bug 1138: Reorder if clauses for better readability
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 define('NULL_DATETIME', '0000-00-00 00:00:00');
20
21 function query_init ($query)
22 {
23 return mysql_query($query);
24 }
25
26 function query_getnextrow ($res)
27 {
28 $row1 = mysql_fetch_assoc($res);
29 return $row1;
30 }
31
32 function query_get_number_of_rows ($resultset)
33 {
34 return intval(mysql_num_rows($resultset));
35 }
36
37 function get_number_of_assurances ($userid)
38 {
39 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
40 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `from`='".intval($userid)."' ");
41 $row = query_getnextrow($res);
42
43 return intval($row['list']);
44 }
45
46 function get_number_of_ttpassurances ($userid)
47 {
48 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
49 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `deleted`=0 AND `to`='".intval($userid)."' ");
50 $row = query_getnextrow($res);
51
52 return intval($row['list']);
53 }
54
55 function get_number_of_assurees ($userid)
56 {
57 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
58 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `to`='".intval($userid)."' ");
59 $row = query_getnextrow($res);
60
61 return intval($row['list']);
62 }
63
64 function get_top_assurer_position ($no_of_assurances)
65 {
66 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
67 WHERE `method` = 'Face to Face Meeting'
68 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
69 return intval(query_get_number_of_rows($res)+1);
70 }
71
72 function get_top_assuree_position ($no_of_assurees)
73 {
74 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
75 WHERE `method` = 'Face to Face Meeting'
76 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
77 return intval(query_get_number_of_rows($res)+1);
78 }
79
80 /**
81 * Get the list of assurances given by the user
82 * @param int $userid - id of the assurer
83 * @param int $log - if set to 1 also includes deleted assurances
84 * @return resource - a MySQL result set
85 */
86 function get_given_assurances($userid, $log=0)
87 {
88 $deleted='';
89 if ($log == 0) {
90 $deleted = ' and `deleted` = 0 ';
91 }
92 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
93 return $res;
94 }
95
96 /**
97 * Get the list of assurances received by the user
98 * @param int $userid - id of the assuree
99 * @param integer $log - if set to 1 also includes deleted assurances
100 * @return resource - a MySQL result set
101 */
102 function get_received_assurances($userid, $log=0)
103 {
104 $deleted='';
105 if ($log == 0) {
106 $deleted = ' and `deleted` = 0 ';
107 }
108 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
109 return $res;
110 }
111
112 function get_given_assurances_summary ($userid)
113 {
114 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
115 return $res;
116 }
117
118 function get_received_assurances_summary ($userid)
119 {
120 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
121 return $res;
122 }
123
124 function get_user ($userid)
125 {
126 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
127 return mysql_fetch_assoc($res);
128 }
129
130 function get_cats_state ($userid)
131 {
132
133 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
134 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
135 return mysql_num_rows($res);
136 }
137
138 function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
139 {
140 $apoints = max($row['points'], $row['awarded']);
141 $points += $apoints;
142 $experience = "&nbsp;";
143 $revoked = false; # to be coded later (after DB-upgrade)
144 if ($row['method'] == "Face to Face Meeting")
145 {
146 $sum_experience = $sum_experience +2;
147 $experience = "2";
148 }
149 return $apoints;
150 }
151
152 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
153 {
154 $awarded = calc_points($row);
155 $revoked = false;
156
157 if ($awarded > 100)
158 {
159 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
160 $awarded = 100;
161 }
162 else
163 $experience = 0;
164
165 switch ($row['method'])
166 {
167 case 'Thawte Points Transfer':
168 case 'CT Magazine - Germany':
169 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
170 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
171 $experience=0;
172 $revoked=true;
173 break;
174 default:
175 $points += $awarded;
176 }
177 $sumexperience = $sumexperience + $experience;
178 }
179
180
181 function show_user_link ($name,$userid)
182 {
183 $name = trim($name);
184 if($name == "")
185 {
186 if ($userid == 0)
187 $name = _("System");
188 else
189 $name = _("Deleted account");
190 }
191 else
192 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
193 return $name;
194 }
195
196 function show_email_link ($email,$userid)
197 {
198 $email = trim($email);
199 if($email != "")
200 $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
201 return $email;
202 }
203
204 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
205 {
206 $num_of_assurances = get_number_of_assurances (intval($userid));
207 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
208 }
209
210 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
211 {
212 $num_of_assurees = get_number_of_assurees (intval($userid));
213 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
214 }
215
216
217 // ************* html table definitions ******************
218
219 function output_ranking($userid)
220 {
221 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
222 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
223
224 ?>
225 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
226 <tr>
227 <td class="title"><?=_("Assurer Ranking")?></td>
228 </tr>
229 <tr>
230 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
231 </tr>
232 <tr>
233 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
234 </tr>
235 </table>
236 <br/>
237 <?
238 }
239
240 function output_assurances_header($title,$support)
241 {
242 ?>
243 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
244 <tr>
245 <?
246 if ($support == "1")
247 {
248 ?>
249 <td colspan="10" class="title"><?=$title?></td>
250 <?
251 } else {
252 ?>
253 <td colspan="7" class="title"><?=$title?></td>
254 <?
255 }
256 ?>
257 </tr>
258 <tr>
259 <td class="DataTD"><strong><?=_("ID")?></strong></td>
260 <td class="DataTD"><strong><?=_("Date")?></strong></td>
261 <?
262 if ($support == "1")
263 {
264 ?>
265 <td class="DataTD"><strong><?=_("When")?></strong></td>
266 <td class="DataTD"><strong><?=_("Email")?></strong></td>
267 <?
268 }
269 ?>
270 <td class="DataTD"><strong><?=_("Who")?></strong></td>
271 <td class="DataTD"><strong><?=_("Points")?></strong></td>
272 <td class="DataTD"><strong><?=_("Location")?></strong></td>
273 <td class="DataTD"><strong><?=_("Method")?></strong></td>
274 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
275 <?
276 if ($support == "1")
277 {
278 ?>
279 <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
280 <?
281 }
282 ?>
283 </tr>
284 <?
285 }
286
287 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
288 {
289 ?>
290 <tr>
291 <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
292 <td class="DataTD"><?=$points?></td>
293 <td class="DataTD">&nbsp;</td>
294 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
295 <td class="DataTD"><?=$sumexperience?></td>
296 <?
297 if ($support == "1")
298 {
299 ?>
300 <td class="DataTD">&nbsp;</td>
301 <?
302 }
303 ?>
304
305 </tr>
306 </table>
307 <br/>
308 <?
309 }
310
311 /**
312 * Render an assurance for a view
313 * @param int $assuranceid - id of the assurance
314 * @param string $date - When the assurance took place in user provided format
315 * @param string $when - When the assurance was entered (ISO format), only visible for support
316 * @param string $email - Email address of the other party, only visible for support
317 * @param string $name - Name of the other party
318 * @param int $awarded - The points the Assurer wanted to issue (not rounded down)
319 * @param int $points - The points recognised by the system (rounded down)
320 * @param string $location - Where the assurance took place
321 * @param string $method - The method used to make the assurance (Face-to-Face, Administrative Increase, etc.)
