From ab9da60f7279cec312dcedad0fe403f0aeda8a94 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Tue, 30 Nov 2010 17:05:13 +0100
Subject: source code taken from cacert-20101129.tar.bz2

---
 scripts/27au-ate-melbourne-email.txt    |  31 ++++++
 scripts/27au-ate-melbourne-mail.php.txt | 156 ++++++++++++++++++++++++++++++
 www/cats/.#cats_import.php.1.2          | 165 --------------------------------
 www/images/CAcert-logo-mono-1000.png    | Bin 0 -> 19406 bytes
 www/policy/NRPDisclaimerAndLicence.php  | 105 ++------------------
 www/policy/index.php                    |   2 +-
 6 files changed, 198 insertions(+), 261 deletions(-)
 create mode 100644 scripts/27au-ate-melbourne-email.txt
 create mode 100644 scripts/27au-ate-melbourne-mail.php.txt
 delete mode 100644 www/cats/.#cats_import.php.1.2
 create mode 100644 www/images/CAcert-logo-mono-1000.png

diff --git a/scripts/27au-ate-melbourne-email.txt b/scripts/27au-ate-melbourne-email.txt
new file mode 100644
index 0000000..4b3e525
--- /dev/null
+++ b/scripts/27au-ate-melbourne-email.txt
@@ -0,0 +1,31 @@
+CAcert Assurer Training Event -- Melbourne
+::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Dear Member of the CAcert Community,
+
+Much has happened during recent years. The old way of orally-transmitted procedures has now gone, and our rules have been cast into formal policies. New procedures (e.g. the Assurer Challenge) and obligations (e.g. in the CAcert Community Agreement) have been approved.
+
+The Assurer Training Events bring all this to you, the Assurer, and the Community:
+
+- What do you have to add onto the CAP form if you assure minors ?
+- What are the 2 essential CCA points you have to present an Assuree ?
+- Who can access the Member's privacy information?
+
+Answers to these and many other questions typically faced by Assurers are given at the Assurer Training Events (ATEs).  Bring your ID for assurances.  Especially note that Tverify/Thawte people need to boost up their Assurance Points.
+
+ATE-Melbourne takes place at:
+*  Thursday, 16th Dec, 2010
+*  Readify P/L; Level 4, Life.Lab Building, 198 Harbour Esplanade, Docklands
+*  6:00pm
+
+For Registration please reply: 'I will attend ATE-Melbourne'  Don't forget your ID!
+
+We are looking forward to hearing from you.
+
+
+- Best regards from the Event Team!
+
+
+PS: Contact: events@cacert.org
+Location, Transportation and other event details at
+https://wiki.cacert.org/events/20101216Melbourne
diff --git a/scripts/27au-ate-melbourne-mail.php.txt b/scripts/27au-ate-melbourne-mail.php.txt
new file mode 100644
index 0000000..55870bf
--- /dev/null
+++ b/scripts/27au-ate-melbourne-mail.php.txt
@@ -0,0 +1,156 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2009  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+	include_once("../includes/mysql.php");
+
+	$lines = "";
+	$fp = fopen("27au-ate-melbourne-email.txt", "r");
+	while(!feof($fp))
+	{
+		$line = trim(fgets($fp, 4096));
+		$lines .= wordwrap($line, 75, "\n")."\n";
+	}
+	fclose($fp);
+
+
+//	$locid = intval($_REQUEST['location']);
+//	$maxdist = intval($_REQUEST['maxdist']);
+  $maxdist = 50;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld  
+//   $locid = 715191;        // Hamburg    
+//   $locid = 1102495;       // London     
+//   $locid = 520340;        // Duesseldorf
+//   $locid = 1260319;       // Muenchen   
+//   $locid = 606058;        // Frankfurt  
+//   $locid = 1775784;       // Stuttgart  
+//   $locid = 228950;        // Berlin  
