431d0b0df3503cbc2a25ddb6ac7f1a5ebf7e36f6
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 define('NULL_DATETIME', '0000-00-00 00:00:00');
20 define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
21
22 function query_init ($query)
23 {
24 return mysql_query($query);
25 }
26
27 function query_getnextrow ($res)
28 {
29 $row1 = mysql_fetch_assoc($res);
30 return $row1;
31 }
32
33 function query_get_number_of_rows ($resultset)
34 {
35 return intval(mysql_num_rows($resultset));
36 }
37
38 function get_number_of_assurances ($userid)
39 {
40 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
41 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' and `deleted` = 0");
42 $row = query_getnextrow($res);
43
44 return intval($row['list']);
45 }
46
47 function get_number_of_ttpassurances ($userid)
48 {
49 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
50 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' and `deleted` = 0");
51 $row = query_getnextrow($res);
52
53 return intval($row['list']);
54 }
55
56 function get_number_of_assurees ($userid)
57 {
58 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
59 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' and `deleted` = 0");
60 $row = query_getnextrow($res);
61
62 return intval($row['list']);
63 }
64
65 function get_top_assurer_position ($no_of_assurances)
66 {
67 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
68 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
69 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
70 return intval(query_get_number_of_rows($res)+1);
71 }
72
73 function get_top_assuree_position ($no_of_assurees)
74 {
75 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
76 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
77 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
78 return intval(query_get_number_of_rows($res)+1);
79 }
80
81 /**
82 * Get the list of assurances given by the user
83 * @param int $userid - id of the assurer
84 * @param int $log - if set to 1 also includes deleted assurances
85 * @return resource - a MySQL result set
86 */
87 function get_given_assurances($userid, $log=0)
88 {
89 $deleted='';
90 if ($log == 0) {
91 $deleted = ' and `deleted` = 0 ';
92 }
93 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
94 return $res;
95 }
96
97 /**
98 * Get the list of assurances received by the user
99 * @param int $userid - id of the assuree
100 * @param integer $log - if set to 1 also includes deleted assurances
101 * @return resource - a MySQL result set
102 */
103 function get_received_assurances($userid, $log=0)
104 {
105 $deleted='';
106 if ($log == 0) {
107 $deleted = ' and `deleted` = 0 ';
108 }
109 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
110 return $res;
111 }
112
113 function get_given_assurances_summary ($userid)
114 {
115 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
116 return $res;
117 }
118
119 function get_received_assurances_summary ($userid)
120 {
121 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
122 return $res;
123 }
124
125 function get_user ($userid)
126 {
127 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
128 return mysql_fetch_assoc($res);
129 }
130
131 function get_cats_state ($userid)
132 {
133
134 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
135 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
136 return mysql_num_rows($res);
137 }
138
139
140 /**
141 * Calculate awarded points (corrects some issues like out of range points
142 * or points that were issued by means that have been deprecated)
143 *
144 * @param array $row - associative array containing the data from the
145 * `notary` table
146 * @return int - the awarded points for this assurance
147 */
148 function calc_awarded($row)
149 {
150 // Back in the old days there was no `awarded` column => is now zero,
151 // there the `points` column contained that data
152 $points = max(intval($row['awarded']), intval($row['points']));
153
154 // Set negative points to zero, yes there are such things in the database
155 $points = max($points, 0);
156
157 switch ($row['method'])
158 {
159 // These programmes have been revoked
160 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
161 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
162 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
163 $points = 0;
164 break;
165
166 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
167 if ($points <= 2) // maybe limit to 35/50 pts in the future?
168 $points = 0;
169 break;
170
171 // TTP assurances, limit to 35
172 case 'TTP-Assisted':
173 $points = min($points, 35);
174 break;
175
176 // TTP TOPUP, limit to 30
177 case 'TOPUP':
178 $points = min($points, 30);
179
180 // All these should be preserved for the time being
181 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
182 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
183 case '': // to be revoked in the future? limit to max 50 pts?
184 case 'Face to Face Meeting': // normal assurances (and superassurances?), limit to 35/50 pts in the future?
185 break;
186
187 default: // should never happen ... ;-)
188 $points = 0;
189 }
190
191 return $points;
192 }
193
194
195 /**
196 * Calculate the experience points from a given Assurance
197 * @param array $row - [inout] associative array containing the data from
198 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
199 * added
200 * @param int $sum_points - [inout] the sum of already counted assurance
201 * points the assurer issued
202 * @param int $sum_experience - [inout] the sum of already counted
203 * experience points that were awarded to the assurer
204 */
205 function calc_experience(&$row, &$sum_points, &$sum_experience)
206 {
207 $row['calc_awarded'] = calc_awarded($row);
208
209 // Don't count revoked assurances even if we are displaying them
210 if ($row['deleted'] !== NULL_DATETIME) {
211 $row['experience'] = 0;
212 return;
213 }
214
215 $experience = 0;
216 if ($row['method'] == "Face to Face Meeting")
217 {
218 $experience = 2;
219 }
220 $sum_experience += $experience;
221 $row['experience'] = $experience;
222
223 $sum_points += $row['calc_awarded'];
224 }
225
226 /**
227 * Calculate the points received from a received Assurance
228 * @param array $row - [inout] associative array containing the data from
229 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
230 * added
231 * @param int $sum_points - [inout] the sum of already counted assurance
232 * points the assuree received
233 * @param int $sum_experience - [inout] the sum of already counted
234 * experience points that were awarded to the assurer
235 */
236 function calc_assurances(&$row, &$sum_points, &$sum_experience)
237 {
238 $row['calc_awarded'] = calc_awarded($row);
239 $experience = 0;
240
241 // High point values mean that some of them are experience points
242 if ($row['calc_awarded'] > 100)
243 {
244 $experience = $row['calc_awarded'] - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
245 $row['calc_awarded'] = 100;
246 }
247
248 switch ($row['method'])
249 {
250 case 'Thawte Points Transfer':
251 case 'CT Magazine - Germany':
252 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
253 $experience = 0;
254 $row['deleted'] = THAWTE_REVOCATION_DATETIME;
255 break;
256 }
257
258 // Don't count revoked assurances even if we are displaying them
259 if ($row['deleted'] !== NULL_DATETIME) {
260 $row['experience'] = 0;
261 return;
262 }
263
264 $sum_experience += $experience;
265 $row['experience'] = $experience;
266 $sum_points += $row['calc_awarded'];
267 }
268
269 /**
270 * Generate a link to the support engineer page for the user with the name
271 * of the user as link text
272 * @param array $user - associative array containing the data from the
273 * `user` table
274 * @return string
275 */
276 function show_user_link($user)
277 {
278 $name = trim($user['fname'].' '.$user['lname']);
279 $userid = intval($user['id']);
280
281 if($name == "")
282 {
283 if ($userid == 0) {
284 $name = _("System");
285 } else {
286 $name = _("Deleted account");
287 }
288 }
289 else
290 {
291 $name = "<a href='wot.php?id=9&amp;userid=".$userid."'>".sanitizeHTML($name)."</a>";
292 }
293
294 return $name;
295 }
296
297 /**
298 * Generate a link to the support engineer page for the user with the email
299 * address as link text
300 * @param array $user - associative array containing the data from the
301 * `user` table
302 * @return string
303 */
304 function show_email_link($user)
305 {
306 $email = trim($user['email']);
307 if($email != "") {
308 $email = "<a href='account.php?id=43&amp;userid=".intval($user['id'])."'>".sanitizeHTML($email)."</a>";
309 }
310 return $email;
311 }
312
313 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
314 {
315 $num_of_assurances = get_number_of_assurances (intval($userid));
316 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
317 }
318
319 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
320 {
321 $num_of_assurees = get_number_of_assurees (intval($userid));
322 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
323 }
324
325
326 // ************* html table definitions ******************
327
328 function output_ranking($userid)
329 {
330 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
331 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
332
333 ?>
334 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
335 <tr>
336 <td class="title"><?=_("Assurer Ranking")?></td>
337 </tr>
338 <tr>
339 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
340 </tr>
341 <tr>
342 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
343 </tr>
344 </table>
345 <br/>
346 <?
