First commit of tag changes. bug-1444
[cacert-devel.git] / includes / notary.inc.php
1 <?php /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 define('NULL_DATETIME', '0000-00-00 00:00:00');
20 define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
21
22 function query_init ($query)
23 {
24 return mysql_query($query);
25 }
26
27 function query_getnextrow ($res)
28 {
29 $row1 = mysql_fetch_assoc($res);
30 return $row1;
31 }
32
33 function query_get_number_of_rows ($resultset)
34 {
35 return intval(mysql_num_rows($resultset));
36 }
37
38 function get_number_of_assurances ($userid)
39 {
40 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
41 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' and `deleted` = 0");
42 $row = query_getnextrow($res);
43
44 return intval($row['list']);
45 }
46
47 function get_number_of_ttpassurances ($userid)
48 {
49 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
50 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' and `deleted` = 0");
51 $row = query_getnextrow($res);
52
53 return intval($row['list']);
54 }
55
56 function get_number_of_assurees ($userid)
57 {
58 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
59 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' and `deleted` = 0");
60 $row = query_getnextrow($res);
61
62 return intval($row['list']);
63 }
64
65 function get_top_assurer_position ($no_of_assurances)
66 {
67 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
68 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
69 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
70 return intval(query_get_number_of_rows($res)+1);
71 }
72
73 function get_top_assuree_position ($no_of_assurees)
74 {
75 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
76 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
77 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
78 return intval(query_get_number_of_rows($res)+1);
79 }
80
81 /**
82 * Get the list of assurances given by the user
83 * @param int $userid - id of the assurer
84 * @param int $log - if set to 1 also includes deleted assurances
85 * @return resource - a MySQL result set
86 */
87 function get_given_assurances($userid, $log=0)
88 {
89 $deleted='';
90 if ($log == 0) {
91 $deleted = ' and `deleted` = 0 ';
92 }
93 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
94 return $res;
95 }
96
97 /**
98 * Get the list of assurances received by the user
99 * @param int $userid - id of the assuree
100 * @param int $log - if set to 1 also includes deleted assurances
101 * @return resource - a MySQL result set
102 */
103 function get_received_assurances($userid, $log=0)
104 {
105 $deleted='';
106 if ($log == 0) {
107 $deleted = ' and `deleted` = 0 ';
108 }
109 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
110 return $res;
111 }
112
113 function get_given_assurances_summary ($userid)
114 {
115 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
116 return $res;
117 }
118
119 function get_received_assurances_summary ($userid)
120 {
121 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
122 return $res;
123 }
124
125 function get_user ($userid)
126 {
127 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
128 return mysql_fetch_assoc($res);
129 }
130
131 function get_cats_state ($userid)
132 {
133
134 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
135 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
136 return mysql_num_rows($res);
137 }
138
139
140 /**
141 * Calculate awarded points (corrects some issues like out of range points
142 * or points that were issued by means that have been deprecated)
143 *
144 * @param array $row - associative array containing the data from the
145 * `notary` table
146 * @return int - the awarded points for this assurance
147 */
148 function calc_awarded($row)
149 {
150 // Back in the old days there was no `awarded` column => is now zero,
151 // there the `points` column contained that data
152 $points = max(intval($row['awarded']), intval($row['points']));
153
154 // Set negative points to zero, yes there are such things in the database
155 $points = max($points, 0);
156
157 switch ($row['method'])
158 {
159 // These programmes have been revoked
160 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
161 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
162 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
163 $points = 0;
164 break;
165
166 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
167 if ($points <= 2) // maybe limit to 35/50 pts in the future?
168 $points = 0;
169 break;
170
171 // TTP assurances, limit to 35
172 case 'TTP-Assisted':
173 $points = min($points, 35);
174 break;
175
176 // TTP TOPUP, limit to 30
177 case 'TOPUP':
178 $points = min($points, 30);
179
180 // All these should be preserved for the time being
181 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
182 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
183 case '': // to be revoked in the future? limit to max 50 pts?
184 case 'Face to Face Meeting': // normal assurances (and superassurances?), limit to 35/50 pts in the future?
185 break;
186
187 default: // should never happen ... ;-)
188 $points = 0;
189 }
190
191 return $points;
192 }
193
194
195 /**
196 * Calculate the experience points from a given Assurance
197 * @param array $row - [inout] associative array containing the data from
198 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
199 * added
200 * @param int $sum_points - [inout] the sum of already counted assurance
201 * points the assurer issued
202 * @param int $sum_experience - [inout] the sum of already counted
203 * experience points that were awarded to the assurer
204 */
205 function calc_experience(&$row, &$sum_points, &$sum_experience)
206 {
207 $row['calc_awarded'] = calc_awarded($row);
208
209 // Don't count revoked assurances even if we are displaying them
210 if ($row['deleted'] !== NULL_DATETIME) {
211 $row['experience'] = 0;
212 return;
213 }
214
215 $experience = 0;
216 if ($row['method'] == "Face to Face Meeting")
217 {
218 $experience = 2;
219 }
220 $sum_experience += $experience;
221 $row['experience'] = $experience;
222
223 $sum_points += $row['calc_awarded'];
224 }
225
226 /**
227 * Calculate the points received from a received Assurance
228 * @param array $row - [inout] associative array containing the data from
229 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
230 * added
231 * @param int $sum_points - [inout] the sum of already counted assurance
232 * points the assuree received
233 * @param int $sum_experience - [inout] the sum of already counted
234 * experience points that were awarded to the assurer
235 */
236 function calc_assurances(&$row, &$sum_points, &$sum_experience)
237 {
238 $row['calc_awarded'] = calc_awarded($row);
239 $experience = 0;
240
241 // High point values mean that some of them are experience points
242 if ($row['calc_awarded'] > 100)
243 {
244 $experience = $row['calc_awarded'] - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
245 $row['calc_awarded'] = 100;
246 }
247
248 switch ($row['method'])
249 {
250 case 'Thawte Points Transfer':
251 case 'CT Magazine - Germany':
252 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
253 $experience = 0;
254 $row['deleted'] = THAWTE_REVOCATION_DATETIME;
255 break;
256 }
257
258 // Don't count revoked assurances even if we are displaying them
259 if ($row['deleted'] !== NULL_DATETIME) {
260 $row['experience'] = 0;
261 return;
262 }
263
264 $sum_experience += $experience;
265 $row['experience'] = $experience;
266 $sum_points += $row['calc_awarded'];
267 }
268
269 /**
270 * Generate a link to the support engineer page for the user with the name
271 * of the user as link text
272 * @param array $user - associative array containing the data from the
273 * `user` table
274 * @return string
275 */
276 function show_user_link($user)
277 {
278 $name = trim($user['fname'].' '.$user['lname']);
279 $userid = intval($user['id']);
280
281 if($name == "")
282 {
283 if ($userid == 0) {
284 $name = _("System");
285 } else {
286 $name = _("Deleted account");
287 }
288 }
289 else
290 {
291 $name = "<a href='wot.php?id=9&amp;userid=".$userid."'>".sanitizeHTML($name)."</a>";
292 }
293
294 return $name;
295 }
296
297 /**
298 * Generate a link to the support engineer page for the user with the email
299 * address as link text
300 * @param array $user - associative array containing the data from the
301 * `user` table
302 * @return string
303 */
304 function show_email_link($user)
305 {
306 $email = trim($user['email']);
307 if($email != "") {
308 $email = "<a href='account.php?id=43&amp;userid=".intval($user['id'])."'>".sanitizeHTML($email)."</a>";
309 }
310 return $email;
311 }
312
313 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
314 {
