diff options
Diffstat (limited to 'includes/notary.inc.php')
| -rw-r--r-- | includes/notary.inc.php | 1345 |
1 files changed, 1179 insertions, 166 deletions
diff --git a/includes/notary.inc.php b/includes/notary.inc.php index b34b2f4..3b8e736 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -16,6 +16,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ +define('NULL_DATETIME', '0000-00-00 00:00:00'); +define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); + function query_init ($query) { return mysql_query($query); @@ -35,7 +38,7 @@ function get_number_of_assurances ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' "); + WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' and `deleted` = 0"); $row = query_getnextrow($res); return intval($row['list']); @@ -44,7 +47,7 @@ function get_number_of_ttpassurances ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' "); + WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' and `deleted` = 0"); $row = query_getnextrow($res); return intval($row['list']); @@ -53,7 +56,7 @@ function get_number_of_assurees ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' "); + WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' and `deleted` = 0"); $row = query_getnextrow($res); return intval($row['list']); @@ -62,7 +65,7 @@ function get_top_assurer_position ($no_of_assurances) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' + WHERE `method` = 'Face to Face Meeting' and `deleted` = 0 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'"); return intval(query_get_number_of_rows($res)+1); } @@ -70,32 +73,52 @@ function get_top_assuree_position ($no_of_assurees) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' + WHERE `method` = 'Face to Face Meeting' and `deleted` = 0 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'"); return intval(query_get_number_of_rows($res)+1); } - function get_given_assurances ($userid) + /** + * Get the list of assurances given by the user + * @param int $userid - id of the assurer + * @param int $log - if set to 1 also includes deleted assurances + * @return resource - a MySQL result set + */ + function get_given_assurances($userid, $log=0) { - $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc"); + $deleted=''; + if ($log == 0) { + $deleted = ' and `deleted` = 0 '; + } + $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc"); return $res; } - function get_received_assurances ($userid) + /** + * Get the list of assurances received by the user + * @param int $userid - id of the assuree + * @param int $log - if set to 1 also includes deleted assurances + * @return resource - a MySQL result set + */ + function get_received_assurances($userid, $log=0) { - $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc "); + $deleted=''; + if ($log == 0) { + $deleted = ' and `deleted` = 0 '; + } + $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc "); return $res; } function get_given_assurances_summary ($userid) { - $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method"); + $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method"); return $res; } function get_received_assurances_summary ($userid) { - $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method"); + $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method"); return $res; } @@ -113,69 +136,177 @@ return mysql_num_rows($res); } - function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked) + + /** + * Calculate awarded points (corrects some issues like out of range points + * or points that were issued by means that have been deprecated) + * + * @param array $row - associative array containing the data from the + * `notary` table + * @return int - the awarded points for this assurance + */ + function calc_awarded($row) + { + // Back in the old days there was no `awarded` column => is now zero, + // there the `points` column contained that data + $points = max(intval($row['awarded']), intval($row['points'])); + + // Set negative points to zero, yes there are such things in the database + $points = max($points, 0); + + switch ($row['method']) + { + // These programmes have been revoked + case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration) + case 'CT Magazine - Germany': // revoke c't (only one test-entry) + case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented) + $points = 0; + break; + + case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation) + if ($points <= 2) // maybe limit to 35/50 pts in the future? + $points = 0; + break; + + // TTP assurances, limit to 35 + case 'TTP-Assisted': + $points = min($points, 35); + break; + + // TTP TOPUP, limit to 30 + case 'TOPUP': + $points = min($points, 30); + + // All these should be preserved for the time being + case 'Unknown': // to be revoked in the future? limit to max 50 pts? + case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? + case '': // to be revoked in the future? limit to max 50 pts? + case 'Face to Face Meeting': // normal assurances (and superassurances?), limit to 35/50 pts in the future? + break; + + default: // should never happen ... ;-) + $points = 0; + } + + return $points; + } + + + /** + * Calculate the experience points from a given Assurance + * @param array $row - [inout] associative array containing the data from + * the `notary` table, the keys 'experience' and 'calc_awarded' will be + * added + * @param int $sum_points - [inout] the sum of already counted assurance + * points the assurer issued + * @param int $sum_experience - [inout] the sum of already counted + * experience points that were awarded to the assurer + */ + function calc_experience(&$row, &$sum_points, &$sum_experience) { - $apoints = max($row['points'], $row['awarded']); - $points += $apoints; - $experience = " "; - $revoked = false; # to be coded later (after DB-upgrade) + $row['calc_awarded'] = calc_awarded($row); + + // Don't count revoked assurances even if we are displaying them + if ($row['deleted'] !