From 93e066dbccde757ac54fce818bd97ef0043b6207 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 21 Dec 2011 00:03:21 +0100
Subject: bug 964: Patches from Brian Dawson: allow selection of keysize in IE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 pages/account/17.php | 122 +----------------------------------
 pages/account/4.php  | 175 +--------------------------------------------------
 2 files changed, 4 insertions(+), 293 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/17.php b/pages/account/17.php
index 2ba5390..36b0c9f 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -14,124 +14,6 @@
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?>
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
-  Dim CspList, cspIndex, ProviderName
-  On Error Resume Next
+*/
 
-  count = 0
-  base = 0
-  enhanced = 0
-  CspList = ""
-  ProviderName = ""
-
-  For ProvType = 0 to 13
-    cspIndex = 0
-    cec.ProviderType = ProvType
-    ProviderName = cec.enumProviders(cspIndex,0)
-
-    while ProviderName <> ""
-     Set oOption = document.createElement("OPTION")
-     oOption.text = ProviderName
-     oOption.value = ProvType
-     Document.CertReqForm.CspProvider.add(oOption)
-     if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
-       base = count
-     end if
-     if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
-       enhanced = count
-     end if
-     cspIndex = cspIndex +1
-     ProviderName = ""
-     ProviderName = cec.enumProviders(cspIndex,0)
-     count = count + 1
-   wend
-  Next
-  Document.CertReqForm.CspProvider.selectedIndex = base
-  if enhanced then
-    Document.CertReqForm.CspProvider.selectedIndex = enhanced
-  end if
-End Function
-
-Function CSR(keyflags)
-  CSR = ""
-  szName  = ""
-  cec.HashAlgorithm = "MD5"
-  err.clear
-  On Error Resume Next
-  set options = document.all.CspProvider.options
-  index = options.selectedIndex
-  cec.providerName = options(index).text
-  tmpProviderType = options(index).value
-  cec.providerType = tmpProviderType
-  cec.KeySpec = 2
-  if tmpProviderType < 2 Then
-    cec.KeySpec = 1
-  end if
-  cec.GenKeyFlags = &h04000001 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = &h04000000 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
-    if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
-      cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
-    else
-      Exit Function
-    end if
-  end if
-  cec.GenKeyFlags = 1 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = 0
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-End Function
-
-Sub GenReq_OnClick
-  Dim TheForm
-  Set TheForm = Document.CertReqForm
-  err.clear
-  result = CSR(2)
-  if len(result)=0 Then
-    result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
-    Exit Sub
-  end if
-  TheForm.CSR.Value = result
-  TheForm.Submit
-  Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once "../../includes/keygen.php";
diff --git a/pages/account/4.php b/pages/account/4.php
index a4d6597..36b0c9f 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -14,177 +14,6 @@
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
-  Dim CspList, cspIndex, ProviderName
-  On Error Resume Next
+*/
 
