><?=_("Certificate Installation process for IIS 5.0")?></h3>
-<p><?=_("After your certificate has been emailed to you, follow this process to install the certificate.")?></p>
- <ol class="tutorial">
- <li><b><?=_("Saving the certificate")?></b><br />
- <?=_("Copy the contents of the email including the")?>
- <code>-----BEGIN CERTIFICATE-----</code> <?=_("and")?>
- <code>-----END CERTIFICATE-----</code> <?=_("lines. Do not copy any extra line feeds or carriage returns at the beginning or end of the certificate. Save the certificate into a text editor like Notepad. Save the certificate with an extension of .cer and a meaningful name like certificate.cer")?><br /><br />
- <img src="iistutorial/image011b.png" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Installation steps")?></b><br />
- <?=_("Return to the 'Internet Information Services' screen in 'Administrative Tools' under 'Control Panel'. Right click on 'Default Web Site' and select 'Properties'.")?><br />
- <img src="iistutorial/image001.jpg" height="453" width="642" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Select the Directory Security tab")?></b><br />
- <?=_("Select 'Server Certificate' at the bottom of the tab in the 'Secure communications' section.")?><br />
- <img src="iistutorial/image002.jpg" height="453" width="463" alt="<?=_("Screenshot of IIS 5.0")?>" /><br /></li>
- <li><b><?=_("In the 'IIS Certificate Wizard' you should find a 'Pending Certificate Request'.")?></b><br />
- <?=_("Ensure 'Process the pending request and install the certificate' is selected and click on 'Next'.")?><br />
- <img src="iistutorial/image012.gif" height="388" width="506" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Browse to the location you saved the .cer file to in step 1")?></b><br />
- <?=_("Select the .cer file and click 'Next'.")?><br />
- <img src="iistutorial/image013.gif" height="388" width="505" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("Ensure that you are processing the correct certificate")?></b><br />
- <?=_("...then click 'Next'.")?><br />
- <img src="iistutorial/image014.jpg" height="390" width="506" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- <li><b><?=_("You will see a confirmation screen.")?></b><br />
- <?=_("When you have read this information, click 'Finish'.")?><br />
- <img src="iistutorial/image015.gif" height="390" width="507" alt="<?=_("Screenshot of IIS 5.0")?>" /></li>
- </ol>
- <p><b><?=_("And you're done!")?></b></p>
- <p><?=_("For more information, refer to your server documentation or visit")?> <a href="http://support.microsoft.com/support/"><?=_("Microsoft Support Online")?></a>.</p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/3">', '</a>');
+?>
+</p>
diff --git a/pages/help/4.php b/pages/help/4.php
index 428c934..248564c 100644
--- a/pages/help/4.php
+++ b/pages/help/4.php
@@ -15,31 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("Firstly you will need to run the following command, preferably in secured directory no one else can access, however protecting your private keys is beyond the scope of this document.")?></p>
-<p># openssl req -nodes -new -keyout private.key -out server.csr</p>
-<p><?=_("Then the system will try to generate some very random numbers to get a secure key.")?></p>
-<p><?=_("Generating a 1024 bit RSA private key")?><br>
- ...++++++<br>
- ....++++++<br>
-<?=_("writing new private key to 'private.key'")?></p>
-<p><?=_("You will then be asked to enter information about your company into the certificate. Below is a valid example:")?></p>
-<p><?=_("Country Name (2 letter code) [AU]:")?>AU<br>
- <?=_("State or Province Name (full name) [NSW]:")?>NSW<br>
- <?=_("Locality Name (eg, city) [Sydney]:")?>Sydney<br>
- <?=_("Organization Name (eg, company) [XYZ Corp]:")?>CAcert Inc.<br>
- <?=_("Organizational Unit Name (eg, section) [Server Administration]:.")?><br>
- <?=_("Common Name (eg, YOUR name) []:")?>www.cacert.org<br>
- <?=_("Email Address")?> []:no-returns@cacert.org</p>
-<p><?=_("Finally you will be asked information about 'extra' attribute, you simply hit enter to both these questions.")?></p>
-<p><?=_("Next step is that you submit the contents of server.csr to the CAcert website, it should look *EXACTLY* like the following example otherwise the server may reject your request because it appears to be invalid.")?></p>
-<p>-----BEGIN CERTIFICATE REQUEST-----<br>
- MIIBezCB5QIBADA8MRcwFQYDVQQDEw53d3cuY2FjZXJ0Lm9yZzEhMB8GCSqGSIb3<br>
- DQEJARYSc3VwcG9ydEBjYWNlcnQub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB<br>
- iQKBgQDQd1+ut4TJLWZf5A9r3D17Kob+CNwz/jfCOYrH0P6q1uw4jfSyrWUeSaVc<br>
- 59Xjpov8gRctlAuWM9KavkLSF6vcNdDEbvUYnL/+ixdmVE9tlXuSFEGz0GAF5faf<br>
- QZe30wk+2hnC6P+rwclypOhkTXtWgvSHPZg9Cos8xqDyv589QwIDAQABoAAwDQYJ<br>
- KoZIhvcNAQEEBQADgYEAJruzBZr4inqaeidn1m2q47lXZUWjgsrp3k3bFJ/HCb3S<br>
- 2SgVqHFrOisItrr7H0Dw2EcPhIrRokRdjIAwwlxG9v21eFaksZUiaP5Yrmf89Njk<br>
- HV+MZXxbC71NIKrnZsDhHibZslICh/XjdPP7zfKMlHuaaz1oVAmu9BlsS6ZXkVA=<br>
------END CERTIFICATE REQUEST----- </p>
-<p><?=_("Once you've submitted it the system will process your request and send an email back to you containing your server certificate.")?></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/4">', '</a>');
+?>
+</p>
diff --git a/pages/help/5.php b/pages/help/5.php
index d59e3dc..604febc 100644
--- a/pages/help/5.php
+++ b/pages/help/5.php
@@ -15,4 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?=_("To be completed")?>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/5">', '</a>');
+?>
+</p>
diff --git a/pages/help/6.php b/pages/help/6.php
index adbd656..5308e93 100644
--- a/pages/help/6.php
+++ b/pages/help/6.php
@@ -15,14 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("Firstly you need to join CAcert to do that go:")?> <a href='https://www.cacert.org/index.php?id=1'><?=("here")?></a></p>
-
-<p><?=_("Then you need to generate a Certificate Signing Request, for more details go:")?> <a href=http://www.cacert.org/help.php><?=_("here")?></a></p>
-
-<p><?=_("You then need to add the domain you have control of to your account, which you can do:")?> <a href='https://www.cacert.org/account.php?id=7'><?=_("here")?></a></p>
-
-<p><?=_("System will send you an email with a link in it, you just open the link in a webbrowser.")?></p>
-
-<p><?=_("Then you need to submit the contents from the CSR file to CAcert, you need to go:")?> <a href='https://www.cacert.org/account.php?id=10'><?=_("here")?></a></p>
-
-<p><?=_("CAcert then sends you an email with a signed copy of your certificate. Hopefully the rest should be pretty straight forward.")?></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/6">', '</a>');
+?>
+</p>
diff --git a/pages/help/7.php b/pages/help/7.php
index 842a4cf..73e18da 100644
--- a/pages/help/7.php
+++ b/pages/help/7.php
@@ -15,12 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("In light of a request on the bugzilla list for more information about how our root certificate is protected I've decided to do a write up here and see if there is anything more people suggest could be done, or a better way of handling things altogether.")?></p>
-<p><?=_("Currently there is 2 main servers, one for webserver, one for root store, with the root store only connected to the webserver via serial cable, with a daemon running as non-root processes on each end of the serial listening/sending requests/info.")?></p>
-<p><?=_("If the root store detects a bad request it assumes the webserver is compromised and shuts itself down.")?></p>
-<p><?=_("If the root store doesn't receive a 'ping' reply over the serial link within a determined amount of time it assumes the webserver is compromised or the root store itself has been stolen and shuts itself down.")?></p>
-<p><?=_("Apart from the boot stuff, all data resides on an encrypted partition on the root store server and only manual intervention in the boot up process by entering the password will start it again.")?></p>
-<p><?=_("The requests sent to the root store, are stored in a file for another process triggered by cron to parse and sign them, then stored in a reply file to be sent back to the webserver. Causing things to be separated into different users, basic privilege separation stuff. So being actually able to hack the serial daemons will only at the VERY worst cause fraudulent certificates, not the root to be revealed.")?></p>
-<p><?=_("Why use serial you ask? Well certificate requests are low bandwidth for starters, then of course simpler systems in security are less prone to exploits, and finally serial code is pretty mature and well tested and hopefully all exploits were found and fixed a long time ago.")?></p>
-<p><?=_("With the proposed root certificate changes, there would be a new root, this would sign at least 1 sub-root, then the private key stored offline in a bank vault, with the sub-root doing all the signing, or alternatively 2 sub-roots, 1 for client certificates, one for server, the thinking behind this, if any of the sub-roots are compromised they can be revoked and reissued.")?></p>
-<p><?=_("Alternatively as things progress we can add more layers of security with say 4 webservers talking to 2 intermediate servers, talking to the root store, and acting in a token ring fashion, anything happening out of sequence, and the server directly upstream shuts itself down, which if that were in place and there were multiple paths, any down time in this fashion would fall over to the servers not compromised, anyways just some food for thought.")?></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/7">', '</a>');
+?>
+</p>
diff --git a/pages/help/8.php b/pages/help/8.php
index 8ee4974..41c4959 100644
--- a/pages/help/8.php
+++ b/pages/help/8.php
@@ -15,6 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><i><?=_("Question: I'm a software developer for linux and I want to use CAcert/openssl to distribute my packages with detached signatures, is this possible and why would I do this over PGP/GPG detached signatures?")?></i></p>
-<p><?=_("I'll anwser the why part first, as that's reasonably easy. The short answer is it takes most of the key handling responsibilty away from you and/or your group. If you need to revoke your key for any reason (such as a developer leaving the project) it won't effect your ability to revoke the existing key or keys, and issue new ones.")?></p>
-
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/8">', '</a>');
+?>
+</p>
diff --git a/pages/help/9.php b/pages/help/9.php
index 8a538fe..d6fdc39 100644
--- a/pages/help/9.php
+++ b/pages/help/9.php
@@ -15,53 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
+<p style="background-color: #FF8080; font-size: 150%">
<?
- function dotab($num)
- {
- $string="";
- for($i = 0; $i < $num; $i++)
- {
- for($j = 0; $j < 8; $j++)
- $string .= "&nbsp;";
- }
- return($string);
- }
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/HELP/9">', '</a>');
?>
-<h3><?=_("How can I do a single sign on similar to CAcert using client certificates?")?></h3>
-
-<p><?=_("Firstly you need mod-ssl and apache setup (this is beyond the scope of this FAQ item and you will need to search on google etc for LAMP setup information). I recommend mod-ssl over apache-ssl because it means you need less resources to achieve the same result.")?></p>
-
-<p><?=_("Once you have everything setup and working you will need to add lines similar to below to your apache.conf")?></p>
-
-<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><br>
-&lt;VirtualHost 127.0.0.1:443&gt;<br>
-SSLEngine on<br>
-SSLVerifyClient require<br>
-SSLVerifyDepth 2<br>
-SSLCACertificateFile /etc/ssl/cacert.crt<br>
-SSLCertificateFile /etc/ssl/certs/cacert.crt<br>
-SSLCertificateKeyFile /etc/ssl/private/cacert.pem<br>
-SSLOptions +StdEnvVars<br>
-<br>
-ServerName secure.cacert.org<br>
-DocumentRoot /www<br>
-&lt;/VirtualHost&gt;<br><br>
-</p>
-
-<p><?=_("Please note, you will need to alter the paths, hostname and IP of the above example, which is just that an example! The SSLCACertificateFile directive is supposed to point to a file with the root certificate you wish to verify your client certificates against, for the CAcert website we obviously only accept certificates issued by our own website and use our root certificate to initially verify this.")?></p>
-
-<p><?=_("Once you have everything working and you've tested sending a client certificate to your site and you're happy all is well you can start adding code to PHP (or any other language you like that can pull server environment information). At present I only have PHP code available and the example is in PHP")?></p>
-
-<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><br>
-<?=dotab(1)?>if($_SERVER['HTTP_HOST'] == "secure.cacert.org")<br>
-<?=dotab(1)?>{<br>
-<?=dotab(2)?>$query = "select * from `users` where `email`='$_SERVER[SSL_CLIENT_S_DN_Email]'";<br>
-<?=dotab(2)?>$res = mysql_query($query);<br>
-<?=dotab(2)?>if(mysql_num_rows($res) > 0)<br>
-<?=dotab(2)?>{<br>
-<?=dotab(3)?>$_SESSION['profile']['loggedin'] = 1;<br>
-<?=dotab(3)?>header("location: https://secure.cacert.org/account.php");<br>
-<?=dotab(3)?>exit;<br>
-<?=dotab(2)?>}<br>
-<?=dotab(1)?>}<br><br>
</p>
diff --git a/pages/index/0.php b/pages/index/0.php
index d1d3fef..7ee2286 100644
--- a/pages/index/0.php
+++ b/pages/index/0.php
@@ -19,7 +19,7 @@
<p><?=sprintf(_("If you want to have free certificates issued to you, join the %s CAcert Community %s."),"<a href=\"https://www.cacert.org/index.php?id=1\">","</a>")?></p>
-<p><?=sprintf(_("If you want to use certificates issued by CAcert, read the CAcert %s Root Distribution License %s."),'<a href="/policy/RootDistributionLicense.php">',"</a>")?>
+<p><?=sprintf(_("If you want to use certificates issued by CAcert, read the CAcert %s Root Distribution License %s."),'<a href="/policy/RootDistributionLicense.html">',"</a>")?>
<?=sprintf(_("This license applies to using the CAcert %s root keys %s."),'<a href="/index.php?id=3">','</a>')?></p>
@@ -92,7 +92,7 @@
<p><?=sprintf(_("Have you passed the CAcert %s Assurer Challenge %s yet?"),'<a href="http://wiki.cacert.org/wiki/AssurerChallenge">','</a>')?></p>
-<p><?=sprintf(_("Have you read the CAcert %sCommunity Agreement%s yet?"),'<a href="/policy/CAcertCommunityAgreement.php">','</a>')?></p>
+<p><?=sprintf(_("Have you read the CAcert %sCommunity Agreement%s yet?"),'<a href="/policy/CAcertCommunityAgreement.html">','</a>')?></p>
<p><?=sprintf(_("For general documentation and help, please visit the CAcert %sWiki Documentation site %s."),'<a href="http://wiki.CAcert.org">','</a>')?>
<?=sprintf(_("For specific policies, see the CAcert %sApproved Policies page%s."),'<a href="/policy/">',"</a>")?></p>
@@ -118,9 +118,9 @@
<p><?=_("If you are located in Australia, use bank transfer instead.")?></p>
<p><?=_("CAcert bank account details:")?></p>
-
-<ul>
+<ul class="no_indent">
<li>Account Name: CAcert Inc</li>
+<li>SWIFT: WPACAU2S</li>
<li>BSB: 032073</li>
<li>Account No.: 180264</li>
</ul>
@@ -128,44 +128,3 @@
<?=_("If you want to participate in CAcert.org, have a look")?> <a href="http://wiki.cacert.org/wiki/HelpingCAcert"><?=_("here")?></a> <?=_("and")?> <a href="http://wiki.cacert.org/wiki/SystemTasks"><?=_("here")?></a>.
-<!--
-<h3><?=_("For CAcert Association Members")?></h3>
-
-<b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b>
-<p><?=_("If not then select this PayPal button to pay your US$10 membership fee for the year.")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="Make payments with PayPal">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHiAYJKoZIhvcNAQcEoIIHeTCCB3UCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAVW/F7PUYp3SMSCdOj1L4lNmZk8TPLmyFBXiYe/dP6bdcsvvx0A58mLC/3j961TCs95gXWqYx5vDD9znDEii5An7weRqtaxFa9B+UplKT2kcQJpi45zsGKzhwtHF/g0aJQdLmzrDYNnWd16UvhuasUIV501LaZB3ykq5j2eDJV/DELMAkGBSsOAwIaBQAwggEEBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJHKnDgLaYrEgIHgjYPDm0r2cH9hexIMEuCuiO9eOIsYxpzC50y9+ZWltUA9Eqp8avPT3ExC4qaw6FS8eo4+UWweESWXpAk3QrNTXgeV+Zf/4RjUEurpkRECinPUCtTgJvs6XLaPU50hAAaV9QmknT4DICcmB7djry0tB1FbLOmnqMyOTpT2pKDuL7r6hgEIAnCyASBtO5E8YJWFgSneQ53PbtT+YuAcVwIOD83wFRDAjlwYhs50VD6ugK07SXxC5I8RFV65PZS/qIiEEBCv7yiXi/U9DK4QG+3ojuxkP6ZjwshGb/99uK1NZCqgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzExMDMwNzA2NDdaMCMGCSqGSIb3DQEJBDEWBBQQVDeJMeMteu3fuP5xIdpSiYrfLDANBgkqhkiG9w0BAQEFAASBgHIt5M/R6uPXFU0bVQJWcoO++ETE4nPbp+Nz+o7bclXsxIQL+yG5C5vQdpgNeCLuq42sPv+QUuVoMxio6hecCgHewwqAxkrUUr+teGOFSEqpfXBhjWfkUvZLvOy1ix6pSpjLnUu4bbJxaA5eM0gZQDZCJ8nh0HxPScdi5BhVuPSk-----END PKCS7-----
-">
-</form>
-<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of US$10 in AU$.")?></p>
-
-<p><?=_("Please also include Your name in the transaction so we know who it came from or send an email to robert at cacert dot org with the details:")?></p>
-
-<ul>
-<li>Account Name: CAcert Inc</li>
-<li>BSB: 032073</li>
-<li>Account No.: 180264</li>
-</ul>
-<br/><br/>
--->
-
-
-<!--
-<h3><?=_("Introduction")?></h3>
-
-<p><?=_("It's been a long time coming, but the wait was worthwhile, finally you are able to get security at the right price... Free!")?></p>
-
-<p><?=_("For years we've all been charged high amounts of money to pay for security that doesn't and shouldn't cost the earth.")?></p>
-
-<p><?=_("The primary goals are:")?>
-<ul>
-<li><?=_("Inclusion into mainstream browsers!")?></li>
-<li><?=_("To provide a trust mechanism to go with the security aspects of encryption.")?></li>
-</ul>
-
-<p><?=sprintf(_("For general documentation and help please see our %s site"), "<a href='http://wiki.CAcert.org'>"._("Wiki Documentation")."</a>")?>.</p>
--->
-
-
diff --git a/pages/index/1.php b/pages/index/1.php
index d9ce8a8..5385f0b 100644
--- a/pages/index/1.php
+++ b/pages/index/1.php
@@ -18,36 +18,40 @@
<p><?=_("By joining CAcert and becoming a Member, you agree to the CAcert Community Agreement. Please take a moment now to read that and agree to it; this will be required to complete the process of joining.")?></p>
<p><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
-<b><?=_("In light of the number of people having issues with making up a password we have the following suggestions:")?></b><br><br>
-<?=_("To get a password that will work, we suggest the following example")?>: Fr3d Sm|7h<br><br>
-<?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br>
+<?=_("A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br>
<b><?=_("Note: White spaces at the beginning and end of a password will be removed.")?></b>
</p>
<form method="post" action="index.php" autocomplete="off">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("My Details")?></td>
+ <td colspan="3" class="title"><?=_("My Details")?></td>
</tr>
+
<tr>
<td class="DataTD" width="125"><?=_("First Name")?>: </td>
<td class="DataTD" width="125"><input type="text" name="fname" value="<?=array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" autocomplete="off"></td>
+ <td rowspan="4" class="DataTD" width="125"><? printf(_("Help on Names %sin the wiki%s"),'<a href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td>
</tr>
+
<tr>
<td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
(<?=_("optional")?>)
</td>
<td class="DataTD"><input type="text" name="mname" value="<?=array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" autocomplete="off"></td>
</tr>
+
<tr>
<td class="DataTD"><?=_("Last Name")?>: </td>
<td class="DataTD"><input type="text" name="lname" value="<?=array_key_exists('lname',$_REQUEST)?sanitizeHTML($_REQUEST['lname']):""?>" autocomplete="off"></td>
</tr>
+
<tr>
<td class="DataTD"><?=_("Suffix")?><br>
(<?=_("optional")?>)</td>
- <td class="DataTD"><input type="text" name="suffix" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" autocomplete="off"><br><?=sprintf(_("Please only write %sName Suffixes%s into this field."),'<a href="http://en.wikipedia.org/wiki/Suffix_%28name%29" target="_blank">','</a>')?></td>
+ <td class="DataTD"><input type="text" name="suffix" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" autocomplete="off"><br><?=sprintf(_("Please only write Name Suffixes into this field."))?></td>
</tr>
+
<tr>
<td class="DataTD"><?=_("Date of Birth")?><br>
(<?=_("dd/mm/yyyy")?>)</td>
@@ -75,49 +79,63 @@
</select>
<input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['signup']) ? sanitizeHTML($_SESSION['signup']['year']):""?>" size="4" autocomplete="off"></nobr>
</td>
+ <td class="DataTD">&nbsp;</td>
</tr>
+
<tr>
<td class="DataTD"><?=_("Email Address")?>: </td>
- <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" autocomplete="off"><br/><?=_("I own or am authorised to control this email address")?>
-</td>
+ <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" autocomplete="off"></td>
+ <td class="DataTD"><?=_("I own or am authorised to control this email address")?></td>
</tr>
+
<tr>
<td class="DataTD"><?=_("Pass Phrase")?><font color="red">*</font>: </td>
<td class="DataTD"><input type="password" name="pword1" autocomplete="off"></td>
+ <td class="DataTD" rowspan="2">&nbsp;</td>
</tr>
<tr>
<td class="DataTD"><?=_("Pass Phrase Again")?><font color="red">*</font>: </td>
<td class="DataTD"><input type="password" name="pword2" autocomplete="off"></td>
</tr>
+
<tr>
- <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td>
+ <td class="DataTD" colspan="3"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td>
</tr>
+
<tr>
- <td class="DataTD" colspan="2"><?=_("Lost Pass Phrase Questions - Please enter five questions and your responses to be used for security verification.")?></td>
+ <td class="DataTD" colspan="3"><?=_("Lost Pass Phrase Questions - Please enter five questions and your responses to be used for security verification.")?></td>
</tr>
+
<tr>
<td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?=array_key_exists('Q1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q1']):""?>"></td>
<td class="DataTD"><input type="text" name="A1" value="<?=array_key_exists('A1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A1']):""?>" autocomplete="off"></td>
+ <td class="DataTD" rowspan="5">&nbsp;</td>
</tr>
+
<tr>
<td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?=array_key_exists('Q2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q2']):""?>"></td>
<td class="DataTD"><input type="text" name="A2" value="<?=array_key_exists('A2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A2']):""?>" autocomplete="off"></td>
</tr>
+
<tr>
<td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?=array_key_exists('Q3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q3']):""?>"></td>
<td class="DataTD"><input type="text" name="A3" value="<?=array_key_exists('A3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A3']):""?>" autocomplete="off"></td>
</tr>
+
<tr>
<td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?=array_key_exists('Q4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q4']):""?>"></td>
<td class="DataTD"><input type="text" name="A4" value="<?=array_key_exists('A4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A4']):""?>" autcomplete="off"></td>
</tr>
+
<tr>
<td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?=array_key_exists('Q5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q5']):""?>"></td>
<td class="DataTD"><input type="text" name="A5" value="<?=array_key_exists('A5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A5']):""?>" autocomplete="off"></td>
</tr>
+
<tr>
- <td class="DataTD" colspan="2"><?=_("It's possible to get notifications of up and coming events and even just general announcements, untick any notifications you don't wish to receive. For country, regional and radius notifications to work you must choose your location once you've verified your account and logged in.")?></td>
+ <td class="DataTD" colspan="3"><?=_("It's possible to get notifications of up and coming events and even just general announcements, untick any notifications you don't wish to receive. For country, regional and radius notifications to work you must choose your location once you've verified your account and logged in.")?></td>
</tr>
+
<tr>
<td class="DataTD" valign="top"><?=_("Alert me if")?>: </td>
<td class="DataTD" align="left">
@@ -125,16 +143,18 @@
<input type="checkbox" name="country" value="1" <?=array_key_exists('country',$_SESSION['signup'])? ($_SESSION['signup']['country'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Country Announcements")?><br>
<input type="checkbox" name="regional" value="1" <?=array_key_exists('regional',$_SESSION['signup'])? ($_SESSION['signup']['regional'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Regional Announcements")?><br>
<input type="checkbox" name="radius" value="1" <?=array_key_exists('radius',$_SESSION['signup'])? ($_SESSION['signup']['radius'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Within 200km Announcements")?></td>
+ <td class="DataTD">&nbsp;</td>
</tr>
+
<tr>
- <td class="DataTD" colspan="2"><?=_("When you click on next, we will send a confirmation email to the email address you have entered above.")?></td>
+ <td class="DataTD" colspan="3"><?=_("When you click on next, we will send a confirmation email to the email address you have entered above.")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="checkbox" name="cca_agree" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> ><?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.php">http://www.cacert.org/policy/CAcertCommunityAgreement.php</a></td>
+ <td class="DataTD" colspan="3"><input type="checkbox" name="cca_agree" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> ><?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.html">http://www.cacert.org/policy/CAcertCommunityAgreement.html</a></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=_("Next")?>"></td>
</tr>
</table>
diff --git a/pages/index/10.php b/pages/index/10.php
index 9e09bb8..7dd8200 100644
--- a/pages/index/10.php
+++ b/pages/index/10.php
@@ -14,11 +14,8 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_('This page has been moved to the %spolicy directory%s. Please update '.