== NULL_DATETIME) { + $row['experience'] = 0; + return; + } + + $experience = 0; if ($row['method'] == "Face to Face Meeting") { - $sum_experience = $sum_experience +2; - $experience = "2"; + $experience = 2; } - return $apoints; + $sum_experience += $experience; + $row['experience'] = $experience; + + $sum_points += $row['calc_awarded']; } - function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked) + /** + * Calculate the points received from a received Assurance + * @param array $row - [inout] associative array containing the data from + * the `notary` table, the keys 'experience' and 'calc_awarded' will be + * added + * @param int $sum_points - [inout] the sum of already counted assurance + * points the assuree received + * @param int $sum_experience - [inout] the sum of already counted + * experience points that were awarded to the assurer + */ + function calc_assurances(&$row, &$sum_points, &$sum_experience) { - $awarded = calc_points($row); - $revoked = false; + $row['calc_awarded'] = calc_awarded($row); + $experience = 0; - if ($awarded > 100) + // High point values mean that some of them are experience points + if ($row['calc_awarded'] > 100) { - $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100) - $awarded = 100; + $experience = $row['calc_awarded'] - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100) + $row['calc_awarded'] = 100; } - else - $experience = 0; switch ($row['method']) { case 'Thawte Points Transfer': case 'CT Magazine - Germany': case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented - $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked")); - $experience=0; - $revoked=true; + $experience = 0; + $row['deleted'] = THAWTE_REVOCATION_DATETIME; break; - default: - $points += $awarded; } - $sumexperience = $sumexperience + $experience; - } + // Don't count revoked assurances even if we are displaying them + if ($row['deleted'] !== NULL_DATETIME) { + $row['experience'] = 0; + return; + } + + $sum_experience += $experience; + $row['experience'] = $experience; + $sum_points += $row['calc_awarded']; + } - function show_user_link ($name,$userid) + /** + * Generate a link to the support engineer page for the user with the name + * of the user as link text + * @param array $user - associative array containing the data from the + * `user` table + * @return string + */ + function show_user_link($user) { - $name = trim($name); + $name = trim($user['fname'].' '.$user['lname']); + $userid = intval($user['id']); + if($name == "") { - if ($userid == 0) + if ($userid == 0) { $name = _("System"); - else + } else { $name = _("Deleted account"); + } } else - $name = "<a href='wot.php?id=9&userid=".intval($userid)."'>".sanitizeHTML($name)."</a>"; + { + $name = "<a href='wot.php?id=9&userid=".$userid."'>".sanitizeHTML($name)."</a>"; + } + return $name; } - function show_email_link ($email,$userid) + /** + * Generate a link to the support engineer page for the user with the email + * address as link text + * @param array $user - associative array containing the data from the + * `user` table + * @return string + */ + function show_email_link($user) { - $email = trim($email); - if($email != "") - $email = "<a href='account.php?id=43&userid=".intval($userid)."'>".sanitizeHTML($email)."</a>"; + $email = trim($user['email']); + if($email != "") { + $email = "<a href='account.php?id=43&userid=".intval($user['id'])."'>".sanitizeHTML($email)."</a>"; + } return $email; } @@ -215,35 +346,41 @@ <? } - function output_assurances_header($title,$support) + /** + * Render header for the assurance table (same for given/received) + * @param string $title - The title for the table + * @param int $support - set to 1 if the output is for the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_assurances_header($title, $support, $log) { + if ($support == 1) { + $log = 1; + } + + $colspan = 7; + if ($support == 1) { + $colspan += 2; + } + if ($log == 1) { + $colspan += 1; + } ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> -<? - if ($support == "1") - { -?> - <td colspan="10" class="title"><?=$title?></td> -<? - } else { -?> - <td colspan="7" class="title"><?=$title?></td> -<? - } -?> + <td colspan="<?=$colspan?>" class="title"><?=$title?></td> </tr> <tr> <td class="DataTD"><strong><?=_("ID")?></strong></td> <td class="DataTD"><strong><?=_("Date")?></strong></td> <? - if ($support == "1") - { + if ($support == 1) + { ?> <td class="DataTD"><strong><?=_("When")?></strong></td> <td class="DataTD"><strong><?=_("Email")?></strong></td> <? - } + } ?> <td class="DataTD"><strong><?=_("Who")?></strong></td> <td class="DataTD"><strong><?=_("Points")?></strong></td> @@ -251,43 +388,88 @@ <td class="DataTD"><strong><?=_("Method")?></strong></td> <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> <? - if ($support == "1") - { + if ($log == 1) + { ?> - <td class="DataTD"><strong><?=_("Revoke")?