bug 1177: Port other changes done in wot.inc.php but not notary.inc.php
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
38 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
39 $row = query_getnextrow($res);
40
41 return intval($row['list']);
42 }
43
44 function get_number_of_ttpassurances ($userid)
45 {
46 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
47 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
48 $row = query_getnextrow($res);
49
50 return intval($row['list']);
51 }
52
53 function get_number_of_assurees ($userid)
54 {
55 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
56 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
57 $row = query_getnextrow($res);
58
59 return intval($row['list']);
60 }
61
62 function get_top_assurer_position ($no_of_assurances)
63 {
64 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
65 WHERE `method` = 'Face to Face Meeting'
66 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
67 return intval(query_get_number_of_rows($res)+1);
68 }
69
70 function get_top_assuree_position ($no_of_assurees)
71 {
72 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
73 WHERE `method` = 'Face to Face Meeting'
74 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
75 return intval(query_get_number_of_rows($res)+1);
76 }
77
78 function get_given_assurances ($userid)
79 {
80 $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
81 return $res;
82 }
83
84 function get_received_assurances ($userid)
85 {
86 $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
87 return $res;
88 }
89
90 function get_given_assurances_summary ($userid)
91 {
92 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
93 return $res;
94 }
95
96 function get_received_assurances_summary ($userid)
97 {
98 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
99 return $res;
100 }
101
102 function get_user ($userid)
103 {
104 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
105 return mysql_fetch_assoc($res);
106 }
107
108 function get_cats_state ($userid)
109 {
110
111 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
112 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
113 return mysql_num_rows($res);
114 }
115
116 function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
117 {
118 $apoints = max($row['points'],$row['awarded']);
119 $points += $apoints;
120 $experience = "&nbsp;";
121 $revoked = false; # to be coded later (after DB-upgrade)
122 if ($row['method'] == "Face to Face Meeting")
123 {
124 $sum_experience = $sum_experience +2;
125 $experience = "2";
126 }
127 return $apoints;
128 }
129
130 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
131 {
132 $awarded = calc_points($row);
133 $revoked = false;
134
135 if ($awarded > 100)
136 {
137 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
138 $awarded = 100;
139 }
140 else
141 $experience = 0;
142
143 switch ($row['method'])
144 {
145 case 'Thawte Points Transfer':
146 case 'CT Magazine - Germany':
147 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
148 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
149 $experience=0;
150 $revoked=true;
151 break;
152 default:
153 $points += $awarded;
154 }
155 $sumexperience = $sumexperience + $experience;
156 }
157
158
159 function show_user_link ($name,$userid)
160 {
161 $name = trim($name);
162 if($name == "")
163 {
164 if ($userid == 0)
165 $name = _("System");
166 else
167 $name = _("Deleted account");
168 }
169 else
170 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
171 return $name;
172 }
173
174 function show_email_link ($email,$userid)
175 {
176 $email = trim($email);
177 if($email != "")
178 $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
179 return $email;
180 }
181
182 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
183 {
184 $num_of_assurances = get_number_of_assurances (intval($userid));
185 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
186 }
187
188 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
189 {
190 $num_of_assurees = get_number_of_assurees (intval($userid));
191 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
192 }
193
194
195 // ************* html table definitions ******************
196
197 function output_ranking($userid)
198 {
199 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
200 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
201
202 ?>
203 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
204 <tr>
205 <td class="title"><?=_("Assurer Ranking")?></td>
206 </tr>
207 <tr>
208 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
209 </tr>
210 <tr>
211 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
212 </tr>
213 </table>
214 <br/>
215 <?
216 }
217
218 function output_assurances_header($title,$support)
219 {
220 ?>
221 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
222 <tr>
223 <?
224 if ($support == "1")
225 {
226 ?>
227 <td colspan="10" class="title"><?=$title?></td>
228 <?
229 } else {
230 ?>
231 <td colspan="7" class="title"><?=$title?></td>
232 <? }
233 ?>
234 </tr>
235 <tr>
236 <td class="DataTD"><strong><?=_("ID")?></strong></td>
237 <td class="DataTD"><strong><?=_("Date")?></strong></td>
238 <?
