diff options
Diffstat (limited to 'includes/notary.inc.php')
| -rw-r--r-- | includes/notary.inc.php | 615 |
1 files changed, 526 insertions, 89 deletions
diff --git a/includes/notary.inc.php b/includes/notary.inc.php index d6f86a8..37a7ed0 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -41,6 +41,15 @@ return intval($row['list']); } + function get_number_of_ttpassurances ($userid) + { + $res = query_init ("SELECT count(*) AS `list` FROM `notary` + WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' "); + $row = query_getnextrow($res); + + return intval($row['list']); + } + function get_number_of_assurees ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` @@ -106,7 +115,7 @@ function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked) { - $apoints = max($row['points'],$row['awarded']); + $apoints = max($row['points'], $row['awarded']); $points += $apoints; $experience = " "; $revoked = false; # to be coded later (after DB-upgrade) @@ -192,15 +201,15 @@ ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td class="title"><?=_("Assurer Ranking")?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> - </tr> + <tr> + <td class="title"><?=_("Assurer Ranking")?></td> + </tr> + <tr> + <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> + </tr> + <tr> + <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> + </tr> </table> <br/> <? @@ -210,65 +219,68 @@ { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> + <tr> <? if ($support == "1") { ?> - <td colspan="10" class="title"><?=$title?></td> + <td colspan="10" class="title"><?=$title?></td> <? } else { ?> - <td colspan="7" class="title"><?=$title?></td> -<? } + <td colspan="7" class="title"><?=$title?></td> +<? + } ?> - </tr> - <tr> - <td class="DataTD"><strong><?=_("ID")?></strong></td> - <td class="DataTD"><strong><?=_("Date")?></strong></td> + </tr> + <tr> + <td class="DataTD"><strong><?=_("ID")?></strong></td> + <td class="DataTD"><strong><?=_("Date")?></strong></td> <? if ($support == "1") { ?> - <td class="DataTD"><strong><?=_("When")?></strong></td> - <td class="DataTD"><strong><?=_("Email")?></strong></td> -<? } ?> - <td class="DataTD"><strong><?=_("Who")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Location")?></strong></td> - <td class="DataTD"><strong><?=_("Method")?></strong></td> - <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> + <td class="DataTD"><strong><?=_("When")?></strong></td> + <td class="DataTD"><strong><?=_("Email")?></strong></td> +<? + } +?> + <td class="DataTD"><strong><?=_("Who")?></strong></td> + <td class="DataTD"><strong><?=_("Points")?></strong></td> + <td class="DataTD"><strong><?=_("Location")?></strong></td> + <td class="DataTD"><strong><?=_("Method")?></strong></td> + <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> <? if ($support == "1") { ?> - <td class="DataTD"><strong><?=_("Revoke")?></strong></td> + <td class="DataTD"><strong><?=_("Revoke")?></strong></td> <? } ?> - </tr> + </tr> <? } function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support) { ?> - <tr> - <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td> - <td class="DataTD"><?=$points?></td> - <td class="DataTD"> </td> - <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> - <td class="DataTD"><?=$sumexperience?></td> + <tr> + <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td> + <td class="DataTD"><?=$points?></td> + <td class="DataTD"> </td> + <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> + <td class="DataTD"><?=$sumexperience?></td> <? if ($support == "1") { ?> - <td class="DataTD"> </td> + <td class="DataTD"> </td> <? } ?> - </tr> + </tr> </table> <br/> <? @@ -277,52 +289,54 @@ function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked) { - $tdstyle=""; - $emopen=""; - $emclose=""; + $tdstyle=""; + $emopen=""; + $emclose=""; - if ($awarded == $points) - { - if ($awarded == "0") + if ($awarded == $points) { - if ($when < "2006-09-01") + if ($awarded == "0") { - $tdstyle="style='background-color: #ffff80'"; - $emopen="<em>"; - $emclose="</em>"; + if ($when < "2006-09-01") + { + $tdstyle="style='background-color: #ffff80'"; + $emopen="<em>"; + $emclose="</em>"; + } } } - } ?> - <tr> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td> + <tr> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td> <? - if ($support == "1") - { + if ($support == "1") + { ?> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td> -<? } +<? + } ?> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td> <? - if ($support == "1") - { - if ($revoked == true) + if ($support == "1") { + if ($revoked == true) + { ?> - <td class="DataTD" <?=$tdstyle?>> </td> -<? } else { + <td class="DataTD" <?=$tdstyle?>> </td> +<? + } else { ?> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&userid=<?=intval($userid)?>&assurance=<?=intval($assuranceid)?>&csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID "%s"?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&userid=<?=intval($userid)?>&assurance=<?=intval($assuranceid)?