315 $num_of_assurances = get_number_of_assurances (intval($userid));
316 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
317 }
318
319 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
320 {
321 $num_of_assurees = get_number_of_assurees (intval($userid));
322 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
323 }
324
325
326 // ************* html table definitions ******************
327
328 function output_ranking($userid)
329 {
330 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
331 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
332
333 ?>
334 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
335 <tr>
336 <td class="title"><?php echo _("Assurer Ranking")?></td>
337 </tr>
338 <tr>
339 <td class="DataTD"><?php echo sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
340 </tr>
341 <tr>
342 <td class="DataTD"><?php echo sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
343 </tr>
344 </table>
345 <br/>
346 <?php }
347
348 /**
349 * Render header for the assurance table (same for given/received)
350 * @param string $title - The title for the table
351 * @param int $support - set to 1 if the output is for the support interface
352 * @param int $log - if set to 1 also includes deleted assurances
353 */
354 function output_assurances_header($title, $support, $log)
355 {
356 if ($support == 1) {
357 $log = 1;
358 }
359
360 $colspan = 7;
361 if ($support == 1) {
362 $colspan += 2;
363 }
364 if ($log == 1) {
365 $colspan += 1;
366 }
367 ?>
368 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
369 <tr>
370 <td colspan="<?php echo $colspan?>" class="title"><?php echo $title?></td>
371 </tr>
372 <tr>
373 <td class="DataTD"><strong><?php echo _("ID")?></strong></td>
374 <td class="DataTD"><strong><?php echo _("Date")?></strong></td>
375 <?php if ($support == 1)
376 {
377 ?>
378 <td class="DataTD"><strong><?php echo _("When")?></strong></td>
379 <td class="DataTD"><strong><?php echo _("Email")?></strong></td>
380 <?php }
381 ?>
382 <td class="DataTD"><strong><?php echo _("Who")?></strong></td>
383 <td class="DataTD"><strong><?php echo _("Points")?></strong></td>
384 <td class="DataTD"><strong><?php echo _("Location")?></strong></td>
385 <td class="DataTD"><strong><?php echo _("Method")?></strong></td>
386 <td class="DataTD"><strong><?php echo _("Experience Points")?></strong></td>
387 <?php if ($log == 1)
388 {
389 ?>
390 <td class="DataTD"><strong><?php echo _("Revoked")?></strong></td>
391 <?php }
392 ?>
393 </tr>
394 <?php }
395
396 /**
397 * Render footer for the assurance table (same for given/received)
398 * @param string $points_txt - Description for sum of assurance points
399 * @param int $sumpoints - sum of assurance points
400 * @param string $experience_txt - Description for sum of experience points
401 * @param int $sumexperience - sum of experience points
402 * @param int $support - set to 1 if the output is for the support interface
403 * @param int $log - if set to 1 also includes deleted assurances
404 */
405 function output_assurances_footer(
406 $points_txt,
407 $sumpoints,
408 $experience_txt,
409 $sumexperience,
410 $support,
411 $log)
412 {
413 ?>
414 <tr>
415 <td colspan="<?php echo ($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?php echo $points_txt?>:</strong></td>
416 <td class="DataTD"><?php echo intval($sumpoints)?></td>
417 <td class="DataTD">&nbsp;</td>
418 <td class="DataTD"><strong><?php echo $experience_txt?>:</strong></td>
419 <td class="DataTD"><?php echo intval($sumexperience)?></td>
420 <?php if ($log == 1)
421 {
422 ?>
423 <td class="DataTD">&nbsp;</td>
424 <?php }
425 ?>
426 </tr>
427 </table>
428 <br/>
429 <?php }
430
431 /**
432 * Render an assurance for a view
433 * @param array $assurance - associative array containing the data from the `notary` table
434 * @param int $userid - Id of the user whichs given/received assurances are displayed
435 * @param array $other_user - associative array containing the other users data from the `users` table
436 * @param int $support - set to 1 if the output is for the support interface
437 * @param string $ticketno - ticket number currently set in the support interface
438 * @param int $log - if set to 1 also includes deleted assurances
439 */
440 function output_assurances_row(
441 $assurance,
442 $userid,
443 $other_user,
444 $support,
445 $ticketno,
446 $log)
447 {
448 $assuranceid = intval($assurance['id']);
449 $date = $assurance['date'];
450 $when = $assurance['when'];
451 $awarded = intval($assurance['calc_awarded']);
452 $points = intval($assurance['points']);
453 $location = $assurance['location'];
454 $method = $assurance['method'] ? _($assurance['method']) : '';
455 $experience = intval($assurance['experience']);
456 $revoked = $assurance['deleted'] !== NULL_DATETIME;
457
458 $email = show_email_link($other_user);
459 $name = show_user_link($other_user);
460
461 if ($support == 1) {
462 $log = 1;
463 }
464
465 $tdstyle="";
466 $emopen="";
467 $emclose="";
468
469 if ($awarded == $points)
470 {
471 if ($awarded == 0)
472 {
473 if ($when < "2006-09-01")
474 {
475 $tdstyle="style='background-color: #ffff80'";
476 $emopen="<em>";
477 $emclose="</em>";
478 }
479 }
480 }
481 ?>
482 <tr>
483 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $assuranceid?><?php echo $emclose?></td>
484 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $date?><?php echo $emclose?></td>
485 <?php if ($support == 1)
486 {
487 ?>
488 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $when?><?php echo $emclose?></td>
489 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $email?><?php echo $emclose?></td>
490 <?php }
491 ?>
492 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $name?><?php echo $emclose?></td>
493 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?php echo $emclose?></td>
494 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo sanitizeHTML($location)?><?php echo $emclose?></td>
495 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $method?><?php echo $emclose?></td>
496 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $experience?$experience:'&nbsp;'?><?php echo $emclose?></td>
497 <?php if ($log == 1)
498 {
499 if ($revoked == true)
500 {
501 ?>
502 <td class="DataTD" <?php echo $tdstyle?>><?php echo $assurance['deleted']?></td>
503 <?php } elseif ($support == 1) {
504 ?>
505 <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><a href="account.php?id=43&amp;userid=<?php echo intval($userid)?>&amp;assurance=<?php echo intval($assuranceid)?>&amp;csrf=<?php echo make_csrf('admdelassurance')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>" onclick="return confirm('<?php echo sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?php echo _("Revoke")?></a><?php echo $emclose?></td>
506 <?php } else {
507 ?>
508 <td class="DataTD" <?php echo $tdstyle?>>&nbsp;</td>
509 <?php }
510 }
511 ?>
512 </tr>
513 <?php }
514
515 function output_summary_header()
516 {
517 ?>
518 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
519 <tr>
520 <td colspan="4" class="title"><?php echo _("Summary of your Points")?></td>
521 </tr>
522 <tr>
523 <td class="DataTD"><strong><?php echo _("Description")?></strong></td>
524 <td class="DataTD"><strong><?php echo _("Points")?></strong></td>
525 <td class="DataTD"><strong><?php echo _("Countable Points")?></strong></td>
526 <td class="DataTD"><strong><?php echo _("Remark")?></strong></td>
527 </tr>
528 <?php }
529
530 function output_summary_footer()
531 {
532 ?>
533 </table>
534 <br/>
535 <?php }
536
537 function output_summary_row($title,$points,$points_countable,$remark)
538 {
539 ?>
540 <tr>
541 <td class="DataTD"><strong><?php echo $title?></strong></td>
542 <td class="DataTD"><?php echo $points?></td>
543 <td class="DataTD"><?php echo $points_countable?></td>
544 <td class="DataTD"><?php echo $remark?></td>
545 </tr>
546 <?php }
547
548
549 // ************* output given assurances ******************
550
551 /**
552 * Helper function to render assurances given by the user
553 * @param int $userid
554 * @param int& $sum_points - [out] sum of given points
555 * @param int& $sum_experience - [out] sum of experience points gained
556 * @param int $support - set to 1 if the output is for the support interface
557 * @param string $ticketno - the ticket number set in the support interface
558 * @param int $log - if set to 1 also includes deleted assurances
559 */
560 function output_given_assurances_content(
561 $userid,
562 &$sum_points,
563 &$sum_experience,
564 $support,
565 $ticketno,
566 $log)
567 {
568 $sum_points = 0;
569 $sumexperience = 0;
570 $res = get_given_assurances(intval($userid), $log);
571 while($row = mysql_fetch_assoc($res))
572 {
573 $assuree = get_user(intval($row['to']));
574 calc_experience($row, $sum_points, $sum_experience);