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin  
+
+//  Software Freedom Day 19. Sept 2009
+//   $locid = 715191;        // Hamburg
+
+//  LISA2009 Baltimore, 1.11.2009
+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, United States   
+//     $city = "Baltimore, MD - Nov. 3rd 2009";
+
+//  OpenSourceTreffen-Muenchen, 20.11.2009
+//       $locid = 1260319;       // Muenchen   
+//       $city = "Muenchen - 20. Nov 2009";
+
+//  BLIT2009, Brandenburger Linux-Infotag, 21.11.2009
+//       $locid = 1486658;       // Potsdam
+//       $eventname = "Brandenburger Linux-Infotag (BLIT2009)";
+//       $city = "Potsdam - 21. Nov 2009";
+
+//  ATE-Goteborg, 16.12.2009
+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//       $eventname = "ATE-Goteborg";
+//       $city = "Goteborg - Dec 16th 2009";
+
+//  Assurance Event Mission Hills CA, 15.01.2010
+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, United States 
+//       $eventname = "Assurance Event";
+//       $city = "Mission Hills CA - Jan 15th 2010";
+
+//  Assurance Event OSD Copenhagen DK, 5.03.2010
+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 
+//       $eventname = "Assurance Event OpenSource-Days 2010";
+//       $city = "Copenhagen DK - March 5th/6th 2010";
+
+// SCALE 8x Los Angeles, CA, Feb 19-21 2010 
+//       $locid = 2093625;       // Copenhagen, Kobenhavn*, Denmark 
+//       $eventname = "SCALE 8x 2010";
+//       $city = "Los Angeles, CA - February 19-21 2010";
+
+// ATE Sydney, AU, Mar 24 2010 
+//       $locid = 2257312;       // Sydney, New South Wales, Australia
+//       $eventname = "ATE-Sydney";
+//       $city = "March 24, 2010";
+
+// ATE Essen, DE, Sept 28 2010 
+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 
+//       $eventname = "ATE-Essen";
+//       $city = "September 28, 2010";
+
+// ATE Canberra, AU, Oct 12 2010 
+//       $locid = 2255408;        //  Canberra, Australian Capital Territory, Australia
+//       $eventname = "ATE-Canberra";
+//       $city = "Tuesday 12th October";
+
+//  BLIT2010, 7. Brandenburger Linux-Infotag, 6.11.2010
+//       $locid = 1486658;       // Potsdam, Brandenburg, Germany
+//       $eventname = "7. Brandenburger Linux-Infotag (BLIT2010)";
+//       $city = "Potsdam - 6. Nov 2010";
+
+//  LISA2010, Nov 7-12, 2010
+//       $locid = 2096344;       // San Jose (Santa Clara), California, United States
+//       $eventname = "LISA2010";
+//       $city = "San Jose, CA - Nov 7-12, 2010";
+
+// ATE Melbourne, AU, Dec 16 2010 
+       $locid = 2262656;        //  Melbourne, VIC, Australia
+       $eventname = "ATE-Melbourne";
+       $city = "Thursday 16th December";
+
+
+
+	$query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+	$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 
+			(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 
+			 COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 
+			FROM `locations`
+				inner join `users`  on `users`.`locid` = `locations`.`id` 
+				inner join `alerts` on `users`.`id`=`alerts`.`memid`
+				inner join `notary` on `users`.`id`=`notary`.`to`
+			WHERE 	(`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+			GROUP BY `users`.`id`
+			HAVING `distance` <= '$maxdist' 
+			ORDER BY `distance` ";
+	 echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    //	$query = "select * from `users` where `email` like 'cacerttest%'";
+
+	$res = mysql_query($query);
+	$xrows = mysql_num_rows($res);
+
+	while($row = mysql_fetch_assoc($res))
+	{
+    //    uncomment next line to send mails ...