322 * @param int $experience - Number of experience points the Assurer got for this assurance
323 * @param int $userid - Id of the user whichs given/received assurances are displayed
324 * @param int $support - set to 1 if the output is for the support interface
325 * @param bool $revoked - whether the assurance is already revoked
326 * @param string $ticketno - ticket number currently set in the support interface
327 */
328 function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked, $ticketno)
329 {
330
331 $tdstyle="";
332 $emopen="";
333 $emclose="";
334
335 if ($awarded == $points)
336 {
337 if ($awarded == "0")
338 {
339 if ($when < "2006-09-01")
340 {
341 $tdstyle="style='background-color: #ffff80'";
342 $emopen="<em>";
343 $emclose="</em>";
344 }
345 }
346 }
347 ?>
348 <tr>
349 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
350 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
351 <?
352 if ($support == 1)
353 {
354 ?>
355 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
356 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
357 <?
358 }
359 ?>
360 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
361 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
362 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
363 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
364 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
365 <?
366 if ($support == 1)
367 {
368 if ($revoked == true)
369 {
370 ?>
371 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
372 <?
373 } else {
374 ?>
375 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
376 <?
377 }
378 }
379 ?>
380 </tr>
381 <?
382 }
383
384 function output_summary_header()
385 {
386 ?>
387 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
388 <tr>
389 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
390 </tr>
391 <tr>
392 <td class="DataTD"><strong><?=_("Description")?></strong></td>
393 <td class="DataTD"><strong><?=_("Points")?></strong></td>
394 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
395 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
396 </tr>
397 <?
398 }
399
400 function output_summary_footer()
401 {
402 ?>
403 </table>
404 <br/>
405 <?
406 }
407
408 function output_summary_row($title,$points,$points_countable,$remark)
409 {
410 ?>
411 <tr>
412 <td class="DataTD"><strong><?=$title?></strong></td>
413 <td class="DataTD"><?=$points?></td>
414 <td class="DataTD"><?=$points_countable?></td>
415 <td class="DataTD"><?=$remark?></td>
416 </tr>
417 <?
418 }
419
420
421 // ************* output given assurances ******************
422
423 /**
424 * Helper function to render assurances given by the user
425 * @param int $userid
426 * @param int& $points - [out] sum of given points
427 * @param int& $sum_experience - [out] sum of experience points gained
428 * @param int $support - set to 1 if the output is for the support interface
429 * @param string $ticketno - the ticket number set in the support interface
430 */
431 function output_given_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
432 {
433 $points = 0;
434 $sumexperience = 0;
435 $res = get_given_assurances(intval($userid));
436 while($row = mysql_fetch_assoc($res))
437 {
438 $fromuser = get_user (intval($row['to']));
439 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
440 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
441 $email = show_email_link ($fromuser['email'],intval($row['to']));
442 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
443 }
444 }
445
446 // ************* output received assurances ******************
447
448 /**
449 * Helper function to render assurances received by the user
450 * @param int $userid
451 * @param int& $points - [out] sum of received points
452 * @param int& $sum_experience - [out] sum of experience points the assurers gained
453 * @param int $support - set to 1 if the output is for the support interface
454 * @param string $ticketno - the ticket number set in the support interface
455 */
456 function output_received_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
457 {
458 $points = 0;
459 $sumexperience = 0;
460 $res = get_received_assurances(intval($userid));
461 while($row = mysql_fetch_assoc($res))
462 {
463 $fromuser = get_user (intval($row['from']));
464 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
465 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
466 $email = show_email_link ($fromuser['email'],intval($row['from']));
467 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
468 }
469 }
470
471 // ************* output summary table ******************
472
473 function check_date_limit ($userid,$age)
474 {
475 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
476 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
477 return intval(query_get_number_of_rows($res));
478 }
479
480 function calc_points($row)
481 {
482 $awarded = intval($row['awarded']);
483 if ($awarded == "")
484 $awarded = 0;
485 if (intval($row['points']) < $awarded)
486 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
487 else
488 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
489 switch ($row['method'])
490 {
491 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
492 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
493 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
494 $points = 0;
495 break;
496 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
497 if ($points <= 2) // maybe limit to 35/50 pts in the future?
498 $points = 0;
499 break;
500 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
501 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
502 case 'TTP-Assisted': // TTP assurances, limit to 35
503 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
504 case '': // to be revoked in the future? limit to max 50 pts?
505 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
506 break;
507 default: // should never happen ... ;-)
508 $points = 0;
509 }
510 if ($points < 0) // ignore negative points (bug needs to be fixed)
511 $points = 0;
512 return $points;
513 }
514
515 function max_points($userid)
516 {
517 return output_summary_content ($userid,0);
518 }
519
520 function output_summary_content($userid,$display_output)
521 {
522 $sum_points = 0;
523 $sum_experience = 0;
524 $sum_experience_other = 0;
525 $max_points = 100;
526 $max_experience = 50;
527
528 $experience_limit_reached_txt = _("Limit reached");
529
530 if (check_date_limit($userid,18) != 1)
531 {
532 $max_experience = 10;
533 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
534 }
535 if (check_date_limit($userid,14) != 1)
536 {
537 $max_experience = 0;
538 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
539 }
540
541 $res = get_received_assurances_summary($userid);
542 while($row = mysql_fetch_assoc($res))
543 {
544 $points = calc_points ($row);
545
546 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
547 {
548 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
549 $points = $max_points;
550 }
551 $sum_points += $points*intval($row['number']);
552 }
553
554 $res = get_given_assurances_summary($userid);
555 while($row = mysql_fetch_assoc($res))
556 {
557 switch ($row['method'])
558 {
559 case 'Face to Face Meeting': // count Face to Face only
560 $sum_experience += 2*intval($row['number']);
561 break;
562 }
563
564 }
565
566 if ($sum_points > $max_points)
567 {
568 $sum_points_countable = $max_points;
569 $remark_points = _("Limit reached");
570 }
571 else
572 {
573 $sum_points_countable = $sum_points;
574 $remark_points = "&nbsp;";
575 }
576 if ($sum_experience > $max_experience)
577 {
578 $sum_experience_countable = $max_experience;
579 $remark_experience = $experience_limit_reached_txt;
580 }
581 else
582 {
583 $sum_experience_countable = $sum_experience;
584 $remark_experience = "&nbsp;";
585 }
586
587 if ($sum_experience_countable + $sum_experience_other > $max_experience)
588 {
589 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
590 $remark_experience_other = $experience_limit_reached_txt;
591 }
592 else
593 {
594 $sum_experience_other_countable = $sum_experience_other;
595 $remark_experience_other = "&nbsp;";
