summaryrefslogtreecommitdiff
path: root/pages
diff options
context:
space:
mode:
Diffstat (limited to 'pages')
-rw-r--r--pages/account/10.php2
-rw-r--r--pages/account/12.php9
-rw-r--r--pages/account/16.php6
-rw-r--r--pages/account/17.php122
-rw-r--r--pages/account/18.php9
-rw-r--r--pages/account/20.php4
-rw-r--r--pages/account/22.php9
-rw-r--r--pages/account/3.php6
-rw-r--r--pages/account/4.php175
-rw-r--r--pages/account/40.php9
-rw-r--r--pages/account/43.php63
-rw-r--r--pages/account/5.php11
-rw-r--r--pages/account/51.php34
-rw-r--r--pages/account/52.php102
-rw-r--r--pages/account/6.php128
-rw-r--r--pages/account/60.php142
-rw-r--r--pages/gpg/0.php2
-rw-r--r--pages/gpg/2.php6
-rw-r--r--pages/index/11.php11
-rw-r--r--pages/index/feed.rss69
-rw-r--r--pages/wot/1.php2
-rw-r--r--pages/wot/12.php4
-rw-r--r--pages/wot/15.php2
-rw-r--r--pages/wot/6.php6
24 files changed, 414 insertions, 519 deletions
diff --git a/pages/account/10.php b/pages/account/10.php
index 704a05c..f5527ab 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -34,6 +34,8 @@
<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<? } ?>
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
<textarea name="CSR" cols="80" rows="15"></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
diff --git a/pages/account/12.php b/pages/account/12.php
index 44926ca..35ae6c2 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
</tr>
@@ -34,7 +35,8 @@
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
+ UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
+ `domaincerts`.`description`
from `domaincerts`,`domains`
where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
if($viewall != 1)
@@ -75,7 +77,8 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/16.php b/pages/account/16.php
index 514ecfd..338878d 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -56,6 +56,12 @@
<td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td>
</tr>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80>
+ </td>
+ </tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
<input type="submit" name="process" value="<?=_("Next")?>"></td>
diff --git a/pages/account/17.php b/pages/account/17.php
index 2ba5390..8ac8b65 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -14,124 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?>
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/18.php b/pages/account/18.php
index 13dcc30..45e3be9 100644
--- a/pages/account/18.php
+++ b/pages/account/18.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -35,7 +36,8 @@
UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
`oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
- `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`
+ `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
+ `oemail`.`description`
from `orgemailcerts` as `oemail`, `org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`oemail`.`orgid` ";
@@ -80,7 +82,8 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/20.php b/pages/account/20.php
index 510b708..5e91e77 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -29,9 +29,11 @@
<form method="post" action="account.php">
<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<p><?=_("Paste your CSR below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
+<textarea name="CSR" cols="80" rows="15"></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
diff --git a/pages/account/22.php b/pages/account/22.php
index 9df8200..ac7a645 100644
--- a/pages/account/22.php
+++ b/pages/account/22.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -36,7 +37,8 @@
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
`orgdomaincerts`.`serial`,
- `orgdomaincerts`.`id` as `id`
+ `orgdomaincerts`.`id` as `id`,
+ `orgdomaincerts`.`description`
from `orgdomaincerts`,`org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
if($viewall != 1)
@@ -77,7 +79,8 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/3.php b/pages/account/3.php
index 5590488..b2e3184 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -53,6 +53,12 @@ if($_SESSION['profile']['points'] >= 50)
$suffix = $_SESSION['profile']['suffix'];
?>
<tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80>
+ </td>
+ </tr>
+ <tr>
<td class="DataTD" colspan="2" align="left">
<input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
<input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
diff --git a/pages/account/4.php b/pages/account/4.php
index a4d6597..8ac8b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -14,177 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- // Vista:
- Set csps = CreateObject("X509Enrollment.CCspInformations")
- If IsObject(csps) Then
- csps.AddAvailableCsps()
- Document.CertReqForm.keytype.value="VI"
- For j = 0 to csps.Count-1
- Set oOption = document.createElement("OPTION")
- oOption.text = csps.ItemByIndex(j).Name
- oOption.value = j
- Document.CertReqForm.CspProvider.add(oOption)