575 output_assurances_row($row, $userid, $assuree, $support, $ticketno, $log);
576 }
577 }
578
579 // ************* output received assurances ******************
580
581 /**
582 * Helper function to render assurances received by the user
583 * @param int $userid
584 * @param int& $sum_points - [out] sum of received points
585 * @param int& $sum_experience - [out] sum of experience points the assurers gained
586 * @param int $support - set to 1 if the output is for the support interface
587 * @param string $ticketno - the ticket number set in the support interface
588 * @param int $log - if set to 1 also includes deleted assurances
589 */
590 function output_received_assurances_content(
591 $userid,
592 &$sum_points,
593 &$sum_experience,
594 $support,
595 $ticketno,
596 $log)
597 {
598 $sum_points = 0;
599 $sumexperience = 0;
600 $res = get_received_assurances(intval($userid), $log);
601 while($row = mysql_fetch_assoc($res))
602 {
603 $fromuser = get_user(intval($row['from']));
604 calc_assurances($row, $sum_points, $sum_experience);
605 output_assurances_row($row, $userid, $fromuser, $support, $ticketno, $log);
606 }
607 }
608
609 // ************* output summary table ******************
610
611 function check_date_limit ($userid,$age)
612 {
613 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
614 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
615 return intval(query_get_number_of_rows($res));
616 }
617
618 function max_points($userid)
619 {
620 return output_summary_content ($userid,0);
621 }
622
623 function output_summary_content($userid,$display_output)
624 {
625 $sum_points = 0;
626 $sum_experience = 0;
627 $sum_experience_other = 0;
628 $max_points = 100;
629 $max_experience = 50;
630
631 $experience_limit_reached_txt = _("Limit reached");
632
633 if (check_date_limit($userid,18) != 1)
634 {
635 $max_experience = 10;
636 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
637 }
638 if (check_date_limit($userid,14) != 1)
639 {
640 $max_experience = 0;
641 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
642 }
643
644 $res = get_received_assurances_summary($userid);
645 while($row = mysql_fetch_assoc($res))
646 {
647 $points = calc_awarded($row);
648
649 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
650 {
651 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
652 $points = $max_points;
653 }
654 $sum_points += $points*intval($row['number']);
655 }
656
657 $res = get_given_assurances_summary($userid);
658 while($row = mysql_fetch_assoc($res))
659 {
660 switch ($row['method'])
661 {
662 case 'Face to Face Meeting': // count Face to Face only
663 $sum_experience += 2*intval($row['number']);
664 break;
665 }
666
667 }
668
669 if ($sum_points > $max_points)
670 {
671 $sum_points_countable = $max_points;
672 $remark_points = _("Limit reached");
673 }
674 else
675 {
676 $sum_points_countable = $sum_points;
677 $remark_points = "&nbsp;";
678 }
679 if ($sum_experience > $max_experience)
680 {
681 $sum_experience_countable = $max_experience;
682 $remark_experience = $experience_limit_reached_txt;
683 }
684 else
685 {
686 $sum_experience_countable = $sum_experience;
687 $remark_experience = "&nbsp;";
688 }
689
690 if ($sum_experience_countable + $sum_experience_other > $max_experience)
691 {
692 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
693 $remark_experience_other = $experience_limit_reached_txt;
694 }
695 else
696 {
697 $sum_experience_other_countable = $sum_experience_other;
698 $remark_experience_other = "&nbsp;";
699 }
700
701 if ($sum_points_countable < $max_points)
702 {
703 if ($sum_experience_countable != 0)
704 $remark_experience = _("Points on hold due to less assurance points");
705 $sum_experience_countable = 0;
706 if ($sum_experience_other_countable != 0)
707 $remark_experience_other = _("Points on hold due to less assurance points");
708 $sum_experience_other_countable = 0;
709 }
710
711 $issue_points = 0;
712 $cats_test_passed = get_cats_state ($userid);
713 if ($cats_test_passed == 0)
714 {
715 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
716 if ($sum_points_countable < $max_points)
717 {
718 $issue_points_txt = "<strong style='color: red'>";
719 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
720 $issue_points_txt .= "</strong>";
721 }
722 }
723 else
724 {
725 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
726 $issue_points_txt = "";
727 if ($sum_points_countable == $max_points)
728 $issue_points = 10;
729 if ($experience_total >= 10)
730 $issue_points = 15;
731 if ($experience_total >= 20)
732 $issue_points = 20;
733 if ($experience_total >= 30)
734 $issue_points = 25;
735 if ($experience_total >= 40)
736 $issue_points = 30;
737 if ($experience_total >= 50)
738 $issue_points = 35;
739 if ($issue_points != 0)
740 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
741 }
742 if ($display_output)
743 {
744 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
745 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
746 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
747 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
748 }
749 return $issue_points;
750 }
751
752 /**
753 * Render assurances given by the user
754 * @param int $userid
755 * @param int $support - set to 1 if the output is for the support interface
756 * @param string $ticketno - the ticket number set in the support interface
757 * @param int $log - if set to 1 also includes deleted assurances
758 */
759 function output_given_assurances($userid, $support=0, $ticketno='', $log=0)
760 {
761 output_assurances_header(
762 _("Assurance Points You Issued"),
763 $support,
764 $log);
765
766 output_given_assurances_content(
767 $userid,
768 $sum_points,
769 $sum_experience,
770 $support,
771 $ticketno,
772 $log);
773
774 output_assurances_footer(
775 _("Total Points Issued"),
776 $sum_points,
777 _("Total Experience Points"),
778 $sum_experience,
779 $support,
780 $log);
781 }
782
783 /**
784 * Render assurances received by the user
785 * @param int $userid
786 * @param int $support - set to 1 if the output is for the support interface
787 * @param string $ticketno - the ticket number set in the support interface
788 * @param int $log - if set to 1 also includes deleted assurances
789 */
790 function output_received_assurances($userid, $support=0, $ticketno='', $log=0)
791 {
792 output_assurances_header(
793 _("Assurance Points You Received"),
794 $support,
795 $log);
796
797 output_received_assurances_content(
798 $userid,
799 $sum_points,
800 $sum_experience,
801 $support,
802 $ticketno,
803 $log);
804
805 output_assurances_footer(
806 _("Total Points Received"),
807 $sum_points,
808 _("Total Experience Points"),
809 $sum_experience,
810 $support,
811 $log);
812 }
813
814 function output_summary($userid)
815 {
816 output_summary_header();
817 output_summary_content($userid,1);
818 output_summary_footer();
819 }
820
821 function output_end_of_page()
822 {
823 ?>
824 <p>[ <a href='javascript:history.go(-1)'><?php echo _("Go Back")?></a> ]</p>
825 <?php }
826
827 //functions to do with recording user agreements
828 /**
829 * write_user_agreement()
830 * writes a new record to the table user_agreement
831 *
832 * @param mixed $memid
833 * @param mixed $document
834 * @param mixed $method
835 * @param mixed $comment
836 * @param integer $active
837 * @param integer $secmemid
838 * @return
839 */
840 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
841 // write a new record to the table user_agreement
842 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
843 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
844 $res = mysql_query($query);
845 }
846
847 /**
848 * get_user_agreement_status()
849 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
850 * @param mixed $memid
851 * @param string $type
852 * @return
853 */
854 function get_user_agreement_status($memid, $type="CCA"){
855 $query="SELECT u.`document` FROM `user_agreements` u
856 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
857 $res = mysql_query($query);
858 if(mysql_num_rows($res) <=0){
859 return 0;
860 }else{
861 return 1;
862 }
863 }
864
865 /**
866 * Get the first user_agreement entry of the requested type
867 * @param int $memid
868 * @param string $type - the type of user agreement, by default all
869 * agreements are listed
870 * @param int $active - whether to get active or passive agreements:
871 * 0 := passive
872 * 1 := active
873 * null := both
874 * @return array(string=>mixed) - an associative array containing
875 * 'document', 'date', 'method', 'comment', 'active'
876 */
877 function get_first_user_agreement($memid, $type=null, $active=null){
878 $filter = '';
879 if (!is_null($type)) {
880 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
881 }
882
883 if (!is_null($active)) {
884 $filter .= " AND u.`active` = ".intval($active);