- 'your bookmarks and report any broken links.'),
- '<a href="/policy/PrivacyPolicy.html">', '</a>');
-?>
-</p>
+*/
+
+ header('HTTP/1.0 301 Moved Permanently');
+ header('Location: http://www.cacert.org/policy/CertificationPracticeStatement.html');
+ exit();
diff --git a/pages/index/11.php b/pages/index/11.php
index 1b76f9c..d1ef4df 100644
--- a/pages/index/11.php
+++ b/pages/index/11.php
@@ -23,21 +23,32 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><b><?=_("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p>
<p><b><?=_("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p>
<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
-<p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="http://www.CAcert.org/help.php"><?=_("Go here for more details.")?></a></p>
+<p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?=_("Go here for more details.")?></a></p>
<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" name="form1">
+<form method="post" action="index.php" name="form1">
<input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="support" value="yes">
+<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
+ <p class="robotic" id="pot">
+ <label>If you're human leave this blank:</label>
+ <input name="robotest" type="text" id="robotest" class="robotest" />
+ </p>
<table border="0">
- <tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+ <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+ <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+ <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+ <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+
+ <tr>
+ <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+ <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ </tr>
</table>
</form>
@@ -50,31 +61,8 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
-<p><b><?=_("Sensitive Information")?></b></p>
-<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="https://www.cacert.org/index.php" name="form2">
- <input type="hidden" name="secrethash2" value="">
- <input type="hidden" name="oldid" value="<?=$id?>">
- <table border="0">
- <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
- <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
- <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
- <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
- </table>
-</form>
-
<p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
-
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<p><?=sprintf(_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on %s and mark it as private."),"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
<script type="text/javascript">
<!--
diff --git a/pages/index/12.php b/pages/index/12.php
index 4b021e0..48c737a 100644
--- a/pages/index/12.php
+++ b/pages/index/12.php
@@ -15,17 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("About CAcert.org")?></H3>
-
-<p><?=_("CAcert.org is a community driven, Certificate Authority that issues certificates to the public at large for free.")?></p>
-
-<p><? printf(_("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically with the X.509 family of standards. We have compiled a %sdocument base%s that has helpful hints and tips on setting up encryption with common software, and general information about Public Key Infrastructures (PKI)."), "<a href='http://wiki.cacert.org/'>", "</a>"); ?></p>
-
-<p><?=_("For the enthusiast looking to dip their toe in the water, we have an easy way of obtaining certificates you can use with your email program. You can use these not only to encrypt, but to prove to your friends and family that your email really does come from you.")?></p>
-
-<p><?=_("For administrators looking to protect the services they offer, we provide host and wild card certificates which you can issue almost immediately. Not only can you use these to protect websites, but also POP3, SMTP and IMAP connections, to list but a few. Unlike other certificate authorities, we don't limit the strength of the certificates, or the use of wild card certificates. Everyone should have the right to security and to protect their privacy, not just those looking to run ecommerce sites.")?></p>
-
-<p><?=_("If you're extremely serious about encryption, you can join CAcert's Assurance Programme and Web of Trust. This allows you to have your identity verified to obtain added benefits, including longer length certificates and the ability to include your name on email certificates."); ?></p>
-
-<p><?=_("CAcert Inc. is a non-profit association, incorporated in New South Wales Australia.")?></p>
-<p><?=_("More information about CAcert Incorporated:")?><a href="http://wiki.cacert.org/wiki/CAcertIncorporated">http://wiki.cacert.org/wiki/CAcertIncorporated</a></p>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/FAQ/AboutUs">', '</a>');
+?>
+</p>
diff --git a/pages/index/13.php b/pages/index/13.php
index 34cbea4..612422f 100644
--- a/pages/index/13.php
+++ b/pages/index/13.php
@@ -19,7 +19,11 @@
<h4><?=_("If I'd like to donate to CAcert Inc., how can I do it?")?></h4>
-<p><?=_("CAcert Inc. is a non-profit association which is legally able to accept donations. CAcert adheres to strict guidelines about how this money can to be used. If you'd like to make a donation, you can do so via")?>
+<p>
+<?
+printf(_("CAcert Inc. is a non-profit association which is legally able to accept donations. CAcert adheres to %sstrict guidelines%s about how this money can to be used. If you'd like to make a donation, you can do so via"),
+ '<a href="//wiki.cacert.org/FAQ/DonationsGuideline">', '</a>');
+?>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
@@ -31,10 +35,24 @@
<pre>
Account Name: CAcert Inc
-BSB: 032073
-Account No.: 180264
+SWIFT: WPACAU2S
+BSB: 032073
+Account No.: 180264
</pre>
<p><?=_("ANY amount will be appreciated - the more funding CAcert receives, the sooner it can achieve the goals of the community.")?></p>
<p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p>
+
+
+<h3><?=_("Using Our Affiliate Partners")?></h3>
+
+<h4>Booking.com</h4>
+
+<p><?=_("If you do any trips where you need accommodation why not book via booking.com?")?></p>
+
+<p><?php
+ printf(_("For any booking done over %s started from this page CAcert gets a share of the provision. You do not pay more but you will support CAcert."),
+ '<a href="//www.booking.com/index.html?aid=346253">booking.com</a>');
+ ?></p>
+
diff --git a/pages/index/16.php b/pages/index/16.php
index c2cb391..ba3b4ed 100644
--- a/pages/index/16.php
+++ b/pages/index/16.php
@@ -16,7 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.php'>","</a>")?></p>
+<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.html'>","</a>")?></p>
<p>
Class 1 <?=_("PKI Key")?><br>
diff --git a/pages/index/21.php b/pages/index/21.php
index 4d2599c..0521f67 100644
--- a/pages/index/21.php
+++ b/pages/index/21.php
@@ -15,7 +15,14 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-
+<? /*
+page called from the following pages
+ a. https://wiki.cacert.org/Price [^]
+ b. https://wiki.cacert.org/CacertMembership/DE [^]
+ c. https://wiki.cacert.org/CacertMembership [^]
+ d. https://wiki.cacert.org/CAcertInc [^]
+ e. https://wiki.cacert.org/Brain/CAcertInc [^]
+ */ ?>
<h3><?=_("For CAcert Association Members")?></h3>
<b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b>
@@ -40,6 +47,7 @@
<ul>
<li>Account Name: CAcert Inc</li>
+<li>SWIFT: WPACAU2S</li>
<li>BSB: 032073</li>
<li>Account No.: 180264</li>
</ul>
diff --git a/pages/index/3.php b/pages/index/3.php
index c2cb391..f060c8f 100644
--- a/pages/index/3.php
+++ b/pages/index/3.php
@@ -16,40 +16,47 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.php'>","</a>")?></p>
+<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.html'>","</a>")?></p>
-<p>
-Class 1 <?=_("PKI Key")?><br>
-<a href="index.php?id=17"><?=_("Click here if you want to import the root certificate into Microsoft Internet Explorer 5.x/6.x")?></a><br>
-<a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a><br>
-<a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a><br>
-<a href="certs/root.txt"><?=_("Root Certificate (Text Format)")?></a><br>
-<a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a><br>
-<?=_("Fingerprint")?> SHA1: 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33<br/>
-<?=_("Fingerprint")?> MD5: A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B<br/>
-</p>
+<h3><?=_("Windows Installer") ?></h3>
+<ul class="no_indent">
+ <li><? printf(_("%s Windows installer package %s for browsers that use the Windows certificate store %s (for example Internet Explorer, Chrome on Windows and Safari on Windows)"), '<a href="certs/CAcert_Root_Certificates.msi">', '</a>', '<br/>')?></li>
+ <li><?=_("SHA1 Hash:") ?> 2db1957db31aa0d778d1a65ea146760ee1e67611</li>
+ <li><?=_("SHA256 Hash:") ?> 88883f2e3117bae6f43922fbaef8501b94efe4143c12116244ca5d0c23bcbb16</li>
+</ul>
-<p>
-Class 3 <?=_("PKI Key")?><br>
-<a href="certs/class3.crt"><?=_("Intermediate Certificate (PEM Format)")?></a><br/>
-<a href="certs/class3.der"><?=_("Intermediate Certificate (DER Format)")?></a><br/>
-<a href="certs/class3.txt"><?=_("Intermediate Certificate (Text Format)")?></a><br/>
-<a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a><br/>
+<h3><?=_("Class 1 PKI Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a></li>
+ <li><a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a></li>
+ <li><a href="certs/root.txt"><?=_("Root Certificate (Text Format)")?></a></li>
+ <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a></li>
+ <li><?=_("SHA1 Fingerprint:")?> 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33</li>
+ <li><?=_("MD5 Fingerprint:")?> A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B</li>
+</ul>
+
+<h3><?=_("Class 3 PKI Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/class3.crt"><?=_("Intermediate Certificate (PEM Format)")?></a></li>
+ <li><a href="certs/class3.der"><?=_("Intermediate Certificate (DER Format)")?></a></li>
+ <li><a href="certs/class3.txt"><?=_("Intermediate Certificate (Text Format)")?></a></li>
+ <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a></li>
<?php /*
class3 subroot fingerprint updated: 2011-05-23 class3 Re-sign project
https://wiki.cacert.org/Roots/Class3ResignProcedure/Migration
*/ ?>
-<?=_("Fingerprint")?> SHA1: AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE<br/>
-<?=_("Fingerprint")?> MD5: F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42<br/>
-</p>
+ <li><?=_("SHA1 Fingerprint:")?> AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE</li>
+ <li><?=_("MD5 Fingerprint:")?> F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42</li>
+</ul>
-<p>
-<?=_("GPG Key")?><br>
-<a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a><br>
-</p>
+<h3><?=_("GPG Key")?></h3>
+<ul class="no_indent">
+ <li><a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a></li>
+ <li><?=_("GPG Key ID:")?> 0x65D0FD58</li>
+ <li><?=_("Fingerprint:")?> A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58</li>
+</ul>
-<p>
-<?=_("PKI finger/thumb print signed by the CAcert GPG Key")?><br>
+<h4><?=_("PKI fingerprint signed by the CAcert GPG Key")?></h4>
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
@@ -82,8 +89,8 @@ TG1yj+lkktROGGyn0hJ5SbM=
=tXoj
-----END PGP SIGNATURE-----
</pre>
-</p>
+<h3><?=_("History")?></h3>
<p>
<? printf(_('An overview over all CA certificates ever issued can be found in '.
'%sthe wiki%s.'),
diff --git a/pages/index/4.php b/pages/index/4.php
index ffbfe26..384ea56 100644
--- a/pages/index/4.php
+++ b/pages/index/4.php
@@ -25,11 +25,11 @@
?>
<? if($_SESSION['_config']['hostname'] == $_SESSION['_config']['securehostname']) { ?>
-<p><?=_("Warning! You've attempted to log into the system with a client certificate, but the login failed due to the certificate being expired, revoked, disabled for certificate login, or simply not valid for this site. You can login using your Email/Pass Phrase to get a new certificate, by clicking on 'Normal Login' to the right of your screen.")?></p>
+<p><?=sprintf(_("Warning! You've attempted to log into the system with a client certificate, but the login failed due to the certificate being expired, revoked, disabled for certificate login, or simply not valid for this site. You can login using your email/pass phrase to get a new certificate, by clicking on %sPassword Login%s on the right side of this page."),"<a href='https://".$_SESSION['_config']['normalhostname']."/index.php?id=4'>", "</a>")?></p>
<? } else { ?>
<style>
.box2 {width:100%;text-align:center;}
-.box {background:#F5F7F7;border:2px solid #cccccc;margin:0px auto;height:250px;width:300px;padding:1em;}
+.box {background:#F5F7F7;border:2px solid #cccccc;margin:0px auto;height:auto;width:300px;padding:1em;}
.smalltext {font-size:10px;}
label {width:100px;display:block;float:left;}
text {width:166px;display:block;float:left;}
@@ -45,15 +45,15 @@ h1 {font-size:1.9em;text-align:center;}
<label for="email"><?=_("Email Address")?>:</label><input type='text' name="email" value="<?=sanitizeHTML(array_key_exists("email",$_REQUEST)?$_REQUEST['email']:"")?>" <? if(array_key_exists('notauto',$_REQUEST) && $_REQUEST['noauto'] == 1) echo " autocomplete='off'"; ?>/><br />
<label for="pword"><?=_("Pass Phrase")?>:</label><input type='password' name='pword' autocomplete="off"/><br />
<input type='submit' name="process" value="<?=_("Login")?>" /><br /><br />
-<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4'><?=_("Password Login")?></a> -
-<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5'><?=_("Lost Password")?></a> -
+<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4'><?=_("Password Login")?></a> -
+<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5'><?=_("Lost Password")?></a> -
<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1'><?=_("Net Cafe Login")?></a><br />
<p class='smalltext'><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
</div>
</div>
-<? }
+<? }
if(array_key_exists("oldlocation",$_SESSION['_config']) && $_SESSION['_config']['oldlocation']!="")
{
echo "<br/><center>"._("If you want to use certificate login instead of username+password, please")." <a href='https://secure.cacert.org/".sanitizeHTML($_SESSION['_config']['oldlocation'])."'>"._("click here")."</a></center>";
diff --git a/pages/index/6.php b/pages/index/6.php
index 8eefa44..fe57d81 100644
--- a/pages/index/6.php
+++ b/pages/index/6.php
@@ -16,9 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
-<b><?=_("In light of the number of people having issues with making up a password we have the following suggestions:")?></b><br><br>
-<?=_("To get a password that will work, we suggest the following example")?>: Fr3d Sm|7h<br><br>
-<?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?>
+<?=_("A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?>
</p>
<form method="post" action="index.php" autocomplete="off">
diff --git a/pages/index/8.php b/pages/index/8.php
index e45090d..4d515a6 100644
--- a/pages/index/8.php
+++ b/pages/index/8.php
@@ -15,16 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><b><? printf(_("The current %s board, and roles."), "CAcert Inc."); ?></b></p>
-<p>
-Lambert Hofstra - <?=_("President")?><br/>
-Peter Yuill - <?=_("Vice President")?><br/>
-Alexander Prinsier - <?=_("Treasurer")?><br/>
-Mario Lipinski - <?=_("Secretary")?><br/>
-Piers Lauder - <?=_("member")?><br/>
-Ian Grigg - <?=_("member")?><br/>
-Dirk Astrath - <?=_("member")?><br/>
+<p style="background-color: #FF8080; font-size: 150%">
+<?
+printf(_("This page has been moved to the %swiki%s. Please update your ".
+ "bookmarks and report any broken links."),
+ '<a href="//wiki.cacert.org/Board">', '</a>');
+?>
</p>
-Kevin Dawson - <?=_("Public Officer")?><br />
-<br />
-More detailed informations can be found in the CAcert wiki under <a href="//wiki.cacert.org/Board"><?=_("CAcert Board")?></a>
diff --git a/pages/wot/10.php b/pages/wot/10.php
index 51ed019..bc76a86 100644
--- a/pages/wot/10.php
+++ b/pages/wot/10.php
@@ -16,6 +16,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
+ $thawte = false;
+
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
@@ -43,6 +45,11 @@
<td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($rc), intval($rank))?></td>
</tr>
</table>
+<center>
+<br>
+<?=sprintf(_("The calculation of points will be changed in the near future. Please check the %s new calculation %s"), "<a href='/wot.php?id=15'>", "</a>")?>
+<br>
+</center>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
@@ -71,13 +78,27 @@
<td class="DataTD"><?=$row['location']?></td>
<td class="DataTD"><?=_(sprintf("%s", $row['method']))?></td>
</tr>
-<? } ?>
+<?
+ $thawte = ($row['method'] == "Thawte Points Transfer") || $thawte;
+} ?>
<tr>
<td class="DataTD" colspan="3"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=intval($_SESSION['profile']['points'])?></td>
<td class="DataTD" colspan="2">&nbsp;</td>
</tr>
</table>
+<?
+if ($thawte)
+{
+?>
+<br>
+<center>
+<strong style='color: red'>
+<?=_("Your Thawte-Points will be revoked in the near future. Please check new calculation!");?>
+<br>
+</strong>
+</center>
+<?}?>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
diff --git a/pages/wot/11.php b/pages/wot/11.php
deleted file mode 100644
index e25a862..0000000
--- a/pages/wot/11.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['admin'] == 1) { ?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="2" class="title"><?=_("Organisational Assurance")?></td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Organisation Title")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Contact Email")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Town/Suburb")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("State/Province")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Country")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Comments")?>:</b></td>
- <td class="DataTD">&nbsp;</td>
- </tr>
-</table>
-<? } else { ?>
-<p><?=_("This page is a work in Progress. Please see this")?>
-<a href="http://wiki.cacert.org/wiki/OrganisationEntities"><?=_("article on the Wiki")?></a>
-<?=_("for more information about Organizational Support.")?></a></p>
-<? } ?>
diff --git a/pages/wot/14.php b/pages/wot/14.php
deleted file mode 100644
index 21c5873..0000000
--- a/pages/wot/14.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-
-<p>This is a demo page, which isn't fully functional yet.</p>
-
-<p><?=sprintf(_("If you have a %sSignaturecard%s (also called 'Buergerkarte'), you can digitally sign your assurance request here, and get 50 CAcert points:"),"<a href='http://www.buergerkarte.at/'>","</a>")?><br /></p>
-
-<p><?=sprintf(_("To get assured with your Signaturecard, you need the Software from <a href='http://www.buergerkarte.at/bku/'>http://www.buergerkarte.at/bku/</a>. To activate your E-Card, please go to <a href='https://www.sozialversicherung.at/signon2-Registrierung/'>https://www.sozialversicherung.at/signon2-Registrierung/</a>."))?></p>
-
-
-<pre><?=sanitizeHTML($_REQUEST['XMLResponse'])?></pre>
-
-<h1>1. Step: Assurance form</h1>
-
-<form name="form" method="post" action="http://localhost:3495/http-security-layer-request"/>
- <input type="submit" name="Weiter" value="Start Assurance">
- <input type="hidden" name="XMLRequest" value="&lt;CreateXMLSignatureRequest xmlns='http://www.buergerkarte.at/namespaces/securitylayer/20020831#' xmlns:dsig='http://www.w3.org/2000/09/xmldsig#' xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'>&lt;KeyboxIdentifier>CertifiedKeypair&lt;/KeyboxIdentifier>&lt;DataObjectInfo Structure='enveloping'>&lt;sl10:DataObject>&lt;sl10:XMLContent>Mit dieser Signatur beantragen Sie die Assurance ihres CAcert Accounts '<?=$_SESSION['profile']['email']?>' mit ihrer Buergerkarte.&lt;/sl10:XMLContent>&lt;/sl10:DataObject>&lt;sl10:TransformsInfo>&lt;sl10:FinalDataMetaInfo>&lt;sl10:MimeType>text/plain&lt;/sl10:MimeType>&lt;/sl10:FinalDataMetaInfo>&lt;/sl10:TransformsInfo>&lt;/DataObjectInfo>&lt;/CreateXMLSignatureRequest>"/>
- <input type="hidden" name="actualtest_" value="4"/>
- <input type="hidden" name="DataURL" value="https://www.cacert.org/tverify/seclayer.php?id=14&amp;user=<?=$_SESSION['profile']['email']?>"/>
- <input type="hidden" name="TestResult_" value="&lt;strong&gt;TestResult&lt;/strong&gt;"/>
-</form>
-
-<h1>2. Step: Person binding (Birthday)</h1>
-
-<form name="form" method="post" action="http://localhost:3495/http-security-layer-request"/>
- <input type="submit" name="Weiter" value="Read birthday from Card">
- <input type="hidden" name="XMLRequest" value="&lt;InfoboxReadRequest xmlns=&quot;http://www.buergerkarte.at/namespaces/securitylayer/20020225#&quot;&gt;&lt;InfoboxIdentifier&gt;IdentityLink&lt;/InfoboxIdentifier&gt;&lt;BinaryFileParameters ContentIsXMLEntity=&quot;true&quot;/&gt;&lt;/InfoboxReadRequest&gt;"/>
- <input type="hidden" name="actualtest_" value="4"/>
- <input type="hidden" name="DataURL" value="https://www.cacert.org/tverify/seclayer.php?id=14&amp;user=<?=$_SESSION['profile']['email']?>"/>
- <input type="hidden" name="TestResult_" value="&lt;strong&gt;TestResult&lt;/strong&gt;"/>
-</form>
-
diff --git a/pages/wot/15.php b/pages/wot/15.php
new file mode 100644
index 0000000..8579588
--- /dev/null
+++ b/pages/wot/15.php
@@ -0,0 +1,29 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+
+ $userid = intval($_SESSION['profile']['id']);
+
+ output_ranking($userid);
+ output_summary($userid);
+ output_given_assurances($userid);
+ output_received_assurances($userid);
+
+ output_end_of_page();
+?>
diff --git a/pages/wot/2.php b/pages/wot/2.php
index a75bc57..eda77bb 100644
--- a/pages/wot/2.php
+++ b/pages/wot/2.php
@@ -15,22 +15,19 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<span style="background-color: #FF8080; font-size: 150%">
-Note that the <strong>TTP</strong> programme is effectively <strong>Frozen</strong><br>
-Until a subsidiary policy under AP is written, it is against AP rules.<br>
-</span>
-&nbsp;<br>
-<h3><?=_("To become an Assurer")?></h3>
-<p><?=_("There are several ways to become a CAcert Assurer, the most common of which is face to face meetings with existing assurers, who check your ID documents (you need to show 2 government issued photo ID where possible otherwise you won't be allocated as many points!).")?></p>
+<h3><?=_('To become an Assurer')?></h3>
-<p><?=_("You can also become a CAcert Assurer by seeking out a public notary, justice of the peace, accountant, lawyer or bank manager. You will need to download and print out a copy of the TTP.pdf and fill in your sections. You will need to produce a photo copy of your ID, which the person assuring you will inspect against the originals. Once they are satisfied the documents appear to be genuine they need to sign the back of the photo copies, and fill in their sections of the TTP document. Once you have had your ID verified by 2 different people, pop the copies + forms in an envelope and post them to:")?></p>
+<p><?=_('To become a CAcert Assurer you need to fulfill the following requirements:')?></p>
+<ol>
+ <li><?=_('You have to reach 100 Assurance points')?></li>
+ <li><?=_('You have to pass the CATS test')?></li>
+</ol>
-<p>CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<p><?=_('To reach 100 Assurance Points you have to meet with assurers who assure you under the CAcert Assurance Programme according to Assurance Policy. During the face to face meeting you need to show at least one governmental issued photo ID.')?></p>
+
+<p><?=sprintf(_('The 2nd requirement in becoming assurer is to pass the CAcert Assurer Challenge, which can be started at %s. For more information explore the wiki regarding the %s.'),'<a href="https://cats.cacert.org">https://cats.cacert.org</a>','<a href="//wiki.cacert.org/AssurerChallenge">Assurer Challenge</a>')?><p>
+
+<p><?=sprintf(_('In case you cannot meet an Assurer (eg there are not many assurer in your area) you can be assured under the alternate %sTTP-assisted-assurance programme%s. Read the pages %s for the basic way how the TTP-assisted-assurance programme works for you and %s whether the TTP programme affects the country where you are located.'),'<a href="/wot.php?id=4">', '</a>','<a href="//wiki.cacert.org/TTP/TTPuser">TTPuser</a>','<a href="//wiki.cacert.org/TTP/TTPAL">TTPAL</a>')?> </p>
-<p><?=_("Upon receiving your documents you will be notified, and points will be added to your account.")?></p>
-<p><?=_("Once you have received at least 100 Assurance Points you will have to pass a test called Assurer Challenge, which can be started at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>!'?></p>
diff --git a/pages/wot/4.php b/pages/wot/4.php
index 0da72da..befdfe4 100644
--- a/pages/wot/4.php
+++ b/pages/wot/4.php
@@ -14,19 +14,69 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<span style="background-color: #FF8080; font-size: 150%">
-Note that the <strong>TTP</strong> programme is effectively <strong>Frozen</strong><br>
-Until a subsidiary policy under AP is written, it is against AP rules.<br>
-</span>
-&nbsp;<br>
+*/
+require_once(dirname(__FILE__).'/../../includes/wot.inc.php');
+?>
+
<h3><?=_("Trusted Third Parties")?></h3>
-<p><?=_("A trusted 3rd party is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on. Other people are allowed to be authoritative in this area as well, such as bank managers, accountants and lawyers.")?></p>
+<p><?=_("The Trusted Third Party (TTP) programme is intended to be used in areas without many CAcert Assurers.")?></p>
+
+<p><?=_("A Trusted Third Party (TTP) is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on.")?></p>
+
+<p><?=_("With the TTP programme you can potentially gain assurance up to a maximum of 100 assurance points.")?></p>
+
+<p><?=_("Currently CAcert has only developed the TTP programme to the level that you can gain 70 assurance points by TTP assurances.") ?></p>
+
+<p><?=_("We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points.")?> </p>
+
+<p><?=_("In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but also remember that assurers may occasionally visit your country or area.")?></p>
-<p><?=_("You can become a CAcert Assurer by seeking out trusted 3rd parties. You will also need to download and print out a copy of the TTP Form (found under 'CAP/TTP Forms') and fill in your sections. You will need to produce a photo copy of your ID, which the person assuring you will inspect against the originals. Once they are satisfied the documents appear to be genuine they need to sign the back of the photo copies, and fill in their sections of the TTP document. Once you have had your ID verified by 2 different people, pop the copies + forms in an envelope and post them to:")?></p>
+<p><?=sprintf(_("If you are interested in the TTP programme, read the pages %s for the basic way how the TTP programme works for you, and %s whether the TTP programme affects the country where you are located."),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?> </p>
-<p>CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<?
