bug 1138: Use blocks in if clauses and make logic explicit
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 define('NULL_DATETIME', '0000-00-00 00:00:00');
20
21 function query_init ($query)
22 {
23 return mysql_query($query);
24 }
25
26 function query_getnextrow ($res)
27 {
28 $row1 = mysql_fetch_assoc($res);
29 return $row1;
30 }
31
32 function query_get_number_of_rows ($resultset)
33 {
34 return intval(mysql_num_rows($resultset));
35 }
36
37 function get_number_of_assurances ($userid)
38 {
39 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
40 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `from`='".intval($userid)."' ");
41 $row = query_getnextrow($res);
42
43 return intval($row['list']);
44 }
45
46 function get_number_of_ttpassurances ($userid)
47 {
48 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
49 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `deleted`=0 AND `to`='".intval($userid)."' ");
50 $row = query_getnextrow($res);
51
52 return intval($row['list']);
53 }
54
55 function get_number_of_assurees ($userid)
56 {
57 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
58 WHERE `method` = 'Face to Face Meeting' AND `deleted`=0 AND `to`='".intval($userid)."' ");
59 $row = query_getnextrow($res);
60
61 return intval($row['list']);
62 }
63
64 function get_top_assurer_position ($no_of_assurances)
65 {
66 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
67 WHERE `method` = 'Face to Face Meeting'
68 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
69 return intval(query_get_number_of_rows($res)+1);
70 }
71
72 function get_top_assuree_position ($no_of_assurees)
73 {
74 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
75 WHERE `method` = 'Face to Face Meeting'
76 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
77 return intval(query_get_number_of_rows($res)+1);
78 }
79
80 /**
81 * Get the list of assurances given by the user
82 * @param int $userid - id of the assurer
83 * @param int $log - if set to 1 also includes deleted assurances
84 * @return resource - a MySQL result set
85 */
86 function get_given_assurances($userid, $log=0)
87 {
88 $deleted='';
89 if ($log == 0) {
90 $deleted = ' and `deleted` = 0 ';
91 }
92 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
93 return $res;
94 }
95
96 /**
97 * Get the list of assurances received by the user
98 * @param int $userid - id of the assuree
99 * @param integer $log - if set to 1 also includes deleted assurances
100 * @return resource - a MySQL result set
101 */
102 function get_received_assurances($userid, $log=0)
103 {
104 $deleted='';
105 if ($log == 0) {
106 $deleted = ' and `deleted` = 0 ';
107 }
108 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
109 return $res;
110 }
111
112 function get_given_assurances_summary ($userid)
113 {
114 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
115 return $res;
116 }
117
118 function get_received_assurances_summary ($userid)
119 {
120 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' AND `deleted`=0 group by points,awarded,method");
121 return $res;
122 }
123
124 function get_user ($userid)
125 {
126 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
127 return mysql_fetch_assoc($res);
128 }
129
130 function get_cats_state ($userid)
131 {
132
133 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
134 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
135 return mysql_num_rows($res);
136 }
137
138 function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
139 {
140 $apoints = max($row['points'], $row['awarded']);
141 $points += $apoints;
142 $experience = "&nbsp;";
143 $revoked = false; # to be coded later (after DB-upgrade)
144 if ($row['method'] == "Face to Face Meeting")
145 {
146 $sum_experience = $sum_experience +2;
147 $experience = "2";
148 }
149 return $apoints;
150 }
151
152 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
153 {
154 $awarded = calc_points($row);
155 $revoked = false;
156
157 if ($awarded > 100)
158 {
159 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
160 $awarded = 100;
161 }
162 else
163 $experience = 0;
164
165 switch ($row['method'])
166 {
167 case 'Thawte Points Transfer':
168 case 'CT Magazine - Germany':
169 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
170 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
171 $experience=0;
172 $revoked=true;
173 break;
174 default:
175 $points += $awarded;
176 }
177 $sumexperience = $sumexperience + $experience;
178 }
179
180
181 function show_user_link ($name,$userid)
182 {
183 $name = trim($name);
184 if($name == "")
185 {
186 if ($userid == 0)
187 $name = _("System");
188 else
189 $name = _("Deleted account");
190 }
191 else
192 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
193 return $name;
194 }
195
196 function show_email_link ($email,$userid)
197 {
198 $email = trim($email);
199 if($email != "")
200 $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
201 return $email;
202 }
203
204 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
205 {
206 $num_of_assurances = get_number_of_assurances (intval($userid));
207 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
208 }
209
210 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
211 {
212 $num_of_assurees = get_number_of_assurees (intval($userid));
213 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
214 }
215
216
217 // ************* html table definitions ******************
218
219 function output_ranking($userid)
220 {
221 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
222 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
223
224 ?>
225 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
226 <tr>
227 <td class="title"><?=_("Assurer Ranking")?></td>
228 </tr>
229 <tr>
230 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
231 </tr>
232 <tr>
233 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
234 </tr>
235 </table>
236 <br/>
237 <?
238 }
239
240 function output_assurances_header($title,$support)
241 {
242 ?>
243 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
244 <tr>
245 <?
246 if ($support == "1")
247 {
248 ?>
249 <td colspan="10" class="title"><?=$title?></td>
250 <?
251 } else {
252 ?>
253 <td colspan="7" class="title"><?=$title?></td>
254 <?
255 }
256 ?>
257 </tr>
258 <tr>
259 <td class="DataTD"><strong><?=_("ID")?></strong></td>
260 <td class="DataTD"><strong><?=_("Date")?></strong></td>
261 <?
262 if ($support == "1")
263 {
264 ?>
265 <td class="DataTD"><strong><?=_("When")?></strong></td>
266 <td class="DataTD"><strong><?=_("Email")?></strong></td>
267 <?
268 }
269 ?>
270 <td class="DataTD"><strong><?=_("Who")?></strong></td>
271 <td class="DataTD"><strong><?=_("Points")?></strong></td>
272 <td class="DataTD"><strong><?=_("Location")?></strong></td>
273 <td class="DataTD"><strong><?=_("Method")?></strong></td>
274 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
275 <?
276 if ($support == "1")
277 {
278 ?>
279 <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
280 <?
281 }
282 ?>
283 </tr>
284 <?
285 }
286
287 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
288 {
289 ?>
290 <tr>
291 <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
292 <td class="DataTD"><?=$points?></td>
293 <td class="DataTD">&nbsp;</td>
294 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
295 <td class="DataTD"><?=$sumexperience?></td>
296 <?
297 if ($support == "1")
298 {
299 ?>
300 <td class="DataTD">&nbsp;</td>
301 <?
302 }
303 ?>
304
305 </tr>
306 </table>
307 <br/>
308 <?
309 }
310
311 /**
312 * Render an assurance for a view
313 * @param int $assuranceid - id of the assurance
314 * @param string $date - When the assurance took place in user provided format
315 * @param string $when - When the assurance was entered (ISO format), only visible for support
316 * @param string $email - Email address of the other party, only visible for support
317 * @param string $name - Name of the other party
318 * @param int $awarded - The points the Assurer wanted to issue (not rounded down)
319 * @param int $points - The points recognised by the system (rounded down)
320 * @param string $location - Where the assurance took place
321 * @param string $method - The method used to make the assurance (Face-to-Face, Administrative Increase, etc.)
322 * @param int $experience - Number of experience points the Assurer got for this assurance
323 * @param int $userid - Id of the user whichs given/received assurances are displayed
324 * @param int $support - set to 1 if the output is for the support interface
325 * @param bool $revoked - whether the assurance is already revoked
326 * @param string $ticketno - ticket number currently set in the support interface
327 */
328 function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked, $ticketno)
329 {
330
331 $tdstyle="";
332 $emopen="";
333 $emclose="";
334
335 if ($awarded == $points)
336 {
337 if ($awarded == "0")
338 {
339 if ($when < "2006-09-01")
340 {
341 $tdstyle="style='background-color: #ffff80'";
342 $emopen="<em>";
343 $emclose="</em>";
344 }
345 }
346 }
347 ?>
348 <tr>
349 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
350 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
351 <?