239 if ($support == "1")
240 {
241 ?>
242 <td class="DataTD"><strong><?=_("When")?></strong></td>
243 <td class="DataTD"><strong><?=_("Email")?></strong></td>
244 <? } ?>
245 <td class="DataTD"><strong><?=_("Who")?></strong></td>
246 <td class="DataTD"><strong><?=_("Points")?></strong></td>
247 <td class="DataTD"><strong><?=_("Location")?></strong></td>
248 <td class="DataTD"><strong><?=_("Method")?></strong></td>
249 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
250 <?
251 if ($support == "1")
252 {
253 ?>
254 <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
255 <?
256 }
257 ?>
258 </tr>
259 <?
260 }
261
262 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
263 {
264 ?>
265 <tr>
266 <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td>
267 <td class="DataTD"><?=$points?></td>
268 <td class="DataTD">&nbsp;</td>
269 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
270 <td class="DataTD"><?=$sumexperience?></td>
271 <?
272 if ($support == "1")
273 {
274 ?>
275 <td class="DataTD">&nbsp;</td>
276 <?
277 }
278 ?>
279
280 </tr>
281 </table>
282 <br/>
283 <?
284 }
285
286 function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
287 {
288
289 $tdstyle="";
290 $emopen="";
291 $emclose="";
292
293 if ($awarded == $points)
294 {
295 if ($awarded == "0")
296 {
297 if ($when < "2006-09-01")
298 {
299 $tdstyle="style='background-color: #ffff80'";
300 $emopen="<em>";
301 $emclose="</em>";
302 }
303 }
304 }
305 ?>
306 <tr>
307 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
308 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
309 <?
310 if ($support == "1")
311 {
312 ?>
313 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
314 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
315 <? }
316 ?>
317 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
318 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
319 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
320 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
321 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
322 <?
323 if ($support == "1")
324 {
325 if ($revoked == true)
326 {
327 ?>
328 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
329 <? } else {
330 ?>
331 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
332 <?
333 }
334 }
335 ?>
336 </tr>
337 <?
338 }
339
340 function output_summary_header()
341 {
342 ?>
343 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
344 <tr>
345 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
346 </tr>
347 <tr>
348 <td class="DataTD"><strong><?=_("Description")?></strong></td>
349 <td class="DataTD"><strong><?=_("Points")?></strong></td>
350 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
351 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
352 </tr>
353 <?
354 }
355
356 function output_summary_footer()
357 {
358 ?>
359 </table>
360 <br/>
361 <?
362 }
363
364 function output_summary_row($title,$points,$points_countable,$remark)
365 {
366 ?>
367 <tr>
368 <td class="DataTD"><strong><?=$title?></strong></td>
369 <td class="DataTD"><?=$points?></td>
370 <td class="DataTD"><?=$points_countable?></td>
371 <td class="DataTD"><?=$remark?></td>
372 </tr>
373 <?
374 }
375
376
377 // ************* output given assurances ******************
378
379 function output_given_assurances_content($userid,&$points,&$sum_experience,$support)
380 {
381 $points = 0;
382 $sumexperience = 0;
383 $res = get_given_assurances(intval($userid));
384 while($row = mysql_fetch_assoc($res))
385 {
386 $fromuser = get_user (intval($row['to']));
387 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
388 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
389 $email = show_email_link ($fromuser['email'],intval($row['to']));
390 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
391 }
392 }
393
394 // ************* output received assurances ******************
395
396 function output_received_assurances_content($userid,&$points,&$sum_experience,$support)
397 {
398 $points = 0;
399 $sumexperience = 0;
400 $res = get_received_assurances(intval($userid));
401 while($row = mysql_fetch_assoc($res))
402 {
403 $fromuser = get_user (intval($row['from']));
404 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
405 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
406 $email = show_email_link ($fromuser['email'],intval($row['from']));
407 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
408 }
409 }
410
411 // ************* output summary table ******************
412
413 function check_date_limit ($userid,$age)
414 {
415 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
416 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
417 return intval(query_get_number_of_rows($res));
418 }
419
420 function calc_points($row)
421 {
422 $awarded = intval($row['awarded']);
423 if ($awarded == "")
424 $awarded = 0;
425 if (intval($row['points']) < $awarded)
426 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
427 else
428 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
429 switch ($row['method'])
430 {
431 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
432 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
433 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
434 $points = 0;
435 break;
436 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
437 if ($points <= 2) // maybe limit to 35/50 pts in the future?
438 $points = 0;
439 break;
440 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
441 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
442 case 'TTP-Assisted': // TTP assurances, limit to 35
443 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
444 case '': // to be revoked in the future? limit to max 50 pts?
