bug 1138: rename interface to better describe what these functions do
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
38 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `from`='".intval($userid)."' ");
39 $row = query_getnextrow($res);
40
41 return intval($row['list']);
42 }
43
44 function get_number_of_ttpassurances ($userid)
45 {
46 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
47 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `deleted`=0 AND `to`='".intval($userid)."' ");
48 $row = query_getnextrow($res);
49
50 return intval($row['list']);
51 }
52
53 function get_number_of_assurees ($userid)
54 {
55 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
56 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `to`='".intval($userid)."' ");
57 $row = query_getnextrow($res);
58
59 return intval($row['list']);
60 }
61
62 function get_top_assurer_position ($no_of_assurances)
63 {
64 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
65 WHERE `method` = 'Face to Face Meeting'
66 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
67 return intval(query_get_number_of_rows($res)+1);
68 }
69
70 function get_top_assuree_position ($no_of_assurees)
71 {
72 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
73 WHERE `method` = 'Face to Face Meeting'
74 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
75 return intval(query_get_number_of_rows($res)+1);
76 }
77
78 /**
79 * Get the list of assurances given by the user
80 * @param int $userid - id of the assurer
81 * @param int $log - if set to 1 also includes deleted assurances
82 * @return resource - a MySQL result set
83 */
84 function get_given_assurances($userid, $log=0)
85 {
86 $deleted='';
87 if ($log == 0) {
88 $deleted = ' and `deleted` = 0 ';
89 }
90 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
91 return $res;
92 }
93
94 /**
95 * Get the list of assurances received by the user
96 * @param int $userid - id of the assuree
97 * @param integer $log - if set to 1 also includes deleted assurances
98 * @return resource - a MySQL result set
99 */
100 function get_received_assurances($userid, $log=0)
101 {
102 $deleted='';
103 if ($log == 0) {
104 $deleted = ' and `deleted` = 0 ';
105 }
106 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
107 return $res;
108 }
109
110 function get_given_assurances_summary ($userid)
111 {
112 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
113 return $res;
114 }
115
116 function get_received_assurances_summary ($userid)
117 {
118 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
119 return $res;
120 }
121
122 function get_user ($userid)
123 {
124 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
125 return mysql_fetch_assoc($res);
126 }
127
128 function get_cats_state ($userid)
129 {
130
131 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
132 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
133 return mysql_num_rows($res);
134 }
135
136 function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
137 {
138 $apoints = max($row['points'], $row['awarded']);
139 $points += $apoints;
140 $experience = "&nbsp;";
141 $revoked = false; # to be coded later (after DB-upgrade)
142 if ($row['method'] == "Face to Face Meeting")
143 {
144 $sum_experience = $sum_experience +2;
145 $experience = "2";
146 }
147 return $apoints;
148 }
149
150 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
151 {
152 $awarded = calc_points($row);
153 $revoked = false;
154
155 if ($awarded > 100)
156 {
157 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
158 $awarded = 100;
159 }
160 else
161 $experience = 0;
162
163 switch ($row['method'])
164 {
165 case 'Thawte Points Transfer':
166 case 'CT Magazine - Germany':
167 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
168 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
169 $experience=0;
170 $revoked=true;
171 break;
172 default:
173 $points += $awarded;
174 }
175 $sumexperience = $sumexperience + $experience;
176 }
177
178
179 function show_user_link ($name,$userid)
180 {
181 $name = trim($name);
182 if($name == "")
183 {
184 if ($userid == 0)
185 $name = _("System");
186 else
187 $name = _("Deleted account");
188 }
189 else
190 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
191 return $name;
192 }
193
194 function show_email_link ($email,$userid)
195 {
196 $email = trim($email);
197 if($email != "")
198 $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
199 return $email;
200 }
201
202 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
203 {
204 $num_of_assurances = get_number_of_assurances (intval($userid));
205 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
206 }
207
208 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
209 {
210 $num_of_assurees = get_number_of_assurees (intval($userid));
211 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
212 }
213
214
215 // ************* html table definitions ******************
216
217 function output_ranking($userid)
218 {
219 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
220 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
221
222 ?>
223 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
224 <tr>
225 <td class="title"><?=_("Assurer Ranking")?></td>
226 </tr>
227 <tr>
228 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
229 </tr>
230 <tr>
231 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
232 </tr>
233 </table>
234 <br/>
235 <?
236 }
237
238 function output_assurances_header($title,$support)
239 {
240 ?>
241 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
242 <tr>
243 <?
244 if ($support == "1")
245 {
246 ?>
247 <td colspan="10" class="title"><?=$title?></td>
248 <?
249 } else {
250 ?>
251 <td colspan="7" class="title"><?=$title?></td>
252 <?
253 }
254 ?>
255 </tr>
256 <tr>
257 <td class="DataTD"><strong><?=_("ID")?></strong></td>
258 <td class="DataTD"><strong><?=_("Date")?></strong></td>
259 <?
260 if ($support == "1")
261 {
262 ?>
263 <td class="DataTD"><strong><?=_("When")?></strong></td>
264 <td class="DataTD"><strong><?=_("Email")?></strong></td>
265 <?
266 }
267 ?>
268 <td class="DataTD"><strong><?=_("Who")?></strong></td>
269 <td class="DataTD"><strong><?=_("Points")?></strong></td>
270 <td class="DataTD"><strong><?=_("Location")?></strong></td>
271 <td class="DataTD"><strong><?=_("Method")?></strong></td>
272 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
273 <?
274 if ($support == "1")
275 {
276 ?>
277 <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
278 <?
279 }
280 ?>
281 </tr>
282 <?
283 }
284
285 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
286 {
287 ?>
288 <tr>
289 <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
290 <td class="DataTD"><?=$points?></td>
291 <td class="DataTD">&nbsp;</td>
292 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
293 <td class="DataTD"><?=$sumexperience?></td>
294 <?
295 if ($support == "1")
296 {
297 ?>
298 <td class="DataTD">&nbsp;</td>
299 <?
300 }
301 ?>
302
303 </tr>
304 </table>
305 <br/>
306 <?
307 }
308
309 /**
310 * Render an assurance for a view
311 * @param int $assuranceid - id of the assurance
312 * @param string $date - When the assurance took place in user provided format
313 * @param string $when - When the assurance was entered (ISO format), only visible for support
314 * @param string $email - Email address of the other party, only visible for support
315 * @param string $name - Name of the other party
316 * @param int $awarded - The points the Assurer wanted to issue (not rounded down)
317 * @param int $points - The points recognised by the system (rounded down)
318 * @param string $location - Where the assurance took place
319 * @param string $method - The method used to make the assurance (Face-to-Face, Administrative Increase, etc.)