347 }
348
349 function output_assurances_header($title,$support)
350 {
351 ?>
352 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
353 <tr>
354 <?
355 if ($support == "1")
356 {
357 ?>
358 <td colspan="10" class="title"><?=$title?></td>
359 <?
360 } else {
361 ?>
362 <td colspan="7" class="title"><?=$title?></td>
363 <?
364 }
365 ?>
366 </tr>
367 <tr>
368 <td class="DataTD"><strong><?=_("ID")?></strong></td>
369 <td class="DataTD"><strong><?=_("Date")?></strong></td>
370 <?
371 if ($support == "1")
372 {
373 ?>
374 <td class="DataTD"><strong><?=_("When")?></strong></td>
375 <td class="DataTD"><strong><?=_("Email")?></strong></td>
376 <?
377 }
378 ?>
379 <td class="DataTD"><strong><?=_("Who")?></strong></td>
380 <td class="DataTD"><strong><?=_("Points")?></strong></td>
381 <td class="DataTD"><strong><?=_("Location")?></strong></td>
382 <td class="DataTD"><strong><?=_("Method")?></strong></td>
383 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
384 <?
385 if ($support == "1")
386 {
387 ?>
388 <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
389 <?
390 }
391 ?>
392 </tr>
393 <?
394 }
395
396 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
397 {
398 ?>
399 <tr>
400 <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
401 <td class="DataTD"><?=$points?></td>
402 <td class="DataTD">&nbsp;</td>
403 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
404 <td class="DataTD"><?=$sumexperience?></td>
405 <?
406 if ($support == "1")
407 {
408 ?>
409 <td class="DataTD">&nbsp;</td>
410 <?
411 }
412 ?>
413
414 </tr>
415 </table>
416 <br/>
417 <?
418 }
419
420 /**
421 * Render an assurance for a view
422 * @param array $assurance - associative array containing the data from the `notary` table
423 * @param int $userid - Id of the user whichs given/received assurances are displayed
424 * @param array $other_user - associative array containing the other users data from the `users` table
425 * @param int $support - set to 1 if the output is for the support interface
426 * @param string $ticketno - ticket number currently set in the support interface
427 */
428 function output_assurances_row($assurance, $userid, $other_user, $support, $ticketno)
429 {
430 $assuranceid = intval($assurance['id']);
431 $date = $assurance['date'];
432 $when = $assurance['when'];
433 $awarded = intval($assurance['calc_awarded']);
434 $points = intval($assurance['points']);
435 $location = $assurance['location'];
436 $method = $assurance['method'] ? _($assurance['method']) : '';
437 $experience = intval($assurance['experience']);
438 $revoked = $assurance['deleted'] !== NULL_DATETIME;
439
440 $email = show_email_link($other_user);
441 $name = show_user_link($other_user);
442
443 $tdstyle="";
444 $emopen="";
445 $emclose="";
446
447 if ($awarded == $points)
448 {
449 if ($awarded == "0")
450 {
451 if ($when < "2006-09-01")
452 {
453 $tdstyle="style='background-color: #ffff80'";
454 $emopen="<em>";
455 $emclose="</em>";
456 }
457 }
458 }
459 ?>
460 <tr>
461 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
462 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
463 <?
464 if ($support == 1)
465 {
466 ?>
467 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
468 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
469 <?
470 }
471 ?>
472 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
473 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?=$emclose?></td>
474 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
475 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
476 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?$experience:'&nbsp;'?><?=$emclose?></td>
477 <?
478 if ($support == 1)
479 {
480 if ($revoked == true)
481 {
482 ?>
483 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
484 <?
485 } else {
486 ?>
487 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
488 <?
489 }
490 }
491 ?>
492 </tr>
493 <?
494 }
495
496 function output_summary_header()
497 {
498 ?>
499 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
500 <tr>
501 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
502 </tr>
503 <tr>
504 <td class="DataTD"><strong><?=_("Description")?></strong></td>
505 <td class="DataTD"><strong><?=_("Points")?></strong></td>
506 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
507 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
508 </tr>
509 <?
510 }
511
512 function output_summary_footer()
513 {
514 ?>
515 </table>
516 <br/>
517 <?
518 }
519
520 function output_summary_row($title,$points,$points_countable,$remark)
521 {
522 ?>
523 <tr>
524 <td class="DataTD"><strong><?=$title?></strong></td>
525 <td class="DataTD"><?=$points?></td>
526 <td class="DataTD"><?=$points_countable?></td>
527 <td class="DataTD"><?=$remark?></td>
528 </tr>
529 <?