596 }
597
598 if ($sum_points_countable < $max_points)
599 {
600 if ($sum_experience_countable != 0)
601 $remark_experience = _("Points on hold due to less assurance points");
602 $sum_experience_countable = 0;
603 if ($sum_experience_other_countable != 0)
604 $remark_experience_other = _("Points on hold due to less assurance points");
605 $sum_experience_other_countable = 0;
606 }
607
608 $issue_points = 0;
609 $cats_test_passed = get_cats_state ($userid);
610 if ($cats_test_passed == 0)
611 {
612 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
613 if ($sum_points_countable < $max_points)
614 {
615 $issue_points_txt = "<strong style='color: red'>";
616 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
617 $issue_points_txt .= "</strong>";
618 }
619 }
620 else
621 {
622 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
623 $issue_points_txt = "";
624 if ($sum_points_countable == $max_points)
625 $issue_points = 10;
626 if ($experience_total >= 10)
627 $issue_points = 15;
628 if ($experience_total >= 20)
629 $issue_points = 20;
630 if ($experience_total >= 30)
631 $issue_points = 25;
632 if ($experience_total >= 40)
633 $issue_points = 30;
634 if ($experience_total >= 50)
635 $issue_points = 35;
636 if ($issue_points != 0)
637 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
638 }
639 if ($display_output)
640 {
641 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
642 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
643 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
644 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
645 }
646 return $issue_points;
647 }
648
649 /**
650 * Render assurances given by the user
651 * @param int $userid
652 * @param int $support - set to 1 if the output is for the support interface
653 * @param string $ticketno - the ticket number set in the support interface
654 */
655 function output_given_assurances($userid, $support=0, $ticketno='')
656 {
657 output_assurances_header(_("Assurance Points You Issued"),$support);
658 output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
659 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
660 }
661
662 /**
663 * Render assurances received by the user
664 * @param int $userid
665 * @param int $support - set to 1 if the output is for the support interface
666 * @param string $ticketno - the ticket number set in the support interface
667 */
668 function output_received_assurances($userid,$support=0, $ticketno='')
669 {
670 output_assurances_header(_("Your Assurance Points"),$support);
671 output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
672 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
673 }
674
675 function output_summary($userid)
676 {
677 output_summary_header();
678 output_summary_content($userid,1);
679 output_summary_footer();
680 }
681
682 function output_end_of_page()
683 {
684 ?>
685 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
686 <?
687 }
688
689 //functions to do with recording user agreements
690 /**
691 * write_user_agreement()
692 * writes a new record to the table user_agreement
693 *
694 * @param mixed $memid
695 * @param mixed $document
696 * @param mixed $method
697 * @param mixed $comment
698 * @param integer $active
699 * @param integer $secmemid
700 * @return
701 */
702 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
703 // write a new record to the table user_agreement
704 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
705 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
706 $res = mysql_query($query);
707 }
708
709 /**
710 * get_user_agreement_status()
711 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
712 * @param mixed $memid
713 * @param string $type
714 * @return
715 */
716 function get_user_agreement_status($memid, $type="CCA"){
717 $query="SELECT u.`document` FROM `user_agreements` u
718 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
719 $res = mysql_query($query);
720 if(mysql_num_rows($res) <=0){
721 return 0;
722 }else{
723 return 1;
724 }
725 }
726
727 /**
728 * Get the first user_agreement entry of the requested type
729 * @param int $memid
730 * @param string $type - the type of user agreement, by default all
731 * agreements are listed
732 * @param int $active - whether to get active or passive agreements:
733 * 0 := passive
734 * 1 := active
735 * null := both
736 * @return array(string=>mixed) - an associative array containing
737 * 'document', 'date', 'method', 'comment', 'active'
738 */
739 function get_first_user_agreement($memid, $type=null, $active=null){
740 $filter = '';
741 if (!is_null($type)) {
742 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
743 }
744
745 if (!is_null($active)) {
746 $filter .= " AND u.`active` = ".intval($active);
747 }
748
749 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
750 WHERE u.`memid`=".intval($memid)."
751 $filter
752 ORDER BY u.`date` LIMIT 1";
753 $res = mysql_query($query);
754 if(mysql_num_rows($res) >0){
755 $rec = mysql_fetch_assoc($res);
756 }else{
757 $rec=array();
758 }
759 return $rec;
760 }
761
762 /**
763 * Get the last user_agreement entry of the requested type
764 * @param int $memid
765 * @param string $type - the type of user agreement, by default all
766 * agreements are listed
767 * @param int $active - whether to get active or passive agreements:
768 * 0 := passive,
769 * 1 := active,
770 * null := both
771 * @return array(string=>mixed) - an associative array containing
772 * 'document', 'date', 'method', 'comment', 'active'
773 */
774 function get_last_user_agreement($memid, $type=null, $active=null){
775 $filter = '';
776 if (!is_null($type)) {
777 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
778 }
779
780 if (!is_null($active)) {
781 $filter .= " AND u.`active` = ".intval($active);
782 }
783
784 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
785 WHERE u.`memid`=".intval($memid)."
786 $filter
787 ORDER BY u.`date` DESC LIMIT 1";
788 $res = mysql_query($query);
789 if(mysql_num_rows($res) >0){
790 $rec = mysql_fetch_assoc($res);
791 }else{
792 $rec=array();
793 }
794 return $rec;
795 }
796
797 /**
798 * Get the all user_agreement entries of the requested type
799 * @param int $memid
800 * @param string $type - the type of user agreement, by default all
801 * agreements are listed
802 * @param int $active - whether to get an active or passive agreements:
803 * 0 := passive,
804 * 1 := active,
805 * null := both
806 * @return resource - a mysql result set containing all agreements
807 */
808 function get_user_agreements($memid, $type=null, $active=null){
809 $filter = '';
810 if (!is_null($type)) {
811 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
812 }
813
814 if (!is_null($active)) {
815 $filter .= " AND u.`active` = ".intval($active);
816 }
817
818 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
819 WHERE u.`memid`=".intval($memid)."
820 $filter
821 ORDER BY u.`date`";
822 return mysql_query($query);
823 }
824
825 /**
826 * delete_user_agreement()
827 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
828 * @param mixed $memid
829 * @param string $type
830 * @return
831 */
832 function delete_user_agreement($memid, $type=false){
833 if ($type === false) {
834 $filter = '';
835 } else {
836 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
837 }
838 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
839 }
840
841 // functions for 6.php (assure somebody)
842
843 function AssureHead($confirmation,$checkname)
844 {
845 ?>
846 <form method="post" action="wot.php">
847 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
848 <tr>
849 <td colspan="2" class="title"><?=$confirmation?></td>
850 </tr>
851 <tr>
852 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
853 </tr>
854 <?
855 }
856
857 function AssureTextLine($field1,$field2)
858 {
859 ?>
860 <tr>
861 <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
862 <td class="DataTD"><?=$field2?></td>
863 </tr>
864 <?
865 }
866
867 function AssureBoxLine($type,$text,$checked)
868 {
869 ?>
870 <tr>
871 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
872 <td class="DataTD"><?=$text?></td>
873 </tr>
874 <?