885 }
886
887 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
888 WHERE u.`memid`=".intval($memid)."
889 $filter
890 ORDER BY u.`date` LIMIT 1";
891 $res = mysql_query($query);
892 if(mysql_num_rows($res) >0){
893 $rec = mysql_fetch_assoc($res);
894 }else{
895 $rec=array();
896 }
897 return $rec;
898 }
899
900 /**
901 * Get the last user_agreement entry of the requested type
902 * @param int $memid
903 * @param string $type - the type of user agreement, by default all
904 * agreements are listed
905 * @param int $active - whether to get active or passive agreements:
906 * 0 := passive,
907 * 1 := active,
908 * null := both
909 * @return array(string=>mixed) - an associative array containing
910 * 'document', 'date', 'method', 'comment', 'active'
911 */
912 function get_last_user_agreement($memid, $type=null, $active=null){
913 $filter = '';
914 if (!is_null($type)) {
915 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
916 }
917
918 if (!is_null($active)) {
919 $filter .= " AND u.`active` = ".intval($active);
920 }
921
922 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
923 WHERE u.`memid`=".intval($memid)."
924 $filter
925 ORDER BY u.`date` DESC LIMIT 1";
926 $res = mysql_query($query);
927 if(mysql_num_rows($res) >0){
928 $rec = mysql_fetch_assoc($res);
929 }else{
930 $rec=array();
931 }
932 return $rec;
933 }
934
935 /**
936 * Get the all user_agreement entries of the requested type
937 * @param int $memid
938 * @param string $type - the type of user agreement, by default all
939 * agreements are listed
940 * @param int $active - whether to get an active or passive agreements:
941 * 0 := passive,
942 * 1 := active,
943 * null := both
944 * @return resource - a mysql result set containing all agreements
945 */
946 function get_user_agreements($memid, $type=null, $active=null){
947 $filter = '';
948 if (!is_null($type)) {
949 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
950 }
951
952 if (!is_null($active)) {
953 $filter .= " AND u.`active` = ".intval($active);
954 }
955
956 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
957 WHERE u.`memid`=".intval($memid)."
958 $filter
959 ORDER BY u.`date`";
960 return mysql_query($query);
961 }
962
963 /**
964 * delete_user_agreement()
965 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
966 * @param mixed $memid
967 * @param string $type
968 * @return
969 */
970 function delete_user_agreement($memid, $type=false){
971 if ($type === false) {
972 $filter = '';
973 } else {
974 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
975 }
976 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
977 }
978
979 // functions for 6.php (assure somebody)
980
981 function AssureHead($confirmation,$checkname)
982 {
983 ?>
984 <form method="post" action="wot.php">
985 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
986 <tr>
987 <td colspan="2" class="title"><?php echo $confirmation?></td>
988 </tr>
989 <tr>
990 <td class="DataTD" colspan="2" align="left"><?php echo $checkname?></td>
991 </tr>
992 <?php }
993
994 function AssureTextLine($field1,$field2)
995 {
996 ?>
997 <tr>
998 <td class="DataTD"><?php echo $field1.(empty($field1)?'':':')?></td>
999 <td class="DataTD"><?php echo $field2?></td>
1000 </tr>
1001 <?php }
1002
1003 function AssureBoxLine($type,$text,$checked)
1004 {
1005 ?>
1006 <tr>
1007 <td class="DataTD"><input type="checkbox" name="<?php echo $type?>" value="1" <?php echo $checked?"checked":""?>></td>
1008 <td class="DataTD"><?php echo $text?></td>
1009 </tr>
1010 <?php }
1011
1012 function AssureMethodLine($text,$methods,$remark)
1013 {
1014 if (count($methods) != 1) {
1015 ?>
1016 <tr>
1017 <td class="DataTD"><?php echo $text.(empty($text)?'':':')?></td>
1018 <td class="DataTD">
1019 <select name="method">
1020 <?php foreach($methods as $val) {
1021 ?>
1022 <option value="<?php echo $val?>"><?php echo $val?></option>
1023 <?php }
1024 ?>
1025 </select>
1026 <br />
1027 <?php echo $remark?>
1028 </td>
1029 </tr>
1030 <?php } else {
1031 ?>
1032 <input type="hidden" name="method" value="<?php echo $methods[0]?>" />
1033 <?php }
1034 }
1035
1036 function AssureInboxLine($type,$field,$value,$description)
1037 {
1038 ?>
1039 <tr>
1040 <td class="DataTD"><?php echo $field.(empty($field)?'':':')?></td>
1041 <td class="DataTD"><input type="text" name="<?php echo $type?>" value="<?php echo $value?>"><?php echo $description?></td>
1042 </tr>
1043 <?php }
1044
1045 function AssureFoot($oldid,$confirm)
1046 {
1047 ?>
1048 <tr>
1049 <td class="DataTD" colspan="2">
1050 <input type="submit" name="process" value="<?php echo $confirm?>" />
1051 <input type="submit" name="cancel" value="<?php echo _("Cancel")?>" />
1052 </td>
1053 </tr>
1054 </table>
1055 <input type="hidden" name="pagehash" value="<?php echo $_SESSION['_config']['wothash']?>" />
1056 <input type="hidden" name="oldid" value="<?php echo $oldid?>" />
1057 </form>
1058 <?php }
1059
1060 function account_email_delete($mailid){
1061 //deletes an email entry from an acount
1062 //revolkes all certifcates for that email address
1063 //called from www/account.php if($process != "" && $oldid == 2)
1064 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
1065 //called from account_delete
1066 $mailid = intval($mailid);
1067 revoke_all_client_cert($mailid);
1068 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
1069 mysql_query($query);
1070 }
1071
1072 function account_domain_delete($domainid){
1073 //deletes an domain entry from an acount
1074 //revolkes all certifcates for that domain address
1075 //called from www/account.php if($process != "" && $oldid == 9)
1076 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
1077 //called from account_delete
1078 $domainid = intval($domainid);
1079 revoke_all_server_cert($domainid);
1080 mysql_query(
1081 "update `domains`
1082 set `deleted`=NOW()
1083 where `id` = '$domainid'");
1084 }
1085
1086 function account_delete($id, $arbno, $adminid){
1087 //deletes an account following the deleted account routnie V3
1088 // called from www/account.php if($oldid == 50 && $process != "")
1089 //change password
1090 $id = intval($id);
1091 $arbno = mysql_real_escape_string($arbno);
1092 $adminid = intval($adminid);
1093 $pool = 'abcdefghijklmnopqrstuvwxyz';
1094 $pool .= '0123456789!()ยง';
1095 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
1096 srand ((double)microtime()*1000000);
1097 $password="";
1098 for($index = 0; $index < 30; $index++)
1099 {
1100 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
1101 }
1102 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
1103