- Next
-
- Else
-
- // 2000,XP:
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
- End If
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
-
-
- // Vista
- if Document.CertReqForm.keytype.value="VI" Then
-
- Dim g_objClassFactory
- Dim obj
- Dim objPrivateKey
- Dim g_objRequest
- Dim g_objRequestCMC
-
- Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
- Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
- Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
- Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
- //Msgbox exit function
- objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
- // "Microsoft Enhanced RSA and AES Cryptographic Provider"
- objPrivateKey.ProviderType = "24"
- objPrivateKey.KeySpec = "1"
- objPrivateKey.ExportPolicy = 1
- objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
- Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
- objDN.Encode("CN=CAcertRequest")
- objRequest.Subject = objDN
-
- // obj.Initialize(1)
- obj.InitializeFromRequest(objRequest)
- obj.CertificateDescription="Description"
- obj.CertificateFriendlyName="FriendlyName"
- CSR=obj.CreateRequest(1)
- If len(CSR)<>0 Then Exit Function
- Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
-
- else
- // XP
-
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- End if
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/40.php b/pages/account/40.php
index b1a7fdb..4877d79 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -65,21 +65,14 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
</form>
<p><b><?=_("Security Issues")?></b></p>
-<p><? sprintf(_("Please use any of the following ways to report security ".
+<p><?=sprintf(_("Please use any of the following ways to report security ".
"issues: You can use the above contact form for sensitive information. ".
"You can email us to %s. You can file a bugreport on %s and mark it as ".
"private."),
"<a href='mailto:support@cacert.org'>support@cacert.org</a>",
"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
<script type="text/javascript">
<!--
diff --git a/pages/account/43.php b/pages/account/43.php
index 7bf6d04..c482cab 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -331,7 +331,66 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<? } ?>
</table>
<br>
-<? } ?>
+<? }
+
+//
+// Display account creation/activity information
+//
+$showactivity = isset($_REQUEST['showactivity']);
+$activity_url = "/account.php?id=43&userid=$row[id]";
+if (!$showactivity) {
+ $activity_url .= "&showactivity";
+}
+
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="2" class="title">
+ <a href="<?= $activity_url ?>"><?=_("Account Activity")?></a>
+ </td>
+ </tr>
+
+<?php
+if ($showactivity) {
+ $query = "select `created`, `modified` from `users`
+ where `id` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $created = $drow['created'];
+
+ $modified = getdate(strtotime($drow['modified']));
+ $now = getdate();
+ // only a rough approximation
+ $days = ($now['year'] - $modified['year']) * 360;
+ $days += ($now['mon'] - $modified['mon']) * 30;
+ $days += $now['mday'] - $modified['mday'];
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Account created")?>:</td>
+ <td class="DataTD"><? echo $created ?></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Last activity")?>:</td>
+ <td class="DataTD"><?
+ if ($days >= 2 * 360) {
+ echo _("before 2 years");
+ } elseif ($days >= 360) {
+ echo _("before 1 year");
+ } elseif ($days >= 6 * 30) {
+ echo _("within last 12 months");
+ } elseif ($days >= 30) {
+ echo _("within last 6 months");
+ } else {
+ echo _("within the last month");
+ } ?></td>
+ </tr> <?php
+} ?>
+
+</table>
+<br>
+
+
<? // Begin - Debug infos ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
@@ -485,6 +544,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
// End - Debug infos
?>
+
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="6" class="title"><?=_("Certificates")?></td>
@@ -783,6 +843,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
</table>
<br>
+
<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
(<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
<br />
diff --git a/pages/account/5.php b/pages/account/5.php
index 5c131ba..539f237 100644
--- a/pages/account/5.php
+++ b/pages/account/5.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Login")?></td>
@@ -40,8 +41,9 @@
`emailcerts`.`id`,
`emailcerts`.`CN`,
`emailcerts`.`serial`,
- emailcerts.disablelogin as `disablelogin`
- from `emailcerts`
+ emailcerts.disablelogin as `disablelogin`,
+ `emailcerts`.`description`
+ from `emailcerts`
where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
";
if($viewall != 1)
@@ -86,7 +88,8 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD">
diff --git a/pages/account/51.php b/pages/account/51.php
deleted file mode 100644
index 7273840..0000000
--- a/pages/account/51.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
-<?