875 }
876
877 function AssureMethodLine($text,$methods,$remark)
878 {
879 if (count($methods) != 1) {
880 ?>
881 <tr>
882 <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
883 <td class="DataTD">
884 <select name="method">
885 <?
886 foreach($methods as $val) {
887 ?>
888 <option value="<?=$val?>"><?=$val?></option>
889 <?
890 }
891 ?>
892 </select>
893 <br />
894 <?=$remark?>
895 </td>
896 </tr>
897 <?
898 } else {
899 ?>
900 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
901 <?
902 }
903 }
904
905 function AssureInboxLine($type,$field,$value,$description)
906 {
907 ?>
908 <tr>
909 <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
910 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
911 </tr>
912 <?
913 }
914
915 function AssureFoot($oldid,$confirm)
916 {
917 ?>
918 <tr>
919 <td class="DataTD" colspan="2">
920 <input type="submit" name="process" value="<?=$confirm?>" />
921 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
922 </td>
923 </tr>
924 </table>
925 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
926 <input type="hidden" name="oldid" value="<?=$oldid?>" />
927 </form>
928 <?
929 }
930
931 function account_email_delete($mailid){
932 //deletes an email entry from an acount
933 //revolkes all certifcates for that email address
934 //called from www/account.php if($process != "" && $oldid == 2)
935 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
936 //called from account_delete
937 $mailid = intval($mailid);
938 revoke_all_client_cert($mailid);
939 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
940 mysql_query($query);
941 }
942
943 function account_domain_delete($domainid){
944 //deletes an domain entry from an acount
945 //revolkes all certifcates for that domain address
946 //called from www/account.php if($process != "" && $oldid == 9)
947 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
948 //called from account_delete
949 $domainid = intval($domainid);
950 revoke_all_server_cert($domainid);
951 mysql_query(
952 "update `domains`
953 set `deleted`=NOW()
954 where `id` = '$domainid'");
955 }
956
957 function account_delete($id, $arbno, $adminid){
958 //deletes an account following the deleted account routnie V3
959 // called from www/account.php if($oldid == 50 && $process != "")
960 //change password
961 $id = intval($id);
962 $arbno = mysql_real_escape_string($arbno);
963 $adminid = intval($adminid);
964 $pool = 'abcdefghijklmnopqrstuvwxyz';
965 $pool .= '0123456789!()ยง';
966 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
967 srand ((double)microtime()*1000000);
968 $password="";
969 for($index = 0; $index < 30; $index++)
970 {
971 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
972 }
973 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
974
975 //create new mail for arbitration number
976 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
977 mysql_query($query);
978 $emailid = mysql_insert_id();
979
980 //set new mail as default
981 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
982 mysql_query($query);
983
984 //delete all other email address
985 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
986 $res=mysql_query($query);
987 while($row = mysql_fetch_assoc($res)){
988 account_email_delete($row['id']);
989 }
990
991 //delete all domains
992 $query = "select `id` from `domains` where `memid`='".$id."'";
993 $res=mysql_query($query);
994 while($row = mysql_fetch_assoc($res)){
995 account_domain_delete($row['id']);
996 }
997
998 //clear alert settings
999 mysql_query(
1000 "update `alerts` set
1001 `general`='0',
1002 `country`='0',
1003 `regional`='0',
1004 `radius`='0'
1005 where `memid`='$id'");
1006
1007 //set default location
1008 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1009 mysql_query($query);
1010
1011 //clear listings
1012 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1013 mysql_query($query);
1014
1015 //set lanuage to default
1016 //set default language
1017 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1018 //delete secondary langugaes
1019 mysql_query("delete from `addlang` where `userid`='".$id."'");
1020
1021 //change secret questions
1022 for($i=1;$i<=5;$i++){
1023 $q="";
1024 $a="";
1025 for($index = 0; $index < 30; $index++)
1026 {
1027 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1028 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1029 }
1030 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1031 mysql_query($query);
1032 }
1033
1034 //change personal information to arbitration number and DOB=1900-01-01
1035 $query = "update `users` set `fname`='".$arbno."',
1036 `mname`='".$arbno."',
1037 `lname`='".$arbno."',
1038 `suffix`='".$arbno."',
1039 `dob`='1900-01-01'
1040 where `id`='".$id."'";
1041 mysql_query($query);
1042
1043 //clear all admin and board flags
1044 mysql_query(
1045 "update `users` set
1046 `assurer`='0',
1047 `assurer_blocked`='0',
1048 `codesign`='0',
1049 `orgadmin`='0',
1050 `ttpadmin`='0',
1051 `locadmin`='0',
1052 `admin`='0',
1053 `adadmin`='0',
1054 `tverify`='0',
1055 `board`='0'
1056 where `id`='$id'");
1057
1058 //block account
1059 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1060 }
1061
1062
1063 function check_email_exists($email){
1064 // called from includes/account.php if($process != "" && $oldid == 1)
1065 // called from includes/account.php if($oldid == 50 && $process != "")
1066 $email = mysql_real_escape_string($email);
1067 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1068 $res = mysql_query($query);
1069 return mysql_num_rows($res) > 0;
1070 }
1071
1072 function check_gpg_cert_running($uid,$cca=0){
1073 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1074 // called from includes/account.php if($oldid == 50 && $process != "")
1075 $uid = intval($uid);
1076 if (0==$cca) {
1077 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1078 }else{
1079 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1080 }
1081 $res = mysql_query($query);
1082 return mysql_num_rows($res) > 0;
1083 }
1084
1085 function check_client_cert_running($uid,$cca=0){
1086 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1087 // called from includes/account.php if($oldid == 50 && $process != "")
1088 $uid = intval($uid);
1089 if (0==$cca) {
1090 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1091 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1092 }else{
1093 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1094 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1095 }
1096 $res = mysql_query($query1);
1097 $r1 = mysql_num_rows($res)>0;
1098 $res = mysql_query($query2);
1099 $r2 = mysql_num_rows($res)>0;
1100 return !!($r1 || $r2);
1101 }
1102
1103 function check_server_cert_running($uid,$cca=0){
1104 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1105 // called from includes/account.php if($oldid == 50 && $process != "")
1106 $uid = intval($uid);
1107 if (0==$cca) {
1108 $query1 = "
1109 select 1 from `domaincerts` join `domains`
1110 on `domaincerts`.`domid` = `domains`.`id`
1111 where `domains`.`memid` = '$uid'
1112 and `domaincerts`.`expire` > NOW()