-  count = 0
-  base = 0
-  enhanced = 0
-  CspList = ""
-  ProviderName = ""
-
-  // Vista:
-  Set csps = CreateObject("X509Enrollment.CCspInformations")
-  If IsObject(csps) Then
-    csps.AddAvailableCsps()
-    Document.CertReqForm.keytype.value="VI"
-    For j = 0 to csps.Count-1
-      Set oOption = document.createElement("OPTION")
-      oOption.text = csps.ItemByIndex(j).Name
-      oOption.value = j
-      Document.CertReqForm.CspProvider.add(oOption)
-    Next
-
-  Else
-
-  // 2000,XP:
-
-   For ProvType = 0 to 13
-    cspIndex = 0
-    cec.ProviderType = ProvType
-    ProviderName = cec.enumProviders(cspIndex,0)
-
-    while ProviderName <> ""
-     Set oOption = document.createElement("OPTION")
-     oOption.text = ProviderName
-     oOption.value = ProvType
-     Document.CertReqForm.CspProvider.add(oOption)
-     if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
-       base = count
-     end if
-     if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
-       enhanced = count
-     end if
-     cspIndex = cspIndex +1
-     ProviderName = ""
-     ProviderName = cec.enumProviders(cspIndex,0)
-     count = count + 1
-    wend
-   Next
-   Document.CertReqForm.CspProvider.selectedIndex = base
-   if enhanced then
-    Document.CertReqForm.CspProvider.selectedIndex = enhanced
-   end if
-  End If
-End Function
-
-Function CSR(keyflags)
-  CSR = ""
-  szName  = ""
-
-
-  // Vista
-  if Document.CertReqForm.keytype.value="VI" Then
-
-    Dim g_objClassFactory
-    Dim obj
-    Dim objPrivateKey
-    Dim g_objRequest
-    Dim g_objRequestCMC
-  
-    Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
-    Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
-    Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
-    Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
-    //Msgbox     exit function
-    objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
-    // "Microsoft Enhanced RSA and AES Cryptographic Provider"
-    objPrivateKey.ProviderType = "24"
-    objPrivateKey.KeySpec = "1"
-    objPrivateKey.ExportPolicy = 1
-    objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
-    Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
-    objDN.Encode("CN=CAcertRequest")
-    objRequest.Subject = objDN
-
-    //  obj.Initialize(1)
-    obj.InitializeFromRequest(objRequest)
-    obj.CertificateDescription="Description"
-    obj.CertificateFriendlyName="FriendlyName"
-    CSR=obj.CreateRequest(1)
-    If len(CSR)<>0 Then Exit Function
-    Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
-
-  else
-  // XP
-
-  cec.HashAlgorithm = "MD5"
-  err.clear
-  On Error Resume Next
-  set options = document.all.CspProvider.options
-  index = options.selectedIndex
-  cec.providerName = options(index).text
-  tmpProviderType = options(index).value
-  cec.providerType = tmpProviderType
-  cec.KeySpec = 2
-  if tmpProviderType < 2 Then
-    cec.KeySpec = 1
-  end if
-  cec.GenKeyFlags = &h04000001 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = &h04000000 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
-    if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
-      cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
-    else
-      Exit Function
-    end if
-  end if
-  cec.GenKeyFlags = 1 OR keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = keyflags
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  if len(CSR)<>0 then Exit Function
-  cec.GenKeyFlags = 0
-  CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-  End if
-End Function
-
-Sub GenReq_OnClick
-  Dim TheForm
-  Set TheForm = Document.CertReqForm
-  err.clear
-  result = CSR(2)
-  if len(result)=0 Then
-    result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
-    Exit Sub
-  end if
-  TheForm.CSR.Value = result
-  TheForm.Submit
-  Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once "../../includes/keygen.php";
-- 
cgit v1.2.1


From 327d40464b9ad672db38ea6bd1e271c1f771afde Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 21 Dec 2011 01:04:47 +0100
Subject: bug 964: Doh. require() confusion.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 pages/account/17.php | 2 +-
 pages/account/4.php  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/17.php b/pages/account/17.php
index 36b0c9f..8ac8b65 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -16,4 +16,4 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-require_once "../../includes/keygen.php";
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/4.php b/pages/account/4.php
index 36b0c9f..8ac8b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -16,4 +16,4 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-require_once "../../includes/keygen.php";
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
-- 
cgit v1.2.1


From 9b0e49833c2ce5aec65361b9d5ed96e39c625e6c Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Thu, 13 Dec 2012 10:15:52 +0100
Subject: bug 1122:created new file for the CCA overview and added short
 information about CCA into SE admin console

---
 pages/account/43.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'pages/account')

diff --git a/pages/account/43.php b/pages/account/43.php
index 7bf6d04..67076bb 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -176,6 +176,10 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
     <td class="DataTD"><?=_("Trainings")?>:</td>
     <td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
   </tr>
+  <tr>
+    <td class="DataTD"><?=_("CCA accepted")?>:</td>
+    <td class="DataTD"><?=intval(get_user_agreement_status($row['id']))?>  <a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>">show</a></td>
+  </tr>
   <tr>
     <td class="DataTD"><?=_("Is Assurer")?>:</td>
     <td class="DataTD"><a href="account.php?id=43&amp;assurer=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admsetassuret')?>"><?=$row['assurer']?></a></td>
-- 
cgit v1.2.1


From e22a338486cd4d7305eb8b2f4b36460873a5855b Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Thu, 13 Dec 2012 10:36:21 +0100
Subject: bug 1122: Added pages/account/57.php

---
 pages/account/57.php | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 108 insertions(+)
 create mode 100644 pages/account/57.php