>&csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID "%s"?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td> <? + } } - } ?> </tr> <? @@ -332,14 +346,14 @@ { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="4" class="title"><?=_("Summary of your Points")?></td> - </tr> - <tr> - <td class="DataTD"><strong><?=_("Description")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> - <td class="DataTD"><strong><?=_("Remark")?></strong></td> + <tr> + <td colspan="4" class="title"><?=_("Summary of your Points")?></td> + </tr> + <tr> + <td class="DataTD"><strong><?=_("Description")?></strong></td> + <td class="DataTD"><strong><?=_("Points")?></strong></td> + <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> + <td class="DataTD"><strong><?=_("Remark")?></strong></td> </tr> <? } @@ -355,12 +369,12 @@ function output_summary_row($title,$points,$points_countable,$remark) { ?> - <tr> - <td class="DataTD"><strong><?=$title?></strong></td> - <td class="DataTD"><?=$points?></td> - <td class="DataTD"><?=$points_countable?></td> - <td class="DataTD"><?=$remark?></td> - </tr> + <tr> + <td class="DataTD"><strong><?=$title?></strong></td> + <td class="DataTD"><?=$points?></td> + <td class="DataTD"><?=$points_countable?></td> + <td class="DataTD"><?=$remark?></td> + </tr> <? } @@ -430,6 +444,8 @@ break; case 'Unknown': // to be revoked in the future? limit to max 50 pts? case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? + case 'TTP-Assisted': // TTP assurances, limit to 35 + case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30 case '': // to be revoked in the future? limit to max 50 pts? case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? break; @@ -575,14 +591,14 @@ return $issue_points; } - function output_given_assurances($userid,$support) + function output_given_assurances($userid,$support=0) { output_assurances_header(_("Assurance Points You Issued"),$support); output_given_assurances_content($userid,$points,$sum_experience,$support); output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support); } - function output_received_assurances($userid,$support) + function output_received_assurances($userid,$support=0) { output_assurances_header(_("Your Assurance Points"),$support); output_received_assurances_content($userid,$points,$sum_experience,$support); @@ -602,18 +618,30 @@ <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p> <? } - + //functions to do with recording user agreements + /** + * write_user_agreement() + * writes a new record to the table user_agreement + * + * @param mixed $memid + * @param mixed $document + * @param mixed $method + * @param mixed $comment + * @param integer $active + * @param integer $secmemid + * @return + */ function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){ // write a new record to the table user_agreement - $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid. - ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ; + $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid). + ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ; $res = mysql_query($query); } - + function get_user_agreement_status($memid, $type="CCA"){ //returns 0 - no user agreement, 1- at least one entry - $query="SELECT u.`document` FROM `user_agreements` u + $query="SELECT u.`document` FROM `user_agreements` u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ; $res = mysql_query($query); if(mysql_num_rows($res) <=0){ @@ -650,8 +678,8 @@ function get_last_user_agreement($memid, $type="CCA"){ //returns an array (`document`,`date`,`method`, `comment`,`active`) $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1) - union - (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ; + union + (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ; $res = mysql_query($query); if(mysql_num_rows($res) >0){ $row = mysql_fetch_assoc($res); @@ -664,7 +692,7 @@ $rec=array(); } return $rec; -} + } function delete_user_agreement($memid, $type="CCA"){ //deletes all entries to an user for the given type of user agreements @@ -672,4 +700,413 @@ mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'"); } + // functions for 6.php (assure somebody) + + function AssureHead($confirmation,$checkname) + { +?> +<form method="post" action="wot.php"> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600"> + <tr> + <td colspan="2" class="title"><?=$confirmation?></td> + </tr> + <tr> + <td class="DataTD" colspan="2" align="left"><?=$checkname?></td> + </tr> +<? + } + + function AssureTextLine($field1,$field2) + { +?> + <tr> + <td class="DataTD"><?=$field1.(empty($field1)?'':':')?>:</td> + <td class="DataTD"><?=$field2?></td> + </tr> +<? + } + + function AssureBoxLine($type,$text,$checked) + { +?> + <tr> + <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td> + <td class="DataTD"><?=$text?></td> + </tr> +<? + } + + function AssureMethodLine($text,$methods,$remark) + { + if (count($methods) != 1) { +?> + <tr> + <td class="DataTD"><?=$text.(empty($text)?'':':')?