320 * @param int $experience - Number of experience points the Assurer got for this assurance
321 * @param int $userid - Id of the user whichs given/received assurances are displayed
322 * @param int $support - set to 1 if the output is for the support interface
323 * @param bool $revoked - whether the assurance is already revoked
324 * @param string $ticketno - ticket number currently set in the support interface
325 */
326 function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked, $ticketno)
327 {
328
329 $tdstyle="";
330 $emopen="";
331 $emclose="";
332
333 if ($awarded == $points)
334 {
335 if ($awarded == "0")
336 {
337 if ($when < "2006-09-01")
338 {
339 $tdstyle="style='background-color: #ffff80'";
340 $emopen="<em>";
341 $emclose="</em>";
342 }
343 }
344 }
345 ?>
346 <tr>
347 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
348 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
349 <?
350 if ($support == 1)
351 {
352 ?>
353 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
354 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
355 <?
356 }
357 ?>
358 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
359 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
360 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
361 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
362 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
363 <?
364 if ($support == 1)
365 {
366 if ($revoked == true)
367 {
368 ?>
369 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
370 <?
371 } else {
372 ?>
373 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
374 <?
375 }
376 }
377 ?>
378 </tr>
379 <?
380 }
381
382 function output_summary_header()
383 {
384 ?>
385 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
386 <tr>
387 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
388 </tr>
389 <tr>
390 <td class="DataTD"><strong><?=_("Description")?></strong></td>
391 <td class="DataTD"><strong><?=_("Points")?></strong></td>
392 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
393 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
394 </tr>
395 <?
396 }
397
398 function output_summary_footer()
399 {
400 ?>
401 </table>
402 <br/>
403 <?
404 }
405
406 function output_summary_row($title,$points,$points_countable,$remark)
407 {
408 ?>
409 <tr>
410 <td class="DataTD"><strong><?=$title?></strong></td>
411 <td class="DataTD"><?=$points?></td>
412 <td class="DataTD"><?=$points_countable?></td>
413 <td class="DataTD"><?=$remark?></td>
414 </tr>
415 <?
416 }
417
418
419 // ************* output given assurances ******************
420
421 /**
422 * Helper function to render assurances given by the user
423 * @param int $userid
424 * @param int& $points - [out] sum of given points
425 * @param int& $sum_experience - [out] sum of experience points gained
426 * @param int $support - set to 1 if the output is for the support interface
427 * @param string $ticketno - the ticket number set in the support interface
428 */
429 function output_given_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
430 {
431 $points = 0;
432 $sumexperience = 0;
433 $res = get_given_assurances(intval($userid));
434 while($row = mysql_fetch_assoc($res))
435 {
436 $fromuser = get_user (intval($row['to']));
437 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
438 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
439 $email = show_email_link ($fromuser['email'],intval($row['to']));
440 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
441 }
442 }
443
444 // ************* output received assurances ******************
445
446 /**
447 * Helper function to render assurances received by the user
448 * @param int $userid
449 * @param int& $points - [out] sum of received points
450 * @param int& $sum_experience - [out] sum of experience points the assurers gained
451 * @param int $support - set to 1 if the output is for the support interface
452 * @param string $ticketno - the ticket number set in the support interface
453 */
454 function output_received_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
455 {
456 $points = 0;
457 $sumexperience = 0;
458 $res = get_received_assurances(intval($userid));
459 while($row = mysql_fetch_assoc($res))
460 {
461 $fromuser = get_user (intval($row['from']));
462 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
463 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
464 $email = show_email_link ($fromuser['email'],intval($row['from']));
465 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
466 }
467 }
468
469 // ************* output summary table ******************
470
471 function check_date_limit ($userid,$age)
472 {
473 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
474 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
475 return intval(query_get_number_of_rows($res));
476 }
477
478 function calc_points($row)
479 {
480 $awarded = intval($row['awarded']);
481 if ($awarded == "")
482 $awarded = 0;
483 if (intval($row['points']) < $awarded)
484 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
485 else
486 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
487 switch ($row['method'])
488 {
489 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
490 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
491 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
492 $points = 0;
493 break;
494 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
495 if ($points <= 2) // maybe limit to 35/50 pts in the future?
496 $points = 0;
497 break;
498 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
499 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
500 case 'TTP-Assisted': // TTP assurances, limit to 35
501 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
502 case '': // to be revoked in the future? limit to max 50 pts?
503 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
504 break;
505 default: // should never happen ... ;-)
506 $points = 0;
507 }
508 if ($points < 0) // ignore negative points (bug needs to be fixed)
509 $points = 0;
510 return $points;
511 }
512
513 function max_points($userid)
514 {
515 return output_summary_content ($userid,0);
516 }
517
518 function output_summary_content($userid,$display_output)
519 {
520 $sum_points = 0;
521 $sum_experience = 0;
522 $sum_experience_other = 0;
523 $max_points = 100;
524 $max_experience = 50;
525
526 $experience_limit_reached_txt = _("Limit reached");
527
528 if (check_date_limit($userid,18) != 1)
529 {
530 $max_experience = 10;
531 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
532 }
533 if (check_date_limit($userid,14) != 1)
534 {
535 $max_experience = 0;
536 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
537 }
538
539 $res = get_received_assurances_summary($userid);
540 while($row = mysql_fetch_assoc($res))
541 {
542 $points = calc_points ($row);
543
544 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
545 {
546 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
547 $points = $max_points;
548 }
549 $sum_points += $points*intval($row['number']);
550 }
551
552 $res = get_given_assurances_summary($userid);
553 while($row = mysql_fetch_assoc($res))
554 {
555 switch ($row['method'])
556 {
557 case 'Face to Face Meeting': // count Face to Face only
558 $sum_experience += 2*intval($row['number']);
559 break;
560 }
561
562 }
563
564 if ($sum_points > $max_points)
565 {
566 $sum_points_countable = $max_points;
567 $remark_points = _("Limit reached");
568 }
569 else
570 {
571 $sum_points_countable = $sum_points;
572 $remark_points = "&nbsp;";
573 }
574 if ($sum_experience > $max_experience)
575 {
576 $sum_experience_countable = $max_experience;
577 $remark_experience = $experience_limit_reached_txt;
578 }
579 else
580 {
581 $sum_experience_countable = $sum_experience;
582 $remark_experience = "&nbsp;";
583 }
584
585 if ($sum_experience_countable + $sum_experience_other > $max_experience)
586 {
587 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
588 $remark_experience_other = $experience_limit_reached_txt;
589 }
590 else
591 {
592 $sum_experience_other_countable = $sum_experience_other;
593 $remark_experience_other = "&nbsp;";
594 }
595
596 if ($sum_points_countable < $max_points)
597 {
598 if ($sum_experience_countable != 0)
599 $remark_experience = _("Points on hold due to less assurance points");
600 $sum_experience_countable = 0;
601 if ($sum_experience_other_countable != 0)
602 $remark_experience_other = _("Points on hold due to less assurance points");
603 $sum_experience_other_countable = 0;
604 }
605
606 $issue_points = 0;
607 $cats_test_passed = get_cats_state ($userid);
608 if ($cats_test_passed == 0)
609 {
610 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
611 if ($sum_points_countable < $max_points)
612 {
613 $issue_points_txt = "<strong style='color: red'>";
614 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
615 $issue_points_txt .= "</strong>";
616 }
617 }
618 else
619 {
620 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
621 $issue_points_txt = "";
622 if ($sum_points_countable == $max_points)
623 $issue_points = 10;
624 if ($experience_total >= 10)
625 $issue_points = 15;
626 if ($experience_total >= 20)
627 $issue_points = 20;
628 if ($experience_total >= 30)
629 $issue_points = 25;
630 if ($experience_total >= 40)
631 $issue_points = 30;
632 if ($experience_total >= 50)
633 $issue_points = 35;
634 if ($issue_points != 0)
635 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
636 }
637 if ($display_output)
638 {
639 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
640 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
641 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
642 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
643 }
644 return $issue_points;
645 }
646
647 /**
648 * Render assurances given by the user
649 * @param int $userid
650 * @param int $support - set to 1 if the output is for the support interface
651 * @param string $ticketno - the ticket number set in the support interface
652 */
653 function output_given_assurances($userid, $support=0, $ticketno='')
654 {
655 output_assurances_header(_("Assurance Points You Issued"),$support);
656 output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
657 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
658 }
659
660 /**
661 * Render assurances received by the user
662 * @param int $userid
663 * @param int $support - set to 1 if the output is for the support interface
664 * @param string $ticketno - the ticket number set in the support interface
665 */
666 function output_received_assurances($userid,$support=0, $ticketno='')
667 {
668 output_assurances_header(_("Your Assurance Points"),$support);
669 output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
670 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
671 }
672
673 function output_summary($userid)
674 {
675 output_summary_header();
676 output_summary_content($userid,1);
677 output_summary_footer();
678 }
679
680 function output_end_of_page()
681 {
682 ?>
683 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
684 <?