+		sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	}
+  // 1x cc to events.cacert.org
+	sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+	// 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+
+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);	
+
+	echo "invitation sent to $xrows recipients.\n";
+?>
diff --git a/www/cats/.#cats_import.php.1.2 b/www/cats/.#cats_import.php.1.2
deleted file mode 100644
index ec73b1b..0000000
--- a/www/cats/.#cats_import.php.1.2
+++ /dev/null
@@ -1,165 +0,0 @@
-<? /*
-    LibreSSL - CAcert web application
-    Copyright (C) 2004-2008  CAcert Inc.
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; version 2 of the License.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/
-
-// Comment (to be romeved): better to disable shot open tags in php.ini
-
-/*
-   cats_import.php 
-   
-   API for CATS to import passed tests into main CAcert database.
-*/
-
-function sanitize_string($buffer) {
- return htmlentities(utf8_decode($buffer), (int)ENQ_QUOTES);
-}
-
-define ('UNDEFINED', 'nd');
-define ('ALLOWED_IP', '72.21.48.90');
-define ('CONFIG_FILEPATH', '/www/');
-
-$remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED;
-$server_name = (isset($_SERVER['SERVER_NAME']))?$_SERVER['SERVER_NAME']:UNDEFINED;
-$https = (isset($_SERVER['HTTPS']))?$_SERVER['HTTPS']:UNDEFINED;
-$ssl_client_s_dn = (isset($_SERVER['SSL_CLIENT_S_DN']))?$_SERVER['SSL_CLIENT_S_DN']:UNDEFINED;
-
-$access = FALSE;
-
-// Access only from CATS.cacert.org with a client certificate for cats@cacert.org
-if (
- $remote_addr == ALLOWED_IP &&
- $https == 'on' && 
- // Comment (to be romeved): better to use preg_match matching the end of the line (since this is on the end of the line right?)
- // Ted: Is this specified? I don't think so, therefore I'd keep stristr
- strlen(stristr($ssl_client_s_dn, '/emailAddress=cats@cacert.org')) > 0
-) $access = TRUE;
-
-if ($access !== TRUE) {
- echo 'UNAUTHORIZED ACCESS<br>'."\r\n";
- echo 'IP: '.sanitize_string($remote_addr).'<br>'."\r\n";
- echo 'Server: '.sanitize_string($server_name).'<br>'."\r\n";
- echo 'HTTPS: '.sanitize_string($https).'<br>'."\r\n";
- echo 'Client cert: '.sanitize_string($ssl_client_s_dn).'<br>'."\r\n";
- trigger_error('Unauthorized access: ip('.$remote_addr.') server('.$server_name.') https('.$https.') cert('.$ssl_client_s_dn.')', E_USER_ERROR);
- exit();
-}
-
-// Comment (to be romeved): do you we session autostart in php.ini??
-// Ted: Sessions are quite meaningless for me since the upload protocol is stateless. Should session_start be called nevertheless?
-session_start();
-
-require_once(CONFIG_FILEPATH.'includes/mysql.php');
-
-// Comment (to be romeved): dunno the difference between stripslashes and stripcslashes
-// manual is iunclear too, please make sure there are no decoding issues
-// Ted: I just used it here because I saw it elsewhere and it seems to work. Would you prefer stripslashes?
-if (get_magic_quotes_gpc()) {
- $serial = stripcslashes($_POST['serial']);
- $root = stripcslashes($_POST['root']);
- $type = stripcslashes($_POST['type']);
- $variant = stripcslashes($_POST['variant']);
- $date = stripcslashes($_POST['date']);
-} else {
- $serial = $_POST['serial'];
- $root = $_POST['root'];
- $type = $_POST['type'];
- $variant = $_POST['variant'];
- $date = $_POST['date'];
-}
-  
-// Explicitly select all those IDs so I can insert new rows if needed.