1104 //create new mail for arbitration number
1105 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
1106 mysql_query($query);
1107 $emailid = mysql_insert_id();
1108
1109 //set new mail as default
1110 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
1111 mysql_query($query);
1112
1113 //delete all other email address
1114 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
1115 $res=mysql_query($query);
1116 while($row = mysql_fetch_assoc($res)){
1117 account_email_delete($row['id']);
1118 }
1119
1120 //delete all domains
1121 $query = "select `id` from `domains` where `memid`='".$id."'";
1122 $res=mysql_query($query);
1123 while($row = mysql_fetch_assoc($res)){
1124 account_domain_delete($row['id']);
1125 }
1126
1127 //clear alert settings
1128 mysql_query(
1129 "update `alerts` set
1130 `general`='0',
1131 `country`='0',
1132 `regional`='0',
1133 `radius`='0'
1134 where `memid`='$id'");
1135
1136 //set default location
1137 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1138 mysql_query($query);
1139
1140 //clear listings
1141 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1142 mysql_query($query);
1143
1144 //set lanuage to default
1145 //set default language
1146 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1147 //delete secondary langugaes
1148 mysql_query("delete from `addlang` where `userid`='".$id."'");
1149
1150 //change secret questions
1151 for($i=1;$i<=5;$i++){
1152 $q="";
1153 $a="";
1154 for($index = 0; $index < 30; $index++)
1155 {
1156 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1157 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1158 }
1159 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1160 mysql_query($query);
1161 }
1162
1163 //change personal information to arbitration number and DOB=1900-01-01
1164 $query = "update `users` set `fname`='".$arbno."',
1165 `mname`='".$arbno."',
1166 `lname`='".$arbno."',
1167 `suffix`='".$arbno."',
1168 `dob`='1900-01-01'
1169 where `id`='".$id."'";
1170 mysql_query($query);
1171
1172 //clear all admin and board flags
1173 mysql_query(
1174 "update `users` set
1175 `assurer`='0',
1176 `assurer_blocked`='0',
1177 `codesign`='0',
1178 `orgadmin`='0',
1179 `ttpadmin`='0',
1180 `locadmin`='0',
1181 `admin`='0',
1182 `adadmin`='0',
1183 `tverify`='0',
1184 `board`='0'
1185 where `id`='$id'");
1186
1187 //block account
1188 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1189 }
1190
1191
1192 function check_email_exists($email){
1193 // called from includes/account.php if($process != "" && $oldid == 1)
1194 // called from includes/account.php if($oldid == 50 && $process != "")
1195 $email = mysql_real_escape_string($email);
1196 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1197 $res = mysql_query($query);
1198 return mysql_num_rows($res) > 0;
1199 }
1200
1201 function check_gpg_cert_running($uid,$cca=0){
1202 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1203 // called from includes/account.php if($oldid == 50 && $process != "")
1204 $uid = intval($uid);
1205 if (0==$cca) {
1206 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1207 }else{
1208 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1209 }
1210 $res = mysql_query($query);
1211 return mysql_num_rows($res) > 0;
1212 }
1213
1214 function check_client_cert_running($uid,$cca=0){
1215 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1216 // called from includes/account.php if($oldid == 50 && $process != "")
1217 $uid = intval($uid);
1218 if (0==$cca) {
1219 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1220 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1221 }else{
1222 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1223 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1224 }
1225 $res = mysql_query($query1);
1226 $r1 = mysql_num_rows($res)>0;
1227 $res = mysql_query($query2);
1228 $r2 = mysql_num_rows($res)>0;
1229 return !!($r1 || $r2);
1230 }
1231
1232 function check_server_cert_running($uid,$cca=0){
1233 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1234 // called from includes/account.php if($oldid == 50 && $process != "")
1235 $uid = intval($uid);
1236 if (0==$cca) {
1237 $query1 = "
1238 select 1 from `domaincerts` join `domains`
1239 on `domaincerts`.`domid` = `domains`.`id`
1240 where `domains`.`memid` = '$uid'
1241 and `domaincerts`.`expire` > NOW()
1242 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1243 $query2 = "
1244 select 1 from `domaincerts` join `domains`
1245 on `domaincerts`.`domid` = `domains`.`id`
1246 where `domains`.`memid` = '$uid'
1247 and `revoked`>NOW()";
1248 }else{
1249 $query1 = "
1250 select 1 from `domaincerts` join `domains`
1251 on `domaincerts`.`domid` = `domains`.`id`
1252 where `domains`.`memid` = '$uid'
1253 and `expire`>(NOW()-90*86400)
1254 and `revoked`<`created`";
1255 $query2 = "
1256 select 1 from `domaincerts` join `domains`
1257 on `domaincerts`.`domid` = `domains`.`id`
1258 where `domains`.`memid` = '$uid'
1259 and `revoked`>(NOW()-90*86400)";
1260 }
1261 $res = mysql_query($query1);
1262 $r1 = mysql_num_rows($res)>0;
1263 $res = mysql_query($query2);
1264 $r2 = mysql_num_rows($res)>0;
1265 return !!($r1 || $r2);
1266 }
1267
1268 function check_is_orgadmin($uid){
1269 // called from includes/account.php if($oldid == 50 && $process != "")
1270 $uid = intval($uid);
1271 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1272 $res = mysql_query($query);
1273 return mysql_num_rows($res) > 0;
1274 }
1275
1276
1277 // revokation of certificates
1278 function revoke_all_client_cert($mailid){
1279 //revokes all client certificates for an email address
1280 $mailid = intval($mailid);
1281 $query = "select `emailcerts`.`id`
1282 from `emaillink`,`emailcerts` where
1283 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1284 group by `emailcerts`.`id`";
1285 $dres = mysql_query($query);
1286 while($drow = mysql_fetch_assoc($dres)){
1287 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1288 }
1289 }
1290
1291 function revoke_all_server_cert($domainid){
1292 //revokes all server certs for an domain
1293 $domainid = intval($domainid);
1294 $query =
1295 "select `domaincerts`.`id`
1296 from `domaincerts`
1297 where `domaincerts`.`domid` = '$domainid'
1298 union distinct
1299 select `domaincerts`.`id`
1300 from `domaincerts`, `domlink`
1301 where `domaincerts`.`id` = `domlink`.`certid`
1302 and `domlink`.`domid` = '$domainid'";
1303 $dres = mysql_query($query);
1304 while($drow = mysql_fetch_assoc($dres))
1305 {
1306 mysql_query(
1307 "update `domaincerts`
1308 set `revoked`='1970-01-01 10:00:01'
1309 where `id` = '".$drow['id']."'