685 }
686
687 //functions to do with recording user agreements
688 /**
689 * write_user_agreement()
690 * writes a new record to the table user_agreement
691 *
692 * @param mixed $memid
693 * @param mixed $document
694 * @param mixed $method
695 * @param mixed $comment
696 * @param integer $active
697 * @param integer $secmemid
698 * @return
699 */
700 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
701 // write a new record to the table user_agreement
702 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
703 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
704 $res = mysql_query($query);
705 }
706
707 /**
708 * get_user_agreement_status()
709 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
710 * @param mixed $memid
711 * @param string $type
712 * @return
713 */
714 function get_user_agreement_status($memid, $type="CCA"){
715 $query="SELECT u.`document` FROM `user_agreements` u
716 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
717 $res = mysql_query($query);
718 if(mysql_num_rows($res) <=0){
719 return 0;
720 }else{
721 return 1;
722 }
723 }
724
725 /**
726 * Get the first user_agreement entry of the requested type
727 * @param int $memid
728 * @param string $type - the type of user agreement, by default all
729 * agreements are listed
730 * @param int $active - whether to get active or passive agreements:
731 * 0 := passive
732 * 1 := active
733 * null := both
734 * @return array(string=>mixed) - an associative array containing
735 * 'document', 'date', 'method', 'comment', 'active'
736 */
737 function get_first_user_agreement($memid, $type=null, $active=null){
738 $filter = '';
739 if (!is_null($type)) {
740 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
741 }
742
743 if (!is_null($active)) {
744 $filter .= " AND u.`active` = ".intval($active);
745 }
746
747 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
748 WHERE u.`memid`=".intval($memid)."
749 $filter
750 ORDER BY u.`date` LIMIT 1";
751 $res = mysql_query($query);
752 if(mysql_num_rows($res) >0){
753 $rec = mysql_fetch_assoc($res);
754 }else{
755 $rec=array();
756 }
757 return $rec;
758 }
759
760 /**
761 * Get the last user_agreement entry of the requested type
762 * @param int $memid
763 * @param string $type - the type of user agreement, by default all
764 * agreements are listed
765 * @param int $active - whether to get active or passive agreements:
766 * 0 := passive,
767 * 1 := active,
768 * null := both
769 * @return array(string=>mixed) - an associative array containing
770 * 'document', 'date', 'method', 'comment', 'active'
771 */
772 function get_last_user_agreement($memid, $type=null, $active=null){
773 $filter = '';
774 if (!is_null($type)) {
775 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
776 }
777
778 if (!is_null($active)) {
779 $filter .= " AND u.`active` = ".intval($active);
780 }
781
782 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
783 WHERE u.`memid`=".intval($memid)."
784 $filter
785 ORDER BY u.`date` DESC LIMIT 1";
786 $res = mysql_query($query);
787 if(mysql_num_rows($res) >0){
788 $rec = mysql_fetch_assoc($res);
789 }else{
790 $rec=array();
791 }
792 return $rec;
793 }
794
795 /**
796 * Get the all user_agreement entries of the requested type
797 * @param int $memid
798 * @param string $type - the type of user agreement, by default all
799 * agreements are listed
800 * @param int $active - whether to get an active or passive agreements:
801 * 0 := passive,
802 * 1 := active,
803 * null := both
804 * @return resource - a mysql result set containing all agreements
805 */
806 function get_user_agreements($memid, $type=null, $active=null){
807 $filter = '';
808 if (!is_null($type)) {
809 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
810 }
811
812 if (!is_null($active)) {
813 $filter .= " AND u.`active` = ".intval($active);
814 }
815
816 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
817 WHERE u.`memid`=".intval($memid)."
818 $filter
819 ORDER BY u.`date`";
820 return mysql_query($query);
821 }
822
823 /**
824 * delete_user_agreement()
825 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
826 * @param mixed $memid
827 * @param string $type
828 * @return
829 */
830 function delete_user_agreement($memid, $type=false){
831 if ($type === false) {
832 $filter = '';
833 } else {
834 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
835 }
836 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
837 }
838
839 // functions for 6.php (assure somebody)
840
841 function AssureHead($confirmation,$checkname)
842 {
843 ?>
844 <form method="post" action="wot.php">
845 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
846 <tr>
847 <td colspan="2" class="title"><?=$confirmation?></td>
848 </tr>
849 <tr>
850 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
851 </tr>
852 <?
853 }
854
855 function AssureTextLine($field1,$field2)
856 {
857 ?>
858 <tr>
859 <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
860 <td class="DataTD"><?=$field2?></td>
861 </tr>
862 <?
863 }
864
865 function AssureBoxLine($type,$text,$checked)
866 {
867 ?>
868 <tr>
869 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
870 <td class="DataTD"><?=$text?></td>
871 </tr>
872 <?
873 }
874
875 function AssureMethodLine($text,$methods,$remark)
876 {
877 if (count($methods) != 1) {
878 ?>
879 <tr>
880 <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
881 <td class="DataTD">
882 <select name="method">
883 <?