445 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
446 break;
447 default: // should never happen ... ;-)
448 $points = 0;
449 }
450 if ($points < 0) // ignore negative points (bug needs to be fixed)
451 $points = 0;
452 return $points;
453 }
454
455 function max_points($userid)
456 {
457 return output_summary_content ($userid,0);
458 }
459
460 function output_summary_content($userid,$display_output)
461 {
462 $sum_points = 0;
463 $sum_experience = 0;
464 $sum_experience_other = 0;
465 $max_points = 100;
466 $max_experience = 50;
467
468 $experience_limit_reached_txt = _("Limit reached");
469
470 if (check_date_limit($userid,18) != 1)
471 {
472 $max_experience = 10;
473 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
474 }
475 if (check_date_limit($userid,14) != 1)
476 {
477 $max_experience = 0;
478 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
479 }
480
481 $res = get_received_assurances_summary($userid);
482 while($row = mysql_fetch_assoc($res))
483 {
484 $points = calc_points ($row);
485
486 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
487 {
488 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
489 $points = $max_points;
490 }
491 $sum_points += $points*intval($row['number']);
492 }
493
494 $res = get_given_assurances_summary($userid);
495 while($row = mysql_fetch_assoc($res))
496 {
497 switch ($row['method'])
498 {
499 case 'Face to Face Meeting': // count Face to Face only
500 $sum_experience += 2*intval($row['number']);
501 break;
502 }
503
504 }
505
506 if ($sum_points > $max_points)
507 {
508 $sum_points_countable = $max_points;
509 $remark_points = _("Limit reached");
510 }
511 else
512 {
513 $sum_points_countable = $sum_points;
514 $remark_points = "&nbsp;";
515 }
516 if ($sum_experience > $max_experience)
517 {
518 $sum_experience_countable = $max_experience;
519 $remark_experience = $experience_limit_reached_txt;
520 }
521 else
522 {
523 $sum_experience_countable = $sum_experience;
524 $remark_experience = "&nbsp;";
525 }
526
527 if ($sum_experience_countable + $sum_experience_other > $max_experience)
528 {
529 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
530 $remark_experience_other = $experience_limit_reached_txt;
531 }
532 else
533 {
534 $sum_experience_other_countable = $sum_experience_other;
535 $remark_experience_other = "&nbsp;";
536 }
537
538 if ($sum_points_countable < $max_points)
539 {
540 if ($sum_experience_countable != 0)
541 $remark_experience = _("Points on hold due to less assurance points");
542 $sum_experience_countable = 0;
543 if ($sum_experience_other_countable != 0)
544 $remark_experience_other = _("Points on hold due to less assurance points");
545 $sum_experience_other_countable = 0;
546 }
547
548 $issue_points = 0;
549 $cats_test_passed = get_cats_state ($userid);
550 if ($cats_test_passed == 0)
551 {
552 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
553 if ($sum_points_countable < $max_points)
554 {
555 $issue_points_txt = "<strong style='color: red'>";
556 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
557 $issue_points_txt .= "</strong>";
558 }
559 }
560 else
561 {
562 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
563 $issue_points_txt = "";
564 if ($sum_points_countable == $max_points)
565 $issue_points = 10;
566 if ($experience_total >= 10)
567 $issue_points = 15;
568 if ($experience_total >= 20)
569 $issue_points = 20;
570 if ($experience_total >= 30)
571 $issue_points = 25;
572 if ($experience_total >= 40)
573 $issue_points = 30;
574 if ($experience_total >= 50)
575 $issue_points = 35;
576 if ($issue_points != 0)
577 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
578 }
579 if ($display_output)
580 {
581 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
582 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
583 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
584 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
585 }
586 return $issue_points;
587 }
588
589 function output_given_assurances($userid,$support)
590 {
591 output_assurances_header(_("Assurance Points You Issued"),$support);
592 output_given_assurances_content($userid,$points,$sum_experience,$support);
593 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
594 }
595
596 function output_received_assurances($userid,$support)
597 {
598 output_assurances_header(_("Your Assurance Points"),$support);
599 output_received_assurances_content($userid,$points,$sum_experience,$support);
600 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
601 }
602
603 function output_summary($userid)
604 {
605 output_summary_header();
606 output_summary_content($userid,1);
607 output_summary_footer();
608 }
609
610 function output_end_of_page()
611 {
612 ?>
613 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
614 <?