+// test for points <100
+if ($_SESSION['profile']['points']<100){
+ // test for TTP assurances
+ if (get_number_of_ttpassurances(intval($_SESSION['profile']['id']))<2){?>
+ <p><?=_("If you want to ask for TTP assurances fill out the missing data and send the request to support@cacert.org to start the process. CAcert will then inform you about the next steps.")?></p>
+ <form method="post" action="wot.php">
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td class="DataTD"><?=_("Country where you want to visit the TTP")?></td>
+ <td class="DataTD"><select size="1" name="country">
+ <option>Australia</option>
+ <option>Puerto Rico</option>
+ <option>USA</option>
+ </select></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("I want to take part in the TTP Topup programme")?></td>
+ <td class="DataTD"><input type="checkbox" name="ttptopup" value="1"></td>
+ </tr>
+ <tr>
+ <td colspan="2" >
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="submit" name="ttp" value="<?=_("I need a TTP assurance")?>">
+ </td>
+ </tr>
+ </table>
+ </form>
+<? //"
+ } else {
+ /* As soon as the TPP TOPUP Programme is established this routine should be used
+ <p><?=_("As you have already got 2 TTP assurances you can only take part in the TTP TOPUP programme. If you want to ask for the TTP TOPUP programme use the submit button to send the request to support@cacert.org to start the process. CAcert will then inform you about the next steps.")?></p>
+ <form method="post" action="wot.php">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="submit" name="ttptopup" value="<?=_("I need a TTP TOPUP")?>">
+ </form>
+*/
+?>
+ <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p>
+<?
+ }
+} else {
+?>
+ <p><?=_("You reached the maximum points that can be granted by the TTP programme and therefore you cannot take part in the TTP programme any more.")?></p>
+<?
+}
diff --git a/pages/wot/5.php b/pages/wot/5.php
index 6c53d00..c1a6438 100644
--- a/pages/wot/5.php
+++ b/pages/wot/5.php
@@ -16,20 +16,15 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
include_once("../includes/shutdown.php");
+ require_once("../includes/lib/l10n.php");
?>
<?
if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "")
{
- if(array_key_exists('reminderset',$_SESSION['_config']) && $_SESSION['_config']['remindersent'] == 1)
- {
- ?><font color="orange" size="+1"><?
- }
- else
- {
- ?><font color="orange" size="+1"><?=_("ERROR")?>: <?
- }
- echo $_SESSION['_config']['error']."</font>";
- unset($_SESSION['_config']['error']);
+ ?><font color="orange" size="+1">
+ <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?>
+ </font>
+ <?unset($_SESSION['_config']['error']);
}
?>
<? if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { ?>
@@ -38,8 +33,8 @@
<select name="reminder-lang">
<?
if($_SESSION['_config']['reminder-lang'] == "")
- $_SESSION['_config']['reminder-lang'] = $_SESSION['profile']['language'];
- foreach($_SESSION['_config']['translations'] as $key => $val)
+ $_SESSION['_config']['reminder-lang'] = L10n::get_translation();
+ foreach(L10n::$translations as $key => $val)
{
echo "<option value='$key'";
if($key == $_SESSION['_config']['reminder-lang'])
diff --git a/pages/wot/6.php b/pages/wot/6.php
index bc37aa2..b75f6fa 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -16,6 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
+
if(!array_key_exists('notarise',$_SESSION['_config']))
{
echo "Error: No user data found.";
@@ -24,147 +25,35 @@
$row = $_SESSION['_config']['notarise'];
- if(!array_key_exists('pointsalready',$_SESSION['_config'])) $_SESSION['_config']['pointsalready']=0;
-
-
- if($_SESSION['profile']['ttpadmin'] == 1 && $_SESSION['profile']['board'] == 1)
- {
- $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "Thawte Points Transfer", "Administrative Increase", "CT Magazine - Germany");
- } else if($_SESSION['profile']['ttpadmin'] == 1) {
+ if($_SESSION['profile']['ttpadmin'] == 1)
+// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP");
+// else
$methods = array("Face to Face Meeting", "Trusted 3rd Parties");
- }
-
- $cap = "/cap.php?";
- $name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
- $_SESSION['_config']['wothash'] = md5($name."-".$row['dob']);
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "name=".urlencode($name);
- $cap .= "&amp;dob=".urlencode($row['dob']);
- $cap .= "&amp;email=".urlencode($row['email']);
- $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "&amp;assurer=".urlencode($name);
- $cap .= "&amp;date=now";
- $cap .= "&amp;maxpoints=".maxpoints();
-
- $maxpoints = maxpoints();
- if($maxpoints > 100)
- $maxpoints = 100;
-
- if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
-<form method="post" action="wot.php">
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
- <tr>
- <td colspan="2" class="title"><?=_("Assurance Confirmation")?></td>
- </tr>
-<? if(array_key_exists('alreadydone',$_SESSION['_config']) && $_SESSION['_config']['alreadydone'] == 1) { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
- </tr>
-<?
- } if(100 - $_SESSION['_config']['pointsalready'] - $maxpoints < 0) {
- ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
- </tr>
-<? }
-
- $query = "select `verified` from `users` where `id`='".$row['id']."'";
- $res = mysql_query($query);
- $drow = mysql_fetch_assoc($res);
- //if($_SESSION['_config']['verified'] <= 0)
- if($drow['verified']<=0)
- { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("You are about to assure a person that isn't currently verified. If you continue and they do not verify their account within 48 hours the account could automatically be removed by the system.")?></b></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD" colspan="2" align="left"><? printf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $row['fname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Name")?>:</td>
- <td class="DataTD"><?=$row['fname']?> <?=$row['mname']?> <?=$row['lname']?> <?=$row['suffix']?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date of Birth")?>:</td>
- <td class="DataTD"><?=$row['dob']?> (<?=_("YYYY-MM-DD")?>)</td>
- </tr>
-<? if($_SESSION['profile']['ttpadmin'] == 1) { ?>
- <tr>
- <td class="DataTD"><?=_("Method")?>:</td>
- <td class="DataTD"><select name="method">
-<? foreach($methods as $val) { ?>
- <option value="<?=$val?>"<? if(array_key_exists('method',$_POST) && $val == $_POST['method']) echo " selected"; ?>><?=$val?></option>
-<? } ?>
- </select>
- </td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Only tick the next box if the Assurance was face to face.")?></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="certify" value="1"<? if(array_key_exists('certify',$_POST) && $_POST['certify'] == 1) echo " checked"; ?>></td>
- <td class="DataTD"><? printf(_("I certify that %s %s %s has appeared in person"), $row['fname'], $row['mname'], $row['lname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><input type="text" name="location" value="<?=array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:""?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date")?>:</td>
- <td class="DataTD"><input type="text" name="date" value="<?=array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:""?>"><br><?=_("Only fill this in if you assured the person on a different day")?></td>
- </tr>
-<? if($_SESSION['profile']['board'] == 1 && $_SESSION['_config']['pointsalready'] <= 150) { ?>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Issuing a temporary increase will automatically boost their points to 200 points for a nomindated amount of days, after which the person will be reduced to 150 points regardless of the amount of points they had previously. Regardless of method chosen above it will be recorded in the system as an Administrative Increase and there is a maximum amount of 45 days that points can be issued for.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Temporary Increase")?>:</nobr><br><nobr><?=_("Number of days")?></nobr></td>
- <td class="DataTD"><input type="text" name="expire" value="<?=intval(array_key_exists('expire',$_POST)?$_POST['expire']:0)?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Sponsoring Member")?>:</td>
- <td class="DataTD"><select name="sponsor">
-<?
- $query = "select * from `users` where `board`='1' and `id`!='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
+ else
+ $methods = array("Face to Face Meeting");
+
+ $fname = $row['fname'];
+ $mname = $row['mname'];
+ $lname = $row['lname'];
+ $suffix = $row['suffix'];
+ $dob = $row['dob'];
+ $name = $fname." ".$mname." ".$lname." ".$suffix;
+ $_SESSION['_config']['wothash'] = md5($name."-".$dob);
+
+ include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+
+ AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
+ AssureTextLine(_("Name"),$name);
+ AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
+ AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+ AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
+ AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
+ AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+ AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
+ AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+ AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.html\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+ AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+ AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.html\">CAcert Community Agreement</a>"),$fname));
+ AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.html\">CAcert Community Agreement</a>"));
+ AssureFoot($id,_("I confirm this Assurance"));
?>
- <option value="<?=$row['id']?>"<? if(array_key_exists('sponsor',$_POST) && $row['id'] == $_POST['sponsor']) echo " selected='selected'"; ?>><?=$row['fname']." ".$row['lname']?></option>
-<? } ?>
- </select>
- </td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="assertion" value="1"<? if(array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><input type="checkbox" name="rules" value="1"<? if(array_key_exists('rules',$_POST) && $_POST['rules'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Policy")?>:</td>
- <td class="DataTD"><a href="/policy/AssurancePolicy.php" target="_NEW"><?=_("Assurance Policy")?></a> - <a href="http://wiki.cacert.org/AssuranceHandbook2" target="_NEW"><?=_("Assurance Handbook")?></a></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Points")?>:<br><nobr>(Max <?=maxpoints()?>)</nobr></td>
- <td class="DataTD"><input type="text" name="points" value=""></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("WoT Form")?>:</td>
- <td class="DataTD"><a href="<?=$cap?>" target="_NEW">A4 - <?=_("WoT Form")?></a> <a href="<?=$cap?>&amp;format=letter" target="_NEW">US - <?=_("WoT Form")?></a></td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I confirm this Assurance")?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
- </tr>
-</table>
-<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
diff --git a/pages/wot/9.php b/pages/wot/9.php
index b974c5d..bfa7a98 100644
--- a/pages/wot/9.php
+++ b/pages/wot/9.php
@@ -14,8 +14,11 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
+*/
+
+ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
+
+
$res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."' and `listme`='1'");
if(mysql_num_rows($res) <= 0)
{
@@ -47,7 +50,7 @@
<? if($userlang != "") { ?>
<tr>
<td class="DataTD"><?=_("Language")?>:</td>
- <td class="DataTD" align="left"><? printf(_("%s prefers to be contacted in %s"), $user['fname'], $_SESSION['_config']['translations'][$userlang]) ?></td>
+ <td class="DataTD" align="left"><? printf(_("%s prefers to be contacted in %s"), $user['fname'], L10n::$translations[$userlang]) ?></td>
</tr>
<? } ?>
<?
diff --git a/password.dat.sample b/password.dat.sample
deleted file mode 100755
index f9bbb55..0000000
--- a/password.dat.sample
+++ /dev/null
@@ -1,2 +0,0 @@
-$translingo_password = 'ThePassword';
-$translingo_account = 'TheAccount';
diff --git a/scripts/37de-blit2011-email.txt b/scripts/37de-blit2011-email.txt
new file mode 100644
index 0000000..365bd5b
--- /dev/null
+++ b/scripts/37de-blit2011-email.txt
@@ -0,0 +1,18 @@
+8. Brandenburger Linux-Infotag 2011 -- Helfer Gesucht
+:::::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Hallo CAcerties,
+
+am Samstag, dem 5. November 2011 moechte sich CAcert mit einem Stand auf dem 8. Brandenburger Linux-Infotag 2011 (Motto: "Freie Gedanken - Freie Systeme") praesentieren. Hierzu wurde nun im Wiki eine Organisationsseite eingerichtet, auf der Ihr Euch als Helfer eintragen koennt
+ http://wiki.cacert.org/events/BLIT2011
+Sofern Ihr aus Berlin, Potsdam sowie Umgebung oder von woanders kommt und Zeit wie auch Lust habt, dann tragt Euch bitte, gerne auch nur fuer einen
+bestimmten Zeitraum, ein. Wer in den vergangenen Jahren dabei war, weiss vieviel Spass es allen gemacht hat!
+
+Auf der Veranstaltung sind Professoren, wissenschaftliche Mitarbeiter und in jedem Fall viele Studenten zu erwarten. Es waere daher super, wenn wir dort moeglichst viele von CAcert ueberzeugen koennen, um dort eine neue Keimzelle entstehen lassen zu koennen. Daher benoetigen wir mindestens drei Assurer, um 100 Punkte vergeben zu koennen.
+
+Wir freuen uns auf Eure Mithilfe.
+
+
+Wiki Organisationsseite: [http://wiki.cacert.org/events/BLIT2011]
+
+Kontakt: events@cacert.org
diff --git a/scripts/37de-blit2011-mail.php.txt b/scripts/37de-blit2011-mail.php.txt
new file mode 100644
index 0000000..e0ecead
--- /dev/null
+++ b/scripts/37de-blit2011-mail.php.txt
@@ -0,0 +1,106 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("37de-blit2011-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+
+// BLIT2011
+ $locid = 1486658; // Potsdam
+ $eventname = "8. Brandenburger Linux-Infotag 2011 - Potsdam";
+ $city = "5. Nov 2011";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/38us-fudcon2012-email.txt b/scripts/38us-fudcon2012-email.txt
new file mode 100644
index 0000000..afb3387
--- /dev/null
+++ b/scripts/38us-fudcon2012-email.txt
@@ -0,0 +1,17 @@
+Hi,
+
+I'm a Fedora developer and sysadmin (and a CAcert Assurer), and am going to be attending the Fedora Users and Developers Conference which will be held at Virginia Tech from January 13 - 15, 2012.
+
+We have a GPG/PGP keysigning party planned, and I'm interested in getting some people together to offer CAcert assurances. This is especially important since CAcert will be removing all points formerly obtained by Thawte Point Transfer very soon.
+
+Would you be interested in helping with a CAcert assurance event at FUDCon? I'm not sure of the date yet, but it would be somewhere between the 13th and 15th.
+
+Please contact me at either nb@fedoraproject.org or nb@cacert.org if you might be interested in helping with this.
+
+Nick
+
+Further infos:
+ * [https://wiki.cacert.org/Events/FUDConBlacksburg] CAcert organizing wiki page
+ * [http://fedoraproject.org/wiki/FUDCon:Blacksburg_2012] has more information about FUDCon.
+
+Contact: events@cacert.org
diff --git a/scripts/38us-fudcon2012-mail.php.txt b/scripts/38us-fudcon2012-mail.php.txt
new file mode 100644
index 0000000..d90f5a2
--- /dev/null
+++ b/scripts/38us-fudcon2012-mail.php.txt
@@ -0,0 +1,107 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("38us-fudcon2012-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 250;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+
+// FUDcon 2012
+ $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+ $eventname = "FUDCon 2012";
+ $city = "Blacksburg, VA";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/39uk-ate-manchester-email.txt b/scripts/39uk-ate-manchester-email.txt
new file mode 100644
index 0000000..6c709bf
--- /dev/null
+++ b/scripts/39uk-ate-manchester-email.txt
@@ -0,0 +1,40 @@
+CAcert Assurer Training Event -- Crewe/Manchester, UK
+:::::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Dear Member of the CAcert Community,
+
+Much has happened during recent years. The old way of orally-transmitted procedures has now gone, and our rules have been cast into formal policies. New procedures (e.g. the Assurer Challenge) and obligations (e.g. in the CAcert Community Agreement) have been approved.
+
+The Assurer Training Events bring all this to you, the Assurer, and the Community:
+
+- What is the difference in Thawte notary and CAcert Assurance?
+- What do you have to add onto the CAP form if you assure minors?
+- What are the 2 essential CCA points you have to present an Assuree?
+- Who can access the Member's privacy information?
+
+Answers to these and many other questions typically faced by Assurers are given at the Assurer Training Events (ATEs). Bring your ID for assurances. Especially note that Tverify/Thawte people need to boost up their Assurance Points.
+
+ATE-Manchester takes place at:
+* Saturday, January 14th, 2012
+* The Venue
+* Belong Village
+* Brookhouse Drive
+* Crewe
+* Cheshire CW2 6NA
+* 11:30am - 3pm
+
+The venue is near to and easily accessible from the train station (Crewe is a major rail junction within 3-4 hours of most of the major cities!)
+
+For Registration please reply: 'I will attend ATE-Manchester'
+
+Don't forget your ID!
+
+We are looking forward to hearing from you.
+
+
+- Best regards from the Event Team!
+
+
+PS: Contact: events@cacert.org
+Location, Transportation and other event details at
+[https://wiki.cacert.org/Events/20120114ATE-Manchester]
diff --git a/scripts/39uk-ate-manchester-mail.php.txt b/scripts/39uk-ate-manchester-mail.php.txt
new file mode 100644
index 0000000..5c5d0d9
--- /dev/null
+++ b/scripts/39uk-ate-manchester-mail.php.txt
@@ -0,0 +1,108 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("39uk-ate-manchester-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 350;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+
+// ATE Manchester 2012
+ $locid = 1161640; // Manchester, Manchester, United Kingdom
+ $eventname = "ATE-Manchester";
+ $city = "Manchester/Crewe UK";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/40de-ate-hamburg-email.txt b/scripts/40de-ate-hamburg-email.txt
new file mode 100644
index 0000000..ddf7c0f
--- /dev/null
+++ b/scripts/40de-ate-hamburg-email.txt
@@ -0,0 +1,66 @@
+CAcert Assurer Training Event Hamburg [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Was sind die 2 wesentlichen Punkte der CCA die du einem Assuree vermitteln koennen sollst ?
+- Unter welchen Umstaenden koennen z.Bsp. niederlaendische Rufnamen akzeptiert werden?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 14. Februar 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Hamburg'
+
+Kontakt: events@cacert.org
+
+
+CAcert Assurer Training Event Hamburg [English]
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Much has happened during the past 3 years. The old way of
+orally-transmitted procedures has now gone, and our rules have been cast
+into formal policies. New procedures (e.g. the Assurer Challenge) and
+obligations (e.g. in the CAcert Community Agreement) have been approved.
+The Assurer Training Events bring all this to you, the Community:
+
+- What you have to add onto the CAP form if you assure U18 people ?
+- What are the 2 essential topics regarding CCA you have to present an Assuree ?
+- When you can accept i.e. a Dutch "roepnaam" ?
+
+Answers to these and many other questions are given at the Assurer
+Training Events (ATEs).
+
+ATE-Hamburg takes place on:
+Tuesday, Feb 14, 2012, 19:00 - 22:00
+
+Attraktor e.V.
+Mexikoring 21
+22297 Hamburg
+
+The Event-Team is looking forward to hearing from you.
+
+Details on Location and Transportation you will find under
+Wiki [https://wiki.cacert.org/events/20120214-ATE-Hamburg-3]
+Blog [http://blog.cacert.org/2012/02/547.html]
+
+Registration for ATE-Hamburg: please reply
+'I will attend: ATE-Hamburg'
+
+Contact: events@cacert.org
diff --git a/scripts/40de-ate-hamburg-mail.php.txt b/scripts/40de-ate-hamburg-mail.php.txt
new file mode 100644
index 0000000..54ec1b8
--- /dev/null
+++ b/scripts/40de-ate-hamburg-mail.php.txt
@@ -0,0 +1,112 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("40de-ate-hamburg-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+
+// ATE Manchester 2012
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+// $eventname = "ATE-Manchester";
+// $city = "Manchester/Crewe UK";
+
+// ATE Hamburg, DE, Feb 14 2012
+ $locid = 715191; // Hamburg
+ $eventname = "ATE-Hamburg";
+ $city = "Feb 14, 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/41de-ate-jena-email.txt b/scripts/41de-ate-jena-email.txt
new file mode 100644
index 0000000..f70dc85
--- /dev/null
+++ b/scripts/41de-ate-jena-email.txt
@@ -0,0 +1,33 @@
+CAcert Assurer Training Event Jena [Deutsch]
+::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Donnerstag den 29. Maerz 2012, 19:00 - 22:00
+
+Adresse: Am Johannisfriedhof 2, Jena
+Gebaeude: Universitaetsrechenzentrum der Friedrich-Schiller-Universitaet Jena
+OSM: [http://osm.org/go/0MAe9XhNp-]
+Webseite: [http://www.uni-jena.de/URZ.html]
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-03-29ATE-Jena]
+Blog [http://blog.cacert.org/2012/03/550.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Jena'
+
+Kontakt: events@cacert.org
diff --git a/scripts/41de-ate-jena-mail.php.txt b/scripts/41de-ate-jena-mail.php.txt
new file mode 100644
index 0000000..5691f63
--- /dev/null
+++ b/scripts/41de-ate-jena-mail.php.txt
@@ -0,0 +1,109 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("41de-ate-jena-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012
+ $locid = 803095; // Jena, Thueringen, Germany
+ $eventname = "ATE-Jena";
+ $city = "Mar 29, 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/42de-ate-leipzig-email.txt b/scripts/42de-ate-leipzig-email.txt
new file mode 100644
index 0000000..ea08a75
--- /dev/null
+++ b/scripts/42de-ate-leipzig-email.txt
@@ -0,0 +1,39 @@
+CAcert Assurer Training Event Leipzig
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unter’s Volk zu bringen:
+
+- Was hast du auf dem CAP Formular hinzuzufuegen, wenn du Minderjaehrige ueberpruefst ?
+- Warum solltest du dir R/L/O einpraegen ?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst ?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+Dienstag den 10. April 2012, 19:00 - 22:00
+(Dienstag nach Ostern)
+
+Adresse:
+ Universtität Leipzig / Institut für Informatik
+ Johannisgasse 26 / Raum 1-40
+ 04103 Leipzig
+Webseite:
+ [http://www.informatik.uni-leipzig.de/ifi/]
+Lageplan:
+ [http://www.fmi.uni-leipzig.de/cms/service/lageplan.html]
+
+
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2012-04-10ATE-Leipzig]
+Blog [http://blog.cacert.org/2012/03/555.html]
+
+
+
+Unverbindliche Anmeldung und Registrierung:
+Rueckantwort mit 'Ich moechte teilnehmen: ATE-Leipzig'
+
+Kontakt: events@cacert.org
diff --git a/scripts/42de-ate-leipzig-mail.php.txt b/scripts/42de-ate-leipzig-mail.php.txt
new file mode 100644
index 0000000..d0c02b7
--- /dev/null
+++ b/scripts/42de-ate-leipzig-mail.php.txt
@@ -0,0 +1,114 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("42de-ate-leipzig-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km] - changed to 350 to include glasgow + london
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, US
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, US
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 2102723; // Washington (District of Columbia, ..., US
+// $locid = 2177566; // New York (Bronx), New York, United States
+// $locid = 1486658; // Potsdam BLIT2011
+// $locid = 2237836; // Blacksburg (Montgomery), Virginia, United States
+// $locid = 1161640; // Manchester, Manchester, United Kingdom
+
+// ATE Jena, DE, Mar 29 2012
+// $locid = 803095; // Jena, Thueringen, Germany
+// $eventname = "ATE-Jena";
+// $city = "Mar 29, 2012";
+
+// ATE Leipzig, DE, Apr 10 2012
+ $locid = 1067965; // Leipzig, Sachsen, Germany
+ $eventname = "ATE-Leipzig";
+ $city = "Apr 10, 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/43de-ate-karlsruhe-email.txt b/scripts/43de-ate-karlsruhe-email.txt
new file mode 100644
index 0000000..26af21c
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-email.txt
@@ -0,0 +1,103 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 15. Mai 2012
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Raum: New York
+- im FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Karlsruhe teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+[French]
+
+Bon nombre de changements ont eu lieu au cours de la derniere annee au sein de CAcert. Beaucoup de regles "orales" ont ete transformees en reglements ("Policies"). De nouvelles procedures (par exemple le Challenge Assureur) et devoirs (par exemple le CAcert Community Agreement) ont ete activees. Les Assurer Training Events essaient de propager ces informations :
+
+- Que manque-t-il sur les "anciens" formulaires CAP ?
+- Pourquoi dois-je me souvenir de R/L/O ?
+- Que faire si une personne vous montre un document d'identite qui vous est inconnu ?
+
+Durant les Assurer Training Events (ATEs) vous recevrez les reponses a ces questions et a plein d'autres.
+
+De plus, les ATE vous permettent de vous entrainer a verifier les identites. Ceci sera audite afin de mesurer la qualite des assurances effectuees dans la routine quotidienne. On essaiera de vous induire en erreur. Vous aurez ainsi la possibilite de voir les problemes et d'apprendre a dejouer les pieges.
+
+Comme IanG l'a dit : il est fortement recommande aux assureurs de participer aux ATE. Le programmme contient des parties qui entrent directement en ligne de compte pour le succes de notre audit. Venez et decouvrez comment contribuer.
+
+Le prochain ATE qui aura lieu pres de chez vous sera :
+- Mardi le 15 mai 2012
+- de 19:00 a environ 22:00
+- Chambre: New York
+- dans le FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+NB : les exposes auront lieu en Allemand
+
+Plus de renseignements sur le lieu :
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+Pour participer, repondez a ce courriel : 'Je viendrais au ATE-Karlsruhe'
+
+Le comite d'organisation se rejouit de votre venue.