530 }
531
532
533 // ************* output given assurances ******************
534
535 /**
536 * Helper function to render assurances given by the user
537 * @param int $userid
538 * @param int& $sum_points - [out] sum of given points
539 * @param int& $sum_experience - [out] sum of experience points gained
540 * @param int $support - set to 1 if the output is for the support interface
541 * @param string $ticketno - the ticket number set in the support interface
542 */
543 function output_given_assurances_content($userid,&$sum_points,&$sum_experience,$support, $ticketno)
544 {
545 $sum_points = 0;
546 $sumexperience = 0;
547 $res = get_given_assurances(intval($userid));
548 while($row = mysql_fetch_assoc($res))
549 {
550 $assuree = get_user(intval($row['to']));
551 calc_experience($row, $sum_points, $sum_experience);
552 output_assurances_row($row, $userid, $assuree, $support, $ticketno);
553 }
554 }
555
556 // ************* output received assurances ******************
557
558 /**
559 * Helper function to render assurances received by the user
560 * @param int $userid
561 * @param int& $sum_points - [out] sum of received points
562 * @param int& $sum_experience - [out] sum of experience points the assurers gained
563 * @param int $support - set to 1 if the output is for the support interface
564 * @param string $ticketno - the ticket number set in the support interface
565 */
566 function output_received_assurances_content($userid,&$sum_points,&$sum_experience,$support, $ticketno)
567 {
568 $sum_points = 0;
569 $sumexperience = 0;
570 $res = get_received_assurances(intval($userid));
571 while($row = mysql_fetch_assoc($res))
572 {
573 $fromuser = get_user (intval($row['from']));
574 calc_assurances($row, $sum_points, $sum_experience);
575 output_assurances_row($row, $userid, $fromuser, $support, $ticketno);
576 }
577 }
578
579 // ************* output summary table ******************
580
581 function check_date_limit ($userid,$age)
582 {
583 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
584 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
585 return intval(query_get_number_of_rows($res));
586 }
587
588 function max_points($userid)
589 {
590 return output_summary_content ($userid,0);
591 }
592
593 function output_summary_content($userid,$display_output)
594 {
595 $sum_points = 0;
596 $sum_experience = 0;
597 $sum_experience_other = 0;
598 $max_points = 100;
599 $max_experience = 50;
600
601 $experience_limit_reached_txt = _("Limit reached");
602
603 if (check_date_limit($userid,18) != 1)
604 {
605 $max_experience = 10;
606 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
607 }
608 if (check_date_limit($userid,14) != 1)
609 {
610 $max_experience = 0;
611 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
612 }
613
614 $res = get_received_assurances_summary($userid);
615 while($row = mysql_fetch_assoc($res))
616 {
617 $points = calc_awarded($row);
618
619 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
620 {
621 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
622 $points = $max_points;
623 }
624 $sum_points += $points*intval($row['number']);
625 }
626
627 $res = get_given_assurances_summary($userid);
628 while($row = mysql_fetch_assoc($res))
629 {
630 switch ($row['method'])
631 {
632 case 'Face to Face Meeting': // count Face to Face only
633 $sum_experience += 2*intval($row['number']);
634 break;
635 }
636
637 }
638
639 if ($sum_points > $max_points)
640 {
641 $sum_points_countable = $max_points;
642 $remark_points = _("Limit reached");
643 }
644 else
645 {
646 $sum_points_countable = $sum_points;
647 $remark_points = "&nbsp;";
648 }
649 if ($sum_experience > $max_experience)
650 {
651 $sum_experience_countable = $max_experience;
652 $remark_experience = $experience_limit_reached_txt;
653 }
654 else
655 {
656 $sum_experience_countable = $sum_experience;
657 $remark_experience = "&nbsp;";
658 }
659
660 if ($sum_experience_countable + $sum_experience_other > $max_experience)
661 {
662 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
663 $remark_experience_other = $experience_limit_reached_txt;
664 }
665 else
666 {
667 $sum_experience_other_countable = $sum_experience_other;
668 $remark_experience_other = "&nbsp;";
669 }
670
671 if ($sum_points_countable < $max_points)
672 {
673 if ($sum_experience_countable != 0)
674 $remark_experience = _("Points on hold due to less assurance points");
675 $sum_experience_countable = 0;
676 if ($sum_experience_other_countable != 0)
677 $remark_experience_other = _("Points on hold due to less assurance points");
678 $sum_experience_other_countable = 0;
679 }
680
681 $issue_points = 0;
682 $cats_test_passed = get_cats_state ($userid);
683 if ($cats_test_passed == 0)
684 {
685 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
686 if ($sum_points_countable < $max_points)
687 {
688 $issue_points_txt = "<strong style='color: red'>";
689 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
690 $issue_points_txt .= "</strong>";
691 }
692 }
693 else
694 {
695 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
696 $issue_points_txt = "";
697 if ($sum_points_countable == $max_points)
698 $issue_points = 10;
699 if ($experience_total >= 10)
700 $issue_points = 15;
701 if ($experience_total >= 20)
702 $issue_points = 20;
703 if ($experience_total >= 30)
704 $issue_points = 25;
705 if ($experience_total >= 40)
706 $issue_points = 30;
707 if ($experience_total >= 50)
708 $issue_points = 35;
709 if ($issue_points != 0)
710 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
711 }
712 if ($display_output)
713 {
714 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
715 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
716 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
717 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
718 }
719 return $issue_points;
720 }
721
722 /**
723 * Render assurances given by the user
724 * @param int $userid
725 * @param int $support - set to 1 if the output is for the support interface
726 * @param string $ticketno - the ticket number set in the support interface
727 */
728 function output_given_assurances($userid, $support=0, $ticketno='')
729 {
730 output_assurances_header(_("Assurance Points You Issued"),$support);
731 output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
732 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
733 }
734
735 /**
736 * Render assurances received by the user
737 * @param int $userid
738 * @param int $support - set to 1 if the output is for the support interface
739 * @param string $ticketno - the ticket number set in the support interface
740 */
741 function output_received_assurances($userid,$support=0, $ticketno='')
742 {
743 output_assurances_header(_("Your Assurance Points"),$support);
744 output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
745 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
746 }
747
748 function output_summary($userid)
749 {
750 output_summary_header();
751 output_summary_content($userid,1);
752 output_summary_footer();
753 }
754
755 function output_end_of_page()
756 {
757 ?>
758 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
759 <?
760 }
761
762 //functions to do with recording user agreements
763 /**
764 * write_user_agreement()
765 * writes a new record to the table user_agreement
766 *
767 * @param mixed $memid
768 * @param mixed $document
769 * @param mixed $method
770 * @param mixed $comment
771 * @param integer $active
772 * @param integer $secmemid
773 * @return
774 */
775 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
776 // write a new record to the table user_agreement
777 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
778 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
779 $res = mysql_query($query);
780 }
781
782 /**
783 * get_user_agreement_status()
784 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
785 * @param mixed $memid
786 * @param string $type
787 * @return
788 */
789 function get_user_agreement_status($memid, $type="CCA"){
790 $query="SELECT u.`document` FROM `user_agreements` u
791 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
792 $res = mysql_query($query);
793 if(mysql_num_rows($res) <=0){
794 return 0;
795 }else{
796 return 1;
797 }
798 }
799
800 /**
801 * Get the first user_agreement entry of the requested type
802 * @param int $memid
803 * @param string $type - the type of user agreement, by default all
804 * agreements are listed
805 * @param int $active - whether to get active or passive agreements:
806 * 0 := passive
807 * 1 := active
808 * null := both
809 * @return array(string=>mixed) - an associative array containing
810 * 'document', 'date', 'method', 'comment', 'active'
811 */
812 function get_first_user_agreement($memid, $type=null, $active=null){
813 $filter = '';
814 if (!is_null($type)) {
815 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
816 }
817
818 if (!is_null($active)) {
819 $filter .= " AND u.`active` = ".intval($active);
820 }
821
822 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
823 WHERE u.`memid`=".intval($memid)."
824 $filter
825 ORDER BY u.`date` LIMIT 1";
826 $res = mysql_query($query);
827 if(mysql_num_rows($res) >0){
828 $rec = mysql_fetch_assoc($res);
829 }else{
830 $rec=array();
831 }
832 return $rec;
833 }
834
835 /**
836 * Get the last user_agreement entry of the requested type
837 * @param int $memid
838 * @param string $type - the type of user agreement, by default all
839 * agreements are listed
840 * @param int $active - whether to get active or passive agreements:
841 * 0 := passive,
842 * 1 := active,
843 * null := both
844 * @return array(string=>mixed) - an associative array containing
845 * 'document', 'date', 'method', 'comment', 'active'
846 */
847 function get_last_user_agreement($memid, $type=null, $active=null){
848 $filter = '';
849 if (!is_null($type)) {
850 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
851 }
852
853 if (!is_null($active)) {
854 $filter .= " AND u.`active` = ".intval($active);
855 }
856
857 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
858 WHERE u.`memid`=".intval($memid)."
859 $filter
860 ORDER BY u.`date` DESC LIMIT 1";
861 $res = mysql_query($query);
862 if(mysql_num_rows($res) >0){
863 $rec = mysql_fetch_assoc($res);
864 }else{
865 $rec=array();
866 }
867 return $rec;
868 }
869
870 /**
871 * Get the all user_agreement entries of the requested type
872 * @param int $memid
873 * @param string $type - the type of user agreement, by default all
874 * agreements are listed
875 * @param int $active - whether to get an active or passive agreements:
876 * 0 := passive,
877 * 1 := active,
878 * null := both
879 * @return resource - a mysql result set containing all agreements
880 */
881 function get_user_agreements($memid, $type=null, $active=null){
882 $filter = '';
883 if (!is_null($type)) {
884 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
885 }
886
887 if (!is_null($active)) {
888 $filter .= " AND u.`active` = ".intval($active);