></td> + <td class="DataTD"> + <select name="method"> +<? + foreach($methods as $val) { +?> + <option value="<?=$val?>"><?=$val?></option> +<? + } +?> + </select> + <br /> + <?=$remark?> + </td> + </tr> +<? + } else { +?> + <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" /> +<? + } + } + + function AssureInboxLine($type,$field,$value,$description) + { +?> + <tr> + <td class="DataTD"><?=$field.(empty($field)?'':':')?>:</td> + <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td> + </tr> +<? + } + + function AssureFoot($oldid,$confirm) + { ?> + <tr> + <td class="DataTD" colspan="2"> + <input type="submit" name="process" value="<?=$confirm?>" /> + <input type="submit" name="cancel" value="<?=_("Cancel")?>" /> + </td> + </tr> +</table> +<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" /> +<input type="hidden" name="oldid" value="<?=$oldid?>" /> +</form> +<? + } + + function account_email_delete($mailid){ + //deletes an email entry from an acount + //revolkes all certifcates for that email address + //called from www/account.php if($process != "" && $oldid == 2) + //called from www/diputes.php if($type == "reallyemail") / if($action == "accept") + //called from account_delete + $mailid = intval($mailid); + revoke_all_client_cert($mailid); + $query = "update `email` set `deleted`=NOW() where `id`='$mailid'"; + mysql_query($query); + } + + function account_domain_delete($domainid){ + //deletes an domain entry from an acount + //revolkes all certifcates for that domain address + //called from www/account.php if($process != "" && $oldid == 9) + //called from www/diputes.php if($type == "reallydomain") / if($action == "accept") + //called from account_delete + $domainid = intval($domainid); + revoke_all_server_cert($domainid); + mysql_query( + "update `domains` + set `deleted`=NOW() + where `id` = '$domainid'"); + } + + function account_delete($id, $arbno, $adminid){ + //deletes an account following the deleted account routnie V3 + // called from www/account.php if($oldid == 50 && $process != "") + //change password + $id = intval($id); + $arbno = mysql_real_escape_string($arbno); + $adminid = intval($adminid); + $pool = 'abcdefghijklmnopqrstuvwxyz'; + $pool .= '0123456789!()ยง'; + $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; + srand ((double)microtime()*1000000); + $password=""; + for($index = 0; $index < 30; $index++) + { + $password .= substr($pool,(rand()%(strlen ($pool))), 1); + } + mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'"); + + //create new mail for arbitration number + $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1"; + mysql_query($query); + $emailid = mysql_insert_id(); + + //set new mail as default + $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'"; + mysql_query($query); + + //delete all other email address + $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ; + $res=mysql_query($query); + while($row = mysql_fetch_assoc($res)){ + account_email_delete($row['id']); + } + + //delete all domains + $query = "select `id` from `domains` where `memid`='".$id."'"; + $res=mysql_query($query); + while($row = mysql_fetch_assoc($res)){ + account_domain_delete($row['id']); + } + + //clear alert settings + mysql_query( + "update `alerts` set + `general`='0', + `country`='0', + `regional`='0', + `radius`='0' + where `memid`='$id'"); + + //set default location + $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'"; + mysql_query($query); + + //clear listings + $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'"; + mysql_query($query); + + //set lanuage to default + //set default language + mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'"); + //delete secondary langugaes + mysql_query("delete from `addlang` where `userid`='".$id."'"); + + //change secret questions + for($i=1;$i<=5;$i++){ + $q=""; + $a=""; + for($index = 0; $index < 30; $index++) + { + $q .= substr($pool,(rand()%(strlen ($pool))), 1); + $a .= substr($pool,(rand()%(strlen ($pool))), 1); + } + $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'"; + mysql_query($query); + } + + //change personal information to arbitration number and DOB=1900-01-01 + $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'"; + $details = mysql_fetch_assoc(mysql_query($query)); + $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}', + `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'"; + mysql_query($query); + $query = "update `users` set `fname`='".$arbno."', + `mname`='".$arbno."', + `lname`='".$arbno."', + `suffix`='".$arbno."', + `dob`='1900-01-01' + where `id`='".