(limited to 'pages/account')

diff --git a/pages/account/57.php b/pages/account/57.php
new file mode 100644
index 0000000..6b15889
--- /dev/null
+++ b/pages/account/57.php
@@ -0,0 +1,108 @@
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2008  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/ ?>
+<?
+  include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
+  
+  if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+
+  echo _("You do not have access to this page");
+
+  } else {  
+    $user_id = intval($_REQUEST['userid']);
+    $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
+    $res = mysql_query($query);
+    if(mysql_num_rows($res) <= 0)
+    {
+      echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
+    } else {
+      $row = mysql_fetch_assoc($res);
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+  <tr>
+    <td colspan="5" class="title"><?=_("CCA agreement of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
+  </tr>
+</table>
+
+  
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+  <tr>
+    <td class="DataTD"><b><?=_("???")?></b></td>
+    <td class="DataTD"><b><?=_("Date")?></b></td>
+    <td class="DataTD"><b><?=_("Methode")?></b></td>
+    <td class="DataTD"><b><?=_("Type")?></b></td>
+  </tr>
+<?
+  $data=get_first_user_agreement($user_id,1);
+  if (isset($data['active'])==false){
+      $type="";
+    }else{
+      $type=_("active");
+    }
+?>
+  <tr>
+    <td class="DataTD"><?=_("first active CCA")?></td>
+    <td class="DataTD"><?=$data['date']?></td>
+    <td class="DataTD"><?=$data['method']?></td>
+    <td class="DataTD"><?=$type?></td>
+  </tr>
+<?
+  $data=get_first_user_agreement($user_id,0);
+  if (isset($data['active'])==false){
+      $type="";
+    }else{
+      $type=_("passive");
+    }
+?>
+  <tr>
+    <td class="DataTD"><?=_("first passive CCA")?></td>
+    <td class="DataTD"><?=$data['date']?></td>
+    <td class="DataTD"><?=$data['method']?></td>
+    <td class="DataTD"><?=$type?></td>
+  </tr>
+<?
+  $data=get_last_user_agreement($user_id);
+  if (isset($data['active'])==false){
+      $type="";
+    }elseif($data['active']==1){
+      $type=_("active");
+    }else{
+      $type=_("passive");
+    }
+?>
+  <tr>
+    <td class="DataTD"><?=_("last CCA")?></td>
+    <td class="DataTD"><?=$data['date']?></td>
+    <td class="DataTD"><?=$data['method']?></td>
+    <td class="DataTD"><?=$type?></td>
+  </tr>
+</table>
+<br>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+  <tr> 
+<?
+      if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+?>
+    <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=$user_id ?>">back</a></td></tr>
+<?    } 
+?>  </table>
+<?
+  }
+    }
+?> 
+
-- 
cgit v1.2.1


From da058f16eb5413d0c859196cbe837dc8328f27a5 Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Sat, 15 Dec 2012 09:48:24 +0100
Subject: Bug 1124: changed the order of the entries from country-language to
 language-country

---
 pages/account/41.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pages/account')

diff --git a/pages/account/41.php b/pages/account/41.php
index d2cfc8c..26ad11c 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -74,7 +74,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
 	while($row = mysql_fetch_assoc($res))
 	{
 		echo "<option value='".sanitizeHTML($row['locale'])."'";
-		echo ">".$row['country']." - ".$row['lang']."</option>\n";
+		echo ">".$row['lang']." - ".$row['country']."</option>\n";
 	}
 ?>
 	</select>
-- 
cgit v1.2.1


From 7dca631c59754d7f9e4fff12edc924b8c03d127c Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Sun, 6 Jan 2013 23:28:49 +0100
Subject: bug 1122: Changed isset==false to !isset, Change from " to ', typo
 fix

---
 pages/account/57.php | 41 ++++++++++++++++++++---------------------
 1 file changed, 20 insertions(+), 21 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/57.php b/pages/account/57.php
index 6b15889..76eee27 100644
--- a/pages/account/57.php
+++ b/pages/account/57.php
@@ -16,11 +16,11 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
 <?
-  include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
+  include_once($_SESSION['_config']['filepath'].'/includes/notary.inc.php');
   
   if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
 
-  echo _("You do not have access to this page");
+  echo _('You do not have access to this page');
 
   } else {  
     $user_id = intval($_REQUEST['userid']);
@@ -34,7 +34,7 @@
 ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="5" class="title"><?=_("CCA agreement of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
+    <td colspan="5" class="title"><?=_('CCA agreement of').' '.sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname'])?></td>
   </tr>
 </table>
 