889 }
890
891 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
892 WHERE u.`memid`=".intval($memid)."
893 $filter
894 ORDER BY u.`date`";
895 return mysql_query($query);
896 }
897
898 /**
899 * delete_user_agreement()
900 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
901 * @param mixed $memid
902 * @param string $type
903 * @return
904 */
905 function delete_user_agreement($memid, $type=false){
906 if ($type === false) {
907 $filter = '';
908 } else {
909 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
910 }
911 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
912 }
913
914 // functions for 6.php (assure somebody)
915
916 function AssureHead($confirmation,$checkname)
917 {
918 ?>
919 <form method="post" action="wot.php">
920 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
921 <tr>
922 <td colspan="2" class="title"><?=$confirmation?></td>
923 </tr>
924 <tr>
925 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
926 </tr>
927 <?
928 }
929
930 function AssureTextLine($field1,$field2)
931 {
932 ?>
933 <tr>
934 <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
935 <td class="DataTD"><?=$field2?></td>
936 </tr>
937 <?
938 }
939
940 function AssureBoxLine($type,$text,$checked)
941 {
942 ?>
943 <tr>
944 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
945 <td class="DataTD"><?=$text?></td>
946 </tr>
947 <?
948 }
949
950 function AssureMethodLine($text,$methods,$remark)
951 {
952 if (count($methods) != 1) {
953 ?>
954 <tr>
955 <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
956 <td class="DataTD">
957 <select name="method">
958 <?
959 foreach($methods as $val) {
960 ?>
961 <option value="<?=$val?>"><?=$val?></option>
962 <?
963 }
964 ?>
965 </select>
966 <br />
967 <?=$remark?>
968 </td>
969 </tr>
970 <?
971 } else {
972 ?>
973 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
974 <?
975 }
976 }
977
978 function AssureInboxLine($type,$field,$value,$description)
979 {
980 ?>
981 <tr>
982 <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
983 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
984 </tr>
985 <?
986 }
987
988 function AssureFoot($oldid,$confirm)
989 {
990 ?>
991 <tr>
992 <td class="DataTD" colspan="2">
993 <input type="submit" name="process" value="<?=$confirm?>" />
994 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
995 </td>
996 </tr>
997 </table>
998 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
999 <input type="hidden" name="oldid" value="<?=$oldid?>" />
1000 </form>
1001 <?
1002 }
1003
1004 function account_email_delete($mailid){
1005 //deletes an email entry from an acount
1006 //revolkes all certifcates for that email address
1007 //called from www/account.php if($process != "" && $oldid == 2)
1008 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
1009 //called from account_delete
1010 $mailid = intval($mailid);
1011 revoke_all_client_cert($mailid);
1012 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
1013 mysql_query($query);
1014 }
1015
1016 function account_domain_delete($domainid){
1017 //deletes an domain entry from an acount
1018 //revolkes all certifcates for that domain address
1019 //called from www/account.php if($process != "" && $oldid == 9)
1020 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
1021 //called from account_delete
1022 $domainid = intval($domainid);
1023 revoke_all_server_cert($domainid);
1024 mysql_query(
1025 "update `domains`
1026 set `deleted`=NOW()
1027 where `id` = '$domainid'");
1028 }
1029
1030 function account_delete($id, $arbno, $adminid){
1031 //deletes an account following the deleted account routnie V3
1032 // called from www/account.php if($oldid == 50 && $process != "")
1033 //change password
1034 $id = intval($id);
1035 $arbno = mysql_real_escape_string($arbno);
1036 $adminid = intval($adminid);
1037 $pool = 'abcdefghijklmnopqrstuvwxyz';
1038 $pool .= '0123456789!()ยง';
1039 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
1040 srand ((double)microtime()*1000000);
1041 $password="";
1042 for($index = 0; $index < 30; $index++)
1043 {
1044 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
1045 }
1046 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
1047
1048 //create new mail for arbitration number
1049 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
1050 mysql_query($query);
1051 $emailid = mysql_insert_id();
1052
1053 //set new mail as default
1054 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
1055 mysql_query($query);
1056
1057 //delete all other email address
1058 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
1059 $res=mysql_query($query);
1060 while($row = mysql_fetch_assoc($res)){
1061 account_email_delete($row['id']);
1062 }
1063
1064 //delete all domains
1065 $query = "select `id` from `domains` where `memid`='".$id."'";
1066 $res=mysql_query($query);
1067 while($row = mysql_fetch_assoc($res)){
1068 account_domain_delete($row['id']);
1069 }
1070
1071 //clear alert settings
1072 mysql_query(
1073 "update `alerts` set
1074 `general`='0',
1075 `country`='0',
1076 `regional`='0',
1077 `radius`='0'
1078 where `memid`='$id'");
1079
1080 //set default location
1081 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1082 mysql_query($query);
1083
1084 //clear listings
1085 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1086 mysql_query($query);
1087
1088 //set lanuage to default
1089 //set default language
1090 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1091 //delete secondary langugaes
1092 mysql_query("delete from `addlang` where `userid`='".$id."'");
1093
1094 //change secret questions
1095 for($i=1;$i<=5;$i++){
1096 $q="";
1097 $a="";
1098 for($index = 0; $index < 30; $index++)
1099 {
1100 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1101 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1102 }
1103 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1104 mysql_query($query);
1105 }
1106
1107 //change personal information to arbitration number and DOB=1900-01-01
1108 $query = "update `users` set `fname`='".$arbno."',
1109 `mname`='".$arbno."',
1110 `lname`='".$arbno."',
1111 `suffix`='".$arbno."',
1112 `dob`='1900-01-01'
1113 where `id`='".$id."'";
1114 mysql_query($query);
1115
1116 //clear all admin and board flags
1117 mysql_query(
1118 "update `users` set
1119 `assurer`='0',
1120 `assurer_blocked`='0',
1121 `codesign`='0',
1122 `orgadmin`='0',
1123 `ttpadmin`='0',
1124 `locadmin`='0',
1125 `admin`='0',
1126 `adadmin`='0',
1127 `tverify`='0',
1128 `board`='0'
1129 where `id`='$id'");
1130
1131 //block account
1132 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1133 }
1134
1135
1136 function check_email_exists($email){
1137 // called from includes/account.php if($process != "" && $oldid == 1)
1138 // called from includes/account.php if($oldid == 50 && $process != "")
1139 $email = mysql_real_escape_string($email);
1140 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1141 $res = mysql_query($query);
1142 return mysql_num_rows($res) > 0;
1143 }
1144
1145 function check_gpg_cert_running($uid,$cca=0){
1146 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1147 // called from includes/account.php if($oldid == 50 && $process != "")
1148 $uid = intval($uid);
1149 if (0==$cca) {
1150 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1151 }else{
1152 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1153 }
1154 $res = mysql_query($query);
1155 return mysql_num_rows($res) > 0;
1156 }
1157
1158 function check_client_cert_running($uid,$cca=0){
