summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2012-06-12 22:11:54 +0200
committerMichael Tänzer <neo@nhng.de>2012-06-12 22:11:54 +0200
commitfbd8753eaefa54c9ddfff57647f6bb5405281177 (patch)
tree6f1e70f2c750831a8c4bdc1d9dca29f9759d482b
parent5f13d8f7b344b1d806a423eb1daca56724e78ddd (diff)
downloadcacert-fbd8753eaefa54c9ddfff57647f6bb5405281177.tar.gz
cacert-fbd8753eaefa54c9ddfff57647f6bb5405281177.tar.xz
cacert-fbd8753eaefa54c9ddfff57647f6bb5405281177.zip
Source code taken from cacert-20120610.tar.bz2
-rw-r--r--includes/wot.inc.php90
-rw-r--r--pages/wot/6.php174
-rw-r--r--www/cats/cats_import.php4
3 files changed, 127 insertions, 141 deletions
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
index 884b97f..edc442a 100644
--- a/includes/wot.inc.php
+++ b/includes/wot.inc.php
@@ -536,4 +536,94 @@
<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
<?
}
+
+// functions for 6.php (assure somebody)
+
+function AssureHead($confirmation,$checkname)
+{
+?>
+<form method="post" action="wot.php">
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
+ <tr>
+ <td colspan="2" class="title"><?=$confirmation?></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+ </tr>
+<?
+ }
+
+function AssureTextLine($field1,$field2)
+{
+?>
+ <tr>
+ <td class="DataTD"><?=$field1?>:</td>
+ <td class="DataTD"><?=$field2?></td>
+ </tr>
+<?
+}
+
+function AssureCCABoxLine($type,$text)
+{
+ return;
+ AssureBoxLine($type,$text);
+}
+
+function AssureBoxLine($type,$text,$checked)
+{
?>
+ <tr>
+ <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
+ <td class="DataTD"><?=$text?></td>
+ </tr>
+<?
+}
+
+function AssureMethodLine($text,$methods,$remark)
+{
+ if (count($methods) != 1)
+ {
+?>
+ <tr>
+ <td class="DataTD"><?=$text?></td>
+ <td class="DataTD">
+ <select name="method">
+<?
+ foreach($methods as $val) { ?>
+ <option value="<?=$val?>"> <?=$val?></option>
+
+<? } ?>
+ </select>
+ </br><?=$remark?>
+ </td>
+ </tr>
+<?
+ } else {
+?>
+ <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
+<?
+ }
+}
+
+function AssureInboxLine($type,$field,$value,$description)
+{
+?>
+ <tr>
+ <td class="DataTD"><?=$field?>:</td>
+ <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+ </tr>
+<?
+}
+
+function AssureFoot($oldid,$confirm)
+{?>
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
+ </tr>
+ </table>
+ <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
+ <input type="hidden" name="oldid" value="<?=$oldid?>">
+</form>
+<?
+}
+
diff --git a/pages/wot/6.php b/pages/wot/6.php
index f8be9d7..e648ed4 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -16,6 +16,11 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
+
+function makecap()
+{
+}
+
if(!array_key_exists('notarise',$_SESSION['_config']))
{
echo "Error: No user data found.";
@@ -24,147 +29,38 @@
$row = $_SESSION['_config']['notarise'];
- if(!array_key_exists('pointsalready',$_SESSION['_config'])) $_SESSION['_config']['pointsalready']=0;
-
-
- if($_SESSION['profile']['ttpadmin'] == 1 && $_SESSION['profile']['board'] == 1)
- {
- $methods = array("Face to Face Meeting", "Trusted Third Parties", "Thawte Points Transfer", "Administrative Increase", "CT Magazine - Germany");
- } else if($_SESSION['profile']['ttpadmin'] == 1) {
- $methods = array("Face to Face Meeting", "Trusted Third Parties");
- }
+ if($_SESSION['profile']['ttpadmin'] == 1)
+// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP");
+// else
+ $methods = array("Face to Face Meeting", "Trusted 3rd Parties");
+ else
+ $methods = array("Face to Face Meeting");
- $cap = "/cap.php?";
- $name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
- $_SESSION['_config']['wothash'] = md5($name."-".$row['dob']);
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "name=".urlencode($name);
- $cap .= "&amp;dob=".urlencode($row['dob']);
- $cap .= "&amp;email=".urlencode($row['email']);
- $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
- while(strstr($name, " "))
- $name = str_replace(" ", " ", $name);
- $cap .= "&amp;assurer=".urlencode($name);
- $cap .= "&amp;date=now";
- $cap .= "&amp;maxpoints=".maxpoints();
+ $fname = $row['fname'];
+ $mname = $row['mname'];
+ $lname = $row['lname'];
+ $suffix = $row['suffix'];
+ $dob = $row['dob'];
+ $name = $fname." ".$mname." ".$lname." ".$suffix;
+ $_SESSION['_config']['wothash'] = md5($name."-".$dob);
- $maxpoints = maxpoints();
- if($maxpoints > 100)
- $maxpoints = 100;
+ $cap=makecap($fname,$mname,$lname,$suffix,$dob,$row['email'],$_SESSION['profile']['fname'],$_SESSION['profile']['mname'],$_SESSION['profile']['lname'],$_SESSION['profile']['suffix']);
- if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
-<form method="post" action="wot.php">
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
- <tr>
- <td colspan="2" class="title"><?=_("Assurance Confirmation")?></td>
- </tr>
-<? if(array_key_exists('alreadydone',$_SESSION['_config']) && $_SESSION['_config']['alreadydone'] == 1) { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
- </tr>
-<?