></strong></td> + <td class="DataTD"><strong><?=_("Revoked")?></strong></td> <? - } + } ?> </tr> <? } - function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support) + /** + * Render footer for the assurance table (same for given/received) + * @param string $points_txt - Description for sum of assurance points + * @param int $sumpoints - sum of assurance points + * @param string $experience_txt - Description for sum of experience points + * @param int $sumexperience - sum of experience points + * @param int $support - set to 1 if the output is for the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_assurances_footer( + $points_txt, + $sumpoints, + $experience_txt, + $sumexperience, + $support, + $log) { ?> <tr> - <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td> - <td class="DataTD"><?=$points?></td> + <td colspan="<?=($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?=$points_txt?>:</strong></td> + <td class="DataTD"><?=intval($sumpoints)?></td> <td class="DataTD"> </td> <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> - <td class="DataTD"><?=$sumexperience?></td> + <td class="DataTD"><?=intval($sumexperience)?></td> <? - if ($support == "1") - { + if ($log == 1) + { ?> <td class="DataTD"> </td> <? - } + } ?> - </tr> </table> <br/> <? } - function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked) + /** + * Render an assurance for a view + * @param array $assurance - associative array containing the data from the `notary` table + * @param int $userid - Id of the user whichs given/received assurances are displayed + * @param array $other_user - associative array containing the other users data from the `users` table + * @param int $support - set to 1 if the output is for the support interface + * @param string $ticketno - ticket number currently set in the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_assurances_row( + $assurance, + $userid, + $other_user, + $support, + $ticketno, + $log) { + $assuranceid = intval($assurance['id']); + $date = $assurance['date']; + $when = $assurance['when']; + $awarded = intval($assurance['calc_awarded']); + $points = intval($assurance['points']); + $location = $assurance['location']; + $method = $assurance['method'] ? _($assurance['method']) : ''; + $experience = intval($assurance['experience']); + $revoked = $assurance['deleted'] !== NULL_DATETIME; + + $email = show_email_link($other_user); + $name = show_user_link($other_user); + + if ($support == 1) { + $log = 1; + } $tdstyle=""; $emopen=""; @@ -295,7 +477,7 @@ if ($awarded == $points) { - if ($awarded == "0") + if ($awarded == 0) { if ($when < "2006-09-01") { @@ -310,7 +492,7 @@ <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td> <? - if ($support == "1") + if ($support == 1) { ?> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td> @@ -319,26 +501,30 @@ } ?> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=sanitizeHTML($location)?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?$experience:' '?><?=$emclose?></td> <? - if ($support == "1") + if ($log == 1) { if ($revoked == true) { ?> - <td class="DataTD" <?=$tdstyle?>> </td> + <td class="DataTD" <?=$tdstyle?>><?=$assurance['deleted']?></td> +<? + } elseif ($support == 1) { +?> + <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&userid=<?=intval($userid)?>&assurance=<?=intval($assuranceid)?>&csrf=<?=make_csrf('admdelassurance')?>&ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID "%s"?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td> <? } else { ?> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&userid=<?=intval($userid)?>&assurance=<?=intval($assuranceid)?>&csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID "%s"?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td> + <td class="DataTD" <?=$tdstyle?>> </td> <? } } ?> - </tr> + </tr> <? } @@ -381,35 +567,61 @@ // ************* output given assurances ****************** - function output_given_assurances_content($userid,&$points,&$sum_experience,$support) + /** + * Helper function to render assurances given by the user + * @param int $userid + * @param int& $sum_points - [out] sum of given points + * @param int& $sum_experience - [out] sum of experience points gained + * @param int $support - set to 1 if the output is for the support interface + * @param string $ticketno - the ticket number set in the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_given_assurances_content( + $userid, + &$sum_points, + &$sum_experience, + $support, + $ticketno, + $log) { - $points = 0; + $sum_points = 0; $sumexperience = 0; - $res = get_given_assurances(intval($userid)); + $res = get_given_assurances(intval($userid), $log); while($row = mysql_fetch_assoc($res)) { - $fromuser = get_user (intval($row['to'])); - $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked); - $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to'])); - $email = show_email_link ($fromuser['email'],intval($row['to'])); - output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked); + $assuree = get_user(intval($row['to'])); + calc_experience($row, $sum_points, $sum_experience); + output_assurances_row($row, $userid, $assuree, $support, $ticketno, $log); } } // ************* output received assurances ****************** - function output_received_assurances_content($userid,&$points,&$sum_experience,$support) + /** + * Helper function to render assurances received by the user + * @param int $userid + * @param int& $sum_points - [out] sum of received points + * @param int& $sum_experience - [out] sum of experience points the assurers gained + * @param int $support - set to 1 if the output is for the support interface + * @param string $ticketno - the ticket number set in the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_received_assurances_content( + $userid, + &$sum_points, + &$sum_experience, + $support, + $ticketno, + $log) { - $points = 0; + $sum_points = 0; $sumexperience = 0; - $res = get_received_assurances(intval($userid)); + $res = get_received_assurances(intval($userid), $log); while($row = mysql_fetch_assoc($res)) { - $fromuser = get_user (intval($row['from'])); - calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked); - $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from'])); - $email = show_email_link ($fromuser['email'],intval($row['from'])); - output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked); + $fromuser = get_user(intval($row['from'])); + calc_assurances($row, $sum_points, $sum_experience); + output_assurances_row($row, $userid, $fromuser, $support, $ticketno, $log); } } @@ -422,41 +634,6 @@ return intval(query_get_number_of_rows($res)); } - function calc_points($row) - { - $awarded = intval($row['awarded']); - if ($awarded == "") - $awarded = 0; - if (intval($row['points']) < $awarded) - $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value - else - $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value - switch ($row['method']) - { - case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration) - case 'CT Magazine - Germany': // revoke c't (only one test-entry) - case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented) - $points = 0; - break; - case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation) - if ($points <= 2) // maybe limit to 35/50 pts in the future? - $points = 0; - break; - case 'Unknown': // to be revoked in the future? limit to max 50 pts? - case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? - case 'TTP-Assisted': // TTP assurances, limit to 35 - case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30 - case '': // to be revoked in the future? limit to max 50 pts? - case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? - break; - default: // should never happen ... ;-) - $points = 0; - } - if ($points < 0) // ignore negative points (bug needs to be fixed) - $points = 0; - return $points; - } - function max_points($userid) { return output_summary_content ($userid,0); @@ -486,7 +663,7 @@ $res = get_received_assurances_summary($userid); while($row = mysql_fetch_assoc($res)) { - $points = calc_points ($row); + $points = calc_awarded($row); if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed) { @@ -591,18 +768,66 @@ return $issue_points; } - function output_given_assurances($userid,$support=0) + /** + * Render assurances given by the user + * @param int $userid + * @param int $support - set to 1 if the output is for the support interface + * @param string $ticketno - the ticket number set in the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_given_assurances($userid, $support=0, $ticketno='', $log=0) { - output_assurances_header(_("Assurance Points You Issued"),$support); - output_given_assurances_content($userid,$points,$sum_experience,$support); - output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support); + output_assurances_header( + _("Assurance Points You Issued"), + $support, + $log); + + output_given_assurances_content( + $userid, + $sum_points, + $sum_experience, + $support, + $ticketno, + $log); + + output_assurances_footer( + _("Total Points Issued"), + $sum_points, + _("Total Experience Points"), + $sum_experience, + $support, + $log); } - function output_received_assurances($userid,$support=0) + /** + * Render assurances received by the user + * @param int $userid + * @param int $support - set to 1 if the output is for the support interface + * @param string $ticketno - the ticket number set in the support interface + * @param int $log - if set to 1 also includes deleted assurances + */ + function output_received_assurances($userid, $support=0, $ticketno='', $log=0) { - output_assurances_header(_("Your Assurance Points"),$support); - output_received_assurances_content($userid,$points,$sum_experience,$support); - output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support); + output_assurances_header( + _("Assurance Points You Received"), + $support, + $log); + + output_received_assurances_content( + $userid, + $sum_points, + $sum_experience, + $support, + $ticketno, + $log); + + output_assurances_footer( + _("Total Points Received"), + $sum_points, + _("Total Experience Points"), + $sum_experience, + $support, + $log); } function output_summary($userid) @@ -658,18 +883,31 @@ } /** - * get_first_user_agreement() - * returns the first user_agreement entry of the requested type depending on thes status of active of a given user - * @param mixed $memid - * @param integer $active, 0 - passive, 1 -active - * @param string $type - * @return + * Get the first user_agreement entry of the requested type + * @param int $memid + * @param string $type - the type of user agreement, by default all + * agreements are listed + * @param int $active - whether to get active or passive agreements: + * 0 := passive + * 1 := active + * null := both + * @return array(string=>mixed) - an associative array containing + * 'document', 'date', 'method', 'comment', 'active' */ - function get_first_user_agreement($memid, $active=1, $type="CCA"){ - //returns an array (`document`,`date`,`method`, `comment`,`active`) + function get_first_user_agreement($memid, $type=null, $active=null){ + $filter = ''; + if (!is_null($type)) { + $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'"; + } + + if (!is_null($active)) { + $filter .