- $uid = intval($_GET['photoid']);
- $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) { ?>
-<img src="account.php?id=51&amp;photoid=<?=$uid ?>&amp;img=show" border="0" width="800">
-<? } else {
- $query = "select * from `tverify` where `id`='$uid' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo _("This UID has already been voted on.");
- } else {
- echo _("Unable to locate a valid request for that UID.");
- }
- } } ?>
diff --git a/pages/account/52.php b/pages/account/52.php
deleted file mode 100644
index 77a3bae..0000000
--- a/pages/account/52.php
+++ /dev/null
@@ -1,102 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
-<?
- $uid = intval($_GET['uid']);
- $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- $row = mysql_fetch_assoc($res);
- $memid = intval($row['memid']);
-
- $query2 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc2 = mysql_num_rows(mysql_query($query2));
- if($rc2 > 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("You have already voted on this request.");
- showfooter();
- exit;
- }
-
- $query = "select sum(`points`) as `points` from `notary` where `to`='$memid'";
- $notary = mysql_fetch_assoc(mysql_query($query));
- $query = "select * from `users` where `id`='$memid'";
- $user = mysql_fetch_assoc(mysql_query($query));
- $tobe = 50 - $notary['points'];
- if($row['URL'] != '' && $row['photoid'] != '')
- $tobe = 150 - $notary['points'];
- else if($row['URL'] != '')
- $tobe = 90 - $notary['points'];
- if(intval($tobe) <= 0)
- $tobe = 0;
-?>
-<?=_("Request Details")?>:<br>
-<?=_("Name on file")?>: <?=$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']?><br>
-<?=_("Primary email address")?>: <?=$user['email']." (".$user['id'].")"?><br>
-<?=_("Certificate Subject")?>: <?=$row['CN']?><br>
-<? if($row['URL'] != '') { ?><?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br><? } ?>
-<? if($row['photoid'] != '') { ?><?=_("Photo ID URL")?>: <a href="/account.php?id=51&amp;photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br><? } ?>
-<?=_("Current Points")?>: <?=intval($notary['points'])?><br>
-<?=_("Potential Points")?>: <?=intval($tobe)?><br>
-<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br>
-
-<br>
-<form method="post" action="account.php">
-<?=_("Comment")?>: <input type="text" name="comment"><br>
-<input type="submit" name="agree" value="<?=_("I agree with this Application")?>">
-<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>">
-<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>">
-<input type="hidden" name="uid" value="<?=$uid?>">
-</form>
-<? } else {
- $query = "select * from `tverify` where `id`='$uid' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo _("This UID has already been voted on.")."<br/>";
- } else {
- if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
- }
-
- // Search for open requests:
- $query = "select * from `tverify` where `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo "<br/>"._("The following requests are still open:")."<br/><ul>";
- while($row = mysql_fetch_assoc($res))
- {
- $uid=intval($row['id']);
- $query3 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc3 = mysql_num_rows(mysql_query($query3));
- if($rc3 <= 0)
- {
- echo "<li><a href='account.php?id=52&amp;uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n";
- }
- }
- echo "</ul>\n<br>\n";
- }
- else
- {
- echo "<br/>"._("There are no pending requests where you haven't voted yet.");
- }
-
-
- } } ?>
diff --git a/pages/account/6.php b/pages/account/6.php
index 38af8e8..90affac 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -14,46 +14,95 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
-
- $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("No such certificate attached to your account.");
- showfooter();
+*/
+
+// Get certificate information
+$certid = 0;
+if(array_key_exists('cert',$_REQUEST)) {
+ $certid = intval($_REQUEST['cert']);
+}
+
+$query = "select * from `emailcerts`
+ where `id`='$certid'
+ and `memid`='".intval($_SESSION['profile']['id'])."'";
+$res = mysql_query($query);
+if(mysql_num_rows($res) <= 0) {
+ showheader(_("My CAcert.org Account!"));
+ echo _("No such certificate attached to your account.");
+ showfooter();
+ exit;
+}
+$row = mysql_fetch_assoc($res);
+
+
+if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
+ }
+
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
+
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
+
+ echo $cert;
+ exit;
+
+} elseif (array_key_exists('install', $_REQUEST)) {
+ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+ strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
+
+ // Handle IE
+
+ //TODO
+
+ } else {
+ // All other browsers
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+ header("Content-Type: application/x-x509-user-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+ echo $cert;
exit;
}
- $row = mysql_fetch_assoc($res);
+} else {
+
+ showheader(_("My CAcert.org Account!"));
+ echo "<h3>"._("Install your certificate")."</h3>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install'>".