1310 and `revoked` = 0");
1311 }
1312 }
1313
1314 function revoke_all_private_cert($uid){
1315 //revokes all certificates linked to a personal accounts
1316 //gpg revokation needs to be added to a later point
1317 $uid=intval($uid);
1318 $query = "select `id` from `email` where `memid`='".$uid."'";
1319 $res=mysql_query($query);
1320 while($row = mysql_fetch_assoc($res)){
1321 revoke_all_client_cert($row['id']);
1322 }
1323
1324
1325 $query = "select `id` from `domains` where `memid`='".$uid."'";
1326 $res=mysql_query($query);
1327 while($row = mysql_fetch_assoc($res)){
1328 revoke_all_server_cert($row['id']);
1329 }
1330 }
1331
1332 /**
1333 * check_date_format()
1334 * checks if the date is entered in the right date format YYYY-MM-DD and
1335 * if the date is after the 1st January of the given year
1336 *
1337 * @param mixed $date
1338 * @param integer $year
1339 * @return
1340 */
1341 function check_date_format($date, $year=2000){
1342 if (!strpos($date,'-')) {
1343 return FALSE;
1344 }
1345 $arr=explode('-',$date);
1346
1347 if ((count($arr)!=3)) {
1348 return FALSE;
1349 }
1350 if (intval($arr[0])<=$year) {
1351 return FALSE;
1352 }
1353 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1354 return FALSE;
1355 }
1356 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1357 return FALSE;
1358 }
1359
1360 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1361
1362 }
1363
1364 /**
1365 * check_date_difference()
1366 * returns false if the date is larger then today + time diffrence
1367 *
1368 * @param mixed $date
1369 * @param integer $diff
1370 * @return
1371 */
1372 function check_date_difference($date, $diff=1){
1373 return (strtotime($date)<=time()+$diff*86400);
1374 }
1375
1376 /**
1377 * Write some information to the adminlog
1378 *
1379 * @param int $uid - id of the user account
1380 * @param int $adminid - id of the admin
1381 * @param string $type - the operation that was performed on the user account
1382 * @param string $info - the ticket / arbitration number or other information
1383 * @return bool - true := success, false := error
1384 */
1385 function write_se_log($uid, $adminid, $type, $info){
1386 //records all support engineer actions changing a user account
1387 $uid = intval($uid);
1388 $adminid = intval($adminid);
1389 $type = mysql_real_escape_string($type);
1390 $info = mysql_real_escape_string($info);
1391 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1392 (Now(), $uid, $adminid, '$type', '$info')";
1393 return mysql_query($query);
1394 }
1395
1396 /**
1397 * Check if the entered information is a valid ticket or arbitration number
1398 * @param string $ticketno
1399 * @return bool
1400 */
1401 function valid_ticket_number($ticketno){
1402 //a arbitration case
1403 //d dispute action
1404 //s support case
1405 //m board motion
1406 $pattern='/[adsmADSM]\d{8}\.\d+/';
1407 if (preg_match($pattern, $ticketno)) {
1408 return true;
1409 }
1410 return false;
1411 }
1412
1413 // function for handling account/43.php
1414 /**
1415 * Get all data of an account given by the id from the `users` table
1416 * @param int $userid - account id
1417 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1418 * @return resource - a mysql result set
1419 */
1420 function get_user_data($userid, $deleted=0){
1421 $userid = intval($userid);
1422 $filter='';
1423 if (0==$deleted) {
1424 $filter .=' and `users`.`deleted`=0';
1425 }
1426 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1427 return mysql_query($query);
1428 }
1429
1430 /**
1431 * Get the alert settings for a user
1432 * @param int $userid for the requested account
1433 * @return array - associative array
1434 */
1435 function get_alerts($userid){
1436 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1437 }
1438
1439 /**
1440 * Get all email addresses linked to the account
1441 * @param int $userid
1442 * @param string $exclude - if given the email address will be excluded
1443 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1444 * @return resource - a mysql result set
1445 */
1446 function get_email_addresses($userid, $exclude, $deleted=0){
1447 //should be entered in account/2.php
1448 $userid = intval($userid);
1449 $filter='';
1450 if (0==$deleted) {
1451 $filter .= ' and `deleted`=0';
1452 }
1453 if ($exclude) {
1454 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1455 }
1456 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1457 return mysql_query($query);
1458 }
1459
1460 /**
1461 * Get all domains linked to the account
1462 * @param int $userid
1463 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1464 * @return resource - a mysql result set
1465 */
1466 function get_domains($userid, $deleted=0){
1467 //should be entered in account/9.php
1468 $userid = intval($userid);
1469 $filter='';
1470 if (0==$deleted) {
1471 $filter .= ' and `deleted`=0';
1472 }
1473 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1474 return mysql_query($query);
1475 }
1476
1477 /**
1478 * Get all training results for the account
1479 * @param int $userid
1480 * @return resource - a mysql result set
1481 */
1482 function get_training_results($userid){
1483 //should be entered in account/55.php
1484 $userid = intval($userid);
1485 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1486 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1487 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1488 " ORDER BY `CP`.`pass_date`";
1489 return mysql_query($query);
1490 }
1491
1492 /**
1493 * Get all SE log entries for the account
1494 * @param int $userid
1495 * @return resource - a mysql result set
1496 */
1497 function get_se_log($userid){
1498 $userid = intval($userid);
1499 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1500 FROM `adminlog`, `users`
1501 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1502 ORDER BY `adminlog`.`when`";
1503 return mysql_query($query);
1504 }
1505
1506 /**
1507 * Get all client certificates linked to the account
1508 * @param int $userid
1509 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1510 * @return resource - a mysql result set
1511 */
1512 function get_client_certs($userid, $viewall=0){
1513 //add to account/5.php
1514 $userid = intval($userid);
1515 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1516 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1517 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1518 `emailcerts`.`expire`,
1519 `emailcerts`.`revoked` as `revoke`,
1520 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1521 `emailcerts`.`id`,
1522 `emailcerts`.`CN`,
1523 `emailcerts`.`serial`,
1524 `emailcerts`.`disablelogin`,
1525 `emailcerts`.`description`
1526 from `emailcerts`
1527 where `emailcerts`.`memid`='".$userid."'";
1528 if($viewall == 0)
1529 {
1530 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1531 $query .= " HAVING `timeleft` > 0";
1532 }
1533 $query .= " ORDER BY `emailcerts`.`modified` desc";
1534 return mysql_query($query);
1535 }
1536
1537 /**
1538 * Get all server certs linked to the account
1539 * @param int $userid
1540 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1541 * @return resource - a mysql result set
1542 */
1543 function get_server_certs($userid, $viewall=0){
1544 //add to account/12.php
1545 $userid = intval($userid);
1546 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1547 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1548 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1549 `domaincerts`.`expire`,