+
+Contact: events@cacert.org
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Tuesday 15th Mai 2012
+- during 19:00 - ca. 22:00
+- Room: New York
+- in the FZI Forschungszentrum Informatik
+- Haid-und-Neu-Str. 10-14
+- 76131 Karlsruhe
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2012-05-15ATE-Karlsruhe]
+Blog [http://blog.cacert.org/2012/04/559.html]
+
+User reply for registration: 'I will attend the ATE-Karlsruhe'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/43de-ate-karlsruhe-mail.php.txt b/scripts/43de-ate-karlsruhe-mail.php.txt
new file mode 100644
index 0000000..afea2f2
--- /dev/null
+++ b/scripts/43de-ate-karlsruhe-mail.php.txt
@@ -0,0 +1,155 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("43de-ate-karlsruhe-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+
+// Software Freedom Day 19. Sept 2009
+// $locid = 715191; // Hamburg
+
+// LISA2009 Baltimore, 1.11.2009
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $city = "Baltimore, MD - Nov. 3rd 2009";
+
+// OpenSourceTreffen-Muenchen, 20.11.2009
+// $locid = 1260319; // Muenchen
+// $city = "Muenchen - 20. Nov 2009";
+
+// BLIT2009, Brandenburger Linux-Infotag, 21.11.2009
+// $locid = 1486658; // Potsdam
+// $eventname = "Brandenburger Linux-Infotag (BLIT2009)";
+// $city = "Potsdam - 21. Nov 2009";
+
+// ATE-Goteborg, 16.12.2009
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $eventname = "ATE-Goteborg";
+// $city = "Goteborg - Dec 16th 2009";
+
+// Assurance Event Mission Hills CA, 15.01.2010
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $eventname = "Assurance Event";
+// $city = "Mission Hills CA - Jan 15th 2010";
+
+// Assurance Event OSD Copenhagen DK, 5.03.2010
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "Assurance Event OpenSource-Days 2010";
+// $city = "Copenhagen DK - March 5th/6th 2010";
+
+// SCALE 8x Los Angeles, CA, Feb 19-21 2010
+// $locid = 2093625; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "SCALE 8x 2010";
+// $city = "Los Angeles, CA - February 19-21 2010";
+
+// ATE Sydney, AU, Mar 24 2010
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $eventname = "ATE-Sydney";
+// $city = "March 24, 2010";
+
+// ATE Essen, DE, Sept 28 2010
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Essen";
+// $city = "September 28, 2010";
+
+// ATE Aachen, DE, Oct 4th 2010
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Aachen";
+// $city = "October 4th, 2010";
+
+// ATE Muenchen, DE, Apr 2nd 2011
+// $locid = 1260319; // Muenchen
+// $eventname = "ATE-Muenchen";
+// $city = "2. April, 2011";
+
+// ATE Bonn, DE, Jun 8th 2011
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Bonn";
+// $city = "8. Juni, 2011";
+
+// ATE Karlsruhe, DE, May 15th 2012
+ $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+ $eventname = "ATE-Karlsruhe";
+ $city = "15. May 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/44de-ate-duesseldorf-email.txt b/scripts/44de-ate-duesseldorf-email.txt
new file mode 100644
index 0000000..b4b3708
--- /dev/null
+++ b/scripts/44de-ate-duesseldorf-email.txt
@@ -0,0 +1,104 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Montag, den 09. Juli 2012
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- in der Heinrich-Heine-Universitaet Duesseldorf
+- Raum: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/559.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Duesseldorf teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+[French]
+
+Bon nombre de changements ont eu lieu au cours de la derniere annee au sein de CAcert. Beaucoup de regles "orales" ont ete transformees en reglements ("Policies"). De nouvelles procedures (par exemple le Challenge Assureur) et devoirs (par exemple le CAcert Community Agreement) ont ete activees. Les Assurer Training Events essaient de propager ces informations :
+
+- Que manque-t-il sur les "anciens" formulaires CAP ?
+- Pourquoi dois-je me souvenir de R/L/O ?
+- Que faire si une personne vous montre un document d'identite qui vous est inconnu ?
+
+Durant les Assurer Training Events (ATEs) vous recevrez les reponses a ces questions et a plein d'autres.
+
+De plus, les ATE vous permettent de vous entrainer a verifier les identites. Ceci sera audite afin de mesurer la qualite des assurances effectuees dans la routine quotidienne. On essaiera de vous induire en erreur. Vous aurez ainsi la possibilite de voir les problemes et d'apprendre a dejouer les pieges.
+
+Comme IanG l'a dit : il est fortement recommande aux assureurs de participer aux ATE. Le programmme contient des parties qui entrent directement en ligne de compte pour le succes de notre audit. Venez et decouvrez comment contribuer.
+
+Le prochain ATE qui aura lieu pres de chez vous sera :
+- Lundi le 09 juli 2012
+- de 19:00 a environ 22:00
+- dans Heinrich-Heine-Universitaet Duesseldorf
+- Chambre: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+NB : les exposes auront lieu en Allemand
+
+Plus de renseignements sur le lieu :
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/566.html]
+
+Pour participer, repondez a ce courriel : 'Je viendrais au ATE-Karlsruhe'
+
+Le comite d'organisation se rejouit de votre venue.
+
+Contact: events@cacert.org
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Monday 9th July 2012
+- during 19:00 - ca. 22:00
+- in the Heinrich-Heine-Universitaet Duesseldorf
+- Room: 25
+- Universitaetsstrae 1
+- 40225 Duesseldorf
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/events/ATE-Duesseldorf]
+Blog [http://blog.cacert.org/2012/06/566.html]
+
+User reply for registration: 'I will attend the ATE-Duesseldorf'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/44de-ate-duesseldorf-mail.php.txt b/scripts/44de-ate-duesseldorf-mail.php.txt
new file mode 100644
index 0000000..7b89e96
--- /dev/null
+++ b/scripts/44de-ate-duesseldorf-mail.php.txt
@@ -0,0 +1,160 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("44de-ate-duesseldorf-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 520340; // Duesseldorf
+// $locid = 1260319; // Muenchen
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+
+// Software Freedom Day 19. Sept 2009
+// $locid = 715191; // Hamburg
+
+// LISA2009 Baltimore, 1.11.2009
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $city = "Baltimore, MD - Nov. 3rd 2009";
+
+// OpenSourceTreffen-Muenchen, 20.11.2009
+// $locid = 1260319; // Muenchen
+// $city = "Muenchen - 20. Nov 2009";
+
+// BLIT2009, Brandenburger Linux-Infotag, 21.11.2009
+// $locid = 1486658; // Potsdam
+// $eventname = "Brandenburger Linux-Infotag (BLIT2009)";
+// $city = "Potsdam - 21. Nov 2009";
+
+// ATE-Goteborg, 16.12.2009
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $eventname = "ATE-Goteborg";
+// $city = "Goteborg - Dec 16th 2009";
+
+// Assurance Event Mission Hills CA, 15.01.2010
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $eventname = "Assurance Event";
+// $city = "Mission Hills CA - Jan 15th 2010";
+
+// Assurance Event OSD Copenhagen DK, 5.03.2010
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "Assurance Event OpenSource-Days 2010";
+// $city = "Copenhagen DK - March 5th/6th 2010";
+
+// SCALE 8x Los Angeles, CA, Feb 19-21 2010
+// $locid = 2093625; // Copenhagen, Kobenhavn*, Denmark
+// $eventname = "SCALE 8x 2010";
+// $city = "Los Angeles, CA - February 19-21 2010";
+
+// ATE Sydney, AU, Mar 24 2010
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $eventname = "ATE-Sydney";
+// $city = "March 24, 2010";
+
+// ATE Essen, DE, Sept 28 2010
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Essen";
+// $city = "September 28, 2010";
+
+// ATE Aachen, DE, Oct 4th 2010
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Aachen";
+// $city = "October 4th, 2010";
+
+// ATE Muenchen, DE, Apr 2nd 2011
+// $locid = 1260319; // Muenchen
+// $eventname = "ATE-Muenchen";
+// $city = "2. April, 2011";
+
+// ATE Bonn, DE, Jun 8th 2011
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $eventname = "ATE-Bonn";
+// $city = "8. Juni, 2011";
+
+// ATE Karlsruhe, DE, May 15th 2012
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $eventname = "ATE-Karlsruhe";
+// $city = "15. May 2012";
+
+// ATE Duesseldorf, DE, May 15th 2012
+ $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+ $eventname = "ATE-Duesseldorf";
+ $city = "09. July 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/45au-ate-melbourne-email.txt b/scripts/45au-ate-melbourne-email.txt
new file mode 100644
index 0000000..aa46112
--- /dev/null
+++ b/scripts/45au-ate-melbourne-email.txt
@@ -0,0 +1,32 @@
+
+
+During the last years many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Saturday 28th July 2012
+- starting around 05:00 pm
+- Urban Camp
+ Brens Drive
+ Parkville
+ Victoria 3052
+
+Details to the location and time can be found:
+Wiki [http://wiki.cacert.org/events/20120728_ATE-Melbourne]
+Blog [http://blog.cacert.org/2012/07/571.html]
+
+User reply for registration: 'I will attend the ATE-Melbourne'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/45au-ate-melbourne-mail.php.txt b/scripts/45au-ate-melbourne-mail.php.txt
new file mode 100644
index 0000000..5161e97
--- /dev/null
+++ b/scripts/45au-ate-melbourne-mail.php.txt
@@ -0,0 +1,106 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("45au-ate-melbourne-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+
+// ATE Melbourne, AU, July 28th 2012
+ $locid = 2262656; // Melbourne, Victoria, Australia
+ $eventname = "ATE-Melbourne";
+ $city = "28th July 2012";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/46us-ate-raleigh-email.txt b/scripts/46us-ate-raleigh-email.txt
new file mode 100644
index 0000000..c263db5
--- /dev/null
+++ b/scripts/46us-ate-raleigh-email.txt
@@ -0,0 +1,41 @@
+
+
+During the last years many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures (e.g. Assurer Challenge)
+and obligations (e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training
+Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to
+measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute directly
+to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Saturday 11th August 2012
+- 10:00-13:00
+- Splat Space - Durham's Hackerspace
+ 331 W. Main St - Basement
+ Durham, NC
+
+
+Details to the location and time can be found:
+Wiki [http://wiki.cacert.org/events/ATE-Raleigh]
+Blog [http://blog.cacert.org/2012/07/572.html]
+
+User reply for registration: 'I will attend the ATE-Raleigh'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/46us-ate-raleigh-mail.php.txt b/scripts/46us-ate-raleigh-mail.php.txt
new file mode 100644
index 0000000..0c55567
--- /dev/null
+++ b/scripts/46us-ate-raleigh-mail.php.txt
@@ -0,0 +1,112 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("46us-ate-raleigh-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+
+// ATE Melbourne, AU, July 28th 2012
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $eventname = "ATE-Melbourne";
+// $city = "28th July 2012";
+
+// ATE Raleigh, US, August 11th 2012
+ $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+ $eventname = "ATE-Raleigh";
+ $city = "11th August 2012";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/47us-fudcon-lawrence-email.txt b/scripts/47us-fudcon-lawrence-email.txt
new file mode 100644
index 0000000..d2b6e97
--- /dev/null
+++ b/scripts/47us-fudcon-lawrence-email.txt
@@ -0,0 +1,26 @@
+Hi,
+
+I'm a Fedora developer and sysadmin (and a CAcert Assurer), and am going to be attending the Fedora Users and Developers Conference which will be held at the University of Kansas, located in Lawrence, KS, from January 18–20, 2013.
+
+We have a GPG/PGP keysigning party planned, and I'm interested in getting some people together to offer CAcert assurances. This is especially important since CAcert will be removing all points formerly obtained by Thawte Point Transfer very soon.
+
+The CAcert Assurance Event will be held on Saturday, January 19, 2013, beginning at 15:30.
+The GPG Keysigning Event will begin at 16:30.
+
+If you are interested in either event, please sign up at:
+http://bit.ly/fudcon2013-keysigning for the keysigning event
+and/or
+http://bit.ly/fudcon2013-cacert-assurance for the CAcert assurance event.
+
+Please contact me at either nb@fedoraproject.org or nb@cacert.org if you have any questions.
+
+Nick
+
+Further infos:
+ * [https://wiki.cacert.org/Events/FUDConLawrence]
+ * CAcert organizing wiki page
+ * [http://fedoraproject.org/wiki/FUDCon:Lawrence_2013]
+ * has more information about FUDCon.
+
+
+Contact: events@cacert.org
diff --git a/scripts/47us-fudcon-lawrence-mail.php.txt b/scripts/47us-fudcon-lawrence-mail.php.txt
new file mode 100644
index 0000000..4bb3c8a
--- /dev/null
+++ b/scripts/47us-fudcon-lawrence-mail.php.txt
@@ -0,0 +1,109 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("47us-fudcon-lawrence-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+ $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+ $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+ $city = "January 19th 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/48de-ate-kiel-email.txt b/scripts/48de-ate-kiel-email.txt
new file mode 100644
index 0000000..d522cdc
--- /dev/null
+++ b/scripts/48de-ate-kiel-email.txt
@@ -0,0 +1,68 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen unters Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich, wenn du ein fremdes Ausweis Dokument das erste mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung trainiert und auditiert, um die Qualitaet der Assurances in der taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren, wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 11. Februar 2013
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Toppoint e.V.
+- Eckernfrder Str. 20
+- 24103 Kiel
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2013-02-11ATE-Kiel]
+Blog [http://blog.cacert.org/2013/01/586.html]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Kiel teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral" rules have been put into Policies. New procedures (e.g. Assurer Challenge) and obligations (e.g. CAcert Community Agreement) have been put into live. The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances, to measure the quality of assurances in the daily routine. Here are some possible errors and pitfalls which need to be found. Assurers have the opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally recommended for all Assurers and includes parts which contribute directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Tuesday 11. February 2013
+- during 19:00 - ca. 22:00
+- Toppoint e.V.
+- Eckernfrder Str. 20
+- 24103 Kiel
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2013-02-11ATE-Kiel]
+Blog [http://blog.cacert.org/2013/01/586.html]
+
+User reply for registration: 'I will attend the ATE-Kiel'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/48de-ate-kiel-mail.php.txt b/scripts/48de-ate-kiel-mail.php.txt
new file mode 100644
index 0000000..9f3ab46
--- /dev/null
+++ b/scripts/48de-ate-kiel-mail.php.txt
@@ -0,0 +1,114 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("48de-ate-kiel-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+ $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+ $eventname = "ATE-Kiel";
+ $city = "11. Februar 2013";
+
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/DumpWeakCerts.pl b/scripts/DumpWeakCerts.pl
index 580390e..580390e 100755..100644
--- a/scripts/DumpWeakCerts.pl
+++ b/scripts/DumpWeakCerts.pl
diff --git a/scripts/assurer.php b/scripts/assurer.php
index c649fbf..d85a2a6 100644
--- a/scripts/assurer.php
+++ b/scripts/assurer.php
@@ -30,7 +30,7 @@
$query = "
select u.email, fname, lname, sum(n.points) from users u, notary n
where n.to=u.id
- and not exists(select 1 from cats_passed cp where cp.user_id=u.id)
+ and not EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)
and exists(select 1 from notary n2 where n2.from=u.id and year(n2.`when`)>2007)
and (select count(*) from notary n3 where n3.from=u.id) > 1
group by email, fname, lname
diff --git a/scripts/cron/permissionreview.php b/scripts/cron/permissionreview.php
new file mode 100755
index 0000000..0f2fc2e
--- /dev/null
+++ b/scripts/cron/permissionreview.php
@@ -0,0 +1,217 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+require_once(dirname(__FILE__).'/../../includes/mysql.php');
+
+$BOARD_PRIVATE = 'cacert-board-private@lists.cacert.org';
+$ASSURANCE_OFFICER = 'ao@cacert.org';
+$ORGANISATION_ASSURANCE_OFFICER = 'oao@cacert.org';
+
+
+//defines to whom to send the lists
+$flags = array(
+ 'admin' => array(
+ 'name' => 'Support Engineer',
+ 'own' => false, //Don't send twice
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'orgadmin' => array(
+ 'name' => 'Organisation Assurer',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'board' => array(
+ 'name' => 'Board Member',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'ttpadmin' => array(
+ 'name' => 'Trusted Third Party Admin',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'tverify' => array(
+ 'name' => 'Tverify Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'locadmin' => array(
+ 'name' => 'Location Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+ );
+
+
+// Build up list of various admins
+$adminlist = array();
+foreach ($flags as $flag => $flag_properties) {
+ $query = "select `fname`, `lname`, `email` from `users` where `$flag` = 1";
+ if(! $res = mysql_query($query) ) {
+ fwrite(STDERR,
+ "MySQL query for flag $flag failed:\n".
+ "\"$query\"\n".
+ mysql_error()
+ );
+
+ continue;
+ }
+
+ $adminlist[$flag] = array();
+
+ while ($row = mysql_fetch_assoc($res)) {
+ $adminlist[$flag][] = $row;
+ }
+
+
+ // Send mail to admins of this group if 'own' is set
+ if ($flag_properties['own']) {
+ foreach ($adminlist[$flag] as $admin) {
+ $message = <<<EOF
+Hello $admin[fname],
+
+you get this message, because you are listed as $flag_properties[name] on
+CAcert.org. Please review the following list of persons with the same privilege
+and report to the responsible team leader or board
+($BOARD_PRIVATE) if you spot any errors.
+
+
+EOF;
+
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
+ }
+ }
+}
+
+
+
+// Send to support engineers
+$message = <<<EOF
+Dear Support Engineers,
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them.
+
+
+EOF;
+
+foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties['support']) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= "\n\n";
+ }
+}
+
+$message .= <<<EOF
+
+Best Regards,
+CAcert Support
+EOF;
+
+foreach ($adminlist['admin'] as $support_engineer) {
+ sendmail(
+ $support_engineer['email'],
+ "Permissions Review",
+ $message,
+ 'support@cacert.org');
+}
+
+
+// Send to one-email addresses
+foreach (array(
+ 'ao' => array(
+ 'description' => 'Assurance Officer',
+ 'email' => $ASSURANCE_OFFICER),
+ 'oao' => array(
+ 'description' => 'Organisation Assurance Officer',
+ 'email' => $ORGANISATION_ASSURANCE_OFFICER),
+ 'board' => array(
+ 'description' => 'Board Members',
+ 'email' => $BOARD_PRIVATE)
+ ) as $key => $values) {
+ $message = <<<EOF
+Dear $values[description],
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them and also ask the persons
+responsible for an up-to-date copy of access lists not directly recorded in the
+web application (critical admins, software assessors etc.)
+
+
+
+EOF;
+
+ foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties[$key]) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+ $message .= "\n\n";
+ }
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($values['email'], "Permissions Review", $message, 'support@cacert.org');
+}
diff --git a/scripts/removedead.php b/scripts/cron/removedead.php
index 7e47c7f..2257dc8 100755
--- a/scripts/removedead.php
+++ b/scripts/cron/removedead.php
@@ -17,8 +17,10 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("/home/cacert/www/includes/mysql.php");
-
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/l10n.php');
+ require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
+
$query = "select * from `users` where `users`.`verified`=0 and
(UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`users`.`created`)) >= 172800";
$res = mysql_query($query);
@@ -26,6 +28,7 @@
{
mysql_query("delete from `email` where `memid`='".$row['id']."'");
mysql_query("delete from `users` where `id`='".$row['id']."'");
+ delete_user_agreement($row['id']);
}
$query = "delete from `domains` where `hash`!='' and
@@ -67,9 +70,7 @@
if($data['language'] != "")
{
- $userlang = $data['language'];
- putenv("LANG=".$userlang);
- setlocale(LC_ALL, $userlang);
+ L10n::set_translation($data['language']);
}
$body = _("You are receiving this email because you had a temporary increase to 200 points. This has since expired and you have been reduced to 150 points.")."\n\n";
diff --git a/scripts/updatesort.php b/scripts/cron/updatesort.php
index 4d36bfc..051b179 100755
--- a/scripts/updatesort.php
+++ b/scripts/cron/updatesort.php
@@ -16,18 +16,13 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("../includes/mysql.php");
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/account.php');
-
- //mysql_query("update users set assurer=0");
- $query = "select notary.`to` as uid from notary group by notary.`to` having sum(points)>=100;";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
- $query = "update users set `assurer`='1' where `id`='${row['uid']}'";
- //echo $query."\n";
- mysql_query($query);
+ // Recalculate assurer flag for all accounts
+ if (!fix_assurer_flag()) {
+ fwrite(STDERR, "ERROR on fixing the assurer flag. Continuing anyway");
}
@@ -72,6 +67,4 @@
}
-
-
?>
diff --git a/scripts/warning.php b/scripts/cron/warning.php
index b578c09..0c97ba2 100755
--- a/scripts/warning.php
+++ b/scripts/cron/warning.php
@@ -17,14 +17,14 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once("/home/cacert/www/includes/mysql.php");
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
$days = array("1" => "3", "15" => "2", "30" => "1", "45" => "0");
foreach($days as $day => $warning)
{
$query = "SELECT `emailcerts`.`id`,`users`.`fname`,`users`.`lname`,`users`.`email`,`emailcerts`.`memid`,
- `emailcerts`.`subject`, `emailcerts`.`crt_name`,`emailcerts`.`CN`,
+ `emailcerts`.`subject`, `emailcerts`.`crt_name`,`emailcerts`.`CN`, `emailcerts`.`serial`,
(UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW())) / 86400 as `daysleft`
FROM `users`,`emailcerts`
WHERE UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 and
@@ -56,7 +56,11 @@
$body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
$body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
$body .= $row['subject']."\n\n";
- $body .= sprintf(_("Your certificate is set to expire in approximately %s days time, you can renew this by going to the following URL:"), $row['daysleft'])."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
$body .= "https://www.cacert.org/account.php?id=5\n\n";
$body .= _("Best Regards")."\n"._("CAcert Support");
sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
@@ -68,16 +72,37 @@ echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid
foreach($days as $day => $warning)
{
- $query = "SELECT `domaincerts`.`id`, `users`.`fname`, `users`.`lname`, `users`.`email`,
- `domains`.`memid`, `domaincerts`.`subject`, `domaincerts`.`crt_name`,
- `domaincerts`.`CN`,
- (UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`
- FROM `users`, `domaincerts`, `domlink`, `domains`
- WHERE UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 AND
- UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) < $day * 86400 AND
- `domaincerts`.`renewed`=0 AND `domaincerts`.`warning` <= '$warning' AND
- `domaincerts`.`revoked`=0 AND `users`.`id` = `domains`.`memid` AND
- `domlink`.`certid` = `domaincerts`.`id` AND `domains`.`id` = `domlink`.`domid`";
+ $select_clause =
+ "`domaincerts`.`id`,
+ `users`.`fname`, `users`.`lname`, `users`.`email`,
+ `domains`.`memid`,
+ `domaincerts`.`subject`, `domaincerts`.`crt_name`,
+ `domaincerts`.`CN`,
+ `domaincerts`.`serial`,
+ (UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`";
+ $where_clause =
+ "UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) > -7 * 86400
+ AND UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) < $day * 86400
+ AND `domaincerts`.`renewed` = 0
+ AND `domaincerts`.`warning` <= '$warning'
+ AND `domaincerts`.`revoked` = 0
+ AND `domains`.`memid` = `users`.`id`";
+ $query =
+ "SELECT $select_clause
+ FROM `users`, `domaincerts`, `domains`
+ WHERE $where_clause
+ AND `domaincerts`.`domid` = `domains`.`id`
+ UNION DISTINCT
+ SELECT $select_clause
+ FROM `users`,
+ `domaincerts` LEFT JOIN `domlink` ON
+ (`domaincerts`.`id` = `domlink`.`certid`),
+ `domains`
+ WHERE $where_clause
+ AND `domlink`.`domid` = `domains`.`id`";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
@@ -88,7 +113,11 @@ echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid
$body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
$body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
$body .= $row['subject']."\n\n";
- $body .= sprintf(_("Your certificate is set to expire in approximately %s days time, you can renew this by going to the following URL:"), $row['daysleft'])."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
$body .= "https://www.cacert.org/account.php?id=12\n\n";
$body .= _("Best Regards")."\n"._("CAcert Support");
sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
diff --git a/scripts/db_migrations/version1.sh b/scripts/db_migrations/version1.sh
new file mode 100755
index 0000000..48e24f9
--- /dev/null
+++ b/scripts/db_migrations/version1.sh
@@ -0,0 +1,164 @@
+#!/bin/sh
+# LibreSSL - CAcert web application
+# Copyright (C) 2004-2011 CAcert Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+
+
+# script to do database migrations
+
+# This particular version migrates from the preversioned state to version 1
+# If you want to reuse it for further migrations you probably should pay special
+# attention because you have to adjust it a bit
+
+set -e # script fails if any command fails
+
+STDIN=0
+STDOUT=1
+STDERR=2
+
+if [ "$1" = "--help" ]; then
+ cat >&$STDERR <<- USAGE
+ Usage: $0 [MYSQL_OPTIONS]
+ You have to specify all options needed by "mysql" as if you had started
+ the MySQL command line client directly (including the name of the
+ database to operate on). The MySQL user used has to have enough
+ privileges to do all necessary operations (among others CREATE, ALTER,
+ DROP, UPDATE, INSERT, DELETE).
+ You might need to enter the mysql password multiple times if you
+ specify the -p option.
+ USAGE
+ exit 1
+fi
+
+mysql_opt=" --batch --skip-column-names $@"
+
+schema_version=$( mysql $mysql_opt <<- 'SQL'
+ CREATE TABLE IF NOT EXISTS `schema_version` (
+ `id` int(11) PRIMARY KEY auto_increment,
+ `version` int(11) NOT NULL UNIQUE,
+ `when` datetime NOT NULL
+ ) DEFAULT CHARSET=latin1;
+
+ SELECT MAX(`version`) FROM `schema_version`;
+SQL
+)
+
+if [ $schema_version != "NULL" ]; then
+ cat >&$STDERR <<- ERROR
+ Error: database schema is not in the right version to do the migration!
+ Expected version: 0 (i.e. the version before there was versioning)
+ ERROR
+ exit 2
+fi
+
+
+mysql $mysql_opt <<- 'SQL'
+ -- CCA agreements and such
+ CREATE TABLE `user_agreements` (
+ `id` int(11) PRIMARY KEY auto_increment,
+
+ -- the user that agrees
+ `memid` int(11) NOT NULL,
+
+ -- user that is involved in the agreement (e.g. Assurer)
+ `secmemid` int(11) DEFAULT NULL,
+
+ -- what is being agreed to? e.g. CCA
+ `document` varchar(50) DEFAULT NULL,
+
+ -- when did the agreement take place?