884 foreach($methods as $val) {
885 ?>
886 <option value="<?=$val?>"><?=$val?></option>
887 <?
888 }
889 ?>
890 </select>
891 <br />
892 <?=$remark?>
893 </td>
894 </tr>
895 <?
896 } else {
897 ?>
898 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
899 <?
900 }
901 }
902
903 function AssureInboxLine($type,$field,$value,$description)
904 {
905 ?>
906 <tr>
907 <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
908 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
909 </tr>
910 <?
911 }
912
913 function AssureFoot($oldid,$confirm)
914 {
915 ?>
916 <tr>
917 <td class="DataTD" colspan="2">
918 <input type="submit" name="process" value="<?=$confirm?>" />
919 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
920 </td>
921 </tr>
922 </table>
923 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
924 <input type="hidden" name="oldid" value="<?=$oldid?>" />
925 </form>
926 <?
927 }
928
929 function account_email_delete($mailid){
930 //deletes an email entry from an acount
931 //revolkes all certifcates for that email address
932 //called from www/account.php if($process != "" && $oldid == 2)
933 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
934 //called from account_delete
935 $mailid = intval($mailid);
936 revoke_all_client_cert($mailid);
937 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
938 mysql_query($query);
939 }
940
941 function account_domain_delete($domainid){
942 //deletes an domain entry from an acount
943 //revolkes all certifcates for that domain address
944 //called from www/account.php if($process != "" && $oldid == 9)
945 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
946 //called from account_delete
947 $domainid = intval($domainid);
948 revoke_all_server_cert($domainid);
949 mysql_query(
950 "update `domains`
951 set `deleted`=NOW()
952 where `id` = '$domainid'");
953 }
954
955 function account_delete($id, $arbno, $adminid){
956 //deletes an account following the deleted account routnie V3
957 // called from www/account.php if($oldid == 50 && $process != "")
958 //change password
959 $id = intval($id);
960 $arbno = mysql_real_escape_string($arbno);
961 $adminid = intval($adminid);
962 $pool = 'abcdefghijklmnopqrstuvwxyz';
963 $pool .= '0123456789!()ยง';
964 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
965 srand ((double)microtime()*1000000);
966 $password="";
967 for($index = 0; $index < 30; $index++)
968 {
969 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
970 }
971 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
972
973 //create new mail for arbitration number
974 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
975 mysql_query($query);
976 $emailid = mysql_insert_id();
977
978 //set new mail as default
979 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
980 mysql_query($query);
981
982 //delete all other email address
983 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
984 $res=mysql_query($query);
985 while($row = mysql_fetch_assoc($res)){
986 account_email_delete($row['id']);
987 }
988
989 //delete all domains
990 $query = "select `id` from `domains` where `memid`='".$id."'";
991 $res=mysql_query($query);
992 while($row = mysql_fetch_assoc($res)){
993 account_domain_delete($row['id']);
994 }
995
996 //clear alert settings
997 mysql_query(
998 "update `alerts` set
999 `general`='0',
1000 `country`='0',
1001 `regional`='0',
1002 `radius`='0'
1003 where `memid`='$id'");
1004
1005 //set default location
1006 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1007 mysql_query($query);
1008
1009 //clear listings
1010 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1011 mysql_query($query);
1012
1013 //set lanuage to default
1014 //set default language
1015 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1016 //delete secondary langugaes
1017 mysql_query("delete from `addlang` where `userid`='".$id."'");
1018
1019 //change secret questions
1020 for($i=1;$i<=5;$i++){
1021 $q="";
1022 $a="";
1023 for($index = 0; $index < 30; $index++)
1024 {
1025 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1026 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1027 }
1028 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1029 mysql_query($query);
1030 }
1031
1032 //change personal information to arbitration number and DOB=1900-01-01
1033 $query = "update `users` set `fname`='".$arbno."',
1034 `mname`='".$arbno."',
1035 `lname`='".$arbno."',
1036 `suffix`='".$arbno."',
1037 `dob`='1900-01-01'
1038 where `id`='".$id."'";
1039 mysql_query($query);
1040
1041 //clear all admin and board flags
1042 mysql_query(
1043 "update `users` set
1044 `assurer`='0',
1045 `assurer_blocked`='0',
1046 `codesign`='0',
1047 `orgadmin`='0',
1048 `ttpadmin`='0',
1049 `locadmin`='0',
1050 `admin`='0',
1051 `adadmin`='0',
1052 `tverify`='0',
1053 `board`='0'
1054 where `id`='$id'");
1055
1056 //block account
1057 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1058 }
1059
1060
1061 function check_email_exists($email){
1062 // called from includes/account.php if($process != "" && $oldid == 1)
1063 // called from includes/account.php if($oldid == 50 && $process != "")
1064 $email = mysql_real_escape_string($email);
1065 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1066 $res = mysql_query($query);
1067 return mysql_num_rows($res) > 0;
1068 }
1069
1070 function check_gpg_cert_running($uid,$cca=0){
1071 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1072 // called from includes/account.php if($oldid == 50 && $process != "")
1073 $uid = intval($uid);
1074 if (0==$cca) {
1075 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1076 }else{
1077 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1078 }
1079 $res = mysql_query($query);
1080 return mysql_num_rows($res) > 0;
1081 }
1082
1083 function check_client_cert_running($uid,$cca=0){
1084 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1085 // called from includes/account.php if($oldid == 50 && $process != "")
1086 $uid = intval($uid);
1087 if (0==$cca) {
1088 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1089 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1090 }else{
1091 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1092 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1093 }
1094 $res = mysql_query($query1);
1095 $r1 = mysql_num_rows($res)>0;
1096 $res = mysql_query($query2);
1097 $r2 = mysql_num_rows($res)>0;
1098 return !!($r1 || $r2);
1099 }
1100
1101 function check_server_cert_running($uid,$cca=0){
1102 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1103 // called from includes/account.php if($oldid == 50 && $process != "")
1104 $uid = intval($uid);
1105 if (0==$cca) {
1106 $query1 = "
1107 select 1 from `domaincerts` join `domains`
1108 on `domaincerts`.`domid` = `domains`.`id`
1109 where `domains`.`memid` = '$uid'
1110 and `domaincerts`.`expire` > NOW()
1111 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1112 $query2 = "
1113 select 1 from `domaincerts` join `domains`
1114 on `domaincerts`.`domid` = `domains`.`id`
1115 where `domains`.`memid` = '$uid'
1116 and `revoked`>NOW()";
1117 }else{
1118 $query1 = "
1119 select 1 from `domaincerts` join `domains`
1120 on `domaincerts`.`domid` = `domains`.`id`
1121 where `domains`.`memid` = '$uid'
1122 and `expire`>(NOW()-90*86400)
1123 and `revoked`<`created`";
1124 $query2 = "
1125 select 1 from `domaincerts` join `domains`
1126 on `domaincerts`.`domid` = `domains`.`id`
1127 where `domains`.`memid` = '$uid'
1128 and `revoked`>(NOW()-90*86400)";
1129 }
1130 $res = mysql_query($query1);
1131 $r1 = mysql_num_rows($res)>0;
1132 $res = mysql_query($query2);
1133 $r2 = mysql_num_rows($res)>0;
1134 return !!($r1 || $r2);
1135 }
1136
1137 function check_is_orgadmin($uid){
1138 // called from includes/account.php if($oldid == 50 && $process != "")
1139 $uid = intval($uid);
1140 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1141 $res = mysql_query($query);
1142 return mysql_num_rows($res) > 0;
1143 }
1144
1145
1146 // revokation of certificates
1147 function revoke_all_client_cert($mailid){
1148 //revokes all client certificates for an email address
1149 $mailid = intval($mailid);
1150 $query = "select `emailcerts`.`id`
1151 from `emaillink`,`emailcerts` where
1152 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1153 group by `emailcerts`.`id`";
1154 $dres = mysql_query($query);
1155 while($drow = mysql_fetch_assoc($dres)){
1156 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1157 }
1158 }
1159
1160 function revoke_all_server_cert($domainid){
1161 //revokes all server certs for an domain
1162 $domainid = intval($domainid);
1163 $query =
1164 "select `domaincerts`.`id`
1165 from `domaincerts`
1166 where `domaincerts`.`domid` = '$domainid'
1167 union distinct
1168 select `domaincerts`.`id`
1169 from `domaincerts`, `domlink`
1170 where `domaincerts`.`id` = `domlink`.`certid`
1171 and `domlink`.`domid` = '$domainid'";
1172 $dres = mysql_query($query);
1173 while($drow = mysql_fetch_assoc($dres))
1174 {
1175 mysql_query(
1176 "update `domaincerts`
1177 set `revoked`='1970-01-01 10:00:01'
1178 where `id` = '".$drow['id']."'