615 }
616
617 //functions to do with recording user agreements
618 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
619 // write a new record to the table user_agreement
620 $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
621 ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
622 $res = mysql_query($query);
623 }
624
625 function get_user_agreement_status($memid, $type="CCA"){
626 //returns 0 - no user agreement, 1- at least one entry
627 $query="SELECT u.`document` FROM `user_agreements` u
628 WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
629 $res = mysql_query($query);
630 if(mysql_num_rows($res) <=0){
631 return 0;
632 }else{
633 return 1;
634 }
635 }
636
637 function get_first_user_agreement($memid, $active=1, $type="CCA"){
638 //returns an array (`document`,`date`,`method`, `comment`,`active`)
639 if($active==1){
640 $filter="u.`memid`=".$memid;
641 }else{
642 $filter="u.`secmemid`=".$memid;
643 }
644 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
645 WHERE u.`document` = '".$type."' AND ".$filter."
646 ORDER BY u.`date` Limit 1;";
647 $res = mysql_query($query);
648 if(mysql_num_rows($res) >0){
649 $row = mysql_fetch_assoc($res);
650 $rec['document']= $row['document'];
651 $rec['date']= $row['date'];
652 $rec['method']= $row['method'];
653 $rec['comment']= $row['comment'];
654 $rec['active']= $row['active'];
655 }else{
656 $rec=array();
657 }
658 return $rec;
659 }
660
661 function get_last_user_agreement($memid, $type="CCA"){
662 //returns an array (`document`,`date`,`method`, `comment`,`active`)
663 $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
664 union
665 (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
666 $res = mysql_query($query);
667 if(mysql_num_rows($res) >0){
668 $row = mysql_fetch_assoc($res);
669 $rec['document']= $row['document'];
670 $rec['date']= $row['date'];
671 $rec['method']= $row['method'];
672 $rec['comment']= $row['comment'];
673 $rec['active']= $row['active'];
674 }else{
675 $rec=array();
676 }
677 return $rec;
678 }
679
680 function delete_user_agreement($memid, $type="CCA"){
681 //deletes all entries to an user for the given type of user agreements
682 mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
683 mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
684 }
685
686 // functions for 6.php (assure somebody)
687
688 function AssureHead($confirmation,$checkname)
689 {
690 ?>
691 <form method="post" action="wot.php">
692 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
693 <tr>
694 <td colspan="2" class="title"><?=$confirmation?></td>
695 </tr>
696 <tr>
697 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
698 </tr>
699 <?
700 }
701
702 function AssureTextLine($field1,$field2)
703 {
704 ?>
705 <tr>
706 <td class="DataTD"><?=$field1?>:</td>
707 <td class="DataTD"><?=$field2?></td>
708 </tr>
709 <?
710 }
711
712 function AssureCCABoxLine($type,$text)
713 {
714 return;
715 AssureBoxLine($type,$text);
716 }
717
718 function AssureBoxLine($type,$text,$checked)
719 {
720 ?>
721 <tr>
722 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
723 <td class="DataTD"><?=$text?></td>
724 </tr>
725 <?
726 }
727
728 function AssureMethodLine($text,$methods,$remark)
729 {
730 if (count($methods) != 1) {
731 ?>
732 <tr>
733 <td class="DataTD"><?=$text?></td>
734 <td class="DataTD">
735 <select name="method">
736 <?
737 foreach($methods as $val) {
738 ?>
739 <option value="<?=$val?>"><?=$val?></option>
740 <?
741 }
742 ?>
743 </select>
744 <br />
745 <?=$remark?>
746 </td>
747 </tr>
748 <?
749 } else {
750 ?>
751 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
752 <?
753 }
754 }
755
756 function AssureInboxLine($type,$field,$value,$description)
757 {
758 ?>
759 <tr>
760 <td class="DataTD"><?=$field?>:</td>
761 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
762 </tr>
763 <?
764 }
765
766 function AssureFoot($oldid,$confirm)
767 {
768 ?>
769 <tr>
770 <td class="DataTD" colspan="2">
771 <input type="submit" name="process" value="<?=$confirm?>" />
772 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
773 </td>
774 </tr>
775 </table>
776 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
777 <input type="hidden" name="oldid" value="<?=$oldid?>" />
778 </form>
779 <?
780 }