= " AND u.`active` = ".intval($active); + } + $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u - WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) . " AND u.`active`=" . intval($active) . - " ORDER BY u.`date` Limit 1;"; + WHERE u.`memid`=".intval($memid)." + $filter + ORDER BY u.`date` LIMIT 1"; $res = mysql_query($query); if(mysql_num_rows($res) >0){ $rec = mysql_fetch_assoc($res); @@ -680,15 +918,31 @@ } /** - * get_last_user_agreement() - * returns the last user_agreement entry of a given type and of a given user - * @param mixed $memid - * @param string $type - * @return + * Get the last user_agreement entry of the requested type + * @param int $memid + * @param string $type - the type of user agreement, by default all + * agreements are listed + * @param int $active - whether to get active or passive agreements: + * 0 := passive, + * 1 := active, + * null := both + * @return array(string=>mixed) - an associative array containing + * 'document', 'date', 'method', 'comment', 'active' */ - function get_last_user_agreement($memid, $type="CCA"){ - //returns an array (`document`,`date`,`method`, `comment`,`active`) - $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ; + function get_last_user_agreement($memid, $type=null, $active=null){ + $filter = ''; + if (!is_null($type)) { + $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'"; + } + + if (!is_null($active)) { + $filter .= " AND u.`active` = ".intval($active); + } + + $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u + WHERE u.`memid`=".intval($memid)." + $filter + ORDER BY u.`date` DESC LIMIT 1"; $res = mysql_query($query); if(mysql_num_rows($res) >0){ $rec = mysql_fetch_assoc($res); @@ -698,6 +952,34 @@ return $rec; } +/** + * Get the all user_agreement entries of the requested type + * @param int $memid + * @param string $type - the type of user agreement, by default all + * agreements are listed + * @param int $active - whether to get an active or passive agreements: + * 0 := passive, + * 1 := active, + * null := both + * @return resource - a mysql result set containing all agreements + */ +function get_user_agreements($memid, $type=null, $active=null){ + $filter = ''; + if (!is_null($type)) { + $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'"; + } + + if (!is_null($active)) { + $filter .= " AND u.`active` = ".intval($active); + } + + $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u + WHERE u.`memid`=".intval($memid)." + $filter + ORDER BY u.`date`"; + return mysql_query($query); +} + /** * delete_user_agreement() * deletes all entries for a given type from user_agreement of a given user, if type is not given all @@ -706,7 +988,6 @@ * @return */ function delete_user_agreement($memid, $type=false){ - //deletes all entries to an user for the given type of user agreements if ($type === false) { $filter = ''; } else { @@ -774,7 +1055,7 @@ <? } else { ?> - <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" /> + <input type="hidden" name="method" value="<?=$methods[0]?>" /> <? } } @@ -909,11 +1190,6 @@ } //change personal information to arbitration number and DOB=1900-01-01 - $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'"; - $details = mysql_fetch_assoc(mysql_query($query)); - $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}', - `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'"; - mysql_query($query); $query = "update `users` set `fname`='".$arbno."', `mname`='".$arbno."', `lname`='".$arbno."', @@ -1125,3 +1401,740 @@ function check_date_difference($date, $diff=1){ return (strtotime($date)<=time()+$diff*86400); } + +/** + * Write some information to the adminlog + * + * @param int $uid - id of the user account + * @param int $adminid - id of the admin + * @param string $type - the operation that was performed on the user account + * @param string $info - the ticket / arbitration number or other information + * @return bool - true := success, false := error + */ +function write_se_log($uid, $adminid, $type, $info){ + //records all support engineer actions changing a user account + $uid = intval($uid); + $adminid = intval($adminid); + $type = mysql_real_escape_string($type); + $info = mysql_real_escape_string($info); + $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values + (Now(), $uid, $adminid, '$type', '$info')"; + return mysql_query($query); +} + +/** + * Check if the entered information is a valid ticket or arbitration number + * @param string $ticketno + * @return bool + */ +function valid_ticket_number($ticketno){ + //a arbitration case + //d dispute action + //s support case + //m board motion + $pattern='/[adsmADSM]\d{8}\.\d+/'; + if (preg_match($pattern, $ticketno)) { + return true; + } + return false; +} + +// function for handling account/43.php +/** + * Get all data of an account given by the id from the `users` table + * @param int $userid - account id + * @param int $deleted - states if deleted data should be visible , default = 0 - not visible + * @return resource - a mysql result set + */ +function get_user_data($userid, $deleted=0){ + $userid = intval($userid); + $filter=''; + if (0==$deleted) { + $filter .