+ _("Install the certificate into your browser").
+ "</a></p>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;format=pem'>".
+ _("Download the certificate in PEM format")."</a></p>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;format=der'>".
+ _("Download the certificate in DER format")."</a></p>\n";
+
+ showfooter();
+ exit;
+}
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname`;
- if($row['keytype'] == "NS")
- {
- if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
- {
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
- $fname=sanitizeFilename($row['CN']);
- if($fname=="") $fname="certificate";
- header('Content-Disposition: inline; filename="'.$fname.'.crt"');
- echo $cert;
- exit;
- } else {
- showheader(_("My CAcert.org Account!"));
- echo "<h3>"._("Installing your certificate")."</h3>\n";
- echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n";
- echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n";
- showfooter();
- exit;
- }
- } else {
- showheader(_("My CAcert.org Account!"));
?>
+<!-- to be converted to JavaScript -->
<h3><?=_("Installing your certificate")?></h3>
<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
@@ -125,12 +174,3 @@
End Sub
</SCRIPT>
-<p><?=_("Your certificate:")?></p>
-<pre><?=$cert?></pre>
-<?
-
- showfooter();
- exit;
- }
-?>
-
diff --git a/pages/account/60.php b/pages/account/60.php
new file mode 100644
index 0000000..3c2cb79
--- /dev/null
+++ b/pages/account/60.php
@@ -0,0 +1,142 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?
+/*
+ $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysql_fetch_assoc(mysql_query($query));
+ $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $org = mysql_fetch_assoc(mysql_query($query));
+ $query = "select * from `users` where `id`='".intval($_REQUEST['memid'])."'";
+ $user = mysql_fetch_assoc(mysql_query($query));
+
+ $_SESSION['_config']['domain'] = $row['domain'];
+ */
+
+
+ $delcount = 0;
+ if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
+ {
+
+
+/*
+ foreach($_REQUEST['delid'] as $id)
+ {
+ $id = intval($id);
+ $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
+ `email`!='".$_SESSION['profile']['email']."'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+ echo $row['email']."<br>\n";
+ */
+/*
+ $query = "select `emailcerts`.`id`
+ from `emaillink`,`emailcerts` where
+ `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
+ `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
+ group by `emailcerts`.`id`";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres))
+ mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
+
+ $query = "update `email` set `deleted`=NOW() where `id`='$id'";
+ mysql_query($query);
+ */
+/* $delcount++;
+ }
+ } */
+
+?>
+
+<form method="post" action="account.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="4" class="title"><?=_("Delete User Account Email(s)")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Default")?></td>
+ <td class="DataTD"><?=_("Status")?></td>
+ <td class="DataTD"><?=_("Delete")?></td>
+ <td class="DataTD"><?=_("Address")?></td>
+ </tr>
+<?