@@ -42,51 +42,51 @@
 <br>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td class="DataTD"><b><?=_("???")?></b></td>
-    <td class="DataTD"><b><?=_("Date")?></b></td>
-    <td class="DataTD"><b><?=_("Methode")?></b></td>
-    <td class="DataTD"><b><?=_("Type")?></b></td>
+    <td class="DataTD"><b><?=_('CCA type')?></b></td>
+    <td class="DataTD"><b><?=_('Date')?></b></td>
+    <td class="DataTD"><b><?=_('Method')?></b></td>
+    <td class="DataTD"><b><?=_('Type')?></b></td>
   </tr>
 <?
   $data=get_first_user_agreement($user_id,1);
-  if (isset($data['active'])==false){
-      $type="";
+  if (!isset($data['active'])){
+      $type='';
     }else{
-      $type=_("active");
+      $type=_('active');
     }
 ?>
   <tr>
-    <td class="DataTD"><?=_("first active CCA")?></td>
+    <td class="DataTD"><?=_('First active CCA')?></td>
     <td class="DataTD"><?=$data['date']?></td>
     <td class="DataTD"><?=$data['method']?></td>
     <td class="DataTD"><?=$type?></td>
   </tr>
 <?
   $data=get_first_user_agreement($user_id,0);
-  if (isset($data['active'])==false){
+  if (!isset($data['active'])){
       $type="";
     }else{
-      $type=_("passive");
+      $type=_('passive');
     }
 ?>
   <tr>
-    <td class="DataTD"><?=_("first passive CCA")?></td>
+    <td class="DataTD"><?=_('First passive CCA')?></td>
     <td class="DataTD"><?=$data['date']?></td>
     <td class="DataTD"><?=$data['method']?></td>
     <td class="DataTD"><?=$type?></td>
   </tr>
 <?
   $data=get_last_user_agreement($user_id);
-  if (isset($data['active'])==false){
+  if (!isset($data['active'])){
       $type="";
     }elseif($data['active']==1){
-      $type=_("active");
+      $type=_('active');
     }else{
-      $type=_("passive");
+      $type=_('passive');
     }
 ?>
   <tr>
-    <td class="DataTD"><?=_("last CCA")?></td>
+    <td class="DataTD"><?=_('Last CCA')?></td>
     <td class="DataTD"><?=$data['date']?></td>
     <td class="DataTD"><?=$data['method']?></td>
     <td class="DataTD"><?=$type?></td>
@@ -103,6 +103,5 @@
 ?>  </table>
 <?
   }
-    }
-?> 
-
+}
+?>
-- 
cgit v1.2.1


From 145102ac00024ea88c7d5db6129aa79ffaaed040 Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Mon, 7 Jan 2013 18:49:01 +0100
Subject: bug 1122: layout change

---
 pages/account/43.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/43.php b/pages/account/43.php
index 67076bb..a926a98 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -173,12 +173,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
     <input type="submit" value="Go"></form></nobr></td>
   </tr>
   <tr>
-    <td class="DataTD"><?=_("Trainings")?>:</td>
-    <td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
+    <td class="DataTD"><?=_("CCA accepted")?>:</td>
+    <td class="DataTD"><a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>"><?=intval(get_user_agreement_status($row['id'])) ? _("Yes") : _("No") ?></a></td>
   </tr>
   <tr>
-    <td class="DataTD"><?=_("CCA accepted")?>:</td>
-    <td class="DataTD"><?=intval(get_user_agreement_status($row['id']))?>  <a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>">show</a></td>
+    <td class="DataTD"><?=_("Trainings")?>:</td>
+    <td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Is Assurer")?>:</td>
-- 
cgit v1.2.1


From 9769049b3764c7744a296ac0a0b3381916b30749 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 23 Jan 2013 00:24:14 +0100
Subject: bug-1141: Show server certificates from deleted domains so a user can
 verify their state. Also: some cosmetic fixes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 pages/account/12.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/12.php b/pages/account/12.php
index 44926ca..fa8b41a 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -36,7 +36,7 @@
 			`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
 			UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
 			from `domaincerts`,`domains`
-			where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
+			where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
 	if($viewall != 1)
 	{
 		$query .= "AND `revoked`=0 AND `renewed`=0 ";
@@ -49,7 +49,7 @@
 	{
 ?>
   <tr>
-    <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
+    <td colspan="6" class="DataTD"><?=_("No certificates are currently listed.")?></td>
   </tr>
 <? } else {
 	while($row = mysql_fetch_assoc($res))
@@ -85,8 +85,10 @@
 	    <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
   </tr>
 <? } ?>
+  <tr>
+    <td class="DataTD" colspan="6"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+  </tr>
 </table>
 <input type="hidden" name="oldid" value="<?=$id?>">
 <input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>" />
 </form>
-<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
-- 
cgit v1.2.1