-$query = mysql_query('SELECT `id` FROM `cats_type` WHERE `type_text` = \''.mysql_real_escape_string($type).'\';');
-if (!$query) {
-  echo 'Invalid query'."\r\n";
-  trigger_error('Invalid query', E_USER_ERROR);
-  exit();
-}
-
-if (mysql_num_rows($query) > 0) {
-  $result = mysql_fetch_array($query);
-  $typeID = $result['0'];
-} else {
-  $query = mysql_query('INSERT INTO `cats_type` (`type_text`) VALUES (\''.mysql_real_escape_string($type).'\');');
-  if (!$query) {
-    echo 'Invalid query'."\r\n";
-    trigger_error('Invalid query', E_USER_ERROR);
-    exit();
-  }
-
-  $typeID = mysql_insert_id();
-}
-
-$query = mysql_query('SELECT `id` FROM `cats_variant` WHERE `type_id` = \''.(int)intval($typeID).'\' AND `test_text` = \''.mysql_real_escape_string($variant).'\';');
-if (!$query) {
-  echo 'Invalid query'."\r\n";
-  trigger_error('Invalid query', E_USER_ERROR);
-  exit();
-}
-
-if (mysql_num_rows($query) > 0) {
-  $result = mysql_fetch_array($query);
-  $variantID = $result['0'];
-} else {
-  $query = mysql_query('INSERT INTO `cats_variant` (`type_id`, `test_text`) VALUES (\''.(int)intval($typeID).'\', \''.mysql_real_escape_string($variant).'\');');
-  if (!$query) {
-    echo 'Invalid query'."\r\n";
-    trigger_error('Invalid query', E_USER_ERROR);
-    exit();
-  }
-
-  $variantID = mysql_insert_id();
-}
-
-// Now find the userid from cert serial
-$query = mysql_query('SELECT `ec`.`memid` FROM `emailcerts` AS `ec`, `root_certs` AS `rc` WHERE `ec`.`rootcert` = `rc`.`id` AND `ec`.`serial` = \''.mysql_real_escape_string($serial).'\' AND `rc`.`cert_text` = \''.mysql_real_escape_string($root).'\';');
-if (!$query) {
-  echo 'Invalid query'."\r\n";
-  trigger_error('Invalid query', E_USER_ERROR);
-  exit();
-}
-
-if (mysql_num_rows($query) > 0) {
-  $result = mysql_fetch_array($query);
-  $userID = $result['0'];
-} else {
-  echo 'Cannot find cert '.sanitize_string($serial).' / '.sanitize_string($root)."\r\n";
-  // Let's treat this as an error, since it should not happen.
-  trigger_error('Cannot find cert '.$serial.' / '.$root.'!'.mysql_error(), E_USER_ERROR);
-  exit();
-}
-
-// The unique constraint on cats_passed assures that records are not stored multiply
-$query = mysql_query('INSERT INTO `cats_passed` (`user_id`, `variant_id`, `pass_date`) VALUES (\''.(int)intval($userID).'\', \''.(int)intval($variantID).'\', \''.mysql_real_escape_string($date).'\');');
-if (!$query) {
-  if (mysql_errno() != 1062) { // Duplicate Entry is considered success
-    echo 'Invalid query'."\r\n";
-    trigger_error('Invalid query', E_USER_ERROR);
-    exit();
-  }
-}
-
-// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
-$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`) AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100;'); // Challenge has been passed and non-expired points >= 100
-if (!$query) {
-  echo 'Invalid query'."\r\n";
-  trigger_error('Invalid query', E_USER_ERROR);
-  exit();
-}
-
-echo 'OK'."\r\n";    
-
-?>
diff --git a/www/images/CAcert-logo-mono-1000.png b/www/images/CAcert-logo-mono-1000.png
new file mode 100644
index 0000000..1beeb43
Binary files /dev/null and b/www/images/CAcert-logo-mono-1000.png differ
diff --git a/www/policy/NRPDisclaimerAndLicence.php b/www/policy/NRPDisclaimerAndLicence.php
index 6dbc647..bee8f26 100644
--- a/www/policy/NRPDisclaimerAndLicence.php
+++ b/www/policy/NRPDisclaimerAndLicence.php
@@ -1,99 +1,14 @@
-<?php
-loadem("index");
-$id = intval($id);
-//showheader(_("CAcert - Non-Related Persons - Disclaimer and Licence"));
-?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 
+<html>
+<head><title>NRP-DAL was replaced by the Root Distribution License</title></head>
+<body>
 <table border="1" bgcolor="#EEEEEE"><tr><td>
 
-<h1 align="center"> <?=_("Non-Related Persons")?>  </h1>
-<h2 align="center"> <?=_("(Disclaimer and Licence)")?> </h2>
-
-
-<h2> <?=_("Definitions")?> </h2>
-
-<p>
-<?=_("This is a Disclaimer and Licence from
-<u> CAcert Inc </u>,
-the 'issuer',
-to you, the 'user',
-being a general user of the Internet.")?>
-</p>
-
-<h2> Disclaimer </h2>
-
-<p>
-<?=_("The issuer has no other agreement with you,
-and has no control nor knowledge
-as to how you intend to use the products of the issuer.