1113 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1114 $query2 = "
1115 select 1 from `domaincerts` join `domains`
1116 on `domaincerts`.`domid` = `domains`.`id`
1117 where `domains`.`memid` = '$uid'
1118 and `revoked`>NOW()";
1119 }else{
1120 $query1 = "
1121 select 1 from `domaincerts` join `domains`
1122 on `domaincerts`.`domid` = `domains`.`id`
1123 where `domains`.`memid` = '$uid'
1124 and `expire`>(NOW()-90*86400)
1125 and `revoked`<`created`";
1126 $query2 = "
1127 select 1 from `domaincerts` join `domains`
1128 on `domaincerts`.`domid` = `domains`.`id`
1129 where `domains`.`memid` = '$uid'
1130 and `revoked`>(NOW()-90*86400)";
1131 }
1132 $res = mysql_query($query1);
1133 $r1 = mysql_num_rows($res)>0;
1134 $res = mysql_query($query2);
1135 $r2 = mysql_num_rows($res)>0;
1136 return !!($r1 || $r2);
1137 }
1138
1139 function check_is_orgadmin($uid){
1140 // called from includes/account.php if($oldid == 50 && $process != "")
1141 $uid = intval($uid);
1142 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1143 $res = mysql_query($query);
1144 return mysql_num_rows($res) > 0;
1145 }
1146
1147
1148 // revokation of certificates
1149 function revoke_all_client_cert($mailid){
1150 //revokes all client certificates for an email address
1151 $mailid = intval($mailid);
1152 $query = "select `emailcerts`.`id`
1153 from `emaillink`,`emailcerts` where
1154 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1155 group by `emailcerts`.`id`";
1156 $dres = mysql_query($query);
1157 while($drow = mysql_fetch_assoc($dres)){
1158 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1159 }
1160 }
1161
1162 function revoke_all_server_cert($domainid){
1163 //revokes all server certs for an domain
1164 $domainid = intval($domainid);
1165 $query =
1166 "select `domaincerts`.`id`
1167 from `domaincerts`
1168 where `domaincerts`.`domid` = '$domainid'
1169 union distinct
1170 select `domaincerts`.`id`
1171 from `domaincerts`, `domlink`
1172 where `domaincerts`.`id` = `domlink`.`certid`
1173 and `domlink`.`domid` = '$domainid'";
1174 $dres = mysql_query($query);
1175 while($drow = mysql_fetch_assoc($dres))
1176 {
1177 mysql_query(
1178 "update `domaincerts`
1179 set `revoked`='1970-01-01 10:00:01'
1180 where `id` = '".$drow['id']."'
1181 and `revoked` = 0");
1182 }
1183 }
1184
1185 function revoke_all_private_cert($uid){
1186 //revokes all certificates linked to a personal accounts
1187 //gpg revokation needs to be added to a later point
1188 $uid=intval($uid);
1189 $query = "select `id` from `email` where `memid`='".$uid."'";
1190 $res=mysql_query($query);
1191 while($row = mysql_fetch_assoc($res)){
1192 revoke_all_client_cert($row['id']);
1193 }
1194
1195
1196 $query = "select `id` from `domains` where `memid`='".$uid."'";
1197 $res=mysql_query($query);
1198 while($row = mysql_fetch_assoc($res)){
1199 revoke_all_server_cert($row['id']);
1200 }
1201 }
1202
1203 /**
1204 * check_date_format()
1205 * checks if the date is entered in the right date format YYYY-MM-DD and
1206 * if the date is after the 1st January of the given year
1207 *
1208 * @param mixed $date
1209 * @param integer $year
1210 * @return
1211 */
1212 function check_date_format($date, $year=2000){
1213 if (!strpos($date,'-')) {
1214 return FALSE;
1215 }
1216 $arr=explode('-',$date);
1217
1218 if ((count($arr)!=3)) {
1219 return FALSE;
1220 }
1221 if (intval($arr[0])<=$year) {
1222 return FALSE;
1223 }
1224 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1225 return FALSE;
1226 }
1227 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1228 return FALSE;
1229 }
1230
1231 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1232
1233 }
1234
1235 /**
1236 * check_date_difference()
1237 * returns false if the date is larger then today + time diffrence
1238 *
1239 * @param mixed $date
1240 * @param integer $diff
1241 * @return
1242 */
1243 function check_date_difference($date, $diff=1){
1244 return (strtotime($date)<=time()+$diff*86400);
1245 }
1246
1247 /**
1248 * Write some information to the adminlog
1249 *
1250 * @param int $uid - id of the user account
1251 * @param int $adminid - id of the admin
1252 * @param string $type - the operation that was performed on the user account
1253 * @param string $info - the ticket / arbitration number or other information
1254 * @return bool - true := success, false := error
1255 */
1256 function write_se_log($uid, $adminid, $type, $info){
1257 //records all support engineer actions changing a user account
1258 $uid = intval($uid);
1259 $adminid = intval($adminid);
1260 $type = mysql_real_escape_string($type);
1261 $info = mysql_real_escape_string($info);
1262 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1263 (Now(), $uid, $adminid, '$type', '$info')";
1264 return mysql_query($query);
1265 }
1266
1267 /**
1268 * Check if the entered information is a valid ticket or arbitration number
1269 * @param string $ticketno
1270 * @return bool
1271 */
1272 function valid_ticket_number($ticketno){
1273 //a arbitration case
1274 //d dispute action
1275 //s support case
1276 //m board motion
1277 $pattern='/[adsmADSM]\d{8}\./';
1278 if (preg_match($pattern, $ticketno)) {
1279 return true;
1280 }
1281 return false;
1282 }
1283
1284 // function for handling account/43.php
1285 /**
1286 * Get all data of an account given by the id from the `users` table
1287 * @param int $userid - account id
1288 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1289 * @return resource - a mysql result set
1290 */
1291 function get_user_data($userid, $deleted=0){
1292 $userid = intval($userid);
1293 $filter='';
1294 if (0==$deleted) {
1295 $filter .=' and `users`.`deleted`=0';
1296 }
1297 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1298 return mysql_query($query);
1299 }
1300
1301 /**
1302 * Get the alert settings for a user
1303 * @param int $userid for the requested account
1304 * @return array - associative array
1305 */
1306 function get_alerts($userid){
1307 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1308 }
1309
1310 /**
1311 * Get all email addresses linked to the account
1312 * @param int $userid
1313 * @param string $exclude - if given the email address will be excluded
1314 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1315 * @return resource - a mysql result set
1316 */
1317 function get_email_addresses($userid, $exclude, $deleted=0){
1318 //should be entered in account/2.php
1319 $userid = intval($userid);
1320 $filter='';
1321 if (0==$deleted) {
1322 $filter .= ' and `deleted`=0';
1323 }
1324 if ($exclude) {
1325 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1326 }
1327 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1328 return mysql_query($query);
1329 }
1330
1331 /**
1332 * Get all domains linked to the account
1333 * @param int $userid
1334 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1335 * @return resource - a mysql result set
1336 */
1337 function get_domains($userid, $deleted=0){
1338 //should be entered in account/9.php
1339 $userid = intval($userid);
1340 $filter='';
1341 if (0==$deleted) {
1342 $filter .= ' and `deleted`=0';
1343 }