1179 and `revoked` = 0");
1180 }
1181 }
1182
1183 function revoke_all_private_cert($uid){
1184 //revokes all certificates linked to a personal accounts
1185 //gpg revokation needs to be added to a later point
1186 $uid=intval($uid);
1187 $query = "select `id` from `email` where `memid`='".$uid."'";
1188 $res=mysql_query($query);
1189 while($row = mysql_fetch_assoc($res)){
1190 revoke_all_client_cert($row['id']);
1191 }
1192
1193
1194 $query = "select `id` from `domains` where `memid`='".$uid."'";
1195 $res=mysql_query($query);
1196 while($row = mysql_fetch_assoc($res)){
1197 revoke_all_server_cert($row['id']);
1198 }
1199 }
1200
1201 /**
1202 * check_date_format()
1203 * checks if the date is entered in the right date format YYYY-MM-DD and
1204 * if the date is after the 1st January of the given year
1205 *
1206 * @param mixed $date
1207 * @param integer $year
1208 * @return
1209 */
1210 function check_date_format($date, $year=2000){
1211 if (!strpos($date,'-')) {
1212 return FALSE;
1213 }
1214 $arr=explode('-',$date);
1215
1216 if ((count($arr)!=3)) {
1217 return FALSE;
1218 }
1219 if (intval($arr[0])<=$year) {
1220 return FALSE;
1221 }
1222 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1223 return FALSE;
1224 }
1225 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1226 return FALSE;
1227 }
1228
1229 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1230
1231 }
1232
1233 /**
1234 * check_date_difference()
1235 * returns false if the date is larger then today + time diffrence
1236 *
1237 * @param mixed $date
1238 * @param integer $diff
1239 * @return
1240 */
1241 function check_date_difference($date, $diff=1){
1242 return (strtotime($date)<=time()+$diff*86400);
1243 }
1244
1245 /**
1246 * Write some information to the adminlog
1247 *
1248 * @param int $uid - id of the user account
1249 * @param int $adminid - id of the admin
1250 * @param string $type - the operation that was performed on the user account
1251 * @param string $info - the ticket / arbitration number or other information
1252 * @return bool - true := success, false := error
1253 */
1254 function write_se_log($uid, $adminid, $type, $info){
1255 //records all support engineer actions changing a user account
1256 $uid = intval($uid);
1257 $adminid = intval($adminid);
1258 $type = mysql_real_escape_string($type);
1259 $info = mysql_real_escape_string($info);
1260 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1261 (Now(), $uid, $adminid, '$type', '$info')";
1262 return mysql_query($query);
1263 }
1264
1265 /**
1266 * Check if the entered information is a valid ticket or arbitration number
1267 * @param string $ticketno
1268 * @return bool
1269 */
1270 function valid_ticket_number($ticketno){
1271 //a arbitration case
1272 //d dispute action
1273 //s support case
1274 //m board motion
1275 $pattern='/[adsmADSM]\d{8}\./';
1276 if (preg_match($pattern, $ticketno)) {
1277 return true;
1278 }
1279 return false;
1280 }
1281
1282 // function for handling account/43.php
1283 /**
1284 * Get all data of an account given by the id from the `users` table
1285 * @param int $userid - account id
1286 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1287 * @return resource - a mysql result set
1288 */
1289 function get_user_data($userid, $deleted=0){
1290 $userid = intval($userid);
1291 $filter='';
1292 if (0==$deleted) {
1293 $filter .=' and `users`.`deleted`=0';
1294 }
1295 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1296 return mysql_query($query);
1297 }
1298
1299 /**
1300 * Get the alert settings for a user
1301 * @param int $userid for the requested account
1302 * @return array - associative array
1303 */
1304 function get_alerts($userid){
1305 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1306 }
1307
1308 /**
1309 * Get all email addresses linked to the account
1310 * @param int $userid
1311 * @param string $exclude - if given the email address will be excluded
1312 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1313 * @return resource - a mysql result set
1314 */
1315 function get_email_addresses($userid, $exclude, $deleted=0){
1316 //should be entered in account/2.php
1317 $userid = intval($userid);
1318 $filter='';
1319 if (0==$deleted) {
1320 $filter .= ' and `deleted`=0';
1321 }
1322 if ($exclude) {
1323 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1324 }
1325 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1326 return mysql_query($query);
1327 }
1328
1329 /**
1330 * Get all domains linked to the account
1331 * @param int $userid
1332 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1333 * @return resource - a mysql result set
1334 */
1335 function get_domains($userid, $deleted=0){
1336 //should be entered in account/9.php
1337 $userid = intval($userid);
1338 $filter='';
1339 if (0==$deleted) {
1340 $filter .= ' and `deleted`=0';
1341 }
1342 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1343 return mysql_query($query);
1344 }
1345
1346 /**
1347 * Get all training results for the account
1348 * @param int $userid
1349 * @return resource - a mysql result set
1350 */
1351 function get_training_results($userid){
1352 //should be entered in account/55.php
1353 $userid = intval($userid);
1354 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1355 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1356 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1357 " ORDER BY `CP`.`pass_date`";
1358 return mysql_query($query);
1359 }
1360
1361 /**
1362 * Get all SE log entries for the account
1363 * @param int $userid
1364 * @return resource - a mysql result set
1365 */
1366 function get_se_log($userid){
1367 $userid = intval($userid);
1368 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1369 FROM `adminlog`, `users`
1370 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1371 ORDER BY `adminlog`.`when`";
1372 return mysql_query($query);
1373 }
1374
1375 /**
1376 * Get all client certificates linked to the account
1377 * @param int $userid