1550 `domaincerts`.`revoked` as `revoke`,
1551 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1552 `domaincerts`.`CN`,
1553 `domaincerts`.`serial`,
1554 `domaincerts`.`id`,
1555 `domaincerts`.`description`
1556 from `domaincerts`,`domains`
1557 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1558 if($viewall == 0)
1559 {
1560 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1561 $query .= " HAVING `timeleft` > 0";
1562 }
1563 $query .= " ORDER BY `domaincerts`.`modified` desc";
1564 return mysql_query($query);
1565 }
1566
1567 /**
1568 * Get all gpg certs linked to the account
1569 * @param int $userid
1570 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1571 * @return resource - a mysql result set
1572 */
1573 function get_gpg_certs($userid, $viewall=0){
1574 //add to gpg/2.php
1575 $userid = intval($userid);
1576 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1577 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1578 UNIX_TIMESTAMP(`expire`) as `expired`,
1579 `expire`, `id`, `level`, `email`, `keyid`, `description`
1580 from `gpg` where `memid`='".$userid."'";
1581 if ($viewall == 0) {
1582 $query .= " HAVING `timeleft` > 0";
1583 }
1584 $query .= " ORDER BY `issued` desc";
1585 return mysql_query($query);
1586 }
1587
1588
1589
1590 /**
1591 * Show the table header to the email table for the admin log
1592 */
1593 function output_log_email_header(){
1594 ?>
1595 <tr>
1596 <td class="DataTD bold"><?php echo _("Email, primary bold") ?></td>
1597 <td class="DataTD bold"><?php echo _("Created") ?></td>
1598 <td class="DataTD bold"><?php echo _("Deleted") ?></td>
1599 </tr>
1600
1601 <?php }
1602 /**
1603 * Show all email data for the admin log
1604 * @param array $row - associative array containing the column data
1605 * @param string $primary - if given the primary address is highlighted
1606 */
1607 function output_log_email($row, $primary){
1608 $style = '';
1609 if ($row['deleted'] !== NULL_DATETIME) {
1610 $style = ' deletedemailaddress';
1611 } elseif ($primary == $row['email']) {
1612 $style = ' primaryemailaddress';
1613 }
1614 ?>
1615 <tr>
1616 <td class="DataTD<?php echo $style?>"><?php echo $row['email']?></td>
1617 <td class="DataTD<?php echo $style?>"><?php echo $row['created']?></td>
1618 <td class="DataTD<?php echo $style?>"><?php echo $row['deleted']?></td>
1619 </tr>
1620 <?php }
1621
1622 /**
1623 * Show the table header to the domains table for the admin log
1624 */
1625 function output_log_domains_header(){
1626 ?>
1627 <tr>
1628 <td class="DataTD bold"><?php echo _("Domain") ?></td>
1629 <td class="DataTD bold"><?php echo _("Created") ?></td>
1630 <td class="DataTD bold"><?php echo _("Deleted") ?></td>
1631 </tr>
1632
1633 <?php }
1634
1635 /**
1636 * Show the domain data for the admin log
1637 * @param array $row - associative array containing the column data
1638 */
1639 function output_log_domains($row){
1640 $italic='';
1641 if ($row['deleted'] !== NULL_DATETIME) {
1642 $italic=' italic';
1643 }
1644 ?>
1645 <tr>
1646 <td class="DataTD<?php echo $italic?>"><?php echo $row['domain']?></td>
1647 <td class="DataTD<?php echo $italic?>"><?php echo $row['created']?></td>
1648 <td class="DataTD<?php echo $italic?>"><?php echo $row['deleted']?></td>
1649 </tr>
1650 <?php }
1651
1652 /**
1653 * Show the table header to the user agreement table for the admin log
1654 */
1655 function output_log_agreement_header(){
1656 ?>
1657 <tr>
1658 <td class="DataTD bold"><?php echo _("Agreement") ?></td>
1659 <td class="DataTD bold"><?php echo _("Date") ?></td>
1660 <td class="DataTD bold"><?php echo _("Method") ?></td>
1661 <td class="DataTD bold"><?php echo _("Active ") ?></td>
1662 </tr>
1663 <?php }
1664
1665 /**
1666 * Show the agreement data for the admin log
1667 * @param array $row - associative array containing the column data
1668 */
1669 function output_log_agreement($row){
1670 ?>
1671 <tr>
1672 <td class="DataTD" ><?php echo $row['document']?></td>
1673 <td class="DataTD" ><?php echo $row['date']?></td>
1674 <td class="DataTD" ><?php echo $row['method']?></td>
1675 <td class="DataTD"><?php echo ($row['active']==0)? _('passive'):_('active')?></td>
1676 </tr>
1677 <?php }
1678
1679 /**
1680 * Show the table header to the training table
1681 */
1682 function output_log_training_header(){
1683 //should be entered in account/55.php
1684 ?>
1685 <tr>
1686 <td class="DataTD bold"><?php echo _("Agreement") ?></td>
1687 <td class="DataTD bold"><?php echo _("Test") ?></td>
1688 <td class="DataTD bold"><?php echo _("Variant") ?></td>
1689 </tr>
1690 <?php }
1691
1692 /**
1693 * Show the training data
1694 * @param array $row - associative array containing the column data
1695 */
1696 function output_log_training($row){
1697 //should be entered in account/55.php
1698 ?>
1699 <tr>
1700 <td class="DataTD"><?php echo $row['pass_date']?></td>
1701 <td class="DataTD"><?php echo $row['type_text']?></td>
1702 <td class="DataTD"><?php echo $row['test_text']?></td>
1703 </tr>
1704 <?php }
1705
1706 /**
1707 * Show the table header to the SE log table for the admin log
1708 * @param int $support - if support = 1 more information is visible
1709 */
1710 function output_log_se_header($support=0){
1711 ?>
1712 <tr>
1713 <td class="DataTD bold"><?php echo _("Date") ?></td>
1714 <td class="DataTD bold"><?php echo _("Type") ?></td>
1715 <?php if (1 == $support) {
1716 ?>
1717 <td class="DataTD bold"><?php echo _("Information") ?></td>
1718 <td class="DataTD bold"><?php echo _("Admin") ?></td>
1719 <?php }
1720 ?>
1721 </tr>
1722 <?php }
1723
1724 /**
1725 * Show the SE log data for the admin log
1726 * @param array $row - associative array containing the column data
1727 * @param int $support - if support = 1 more information is visible
1728 */
1729 function output_log_se($row, $support=0){
1730 //should be entered in account/55.php
1731 ?>
1732 <tr>
1733 <td class="DataTD"><?php echo $row['when']?></td>
1734 <td class="DataTD"><?php echo $row['type']?></td>
1735 <?php if (1 == $support) {
1736 ?>
1737 <td class="DataTD"><?php echo $row['information']?></td>
1738 <td class="DataTD"><?php echo $row['fname'].' '.$row['lname']?></td>
1739 <?php }
1740 ?>
1741 </tr>
1742 <?php }
1743
1744 /**
1745 * Shows the table header to the client cert table
1746 * @param int $support - if support = 1 some columns ar not visible
1747 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1748 */
1749 function output_client_cert_header($support=0, $readonly=true){
1750 //should be added to account/5.php
1751 ?>
1752 <tr>
1753 <?php if (!$readonly) {
1754 ?>
1755 <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
1756 <?php }
1757 ?>
1758 <td class="DataTD"><?php echo _("Status")?></td>
1759 <td class="DataTD"><?php echo _("Email Address")?></td>
1760 <td class="DataTD"><?php echo _("SerialNumber")?></td>
1761 <td class="DataTD"><?php echo _("Revoked")?></td>
1762 <td class="DataTD"><?php echo _("Expires")?></td>
1763 <td class="DataTD"><?php echo _("Login")?></td>
1764 <?php if (1 != $support) {
1765 ?>
1766 <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
1767 <?php }
1768 ?>
1769 </tr>
1770 <?php }
1771
1772 /**
1773 * Show the client cert data
1774 * @param array $row - associative array containing the column data
1775 * @param int $support - if support = 1 some columns are not visible
1776 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1777 */
1778 function output_client_cert($row, $support=0, $readonly=true){
1779 //should be entered in account/5.php