1344 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1345 return mysql_query($query);
1346 }
1347
1348 /**
1349 * Get all training results for the account
1350 * @param int $userid
1351 * @return resource - a mysql result set
1352 */
1353 function get_training_results($userid){
1354 //should be entered in account/55.php
1355 $userid = intval($userid);
1356 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1357 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1358 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1359 " ORDER BY `CP`.`pass_date`";
1360 return mysql_query($query);
1361 }
1362
1363 /**
1364 * Get all SE log entries for the account
1365 * @param int $userid
1366 * @return resource - a mysql result set
1367 */
1368 function get_se_log($userid){
1369 $userid = intval($userid);
1370 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1371 FROM `adminlog`, `users`
1372 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1373 ORDER BY `adminlog`.`when`";
1374 return mysql_query($query);
1375 }
1376
1377 /**
1378 * Get all client certificates linked to the account
1379 * @param int $userid
1380 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1381 * @return resource - a mysql result set
1382 */
1383 function get_client_certs($userid, $viewall=0){
1384 //add to account/5.php
1385 $userid = intval($userid);
1386 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1387 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1388 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1389 `emailcerts`.`expire`,
1390 `emailcerts`.`revoked` as `revoke`,
1391 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1392 `emailcerts`.`id`,
1393 `emailcerts`.`CN`,
1394 `emailcerts`.`serial`,
1395 `emailcerts`.`disablelogin`,
1396 `emailcerts`.`description`
1397 from `emailcerts`
1398 where `emailcerts`.`memid`='".$userid."'";
1399 if($viewall == 0)
1400 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1401 $query .= " HAVING `timeleft` > 0";
1402 $query .= " ORDER BY `emailcerts`.`modified` desc";
1403 return mysql_query($query);
1404 }
1405
1406 /**
1407 * Get all server certs linked to the account
1408 * @param int $userid
1409 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1410 * @return resource - a mysql result set
1411 */
1412 function get_server_certs($userid, $viewall=0){
1413 //add to account/12.php
1414 $userid = intval($userid);
1415 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1416 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1417 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1418 `domaincerts`.`expire`,
1419 `domaincerts`.`revoked` as `revoke`,
1420 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1421 `domaincerts`.`CN`,
1422 `domaincerts`.`serial`,
1423 `domaincerts`.`id`,
1424 `domaincerts`.`description`
1425 from `domaincerts`,`domains`
1426 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1427 if($viewall == 0)
1428 {
1429 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1430 $query .= " HAVING `timeleft` > 0";
1431 }
1432 $query .= " ORDER BY `domaincerts`.`modified` desc";
1433 return mysql_query($query);
1434 }
1435
1436 /**
1437 * Get all gpg certs linked to the account
1438 * @param int $userid
1439 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1440 * @return resource - a mysql result set
1441 */
1442 function get_gpg_certs($userid, $viewall=0){
1443 //add to gpg/2.php
1444 $userid = intval($userid);
1445 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1446 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1447 UNIX_TIMESTAMP(`expire`) as `expired`,
1448 `expire`, `id`, `level`, `email`, `keyid`, `description`
1449 from `gpg` where `memid`='".$userid."'";
1450 if ($viewall == 0) {
1451 $query .= " HAVING `timeleft` > 0";
1452 }
1453 $query .= " ORDER BY `issued` desc";
1454 return mysql_query($query);
1455 }
1456
1457
1458
1459 /**
1460 * Show the table header to the email table for the admin log
1461 */
1462 function output_log_email_header(){
1463 ?>
1464 <tr>
1465 <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
1466 <td class="DataTD bold"><?= _("Created") ?></td>
1467 <td class="DataTD bold"><?= _("Deleted") ?></td>
1468 </tr>
1469
1470 <?
1471 }
1472 /**
1473 * Show all email data for the admin log
1474 * @param array $row - associative array containing the column data
1475 * @param string $primary - if given the primary address is highlighted
1476 */
1477 function output_log_email($row, $primary){
1478 $primaryemailaddress='';
1479 $deletedemailaddress='';
1480 if ($row['deleted'] !== NULL_DATETIME) {
1481 $deletedemailaddress=' deletedemailaddress';
1482 }
1483 if ($primary==$row['email'] && $row['deleted'] === NULL_DATETIME) {
1484 $primaryemailaddress= ' primaryemailaddress';
1485 }
1486 ?>
1487 <tr>
1488 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['email']?></td>
1489 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['created']?></td>
1490 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['deleted']?></td>
1491 </tr>
1492 <?
1493 }
1494
1495 /**
1496 * Show the table header to the domains table for the admin log
1497 */
1498 function output_log_domains_header(){
1499 ?>
1500 <tr>
1501 <td class="DataTD bold"><?= _("Domain") ?></td>
1502 <td class="DataTD bold"><?= _("Created") ?></td>
1503 <td class="DataTD bold"><?= _("Deleted") ?></td>
1504 </tr>
1505
1506 <?
1507 }
1508
1509 /**
1510 * Show the domain data for the admin log
1511 * @param array $row - associative array containing the column data
1512 */
1513 function output_log_domains($row){
1514 $italic='';
1515 if ($row['deleted'] !== NULL_DATETIME) {
1516 $italic=' italic';
1517 }
1518 ?>
1519 <tr>
1520 <td class="DataTD<? $italic ?>"><?=$row['domain']?></td>
1521 <td class="DataTD<? $italic ?>"><?=$row['created']?></td>
1522 <td class="DataTD<? $italic ?>"><?=$row['deleted']?></td>
1523 </tr>
1524 <?
1525 }
1526
1527 /**
1528 * Show the table header to the user agreement table for the admin log
1529 */
1530 function output_log_agreement_header(){
1531 ?>
1532 <tr>
1533 <td class="DataTD bold"><?= _("Agreement") ?></td>
1534 <td class="DataTD bold"><?= _("Date") ?></td>
1535 <td class="DataTD bold"><?= _("Method") ?></td>
1536 <td class="DataTD bold"><?= _("Active ") ?></td>
1537 </tr>
1538 <?
1539 }
1540
1541 /**
1542 * Show the agreement data for the admin log
1543 * @param array $row - associative array containing the column data
1544 */
1545 function output_log_agreement($row){
1546 ?>
1547 <tr>
1548 <td class="DataTD" ><?=$row['document']?></td>
1549 <td class="DataTD" ><?=$row['date']?></td>
1550 <td class="DataTD" ><?=$row['method']?></td>
1551 <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
1552 </tr>
1553 <?
1554 }
1555
1556 /**
1557 * Show the table header to the training table
1558 */
1559 function output_log_training_header(){
1560 //should be entered in account/55.php
1561 ?>
1562 <tr>
1563 <td class="DataTD bold"><?= _("Agreement") ?></td>
1564 <td class="DataTD bold"><?= _("Test") ?></td>
1565 <td class="DataTD bold"><?= _("Variant") ?></td>
1566 </tr>
1567 <?