From f7484beb1ecc6d7d8cf8d31eee792bd4ba540aec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 13 Feb 2013 00:00:20 +0100
Subject: Source code taken from cacert-20130129.tar.bz2

---
 pages/account/40.php | 41 +++++++++++++++++++----------------------
 pages/account/41.php |  2 +-
 2 files changed, 20 insertions(+), 23 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/40.php b/pages/account/40.php
index 4877d79..a809595 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -29,15 +29,26 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
 <p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
 <form method="post" action="account.php" name="form1">
   <input type="hidden" name="oldid" value="<?=$id?>">
-  <input type="hidden" name="support" value="yes">
+<!--   <input type="hidden" name="support" value="yes"> --> 
   <input type="hidden" name="secrethash2" value="">
-  <table border="0">
-    <tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
-    <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
-    <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
-    <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
-    <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
-    <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+  <p class="robotic" id="pot">
+    <label>If you're human leave this blank:</label>
+    <input name="robotest" type="text" id="robotest" class="robotest" />
+  </p>
+<table border="0">
+    <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+    <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+    <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+    <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+
+    <tr>
+      <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+      <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+    </tr>
+    <tr>
+      <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+      <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+    </tr>
   </table>
 </form>
 
@@ -50,20 +61,6 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
 <p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
 <p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
 
-<p><b><?=_("Sensitive Information")?></b></p>
-<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="account.php" name="form2">
-  <input type="hidden" name="secrethash2" value="">
-  <input type="hidden" name="oldid" value="<?=$id?>">
-  <table border="0">
-    <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
-    <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
-    <tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
-    <tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
-    <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
-  </table>
-</form>
-
 <p><b><?=_("Security Issues")?></b></p>
 <p><?=sprintf(_("Please use any of the following ways to report security ".
 	"issues: You can use the above contact form for sensitive information. ".
diff --git a/pages/account/41.php b/pages/account/41.php
index d2cfc8c..4ea9b10 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -25,7 +25,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
     <td colspan="2" class="title"><?=_("My Language Settings")?></td>
   </tr>
   <tr>
-    <td class="DataTD"><?=_("My prefered language")?>:</td>
+    <td class="DataTD"><?=_("My preferred language")?>:</td>
     <td class="DataTD"><select name="lang">
 <?
 	foreach(L10n::$translations as $key => $val)
-- 
cgit v1.2.1


From 1b2ceade6acb5f3d3b498ae7de9873d27ca1795e Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Wed, 20 Feb 2013 00:05:45 +0100
Subject: bug 1124: Changed sorting order

---
 pages/account/41.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pages/account')

diff --git a/pages/account/41.php b/pages/account/41.php
index 26ad11c..545161a 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -69,7 +69,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
     <td class="DataTD"><?=_("Secondary languages")?>:</td>
     <td class="DataTD"><select name="addlang">
 <?
-	$query = "select * from `languages` order by `locale`";
+	$query = "select * from `languages` order by `lang`,`country`";
 	$res = mysql_query($query);
 	while($row = mysql_fetch_assoc($res))
 	{
-- 
cgit v1.2.1


From 47f72a7ca006dd9efff645545e58a391e64468a6 Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Tue, 12 Mar 2013 23:29:32 +0100
Subject: bug 1124: Changed display to [locale] Language (country) eg[de-AT]
 German (Austria)

---
 pages/account/41.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pages/account')

diff --git a/pages/account/41.php b/pages/account/41.php
index 545161a..aac45dd 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -74,7 +74,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
 	while($row = mysql_fetch_assoc($res))
 	{
 		echo "<option value='".sanitizeHTML($row['locale'])."'";
-		echo ">".$row['lang']." - ".$row['country']."</option>\n";
+		echo ">[".$row['locale']."] ".$row['lang']." - (".$row['country'].")</option>\n";
 	}
 ?>
 	</select>
-- 
cgit v1.2.1