=' and `users`.`deleted`=0'; + } + $query = "select * from `users` where `users`.`id`='$userid' ".$filter; + return mysql_query($query); +} + +/** + * Get the alert settings for a user + * @param int $userid for the requested account + * @return array - associative array + */ +function get_alerts($userid){ + return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'")); +} + +/** + * Get all email addresses linked to the account + * @param int $userid + * @param string $exclude - if given the email address will be excluded + * @param int $deleted - states if deleted data should be visible, default = 0 - not visible + * @return resource - a mysql result set + */ +function get_email_addresses($userid, $exclude, $deleted=0){ + //should be entered in account/2.php + $userid = intval($userid); + $filter=''; + if (0==$deleted) { + $filter .= ' and `deleted`=0'; + } + if ($exclude) { + $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'"; + } + $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`"; + return mysql_query($query); +} + +/** + * Get all domains linked to the account + * @param int $userid + * @param int $deleted - states if deleted data should be visible, default = 0 - not visible + * @return resource - a mysql result set + */ +function get_domains($userid, $deleted=0){ + //should be entered in account/9.php + $userid = intval($userid); + $filter=''; + if (0==$deleted) { + $filter .= ' and `deleted`=0'; + } + $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`"; + return mysql_query($query); +} + +/** + * Get all training results for the account + * @param int $userid + * @return resource - a mysql result set + */ +function get_training_results($userid){ + //should be entered in account/55.php + $userid = intval($userid); + $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ". + " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ". + " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'". + " ORDER BY `CP`.`pass_date`"; + return mysql_query($query); +} + +/** + * Get all SE log entries for the account + * @param int $userid + * @return resource - a mysql result set + */ +function get_se_log($userid){ + $userid = intval($userid); + $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname` + FROM `adminlog`, `users` + WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid." + ORDER BY `adminlog`.`when`"; + return mysql_query($query); +} + +/** + * Get all client certificates linked to the account + * @param int $userid + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible + * @return resource - a mysql result set + */ +function get_client_certs($userid, $viewall=0){ + //add to account/5.php + $userid = intval($userid); + $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`, + UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, + UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`, + `emailcerts`.`expire`, + `emailcerts`.`revoked` as `revoke`, + UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`, + `emailcerts`.`id`, + `emailcerts`.`CN`, + `emailcerts`.`serial`, + `emailcerts`.`disablelogin`, + `emailcerts`.`description` + from `emailcerts` + where `emailcerts`.`memid`='".$userid."'"; + if($viewall == 0) + { + $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0"; + $query .= " HAVING `timeleft` > 0"; + } + $query .= " ORDER BY `emailcerts`.`modified` desc"; + return mysql_query($query); +} + +/** + * Get all server certs linked to the account + * @param int $userid + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible + * @return resource - a mysql result set + */ +function get_server_certs($userid, $viewall=0){ + //add to account/12.php + $userid = intval($userid); + $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`, + UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, + UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`, + `domaincerts`.`expire`, + `domaincerts`.`revoked` as `revoke`, + UNIX_TIMESTAMP(`revoked`) as `revoked`, + `domaincerts`.`CN`, + `domaincerts`.`serial`, + `domaincerts`.`id`, + `domaincerts`.`description` + from `domaincerts`,`domains` + where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`"; + if($viewall == 0) + { + $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0"; + $query .= " HAVING `timeleft` > 0"; + } + $query .= " ORDER BY `domaincerts`.`modified` desc"; + return mysql_query($query); +} + +/** + * Get all gpg certs linked to the account + * @param int $userid + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible + * @return resource - a mysql result set + */ +function get_gpg_certs($userid, $viewall=0){ + //add to gpg/2.php + $userid = intval($userid); + $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`, + UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`, + UNIX_TIMESTAMP(`expire`) as `expired`, + `expire`, `id`, `level`, `email`, `keyid`, `description` + from `gpg` where `memid`='".$userid."'"; + if ($viewall == 0) { + $query .= " HAVING `timeleft` > 0"; + } + $query .= " ORDER BY `issued` desc"; + return mysql_query($query); +} + + + +/** + * Show the table header to the email table for the admin log + */ +function output_log_email_header(){ + ?> + <tr> + <td class="DataTD bold"><?= _("Email, primary bold") ?></td> + <td class="DataTD bold"><?