diff options
Diffstat (limited to 'pages/wot')
| -rw-r--r-- | pages/wot/1.php | 4 | ||||
| -rw-r--r-- | pages/wot/10.php | 14 | ||||
| -rw-r--r-- | pages/wot/12.php | 6 | ||||
| -rw-r--r-- | pages/wot/13.php | 6 | ||||
| -rw-r--r-- | pages/wot/15.php | 2 | ||||
| -rw-r--r-- | pages/wot/16.php | 143 | ||||
| -rw-r--r-- | pages/wot/4.php | 15 | ||||
| -rw-r--r-- | pages/wot/5.php | 47 | ||||
| -rw-r--r-- | pages/wot/6.php | 26 | ||||
| -rw-r--r-- | pages/wot/9.php | 6 |
10 files changed, 231 insertions, 38 deletions
diff --git a/pages/wot/1.php b/pages/wot/1.php index a45b5df..99c2b9f 100644 --- a/pages/wot/1.php +++ b/pages/wot/1.php @@ -91,7 +91,7 @@ { $query = "select *, `users`.`id` as `id` from `users`,`notary` where `listme`='1' and `ccid`='".$ccid."' and `regid`='".$regid."' and - `locid`='".$locid."' and `users`.`id`=`notary`.`to` + `locid`='".$locid."' and `users`.`id`=`notary`.`to` and `notary`.`deleted`=0 group by `notary`.`to` HAVING SUM(`points`) >= 100 order by `points` desc"; $list = mysql_query($query); if(mysql_num_rows($list) > 0) @@ -115,7 +115,7 @@ <td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td> </tr> -<? } +<? } } ?> </table> diff --git a/pages/wot/10.php b/pages/wot/10.php index bc76a86..24b8a70 100644 --- a/pages/wot/10.php +++ b/pages/wot/10.php @@ -24,7 +24,7 @@ <td colspan="5" class="title"><?=_("Assurer Ranking")?></td> </tr> <tr> -<? +<?// the rank calculation is not adjusted to the new deletion method $query = "SELECT `users`. *, count(*) AS `list` FROM `users`, `notary` WHERE `users`.`id` = `notary`.`from` AND `notary`.`from` != `notary`.`to` AND `from`='".intval($_SESSION['profile']['id'])."' GROUP BY `notary`.`from`"; @@ -36,8 +36,8 @@ WHERE `users`.`id` = `notary`.`from` AND `notary`.`from` != `notary`.`to` GROUP BY `notary`.`from` HAVING count(*) > '$rc' ORDER BY `notary`.`when` DESC"; */ - $query = "SELECT count(*) AS `list` FROM `users` - inner join `notary` on `users`.`id` = `notary`.`from` + $query = "SELECT count(*) AS `list` FROM `users` + inner join `notary` on `users`.`id` = `notary`.`from` GROUP BY `notary`.`from` HAVING count(*) > '$rc'"; $rank = mysql_num_rows(mysql_query($query)) + 1; @@ -64,11 +64,11 @@ <td class="DataTD"><b><?=_("Method")?></b></td> </tr> <? - $query = "select * from `notary` where `to`='".intval($_SESSION['profile']['id'])."'"; + $query = "select `id`, `date`, `points`, `location`, `method` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { - $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['from'])."'")); + $fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['from'])."'")); ?> <tr> <td class="DataTD"><?=$row['id']?></td> @@ -114,11 +114,11 @@ if ($thawte) </tr> <? $points = 0; - $query = "select * from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and `to`!='".intval($_SESSION['profile']['id'])."'"; + $query = "select `id`, `date`, `points`, `to`, `location`, `method` from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and `to`!='".intval($_SESSION['profile']['id'])."' and `deleted`=0" ; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { - $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['to'])."'")); + $fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['to'])."'")); $points += $row['points']; $name = trim($fromuser['fname']." ".$fromuser['lname']); if($name == "") diff --git a/pages/wot/12.php b/pages/wot/12.php index a0bbf50..e6b20ca 100644 --- a/pages/wot/12.php +++ b/pages/wot/12.php @@ -65,9 +65,9 @@ document.f.location.focus(); { $bits = explode(",", $_REQUEST['location']); - $loc = trim(mysql_escape_string($bits['0'])); - $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1'])); - $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2'])); + $loc = trim(mysql_real_escape_string($bits['0'])); + $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1'])); + $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2'])); $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and diff --git a/pages/wot/13.php b/pages/wot/13.php index eac7e18..1143769 100644 --- a/pages/wot/13.php +++ b/pages/wot/13.php @@ -21,9 +21,9 @@ if(array_key_exists('location',$_REQUEST) && $_REQUEST['location'] != "") { { $bits = explode(",", $_REQUEST['location']); - $loc = trim(mysql_escape_string($bits['0'])); - $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1'])); - $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2'])); + $loc = trim(mysql_real_escape_string($bits['0'])); + $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1'])); + $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2'])); $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and `locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id` diff --git a/pages/wot/15.php b/pages/wot/15.php index cca2702..c1f3e0f 100644 --- a/pages/wot/15.php +++ b/pages/wot/15.php @@ -14,7 +14,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ +*/ require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); diff --git a/pages/wot/16.php b/pages/wot/16.php new file mode 100644 index 0000000..069b7a2 --- /dev/null +++ b/pages/wot/16.php @@ -0,0 +1,143 @@ +<?php +/*LibreSSL - CAcert web application +Copyright (C) 2004-2008 CAcert Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +//******************* TTP Console ************ + +if ($_SESSION['profile']['ttpadmin'] < 1) { + echo _("You are not allowed to view this page."); + exit; +} + +//Check for test or productive environment, in case of test the user data for the print out is extended by 'test system' +$testserver=''; +if ($_SESSION['_config']['normalhostname']=='cacert1.it-sls.de') { + $testserver=' test system'; +} + +$row = $_SESSION['_config']['notarise']; +$fname = $row['fname']; +$mname = $row['mname']; +$lname = $row['lname']; +$suffix = $row['suffix']; +$fullname = $fname." ".$mname." ".$lname." ".$suffix; +$email = $row['email']; +$dob = date_format(new DateTime($row['dob']), 'Y-m-d'); +$userid = $row['id']; + +//List TTP Assurances and TotalPoints +//changed get_received_assurances ($userid, $support) + +//include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php"); +include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); + +output_received_assurances(intval($userid),2); //support==2 => TTP + + +$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($userid)."'"; +$dres = mysql_query($query); +$drow = mysql_fetch_assoc($dres); + +$points=$drow['points']; +if ($points<1) { + $points=0; +} + +$res = get_received_assurances(intval($userid), 2); +$ttp_assurances_count=$num_rows = mysql_num_rows($res); + +//Form +?> +<table align="center" class="wrapper"> + <tr> + <td class="title"><?=sprintf(_('Total assurance points for %s'),$fullname)?></td> + </tr> + <tr> + <td><?=sprintf(_('%s points'), $points)?></td> + </tr> +</table> +<br/> +<form action="https://pdf.cacert.eu/cacertpdf.php" method="get" accept-charset="UTF-8"> + <table align="center" class="wrapper"> + <tr> + <td colspan="2" class="title"><?= _('TTP CAP form creation')?></td> + </tr> + <tr> + <td colspan="2" class="title"><?= _('User information')?></td> + </tr> + <tr> + <td><?=_('Fullname')?><input type="hidden" name="fullname" value="<?=$fullname.$testserver?>"/></td> + <td><?=$fullname?></td> + </tr> + <tr> + <td><?=_('Date of Birth')?><input type="hidden" name="dob" value="<?=$dob.$testserver?>"/></td> + <td><?=$dob?></td> + </tr> + <tr> + <td><?=_('Email')?><input type="hidden" name="email" value="<?=$email.$testserver?>"/></td> + <td><?=$email?></td> + </tr> + <tr></tr> + <tr> + <td><?=_('Country where the TTP will be visited')?></td> + <td> + <? + $ttpcountries=get_array_from_ini('../config/ttp.ini'); + echo create_selectbox_HTML('type',$ttpcountries, '',TRUE); + ?> + </td> + </tr> + <tr> + <td colspan="2" class="title"><?=_('TTP Admin postal address, including name, street, country etc.')?></td> + </tr> + <tr> + <td><?=_('Line').' 1'?></td> + <td><input type="text" name="adress" /></td> + </tr> + <tr> + <td><?=_('Line').' 2'?></td> + <td><input type="text" name="adress1" /></td> + </tr> + <tr> + <td><?=_('Line').' 3'?></td> + <td><input type="text" name="adress2" /></td> + </tr> + <tr> + <td><?=_('Line').' 4'?></td> + <td><input type="text" name="adress3" /></td> + </tr> + <tr> + <td><?=_('Line').' 5'?></td> + <td><input type="text" name="adress4" /></td> + </tr> + <tr> + <td colspan="2" class="title"> + <? + if ($points>=100 || $ttp_assurances_count>=2) { + echo _('No TTP assurance allowed'); + }else{ + ?><input type="submit" value="<?=_('Create TTP CAP pdf file')?>"/><? + }?> + </td> + </tr> + </table> + <input type="hidden" name="lang" value="en"/> +</form> + +<div class="blockcenter"> + <a href="wot.php?id=6&userid=<?=$userid ?>"><?=_("Back")?></a> +</div> diff --git a/pages/wot/4.php b/pages/wot/4.php index 628e6a5..954bc76 100644 --- a/pages/wot/4.php +++ b/pages/wot/4.php @@ -43,12 +43,13 @@ if ($_SESSION['profile']['points']<100){ <form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> - <td class="DataTD"><?=_("Country where you want to visit the TTP")?></td> - <td class="DataTD"><select size="1" name="country"> - <option>Australia</option> - <option>Puerto Rico</option> - <option>USA</option> - </select></td> + <td class="DataTD"><?=_('Country where you want to visit the TTP')?></td> + <td class="DataTD"> + <? + $ttpcountries=get_array_from_ini('../config/ttp.ini'); + echo create_selectbox_HTML('country',$ttpcountries, _('Choose country')); + ?> + </td> </tr> <tr> <td class="DataTD"><?=_("I want to take part in the TTP Topup programme")?></td> @@ -72,7 +73,7 @@ if ($_SESSION['profile']['points']<100){ </form> */ ?> - <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p> + <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p> <? } } else { diff --git a/pages/wot/5.php b/pages/wot/5.php index c1a6438..a9c3dcb 100644 --- a/pages/wot/5.php +++ b/pages/wot/5.php @@ -18,14 +18,24 @@ include_once("../includes/shutdown.php"); require_once("../includes/lib/l10n.php"); ?> -<? - if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") +<? + if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="orange" size="+1"> <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?> </font> <?unset($_SESSION['_config']['error']); - } + } + + if (!isset($_SESSION['assuresomeone']['year'])) { + $_SESSION['assuresomeone']['year'] = ''; + } + if (!isset($_SESSION['assuresomeone']['month'])) { + $_SESSION['assuresomeone']['month'] = ''; + } + if (!isset($_SESSION['assuresomeone']['day'])) { + $_SESSION['assuresomeone']['day'] = ''; + } ?> <? if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { ?> <form method="post" action="wot.php"> @@ -60,6 +70,37 @@ <td class="DataTD"><input type="text" name="email" id="email" value="<?=array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):""?>"></td> <? } ?> </tr> + <tr> + <td class="DataTD"> + <?=_("Date of Birth")?><br/> + (<?=_("yyyy/mm/dd")?>)</td> + <td class="DataTD"> + <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['assuresomeone']) ? sanitizeHTML($_SESSION['assuresomeone']['year']):""?>" size="4" autocomplete="off"></nobr> + <select name="month"> +<? +for($i = 1; $i <= 12; $i++) +{ + echo "<option value='$i'"; + if(array_key_exists('month',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['month'] == $i) + echo " selected=\"selected\""; + echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))." ($i)</option>\n"; +} +?> + </select> + <select name="day"> +<? +for($i = 1; $i <= 31; $i++) +{ + echo "<option"; + if(array_key_exists('day',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['day'] == $i) + echo " selected=\"selected\""; + echo ">$i</option>"; +} +?> + </select> + </td> + </tr> + <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> </tr> diff --git a/pages/wot/6.php b/pages/wot/6.php index a565aa7..d48fc21 100644 --- a/pages/wot/6.php +++ b/pages/wot/6.php @@ -17,20 +17,23 @@ */ ?> <? - if(!array_key_exists('notarise',$_SESSION['_config'])) +if(!array_key_exists('notarise',$_SESSION['_config'])) { - echo "Error: No user data found."; - exit; + echo "Error: No user data found."; + exit; } $row = $_SESSION['_config']['notarise']; + $_SESSION['assuresomeone']['year'] = ''; + $_SESSION['assuresomeone']['month'] = ''; + $_SESSION['assuresomeone']['day'] = ''; - if($_SESSION['profile']['ttpadmin'] == 1) -// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP"); -// else - $methods = array("Face to Face Meeting", "Trusted 3rd Parties"); + if($_SESSION['profile']['ttpadmin'] == 2) + $methods = array('Face to Face Meeting', 'TTP-Assisted', 'TTP-TOPUP'); + elseif($_SESSION['profile']['ttpadmin'] == 1) + $methods = array('Face to Face Meeting', 'TTP-Assisted'); else - $methods = array("Face to Face Meeting"); + $methods = array('Face to Face Meeting'); $mnames = array( '01' => _('January'), @@ -79,7 +82,12 @@ AssureTextLine("",_("Only tick the next box if the Assurance was face to face.")); AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1); AssureBoxLine("rules",_("I have read and understood the CAcert Community Agreement (CCA), Assurance Policy and the Assurance Handbook. I am making this Assurance subject to and in compliance with the CCA, Assurance policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1); - AssureTextLine(_("Policy"),"<a href=\"/policy/CAcertCommunityAgreement.php\" target=\"_blank\">"._("CAcert Community Agreement")."</a> -<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>"); + AssureTextLine(_("Policy"),"<a href=\"/policy/CAcertCommunityAgreement.html\" target=\"_blank\">"._("CAcert Community Agreement")."</a> - <a href=\"/policy/AssurancePolicy.html\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>"); AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")"); AssureFoot($id,_("I confirm this Assurance")); + + if($_SESSION['profile']['ttpadmin'] >= 1) { + ?><div class='blockcenter'><a href="wot.php?id=16"><?=_('Show TTP details')?></a></div><? + } + ?> diff --git a/pages/wot/9.php b/pages/wot/9.php index bfa7a98..b492ff6 100644 --- a/pages/wot/9.php +++ b/pages/wot/9.php @@ -15,9 +15,9 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ - + require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php'); - + $res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."' and `listme`='1'"); if(mysql_num_rows($res) <= 0) @@ -28,7 +28,7 @@ $user = mysql_fetch_array($res); $userlang = $user['language']; $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary` - where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0")); + where `to`='".$user['id']."' and `deleted`=0 group by `to` HAVING SUM(`points`) > 0")); if($points <= 0) { echo _("Sorry, I was unable to locate that user."); |