1780 $verified="";
1781 if ($row['timeleft'] > 0) {
1782 $verified = _("Valid");
1783 } else {
1784 $verified = _("Expired");
1785 }
1786
1787 if ($row['expired'] == 0) {
1788 $verified = _("Pending");
1789 }
1790
1791 if ($row['revoked'] == 0) {
1792 $row['revoke'] = _("Not Revoked");
1793 } else {
1794 $verified = _("Revoked");
1795 }
1796
1797 ?>
1798 <tr>
1799 <?php if (!$readonly) {
1800 if ($verified === _("Pending")) {
1801 ?>
1802 <td class="DataTD">
1803 <input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>">
1804 </td>
1805 <?php
1806 } elseif ($verified === _("Revoked")) {
1807 ?>
1808 <td class="DataTD">&nbsp;</td>
1809 <?php
1810 } else {
1811 ?>
1812 <td class="DataTD">
1813 <input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>">
1814 </td>
1815 <?php }
1816 }
1817
1818 ?>
1819 <td class="DataTD"><?php echo $verified?></td>
1820 <?php
1821 if ($verified === _("Pending")) {
1822 ?>
1823 <td class="DataTD"><?php echo (trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
1824 <?php } else {
1825 ?>
1826 <td class="DataTD">
1827 <a href="account.php?id=6&amp;cert=<?php echo intval($row['id'])?>">
1828 <?php echo (trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
1829 </a>
1830 </td>
1831 <?php }
1832
1833 ?>
1834 <td class="DataTD"><?php echo $row['serial']?></td>
1835 <td class="DataTD"><?php echo $row['revoke']?></td>
1836 <td class="DataTD"><?php echo $row['expire']?></td>
1837 <td class="DataTD">
1838 <input type="checkbox" name="disablelogin_<?php echo intval($row['id'])?>" value="1" <?php echo $row['disablelogin']?"":"checked='checked'"?> <?php echo $readonly?'disabled="disabled"':''?>/>
1839 <input type="hidden" name="cert_<?php echo intval($row['id'])?>" value="1" />
1840 </td>
1841 <?php
1842 if (1 != $support) {
1843 ?>
1844 <td class="DataTD">
1845 <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
1846 </td>
1847 <?php if (!$readonly) {
1848 ?>
1849 <td class="DataTD">
1850 <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
1851 </td>
1852 <?php }
1853 }
1854
1855 ?>
1856 </tr>
1857 <?php }
1858
1859 /**
1860 * Show the table header to the server cert table
1861 * @param int $support - if support = 1 some columns ar not visible
1862 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1863 */
1864 function output_server_certs_header($support=0, $readonly=true){
1865 //should be entered in account/12.php
1866 ?>
1867 <tr>
1868 <?php if (!$readonly) {
1869 ?>
1870 <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
1871 <?php }
1872 ?>
1873 <td class="DataTD"><?php echo _("Status")?></td>
1874 <td class="DataTD"><?php echo _("CommonName")?></td>
1875 <td class="DataTD"><?php echo _("SerialNumber")?></td>
1876 <td class="DataTD"><?php echo _("Revoked")?></td>
1877 <td class="DataTD"><?php echo _("Expires")?></td>
1878 <?php if (1 != $support) {
1879 ?>
1880 <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
1881 <?php }
1882 ?>
1883 </tr>
1884 <?php }
1885
1886 /**
1887 * Show the server cert data
1888 * @param array $row - associative array containing the column data
1889 * @param int $support - if support = 1 some columns are not visible
1890 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1891 */
1892 function output_server_certs($row, $support=0, $readonly=true){
1893 //should be entered in account/12.php
1894 $verified="";
1895 if ($row['timeleft'] > 0) {
1896 $verified = _("Valid");
1897 } else {
1898 $verified = _("Expired");
1899 }
1900
1901 if ($row['expired'] == 0) {
1902 $verified = _("Pending");
1903 }
1904
1905 if ($row['revoked'] == 0) {
1906 $row['revoke'] = _("Not Revoked");
1907 } else {
1908 $verified = _("Revoked");
1909 }
1910
1911 ?>
1912 <tr>
1913 <?php if (!$readonly) {
1914 if ($verified === _("Pending")) {
1915 ?>
1916 <td class="DataTD">
1917 <input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>"/>
1918 </td>
1919 <?php } elseif($verified === _("Revoked")) {
1920 ?>
1921 <td class="DataTD">&nbsp;</td>
1922 <?php } else {
1923 ?>
1924 <td class="DataTD">
1925 <input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>"/>
1926 </td>
1927 <?php }
1928 }
1929
1930 ?>
1931 <td class="DataTD"><?php echo $verified?></td>
1932 <?php
1933 if ($verified === _("Pending")) {
1934 ?>
1935 <td class="DataTD"><?php echo htmlspecialchars($row['CN'])?></td>
1936 <?php } else {
1937 ?>
1938 <td class="DataTD">
1939 <a href="account.php?id=15&amp;cert=<?php echo intval($row['id'])?>">
1940 <?php echo htmlspecialchars($row['CN'])?>
1941 </a>
1942 </td>
1943 <?php }
1944
1945 ?>
1946 <td class="DataTD"><?php echo $row['serial']?></td>
1947 <td class="DataTD"><?php echo $row['revoke']?></td>
1948 <td class="DataTD"><?php echo $row['expire']?></td>
1949 <?php
1950 if (1 != $support) {
1951 ?>
1952 <td class="DataTD">
1953 <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
1954 </td>
1955 <?php if (!$readonly) {
1956 ?>
1957 <td class="DataTD">
1958 <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
1959 </td>
1960 <?php }
1961 }
1962
1963 ?>
1964 </tr>
1965 <?php }
1966
1967 /**
1968 * Show the table header to the gpg cert table
1969 * @param int $support - if support = 1 some columns ar not visible
1970 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1971 */
1972 function output_gpg_certs_header($support=0, $readonly=true){
1973 // $readonly is currently ignored but kept for consistency
1974 ?>
1975 <tr>
1976 <td class="DataTD"><?php echo _("Status")?></td>
1977 <td class="DataTD"><?php echo _("Email Address")?></td>
1978 <td class="DataTD"><?php echo _("Expires")?></td>
1979 <td class="DataTD"><?php echo _("Key ID")?></td>
1980 <?php if (1 != $support) {
1981 ?>
1982 <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
1983 <?php }
1984 ?>
1985 </tr>
1986 <?php }
1987
1988 /**
1989 * Show the gpg cert data
1990 * @param array $row - associative array containing the column data
1991 * @param int $support - if support = 1 some columns are not visible
1992 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1993 */
1994 function output_gpg_certs($row, $support=0, $readonly=true){
1995 //should be entered in account/55.php
1996 $verified="";
1997 if ($row['timeleft'] > 0) {
1998 $verified = _("Valid");
1999 } else {
2000 $verified = _("Expired");
2001 }
2002
2003 if ($row['expired'] == 0) {
2004 $verified = _("Pending");
2005 }
2006
2007 ?>
2008 <tr>
2009 <td class="DataTD"><?php echo $verified?></td>
2010 <?php
2011 if($verified == _("Pending")) {
2012 ?>
2013 <td class="DataTD"><?php echo htmlspecialchars($row['email'])?></td>
2014 <?php } else {
2015 ?>
2016 <td class="DataTD">
2017 <a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>">
2018 <?php echo htmlspecialchars($row['email'])?>
2019 </a>
2020 </td>
2021 <?php }
2022
2023 ?>
2024 <td class="DataTD"><?php echo $row['expire']?></td>
2025 <?php
2026 if($verified == _("Pending")) {
2027 ?>
2028 <td class="DataTD"><?php echo htmlspecialchars($row['keyid'])?></td>
2029 <?php } else {
2030 ?>
2031 <td class="DataTD">
2032 <a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>">
2033 <?php echo htmlspecialchars($row['keyid'])?>
2034 </a>
2035 </td>
2036 <?php }
2037
2038 if (1 != $support) {
2039 ?>
2040 <td class="DataTD">
2041 <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
2042 </td>
2043 <?php if (!$readonly) {
2044 ?>
2045 <td class="DataTD">
2046 <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
2047 </td>
2048 <?php }
2049 }
2050
2051 ?>
2052 </tr>
2053 <?php }