1159 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1160 // called from includes/account.php if($oldid == 50 && $process != "")
1161 $uid = intval($uid);
1162 if (0==$cca) {
1163 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1164 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1165 }else{
1166 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1167 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1168 }
1169 $res = mysql_query($query1);
1170 $r1 = mysql_num_rows($res)>0;
1171 $res = mysql_query($query2);
1172 $r2 = mysql_num_rows($res)>0;
1173 return !!($r1 || $r2);
1174 }
1175
1176 function check_server_cert_running($uid,$cca=0){
1177 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1178 // called from includes/account.php if($oldid == 50 && $process != "")
1179 $uid = intval($uid);
1180 if (0==$cca) {
1181 $query1 = "
1182 select 1 from `domaincerts` join `domains`
1183 on `domaincerts`.`domid` = `domains`.`id`
1184 where `domains`.`memid` = '$uid'
1185 and `domaincerts`.`expire` > NOW()
1186 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1187 $query2 = "
1188 select 1 from `domaincerts` join `domains`
1189 on `domaincerts`.`domid` = `domains`.`id`
1190 where `domains`.`memid` = '$uid'
1191 and `revoked`>NOW()";
1192 }else{
1193 $query1 = "
1194 select 1 from `domaincerts` join `domains`
1195 on `domaincerts`.`domid` = `domains`.`id`
1196 where `domains`.`memid` = '$uid'
1197 and `expire`>(NOW()-90*86400)
1198 and `revoked`<`created`";
1199 $query2 = "
1200 select 1 from `domaincerts` join `domains`
1201 on `domaincerts`.`domid` = `domains`.`id`
1202 where `domains`.`memid` = '$uid'
1203 and `revoked`>(NOW()-90*86400)";
1204 }
1205 $res = mysql_query($query1);
1206 $r1 = mysql_num_rows($res)>0;
1207 $res = mysql_query($query2);
1208 $r2 = mysql_num_rows($res)>0;
1209 return !!($r1 || $r2);
1210 }
1211
1212 function check_is_orgadmin($uid){
1213 // called from includes/account.php if($oldid == 50 && $process != "")
1214 $uid = intval($uid);
1215 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1216 $res = mysql_query($query);
1217 return mysql_num_rows($res) > 0;
1218 }
1219
1220
1221 // revokation of certificates
1222 function revoke_all_client_cert($mailid){
1223 //revokes all client certificates for an email address
1224 $mailid = intval($mailid);
1225 $query = "select `emailcerts`.`id`
1226 from `emaillink`,`emailcerts` where
1227 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1228 group by `emailcerts`.`id`";
1229 $dres = mysql_query($query);
1230 while($drow = mysql_fetch_assoc($dres)){
1231 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1232 }
1233 }
1234
1235 function revoke_all_server_cert($domainid){
1236 //revokes all server certs for an domain
1237 $domainid = intval($domainid);
1238 $query =
1239 "select `domaincerts`.`id`
1240 from `domaincerts`
1241 where `domaincerts`.`domid` = '$domainid'
1242 union distinct
1243 select `domaincerts`.`id`
1244 from `domaincerts`, `domlink`
1245 where `domaincerts`.`id` = `domlink`.`certid`
1246 and `domlink`.`domid` = '$domainid'";
1247 $dres = mysql_query($query);
1248 while($drow = mysql_fetch_assoc($dres))
1249 {
1250 mysql_query(
1251 "update `domaincerts`
1252 set `revoked`='1970-01-01 10:00:01'
1253 where `id` = '".$drow['id']."'
1254 and `revoked` = 0");
1255 }
1256 }
1257
1258 function revoke_all_private_cert($uid){
1259 //revokes all certificates linked to a personal accounts
1260 //gpg revokation needs to be added to a later point
1261 $uid=intval($uid);
1262 $query = "select `id` from `email` where `memid`='".$uid."'";
1263 $res=mysql_query($query);
1264 while($row = mysql_fetch_assoc($res)){
1265 revoke_all_client_cert($row['id']);
1266 }
1267
1268
1269 $query = "select `id` from `domains` where `memid`='".$uid."'";
1270 $res=mysql_query($query);
1271 while($row = mysql_fetch_assoc($res)){
1272 revoke_all_server_cert($row['id']);
1273 }
1274 }
1275
1276 /**
1277 * check_date_format()
1278 * checks if the date is entered in the right date format YYYY-MM-DD and
1279 * if the date is after the 1st January of the given year
1280 *
1281 * @param mixed $date
1282 * @param integer $year
1283 * @return
1284 */
1285 function check_date_format($date, $year=2000){
1286 if (!strpos($date,'-')) {
1287 return FALSE;
1288 }
1289 $arr=explode('-',$date);
1290
1291 if ((count($arr)!=3)) {
1292 return FALSE;
1293 }
1294 if (intval($arr[0])<=$year) {
1295 return FALSE;
1296 }
1297 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1298 return FALSE;
1299 }
1300 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1301 return FALSE;
1302 }
1303
1304 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1305
1306 }
1307
1308 /**
1309 * check_date_difference()
1310 * returns false if the date is larger then today + time diffrence
1311 *
1312 * @param mixed $date
1313 * @param integer $diff
1314 * @return
1315 */
1316 function check_date_difference($date, $diff=1){
1317 return (strtotime($date)<=time()+$diff*86400);
1318 }
1319
1320 /**
1321 * Write some information to the adminlog
1322 *
1323 * @param int $uid - id of the user account
1324 * @param int $adminid - id of the admin
1325 * @param string $type - the operation that was performed on the user account
1326 * @param string $info - the ticket / arbitration number or other information
1327 * @return bool - true := success, false := error
1328 */
1329 function write_se_log($uid, $adminid, $type, $info){
1330 //records all support engineer actions changing a user account
1331 $uid = intval($uid);
1332 $adminid = intval($adminid);
1333 $type = mysql_real_escape_string($type);
1334 $info = mysql_real_escape_string($info);
1335 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1336 (Now(), $uid, $adminid, '$type', '$info')";
1337 return mysql_query($query);
1338 }
1339
1340 /**
1341 * Check if the entered information is a valid ticket or arbitration number
1342 * @param string $ticketno
1343 * @return bool
1344 */
1345 function valid_ticket_number($ticketno){
1346 //a arbitration case
1347 //d dispute action
1348 //s support case
1349 //m board motion
1350 $pattern='/[adsmADSM]\d{8}\.\d+/';
1351 if (preg_match($pattern, $ticketno)) {
1352 return true;
1353 }
1354 return false;
1355 }
1356
1357 // function for handling account/43.php
1358 /**
1359 * Get all data of an account given by the id from the `users` table
1360 * @param int $userid - account id
1361 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1362 * @return resource - a mysql result set
1363 */
1364 function get_user_data($userid, $deleted=0){
1365 $userid = intval($userid);
1366 $filter='';
1367 if (0==$deleted) {
1368 $filter .=' and `users`.`deleted`=0';
1369 }
1370 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1371 return mysql_query($query);
1372 }
1373
1374 /**
1375 * Get the alert settings for a user
1376 * @param int $userid for the requested account
1377 * @return array - associative array
1378 */
1379 function get_alerts($userid){
1380 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1381 }
1382
1383 /**
1384 * Get all email addresses linked to the account
1385 * @param int $userid
1386 * @param string $exclude - if given the email address will be excluded
1387 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1388 * @return resource - a mysql result set
1389 */
1390 function get_email_addresses($userid, $exclude, $deleted=0){
1391 //should be entered in account/2.php
1392 $userid = intval($userid);
1393 $filter='';
1394 if (0==$deleted) {
1395 $filter .= ' and `deleted`=0';
1396 }