1568 }
1569
1570 /**
1571 * Show the training data
1572 * @param array $row - associative array containing the column data
1573 */
1574 function output_log_training($row){
1575 //should be entered in account/55.php
1576 ?>
1577 <tr>
1578 <td class="DataTD"><?=$row['pass_date']?></td>
1579 <td class="DataTD"><?=$row['type_text']?></td>
1580 <td class="DataTD"><?=$row['test_text']?></td>
1581 </tr>
1582 <?
1583 }
1584
1585 /**
1586 * Show the table header to the SE log table for the admin log
1587 * @param int $support - if support = 1 more information is visible
1588 */
1589 function output_log_se_header($support=0){
1590 ?>
1591 <tr>
1592 <td class="DataTD bold"><?= _("Date") ?></td>
1593 <td class="DataTD bold"><?= _("Type") ?></td>
1594 <?
1595 if (1 == $support) {
1596 ?>
1597 <td class="DataTD bold"><?= _("Information") ?></td>
1598 <td class="DataTD bold"><?= _("Admin") ?></td>
1599 <?
1600 }
1601 ?>
1602 </tr>
1603 <?
1604 }
1605
1606 /**
1607 * Show the SE log data for the admin log
1608 * @param array $row - associative array containing the column data
1609 * @param int $support - if support = 1 more information is visible
1610 */
1611 function output_log_se($row, $support=0){
1612 //should be entered in account/55.php
1613 ?>
1614 <tr>
1615 <td class="DataTD"><?=$row['when']?></td>
1616 <td class="DataTD"><?=$row['type']?></td>
1617 <?
1618 if (1 == $support) {
1619 ?>
1620 <td class="DataTD"><?=$row['information']?></td>
1621 <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
1622 <?
1623 }
1624 ?>
1625 </tr>
1626 <?
1627 }
1628
1629 /**
1630 * Shows the table header to the client cert table
1631 * @param int $support - if support = 1 some columns ar not visible
1632 */
1633 function output_client_cert_header($support=0){
1634 //should be added to account/5.php
1635 ?>
1636 <tr>
1637 <?
1638 if (1 != $support) {
1639 ?>
1640 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1641 <?
1642 }
1643 ?>
1644 <td class="DataTD"><?=_("Status")?></td>
1645 <td class="DataTD"><?=_("Email Address")?></td>
1646 <td class="DataTD"><?=_("SerialNumber")?></td>
1647 <td class="DataTD"><?=_("Revoked")?></td>
1648 <td class="DataTD"><?=_("Expires")?></td>
1649 <td class="DataTD"><?=_("Login")?></td>
1650 <?
1651 if (1 != $support) {
1652 ?>
1653 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1654 <?
1655 }
1656 ?>
1657 </tr>
1658 <?
1659 }
1660
1661 /**
1662 * Show the client cert data
1663 * @param array $row - associative array containing the column data
1664 * @param int $support - if support = 1 some columns are not visible
1665 */
1666 function output_client_cert($row, $support=0){
1667 //should be entered in account/5.php
1668 $verified="";
1669 if($row['timeleft'] > 0)
1670 $verified = _("Valid");
1671 if($row['timeleft'] <= 0)
1672 $verified = _("Expired");
1673 if($row['expired'] == 0)
1674 $verified = _("Pending");
1675 if($row['revoked'] > 0)
1676 $verified = _("Revoked");
1677 if($row['revoked'] == 0)
1678 $row['revoke'] = _("Not Revoked");
1679 ?>
1680 <tr>
1681 <?
1682 if ($verified == _("Pending")) {
1683 if (1 != $support) {
1684 ?>
1685 <td class="DataTD">
1686 <input type="checkbox" name="delid[]" value="<?=$row['id']?>">
1687 </td>
1688 <?
1689 }
1690
1691 ?>
1692 <td class="DataTD"><?=$verified?></td>
1693 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1694 <?
1695
1696 } elseif ($verified == _("Revoked")) {
1697 if (1 != $support) {
1698 ?>
1699 <td class="DataTD">&nbsp;</td>
1700 <?
1701 }
1702
1703 ?>
1704 <td class="DataTD"><?=$verified?></td>
1705 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1706 <?
1707
1708 } else {
1709 if (1 != $support) {
1710 ?>
1711 <td class="DataTD">
1712 <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>">
1713 </td>
1714 <?
1715 }
1716
1717 ?>
1718 <td class="DataTD"><?=$verified?></td>
1719 <?
1720
1721 if (1 != $support) {
1722 ?>
1723 <td class="DataTD">
1724 <a href="account.php?id=6&amp;cert=<?=$row['id']?>">
1725 <?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?>
1726 </a>
1727 </td>
1728 <?
1729 } else {
1730 ?>
1731 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1732 <?
1733 }
1734 }
1735
1736 ?>
1737 <td class="DataTD"><?=$row['serial']?></td>
1738 <td class="DataTD"><?=$row['revoke']?></td>
1739 <td class="DataTD"><?=$row['expire']?></td>
1740 <?
1741
1742 if (1 != $support) {
1743 ?>
1744 <td class="DataTD">
1745 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
1746 <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
1747 </td>
1748 <?
1749 } else {
1750 ?>
1751 <td class="DataTD">
1752 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> DISABLED/>
1753 </td>
1754 <?
1755 }
1756
1757 if (1 != $support) {
1758 ?>
1759 <td class="DataTD">
1760 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1761 </td>
1762 <td class="DataTD">
1763 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1764 </td>
1765 <?
1766 }
1767
1768 ?>
1769 </tr>
1770 <?
1771 }
1772
1773 /**
1774 * output_log_server_certs_header()
1775 * shows the table header to the server cert table
1776 * @param integer $support - if support = 1 some columns ar not visible
1777 * @return
1778 */
1779 function output_log_server_certs_header($support=0){
1780 //should be entered in account/12.php
1781 ?>
1782 <tr>
1783 <?if ($support !=1) { ?>
1784 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1785 <? } ?>
1786 <td class="DataTD"><?=_("Status")?></td>
1787 <td class="DataTD"><?=_("CommonName")?></td>
1788 <td class="DataTD"><?=_("SerialNumber")?></td>
1789 <td class="DataTD"><?=_("Revoked")?></td>
1790 <td class="DataTD"><?=_("Expires")?></td>
1791 <?if ($support !=1) { ?>
1792 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1793 <? } ?>
1794 </tr>
1795 <?