+ `date` datetime DEFAULT NULL,
+
+ -- whether the user actively agreed or if the agreement took place via
+ -- an indirect process (e.g. Assurance)
+ `active` int(1) NOT NULL,
+
+ -- in which process did the agreement take place (e.g. certificate
+ -- issuance, account creation, assurance)
+ `method` varchar(100) NOT NULL,
+
+ -- user comment
+ `comment` varchar(100) DEFAULT NULL
+ ) DEFAULT CHARSET=latin1;
+
+
+ -- description for all certs to make identifying a cert easier
+ ALTER TABLE `domaincerts` ADD `description` varchar(100) NOT NULL
+ DEFAULT '';
+ ALTER TABLE `emailcerts` ADD `description` varchar(100) NOT NULL
+ DEFAULT '';
+ ALTER TABLE `gpg` ADD `description` varchar(100) NOT NULL
+ DEFAULT '';
+ ALTER TABLE `orgdomaincerts` ADD `description` varchar(100) NOT NULL
+ DEFAULT '';
+ ALTER TABLE `orgemailcerts` ADD `description` varchar(100) NOT NULL
+ DEFAULT '';
+
+
+ -- Bugs #855, #863, #864, #888
+ ALTER TABLE `notary`
+ -- allow for marking as deleted instead of really deleting
+ ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+
+ -- add "TOPUP" as method for point transfers (for TTP)
+ MODIFY `method`
+ enum(
+ 'Face to Face Meeting',
+ 'Trusted Third Parties',
+ 'Thawte Points Transfer',
+ 'Administrative Increase',
+ 'CT Magazine - Germany',
+ 'Temporary Increase',
+ 'Unknown',
+ 'TOPUP'
+ ) NOT NULL DEFAULT 'Face to Face Meeting';
+
+
+
+ -- Organisation Assurance
+ ALTER TABLE `orginfo`
+ -- which Organisation Assurer entered the organisation?
+ ADD `creator_id` int(11) NOT NULL DEFAULT '0',
+
+ -- when was the organisation entered?
+ ADD `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+
+ -- allow for marking as deleted instead of really deleting
+ ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00';
+
+ ALTER TABLE `org`
+ -- which Organisation Assurer assigned the Organisation Admin?
+ ADD `creator_id` int(11) NOT NULL DEFAULT '0',
+
+ -- when was the Organisation Admin assigned?
+ ADD `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+
+ -- allow for marking as deleted instead of really deleting
+ ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00';
+
+
+
+
+ -- Update schema version number
+ INSERT INTO `schema_version`
+ (`version`, `when`) VALUES
+ ('1' , NOW() );
+SQL
+
+
+echo "Database successfully migrated to version 1"
+exit 0
+
diff --git a/scripts/db_migrations/version2.sh b/scripts/db_migrations/version2.sh
new file mode 100755
index 0000000..7d940ff
--- /dev/null
+++ b/scripts/db_migrations/version2.sh
@@ -0,0 +1,96 @@
+#!/bin/sh
+# LibreSSL - CAcert web application
+# Copyright (C) 2004-2011 CAcert Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+
+
+# script to do database migrations
+
+# This particular version migrates from the preversioned state to version 1
+# If you want to reuse it for further migrations you probably should pay special
+# attention because you have to adjust it a bit
+
+set -e # script fails if any command fails
+
+STDIN=0
+STDOUT=1
+STDERR=2
+
+if [ "$1" = "--help" ]; then
+ cat >&$STDERR <<- USAGE
+ Usage: $0 [MYSQL_OPTIONS]
+ You have to specify all options needed by "mysql" as if you had started
+ the MySQL command line client directly (including the name of the
+ database to operate on). The MySQL user used has to have enough
+ privileges to do all necessary operations (among others CREATE, ALTER,
+ DROP, UPDATE, INSERT, DELETE).
+ You might need to enter the mysql password multiple times if you
+ specify the -p option.
+ USAGE
+ exit 1
+fi
+
+mysql_opt=" --batch --skip-column-names $@"
+
+schema_version=$( mysql $mysql_opt <<- 'SQL'
+
+ SELECT MAX(`version`) FROM `schema_version`;
+SQL
+)
+if [ $schema_version != 1 ]; then
+ cat >&$STDERR <<- ERROR
+ Error: database schema is not in the right version to do the migration!
+ Expected version: 1 (i.e. the version before there was versioning)
+ ERROR
+ exit 2
+fi
+
+mysql $mysql_opt <<- 'SQL'
+
+ -- Organisation Assurance bug #1118
+ ALTER TABLE `orgemailcerts` ADD `ou` varchar(50) NOT NULL
+ DEFAULT '';
+
+
+ -- Bugs #855, #863, #864, #888, #1118
+ ALTER TABLE `notary`
+ -- add "TTP-Assisted" as method for point transfers (for TTP)
+ MODIFY `method`
+ enum(
+ 'Face to Face Meeting',
+ 'Trusted Third Parties',
+ 'Thawte Points Transfer',
+ 'Administrative Increase',
+ 'CT Magazine - Germany',
+ 'Temporary Increase',
+ 'Unknown',
+ 'TOPUP',
+ 'TTP-Assisted'
+ ) NOT NULL DEFAULT 'Face to Face Meeting';
+
+
+
+
+ -- Update schema version number
+ INSERT INTO `schema_version`
+ (`version`, `when`) VALUES
+ ('2' , NOW() );
+SQL
+
+
+echo "Database successfully migrated to version 2"
+exit 0
+
diff --git a/scripts/mail-weak-keys.php b/scripts/mail-weak-keys.php
index 95c0e4f..95c0e4f 100755..100644
--- a/scripts/mail-weak-keys.php
+++ b/scripts/mail-weak-keys.php
diff --git a/scripts/mass-revoke.php b/scripts/mass-revoke.php
index 18c036b..18c036b 100755..100644
--- a/scripts/mass-revoke.php
+++ b/scripts/mass-revoke.php
diff --git a/scripts/oa01-allowance.php.txt b/scripts/oa01-allowance.php.txt
new file mode 100644
index 0000000..50374e3
--- /dev/null
+++ b/scripts/oa01-allowance.php.txt
@@ -0,0 +1,93 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("oa01-allowance.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+// --- Variable parameters --- begin
+
+// $country
+// "" (empty) email to _all_ countries
+// "DE" 2-digit country code, eg. email to Germany Org's only
+
+// $status
+// Status: 1 mails to org contacts only
+// 2 mails to org admins only
+// 3 mails to org contacts + org admins
+
+// $subject
+// sample:
+// with
+// mailing subject results in
+// a) $country = ""
+// "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website"
+// b) $country = "DE"
+// "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website (DE)"
+
+
+//OA Allowance
+$country = ""; // "DE" or ""
+$status = 3; // 1, 2 or 3 3 = 1+2
+$subject = "Allowance to publish Organisation Assurance on CAcert website";
+
+
+// --- Variable parameters --- end
+
+$query = "SELECT orginfo.contact as email, orginfo.O, 1 as status
+ FROM orginfo
+ WHERE (orginfo.C like '$country%' and (1=$status or 3=$status))
+ UNION
+ Select users.email, orginfo.O, 2 as status
+ FROM users
+ inner join org on users.id = org.memid
+ inner join orginfo on org.orgid=orginfo.id
+ WHERE (orginfo.C like '$country%' and (2=$status or 3=$status))
+ ORDER BY O";
+
+
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")") , $lines, "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+ }
+ // 1x cc to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")"), $lines, "oao@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+ // 1x mailing report to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20110608.1
+ sendmail("bernhard@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ echo "oa-mailing sent to $xrows recipients.\n";
+?>
diff --git a/scripts/oa01-allowance.txt b/scripts/oa01-allowance.txt
new file mode 100644
index 0000000..ea23fa4
--- /dev/null
+++ b/scripts/oa01-allowance.txt
@@ -0,0 +1,159 @@
+(Dutch, German and French version see below)
+
+Dear sir or madam,
+
+CAcert plans to add a new section to its homepage. This section will contain
+a listing of companies and organisations assured by
+CAcert's Organisation Assurance.
+
+You, as a representative or an Organisation Administrator of such an
+organisation, are asked for your approval to give us the name, the logo and
+the location of your company. The reference will be listed on
+http://wiki.cacert.org/OrganisationAssurance/OrganisationList. This listing
+is a resource for other companies planning to use CAcert Certificates.
+
+We kindly ask you to tell us for what purpose you use your CAcert certificate.
+Please check the specific items:
+
+ [ ] - Client Certs
+ [ ] - E-mail Certs
+ [ ] - Server Certs
+ [ ] - Document Signing
+ [ ] - Code Signing
+
+"If you are satisfied with our services, tell others. If not, come back to us."
+
+Additionally, we plan a testimonial page in the future where you are able to
+tell about your experience with CAcert.
+
+If you have any questions, suggestions or criticisms please do not hesitate to
+contact us on mailto:support@cacert.org,
+mailto:cacert-orga-assurer@lists.cacert.org or contact the Organisation Assurer
+who originaly assured you organisation. You can revoke your assent any time.
+
+Thank you for your support.
+
+For the Organisation Assurance Team
+
+---------------------------------------------------
+
+[German Version]
+
+Sehr geehrte Damen und Herren,
+
+CAcert plant eine Umgestaltung des Internetauftritts. Dazu gehoert auch die
+Auflistung von Unternehmen und Organisationen, die durch CAcert im Rahmen der
+Organisation Assurance geprueft wurden.
+
+Wir wuerden gerne Ihre Organisation (Name, Sitz und Logo) als Referenz auf der
+Seite http://wiki.cacert.org/OrganisationAssurance/OrganisationList nennen.
+Als Ansprechpartner oder Organisationsadministrator einer solchen Organisation
+benoetigen wir dazu Ihr Einverstaendnis.
+
+Ueber Informationen, wie in welcher Weise Ihre Organisation CAcert-Zertifikate
+einsetzt, wuerden wir und sehr freuen. Whlen Sie einfach die verwendeten
+Einsatzgebiete aus dieser Liste aus:
+
+ [ ] - Client Certs
+ [ ] - E-Mail Certs
+ [ ] - Server Certs
+ [ ] - Document Signing
+ [ ] - Code Signing
+
+"Wenn Sie zufrieden sind mit unserem Service, sagen Sie es weiter. Wenn Sie
+nicht zufrieden sind, sagen Sie es uns."
+
+In diesem Zusammenhang planen wir auch eine Testimonal Seite, auf der Sie
+selbst ueber ihre Erfahrungen berichten koennen.
+
+Bei Fragen, Anregungen oder Kritik erreichen Sie uns jederzeit unter
+mailto:support@cacert.org und mailto:cacert-orga-assurer@lists.cacertg.org oder
+kontaktieren Sie den Organisations Assurer, der Ihre Organisation ueberprueft
+hat. Sie haben jederzeit das Recht, Ihr Einverstaendnis zu widerrufen.
+
+Im Name von CAcert bedanke sich das Organisation Assurance Team herzlich
+fuer Ihre Unterstuetzung.
+
+---------------------------------------------------
+
+[French Version]
+
+Madame, Monsieur,
+
+CAcert a decide d'ajouter une nouvelle section a son site internet. Cette
+section contient une liste des entreprises et organisations accreditees
+par CAcert.
+
+Vous, en tant que representant ou administrateur d'une telle organisation,
+il vous est demande votre approbation pour nous donner le nom, le logo et le
+lieu de votre entreprise. La reference sera ajoutee sur
+http://wiki.cacert.org/OrganisationAssurance/OrganisationList. Cette
+inscription serait utile pour encourager d'autres organisations a utiliser
+des certificats CAcert.
+
+Nous vous prions de nous dire a quelles fins vous utilisez vos certificats
+CAcert. S'il vous plat, precisez les elements suivants :
+
+ [ ] - Certificats client (SSL)
+ [ ] - Certificats pour courriel (email)
+ [ ] - Certificats Serveur (SSL)
+ [ ] - Signature de document
+ [ ] - Signature du code de logiciels informatique
+
+"Si vous tes satisfaits de nos services, faite le nous savoir. Dans le cas
+contraire, nous sommes a votre ecoute."
+
+De plus, nous prevoyons de realiser a l'avenir une page avec des temoignages ou
+vous pourrez parler de votre experience avec CAcert.
+
+Si vous avez des questions, des suggestions ou des critiques, n'hesitez pas
+s'il vous plat a nous contacter sur mailto:support@cacert.org,
+mailto:cacert-orga-assurer@lists.cacert.org, ou contacter
+l'Accrediteur d'Organisation qui a realise votre inscription initialement.
+Vous pouvez retirer votre referencement a tout moment de notre site internet
+sur simple demande.
+
+Merci pour votre soutien.
+
+L'equipe des Accrediteurs d'Organisations.
+
+---------------------------------------------------
+
+[Dutch Version]
+
+Geachte dames/heren,
+
+Uw organisatie (of bedrijf) is reeds gewaarmerkt door CAcert.
+
+Gedurende dat proces bent u aangewezen als contactpersoon of als organisatie
+adminstrator, en daarom ontvangt u deze email.
+
+In het kader van een reorganisatie van CAcert websites willen wij uw organisatie
+graag als referentie toevoegen op de pagina:
+http://wiki.cacert.org/OrganisationAssurance/OrganisationList.
+Daarom verzoeken wij u bij deze om toestemming om de naam van uw organisatie
+toe te voegen aan deze referentiepagina.
+
+Zodat ook andere organisaties zichzelf kunnen informeren over de verschillende
+toepassingen van onze certificaten, of kunnen profiteren van uw ervaring,
+verzoeken wij tevens om het gebruik van certificaten binnen uw organisatie
+te benoemen:
+
+ [ ] - Client Certificaten
+ [ ] - Email Certificaten
+ [ ] - Server Certificaten
+ [ ] - Document Signing
+ [ ] - Code Signing
+
+
+"Wanneer u tevreden bent over onze service, vertel het verder. Wanneer u niet
+tevreden bent, vertel het ons."
+Binnen deze context plannen wij ook een Testimonal pagina, waar u zelf over uw
+ervaringen kunt berichten.
+
+Voor vragen, opmerkingen of kritiek kunt u ons ten alle tijden bereiken onder
+mailto:support@cacert.org of mailto:cacert-orga-assurer@lists.cacertg.org.
+U kunt ook contact opnemen met de Organisation Assurer die uw organisatie
+gewaarmerkt heeft.
+
+Uw Organisation Assurance Team. \ No newline at end of file
diff --git a/scripts/oa02-mailingtextCats.txt b/scripts/oa02-mailingtextCats.txt
new file mode 100644
index 0000000..044b49b
--- /dev/null
+++ b/scripts/oa02-mailingtextCats.txt
@@ -0,0 +1,71 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are only missing the CATS challenge, I ask you to do the challenge within
+the next 2 months. If you have not passed the CATS test by then, I will have
+to delete you as Organisation Administrator from the appropriate accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Ihnen lediglich die Assurer-Pruefung fehlt, fordere ich Sie auf, diese
+Pruefung innerhalb der naechsten 2 Monate nachzuholen. Wenn Sie diese Pruefung
+bis dahin nicht abgelegt haben, werde ich Sie als Organisations Administrator
+aus den betreffenden Konten austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-mailingtextPoints.txt b/scripts/oa02-mailingtextPoints.txt
new file mode 100644
index 0000000..5e0eadf
--- /dev/null
+++ b/scripts/oa02-mailingtextPoints.txt
@@ -0,0 +1,79 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are missing the 100 Assurance Points requirement (which might be due to
+the new points calculation) I ask you to get assured during the next 3 months to
+reach the 100 Assurance Points. If you have problems in getting assured, please
+let me know, so I can see what can be done to help you. If you have not reached
+the 100 points by then (or after an additional grace period in cases of
+hardship), I will have to delete you as Organisation Administrator from the
+appropriate accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Sie die 100 Assurance-Punkte nicht erreicht haben, was auch an der neuen
+Punkteberechnung liegen kann, fordere ich Sie auf, sich innerhalb der naechsten
+3 Monate assuren zu lassen, um die 100 Punkte zu erreichen. Wenn Sie Probleme
+haben, sich assuren zu lassen, teilen Sie mir das bitte mit und wir werden
+sehen, wie wir Ihnen dabei helfen koennen. Wenn Sie bis dahin (oder nach einer
+zusaetzlichen Gnadenfrist in schwierigen Faellen) die 100 Punkte nicht erreicht
+haben, werde ich Sie als Organisations Administrator aus den betreffenden Konten
+austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-mailingtextPointsCats.txt b/scripts/oa02-mailingtextPointsCats.txt
new file mode 100644
index 0000000..67bc5d3
--- /dev/null
+++ b/scripts/oa02-mailingtextPointsCats.txt
@@ -0,0 +1,82 @@
+(German see below)
+
+Hello <name>,
+
+In preparation for an internal test prior to the audit, we checked if the data
+entries in the Organisation Accounts are valid. As you are listed as an
+Organisation Administrator for at least one organisation account, I found out
+that you currently do not match the requirements to be an Organisation
+Administrator - in that you need to be an CAcert Assurer.
+
+The premise to be a CAcert Assurer are that you have:
+ - got at least 100 Assurance Points
+ - passed the CATS test
+
+It is possible that you may have missed some changes within the CAcert
+assurance system.
+
+In 2009 the CATS challenge [1] was introduced. You have to pass it before you
+get the CAcert Assurer status.
+
+In addition, CAcert will be changing the points calculation in the near future.
+This was announced in 2011 [2].
+
+As you are missing the 100 Assurance Points requirement (which might be due to
+the new points calculation) and the CATS challenge, I ask you to get assured
+during the next 3 months to reach the 100 Assurance Points and do the CATS test.
+If you have problems in getting assured, please let me know, so I can see what
+can be done to help you. If you have not passed the CATS test and reached the
+100 points by then (or after an additional grace period in cases of hardship),
+I will have to delete you as Organisation Administrator from the appropriate
+accounts.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Thank you for your support.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+---------------------------------------------------
+
+[German Version]
+
+Hallo <name>,
+
+bei der Vorbereitung eines internen Tests vor dem Audit haben wir ueberprueft,
+ob die Datensaetze in den Organisationskonten gueltig sind. Da Sie als
+Organisations Administrator fuer mindestens ein Organisationskonto eingetragen
+sind, habe ich festgestellt, dass Sie zurzeit kein CAcert Assurer sind, was die
+Voraussetzung fuer die Taetigkeit als Organisations Administrator ist.
+
+Als CAcert Assurer muessen Sie die folgenden Vorausetzungen erfuellen:
+ - Mindestens 100 Assurance-Punkte
+ - Bestandene Assurer-Pruefung (CATS-Test)
+
+Moeglicherweise haben Sie einige aenderungen bei CAcert verpasst.
+
+Im Jahre 2009 wurde die Assurer-Pruefung (Assurer Challenge, CATS Test) [1]
+eingefuehrt. Die muessen Sie bestehen, um den Assurer-Status zu erhalten.
+
+CAcert wird die Punkte-Berechnung in naher Zukunft aendern. Dies wurde bereits
+2011 angekuendigt [2].
+
+Da Sie die 100 Assurance-Punkte nicht erreicht haben, was auch an der neuen
+Punkteberechnung liegen kann, und auch die Assurer-Pruefung nicht abgelegt
+haben, fordere ich Sie auf, sich innerhalb der naechsten 3 Monate assuren zu
+lassen, um die 100 Punkte zu erreichen, und die Assurer-Pruefung abzulegen.
+Wenn Sie Probleme haben, sich assuren zu lassen, teilen Sie mir das bitte mit
+und wir werden sehen, wie wir Ihnen dabei helfen koennen. Wenn Sie bis dahin
+(oder nach einer zusaetzlichen Gnadenfrist in schwierigen Faellen) die
+100 Punkte nicht erreicht haben oder die Assurer-Pruefung nicht abgelegt haben,
+werde ich Sie als Organisations-Administrator aus den betreffenden Konten
+austragen.
+
+[1] https://wiki.cacert.org/AssurerChallenge
+[2] https://wiki.cacert.org/PR/News/NewPointsCalculation
+
+Vielen Dank fuer Ihre Unterstuetzung.
+
+Marcus Maengel
+CAcert Organisation Assurance Officer \ No newline at end of file
diff --git a/scripts/oa02-orgainformation.php.txt b/scripts/oa02-orgainformation.php.txt
new file mode 100644
index 0000000..e0d8ca2
--- /dev/null
+++ b/scripts/oa02-orgainformation.php.txt
@@ -0,0 +1,119 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+ include_once("../includes/lib/general.php");
+
+ //default mail text
+ $lines = "";
+ $fp = fopen("oa02-mailingtextPoints.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ //first variant of mail text
+ $lines1 = "";
+ $fp = fopen("oa02-mailingtextCats.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines1 .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ //second variant of mail text
+ $lines2 = "";
+ $fp = fopen("oa02-mailingtextPointsCats.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines2 .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $query = "
+ SELECT
+ `users`.`email`,
+ `users`.`fname`,
+ `users`.`lname`,
+ `orginfo`.`O`,
+ `orginfo`.`id`,
+ `org`.`memid`
+ FROM
+ `users`,
+ `orginfo`,
+ `org`
+ WHERE `org`.`orgid` = `orginfo`.`id`
+ AND `org`.`memid` = `users`.`id`
+ AND `users`.`assurer` = 0
+ AND `org`.`deleted` = 0
+ ORDER BY
+ `users`.`email`,
+ `orginfo`.`O`
+ ";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ $report = "";
+ $report1 = "";
+ $report2 = "";
+ $report3 = "";
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ $fullname = $row['fname']." ".$row['lname'];
+ $status = get_assurer_status($row['memid']);
+ if (3 == $status) {
+ $mail = str_replace("<name>",$fullname,$lines);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } elseif (5 == $status) {
+ $mail = str_replace("<name>",$fullname,$lines1);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report1 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } elseif (7 == $status){
+ $mail = str_replace("<name>",$fullname,$lines2);
+ sendmail($row['email'], "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $mail, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+ $report2 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ } else {
+ $report3 = $row['email'].", ".$fullname.", ".$row['O']."\n";
+ }
+ }
+
+ // 1x cc to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators", $lines."\n\n".$lines1."\n\n".$lines2, "oao@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ // 1x mailing report to oao.cacert.org
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ // 1x detailed mailing report to OAO
+ $reporttotal = "Result of the Mailing \n\n Organisation Administrators with missing points \n".$report."\n\n Organisation Adminstrators with missing points ".$report1."\n\n Organisation Adminstrators with missing points and CATS ".$report2."\n\n Organisation Adminstrators with blocked assurer ".$report3;
+ sendmail("oao@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", $reporttotal, "support@cacert.org", "", "", "CAcert Organisation Assurer", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20110608.1
+ sendmail("bernhard@cacert.org", "[CAcert.org] Assurer Status Requirement Check on Organisation Adminstrators - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+
+ echo "oa-mailing sent to $xrows recipients.\n";
diff --git a/scripts/resetpermissions.php b/scripts/resetpermissions.php
new file mode 100644
index 0000000..0bfdaa3
--- /dev/null
+++ b/scripts/resetpermissions.php
@@ -0,0 +1,71 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+require_once(dirname(__FILE__).'/../includes/mysql.php');
+
+$flags = array('board', 'tverify');
+
+foreach ($flags as $flag) {
+ echo "Resetting $flag flag:\n";
+ $query = "select `id`, `fname`, `lname`, `email` from `users`
+ where `$flag` = 1";
+ if(! $res = mysql_query($query) ) {
+ fwrite(STDERR,
+ "MySQL query for flag $flag failed:\n".
+ "\"$query\"\n".
+ mysql_error()
+ );
+
+ continue;
+ }
+
+ while ($row = mysql_fetch_assoc($res)) {
+ echo "$row[fname] $row[lname] $row[email]";
+
+ $update = "update `users` set `$flag` = 0 where `id` = $row[id]";
+ if(! $res2 = mysql_query($update) ) {
+ echo " NOT RESET!!!\n";
+ fwrite(STDERR,
+ "MySQL query for $flag flag reset on user $row[id] failed:\n".
+ "\"$update\"\n".
+ mysql_error()
+ );
+
+ } else {
+
+ $message = <<<EOF
+Hi $row[fname],
+
+As per Arbitration a20110118.1 [1] the $flag permission has been removed
+from your account.