$id."'"; + mysql_query($query); + + //clear all admin and board flags + mysql_query( + "update `users` set + `assurer`='0', + `assurer_blocked`='0', + `codesign`='0', + `orgadmin`='0', + `ttpadmin`='0', + `locadmin`='0', + `admin`='0', + `adadmin`='0', + `tverify`='0', + `board`='0' + where `id`='$id'"); + + //block account + mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now() + } + + + function check_email_exists($email){ + // called from includes/account.php if($process != "" && $oldid == 1) + // called from includes/account.php if($oldid == 50 && $process != "") + $email = mysql_real_escape_string($email); + $query = "select 1 from `email` where `email`='$email' and `deleted`=0"; + $res = mysql_query($query); + return mysql_num_rows($res) > 0; + } + + function check_gpg_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + $uid = intval($uid); + if (0==$cca) { + $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()"; + }else{ + $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)"; + } + $res = mysql_query($query); + return mysql_num_rows($res) > 0; + } + + function check_client_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + $uid = intval($uid); + if (0==$cca) { + $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`"; + $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()"; + }else{ + $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`"; + $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)"; + } + $res = mysql_query($query1); + $r1 = mysql_num_rows($res)>0; + $res = mysql_query($query2); + $r2 = mysql_num_rows($res)>0; + return !!($r1 || $r2); + } + + function check_server_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + $uid = intval($uid); + if (0==$cca) { + $query1 = " + select 1 from `domaincerts` join `domains` + on `domaincerts`.`domid` = `domains`.`id` + where `domains`.`memid` = '$uid' + and `domaincerts`.`expire` > NOW() + and `domaincerts`.`revoked` < `domaincerts`.`created`"; + $query2 = " + select 1 from `domaincerts` join `domains` + on `domaincerts`.`domid` = `domains`.`id` + where `domains`.`memid` = '$uid' + and `revoked`>NOW()"; + }else{ + $query1 = " + select 1 from `domaincerts` join `domains` + on `domaincerts`.`domid` = `domains`.`id` + where `domains`.`memid` = '$uid' + and `expire`>(NOW()-90*86400) + and `revoked`<`created`"; + $query2 = " + select 1 from `domaincerts` join `domains` + on `domaincerts`.`domid` = `domains`.`id` + where `domains`.`memid` = '$uid' + and `revoked`>(NOW()-90*86400)"; + } + $res = mysql_query($query1); + $r1 = mysql_num_rows($res)>0; + $res = mysql_query($query2); + $r2 = mysql_num_rows($res)>0; + return !!($r1 || $r2); + } + + function check_is_orgadmin($uid){ + // called from includes/account.php if($oldid == 50 && $process != "") + $uid = intval($uid); + $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0"; + $res = mysql_query($query); + return mysql_num_rows($res) > 0; + } + + + // revokation of certificates + function revoke_all_client_cert($mailid){ + //revokes all client certificates for an email address + $mailid = intval($mailid); + $query = "select `emailcerts`.`id` + from `emaillink`,`emailcerts` where + `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0 + group by `emailcerts`.`id`"; + $dres = mysql_query($query); + while($drow = mysql_fetch_assoc($dres)){ + mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'"); + } + } + + function revoke_all_server_cert($domainid){ + //revokes all server certs for an domain + $domainid = intval($domainid); + $query = + "select `domaincerts`.`id` + from `domaincerts` + where `domaincerts`.`domid` = '$domainid' + union distinct + select `domaincerts`.`id` + from `domaincerts`, `domlink` + where `domaincerts`.`id` = `domlink`.`certid` + and `domlink`.`domid` = '$domainid'"; + $dres = mysql_query($query); + while($drow = mysql_fetch_assoc($dres)) + { + mysql_query( + "update `domaincerts` + set `revoked`='1970-01-01 10:00:01' + where `id` = '".$drow['id']."' + and `revoked` = 0"); + } + } + + function revoke_all_private_cert($uid){ + //revokes all certificates linked to a personal accounts + //gpg revokation needs to be added to a later point + $uid=intval($uid); + $query = "select `id` from `email` where `memid`='".$uid."'"; + $res=mysql_query($query); + while($row = mysql_fetch_assoc($res)){ + revoke_all_client_cert($row['id']); + } + + + $query = "select `id` from `domains` where `memid`='".$uid."'"; + $res=mysql_query($query); + while($row = mysql_fetch_assoc($res)){ + revoke_all_server_cert($row['id']); + } + } + + /** + * check_date_format() + * checks if the date is entered in the right date format YYYY-MM-DD and + * if the date is after the 1st January of the given year + * + * @param mixed $date + * @param integer $year + * @return + */ + function check_date_format($date, $year=2000){ + if (!strpos($date,'-')) { + return FALSE; + } + $arr=explode('-',$date); + + if ((count($arr)!=3)) { + return FALSE; + } + if (intval($arr[0])<=$year) { + return FALSE; + } + if (intval($arr[1])>12 or intval($arr[1])<=0) { + return FALSE; + } + if (intval($arr[2])>31 or intval($arr[2])<=0) { + return FALSE; + } + + return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0])); + + } + + /** + * check_date_difference() + * returns false if the date is larger then today + time diffrence + * + * @param mixed $date + * @param integer $diff + * @return + */ + function check_date_difference($date, $diff=1){ + return (strtotime($date)<=time()+$diff*86400); + } |