+// $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+// $res = mysql_query($query);
+// while($row = mysql_fetch_assoc($res))
+ foreach($_REQUEST['delid'] as $did)
+ {
+ $did = intval($did);
+ $query = "select * from `email` where `id`='$did' and `memid`='".intval($_SESSION['profile']['id'])."' and
+ `email`!='".$_SESSION['profile']['email']."'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+// echo $row['email']."<br>\n";
+
+ {
+ if($row['hash'] == "")
+ $verified = _("Verified");
+ else
+ $verified = _("Unverified");
+?>
+ <tr>
+ <td class="DataTD">&nbsp;</td>
+ <td class="DataTD"><?=$verified?></td>
+ <td class="DataTD"><input type="hidden" name="delid[]" value="<?=$row['id']?>"><b>X</b></td>
+ <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
+ </tr>
+<? }
+ }
+ }
+ ?>
+ <!-- tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?=_("Make Default")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ </tr -->
+ <tr>
+ <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("Are you really sure you want to remove above listed emails from your account?")); ?></span></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("This revokes also all client certificates for above listed email addresses.")); ?></span></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ </tr>
+
+</table>
+<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="csrf" value="<?=make_csrf('chgdefcnfd')?>" />
+</form>
+<p>
+<?=_("Please Note: You can not set an unverified email as a default email, and you can not remove a default email. To remove the default email you must set another verified email as the default.")?>
+</p>
+<?
+ } else {
+ echo _("You did not select any email accounts for removal.");
+ echo _("You failed to select any email addresses to be removed, or you attempted to remove the default email address. No action was taken.");
+ $oldid = 0;
+ $id = 0;
+ showfooter();
+ exit;
+
+ }
+?>
diff --git a/pages/gpg/0.php b/pages/gpg/0.php
index ce3b72a..319c2f9 100644
--- a/pages/gpg/0.php
+++ b/pages/gpg/0.php
@@ -19,6 +19,8 @@
?>
<p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
<form method="post" action="gpg.php">
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
diff --git a/pages/gpg/2.php b/pages/gpg/2.php
index e10935e..fd26367 100644
--- a/pages/gpg/2.php
+++ b/pages/gpg/2.php
@@ -24,13 +24,13 @@
<td class="DataTD"><?=_("Email Address")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Key ID")?></td>
-
+ <td class="DataTD"><?=_("Comment")?></td>
<?
$query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`expire`) as `expired`,
`expire` as `expires`, `id`, `level`,
- `email`,`keyid` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
+ `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
ORDER BY `issued` desc";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -62,7 +62,7 @@
<? } ?>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
-
+ <td class="DataTD"><?=$row['description']?></td>
</tr>
<? } ?>
<? } ?>
diff --git a/pages/index/11.php b/pages/index/11.php
index 60c8941..01eca3a 100644
--- a/pages/index/11.php
+++ b/pages/index/11.php
@@ -65,16 +65,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
</form>
<p><b><?=_("Security Issues")?></b></p>
-<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p>
-
-<p><b><?=_("Snail Mail")?></b></p>
-<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p>
-
-<p><?=_("Postal Address:")?><br>
-CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
-Australia</p>
+<p><?=sprintf(_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on %s and mark it as private."),"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
<script type="text/javascript">
<!--
diff --git a/pages/index/feed.rss b/pages/index/feed.rss
new file mode 100644
index 0000000..eb62c13
--- /dev/null
+++ b/pages/index/feed.rss
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?><!-- generator="WordPress/2.5.1" -->
+<rss version="0.92">
+<channel>
+ <title>CAcert NEWS Blog</title>
+ <link>http://blog.cacert.org</link>
+ <description>CAcert NEWS and up coming events.</description>
+ <lastBuildDate>Fri, 20 Aug 2010 11:54:30 +0000</lastBuildDate>
+ <docs>http://backend.userland.com/rss092</docs>
+ <language>en</language>
+
+ <item>
+ <title>Looking for confirmation email on creating account?</title>
+ <description>Please go to https://ca-mgr1.it-sls.de/login login with your just created account and password.
+Under MAIL you'll find your individual confirmation email.</description>
+ <link>https://ca-mgr1.it-sls.de/testsystemdoc.html</link>
+ </item>
+ <item>
+ <title>You are interested in helping Testing ?</title>
+ <description>Create your test account on the Testserver. Beware of the confirmation email (see above) Entry page for Testers: https://wiki.cacert.org/Software/CurrentTest. Please contact Ulrich becoming a Testteam member.</description>
+ <link>https://wiki.cacert.org/Software/CurrentTest</link>
+ </item>
+ <item>
+ <title>Dear Testers</title>
+ <description>We had one work with no activity on the testserver
+caused by inactivity by the Software-Assessment
+team, caused by router problems at the hosting
+site of the testserver.
+Probably latter has been fixed.
+
+The reported bugs can be categorized into
+1. Testserver-Mgmt-System related
+2. Production Server recovery process to Testserver
+ and
+3. general software errors
+
+Group 1+2 are essential for our current test phase,
+as they covers the problems in building the
+base testserver environment that is needed for
+testing.
+
+So language and country selection support is
+an essential feature we've worked on the
+last week.
+
+One problem couldn't be solved till today:
+secondary language selection
+all other country and language related bugs
+should be fixed in the meantime.
+
+Also the Show my Points details now
+has the correct script (after some
+confusion in the Software-Assessment team
+and one developer), comparable to the
+script on the production website.
+
+On the main entry page for testers
+https://wiki.cacert.org/Software/CurrentTest
+the updates on the bugs are marked with (i)
+so here comes the 2nd test round ...
+
+Please report your found bugs and also success
+reports to the listed bug numbers
+
+Thanks for your assistance .... ;)
+</description>
+ <link>https://cacert1.it-sls.de/</link>
+ </item>
+</channel>
+</rss>
diff --git a/pages/wot/1.php b/pages/wot/1.php
index a45b5df..fa391a0 100644
--- a/pages/wot/1.php
+++ b/pages/wot/1.php
@@ -109,7 +109,7 @@
<? while($row = mysql_fetch_assoc($list)) { ?>
<tr>
<td class="DataTD" width="100"><nobr><?=$row['fname']?> <?=substr($row['lname'], 0, 1)?></nobr></td>
- <td class="DataTD"><?=maxpoints($row['id'])?></td>
+ <td class="DataTD"><?=max_points($row['id'])?></td>
<td class="DataTD"><?=$row['contactinfo']?></td>
<td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td>
<td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td>
diff --git a/pages/wot/12.php b/pages/wot/12.php
index a0bbf50..85d986b 100644
--- a/pages/wot/12.php
+++ b/pages/wot/12.php
@@ -119,9 +119,7 @@ document.f.location.focus();
</tr>
<? while($row = mysql_fetch_assoc($res))
{
- $points = maxpoints($row['uid']);
- if($points > 35)
- $points = 35;
+ $points = max_points($row['uid']);
?>
<tr>
<td class="DataTD" width="100"><nobr><?=$row['name']?></nobr></td>
diff --git a/pages/wot/15.php b/pages/wot/15.php
index 8579588..0ad7fa2 100644
--- a/pages/wot/15.php
+++ b/pages/wot/15.php
@@ -16,8 +16,6 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
-
$userid = intval($_SESSION['profile']['id']);
output_ranking($userid);
diff --git a/pages/wot/6.php b/pages/wot/6.php
index 28c1875..a27fccd 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -40,19 +40,17 @@
$name = $fname." ".$mname." ".$lname." ".$suffix;
$_SESSION['_config']['wothash'] = md5($name."-".$dob);
- include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
-
AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
AssureTextLine(_("Name"),$name);
AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
- AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+ AssureMethodLine(_("Method"),$methods,"");
AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
- AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+ AssureInboxLine("points",_("Points"),"","<br />(Max. ".max_points($_SESSION['profile']['id']).")");
AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
AssureFoot($id,_("I confirm this Assurance"));