+
+[1] https://wiki.cacert.org/Arbitrations/a20110118.1
+
+Best Regards,
+CAcert Support
+EOF;
+ sendmail($row['email'], "Permissions have been reset", $message, 'support@cacert.org');
+
+ echo " reset.\n";
+ }
+ }
+
+ echo "\n\n";
+} \ No newline at end of file
diff --git a/scripts/send_thawte.php.txt b/scripts/send_thawte.php.txt
new file mode 100644
index 0000000..d3a9e77
--- /dev/null
+++ b/scripts/send_thawte.php.txt
@@ -0,0 +1,167 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2009 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+// english (use the same for foreign language, too)
+
+ $lines_EN = "";
+ if (file_exists("thawte_EN.txt"))
+ {
+ $fp = fopen("thawte_EN.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_EN .= $line;
+ }
+ fclose($fp);
+ }
+
+ $lines_DE = "";
+ if (file_exists("thawte_DE.txt"))
+ {
+ $fp = fopen("thawte_DE.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_DE .= $line;
+ }
+ fclose($fp);
+ }
+
+ $lines_NL = "";
+ if (file_exists("thawte_NL.txt"))
+ {
+ $fp = fopen("thawte_NL.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_NL .= $line;
+ }
+ fclose($fp);
+ }
+
+ $lines_FR = "";
+ if (file_exists("thawte_FR.txt"))
+ {
+ $fp = fopen("thawte_FR.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_FR .= $line;
+ }
+ fclose($fp);
+ }
+
+ $lines_ES = "";
+ if (file_exists("thawte_ES.txt"))
+ {
+ $fp = fopen("thawte_ES.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_ES .= $line;
+ }
+ fclose($fp);
+ }
+
+ $lines_RU = "";
+ if (file_exists("thawte_RU.txt"))
+ {
+ $fp = fopen("thawte_RU.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $line = wordwrap($line, 75, "\n")."\n";
+ $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
+ $lines_RU .= $line;
+ }
+ fclose($fp);
+ }
+
+// read last used id
+ $lastid = 0;
+ if (file_exists("send_thawte_lastid.txt"))
+ {
+ $fp = fopen("send_thawte_lastid.txt", "r");
+ $lastid = trim(fgets($fp, 4096));
+ fclose($fp);
+ }
+
+ echo "ID now: $lastid\n";
+
+
+ $count = 0;
+
+ $query = "select `id`,`fname`,`lname`,`email`,`language` from `users` where `deleted` = 0 and `id` > '$lastid' order by `id`";
+
+ $res = mysql_query($query);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ $mailtxt = "Hello ${row["fname"]} ${row["lname"]},\n".$lines_EN."\n\n";
+ switch ($row["language"])
+ {
+ case "de_DE":
+ case "de":
+ $mailtxt .= $lines_DE;
+ break;
+
+ case "nl_NL":
+ case "nl":
+ $mailtxt .= $lines_NL;
+ break;
+
+ case "fr_FR":
+ case "fr":
+ $mailtxt .= $lines_FR;
+ break;
+
+ case "es_ES":
+ case "es":
+ $mailtxt .= $lines_ES;
+ break;
+
+ case "ru_RU":
+ case "ru":
+ $mailtxt .= $lines_RU;
+ break;
+ }
+
+ sendmail($row['email'], "[CAcert.org] Changes at CAcert", $mailtxt, "mailing@cacert.org", "", "", "CAcert", "returns@cacert.org", "");
+
+ $fp = fopen("send_thawte_lastid.txt", "w");
+ fputs($fp, $row["id"]."\n");
+ fclose($fp);
+
+ $count++;
+ echo "Sent ${count}th mail. User ID: ${row["id"]}\n";
+
+ sleep (1);
+ }
+?>
diff --git a/scripts/thawte_DE.txt b/scripts/thawte_DE.txt
new file mode 100644
index 0000000..9f51516
--- /dev/null
+++ b/scripts/thawte_DE.txt
@@ -0,0 +1,35 @@
+Wir freuen uns, euch aktuelle Veränderungen bei CAcert zeigen zu können.
+
+Obwohl auch bisher schon viel getan wurde, geschah dies jedoch zumeist "unter der Haube". Heute jedoch möchten wir eine sichtbare Änderung ankündigen:
+
+
+ 1. Änderung der "Meine Punkte Seite"
+
+Die Punkte Liste im Menü unter "Meine Details" -> "Meine Punkte" wird erweitert. Wesentlicher Punkt ist: Die erhaltenen und vergebenen Assurance-Punkte werden neu ermittelt.
+
+War für die Darstellung bisher ausschlaggebend, wie viele Punkte der Empfänger bereits hatte und wurde ggf. entsprechend bis auf 0 Punkte abgerundet, so werden zukünftig genau die Punkte angezeigt, die auch vergeben wurden. Dabei kann ein Assuree auch in Zukunft nur maximal 100 Punkte durch Assurances angerechnet bekommen, indem er seine Identität überprüfen lässt (Assurance Points). Als Assurer kann er bis zu 50 Erfahrungspunkte sammeln, indem er die Identität anderer Mitglieder überprüft (Experience Points).
+
+Natürlich gehen durch diesen Schritt keine Punkte "verloren", sondern die Punkte werden nur verständlicher dargestellt.
+
+Durch die neue Darstellung wird der Berechnungsvorgang deutlich transparenter und nachvollziehbarer. Bitte schaut euch doch demnächst einmal die neue Punkteliste an. Diese findet ihr unter https://www.cacert.org/wot.php?id=15
+
+
+ 2. Tverify Punkte Streichung
+
+Damit einher geht auch der künftige Wegfall der bei einigen Mitgliedern eventuell noch von früher vorhandene Tverify-Punkten. Diese von der CA Thawte vergebenen Punkte können schon seit geraumer Zeit nicht mehr an CAcert-Mitglieder übertragen werden. Die bereits vergebenen Punkte können allerdings nicht nach vergebender Person unterschieden werden und sind deshalb durch CAcert nicht überprüfbar. Deshalb werden diese Punkte in naher Zukunft nicht mehr berücksichtigt. Es lohnt sich also im Zweifelsfall durch weitere CAcert Assurances zusätzliche Assurance Punkte zu erhalten.
+
+Mit diesen Maßnahmen wird ein weiterer Schritt umgesetzt, der für ein erfolgreiches Audit notwendig ist. Ein bestandenes Audit stellt einen wichtigen Baustein dar, um später als CA in die Browser aufgenommen zu werden.
+
+
+ 3. Überprüfung der Newsletter Einstellungen
+
+Einen weiteren, wichtigen Punkt möchten wir hier darüber hinaus an alle Empfänger dieses Newsletters richten: In Zukunft möchten wir gerne alle paar Monate einen Newsletter mit unseren wichtigsten Neuerungen versenden. Dieser Newsletter wurde an alle CAcert-Teilnehmer versendet. Bitte prüft eure Einstellungen im Menü von www.cacert.org unter "Meine Details" -> "Meine Benachrichtigungen" oder unter https://www.cacert.org/account.php?id=36 und klickt an, welche Newsletter ihr zukünftig wirklich bekommen möchtet. In Zukunft werden wir uns auf diese Angaben verlassen und nur an diejenigen die Newsletter verschicken, die zum entsprechenden Punkt eine Information wünschen.
+
+
+Viele Grüße,
+Alexander Bahlo
+Officer for public relations
+CAcert.org
+
+Weitere Infos zur neuen Zählweise im CAcert Wiki:
+https://wiki.cacert.org/FAQ/NewPointsCount
diff --git a/scripts/thawte_EN.txt b/scripts/thawte_EN.txt
new file mode 100644
index 0000000..37a5528
--- /dev/null
+++ b/scripts/thawte_EN.txt
@@ -0,0 +1,35 @@
+
+we are proud to announce recent changes in the CAcert website.
+
+Although there have been quite a few changes in the past, mostly they have happened "behind the scenes". Today we can announce more visible changes:
+
+
+ 1. Change to My Points page
+
+The Point list in the menu under "My Details" -> "My Points" will be enhanced. Main Point is: The Assurance Points received and given will be allocated in a new way. The crucial point was the working total of Assurance Points allocated to the Assuree. Previously, only the beneficial points were displayed, and points allocated in Assurances were rounded down if in excess of 100.
+
+From now on, all allocated points are displayed. The Assuree can still only benefit up to a maximum of 100 Assurance Points. As an Assurer, the member may benefit up to a maximum of 50 Experience Points by assuring other members. The new list will display the calculation much more transparently. Please have a look at the new points listing at https://www.cacert.org/wot.php?id=15
+
+
+ 2. Tverify points revoked
+
+Along with this change, all points allocated under the old Tverify program will be revoked in the near future. The Tverify program to transfer points allocated by Thawte Notaries across to CAcert members was stopped sometime ago. Tverify points cannot be verified by CAcert (for example, they cannot be distinguished between the different Notaries), and therefore, these points will be revoked soon. If you are unsure about your level of assurance, we recommend that you seek further assurance from CAcert Assurers.
+
+By performing these measures, we take another step towards a successful audit. Passing the audit is an important building block to be accepted as a CA in the internet browsers.
+
+
+ 3. Check your Alert Settings
+
+We would like to advise you of another important fact: In the future, we intend to send you further newsletters with our most important news, every few months. This present newsletter is being sent to all CAcert Community Member in a one-off mailing. For the future, please check your settings online at www.cacert.org under "My Details" -> "My Alert Settings" or at https://www.cacert.org/account.php?id=36 and choose which newsletters you want to receive. In the future, we intend to rely on your settings so as to send our newsletter only to those who wish to receive the specified information.
+
+
+Best regards,
+Alexander Bahlo
+Officer for Public Relations
+CAcert.org
+
+Further information on the New Points counting:
+https://wiki.cacert.org/FAQ/NewPointsCount
+
+
+
diff --git a/scripts/thawte_ES.txt b/scripts/thawte_ES.txt
new file mode 100644
index 0000000..4199a16
--- /dev/null
+++ b/scripts/thawte_ES.txt
@@ -0,0 +1,31 @@
+Anunciamos con orgullo los recientes cambios en el sitio web de Cacert
+
+Aunque ha habido algunos cambios en el pasado, muchos de ellos han tenido lugar “tras bambalinas”. Hoy, podemos anunciar cambios más visibles:
+
+
+1. Cambios en la página “Mis Puntos”
+
+La lista de puntos en la opción del menú “Mis Datos” → “Mis puntos” ha sido mejorada. El cambio principal es que los Puntos de Seguridad recibidos y emitidos serán mostrados bajo un nuevo esquema. Lo más destacado se encuentra en los Puntos de Seguridad asignados al Asegurado. Anteriormente, sólo los puntos obtenidos eran mostrados, y los puntos asignados en Certificaciones eran redondeadas a la baja si superaban los 100 puntos.
+
+A partir de ahora, se mostrarán todos los puntos asignados. El Asegurado aún puede beneficiarse solamente de un máximo de 100 Puntos de Seguridad. Como Asegurador, el miembro puede beneficiarse hasta un máximo de 50 puntos de experiencia al asegurar a otros miembros. El nuevo formato mostrará la disposición de una forma mucho más transparente. Por favor, dele un vistazo a la nueva lista de puntos en https://www.cacert.org/wot.php?id=15
+
+
+2. Revocación de los puntos Tverify
+
+En el conjunto de cambios, todos los puntos asignados mediante el viejo programa Tverify serán revocados en un futuro cercano. El programa Tverify para transferir los puntos asignados por Notarios de Thawte a miembros de Cacert fue detenido hace algún tiempo. Los puntos Tverify no pueden ser verificados por Cacert (por ejemplo, no se pueden distinguir los puntos emitidos por diferente notarios), y por lo tanto, dichos puntos serán revocados en breve. Si no está seguro acerca de su nivel de seguridad, recomendamos que aumente su nivel de seguridad a través de los Aseguradores de Cacert.
+
+Aplicando éstas medidas, damos otro paso hacia una auditoría exitosa. Superar la auditoría es un elemento importante para ser aceptado como un CA (Autoridad de Certificación) en los navegadores de internet.
+
+
+3. Actualice su configuración en la página “Mi Configuración de Alertas”
+
+Nos gustaría avisarle de otro hecho importante: En el futuro, tenemos la intención de enviar más boletines informativos con nuestras novedades y/o noticias más importantes cada pocos meses. Este boletín está siendo enviado en un único correo a todos los miembros de la comunidad CAcert. Para futuros envíos, le rogamos que revise su configuración en www.cacert.org en la opción de menú "Mis Datos" → "Mi Configuración de Alertas" o en https://www.cacert.org/account.php?id=36 y seleccione la listas que desea recibir. Tenemos la intención de utilizar su configuración para enviar solo la información que desee recibir.
+
+
+Saludos,
+Alexander Bahlo
+Officer for Public Relations
+CAcert.org
+
+Para más información sobre la nueva cuenta de puntos
+https://wiki.cacert.org/FAQ/NewPointsCount
diff --git a/scripts/thawte_FR.txt b/scripts/thawte_FR.txt
new file mode 100644
index 0000000..b16fa14
--- /dev/null
+++ b/scripts/thawte_FR.txt
@@ -0,0 +1,31 @@
+Nous sommes heureux d'annoncer les changements récents dans le site Web de CAcert.
+
+Il y a eu quelques changements par le passé, principalement des modifications non visibles pour l'utilisateur. Aujourd'hui, nous pouvons annoncer des changements plus importants :
+
+
+ 1. Changement sur la page "mes Points"
+
+La liste de points dans le menu « Mes Détails » -> « Mes Points » sera améliorée. Principalement, les accréditations "Points reçus" et "donnés" seront allouées d'une nouvelle manière. Le point crucial a été le travail sur le total des points d'accréditation alloués. Auparavant, seuls les points d'accréditation étaient affichés, maintenant ces points d'accréditations ont été arrondis si le total est supérieur à 100.
+
+Le membre qui a reçu des points d'accréditation ne peut bénéficier que d'un maximum de 100 Points. En tant qu'accréditeur, le membre peut bénéficier jusqu'à un maximum de 50 Points d'expérience en accréditant d'autres membres. La nouvelle liste affichera ce calcul en détail. Veuillez, s'il vous plait, regarder votre nouveau décompte de points à la page https://www.cacert.org/wot.php?id=15
+
+
+ 2. Les points "Tverify" révoquées
+
+Avec ce changement, tous les points attribués à la faveur de l'ancien programme "Tverify" seront révoqués prochainement. Le programme "Tverify" pour transférer des points attribués par des accréditeurs Thawte aux membres de CAcert a été arrêté il y a quelques mois. les points "Tverify" ne peuvent être vérifiées valablement par CAcert (par exemple, on ne peut distinguer les différents accréditeurs les ayant attribués), par conséquent, ces points seront abrogées bientôt. Si vous n'êtes pas certain de votre niveau d'accréditation, nous vous recommandons de vous renseigner auprès de la Communauté CAcert et de son support.
+
+En mettant en place ces mesures, nous franchisons une nouvelle étape vers la réalisation d'un audit de processus de l'Association. Cet audit est une étape importante pour être accepté comme une Autorité de Certification dans les navigateurs Internet.
+
+
+ 3. Vérifiez vos paramètres d'alerte
+
+Nous tenons à vous informer d'autres faits importants : à l'avenir, nous comptons vous envoyer d'autres bulletins d'informations importantes, périodiquement, au fil des mois. Ce présent bulletin est envoyé ponctuellement à tous les membres de la communauté CAcert. Veuillez vérifier en ligne vos paramètres de réception d'information sur www.cacert.org dans "Mes Details" -> "Mes paramètres d'alerte" ou à https://www.cacert.org/account.php?id=36 et choisissez les bulletins vous voulez recevoir. À l'avenir, nous avons l'intention de nous appuyer sur vos paramètres afin d'envoyer nos bulletins d'information à ceux qui désirent les recevoir.
+
+
+Cordialement,
+Alexander Bahlo
+Responsable des Relations Publiques
+CAcert.org
+
+Plus d'informations sur le nouveau décompte des Points :
+https://wiki.cacert.org/FAQ/NewPointsCount
diff --git a/scripts/thawte_NL.txt b/scripts/thawte_NL.txt
new file mode 100644
index 0000000..55e0531
--- /dev/null
+++ b/scripts/thawte_NL.txt
@@ -0,0 +1,35 @@
+We zijn blij u te laten weten dat recent onze CAcert website een aantal veranderingen heeft ondergaan.
+
+Ook al zijn er al vele wijzigingen geweest in het verleden, de meeste hiervan waren alleen achter de schermen zichtbaar. Vandaag kunnen we een aantal meer zichtbare veranderingen aankondigen:
+
+
+ 1. Veranderingen aan de 'Mijn Punten' pagina.
+
+De punten lijst, te vinden onder "Mijn Details" -> "Mijn Punten" in het menu, zal verbeteren.
+Belangrijkste wijziging: De Waarmerk punten die u ontvangt en geeft zullen op een nieuwe manier toegekend worden. De cruciale verandering is de aanpassing hoe het totaal aantal toegewezen Waarmerk Punten aan de gewaarmerkte wordt getoond. In het verleden werden alleen de punten getoond welke strict noodzakelijk waren, waarbij afgerond werd naar beneden als het totaal boven de 100 punten kwam.
+
+Vanaf nu zullen alle toegewezen punten worden getoond. De Gewaarmerkte kan nog steeds maar profiteren van maximaal 100 Waarmerk Punten. Als waarmerker kan een deelnemer maximaal profiteren van 50 Ervarings-Punten door andere deelnemers te waarmerken. De nieuwe lijst zal de berekening transparanter maken. Neem a.u.b. een kijkje op https://www.cacert.org/wot.php?id=15 om te zien hoe de nieuwe punten weergave er uit ziet.
+
+
+ 2. Tverify punten ingetrokken.
+
+Samen met deze verandering zullen ook alle punten die in het verleden zijn toegewezen onder het oude 'Tverify programma' over afzienbare tijd worden ingetrokken. Het Tverify programma (om punten toegekend door Thawte Waarmerkers over te zetten naar CAcert Deelnemers) is al enige tijd geleden stil gezet. Tverify punten vallen buiten de controle van CAcert (er kan bijvoorbeeld geen onderscheid worden gemaakt tussen verschillende waarmerkers), daarom worden deze punten binnen afzienbare tijd ingetrokken.
+Als u niet zeker bent over uw waarmerk niveau, raden wij u aan meer waarmerkingen te zoeken bij CAcert Waarmerkers.
+
+Door deze stappen te nemen komt een succesvolle audit een stap dichterbij. De audit rond krijgen is belangrijk om geaccepteerd te worden als CA in de internetbrowsers.
+
+
+ 3. Controleer uw Waarschuwing instellingen.
+
+Wij willen u graag wijzen op een ander belangrijk feit: In de toekomst willen wij u graag, eens in de zoveel maanden, een nieuwsbrief sturen met belangrijk nieuws.
+Deze eenmalige nieuwsbrief hebben we naar alle CAcert deelnemers toe gestuurd. Controleer s.v.p. uw instellingen, te vinden op www.cacert.org onder "Mijn Gegevens" -> "Mijn Waarschuwingen" of op https://www.cacert.org/account.php?id=36, en geef aan welke nieuwsbrieven u wilt ontvangen. In de toekomst zullen wij u alleen de door u aangegeven nieuwsbrieven toesturen.
+
+
+Met vriendelijke groet,
+
+Alexander Bahlo
+Officer for Public Relations
+CAcert.org
+
+Meer informatie over het Nieuwe Punten tel systeem is te vinden op:
+https://wiki.cacert.org/FAQ/NewPointsCount
diff --git a/scripts/thawte_RU.txt b/scripts/thawte_RU.txt
new file mode 100644
index 0000000..84548af
--- /dev/null
+++ b/scripts/thawte_RU.txt
@@ -0,0 +1,31 @@
+Mы рады сообщить об изменениях на веб-сайте CAcert.
+
+Изменения были и раньше, но проходили они большей частью "за сценой". Сегодня мы хотим сообщить о наиболее важных из них:
+
+
+ 1. Изменения в странице My Points (Мои пункты)
+
+Список пунктов доступный в меню "My Details" -> "My Points" будет усовершенствован. Главное изменение: выданные и полученные Пункты Подтверждения (Assurance Points) будут начисляться по-новому, а именно в том, что касается суммарного количество пунктов, начисленных подтверждаемому участнику (Assuree). Раньше показывались только действующие пункты, а те, что превышали границу в 100 пунктов, просто округлялись до значения 100.
+
+Теперь показываются все начисленные пункты. Подтверждаемый (Assuree) по-прежнему может заработать максимум 100 пунктов. Подтверждающий (Assurer) может заработать ещё до 50 пунктов подтверждая других. В новом списке эти вычисления будут показаны более прозрачно. Пожалуйста, посмотрите на новый список здесь: https://www.cacert.org/wot.php?id=15
+
+
+ 2. Отозваны пункты Tverify
+
+В связи с этим, все пункты, которые были начислены по старой программе Tverify, будут удалены в ближайшем будущем. Программа Tverify по передаче пунктов, выданных нотариусами Thawte участникам CAcert, была некоторое время назад приостановлена. Пункты Thawte не могут быть проверены CAcert (например, нельзя различить пункты, выданные разными нотариусами), в связи с чем такие пункты в ближайшем времени будут удалены. Если вы сомневаетесь в своём уровне подтверждения (level of assurance), советуем вам пройти дополнительное подтверждение у участников CAcert, имеющих право подтверждения (CAcert Assurers).
+
+Предпринимая эти меры, мы делаем ещё один шаг к успешному аудиту. Пройти аудит — это важный элемент, для того чтобы стать принятым CA в Интернет-браузерах.
+
+
+ 3. Проверьте ваши настройки оповещений (Alert Settings)
+
+Мы хотели бы сообщить вам об ещё одном важном факте: в будущем мы намерены каждые несколько месяцев отправлять вам почтовые сообщения с наиболее важными новостями. Сейчас мы отправляем одно сообщение со всеми новостями внутри. В будущем мы хотим отправлять вам сообщения исходя из того, какие темы вы укажете в своих настройках. Проверьте, пожалуйста, свои настройки в "My Details" -> "My Alert Settings" или на https://www.cacert.org/account.php?id=36, и выберите, какие сообщения вы хотите получать.