1397 if ($exclude) {
1398 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1399 }
1400 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1401 return mysql_query($query);
1402 }
1403
1404 /**
1405 * Get all domains linked to the account
1406 * @param int $userid
1407 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1408 * @return resource - a mysql result set
1409 */
1410 function get_domains($userid, $deleted=0){
1411 //should be entered in account/9.php
1412 $userid = intval($userid);
1413 $filter='';
1414 if (0==$deleted) {
1415 $filter .= ' and `deleted`=0';
1416 }
1417 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1418 return mysql_query($query);
1419 }
1420
1421 /**
1422 * Get all training results for the account
1423 * @param int $userid
1424 * @return resource - a mysql result set
1425 */
1426 function get_training_results($userid){
1427 //should be entered in account/55.php
1428 $userid = intval($userid);
1429 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1430 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1431 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1432 " ORDER BY `CP`.`pass_date`";
1433 return mysql_query($query);
1434 }
1435
1436 /**
1437 * Get all SE log entries for the account
1438 * @param int $userid
1439 * @return resource - a mysql result set
1440 */
1441 function get_se_log($userid){
1442 $userid = intval($userid);
1443 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1444 FROM `adminlog`, `users`
1445 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1446 ORDER BY `adminlog`.`when`";
1447 return mysql_query($query);
1448 }
1449
1450 /**
1451 * Get all client certificates linked to the account
1452 * @param int $userid
1453 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1454 * @return resource - a mysql result set
1455 */
1456 function get_client_certs($userid, $viewall=0){
1457 //add to account/5.php
1458 $userid = intval($userid);
1459 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1460 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1461 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1462 `emailcerts`.`expire`,
1463 `emailcerts`.`revoked` as `revoke`,
1464 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1465 `emailcerts`.`id`,
1466 `emailcerts`.`CN`,
1467 `emailcerts`.`serial`,
1468 `emailcerts`.`disablelogin`,
1469 `emailcerts`.`description`
1470 from `emailcerts`
1471 where `emailcerts`.`memid`='".$userid."'";
1472 if($viewall == 0)
1473 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1474 $query .= " HAVING `timeleft` > 0";
1475 $query .= " ORDER BY `emailcerts`.`modified` desc";
1476 return mysql_query($query);
1477 }
1478
1479 /**
1480 * Get all server certs linked to the account
1481 * @param int $userid
1482 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1483 * @return resource - a mysql result set
1484 */
1485 function get_server_certs($userid, $viewall=0){
1486 //add to account/12.php
1487 $userid = intval($userid);
1488 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1489 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1490 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1491 `domaincerts`.`expire`,
1492 `domaincerts`.`revoked` as `revoke`,
1493 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1494 `domaincerts`.`CN`,
1495 `domaincerts`.`serial`,
1496 `domaincerts`.`id`,
1497 `domaincerts`.`description`
1498 from `domaincerts`,`domains`
1499 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1500 if($viewall == 0)
1501 {
1502 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1503 $query .= " HAVING `timeleft` > 0";
1504 }
1505 $query .= " ORDER BY `domaincerts`.`modified` desc";
1506 return mysql_query($query);
1507 }
1508
1509 /**
1510 * Get all gpg certs linked to the account
1511 * @param int $userid
1512 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1513 * @return resource - a mysql result set
1514 */
1515 function get_gpg_certs($userid, $viewall=0){
1516 //add to gpg/2.php
1517 $userid = intval($userid);
1518 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1519 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1520 UNIX_TIMESTAMP(`expire`) as `expired`,
1521 `expire`, `id`, `level`, `email`, `keyid`, `description`
1522 from `gpg` where `memid`='".$userid."'";
1523 if ($viewall == 0) {
1524 $query .= " HAVING `timeleft` > 0";
1525 }
1526 $query .= " ORDER BY `issued` desc";
1527 return mysql_query($query);
1528 }
1529
1530
1531
1532 /**
1533 * Show the table header to the email table for the admin log
1534 */
1535 function output_log_email_header(){
1536 ?>
1537 <tr>
1538 <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
1539 <td class="DataTD bold"><?= _("Created") ?></td>
1540 <td class="DataTD bold"><?= _("Deleted") ?></td>
1541 </tr>
1542
1543 <?
1544 }
1545 /**
1546 * Show all email data for the admin log
1547 * @param array $row - associative array containing the column data
1548 * @param string $primary - if given the primary address is highlighted
1549 */
1550 function output_log_email($row, $primary){
1551 $style = '';
1552 if ($row['deleted'] !== NULL_DATETIME) {
1553 $style = ' deletedemailaddress';
1554 } elseif ($primary == $row['email']) {
1555 $style = ' primaryemailaddress';
1556 }
1557 ?>
1558 <tr>
1559 <td class="DataTD<?=$style?>"><?=$row['email']?></td>
1560 <td class="DataTD<?=$style?>"><?=$row['created']?></td>
1561 <td class="DataTD<?=$style?>"><?=$row['deleted']?></td>
1562 </tr>
1563 <?
1564 }
1565
1566 /**
1567 * Show the table header to the domains table for the admin log
1568 */
1569 function output_log_domains_header(){
1570 ?>
1571 <tr>
1572 <td class="DataTD bold"><?= _("Domain") ?></td>
1573 <td class="DataTD bold"><?= _("Created") ?></td>
1574 <td class="DataTD bold"><?= _("Deleted") ?></td>
1575 </tr>
1576
1577 <?
1578 }
1579
1580 /**
1581 * Show the domain data for the admin log
1582 * @param array $row - associative array containing the column data
1583 */
1584 function output_log_domains($row){
1585 $italic='';
1586 if ($row['deleted'] !== NULL_DATETIME) {
1587 $italic=' italic';
1588 }
1589 ?>
1590 <tr>
1591 <td class="DataTD<?=$italic?>"><?=$row['domain']?></td>
1592 <td class="DataTD<?=$italic?>"><?=$row['created']?></td>
1593 <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td>
1594 </tr>
1595 <?
1596 }
1597
1598 /**
1599 * Show the table header to the user agreement table for the admin log
1600 */
1601 function output_log_agreement_header(){
1602 ?>
1603 <tr>
1604 <td class="DataTD bold"><?= _("Agreement") ?></td>
1605 <td class="DataTD bold"><?= _("Date") ?></td>
1606 <td class="DataTD bold"><?= _("Method") ?></td>
1607 <td class="DataTD bold"><?= _("Active ") ?></td>
1608 </tr>
1609 <?
1610 }
1611
1612 /**
1613 * Show the agreement data for the admin log
1614 * @param array $row - associative array containing the column data
1615 */
1616 function output_log_agreement($row){
1617 ?>
1618 <tr>
1619 <td class="DataTD" ><?=$row['document']?></td>
1620 <td class="DataTD" ><?=$row['date']?></td>
1621 <td class="DataTD" ><?=$row['method']?></td>
1622 <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
1623 </tr>
1624 <?
1625 }
1626
1627 /**
1628 * Show the table header to the training table
1629 */
1630 function output_log_training_header(){
1631 //should be entered in account/55.php
1632 ?>
1633 <tr>
1634 <td class="DataTD bold"><?= _("Agreement") ?></td>
1635 <td class="DataTD bold"><?= _("Test") ?></td>
1636 <td class="DataTD bold"><?= _("Variant") ?></td>
1637 </tr>
1638 <?