From e876e93e5941e295807c311a990775a2188d4d4a Mon Sep 17 00:00:00 2001
From: Benny Baumann <BenBE@geshi.org>
Date: Wed, 13 Mar 2013 09:08:42 +0100
Subject: bug 1124: Sanatize properly and make code look better

---
 pages/account/41.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/41.php b/pages/account/41.php
index aac45dd..148944a 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -73,8 +73,12 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
 	$res = mysql_query($query);
 	while($row = mysql_fetch_assoc($res))
 	{
-		echo "<option value='".sanitizeHTML($row['locale'])."'";
-		echo ">[".$row['locale']."] ".$row['lang']." - (".$row['country'].")</option>\n";
+		printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
+			sanitizeHTML($row['locale']),
+			sanitizeHTML($row['locale']),
+			sanitizeHTML($row['lang']),
+			sanitizeHTML($row['country'])
+			);
 	}
 ?>
 	</select>
-- 
cgit v1.2.1


From 3c4d3fa9a9bf74090fc5ef86847e0a1b58f5c96f Mon Sep 17 00:00:00 2001
From: Benny Baumann <BenBE@geshi.org>
Date: Wed, 13 Mar 2013 18:38:52 +0100
Subject: bug 1124: Avoid duplicate escaping and do ordering by locale

---
 pages/account/41.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/41.php b/pages/account/41.php
index 148944a..4974537 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -69,15 +69,15 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
     <td class="DataTD"><?=_("Secondary languages")?>:</td>
     <td class="DataTD"><select name="addlang">
 <?
-	$query = "select * from `languages` order by `lang`,`country`";
+	$query = "select * from `languages` order by `locale`";
 	$res = mysql_query($query);
 	while($row = mysql_fetch_assoc($res))
 	{
 		printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
 			sanitizeHTML($row['locale']),
 			sanitizeHTML($row['locale']),
-			sanitizeHTML($row['lang']),
-			sanitizeHTML($row['country'])
+			$row['lang'],
+			$row['country']
 			);
 	}
 ?>
-- 
cgit v1.2.1


From e49378aff89a0deff177e16da6a1db7d5fb832cb Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Sat, 20 Apr 2013 07:52:11 +0200
Subject: bug 1165: Changed text according to bug entry

---
 pages/account/10.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'pages/account')

diff --git a/pages/account/10.php b/pages/account/10.php
index 704a05c..7a8e2b7 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -26,7 +26,8 @@
 
 <p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
 
-<p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not. If you are a valid organisation and would like more details to appear on certificates, you will need to have at least 50 assurance points and you need to send us a copy of your document of incorporation. Then we can add those details to your certificates. Contact us for more information on our organisational services.")?> ***</b></p>
+<p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
+<p><?=sprintf(_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via %s for more information."),'support@cacert.org')?> </p>
 
 <form method="post" action="account.php">
 <? if($_SESSION['profile']['points'] >= 50) { ?>
-- 
cgit v1.2.1


From ec3cd2812f0a833689382c00e569db6bfb59535b Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Mon, 22 Apr 2013 09:04:16 +0200
Subject: bug 1165: Changed link

---
 pages/account/10.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pages/account')

diff --git a/pages/account/10.php b/pages/account/10.php
index 7a8e2b7..4f8e40b 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -27,7 +27,7 @@
 <p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
 
 <p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
-<p><?=sprintf(_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via %s for more information."),'support@cacert.org')?> </p>
+<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?> </p>
 
 <form method="post" action="account.php">
 <? if($_SESSION['profile']['points'] >= 50) { ?>
-- 
cgit v1.2.1


From c319de269e4167e47af8dbe767b4df650747d987 Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Tue, 23 Apr 2013 22:12:44 +0200
Subject: bug 1165: Change wording

---
 pages/account/10.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'pages/account')

diff --git a/pages/account/10.php b/pages/account/10.php
index 4f8e40b..a394695 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -26,8 +26,8 @@
 
 <p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
 
-<p><b>*** <?=_("Please Note. All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
-<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?> </p>
+<p><b>*** <?=_("Please note: All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
+<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
 
 <form method="post" action="account.php">
 <? if($_SESSION['profile']['points'] >= 50) { ?>
-- 
cgit v1.2.1