+
+
+С наилучшими пожеланиями,
+Александр Бахло (Alexander Bahlo)
+Ответственный по связям с общественностью CAcert.org
+(Officer for Public Relations CAcert.org)
+
+Дополнительная информация о подсчёте пунктов:
+https://wiki.cacert.org/FAQ/NewPointsCount
diff --git a/www/.htaccess b/www/.htaccess
index bd01047..cc48170 100644
--- a/www/.htaccess
+++ b/www/.htaccess
@@ -4,4 +4,4 @@ errordocument 404 /error404.php
errordocument 403 /error403.php
errordocument 401 /error401.php
-RedirectPermanent /cps.php http://www.cacert.org/policy/CertificationPracticeStatement.php
+RedirectPermanent /cps.php http://www.cacert.org/policy/CertificationPracticeStatement.html
diff --git a/www/account.php b/www/account.php
index 434053f..c7f34a3 100644
--- a/www/account.php
+++ b/www/account.php
@@ -25,34 +25,35 @@
} else if($id == 19) {
include_once("../pages/account/19.php");
exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] != "yes") {
- $who = stripslashes($_REQUEST['who']);
- $email = stripslashes($_REQUEST['email']);
- $subject = stripslashes($_REQUEST['subject']);
- $message = stripslashes($_REQUEST['message']);
-
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, $email, "", "CAcert Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] == "yes") {
+ } else if($oldid == 40 && $_REQUEST['process'] != "") {
$who = stripslashes($_REQUEST['who']);
$email = stripslashes($_REQUEST['email']);
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
- sendmail("cacert-support@lists.cacert.org, $email", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
-
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
} else if($id == 51 && $_GET['img'] == "show") {
$query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0";
$res = mysql_query($query);
@@ -64,6 +65,10 @@
die("No such file.");
}
exit;
+ } else if ($id == 37) {
+ $protocol = $_SERVER['HTTPS'] ? 'https' : 'http';
+ $newUrl = $protocol . '://wiki.cacert.org/FAQ/AboutUs';
+ header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
} else {
showheader(_("My CAcert.org Account!"));
includeit($id, "account");
diff --git a/www/advertising.php b/www/advertising.php
index e987461..43e4f93 100644
--- a/www/advertising.php
+++ b/www/advertising.php
@@ -47,7 +47,7 @@
if($months < 1 || $months > 12)
{
$id = 1;
- $errmsg .= _("You can only place an advertisement for up to 12 months.<br />");
+ $errmsg .= _("You can only place an advertisement for up to 12 months.")."<br />";
$process="";
$oldid=0;
}
@@ -55,7 +55,7 @@
if(strlen($title) <= 5)
{
$id = 1;
- $errmsg .= _("Link title was too short.<br />");
+ $errmsg .= _("Link title was too short.")."<br />";
$process="";
$oldid=0;
}
@@ -63,7 +63,7 @@
if(strlen($link) <= 10)
{
$id = 1;
- $errmsg .= _("Link URI was too short.<br />");
+ $errmsg .= _("Link URI was too short.")."<br />";
$process="";
$oldid=0;
}
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index a4ec71e..7efdf8d 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -15,6 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+require_once '../../includes/lib/check_weak_key.php';
+
$username = mysql_real_escape_string($_REQUEST['username']);
$password = mysql_real_escape_string($_REQUEST['password']);
diff --git a/www/cap.html.php b/www/cap.html.php
index cc3fad6..8e5fe01 100644
--- a/www/cap.html.php
+++ b/www/cap.html.php
@@ -146,7 +146,7 @@
echo '<tbody>', "\n";
echo '<tr>', "\n";
echo ' <td colspan="3">'._("Make sure you have read and agreed with the CAcert Community Agreement");
- echo '(<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php">CCA</a>)<br>', "\n";
+ echo '(<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.html">CCA</a>)<br>', "\n";
echo '</td>', " \n", '</tr>', "\n";
/*
echo '</tbody>', "\n";
@@ -158,7 +158,7 @@
echo '</td>', "\n".'</tr>', "\n";
echo '<tr>', "\n". ' <td colspan="3"><input type="checkbox" checked name="checked" value="2"> ';
echo _("I agree to the CAcert Community Agreement.").' (';
- echo '<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php">CCA</a>)</dd>', "\n";
+ echo '<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.html">CCA</a>)</dd>', "\n";
echo '</td>', "\n".'</tr>', "\n";
/*
echo '</tbody>', "\n";
diff --git a/www/cap.php b/www/cap.php
index 6b08d38..40b269a 100644
--- a/www/cap.php
+++ b/www/cap.php
@@ -15,7 +15,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- if($_SESSION['_config']['language'] != "ja_JP")
+ if($_SESSION['_config']['language'] != "ja")
{
define('FPDF_FONTPATH','/usr/share/fpdf/font/');
require_once('/usr/share/ufpdf/fpdf.php');
@@ -35,7 +35,7 @@
{
$this->Image((array_key_exists('bw',$_REQUEST) && $_REQUEST['bw'])?'images/CAcert-logo-mono-1000.png':'images/CAcert-logo-colour-1000.png',8,8,100);
$this->SetFont('Arial','B',14);
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',14);
$this->Cell(100);
$this->Cell(40,20,recode($_SESSION['_config']['recode'], _("CAcert Assurance Programme")));
@@ -46,12 +46,12 @@
$this->SetY(36);
$this->SetFont('Arial','I',8);
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','I',8);
- $this->Cell(0,0,'CAcert Inc. - P.O. Box 4107 - Denistone East NSW 2112 - Australia - http://www.CAcert.org',0,0,'C');
+ $this->Cell(0,0,'CAcert Inc. - PO Box 66 - Oatley NSW 2223 - Australia - http://www.CAcert.org',0,0,'C');
$this->Ln(3);
$this->SetFont('Arial','',6);
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',6);
$this->Cell(0,0, recode($_SESSION['_config']['recode'], _("CAcert's Root Certificate fingerprints")).": A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B "._("and")." 135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33",0,0,'C');
$this->SetLineWidth(0.05);
@@ -71,7 +71,7 @@
// Show text blurb at top of page
$this->SetY(45);
$this->SetFont('Arial','',10);
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',10);
$this->Write(4,sprintf(recode($_SESSION['_config']['recode'], _("To the Assurer: The CAcert Assurance Programme (CAP) aims to verify the identities of Internet users through face-to-face witnessing of government issued identity documents. The Applicant asks you to verify to CAcert.org that you have met them and verified their identity against one or more original, trusted, government photo identity documents. If you have ANY doubts or concerns about the Applicant's identity, DO NOT COMPLETE OR SIGN this form. For more information about the CAcert Assurance Programme, including detailed guides for CAcert Assurers, please visit: %s")), "http://www.CAcert.org"));
$this->Ln(10);
@@ -84,21 +84,21 @@
$this->Rect(11, $top, $this->w - 25, 60, "D"); //50 -> 60
$this->SetXY(11, $top + 5);
$this->SetFont("Arial", "BUI", "20");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','BUI',20);
$this->Write(0, recode($_SESSION['_config']['recode'], _("Applicant's Statement")));
$this->Rect(13, $top + 10, $this->w - 29, 6, "D");
$this->Line(80, $top + 10, 80, $top + 16);
$this->SetXY(15, $top + 13);
$this->SetFont("Arial", "B", "12");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','B',12);
$this->Write(0, recode($_SESSION['_config']['recode'], _("Names")).":");
if($name)
{
$this->SetXY(82, $top + 13);
$this->SetFont("Arial", '', "11");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',11);
$this->Write(0, $name);
}
@@ -106,18 +106,18 @@
$this->Line(80, $top + 16, 80, $top + 22);
$this->SetXY(15, $top + 19);
$this->SetFont("Arial", "B", "12");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','B',12);
$this->Write(0, recode($_SESSION['_config']['recode'], _("Date of Birth")).": ");
$this->SetFont("Arial", "", "8");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',8);
$this->Write(0, "(".recode($_SESSION['_config']['recode'], _("YYYY-MM-DD")).")");
if($dob)
{
$this->SetXY(82, $top + 19);
$this->SetFont("Arial", "", "11");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',11);
$this->Write(0, $dob);
}
@@ -125,28 +125,28 @@
$this->Line(80, $top + 22, 80, $top + 28);
$this->SetXY(15, $top + 25);
$this->SetFont("Arial", "B", "12");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','B',12);
$this->Write(0, recode($_SESSION['_config']['recode'], _("Email Address")).":");
if($email)
{
$this->SetXY(82, $top + 25);
$this->SetFont("Arial", "", "11");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',11);
$this->Write(0, $email);
}
$this->SetXY(13, $top + 32);
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->MultiCell($this->w - 29, 3, recode($_SESSION['_config']['recode'], _("I hereby confirm that the information stated above is both true and correct, and request the CAcert Assurer (identified below) to verify me according to CAcert Assurance Policy.")));
// new da start
$this->SetXY(13, $top + 42);
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
- $this->MultiCell($this->w - 29, 3, recode($_SESSION['_config']['recode'], _("I agree to the CAcert Community Agreement.")." ( http://www.cacert.org/policy/CAcertCommunityAgreement.php )"));
+ $this->MultiCell($this->w - 29, 3, recode($_SESSION['_config']['recode'], _("I agree to the CAcert Community Agreement.")." ( http://www.cacert.org/policy/CAcertCommunityAgreement.html )"));
// new da end
$this->SetXY(13, $top + 55); //45->55
$this->Write(0, recode($_SESSION['_config']['recode'], _("Applicant's signature")).": __________________________________");
@@ -157,7 +157,7 @@
$this->Write(0, "20___-___-___");
} else {
$this->SetFont("Arial", "U", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
$this->Write(0, str_pad($date, 13, " "));
}
@@ -167,18 +167,18 @@
$this->Rect(11, $top, $this->w - 25, 83, "D"); //63->93
$this->SetXY(11, $top + 5);
$this->SetFont("Arial", "BUI", "20");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','BUI',20);
$this->Write(0, recode($_SESSION['_config']['recode'], _("CAcert Assurer")));
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 15);
if($assurer)
{
$this->Write(0, recode($_SESSION['_config']['recode'], _("Assurer's Name")).": ");
$this->SetFont("Arial", "", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
// $this->MultiCell($this->w - 70, 2, recode($_SESSION['_config']['recode'], $assurer));
$this->Write(0, str_pad($assurer, 50, " "));
@@ -187,7 +187,7 @@
$this->Write(0, recode($_SESSION['_config']['recode'], _("Assurer's Name")).": ________________________________________________________________");
}
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 22);
$this->MultiCell($this->w - 34, 3, recode($_SESSION['_config']['recode'], _("Photo ID Shown: (ID types, not numbers. eg Drivers license, Passport)")));
@@ -198,12 +198,12 @@
} else {
$this->Write(0, "1. ");
$this->SetFont("Arial", "U", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
$this->Write(0, str_pad($document1, 90, " "));
}
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 35);
if($document2 == "")
@@ -212,12 +212,12 @@
} else {
$this->Write(0, "2. ");
$this->SetFont("Arial", "U", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
$this->Write(0, str_pad($document2, 90, " "));
}
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 45);
$this->Write(0, recode($_SESSION['_config']['recode'], _("Location of Face-to-face Meeting")).": ");
@@ -226,12 +226,12 @@
$this->Write(0, "_____________________________________________");
} else {
$this->SetFont("Arial", "U", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
$this->Write(0, str_pad($location, 70, " "));
}
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 50);
if($maxpoints > 0)
@@ -241,7 +241,7 @@
$this->Write(0, recode($_SESSION['_config']['recode'], _("Points Allocated")).": ______________");
}
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 54);
$this->MultiCell($this->w - 33, 3, recode($_SESSION['_config']['recode'], _("I, the Assurer, hereby confirm that I have verified the Member according to CAcert Assurance Policy.")));
@@ -249,7 +249,7 @@
$this->MultiCell($this->w - 33, 3, recode($_SESSION['_config']['recode'], _("I am a CAcert Community Member, have passed the Assurance Challenge, and have been assured with at least 100 Assurance Points.")));
$this->SetFont("Arial", "", "9");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','',9);
$this->SetXY(13, $top + 74); //22->67
$this->Write(0, recode($_SESSION['_config']['recode'], _("Assurer's signature")).": __________________________________");
@@ -260,12 +260,12 @@
$this->Write(0, "20___-___-___");
} else {
$this->SetFont("Arial", "U", "10");
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','U',10);
$this->Write(0, str_pad($date, 13, " "));
}
- }
+ }
}
$format = array_key_exists('format',$_REQUEST)?$_REQUEST['format']:"";
@@ -277,13 +277,13 @@
$maxpoints = 0;
$pdf = new PDF('P', 'mm', $format);
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
$pdf->AddSJISFont();
$pdf->Open();
$pdf->AddPage();
$pdf->Body(array_key_exists('name',$_REQUEST)?$_REQUEST['name']:"", array_key_exists('dob',$_REQUEST)?$_REQUEST['dob']:"", array_key_exists('email',$_REQUEST)?$_REQUEST['email']:"", array_key_exists('assurer',$_REQUEST)?$_REQUEST['assurer']:"", array_key_exists('date',$_REQUEST)?$_REQUEST['date']:"", $maxpoints, array_key_exists('document1',$_REQUEST)?$_REQUEST['document1']:"", array_key_exists('document2',$_REQUEST)?$_REQUEST['document2']:"", array_key_exists('location',$_REQUEST)?$_REQUEST['location']:"");
header("Expires: ".gmdate("D, j M Y G:i:s \G\M\T", time()+10800));
- header("Content-Disposition: attachment; filename=cap.pdf");
+ header("Content-Disposition: attachment; filename=cap.pdf");
header("Cache-Control: public, max-age=10800");
header("Pragma: cache");
$pdf->output();
diff --git a/www/capnew.php b/www/capnew.php
index 3136993..273b0e6 100644
--- a/www/capnew.php
+++ b/www/capnew.php
@@ -17,8 +17,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-// $Id: capnew.php,v 1.3 2011-06-10 18:30:41 wytze Exp $
-define('REV', '$Revision: 1.3 $');
+// $Id: capnew.php,v 1.4 2012-01-24 14:26:05 root Exp $
+define('REV', '$Revision: 1.4 $');
/*
** Created from old cap.php 2003, which used the now obsoleted ftpdf package
@@ -68,7 +68,7 @@ define('REV', '$Revision: 1.3 $');
** On transliteration and abbreviation of a name:
** if shoes a std way show accepted conversion as pdf comment
** Orientation: on landscape (dflt) print 2-up
-** PDF URL links are used to web, wiki, and faq for more info search
+** PDF URL links are used to web, wiki, and faq for more info search
** Only on non-ascii chars in a name the utf8 routines are loaded
** PDF reader has wiki info url's and easy email feedback
** ENABLED:
@@ -92,7 +92,7 @@ define('REV', '$Revision: 1.3 $');
** recode(), recode_string(0 is said to have too many (japanese) defeats
** recode_string() is only used on GET[] input (html->utf-8),
** UTF-8 use routines from http://www.sourceforge.net/projects/phputf8
-** which replaces php recode() package.
+** which replaces php recode() package.
** on many places own utf-8 handling code exists and is loaded (tcpdf problem)
** _() translation routine. The returned HTML string is translated to utf-8 string.
** the GET() routines expects utf-8 code (see test defs) but might be changed
@@ -168,7 +168,7 @@ define('REV', '$Revision: 1.3 $');
** $_GET['format'] paper format required A0-A6,Letter, Folio, B0-B6 (dflt A4)
** $_GET['watermark'] watermark on the page
** $_GET['orientation'] paper orientation default 'portrait'
-** $_SESSION['_config']['language'] for 'ja_JP' japanese default != ja_JP
+** $_SESSION['_config']['language'] for 'ja' japanese default != ja
** $_SESSION['_config']['recode'] = 'format' recode() uses it: needed ?
** recode() is aliased to php lib function recode_string()
** $_REQUEST['bw'] if exists use black/white, default use colour
@@ -196,7 +196,7 @@ define('REV', '$Revision: 1.3 $');
** Form Revision string is generated from RCS revision string.
** More info on PDF fields:
** http://www.adobe.com/devnet/acrobat/pdfs/js_developer_guide.pdf
-**
+**
*/
// use next define if you test this code
@@ -235,7 +235,7 @@ if( defined( 'TEST' ) ) {
//$_GET['orientation'] = 'portrait'; // default 2 pages, or portrait
}
$_GET['nocca'] = isset($_SERVER['CCA']) ? $_SERVER['CCA'] : '';
- //$_GET['policy1'] = 'policy/PolicyOnPolicy.php';
+ //$_GET['policy1'] = 'policy/PolicyOnPolicy.html';
if( isset($_SERVER['FORM']) AND $_SERVER['FORM'] == 'noform' )
$_GET['noform'] = 'true';
@@ -310,7 +310,7 @@ define('ARBIT', WIKI.'/ArbitrationForum');
// CAcert Community Agreement
define('CCA', 'CAcertCommunityAgreement'); // default policy to print
define('POLICY','policy/'); // default polciy doc directory
-define('EXT','.php'); // default polciy doc extention, should be html
+define('EXT','.html'); // default polciy doc extention, should be html
/* finger print CAcert Root Key */ // should obtain this automatically
define('CLASS1_SHA1','135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33');
define('CLASS3_SHA1','AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE');
@@ -336,7 +336,7 @@ define('DFL_FORMAT', 'html..utf-8');
// Japanese is not supported?
if( array_key_exists('_config', $_SESSION) ) {
if( isset($_SESSION['_config']['language']) ) {
- if($_SESSION['_config']['language'] == 'ja_JP')
+ if($_SESSION['_config']['language'] == 'ja')
define('FONT','SJIS');
else define( 'FONT', 'freesans');
}
@@ -387,7 +387,7 @@ function utf8_is_ascii_ctrl($str) {
// extend TCPF with custom functions
class CAPPDF extends TCPDF {
- // do cap form version numbering automatically '$Revision: 1.3 $'
+ // do cap form version numbering automatically '$Revision: 1.4 $'
/*public*/ function Version() {
strtok(REV, ' ');
return(strtok(' '));
@@ -484,16 +484,16 @@ class CAPPDF extends TCPDF {
//number of colums
/*protected*/ var $ncols=1;
-
+
// columns width
/*protected*/ var $colwidth=0;
// space between columns
/*protected*/ var $column_space = 0;
-
+
//Current column
/*protected*/ var $col=0;
-
+
//Ordinate of column start
/*protected*/ var $y0;
@@ -535,7 +535,7 @@ class CAPPDF extends TCPDF {
$this->SetDisplayMode(intval($this->scale), 'SinglePage', 'UseOC');
return( $format );
}
-
+
//Set position at a given column
/*private*/ function SetCol($col = -1) {
static $pagecolwidth = 1.0;
@@ -576,7 +576,7 @@ class CAPPDF extends TCPDF {
$this->myFooter(); // print footer msg if defined
}
if( $col >= $this->ncols ) {
- $this->addPage(); $col = 0;
+ $this->addPage(); $col = 0;
$this->ScaleXY($this->scale,0,0);
$this->y0 = 0; //no header/footer done...
} elseif ( $col > 0 AND $col < $this->ncols) {
@@ -599,7 +599,7 @@ class CAPPDF extends TCPDF {
$this->PrintTable('', 0); // if in table reprint title table
$this->InFooter = false;
}
-
+
//Method accepting or not automatic page break
/*public*/ function AcceptPageBreak() {
$this->SetCol();
@@ -688,7 +688,7 @@ class CAPPDF extends TCPDF {
elseif( preg_match('/\./', $nm ) ) {
if( $first_name < 0 ) $first_name = $j;
if( $first_name >= 0 ) $success = TRUE; // was abbreviated
- continue; // title
+ continue; // title
}
if( $first_name < 0 ) $first_name = $j;
if( $married == 0 ) $fam = $j;
@@ -710,7 +710,7 @@ class CAPPDF extends TCPDF {
elseif( preg_match('/\./', $nm ) ) $name .= $nm;
elseif( $j < $fam ) { // need to abbreviate
// not utf8
- // and abbreviate
+ // and abbreviate
if( $j == $first_name )
$abr = '('. $substr( $nm, 1 ) . ')';
else $abr = '.';
@@ -724,7 +724,7 @@ class CAPPDF extends TCPDF {
$nm = $tk[0];
if( $ext < 0 AND preg_match('/(^[^A-Z]|\.)/', $nm ) ) continue;
if( $ext < 0 ) $ext = $j+1;
- if( preg_match('/\./', $nm ) ) { $success = TRUE; break; }
+ if( preg_match('/\./', $nm ) ) { $success = TRUE; break; }
}
return( $success? $name : '' ); // and return abbriviated name
}
@@ -841,7 +841,7 @@ class CAPPDF extends TCPDF {
$this->StatementAssuree( $assuree['date']);
$this->StatementAssurer( $assurer, $assurance );
}
-
+
//Add form and/or CCA (on duplex only when more as one page is printed)
/*public*/ function PrintForm( $assuree = NULL, $assurer = NULL, $assurance = NULL, $page = NULL ) {
@@ -1033,7 +1033,7 @@ class CAPPDF extends TCPDF {
$this->Line($this->lMargin,$tSide+$height,$this->lMargin+$this->colwidth,$tSide+$height);
$this->Line($this->lMargin+$this->colwidth,$tSide-1, $this->lMargin+$this->colwidth, $tSide+$height);
$this->SetDrawColor(0);
- $this->SetY($tSide + $height + 1); // set Y ordinate to plus 7
+ $this->SetY($tSide + $height + 1); // set Y ordinate to plus 7
$tSide = -1; $title = '';
return($this->GetY());
}
@@ -1045,7 +1045,7 @@ class CAPPDF extends TCPDF {
$id_type = $names == NULL ? '' : $names['idtype'];
// store current margin values
static $nr = 0;
- static $idtypes = NULL;
+ static $idtypes = NULL;
static $listpoints = NULL;
static $ComboProps = array( 'fillColor'=> LBLUE, 'strokeColor'=> LLBLUE, 'editable'=> 'true', 'textSize' => 9, 'rotate'=> '0');
static $TextProps = array('strokeColor'=> LLBLUE, 'value' => ' ', 'fillColor'=> LBLUE, 'doNotScrole'=> 'false', 'textSize' => 12, 'rotate'=> '0');
@@ -1146,7 +1146,7 @@ class CAPPDF extends TCPDF {
$this->SetFont(FONT, 'B', (F_SIZE+1)/6*H);
$this->Cell($this->colwidth-37, 2, '('.$id_type .')', 0, 0, 'R');
// hide id type print on screen with the formfields, just nicety
- // one could extend the name field, but this has more drawbacks
+ // one could extend the name field, but this has more drawbacks
$this->TextField(sprintf('AssureeNames_%d_None',$nr), $this->SetFieldXY($this->lMargin+$this->colwidth-38,$savey+0.5,20), 7/6*H, $TextBlankProps);
$this->SetFieldXY();
}
@@ -1200,7 +1200,7 @@ class CAPPDF extends TCPDF {
// all (max) three names with ID type right aligned.
$cnt = $assuree['namecnt'];
$space = $this->getPageHeight()/$this->scale*100.0 -MINH ; // margin
- for( $i = 0; $i < $cnt; $i++ ) { // names to be printed
+ for( $i = 0; $i < $cnt; $i++ ) { // names to be printed
$this->PrintName( $assuree['names'][$i], $assurer['maxpoints'] < 0? 35: $assurer['maxpoints'] );
if( $space < $this->getY() ) break;
}
@@ -1390,7 +1390,7 @@ class CAPPDF extends TCPDF {
$this->SetFieldXY();
$TextProps['value'] = $assurer['email'] ? $assurer['email'] : $this->unhtmlentities( _('email') ) . '?';
$TextProps['userName'] = $this->unhtmlentities( _('On mutual assurance provide email address of Assurer.') );
- $this->TextField('AssurerEmail', $this->SetFieldXY($this->lMargin+68.5, $savey+1, 35), 5, $TextProps );
+ $this->TextField('AssurerEmail', $this->SetFieldXY($this->lMargin+68.5, $savey+1, 35), 5, $TextProps );
$this->SetFieldXY();
$this->SetXY($this->lMargin+2, $savey+5);
@@ -1457,7 +1457,7 @@ class CAPPDF extends TCPDF {
// get $form, $orientation, $assuree, $assurer, $assurance info
// FONT and BW are set already
-// import info
+// import info
function GET( $key = '' ) {
return ( array_key_exists( $key, $_GET) ? $_GET[$key] : '');
}
@@ -1532,7 +1532,7 @@ for( $i = 1; $i <= 9 AND $j < 2; $i++) { // max 9 names we only print 4 max...
$assuree[ 'namecnt' ]++;
$assuree[ 'names' ] [] = array (
'name' => $name ? $name : '',
- 'idtype' => my_recode(GET(Dstr('ID',$i)))? my_recode(GET(Dstr('ID',$i))) : '',
+ 'idtype' => my_recode(GET(Dstr('ID',$i)))? my_recode(GET(Dstr('ID',$i))) : '',
'points' => my_recode(GET(Dstr('Pnts',$i))) != '' ? intval(my_recode(GET(Dstr('Pnts',$i)))) : -1
);
if( $name != '' AND
@@ -1565,7 +1565,7 @@ unset( $document ); unset( $i ); unset( $j); // unset($_GET);
PDF_UNIT /* mm */,
/* PDF_PAGE_FORMAT */ $page['format'],
true
- );
+ );
$pdf->SetFormat( $page['format'] ); // set paper size scaling
// protection is encryption and this will cause 3.5 times performance loss
@@ -1588,10 +1588,10 @@ unset( $document ); unset( $i ); unset( $j); // unset($_GET);
$pdf->SetAutoPageBreak(TRUE, MARGIN*0.707);
//set image scale factor
- $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
+ $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
//set some language-dependent strings
- $pdf->setLanguageArray($l);
+ $pdf->setLanguageArray($l);
//initialize document
$pdf->AliasNbPages();
@@ -1608,6 +1608,6 @@ unset( $document ); unset( $i ); unset( $j); // unset($_GET);
$pdf->Output('CAcert CAP.pdf', 'I');
//============================================================+
-// END OF FILE
+// END OF FILE
//============================================================+
?>
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 6d77a75..feb92d4 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -24,13 +24,15 @@
API for CATS to import passed tests into main CAcert database.
*/
+require_once('../../includes/lib/account.php');
+
function sanitize_string($buffer) {
return htmlentities(utf8_decode($buffer), (int)ENQ_QUOTES);
}
define ('UNDEFINED', 'nd');
-define ('ALLOWED_IP', '213.154.225.228');
-define ('ALLOWED_IP2', '193.238.157.112');
+define ('ALLOWED_IP', '213.154.225.243');
+define ('ALLOWED_IP2', '172.16.2.27');
define ('CONFIG_FILEPATH', '/www/');
$remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED;
@@ -154,8 +156,7 @@ if (!$query) {
}
// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
-$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`) AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100;'); // Challenge has been passed and non-expired points >= 100
-if (!$query) {
+if (!fix_assurer_flag($userID)) {
echo 'Invalid query'."\r\n";
trigger_error('Invalid query', E_USER_ERROR);
exit();
diff --git a/www/certs/CAcert_Root_Certificates.msi b/www/certs/CAcert_Root_Certificates.msi
new file mode 100644
index 0000000..f60567e
--- /dev/null
+++ b/www/certs/CAcert_Root_Certificates.msi
Binary files differ
diff --git a/www/coap.html.php b/www/coap.html.php
index 8c2479c..6291ea2 100644
--- a/www/coap.html.php
+++ b/www/coap.html.php
@@ -29,7 +29,7 @@
<body>
-<style type="text/css">
+<style type="text/css">
table#TAB1 {border-color: rgb(173,197,215); border-top: solid 5px rgb(173,197,215); border-left: solid 5px rgb(173,197,215);}
table#TAB1 td { border: 0 }
</style>
@@ -121,7 +121,7 @@ table#TAB1 td { border: 0 }
<?php
for ( $i = 0; $i < 2; $i++ ) {
echo '<tr>', "\n", ' <td>';
- if ( $i < 1 ) { echo _("Registered Trade Names");}
+ if ( $i < 1 ) { echo _("Registered Trade Names");}
echo '</td>', "\n";
for ( $j = 1; $j <= 3; $j++ ) {
printf(" <td align=\"%s\"><input size=\"25\" maxlength=\"80\" name=\"dba%d\"></td>\n", $j > 2 ? "right" : ($j > 2 ? "center" : "left") , $i * 3 + $j);
@@ -189,7 +189,7 @@ table#TAB1 td { border: 0 }
<?php
echo _("Make sure you have read and agreed with the CAcert Community Agreement");
?>
- (<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php">CCA</a>)</i><br></td>
+ (<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.html">CCA</a>)</i><br></td>
</tr>
<tr><td colspan=2><p></td></tr>
<tr>
@@ -210,7 +210,7 @@ table#TAB1 td { border: 0 }
<?php
echo ' '. _("I agree to the CAcert Community Agreement.").' (';
?>
-<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php">CCA</a>)</dd></td>
+<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.html">CCA</a>)</dd></td>
</tr>
<tr>
<td colspan="2"><input type="checkbox" checked name="checked" value="2">
@@ -281,7 +281,7 @@ table#TAB1 td { border: 0 }
<tr><td colspan="2"></td><tr>
</tbody>
</table>
-<div style="text-align: right;"><small><small><span>&copy;
+<div style="text-align: right;"><small><small><span>&copy;
<?php
echo date('Y').' CAcert Inc., V2, '.date('Y-n-j');
?>
@@ -327,7 +327,7 @@ table#TAB1 td { border: 0 }
'http://svn.cacert.org/CAcert/Policies/OrganisationAssurancePolicy/OrganisationAssuranceSubPolicyEurope.html',
'Organisation Assurance Subpolicy for the United States' =>
'http://svn.cacert.org/CAcert/Policies/OrganisationAssurancePolicy/OrganizationAssuranceSubPolicyUnitedStates.html',
- );
+ );
$cnt = 0;
while( list($key, $ref) = each($policies) ) {
$cnt++;
@@ -338,7 +338,7 @@ table#TAB1 td { border: 0 }
}
if( $cnt > 0 ) {
echo "</dd>\n";
- }
+ }
echo "</dl>\n";
echo _("Submit the form").': <button type="submit" style="background-color: rgb(112, 154, 186); color: white;"> '._("generate PDF file");
echo "</button>\n";
diff --git a/www/coapnew.php b/www/coapnew.php
index c9e4e47..5a161b4 100644
--- a/www/coapnew.php
+++ b/www/coapnew.php
@@ -17,8 +17,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-// $Id: coapnew.php,v 1.3 2011-06-10 18:30:42 wytze Exp $
-define('REV', '$Revision: 1.3 $');
+// $Id: coapnew.php,v 1.4 2012-01-24 14:26:05 root Exp $
+define('REV', '$Revision: 1.4 $');
/*
** Created from old cap.php 2003, which used the now obsoleted ftpdf package
@@ -70,7 +70,7 @@ define('REV', '$Revision: 1.3 $');
** On transliteration and abbreviation of a name:
** if shoes a std way show accepted conversion as pdf comment
** Orientation: on landscape (dflt) print 2-up
-** PDF URL links are used to web, wiki, and faq for more info search
+** PDF URL links are used to web, wiki, and faq for more info search
** Only on non-ascii chars in a name the utf8 routines are loaded
** PDF reader has wiki info url's and easy email feedback
** ENABLED:
@@ -94,7 +94,7 @@ define('REV', '$Revision: 1.3 $');
** recode(), recode_string(0 is said to have too many (japanese) defeats
** recode_string() is only used on GET[] input (html->utf-8),
** UTF-8 use routines from http://www.sourceforge.net/projects/phputf8
-** which replaces php recode() package.