1639 }
1640
1641 /**
1642 * Show the training data
1643 * @param array $row - associative array containing the column data
1644 */
1645 function output_log_training($row){
1646 //should be entered in account/55.php
1647 ?>
1648 <tr>
1649 <td class="DataTD"><?=$row['pass_date']?></td>
1650 <td class="DataTD"><?=$row['type_text']?></td>
1651 <td class="DataTD"><?=$row['test_text']?></td>
1652 </tr>
1653 <?
1654 }
1655
1656 /**
1657 * Show the table header to the SE log table for the admin log
1658 * @param int $support - if support = 1 more information is visible
1659 */
1660 function output_log_se_header($support=0){
1661 ?>
1662 <tr>
1663 <td class="DataTD bold"><?= _("Date") ?></td>
1664 <td class="DataTD bold"><?= _("Type") ?></td>
1665 <?
1666 if (1 == $support) {
1667 ?>
1668 <td class="DataTD bold"><?= _("Information") ?></td>
1669 <td class="DataTD bold"><?= _("Admin") ?></td>
1670 <?
1671 }
1672 ?>
1673 </tr>
1674 <?
1675 }
1676
1677 /**
1678 * Show the SE log data for the admin log
1679 * @param array $row - associative array containing the column data
1680 * @param int $support - if support = 1 more information is visible
1681 */
1682 function output_log_se($row, $support=0){
1683 //should be entered in account/55.php
1684 ?>
1685 <tr>
1686 <td class="DataTD"><?=$row['when']?></td>
1687 <td class="DataTD"><?=$row['type']?></td>
1688 <?
1689 if (1 == $support) {
1690 ?>
1691 <td class="DataTD"><?=$row['information']?></td>
1692 <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
1693 <?
1694 }
1695 ?>
1696 </tr>
1697 <?
1698 }
1699
1700 /**
1701 * Shows the table header to the client cert table
1702 * @param int $support - if support = 1 some columns ar not visible
1703 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1704 */
1705 function output_client_cert_header($support=0, $readonly=true){
1706 //should be added to account/5.php
1707 ?>
1708 <tr>
1709 <?
1710 if (!$readonly) {
1711 ?>
1712 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1713 <?
1714 }
1715 ?>
1716 <td class="DataTD"><?=_("Status")?></td>
1717 <td class="DataTD"><?=_("Email Address")?></td>
1718 <td class="DataTD"><?=_("SerialNumber")?></td>
1719 <td class="DataTD"><?=_("Revoked")?></td>
1720 <td class="DataTD"><?=_("Expires")?></td>
1721 <td class="DataTD"><?=_("Login")?></td>
1722 <?
1723 if (1 != $support) {
1724 ?>
1725 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1726 <?
1727 }
1728 ?>
1729 </tr>
1730 <?
1731 }
1732
1733 /**
1734 * Show the client cert data
1735 * @param array $row - associative array containing the column data
1736 * @param int $support - if support = 1 some columns are not visible
1737 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1738 */
1739 function output_client_cert($row, $support=0, $readonly=true){
1740 //should be entered in account/5.php
1741 $verified="";
1742 if ($row['timeleft'] > 0) {
1743 $verified = _("Valid");
1744 } else {
1745 $verified = _("Expired");
1746 }
1747
1748 if ($row['expired'] == 0) {
1749 $verified = _("Pending");
1750 }
1751
1752 if ($row['revoked'] == 0) {
1753 $row['revoke'] = _("Not Revoked");
1754 } else {
1755 $verified = _("Revoked");
1756 }
1757
1758 ?>
1759 <tr>
1760 <?
1761 if (!$readonly) {
1762 if ($verified === _("Pending")) {
1763 ?>
1764 <td class="DataTD">
1765 <input type="checkbox" name="delid[]" value="<?=$row['id']?>">
1766 </td>
1767 <?
1768
1769 } elseif ($verified === _("Revoked")) {
1770 ?>
1771 <td class="DataTD">&nbsp;</td>
1772 <?
1773
1774 } else {
1775 ?>
1776 <td class="DataTD">
1777 <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>">
1778 </td>
1779 <?
1780 }
1781 }
1782
1783 ?>
1784 <td class="DataTD"><?=$verified?></td>
1785 <?
1786
1787 if ($verified === _("Pending")) {
1788 ?>
1789 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1790 <?
1791 } else {
1792 ?>
1793 <td class="DataTD">
1794 <a href="account.php?id=6&amp;cert=<?=$row['id']?>">
1795 <?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?>
1796 </a>
1797 </td>
1798 <?
1799 }
1800
1801 ?>
1802 <td class="DataTD"><?=$row['serial']?></td>
1803 <td class="DataTD"><?=$row['revoke']?></td>
1804 <td class="DataTD"><?=$row['expire']?></td>
1805 <td class="DataTD">
1806 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
1807 <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
1808 </td>
1809 <?
1810
1811 if (1 != $support) {
1812 ?>
1813 <td class="DataTD">
1814 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1815 </td>
1816 <?
1817 if (!$readonly) {
1818 ?>
1819 <td class="DataTD">
1820 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1821 </td>
1822 <?
1823 }
1824 }
1825
1826 ?>
1827 </tr>
1828 <?
1829 }
1830
1831 /**
1832 * Show the table header to the server cert table
1833 * @param int $support - if support = 1 some columns ar not visible
1834 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1835 */
1836 function output_server_certs_header($support=0, $readonly=true){
1837 //should be entered in account/12.php
1838 ?>
1839 <tr>
1840 <?
1841 if (!$readonly) {
1842 ?>
1843 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1844 <?
1845 }
1846 ?>
1847 <td class="DataTD"><?=_("Status")?></td>
1848 <td class="DataTD"><?=_("CommonName")?></td>
1849 <td class="DataTD"><?=_("SerialNumber")?></td>
1850 <td class="DataTD"><?=_("Revoked")?></td>
1851 <td class="DataTD"><?=_("Expires")?></td>
1852 <?
1853 if (1 != $support) {
1854 ?>
1855 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1856 <?
1857 }
1858 ?>
1859 </tr>
1860 <?
1861 }
1862
1863 /**
1864 * Show the server cert data
1865 * @param array $row - associative array containing the column data
1866 * @param int $support - if support = 1 some columns are not visible
1867 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1868 */
1869 function output_server_certs($row, $support=0, $readonly=true){
1870 //should be entered in account/12.php
1871 $verified="";
1872 if ($row['timeleft'] > 0) {
1873 $verified = _("Valid");
1874 } else {
1875 $verified = _("Expired");
1876 }
1877
1878 if ($row['expired'] == 0) {
1879 $verified = _("Pending");
1880 }
1881
1882 if ($row['revoked'] == 0) {
1883 $row['revoke'] = _("Not Revoked");
1884 } else {
1885 $verified = _("Revoked");
1886 }
1887
1888 ?>
1889 <tr>
1890 <?
1891 if (!$readonly) {
1892 if ($verified === _("Pending")) {
1893 ?>
1894 <td class="DataTD">
1895 <input type="checkbox" name="delid[]" value="<?=$row['id']?>"/>
1896 </td>
1897 <?
1898 } elseif($verified === _("Revoked")) {
1899 ?>
1900 <td class="DataTD">&nbsp;</td>
1901 <?
1902 } else {
1903 ?>
1904 <td class="DataTD">
1905 <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/>
1906 </td>
1907 <?