-You alone take on all of the risk and all of the
-liability of your usage.
-The issuer makes no guarantee, warranty nor promise to you.")?>
-</p>
-
-<p>
-<?=_("Therefore, to the fullest extent possible in law,
-<b>ISSUER DISCLAIMS ALL LIABILITY TO YOU</b>
-on behalf of itself and its related parties.")?>
-</p>
-
-<h2> <?=_("Licence")?> </h2>
-
-<p>
-<?=_("This licence offers you a non-exclusive, non-transferable
-'PERMISSION TO USE' certificates issued by issuer.")?>
-</p>
-
-<ul><li>
-    <?=_("You may 'USE' the certificates as facilitated
-    by your software.  For example,
-    you may construct connections, read emails,
-    load code or otherwise, as facilitated by your
-    software.")?>
-  </li><li>
-    <?=_("You may NOT RELY on any statements or claims
-    made by the certificates or implied in any way.")?>
-  </li><li>
-    <?=_("If your software is licensed under a separate
-    third party agreement, it may be permitted
-    to make statements or claims based on the certificates.
-    You may NOT RELY on these statements or claims.")?>
-  </li><li>
-    <?=_("You may NOT distribute certificates or root keys
-    under this licence, nor make representation
-    about them.")?>
-</li></ul>
-
-</td></tr></table>
-
-<h2> <?=_("Alternatives")?> </h2>
-
-<p>
-<?=_("If you find the terms of the above
-Non-Related Persons
-Disclaimer and Licence
-difficult or inadequate for your use, you may wish to")?>
-</p>
-
-<ul><li>
-    <?=sprintf(_("As an individual,
-        %sregister with issuer%s
-    and enter into the user agreement.
-    This is free."),"<a href='https://www.cacert.org/index.php?id=1'>","</a>")?>
-  </li><li>
-    <?=_("As a Third Party Distributor,
-    enter into a separate third party agreement
-    with issuer.")?>
-  </li><li>
-    <?=_("Delete issuer's roots from your software.
-    Your software documentation should give
-    directions and assistance for this.")?>
-</li></ul>
-
-<p>
-<?=_("These alternatives are outside the above
-Non-Related Persons Disclaimer and Licence
-and do not incorporate.")?>
-</p>
-
+The document "Non Related Persons - Disclaimer And Licence" was replaced by the Root Distribution Licence, which can be found <a href="/policy/RootDistributionLicense.php">here</a>.
 
+</td>
+</tr>
+</table>
+</body>
+</html>
diff --git a/www/policy/index.php b/www/policy/index.php
index 8506489..d3bfb06 100644
--- a/www/policy/index.php
+++ b/www/policy/index.php
@@ -25,7 +25,7 @@ showheader(_("CAcert - Policies"));
 
 foreach (glob("*.php") as $filename) 
 {
-   if($filename != "index.php")
+   if($filename != "index.php" && $filename != "NRPDisclaimerAndLicence.php")
    {
      echo "<li><a href='$filename'>$filename</a></li>\n";
    }
-- 
cgit v1.2.1