1378 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1379 * @return resource - a mysql result set
1380 */
1381 function get_client_certs($userid, $viewall=0){
1382 //add to account/5.php
1383 $userid = intval($userid);
1384 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1385 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1386 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1387 `emailcerts`.`expire`,
1388 `emailcerts`.`revoked` as `revoke`,
1389 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1390 `emailcerts`.`id`,
1391 `emailcerts`.`CN`,
1392 `emailcerts`.`serial`,
1393 `emailcerts`.`disablelogin`,
1394 `emailcerts`.`description`
1395 from `emailcerts`
1396 where `emailcerts`.`memid`='".$userid."'";
1397 if($viewall == 0)
1398 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1399 $query .= " HAVING `timeleft` > 0";
1400 $query .= " ORDER BY `emailcerts`.`modified` desc";
1401 return mysql_query($query);
1402 }
1403
1404 /**
1405 * Get all server certs linked to the account
1406 * @param int $userid
1407 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1408 * @return resource - a mysql result set
1409 */
1410 function get_server_certs($userid, $viewall=0){
1411 //add to account/12.php
1412 $userid = intval($userid);
1413 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1414 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1415 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1416 `domaincerts`.`expire`,
1417 `domaincerts`.`revoked` as `revoke`,
1418 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1419 `domaincerts`.`CN`,
1420 `domaincerts`.`serial`,
1421 `domaincerts`.`id`,
1422 `domaincerts`.`description`
1423 from `domaincerts`,`domains`
1424 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1425 if($viewall == 0)
1426 {
1427 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1428 $query .= " HAVING `timeleft` > 0";
1429 }
1430 $query .= " ORDER BY `domaincerts`.`modified` desc";
1431 return mysql_query($query);
1432 }
1433
1434 /**
1435 * Get all gpg certs linked to the account
1436 * @param int $userid
1437 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1438 * @return resource - a mysql result set
1439 */
1440 function get_gpg_certs($userid, $viewall=0){
1441 //add to gpg/2.php
1442 $userid = intval($userid);
1443 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1444 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1445 UNIX_TIMESTAMP(`expire`) as `expired`,
1446 `expire`, `id`, `level`, `email`, `keyid`, `description`
1447 from `gpg` where `memid`='".$userid."'";
1448 if ($viewall == 0) {
1449 $query .= " HAVING `timeleft` > 0";
1450 }
1451 $query .= " ORDER BY `issued` desc";
1452 return mysql_query($query);
1453 }
1454
1455
1456
1457 /**
1458 * output_log_email_header()
1459 * shows the table header to the email table
1460 * @return
1461 */
1462 function output_log_email_header(){
1463 ?>
1464 <tr>
1465 <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
1466 <td class="DataTD bold"><?= _("Created") ?></td>
1467 <td class="DataTD bold"><?= _("Deleted") ?></td>
1468 </tr>
1469
1470 <?
1471 }
1472 /**
1473 * output_log_email()
1474 * shows all email data
1475 * @param mixed $row - sql-query array
1476 * @param mixed $primary - if given the primary address is highlighted
1477 * @return
1478 */
1479 function output_log_email($row,$primary){
1480 $primaryemailaddress='';
1481 $deletedemailaddress='';
1482 if ($row['deleted'] > 0) {
1483 $deletedemailaddress=' deletedemailaddress';
1484 }
1485 if ($primary==$row['email'] && $row['deleted'] == 0) {
1486 $primaryemailaddress= ' primaryemailaddress';
1487 }
1488 ?>
1489 <tr>
1490 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['email']?></td>
1491 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['created']?></td>
1492 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['deleted']?></td>
1493 </tr>
1494 <?
1495 }
1496
1497 /**
1498 * output_log_domains_header()
1499 * shows the table header to the domains table
1500 * @return
1501 */
1502 function output_log_domains_header(){
1503 ?>
1504 <tr>
1505 <td class="DataTD bold"><?= _("Domain") ?></td>
1506 <td class="DataTD bold"><?= _("Created") ?></td>
1507 <td class="DataTD bold"><?= _("Deleted") ?></td>
1508 </tr>
1509
1510 <?
1511 }
1512
1513 /**
1514 * output_log_domains()
1515 * shows the domain data
1516 * @param mixed $row - sql-query array
1517 * @return
1518 */
1519 function output_log_domains($row){
1520 $italic='';
1521 if (0==$row['deleted']) {
1522 $italic='italic ';
1523 }
1524 ?>
1525 <tr>
1526 <td class="DataTD <? $italic ?>"><?=$row['domain']?></td>
1527 <td class="DataTD <? $italic ?>"><?=$row['created']?></td>
1528 <td class="DataTD <? $italic ?>"><?=$row['deleted']?></td>
1529 </tr>
1530 <?
1531 }
1532
1533 /**
1534 * output_log_agreement_header()
1535 * shows the table header to the user agreement table
1536 * @return
1537 */
1538 function output_log_agreement_header(){
1539 ?>
1540 <tr>
1541 <td class="DataTD bold"><?= _("Agreement") ?></td>
1542 <td class="DataTD bold"><?= _("Date") ?></td>
1543 <td class="DataTD bold"><?= _("Method") ?></td>
1544 <td class="DataTD bold"><?= _("Active ") ?></td>
1545 </tr>
1546 <?
1547 }
1548
1549 /**
1550 * output_log_agreement()
1551 * shows the agreement data
1552 * @param mixed $row - sql-query array
1553 * @return
1554 */
1555 function output_log_agreement($row){
1556 ?>
1557 <tr>
1558 <td class="DataTD" ><?=$row['document']?></td>
1559 <td class="DataTD" ><?=$row['date']?></td>
1560 <td class="DataTD" ><?=$row['method']?></td>
1561 <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
1562 </tr>
1563 <?
1564 }
1565
1566 /**
1567 * output_log_training_header()
1568 * shows the table header to the training table
1569 * @return
1570 */
1571 function output_log_training_header(){
1572 //should be entered in account/55.php
1573 ?>
1574 <tr>
1575 <td class="DataTD bold"><?= _("Agreement") ?></td>
1576 <td class="DataTD bold"><?= _("Test") ?></td>
1577 <td class="DataTD bold"><?= _("Variant") ?></td>
1578 </tr>
1579 <?