+** which replaces php recode() package.
** on many places own utf-8 handling code exists and is loaded (tcpdf problem)
** _() translation routine. The returned HTML string is translated to utf-8 string.
** the GET() routines expects utf-8 code (see test defs) but might be changed
@@ -179,7 +179,7 @@ define('REV', '$Revision: 1.3 $');
** $_GET['format'] paper format required A0-A6,Letter, Folio, B0-B6 (dflt A4)
** $_GET['watermark'] watermark on the page
** $_GET['orientation'] paper orientation default "landscape" default 2-up (new)
-** $_SESSION['_config']['language'] for "ja_JP" japanese default != ja_JP
+** $_SESSION['_config']['language'] for "ja" japanese default != ja
** $_SESSION['_config']['recode'] = "format" recode() uses it: needed ?
** recode() is aliased to php lib function recode_string()
** $_REQUEST[bw] if exists use black/white, default use colour
@@ -221,7 +221,7 @@ define('REV', '$Revision: 1.3 $');
** Form Revision string is generated from RCS revision string.
** More info on PDF fields:
** http://www.adobe.com/devnet/acrobat/pdfs/js_developer_guide.pdf
-**
+**
*/
// use next define if you test this code
@@ -281,7 +281,7 @@ if( defined( 'TEST' ) ) {
// trade office information
$_GET['identifier'] = "NL-238603-AA02";
$_GET['tor'] = "Kamer van Koophandel";
- $_GET['torregion'] = "Amsterdam";
+ $_GET['torregion'] = "Amsterdam";
//$_GET['tordate'] = "2008-04-03";
// contact name(s)
$_GET['domain1'] = "oophaga.org, oophaga.nl";
@@ -345,7 +345,7 @@ define('ARBIT', WIKI."/ArbitrationForum");
// CAcert Community Agreement
define('CCA', "CAcertCommunityAgreement"); // default policy to print
define('POLICY','policy/'); // default polciy doc directory
-define('EXT','.php'); // default polciy doc extention, should be html
+define('EXT','.html'); // default polciy doc extention, should be html
/* finger print CAcert Root Key */ // should obtain this automatically
define('CLASS1_SHA1','135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33');
define('CLASS3_SHA1','AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE');
@@ -371,7 +371,7 @@ define('DFL_FORMAT', 'html..utf-8');
// Japanese is not supported?
if( array_key_exists('_config', $_SESSION) ) {
if( isset($_SESSION['_config']['language']) ) {
- if($_SESSION['_config']['language'] == "ja_JP")
+ if($_SESSION['_config']['language'] == "ja")
define('FONT','SJIS');
else define( 'FONT', 'freesans');
}
@@ -422,12 +422,12 @@ function utf8_is_ascii_ctrl($str) {
// extend TCPF with custom functions
class COAPPDF extends TCPDF {
- // do cap form version numbering automatically "$Revision: 1.3 $"
+ // do cap form version numbering automatically "$Revision: 1.4 $"
/*public*/ function Version() {
strtok(REV, " ");
return(strtok(" "));
}
-
+
/*public*/ function myHeader( $msg = NULL, $url = NULL )
{
static $my_url = NULL;
@@ -450,7 +450,7 @@ class COAPPDF extends TCPDF {
$this->setXY($this->lMargin, MARGIN+3);
$this->y0 = $this->getY();
}
-
+
// undefine default header and footer handling
// default routines do not handle columns
function Footer() { }
@@ -458,7 +458,7 @@ class COAPPDF extends TCPDF {
function Mark( $string = "" ) {
return array( $string, 1+substr_count($string,'.') );
}
-
+
/*public*/ function myFooter( $msg = NULL, $url = NULL )
{
static $my_url = NULL;
@@ -501,7 +501,7 @@ class COAPPDF extends TCPDF {
$this->StopTransform();
$this->SetXY($savex,$savey);
}
-
+
if( !empty($font_fam ) )
$this->SetFont($font_fam,$font_style,$font_size);
$this->InFooter = false;
@@ -519,16 +519,16 @@ class COAPPDF extends TCPDF {
//number of colums
/*protected*/ var $ncols=1;
-
+
// columns width
/*protected*/ var $colwidth=0;
// space between columns
/*protected*/ var $column_space = 0;
-
+
//Current column
/*protected*/ var $col=0;
-
+
//Ordinate of column start
/*protected*/ var $y0;
@@ -570,7 +570,7 @@ class COAPPDF extends TCPDF {
$this->SetDisplayMode(intval($this->scale), 'SinglePage', 'UseOC');
return( $format );
}
-
+
//Set position at a given column
/*private*/ function SetCol($col = -1) {
static $pagecolwidth = 1.0;
@@ -610,7 +610,7 @@ class COAPPDF extends TCPDF {
$this->myFooter(); // print footer msg if defined
}
if( $col >= $this->ncols ) {
- $this->addPage(); $col = 0;
+ $this->addPage(); $col = 0;
$this->ScaleXY($this->scale,0,0);
$this->y0 = 0; //no header/footer done...
} elseif ( $col > 0 AND $col < $this->ncols) {
@@ -710,7 +710,7 @@ class COAPPDF extends TCPDF {
elseif( preg_match('/\./', $nm ) ) {
if( $first_name < 0 ) $first_name = $j;
if( $first_name >= 0 ) $success = TRUE; // was abbreviated
- continue; // title
+ continue; // title
}
if( $first_name < 0 ) $first_name = $j;
if( $married == 0 ) $fam = $j;
@@ -732,7 +732,7 @@ class COAPPDF extends TCPDF {
elseif( preg_match('/\./', $nm ) ) $name .= $nm;
elseif( $j < $fam ) { // need to abbreviate
// not utf8
- // and abbreviate
+ // and abbreviate
if( $j == $first_name )
$abr = "(". $substr( $nm, 1 ) . ")";
else $abr = ".";
@@ -746,7 +746,7 @@ class COAPPDF extends TCPDF {
$nm = $tk[0];
if( $ext < 0 AND preg_match('/(^[^A-Z]|\.)/', $nm ) ) continue;
if( $ext < 0 ) $ext = $j+1;
- if( preg_match('/\./', $nm ) ) { $success = TRUE; break; }
+ if( preg_match('/\./', $nm ) ) { $success = TRUE; break; }
}
return( $success? $name : "" ); // and return abbriviated name
}
@@ -859,7 +859,7 @@ class COAPPDF extends TCPDF {
$this->StatementOrganisation($organisation);
$this->StatementAssurer( $assurer, $assurance );
}
-
+
//Add form and/or CCA (on duplex only when more as one page is printed)
/*public*/ function PrintForm( $organisation = NULL, $registry = NULL, $assurer = NULL, $page = NULL ) {
@@ -1045,7 +1045,7 @@ class COAPPDF extends TCPDF {
$this->Line($this->lMargin,$tSide+$height,$this->lMargin+$this->colwidth,$tSide+$height);
$this->Line($this->lMargin+$this->colwidth,$tSide-1, $this->lMargin+$this->colwidth, $tSide+$height);
$this->SetDrawColor(0);
- $this->SetY($tSide + $height + 1); // set Y ordinate to plus 7
+ $this->SetY($tSide + $height + 1); // set Y ordinate to plus 7
$tSide = -1; $title = "";
return($this->GetY());
}
@@ -1078,7 +1078,7 @@ class COAPPDF extends TCPDF {
if ( BW ) {
$this->SetFillColor(241);
} else {
- //$this->SetFillColor(173,197,215);
+ //$this->SetFillColor(173,197,215);
$this->SetFillColor(234, 241, 246);
}
$this->Rect($this->lMargin+37.5,$this->GetY()+0.1,
@@ -1141,7 +1141,7 @@ class COAPPDF extends TCPDF {
if( $phone ) {
$TextProps['value'] = $phone ? $phone : $this->unhtmlentities( _('phone nr') ) . "?";
$TextProps['userName'] = $this->unhtmlentities( _('For organisation administrators and assurer: provide email address and optionally your phone number.') );
- $this->TextField($field.'Phone', $this->SetFieldXY($this->lMargin+$this->colwidth-25, $savey, 24), 4.5, $TextProps );
+ $this->TextField($field.'Phone', $this->SetFieldXY($this->lMargin+$this->colwidth-25, $savey, 24), 4.5, $TextProps );
$this->SetFieldXY();
}
$savey += 3;
@@ -1156,7 +1156,7 @@ class COAPPDF extends TCPDF {
if( $email ) {
$TextProps['value'] = $email ? $email : $this->unhtmlentities( _('email') ) . "?";
$TextProps['userName'] = $this->unhtmlentities( _('For organisation administrators and assurer: provide email address and optionally your phone number.') );
- $this->TextField($field.'Email', $this->SetFieldXY($this->lMargin+2+$l, $savey, $this->colwidth-$l-28), 4.5, $TextProps);
+ $this->TextField($field.'Email', $this->SetFieldXY($this->lMargin+2+$l, $savey, $this->colwidth-$l-28), 4.5, $TextProps);
$this->SetFieldXY(); $savey += 3;
}
// phone number
@@ -1166,7 +1166,7 @@ class COAPPDF extends TCPDF {
}
// All information of Applicant goes in one table
-/*public*/ function InfoOrganisation( $organisation = NULL, $registry = NULL ){
+/*public*/ function InfoOrganisation( $organisation = NULL, $registry = NULL ){
// Applicant Identity information part
$tSide = $this->PrintTable($this->unhtmlentities( _('Organisation Identity Information') ))+1;
@@ -1220,7 +1220,7 @@ class COAPPDF extends TCPDF {
$strg,
NULL, NULL, true);
$this->Ln(0.4);
- $strg = ""; foreach( $organisation['domains'] as $i )
+ $strg = ""; foreach( $organisation['domains'] as $i )
$strg .= ($strg != "" ? ", " : "") . $i;
$this->PrintName(
$this->unhtmlentities( _('The internet domain name(s) the organisation controls and owns. The names will be checked with WHOIS with e.g. the DNS official top domain registrar e.g. the country ccTLD .<country code> registrar.') ),
@@ -1233,7 +1233,7 @@ class COAPPDF extends TCPDF {
// contact info o-admin address assuree
$cnt = $organisation['admincnt'];
$space = $this->getPageHeight()/$this->scale*100.0 -MINH ; // margin
- for( $i = 0; $i < $cnt; $i++ ) { // names to be printed
+ for( $i = 0; $i < $cnt; $i++ ) { // names to be printed
$this->PrintName(
$this->unhtmlentities( _('The organisation administrator (CAcert Assurer) contact information. The administrator is appointed by the organisation director to administer the organisation domain certificates, secure the certificates and maintain them.') ),
$this->unhtmlentities( _('Organisation Administrator') ),
@@ -1400,7 +1400,7 @@ class COAPPDF extends TCPDF {
// get $form, $orientation, $assuree, $assurer, $assurance info
// FONT and BW are set already
-// import info
+// import info
$utf8 = false;
function GET( $key = "" ) {
global $utf8;
@@ -1457,7 +1457,7 @@ $registry = array (
$organisation = array (
'names' => array( ), // [0] full name, [>0] DBA's
'namecnt' => 0,
- 'date' => my_recode(GET('date')) == "now" ? date("Y-m-d") :
+ 'date' => my_recode(GET('date')) == "now" ? date("Y-m-d") :
my_recode(GET('date')),
'address' => my_recode(GET('address')),
'state' => my_recode(GET('state')),
@@ -1507,7 +1507,7 @@ for( $i = 0; $i <= 25 AND $j < 2; $i++ ) {
if( $domains != "" ) $domains .= ",";
$domains .= strtolower($name);
} else $j ++;
-}
+}
$i = 0;
if( $domains ) { // csv list to array and trim white spaces
$domains = strtok($domains,',');
@@ -1547,7 +1547,7 @@ unset( $i ); unset( $j); unset( $utf8 ); // unset($_GET);
PDF_UNIT /* mm */,
/* PDF_PAGE_FORMAT */ $page['format'],
true
- );
+ );
$pdf->SetFormat( $page['format'] ); // set paper size scaling
// protection is encryption and this will cause 3.5 times performance loss
@@ -1570,10 +1570,10 @@ unset( $i ); unset( $j); unset( $utf8 ); // unset($_GET);
$pdf->SetAutoPageBreak(TRUE, MARGIN*0.707);
//set image scale factor
- $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
+ $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
//set some language-dependent strings
- $pdf->setLanguageArray($l);
+ $pdf->setLanguageArray($l);
//initialize document
$pdf->AliasNbPages();
@@ -1589,6 +1589,6 @@ unset( $i ); unset( $j); unset( $utf8 ); // unset($_GET);
$pdf->Output("CAcert COAP.pdf", "I");
//============================================================+
-// END OF FILE
+// END OF FILE
//============================================================+
?>
diff --git a/www/disputes.php b/www/disputes.php
index 5b78c1e..f195ed5 100644
--- a/www/disputes.php
+++ b/www/disputes.php
@@ -264,7 +264,7 @@
echo _("You aren't allowed to dispute your own email addresses. Can't continue.");
showfooter();
exit;
- }
+ }
$res = mysql_query("select * from `users` where `id`='$oldmemid'");
$user = mysql_fetch_assoc($res);
@@ -319,12 +319,20 @@
}
unset($oldid);
$query = "select * from `domains` where `domain`='$domain' and `deleted`=0";
- $email = ""; if(array_key_exists('email',$_REQUEST)) $email=trim(mysql_real_escape_string($_REQUEST['email']));
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
+ $query = "select 1 from `orgdomains` where `domain`='$domain'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ showheader(_("Domain Dispute"));
+ printf(_("The domain '%s' is included in an organisation account. Please send a mail to %s to dispute this domain."), sanitizeHTML($domain),'<a href="mailto:support@cacert.org">support@cacert.org</a>');
+ showfooter();
+ exit;
+ }
showheader(_("Domain Dispute"));
- printf(_("The domain '%s' doesn't exist in the system. Can't continue."), sanitizeHTML($email));
+ printf(_("The domain '%s' doesn't exist in the system. Can't continue."), sanitizeHTML($domain));
showfooter();
exit;
}
@@ -336,7 +344,7 @@
echo _("You aren't allowed to dispute your own domains. Can't continue.");
showfooter();
exit;
- }
+ }
$domainid = $row['id'];
$_SESSION['_config']['domainid'] = $domainid;
diff --git a/www/index.php b/www/index.php
index 13e8dc6..c7cc03e 100644
--- a/www/index.php
+++ b/www/index.php
@@ -14,8 +14,10 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
+*/
+
+require_once('../includes/lib/l10n.php');
+
$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
$oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
@@ -148,13 +150,16 @@
if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
{
- $query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and disablelogin=0 and
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ include_once("../includes/lib/general.php");
+ $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+ $_SERVER['SSL_CLIENT_I_DN_CN']);
+
+ if($user_id >= 0)
{
- $row = mysql_fetch_assoc($res);
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]' and `deleted`=0 and `locked`=0"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ "select * from `users` where
+ `id`='$user_id' and `deleted`=0 and `locked`=0"));
+
if($_SESSION['profile']['id'] != 0)
{
$_SESSION['profile']['loggedin'] = 1;
@@ -307,18 +312,12 @@
if($_SESSION['profile']['language'] == "")
{
- $query = "update `users` set `language`='".$_SESSION['_config']['language']."'
+ $query = "update `users` set `language`='".L10n::get_translation()."'
where `id`='".$_SESSION['profile']['id']."'";
mysql_query($query);
} else {
- $_SESSION['_config']['language'] = $_SESSION['profile']['language'];
-
- putenv("LANG=".$_SESSION['_config']['language']);
- setlocale(LC_ALL, $_SESSION['_config']['language']);
-
- $domain = 'messages';
- bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
- textdomain("$domain");
+ L10n::set_translation($_SESSION['profile']['language']);
+ L10n::init_gettext();
}
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$res = mysql_query($query);
@@ -332,6 +331,8 @@
$_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
$_SESSION['_config']['oldlocation'] = "account.php?id=13";
}
+ if (checkpwlight($pword) < 3)
+ $_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
if($_SESSION['_config']['oldlocation'] != "")
header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
else
@@ -544,9 +545,11 @@
`regional`='".$_SESSION['signup']['regional']."',
`radius`='".$_SESSION['signup']['radius']."'";
mysql_query($query);
+ include_once("../includes/notary.inc.php");
+ write_user_agreement($memid, "CCA", "account creation", "", 1);
$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
- $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n"; //."&"."lang=".$_SESSION['_config']['language']."\n\n";
+ $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
sendmail($_SESSION['signup']['email'], "[CAcert.org] "._("Mail Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
@@ -563,6 +566,13 @@
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
$secrethash = $_REQUEST['secrethash2'];
+
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "")
{
@@ -603,30 +613,34 @@
}
}
- if($oldid == 11 && $process != "" && $_REQUEST['support'] != "yes")
- {
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- }
-
- if($oldid == 11 && $process != "" && $_REQUEST['support'] == "yes")
+ if($oldid == 11 && $process != "")
{
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
}
if(!array_key_exists('signup',$_SESSION) || $_SESSION['signup']['year'] < 1900)
$_SESSION['signup']['year'] = "19XX";
+
+ if ($id == 12)
+ {
+ $protocol = $_SERVER['HTTPS'] ? 'https' : 'http';
+ $newUrl = $protocol . '://wiki.cacert.org/FAQ/AboutUs';
+ header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
+ }
if ($id == 19)
{
@@ -635,6 +649,13 @@
header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
}
+ if ($id == 8)
+ {
+ $protocol = $_SERVER['HTTPS'] ? 'https' : 'http';
+ $newUrl = $protocol . '://wiki.cacert.org/Board';
+ header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
+ }
+
showheader(_("Welcome to CAcert.org"));
includeit($id);
showfooter();
diff --git a/www/keygenIE.js b/www/keygenIE.js
new file mode 100644
index 0000000..be2d184
--- /dev/null
+++ b/www/keygenIE.js
@@ -0,0 +1,609 @@
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+var CAcert_keygen_IE = function () {
+
+ /// Makes a new DOM text node
+ var textnode = function (text) {
+ return document.createTextNode(text);
+ }
+
+ /// makes a new <p> element
+ var paragraph = function (text) {
+ var paragraph = document.createElement("p");
+ paragraph.appendChild(textnode(text));
+ return paragraph;
+ }
+
+ /// makes a new <pre> elemtent
+ var pre = function (text) {
+ var pre = document.createElement("pre");
+ pre.appendChild(textnode(text));
+ return pre;
+ }
+
+ /// makes a new <option> element
+ var option = function (text, value) {
+ var option = document.createElement("option");
+ if (value !== undefined) {
+ option.setAttribute("value", value);
+ }
+ option.appendChild(textnode(text));
+ return option;
+ }
+
+ /// Removes all child nodes from the element
+ var removeChildren = function (element) {
+ element.innerHTML = "";
+ }
+
+ /// Show error message to user from exception
+ var showError = function (message, exception) {
+ window.alert(
+ message +
+ "\n\nError: " + exception.message +
+ " (0x" + (0xFFFFFFFF + exception.number + 1).toString(16) +
+ " / " + exception.number + ")"
+ );
+ }
+
+ // Get important elements from the DOM
+ var form = document.getElementById("CertReqForm");
+ var securityLevel = document.getElementById("SecurityLevel");
+ var customSettings = document.getElementById("customSettings");
+ var provider = document.getElementById("CspProvider");
+ var algorithm = document.getElementById("algorithm");
+ var algorithmParagraph = document.getElementById("algorithmParagraph");
+ var keySize = document.getElementById("keySize");
+ var keySizeMin = document.getElementById("keySizeMin");
+ var keySizeMax = document.getElementById("keySizeMax");
+ var keySizeStep = document.getElementById("keySizeStep");
+ var genReq = document.getElementById("GenReq");
+ var csr = document.getElementById("CSR");
+ var noActiveX = document.getElementById("noActiveX");
+ var generatingKeyNotice = document.getElementById("generatingKeyNotice");
+ var createRequestErrorChooseAlgorithm = document.getElementById("createRequestErrorChooseAlgorithm");
+ var createRequestErrorConfirmDialogue = document.getElementById("createRequestErrorConfirmDialogue");
+ var createRequestErrorConnectDevice = document.getElementById("createRequestErrorConnectDevice");
+ var createRequestError = document.getElementById("createRequestError");
+ var invalidKeySizeError = document.getElementById("invalidKeySizeError");
+ var unsupportedPlatformError = document.getElementById("unsupportedPlatformError");
+
+ /// Initialise the CertEnroll code (Vista and higher)
+ /// returns false if initialisation fails
+ var initCertEnroll = function () {
+ var factory = null;
+ var providerList = null;
+ var cspStats = null;
+
+ // Try to initialise the ActiveX element. Requires permissions by the user
+ try {
+ factory = new ActiveXObject("X509Enrollment.CX509EnrollmentWebClassFactory");
+ if (!factory) {
+ throw {
+ name: "NoObjectError",
+ message: "Got null at object creation"
+ };
+ }
+
+ // also try to create a useless object here so the library gets
+ // initialised and we don't need to check everytime later
+ factory.CreateObject("X509Enrollment.CObjectId");
+
+ form.style.display = "";
+ noActiveX.style.display = "none";
+ } catch (e) {
+ return false;
+ }
+
+ /// Get the selected provider
+ var getProvider = function () {
+ var providerIndex = provider.options[provider.selectedIndex].value;
+ return providerList.ItemByIndex(providerIndex);
+ }
+
+ /// Get the selected algorithm
+ var getAlgorithm = function () {
+ var algorithmIndex = algorithm.options[algorithm.selectedIndex].value;
+ return alg = cspStats.ItemByIndex(algorithmIndex).CspAlgorithm;
+ }
+
+ /// Get the selected key size
+ var getKeySize = function () {
+ var alg = getAlgorithm();
+
+ var bits = parseInt(keySize.value, 10);
+ if (
+ (bits < alg.MinLength) ||
+ (bits > alg.MaxLength) ||
+ (
+ alg.IncrementLength &&
+ ((bits - alg.MinLength) % alg.IncrementLength !== 0)
+ )
+ ) {
+ return false;
+ }
+
+ return bits;
+ }
+
+ /// Fill the key size list
+ var getKeySizeList = function () {
+ if (!cspStats) {
+ return false;
+ }
+
+ var alg = getAlgorithm();
+
+ // HTML5 attributes
+ keySize.setAttribute("min", alg.MinLength);
+ keySize.setAttribute("max", alg.MaxLength);
+ keySize.setAttribute("step", alg.IncrementLength);
+ keySize.setAttribute("value", alg.DefaultLength);
+ keySize.value = ""+alg.DefaultLength;
+
+ // ugly, but buggy otherwise if done with text nodes
+ keySizeMin.innerHTML = alg.MinLength;
+ keySizeMax.innerHTML = alg.MaxLength;
+ keySizeStep.innerHTML = alg.IncrementLength;
+
+ return true;
+ }
+
+ /// Fill the algorithm list
+ var getAlgorithmList = function () {
+ var i;
+
+ if (!providerList) {
+ return false;
+ }
+
+ var csp = getProvider();
+
+ cspStats = providerList.GetCspStatusesFromOperations(
+ 0x1c, //XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION
+ //0x10, //XCN_NCRYPT_SIGNATURE_OPERATION
+ //0x8, //XCN_NCRYPT_SECRET_AGREEMENT_OPERATION
+ //0x4, //XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION
+ csp
+ );
+
+ removeChildren(algorithm);
+ for (i = 0; i < cspStats.Count; i++) {
+ var alg = cspStats.ItemByIndex(i).CspAlgorithm;
+ algorithm.appendChild(option(alg.Name, i));
+ }
+
+ return getKeySizeList();
+ }
+
+ /// Fill the crypto provider list
+ var getProviderList = function () {
+ var i;
+
+ var csps = factory.CreateObject("X509Enrollment.CCspInformations");
+
+ // Get provider information
+ csps.AddAvailableCsps();
+
+ removeChildren(provider);
+
+ for (i = 0; i < csps.Count; i++) {
+ var csp = csps.ItemByIndex(i);
+ provider.appendChild(option(csp.Name, i));
+ }
+
+ providerList = csps;
+
+ return getAlgorithmList();
+ }
+
+ /// Generate a key and create and submit the actual CSR
+ var createCSR = function () {
+ var providerName, algorithmOid,