1908 }
1909 }
1910
1911 ?>
1912 <td class="DataTD"><?=$verified?></td>
1913 <?
1914
1915 if ($verified === _("Pending")) {
1916 ?>
1917 <td class="DataTD"><?=$row['CN']?></td>
1918 <?
1919 } else {
1920 ?>
1921 <td class="DataTD">
1922 <a href="account.php?id=15&amp;cert=<?=$row['id']?>">
1923 <?=$row['CN']?>
1924 </a>
1925 </td>
1926 <?
1927 }
1928
1929 ?>
1930 <td class="DataTD"><?=$row['serial']?></td>
1931 <td class="DataTD"><?=$row['revoke']?></td>
1932 <td class="DataTD"><?=$row['expire']?></td>
1933 <?
1934
1935 if (1 != $support) {
1936 ?>
1937 <td class="DataTD">
1938 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1939 </td>
1940 <?
1941 if (!$readonly) {
1942 ?>
1943 <td class="DataTD">
1944 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1945 </td>
1946 <?
1947 }
1948 }
1949
1950 ?>
1951 </tr>
1952 <?
1953 }
1954
1955 /**
1956 * Show the table header to the gpg cert table
1957 * @param int $support - if support = 1 some columns ar not visible
1958 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1959 */
1960 function output_gpg_certs_header($support=0, $readonly=true){
1961 // $readonly is currently ignored but kept for consistency
1962 ?>
1963 <tr>
1964 <td class="DataTD"><?=_("Status")?></td>
1965 <td class="DataTD"><?=_("Email Address")?></td>
1966 <td class="DataTD"><?=_("Expires")?></td>
1967 <td class="DataTD"><?=_("Key ID")?></td>
1968 <?
1969 if (1 != $support) {
1970 ?>
1971 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1972 <?
1973 }
1974 ?>
1975 </tr>
1976 <?
1977 }
1978
1979 /**
1980 * Show the gpg cert data
1981 * @param array $row - associative array containing the column data
1982 * @param int $support - if support = 1 some columns are not visible
1983 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1984 */
1985 function output_gpg_certs($row, $support=0, $readonly=true){
1986 //should be entered in account/55.php
1987 $verified="";
1988 if ($row['timeleft'] > 0) {
1989 $verified = _("Valid");
1990 } else {
1991 $verified = _("Expired");
1992 }
1993
1994 if ($row['expired'] == 0) {
1995 $verified = _("Pending");
1996 }
1997
1998 ?>
1999 <tr>
2000 <td class="DataTD"><?=$verified?></td>
2001 <?
2002
2003 if($verified == _("Pending")) {
2004 ?>
2005 <td class="DataTD"><?=$row['email']?></td>
2006 <?
2007 } else {
2008 ?>
2009 <td class="DataTD">
2010 <a href="gpg.php?id=3&amp;cert=<?=$row['id']?>">
2011 <?=$row['email']?>
2012 </a>
2013 </td>
2014 <?
2015 }
2016
2017 ?>
2018 <td class="DataTD"><?=$row['expire']?></td>
2019 <?
2020
2021 if($verified == _("Pending")) {
2022 ?>
2023 <td class="DataTD"><?=$row['keyid']?></td>
2024 <?
2025 } else {
2026 ?>
2027 <td class="DataTD">
2028 <a href="gpg.php?id=3&amp;cert=<?=$row['id']?>">
2029 <?=$row['keyid']?>
2030 </a>
2031 </td>
2032 <?
2033 }
2034
2035 if (1 != $support) {
2036 ?>
2037 <td class="DataTD">
2038 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
2039 </td>
2040 <?
2041 if (!$readonly) {
2042 ?>
2043 <td class="DataTD">
2044 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
2045 </td>
2046 <?
2047 }
2048 }
2049
2050 ?>
2051 </tr>
2052 <?
2053 }
2054
2055 /**
2056 * output_log_given_assurances()
2057 * returns the list of all given assurances
2058 * @param mixed $userid - user id for the output
2059 * @param integer $support - support view = 1
2060 * @return
2061 */
2062 function output_log_given_assurances($userid, $support=0)
2063 {
2064 output_assurances_header(_("Assurance given"),$support);
2065 output_log_given_assurances_content($userid, $support);
2066 }
2067
2068 /**
2069 * output_log_given_assurances_content()
2070 *
2071 * @param mixed $userid
2072 * @param mixed $support
2073 * @return
2074 */
2075 function output_log_given_assurances_content($userid, $support)
2076 {
2077 $res = get_given_assurances(intval($userid), 1);
2078 while($row = mysql_fetch_assoc($res))
2079 {
2080 $fromuser = get_user (intval($row['to']));
2081 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
2082 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
2083 $email = show_email_link ($fromuser['email'],intval($row['to']));
2084 $revoked = '';
2085 if ($row['date'] != 0) {
2086 $revoked = $row['deleted'];
2087 }
2088 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
2089 }
2090 }
2091
2092 /**
2093 * output_log_received_assurances()
2094 *
2095 * @param mixed $userid
2096 * @param integer $support
2097 * @return
2098 */
2099 function output_log_received_assurances($userid, $support=0)
2100 {
2101 output_assurances_header(_("Assurance received"), $support);
2102 output_log_received_assurances_content($userid, $support);
2103 }
2104
2105 /**
2106 * output_log_received_assurances_content()
2107 *
2108 * @param mixed $userid
2109 * @param mixed $support
2110 * @param mixed $points
2111 * @param mixed $sum_experience
2112 * @param mixed $ticketno
2113 * @return
2114 */
2115 function output_log_received_assurances_content($userid, $support)
2116 {
2117 $res = get_received_assurances(intval($userid), 1);
2118 while($row = mysql_fetch_assoc($res))
2119 {
2120 $fromuser = get_user (intval($row['from']));
2121 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
2122 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
2123 $email = show_email_link ($fromuser['email'],intval($row['from']));
2124 $revoked = '';
2125 if ($row['date'] != 0) {
2126 $revoked = $revoked = $row['deleted'];
2127 }
2128 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
2129 }
2130 }
2131
2132 /**
2133 * output_log_assurances_row()
2134 *
2135 * @param mixed $assuranceid
2136 * @param mixed $date
2137 * @param mixed $when
2138 * @param mixed $email
2139 * @param mixed $name
2140 * @param mixed $awarded
2141 * @param mixed $points
2142 * @param mixed $location
2143 * @param mixed $method
2144 * @param mixed $experience
2145 * @param mixed $userid
2146 * @param mixed $support
2147 * @param mixed $revoked
2148 * @return
2149 */
2150 function output_log_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
2151 {
2152
2153 $tdstyle="";
2154 $emopen="";
2155 $emclose="";
2156
2157 if ($awarded == $points)
2158 {
2159 if ($awarded == "0")
2160 {
2161 if ($when < "2006-09-01")
2162 {
2163 $tdstyle="style='background-color: #ffff80'";
2164 $emopen="<em>";
2165 $emclose="</em>";
2166 }
2167 }
2168 }
2169 ?>
2170 <tr>
2171 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
2172 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
2173 <?
2174 if ($support == "1")
2175 {
2176 ?>
2177 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
2178 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
2179 <?
2180 }
2181 ?>
2182 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
2183 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
2184 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
2185 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
2186 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
2187 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked?><?=$emclose?></td>
2188 </tr>
2189 <?
2190 }