1796 }
1797
1798 /**
1799 * output_log_server_certs()
1800 * show the server cert data
1801 * @param mixed $row - sql-query array
1802 * @param integer $support - if support = 1 some columns are not visible
1803 * @return
1804 */
1805 function output_log_server_certs($row, $support=0){
1806 //should be entered in account/12.php
1807 if($row['timeleft'] > 0)
1808 $verified = _("Valid");
1809 if($row['timeleft'] < 0)
1810 $verified = _("Expired");
1811 if($row['expired'] == 0)
1812 $verified = _("Pending");
1813 if($row['revoked'] > 0)
1814 $verified = _("Revoked");
1815 if($row['revoked'] == 0)
1816 $row['revoke'] = _("Not Revoked");
1817 ?>
1818 <tr>
1819 <? if ($support !=1) {
1820 if($verified != _("Pending") && $verified != _("Revoked")) { ?>
1821 <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
1822 <? } else if($verified != _("Revoked")) { ?>
1823 <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
1824 <? } else { ?>
1825 <td class="DataTD">&nbsp;</td>
1826 <? }
1827 }?>
1828 <td class="DataTD"><?=$verified?></td>
1829 <?if ($support !=1) { ?>
1830 <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
1831 <? }ELSE{ ?>
1832 <td class="DataTD"><?=$row['CN']?></td>
1833 <?}?>
1834 <td class="DataTD"><?=$row['serial']?></td>
1835 <td class="DataTD"><?=$row['revoke']?></td>
1836 <td class="DataTD"><?=$row['expire']?></td>
1837 <?if ($support !=1) { ?>
1838 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
1839 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
1840 <?}?>
1841 </tr> <?
1842 }
1843
1844 /**
1845 * output_gpg_certs_header()
1846 * shows the table header to the gpg cert table
1847 * @param integer $support - if support = 1 some columns ar not visible
1848 * @return
1849 */
1850 function output_gpg_certs_header($support=0){
1851 ?>
1852 <tr>
1853 <td class="DataTD"><?=_("Status")?></td>
1854 <td class="DataTD"><?=_("Email Address")?></td>
1855 <td class="DataTD"><?=_("Expires")?></td>
1856 <td class="DataTD"><?=_("Key ID")?></td>
1857 <?if ($support !=1) { ?>
1858 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1859 <? }?>
1860 </tr>
1861 <?
1862 }
1863
1864 /**
1865 * output_gpg_certs()
1866 * show the gpg cert data
1867 * @param mixed $row - sql-query array
1868 * @param integer $support - if support = 1 some columns are not visible
1869 * @return
1870 */
1871 function output_gpg_certs($row, $support=0){
1872 //should be entered in account/55.php
1873 if($row['timeleft'] > 0)
1874 $verified = _("Valid");
1875 if($row['timeleft'] < 0)
1876 $verified = _("Expired");
1877 if($row['expired'] == 0)
1878 $verified = _("Pending");
1879 ?>
1880 <tr>
1881 <? if($verified == _("Valid")) { ?>
1882 <td class="DataTD"><?=$verified?></td>
1883 <?if ($support !=1) { ?>
1884 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['email']?></a></td>
1885 <? } else { ?>
1886 <td class="DataTD"><?=$row['email']?></td>
1887 <? } ?>
1888 <? } else if($verified == _("Pending")) { ?>
1889 <td class="DataTD"><?=$verified?></td>
1890 <td class="DataTD"><?=$row['email']?></td>
1891 <? } else { ?>
1892 <td class="DataTD"><?=$verified?></td>
1893 <?if ($support !=1) { ?>
1894 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['email']?></a></td>
1895 <? } else { ?>
1896 <td class="DataTD"><?=$row['email']?></td>
1897 <? } ?>
1898 <? } ?>
1899 <td class="DataTD"><?=$row['expire']?></td>
1900 <?if ($support != 1) { ?>
1901 <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
1902 <? } else { ?>
1903 <td class="DataTD"><?=$row['keyid']?></td>
1904 <? } ?>
1905 <?if ($support !=1) { ?>
1906 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
1907 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
1908 <? } ?>
1909 </tr>
1910 <?
1911 }
1912
1913 /**
1914 * output_log_given_assurances()
1915 * returns the list of all given assurances
1916 * @param mixed $userid - user id for the output
1917 * @param integer $support - support view = 1
1918 * @return
1919 */
1920 function output_log_given_assurances($userid, $support=0)
1921 {
1922 output_assurances_header(_("Assurance given"),$support);
1923 output_log_given_assurances_content($userid, $support);
1924 }
1925
1926 /**
1927 * output_log_given_assurances_content()
1928 *
1929 * @param mixed $userid
1930 * @param mixed $support
1931 * @return
1932 */
1933 function output_log_given_assurances_content($userid, $support)
1934 {
1935 $res = get_given_assurances(intval($userid), 1);
1936 while($row = mysql_fetch_assoc($res))
1937 {
1938 $fromuser = get_user (intval($row['to']));
1939 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
1940 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
1941 $email = show_email_link ($fromuser['email'],intval($row['to']));
1942 $revoked = '';
1943 if ($row['date'] != 0) {
1944 $revoked = $row['deleted'];
1945 }
1946 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
1947 }
1948 }
1949
1950 /**
1951 * output_log_received_assurances()
1952 *
1953 * @param mixed $userid
1954 * @param integer $support
1955 * @return
1956 */
1957 function output_log_received_assurances($userid, $support=0)
1958 {
1959 output_assurances_header(_("Assurance received"), $support);
1960 output_log_received_assurances_content($userid, $support);
1961 }
1962
1963 /**
1964 * output_log_received_assurances_content()
1965 *
1966 * @param mixed $userid
1967 * @param mixed $support
1968 * @param mixed $points
1969 * @param mixed $sum_experience
1970 * @param mixed $ticketno
1971 * @return
1972 */
1973 function output_log_received_assurances_content($userid, $support)
1974 {
1975 $res = get_received_assurances(intval($userid), 1);
1976 while($row = mysql_fetch_assoc($res))
1977 {
1978 $fromuser = get_user (intval($row['from']));
1979 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
1980 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
1981 $email = show_email_link ($fromuser['email'],intval($row['from']));
1982 $revoked = '';
1983 if ($row['date'] != 0) {
1984 $revoked = $revoked = $row['deleted'];
1985 }
1986 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
1987 }
1988 }
1989
1990 /**
1991 * output_log_assurances_row()
1992 *
1993 * @param mixed $assuranceid
1994 * @param mixed $date
1995 * @param mixed $when
1996 * @param mixed $email
1997 * @param mixed $name
1998 * @param mixed $awarded
1999 * @param mixed $points
2000 * @param mixed $location
2001 * @param mixed $method
2002 * @param mixed $experience
2003 * @param mixed $userid
2004 * @param mixed $support
2005 * @param mixed $revoked
2006 * @return
2007 */
2008 function output_log_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
2009 {
2010
2011 $tdstyle="";
2012 $emopen="";
2013 $emclose="";
2014
2015 if ($awarded == $points)
2016 {
2017 if ($awarded == "0")
2018 {
2019 if ($when < "2006-09-01")
2020 {
2021 $tdstyle="style='background-color: #ffff80'";
2022 $emopen="<em>";
2023 $emclose="</em>";
2024 }
2025 }
2026 }
2027 ?>
2028 <tr>
2029 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
2030 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
2031 <?
2032 if ($support == "1")
2033 {
2034 ?>
2035 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
2036 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
2037 <?
2038 }
2039 ?>
2040 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
2041 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
2042 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
2043 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
2044 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
2045 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked?><?=$emclose?></td>
2046 </tr>
2047 <?
2048 }