1580 }
1581
1582 /**
1583 * output_log_training()
1584 * shows the training data
1585 * @param mixed $row - sql-query array
1586 * @return
1587 */
1588 function output_log_training($row){
1589 //should be entered in account/55.php
1590 ?>
1591 <tr>
1592 <td class="DataTD"><?=$row['pass_date']?></td>
1593 <td class="DataTD"><?=$row['type_text']?></td>
1594 <td class="DataTD"><?=$row['test_text']?></td>
1595 </tr>
1596 <?
1597 }
1598
1599 /**
1600 * output_log_se_header()
1601 * shows the table header to the SE log table
1602 * @param integer $support - if support = 1 some columns ar not visible
1603 * @return
1604 */
1605 function output_log_se_header($support=0){
1606 ?>
1607 <tr>
1608 <td class="DataTD bold"><?= _("Date") ?></td>
1609 <td class="DataTD bold"><?= _("Type") ?></td>
1610 <?if (1==$support) {
1611 ?>
1612 <td class="DataTD bold"><?= _("Information") ?></td>
1613 <td class="DataTD bold"><?= _("Admin") ?></td>
1614 <?
1615 }?>
1616 </tr>
1617 <?
1618 }
1619
1620 /**
1621 * output_log_se()
1622 * show the SE log data
1623 * @param mixed $row - sql-query array
1624 * @param integer $support - if support = 1 some columns are added
1625 * @return
1626 */
1627 function output_log_se($row, $support=0){
1628 //should be entered in account/55.php
1629 ?>
1630 <tr>
1631 <td class="DataTD"><?=$row['when']?></td>
1632 <td class="DataTD"><?=$row['type']?></td>
1633 <?if (1==$support) {
1634 ?>
1635 <td class="DataTD"><?=$row['information']?></td>
1636 <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
1637 <?
1638 }?>
1639 </tr>
1640 <?
1641 }
1642
1643 /**
1644 * output_client_cert_header()
1645 * shows the table header to the cleint cert table
1646 * @param integer $support - if support = 1 some columns ar not visible
1647 * @return
1648 */
1649 function output_client_cert_header($support=0){
1650 //should be added to account/5.php
1651 ?>
1652 <tr>
1653 <?if ($support !=1) { ?>
1654 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1655 <? } ?>
1656 <td class="DataTD"><?=_("Status")?></td>
1657 <td class="DataTD"><?=_("Email Address")?></td>
1658 <td class="DataTD"><?=_("SerialNumber")?></td>
1659 <td class="DataTD"><?=_("Revoked")?></td>
1660 <td class="DataTD"><?=_("Expires")?></td>
1661 <td class="DataTD"><?=_("Login")?></td>
1662 <?if ($support !=1) { ?>
1663 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1664 <? } ?>
1665 </tr>
1666 <?
1667 }
1668
1669 /**
1670 * output_client_cert()
1671 * show the client cert data
1672 * @param mixed $row - sql-query array
1673 * @param integer $support - if support = 1 some columns are not visible
1674 * @return
1675 */
1676 function output_client_cert($row, $support=0){
1677 //should be entered in account/5.php
1678 $verified="";
1679 if($row['timeleft'] > 0)
1680 $verified = _("Valid");
1681 if($row['timeleft'] < 0)
1682 $verified = _("Expired");
1683 if($row['expired'] == 0)
1684 $verified = _("Pending");
1685 if($row['revoked'] > 0)
1686 $verified = _("Revoked");
1687 if($row['revoked'] == 0)
1688 $row['revoke'] = _("Not Revoked");
1689 ?>
1690 <tr>
1691 <?
1692 if($verified != _("Pending") && $verified != _("Revoked")) {
1693 if ($support !=1) { ?>
1694 <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
1695 <? } ?>
1696 <td class="DataTD"><?=$verified?></td>
1697 <? if ($support !=1) { ?>
1698 <td class="DataTD"><a href="account.php?id=6&amp;cert=<?=$row['id']?>"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></a></td>
1699 <? } ELSE {?>
1700 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1701 <? } ?>
1702 <? } else if($verified != _("Revoked")) {
1703 if ($support !=1) { ?>
1704 <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
1705 <? } ?>
1706 <td class="DataTD"><?=$verified?></td>
1707 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1708 <? } else {
1709 if ($support !=1) { ?>
1710 <td class="DataTD">&nbsp;</td>
1711 <? } ?>
1712 <td class="DataTD"><?=$verified?></td>
1713 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1714 <? } ?>
1715
1716 <td class="DataTD"><?=$row['serial']?></td>
1717 <td class="DataTD"><?=$row['revoke']?></td>
1718 <td class="DataTD"><?=$row['expire']?></td>
1719
1720 <? if ($support !=1) { ?>
1721 <td class="DataTD">
1722 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
1723 <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
1724 </td>
1725 <? } ELSE { ?>
1726 <td class="DataTD">
1727 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> DISABLED/>
1728 </td>
1729 <? }
1730 if ($support !=1) { ?>
1731 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
1732 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
1733 <? }?>
1734 </tr>
1735
1736 <?
1737 }
1738
1739 /**
1740 * output_log_server_certs_header()
1741 * shows the table header to the server cert table
1742 * @param integer $support - if support = 1 some columns ar not visible
1743 * @return
1744 */
1745 function output_log_server_certs_header($support=0){
1746 //should be entered in account/12.php
1747 ?>
1748 <tr>
1749 <?if ($support !=1) { ?>
1750 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1751 <? } ?>
1752 <td class="DataTD"><?=_("Status")?></td>
1753 <td class="DataTD"><?=_("CommonName")?></td>
1754 <td class="DataTD"><?=_("SerialNumber")?></td>
1755 <td class="DataTD"><?=_("Revoked")?></td>
1756 <td class="DataTD"><?=_("Expires")?></td>
1757 <?if ($support !=1) { ?>
1758 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1759 <? } ?>
1760 </tr>
1761 <?
1762 }
1763
1764 /**
1765 * output_log_server_certs()
1766 * show the server cert data
1767 * @param mixed $row - sql-query array
1768 * @param integer $support - if support = 1 some columns are not visible
1769 * @return
1770 */
1771 function output_log_server_certs($row, $support=0){
1772 //should be entered in account/12.php
1773 if($row['timeleft'] > 0)
1774 $verified = _("Valid");
1775 if($row['timeleft'] < 0)
1776 $verified = _("Expired");
1777 if($row['expired'] == 0)
1778 $verified = _("Pending");
1779 if($row['revoked'] > 0)
1780 $verified = _("Revoked");
1781 if($row['revoked'] == 0)
1782 $row['revoke'] = _("Not Revoked");
1783 ?>
1784 <tr>
1785 <? if ($support !=1) {
1786 if($verified != _("Pending") && $verified != _("Revoked")) { ?>
1787 <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
1788 <? } else if($verified != _("Revoked")) { ?>
1789 <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
1790 <? } else { ?>
1791 <td class="DataTD">&nbsp;</td>
1792 <? }
1793 }?>
1794 <td class="DataTD"><?=$verified?></td>
1795 <?if ($support !=1) { ?>
1796 <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
1797 <? }ELSE{ ?>
1798 <td class="DataTD"><?=$row['CN']?></td>
1799 <?}?>
1800 <td class="DataTD"><?=$row['serial']?></td>
1801 <td class="DataTD"><?=$row['revoke']?></td>
1802 <td class="DataTD"><?=$row['expire']?></td>
1803 <?if ($support !=1) { ?>
1804 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
1805 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
1806 <?}?>
1807 </tr> <?