- } if(100 - $_SESSION['_config']['pointsalready'] - $maxpoints < 0) {
- ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
- </tr>
-<? }
+ include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
- $query = "select `verified` from `users` where `id`='".$row['id']."'";
- $res = mysql_query($query);
- $drow = mysql_fetch_assoc($res);
- //if($_SESSION['_config']['verified'] <= 0)
- if($drow['verified']<=0)
- { ?>
- <tr>
- <td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("You are about to assure a person that isn't currently verified. If you continue and they do not verify their account within 48 hours the account could automatically be removed by the system.")?></b></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD" colspan="2" align="left"><? printf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $row['fname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Name")?>:</td>
- <td class="DataTD"><?=$row['fname']?> <?=$row['mname']?> <?=$row['lname']?> <?=$row['suffix']?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date of Birth")?>:</td>
- <td class="DataTD"><?=$row['dob']?> (<?=_("YYYY-MM-DD")?>)</td>
- </tr>
-<? if($_SESSION['profile']['ttpadmin'] == 1) { ?>
- <tr>
- <td class="DataTD"><?=_("Method")?>:</td>
- <td class="DataTD"><select name="method">
-<? foreach($methods as $val) { ?>
- <option value="<?=$val?>"<? if(array_key_exists('method',$_POST) && $val == $_POST['method']) echo " selected"; ?>><?=$val?></option>
-<? } ?>
- </select>
- </td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Only tick the next box if the Assurance was face to face.")?></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="certify" value="1"<? if(array_key_exists('certify',$_POST) && $_POST['certify'] == 1) echo " checked"; ?>></td>
- <td class="DataTD"><? printf(_("I certify that %s %s %s has appeared in person"), $row['fname'], $row['mname'], $row['lname']); ?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><input type="text" name="location" value="<?=array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:""?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Date")?>:</td>
- <td class="DataTD"><input type="text" name="date" value="<?=array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:""?>"><br><?=_("Only fill this in if you assured the person on a different day")?></td>
- </tr>
-<? if($_SESSION['profile']['board'] == 1 && $_SESSION['_config']['pointsalready'] <= 150) { ?>
- <tr>
- <td class="DataTD" colspan="2"><?=_("Issuing a temporary increase will automatically boost their points to 200 points for a nomindated amount of days, after which the person will be reduced to 150 points regardless of the amount of points they had previously. Regardless of method chosen above it will be recorded in the system as an Administrative Increase and there is a maximum amount of 45 days that points can be issued for.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Temporary Increase")?>:</nobr><br><nobr><?=_("Number of days")?></nobr></td>
- <td class="DataTD"><input type="text" name="expire" value="<?=intval(array_key_exists('expire',$_POST)?$_POST['expire']:0)?>"></td>
- </tr>
- <tr>
- <td class="DataTD"><nobr><?=_("Sponsoring Member")?>:</td>
- <td class="DataTD"><select name="sponsor">
-<?
- $query = "select * from `users` where `board`='1' and `id`!='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- {
+ AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
+ AssureTextLine(_("Name"),$name);
+ AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
+ AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+ AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
+ AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
+ AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+ AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
+ AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+ AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+ AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+ AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
+ AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
+ AssureTextLine(_("WoT Form"),"<a href=\"".$cap."\" target=\"_blank\">A4 - "._("WoT Form")."</a> <a href=\"".$cap."&amp;format=letter\" target=\"_blank\">US - "._("WoT Form")."</a>");
+ AssureFoot($id,_("I confirm this Assurance"));
?>
- <option value="<?=$row['id']?>"<? if(array_key_exists('sponsor',$_POST) && $row['id'] == $_POST['sponsor']) echo " selected='selected'"; ?>><?=$row['fname']." ".$row['lname']?></option>
-<? } ?>
- </select>
- </td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD"><input type="checkbox" name="assertion" value="1"<? if(array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><input type="checkbox" name="rules" value="1"<? if(array_key_exists('rules',$_POST) && $_POST['rules'] == 1) echo " checked='checked'"; ?>></td>
- <td class="DataTD"><?=_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook.")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Policy")?>:</td>
- <td class="DataTD"><a href="/policy/AssurancePolicy.php" target="_NEW"><?=_("Assurance Policy")?></a> - <a href="http://wiki.cacert.org/AssuranceHandbook2" target="_NEW"><?=_("Assurance Handbook")?></a></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Points")?>:<br><nobr>(Max <?=maxpoints()?>)</nobr></td>
- <td class="DataTD"><input type="text" name="points" value=""></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("WoT Form")?>:</td>
- <td class="DataTD"><a href="<?=$cap?>" target="_NEW">A4 - <?=_("WoT Form")?></a> <a href="<?=$cap?>&amp;format=letter" target="_NEW">US - <?=_("WoT Form")?></a></td>
- </tr>
- <tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I confirm this Assurance")?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
- </tr>
-</table>
-<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 56dd0cf..feb92d4 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -31,8 +31,8 @@ function sanitize_string($buffer) {
}
define ('UNDEFINED', 'nd');
-define ('ALLOWED_IP', '213.154.225.228');
-define ('ALLOWED_IP2', '193.238.157.112');
+define ('ALLOWED_IP', '213.154.225.243');
+define ('ALLOWED_IP2', '172.16.2.27');
define ('CONFIG_FILEPATH', '/www/');
$remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED;