summaryrefslogtreecommitdiff
path: root/scripts/cron
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/cron')
-rwxr-xr-xscripts/cron/permissionreview.php250
-rwxr-xr-xscripts/cron/removedead.php87
-rwxr-xr-xscripts/cron/updatesort.php70
-rwxr-xr-xscripts/cron/warning.php129
4 files changed, 536 insertions, 0 deletions
diff --git a/scripts/cron/permissionreview.php b/scripts/cron/permissionreview.php
new file mode 100755
index 0000000..ca95f18
--- /dev/null
+++ b/scripts/cron/permissionreview.php
@@ -0,0 +1,250 @@
+#!/usr/bin/php -q
+<?php
+/*
+LibreSSL - CAcert web application
+Copyright (C) 2004-2012 CAcert Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; version 2 of the License.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+require_once(dirname(__FILE__).'/../../includes/mysql.php');
+
+$BOARD_PRIVATE = 'cacert-board-private@lists.cacert.org';
+$ASSURANCE_OFFICER = 'ao@cacert.org';
+$ORGANISATION_ASSURANCE_OFFICER = 'oao@cacert.org';
+
+
+//defines to whom to send the lists
+$flags = array(
+ 'admin=1' => array(
+ 'name' => 'Support Engineer',
+ 'own' => false, //Don't send twice
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'orgadmin=1' => array(
+ 'name' => 'Organisation Assurer',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'board=1' => array(
+ 'name' => 'Board Member',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'ttpadmin=1' => array(
+ 'name' => 'Trusted Third Party Admin',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'ttpadmin=2' => array(
+ 'name' => 'Trusted Third Party TOPUP Admin',
+ 'own' => true,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => true
+ ),
+
+ 'tverify=1' => array(
+ 'name' => 'Tverify Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => true,
+ 'oao' => false
+ ),
+
+ 'locadmin=1' => array(
+ 'name' => 'Location Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'adadmin=1' => array(
+ 'name' => 'submit status for Advertising Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+ 'adadmin=2' => array(
+ 'name' => 'approve status for Advertising Admin',
+ 'own' => false,
+ 'board' => true,
+ 'support' => true,
+ 'ao' => false,
+ 'oao' => false
+ ),
+
+
+ );
+
+
+// Build up list of various admins
+$adminlist = array();
+foreach ($flags as $flag => $flag_properties) {
+ $flagname = explode('=', $flag, 2 );
+ $query = "select `fname`, `lname`, `email` from `users` where `$flagname[0]` = '$flagname[1]'";
+ if(! $res = mysql_query($query) ) {
+ fwrite(STDERR,
+ "MySQL query for flag $flag failed:\n".
+ "\"$query\"\n".
+ mysql_error()
+ );
+
+ continue;
+ }
+
+ $adminlist[$flag] = array();
+
+ while ($row = mysql_fetch_assoc($res)) {
+ $adminlist[$flag][] = $row;
+ }
+
+
+ // Send mail to admins of this group if 'own' is set
+ if ($flag_properties['own']) {
+ foreach ($adminlist[$flag] as $admin) {
+ $message = <<<EOF
+Hello $admin[fname],
+
+you get this message, because you are listed as $flag_properties[name] on
+CAcert.org. Please review the following list of persons with the same privilege
+and report to the responsible team leader or board
+($BOARD_PRIVATE) if you spot any errors.
+
+
+EOF;
+
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
+ echo "Sent $flag_properties[name] mail to $admin[email]\n";
+ }
+ }
+}
+
+
+
+// Send to support engineers
+$message = <<<EOF
+Dear Support Engineers,
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them.
+
+
+EOF;
+
+foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties['support']) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+
+ $message .= "\n\n";
+ }
+}
+
+$message .= <<<EOF
+
+Best Regards,
+CAcert Support
+EOF;
+
+foreach ($adminlist['admin=1'] as $support_engineer) {
+ sendmail(
+ $support_engineer['email'],
+ "Permissions Review",
+ $message,
+ 'support@cacert.org');
+ echo "Sent Support Engineer mail to $support_engineer[email]\n";
+}
+
+
+// Send to one-email addresses
+foreach (array(
+ 'ao' => array(
+ 'description' => 'Assurance Officer',
+ 'email' => $ASSURANCE_OFFICER),
+ 'oao' => array(
+ 'description' => 'Organisation Assurance Officer',
+ 'email' => $ORGANISATION_ASSURANCE_OFFICER),
+ 'board' => array(
+ 'description' => 'Board Members',
+ 'email' => $BOARD_PRIVATE)
+ ) as $key => $values) {
+ $message = <<<EOF
+Dear $values[description],
+
+it's time for the permission review again. Here is the list of privileged users
+in the CAcert web application. Please review them and also ask the persons
+responsible for an up-to-date copy of access lists not directly recorded in the
+web application (critical admins, software assessors etc.)
+
+
+
+EOF;
+
+ foreach ($flags as $flag => $flag_properties) {
+ if ($flag_properties[$key]) {
+ $message .= "List of $flag_properties[name]s:\n\n";
+ foreach ($adminlist[$flag] as $colleague) {
+ $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n";
+ }
+ $message .= "\n\n";
+ }
+ }
+
+ $message .= <<<EOF
+
+
+Best Regards,
+CAcert Support
+EOF;
+
+ sendmail($values['email'], "Permissions Review", $message, 'support@cacert.org');
+ echo "Sent $values[description] mail to $values[email]\n";
+}
diff --git a/scripts/cron/removedead.php b/scripts/cron/removedead.php
new file mode 100755
index 0000000..2257dc8
--- /dev/null
+++ b/scripts/cron/removedead.php
@@ -0,0 +1,87 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/l10n.php');
+ require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
+
+ $query = "select * from `users` where `users`.`verified`=0 and
+ (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`users`.`created`)) >= 172800";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ mysql_query("delete from `email` where `memid`='".$row['id']."'");
+ mysql_query("delete from `users` where `id`='".$row['id']."'");
+ delete_user_agreement($row['id']);
+ }
+
+ $query = "delete from `domains` where `hash`!='' and
+ (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 172800";
+ mysql_query($query);
+
+ $query = "delete from `email` where `hash`!='' and
+ (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 172800";
+ mysql_query($query);
+
+ $query = "delete from `disputedomain` where `hash`!='' and
+ (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 21600";
+ mysql_query($query);
+
+ $query = "delete from `disputeemail` where `hash`!='' and
+ (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 21600";
+ mysql_query($query);
+
+ $query = "select * from `notary` where `expire`!=0 and `expire`<NOW()";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $query = "select sum(`points`) as `points` from `notary` where `to`='$row[to]' and `expire`=0 group by `to`";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ if($drow['points'] >= 150)
+ {
+ $query = "update `notary` set `expire`=0, `points`='0' where `to`='$row[to]' and `from`='$row[from]' and `expire`='$row[expire]'";
+ } else {
+ $newpoints = 150 - $drow['points'];
+ $query = "update `notary` set `expire`=0, `points`='0' where `to`='$row[to]' and `from`='$row[from]' and `expire`='$row[expire]'";
+ mysql_query($query);
+ $query = "insert into `notary` set `expire`=0, `points`='$newpoints', `to`='$row[to]', `from`='$row[from]', `when`=NOW(), `method`='Administrative Increase', `date`=NOW()";
+ }
+
+ $data = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[to]'"));
+ $body = sprintf("%s %s (%s) had a temporary increase, but this has just expired and they have been reduced to 150 points.", $data['fname'], $data['lname'], $data['email'])."\n\n";
+ sendmail("cacert-board@lists.cacert.org", "[CAcert.org] Temporary Increase Expired.", $body, "website@cacert.org", "", "", "CAcert Website");
+
+ if($data['language'] != "")
+ {
+ L10n::set_translation($data['language']);
+ }
+
+ $body = _("You are receiving this email because you had a temporary increase to 200 points. This has since expired and you have been reduced to 150 points.")."\n\n";
+ $body = _("If you needed more time or any other extenuating circumstances you should contact us immediately so this situation can be dealt with immediately.")."\n\n";
+
+ $body .= _("Best regards")."\n";
+ $body .= _("CAcert Support Team");
+
+ sendmail($data['email'], "[CAcert.org] "._("Temporary points increase has expired."), $body, "support@cacert.org", "", "", "CAcert Website");
+
+ mysql_query($query);
+ fix_assurer_flag($row[to]);
+ }
+?>
diff --git a/scripts/cron/updatesort.php b/scripts/cron/updatesort.php
new file mode 100755
index 0000000..051b179
--- /dev/null
+++ b/scripts/cron/updatesort.php
@@ -0,0 +1,70 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+ require_once(dirname(__FILE__).'/../../includes/lib/account.php');
+
+
+ // Recalculate assurer flag for all accounts
+ if (!fix_assurer_flag()) {
+ fwrite(STDERR, "ERROR on fixing the assurer flag. Continuing anyway");
+ }
+
+
+ mysql_query("update `locations` set `acount`=0");
+ $query = "SELECT `users`.`locid` AS `locid`, count(*) AS `total` FROM `users`
+ WHERE users.assurer='1' AND `users`.`locid` != 0 and users.listme=1
+ GROUP BY `users`.`locid`";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $query = "update `locations` set `acount`='${row['total']}' where `id`='${row['locid']}'";
+ echo $query."\n";
+ mysql_query($query);
+ }
+
+
+ mysql_query("update `regions` set `acount`=0");
+ $query = "SELECT `users`.`regid` AS `regid`, count(*) AS `total` FROM `users`
+ WHERE users.assurer='1' AND `users`.`regid` != 0 and users.listme=1