= _("Created") ?></td> + <td class="DataTD bold"><?= _("Deleted") ?></td> + </tr> + + <? +} +/** + * Show all email data for the admin log + * @param array $row - associative array containing the column data + * @param string $primary - if given the primary address is highlighted + */ +function output_log_email($row, $primary){ + $style = ''; + if ($row['deleted'] !== NULL_DATETIME) { + $style = ' deletedemailaddress'; + } elseif ($primary == $row['email']) { + $style = ' primaryemailaddress'; + } + ?> + <tr> + <td class="DataTD<?=$style?>"><?=$row['email']?></td> + <td class="DataTD<?=$style?>"><?=$row['created']?></td> + <td class="DataTD<?=$style?>"><?=$row['deleted']?></td> + </tr> + <? +} + +/** + * Show the table header to the domains table for the admin log + */ +function output_log_domains_header(){ + ?> + <tr> + <td class="DataTD bold"><?= _("Domain") ?></td> + <td class="DataTD bold"><?= _("Created") ?></td> + <td class="DataTD bold"><?= _("Deleted") ?></td> + </tr> + + <? +} + +/** + * Show the domain data for the admin log + * @param array $row - associative array containing the column data + */ +function output_log_domains($row){ + $italic=''; + if ($row['deleted'] !== NULL_DATETIME) { + $italic=' italic'; + } + ?> + <tr> + <td class="DataTD<?=$italic?>"><?=$row['domain']?></td> + <td class="DataTD<?=$italic?>"><?=$row['created']?></td> + <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td> + </tr> + <? +} + +/** + * Show the table header to the user agreement table for the admin log + */ +function output_log_agreement_header(){ + ?> + <tr> + <td class="DataTD bold"><?= _("Agreement") ?></td> + <td class="DataTD bold"><?= _("Date") ?></td> + <td class="DataTD bold"><?= _("Method") ?></td> + <td class="DataTD bold"><?= _("Active ") ?></td> + </tr> + <? +} + +/** + * Show the agreement data for the admin log + * @param array $row - associative array containing the column data + */ +function output_log_agreement($row){ + ?> + <tr> + <td class="DataTD" ><?=$row['document']?></td> + <td class="DataTD" ><?=$row['date']?></td> + <td class="DataTD" ><?=$row['method']?></td> + <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td> + </tr> + <? +} + +/** + * Show the table header to the training table + */ +function output_log_training_header(){ + //should be entered in account/55.php + ?> + <tr> + <td class="DataTD bold"><?= _("Agreement") ?></td> + <td class="DataTD bold"><?= _("Test") ?></td> + <td class="DataTD bold"><?= _("Variant") ?></td> + </tr> + <? +} + +/** + * Show the training data + * @param array $row - associative array containing the column data + */ +function output_log_training($row){ + //should be entered in account/55.php + ?> + <tr> + <td class="DataTD"><?=$row['pass_date']?></td> + <td class="DataTD"><?=$row['type_text']?></td> + <td class="DataTD"><?=$row['test_text']?></td> + </tr> + <? +} + +/** + * Show the table header to the SE log table for the admin log + * @param int $support - if support = 1 more information is visible + */ +function output_log_se_header($support=0){ + ?> + <tr> + <td class="DataTD bold"><?= _("Date") ?></td> + <td class="DataTD bold"><?= _("Type") ?></td> + <? + if (1 == $support) { + ?> + <td class="DataTD bold"><?= _("Information") ?></td> + <td class="DataTD bold"><?= _("Admin") ?></td> + <? + } + ?> + </tr> + <? +} + +/** + * Show the SE log data for the admin log + * @param array $row - associative array containing the column data + * @param int $support - if support = 1 more information is visible + */ +function output_log_se($row, $support=0){ + //should be entered in account/55.php + ?> + <tr> + <td class="DataTD"><?=$row['when']?></td> + <td class="DataTD"><?=$row['type']?></td> + <? + if (1 == $support) { + ?> + <td class="DataTD"><?=$row['information']?></td> + <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td> + <? + } + ?> + </tr> + <? +} + +/** + * Shows the table header to the client cert table + * @param int $support - if support = 1 some columns ar not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_client_cert_header($support=0, $readonly=true){ + //should be added to account/5.php + ?> + <tr> + <? + if (!$readonly) { + ?> + <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> + <? + } + ?> + <td class="DataTD"><?=_("Status")?></td> + <td class="DataTD"><?=_("Email Address")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Revoked")?></td> + <td class="DataTD"><?=_("Expires")?></td> + <td class="DataTD"><?=_("Login")?></td> + <? + if (1 != $support) { + ?> + <td colspan="2" class="DataTD"><?=_("Comment *")?></td> + <? + } + ?> + </tr> + <? +} + +/** + * Show the client cert data + * @param array $row - associative array containing the column data + * @param int $support - if support = 1 some columns are not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_client_cert($row, $support=0, $readonly=true){ + //should be entered in account/5.php + $verified=""; + if ($row['timeleft'] > 0) { + $verified = _("Valid"); + } else { + $verified = _("Expired"); + } + + if ($row['expired'] == 0) { + $verified = _("Pending"); + } + + if ($row['revoked'] == 0) { + $row['revoke'] = _("Not Revoked"); + } else { + $verified = _("Revoked"); + } + + ?> + <tr> + <? + if (!$readonly) { + if ($verified === _("Pending")) { + ?> + <td class="DataTD"> + <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"> + </td> + <? + + } elseif ($verified === _("Revoked")) { + ?