1808 }
1809
1810 /**
1811 * output_gpg_certs_header()
1812 * shows the table header to the gpg cert table
1813 * @param integer $support - if support = 1 some columns ar not visible
1814 * @return
1815 */
1816 function output_gpg_certs_header($support=0){
1817 ?>
1818 <tr>
1819 <td class="DataTD"><?=_("Status")?></td>
1820 <td class="DataTD"><?=_("Email Address")?></td>
1821 <td class="DataTD"><?=_("Expires")?></td>
1822 <td class="DataTD"><?=_("Key ID")?></td>
1823 <?if ($support !=1) { ?>
1824 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1825 <? }?>
1826 </tr>
1827 <?
1828 }
1829
1830 /**
1831 * output_gpg_certs()
1832 * show the gpg cert data
1833 * @param mixed $row - sql-query array
1834 * @param integer $support - if support = 1 some columns are not visible
1835 * @return
1836 */
1837 function output_gpg_certs($row, $support=0){
1838 //should be entered in account/55.php
1839 if($row['timeleft'] > 0)
1840 $verified = _("Valid");
1841 if($row['timeleft'] < 0)
1842 $verified = _("Expired");
1843 if($row['expired'] == 0)
1844 $verified = _("Pending");
1845 ?>
1846 <tr>
1847 <? if($verified == _("Valid")) { ?>
1848 <td class="DataTD"><?=$verified?></td>
1849 <?if ($support !=1) { ?>
1850 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['email']?></a></td>
1851 <? } else { ?>
1852 <td class="DataTD"><?=$row['email']?></td>
1853 <? } ?>
1854 <? } else if($verified == _("Pending")) { ?>
1855 <td class="DataTD"><?=$verified?></td>
1856 <td class="DataTD"><?=$row['email']?></td>
1857 <? } else { ?>
1858 <td class="DataTD"><?=$verified?></td>
1859 <?if ($support !=1) { ?>
1860 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['email']?></a></td>
1861 <? } else { ?>
1862 <td class="DataTD"><?=$row['email']?></td>
1863 <? } ?>
1864 <? } ?>
1865 <td class="DataTD"><?=$row['expire']?></td>
1866 <?if ($support != 1) { ?>
1867 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
1868 <? } else { ?>
1869 <td class="DataTD"><?=$row['keyid']?></td>
1870 <? } ?>
1871 <?if ($support !=1) { ?>
1872 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
1873 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
1874 <? } ?>
1875 </tr>
1876 <?
1877 }
1878
1879 /**
1880 * output_log_given_assurances()
1881 * returns the list of all given assurances
1882 * @param mixed $userid - user id for the output
1883 * @param integer $support - support view = 1
1884 * @return
1885 */
1886 function output_log_given_assurances($userid, $support=0)
1887 {
1888 output_assurances_header(_("Assurance given"),$support);
1889 output_log_given_assurances_content($userid, $support);
1890 }
1891
1892 /**
1893 * output_log_given_assurances_content()
1894 *
1895 * @param mixed $userid
1896 * @param mixed $support
1897 * @return
1898 */
1899 function output_log_given_assurances_content($userid, $support)
1900 {
1901 $res = get_given_assurances(intval($userid), 1);
1902 while($row = mysql_fetch_assoc($res))
1903 {
1904 $fromuser = get_user (intval($row['to']));
1905 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
1906 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
1907 $email = show_email_link ($fromuser['email'],intval($row['to']));
1908 $revoked = '';
1909 if ($row['date'] != 0) {
1910 $revoked = $row['deleted'];
1911 }
1912 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
1913 }
1914 }
1915
1916 /**
1917 * output_log_received_assurances()
1918 *
1919 * @param mixed $userid
1920 * @param integer $support
1921 * @return
1922 */
1923 function output_log_received_assurances($userid, $support=0)
1924 {
1925 output_assurances_header(_("Assurance received"), $support);
1926 output_log_received_assurances_content($userid, $support);
1927 }
1928
1929 /**
1930 * output_log_received_assurances_content()
1931 *
1932 * @param mixed $userid
1933 * @param mixed $support
1934 * @param mixed $points
1935 * @param mixed $sum_experience
1936 * @param mixed $ticketno
1937 * @return
1938 */
1939 function output_log_received_assurances_content($userid, $support)
1940 {
1941 $res = get_received_assurances(intval($userid), 1);
1942 while($row = mysql_fetch_assoc($res))
1943 {
1944 $fromuser = get_user (intval($row['from']));
1945 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
1946 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
1947 $email = show_email_link ($fromuser['email'],intval($row['from']));
1948 $revoked = '';
1949 if ($row['date'] != 0) {
1950 $revoked = $revoked = $row['deleted'];
1951 }
1952 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
1953 }
1954 }
1955
1956 /**
1957 * output_log_assurances_row()
1958 *
1959 * @param mixed $assuranceid
1960 * @param mixed $date
1961 * @param mixed $when
1962 * @param mixed $email
1963 * @param mixed $name
1964 * @param mixed $awarded
1965 * @param mixed $points
1966 * @param mixed $location
1967 * @param mixed $method
1968 * @param mixed $experience
1969 * @param mixed $userid
1970 * @param mixed $support
1971 * @param mixed $revoked
1972 * @return
1973 */
1974 function output_log_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
1975 {
1976
1977 $tdstyle="";
1978 $emopen="";
1979 $emclose="";
1980
1981 if ($awarded == $points)
1982 {
1983 if ($awarded == "0")
1984 {
1985 if ($when < "2006-09-01")
1986 {
1987 $tdstyle="style='background-color: #ffff80'";
1988 $emopen="<em>";
1989 $emclose="</em>";
1990 }
1991 }
1992 }
1993 ?>
1994 <tr>
1995 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
1996 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
1997 <?
1998 if ($support == "1")
1999 {
2000 ?>
2001 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
2002 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
2003 <?
2004 }
2005 ?>
2006 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
2007 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
2008 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
2009 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
2010 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
2011 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked?><?=$emclose?></td>
2012 </tr>
2013 <?
2014 }