+ GROUP BY `users`.`regid`";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $query = "update `regions` set `acount`='${row['total']}' where `id`='${row['regid']}'";
+ echo $query."\n";
+ mysql_query($query);
+ }
+
+
+
+
+ mysql_query("update `countries` set `acount`=0");
+ $query = "SELECT `users`.`ccid` AS `ccid`, count(*) AS `total` FROM `users`
+ WHERE users.assurer='1' AND `users`.`ccid` != 0 and users.listme=1
+ GROUP BY `users`.`ccid`";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ $query = "update `countries` set `acount`='${row['total']}' where `id`='${row['ccid']}'";
+ echo $query."\n";
+ mysql_query($query);
+ }
+
+
+?>
diff --git a/scripts/cron/warning.php b/scripts/cron/warning.php
new file mode 100755
index 0000000..0c97ba2
--- /dev/null
+++ b/scripts/cron/warning.php
@@ -0,0 +1,129 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ require_once(dirname(__FILE__).'/../../includes/mysql.php');
+
+ $days = array("1" => "3", "15" => "2", "30" => "1", "45" => "0");
+
+ foreach($days as $day => $warning)
+ {
+ $query = "SELECT `emailcerts`.`id`,`users`.`fname`,`users`.`lname`,`users`.`email`,`emailcerts`.`memid`,
+ `emailcerts`.`subject`, `emailcerts`.`crt_name`,`emailcerts`.`CN`, `emailcerts`.`serial`,
+ (UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW())) / 86400 as `daysleft`
+ FROM `users`,`emailcerts`
+ WHERE UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 and
+ UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP(NOW()) < $day * 86400 and
+ `emailcerts`.`renewed`=0 and `emailcerts`.`warning` <= '$warning' and
+ `emailcerts`.`revoked`=0 and `users`.`id`=`emailcerts`.`memid`";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ if($row['subject'] == "")
+ {
+ $row['crt_name'] = str_replace("../", "www/", $row['crt_name']);
+ $row['crt_name'] = "/home/cacert/".$row['crt_name'];
+ $subject = `openssl x509 -in '$row[crt_name]' -text -noout|grep Subject:`;
+ $bits = explode("/", $subject);
+ foreach($bits as $val)
+ {
+ $sub = explode("=", trim($val));
+ if($sub['0'] == "emailAddress")
+ {
+ $row['subject'] = "/CN=".$row['CN']."/emailAddress=".$sub['1'];
+ break;
+ }
+ }
+ }
+ if($row['subject'] == "")
+ $row['subject'] = "/CN=".$row['CN'];
+ $row['daysleft'] = ceil($row['daysleft']);
+ $body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
+ $body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
+ $body .= $row['subject']."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
+ $body .= "https://www.cacert.org/account.php?id=5\n\n";
+ $body .= _("Best Regards")."\n"._("CAcert Support");
+ sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
+echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid']." Subj: ".$row['subject']." timeleft: ".$row['daysleft'].")\n";
+ $query = "update `emailcerts` set `warning`='".($warning+1)."' where `id`='".$row['id']."'";
+ mysql_query($query);
+ }
+ }
+
+ foreach($days as $day => $warning)
+ {
+ $select_clause =
+ "`domaincerts`.`id`,
+ `users`.`fname`, `users`.`lname`, `users`.`email`,
+ `domains`.`memid`,
+ `domaincerts`.`subject`, `domaincerts`.`crt_name`,
+ `domaincerts`.`CN`,
+ `domaincerts`.`serial`,
+ (UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`";
+ $where_clause =
+ "UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) > -7 * 86400
+ AND UNIX_TIMESTAMP(`domaincerts`.`expire`) -
+ UNIX_TIMESTAMP(NOW()) < $day * 86400
+ AND `domaincerts`.`renewed` = 0
+ AND `domaincerts`.`warning` <= '$warning'
+ AND `domaincerts`.`revoked` = 0
+ AND `domains`.`memid` = `users`.`id`";
+ $query =
+ "SELECT $select_clause
+ FROM `users`, `domaincerts`, `domains`
+ WHERE $where_clause
+ AND `domaincerts`.`domid` = `domains`.`id`
+ UNION DISTINCT
+ SELECT $select_clause
+ FROM `users`,
+ `domaincerts` LEFT JOIN `domlink` ON
+ (`domaincerts`.`id` = `domlink`.`certid`),
+ `domains`
+ WHERE $where_clause
+ AND `domlink`.`domid` = `domains`.`id`";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ {
+ if($row['subject'] == "")
+ $row['subject'] = $row['CN'];
+
+ $row['daysleft'] = ceil($row['daysleft']);
+ $body = sprintf(_("Hi %s"), $row['fname']).",\n\n";
+ $body .= _("You are receiving this email as you are the listed contact for:")."\n\n";
+ $body .= $row['subject']."\n\n";
+ $body .= sprintf(_("Your certificate with the serial number %s is ".
+ "set to expire in approximately %s days time. You can ".
+ "renew it by going to the following URL:"),
+ $row['serial'],
+ $row['daysleft'])."\n\n";
+ $body .= "https://www.cacert.org/account.php?id=12\n\n";
+ $body .= _("Best Regards")."\n"._("CAcert Support");
+ sendmail($row['email'], "[CAcert.org] "._("Your Certificate is about to expire"), $body, "support@cacert.org", "", "", "CAcert Support");
+echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid']." Subj: ".$row['CN']." timeleft: ".$row['daysleft'].")\n";
+ $query = "update `domaincerts` set `warning`='".($warning+1)."' where `id`='".$row['id']."'";
+ mysql_query($query);
+ }
+ }
+?>