> + <td class="DataTD"> </td> + <? + + } else { + ?> + <td class="DataTD"> + <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"> + </td> + <? + } + } + + ?> + <td class="DataTD"><?=$verified?></td> + <? + + if ($verified === _("Pending")) { + ?> + <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td> + <? + } else { + ?> + <td class="DataTD"> + <a href="account.php?id=6&cert=<?=intval($row['id'])?>"> + <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?> + </a> + </td> + <? + } + + ?> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['revoke']?></td> + <td class="DataTD"><?=$row['expire']?></td> + <td class="DataTD"> + <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/> + <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" /> + </td> + <? + + if (1 != $support) { + ?> + <td class="DataTD"> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + </td> + <? + if (!$readonly) { + ?> + <td class="DataTD"> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> + </td> + <? + } + } + + ?> + </tr> + <? +} + +/** + * Show the table header to the server cert table + * @param int $support - if support = 1 some columns ar not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_server_certs_header($support=0, $readonly=true){ + //should be entered in account/12.php + ?> + <tr> + <? + if (!$readonly) { + ?> + <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> + <? + } + ?> + <td class="DataTD"><?=_("Status")?></td> + <td class="DataTD"><?=_("CommonName")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Revoked")?></td> + <td class="DataTD"><?=_("Expires")?></td> + <? + if (1 != $support) { + ?> + <td colspan="2" class="DataTD"><?=_("Comment *")?></td> + <? + } + ?> + </tr> + <? +} + +/** + * Show the server cert data + * @param array $row - associative array containing the column data + * @param int $support - if support = 1 some columns are not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_server_certs($row, $support=0, $readonly=true){ + //should be entered in account/12.php + $verified=""; + if ($row['timeleft'] > 0) { + $verified = _("Valid"); + } else { + $verified = _("Expired"); + } + + if ($row['expired'] == 0) { + $verified = _("Pending"); + } + + if ($row['revoked'] == 0) { + $row['revoke'] = _("Not Revoked"); + } else { + $verified = _("Revoked"); + } + + ?> + <tr> + <? + if (!$readonly) { + if ($verified === _("Pending")) { + ?> + <td class="DataTD"> + <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/> + </td> + <? + } elseif($verified === _("Revoked")) { + ?> + <td class="DataTD"> </td> + <? + } else { + ?> + <td class="DataTD"> + <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/> + </td> + <? + } + } + + ?> + <td class="DataTD"><?=$verified?></td> + <? + + if ($verified === _("Pending")) { + ?> + <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td> + <? + } else { + ?> + <td class="DataTD"> + <a href="account.php?id=15&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['CN'])?> + </a> + </td> + <? + } + + ?> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['revoke']?></td> + <td class="DataTD"><?=$row['expire']?></td> + <? + + if (1 != $support) { + ?> + <td class="DataTD"> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + </td> + <? + if (!$readonly) { + ?> + <td class="DataTD"> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> + </td> + <? + } + } + + ?> + </tr> + <? +} + +/** + * Show the table header to the gpg cert table + * @param int $support - if support = 1 some columns ar not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_gpg_certs_header($support=0, $readonly=true){ + // $readonly is currently ignored but kept for consistency + ?> + <tr> + <td class="DataTD"><?=_("Status")?></td> + <td class="DataTD"><?=_("Email Address")?></td> + <td class="DataTD"><?=_("Expires")?></td> + <td class="DataTD"><?=_("Key ID")?></td> + <? + if (1 != $support) { + ?> + <td colspan="2" class="DataTD"><?=_("Comment *")?></td> + <? + } + ?> + </tr> + <? +} + +/** + * Show the gpg cert data + * @param array $row - associative array containing the column data + * @param int $support - if support = 1 some columns are not visible + * @param bool $readonly - whether elements to modify data should be hidden, default is `true` + */ +function output_gpg_certs($row, $support=0, $readonly=true){ + //should be entered in account/55.php + $verified=""; + if ($row['timeleft'] > 0) { + $verified = _("Valid"); + } else { + $verified = _("Expired"); + } + + if ($row['expired'] == 0) { + $verified = _("Pending"); + } + + ?> + <tr> + <td class="DataTD"><?=$verified?></td> + <? + + if($verified == _("Pending")) { + ?> + <td class="DataTD"><?=htmlspecialchars($row['email'])?></td> + <? + } else { + ?> + <td class="DataTD"> + <a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['email'])?> + </a> + </td> + <? + } + + ?> + <td class="DataTD"><?=$row['expire']?></td> + <? + + if($verified == _("Pending")) { + ?> + <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td> + <? + } else { + ?> + <td class="DataTD"> + <a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['keyid'])?> + </a> + </td> + <? + } + + if (1 != $support) { + ?> + <td class="DataTD"> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + </td> + <? + if (!$readonly) { + ?> + <td class="DataTD"> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> + </td> + <? + } + } + + ?> + </tr> + <? +} |