352 if ($support == 1)
353 {
354 ?>
355 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
356 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
357 <?
358 }
359 ?>
360 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
361 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
362 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
363 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
364 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
365 <?
366 if ($support == 1)
367 {
368 if ($revoked == true)
369 {
370 ?>
371 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
372 <?
373 } else {
374 ?>
375 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
376 <?
377 }
378 }
379 ?>
380 </tr>
381 <?
382 }
383
384 function output_summary_header()
385 {
386 ?>
387 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
388 <tr>
389 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
390 </tr>
391 <tr>
392 <td class="DataTD"><strong><?=_("Description")?></strong></td>
393 <td class="DataTD"><strong><?=_("Points")?></strong></td>
394 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
395 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
396 </tr>
397 <?
398 }
399
400 function output_summary_footer()
401 {
402 ?>
403 </table>
404 <br/>
405 <?
406 }
407
408 function output_summary_row($title,$points,$points_countable,$remark)
409 {
410 ?>
411 <tr>
412 <td class="DataTD"><strong><?=$title?></strong></td>
413 <td class="DataTD"><?=$points?></td>
414 <td class="DataTD"><?=$points_countable?></td>
415 <td class="DataTD"><?=$remark?></td>
416 </tr>
417 <?
418 }
419
420
421 // ************* output given assurances ******************
422
423 /**
424 * Helper function to render assurances given by the user
425 * @param int $userid
426 * @param int& $points - [out] sum of given points
427 * @param int& $sum_experience - [out] sum of experience points gained
428 * @param int $support - set to 1 if the output is for the support interface
429 * @param string $ticketno - the ticket number set in the support interface
430 */
431 function output_given_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
432 {
433 $points = 0;
434 $sumexperience = 0;
435 $res = get_given_assurances(intval($userid));
436 while($row = mysql_fetch_assoc($res))
437 {
438 $fromuser = get_user (intval($row['to']));
439 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
440 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
441 $email = show_email_link ($fromuser['email'],intval($row['to']));
442 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
443 }
444 }
445
446 // ************* output received assurances ******************
447
448 /**
449 * Helper function to render assurances received by the user
450 * @param int $userid
451 * @param int& $points - [out] sum of received points
452 * @param int& $sum_experience - [out] sum of experience points the assurers gained
453 * @param int $support - set to 1 if the output is for the support interface
454 * @param string $ticketno - the ticket number set in the support interface
455 */
456 function output_received_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
457 {
458 $points = 0;
459 $sumexperience = 0;
460 $res = get_received_assurances(intval($userid));
461 while($row = mysql_fetch_assoc($res))
462 {
463 $fromuser = get_user (intval($row['from']));
464 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
465 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
466 $email = show_email_link ($fromuser['email'],intval($row['from']));
467 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
468 }
469 }
470
471 // ************* output summary table ******************
472
473 function check_date_limit ($userid,$age)
474 {
475 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
476 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
477 return intval(query_get_number_of_rows($res));
478 }
479
480 function calc_points($row)
481 {
482 $awarded = intval($row['awarded']);
483 if ($awarded == "")
484 $awarded = 0;
485 if (intval($row['points']) < $awarded)
486 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
487 else
488 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
489 switch ($row['method'])
490 {
491 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
492 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
493 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
494 $points = 0;
495 break;
496 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
497 if ($points <= 2) // maybe limit to 35/50 pts in the future?
498 $points = 0;
499 break;
500 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
501 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
502 case 'TTP-Assisted': // TTP assurances, limit to 35
503 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
504 case '': // to be revoked in the future? limit to max 50 pts?
505 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
506 break;
507 default: // should never happen ... ;-)
508 $points = 0;
509 }
510 if ($points < 0) // ignore negative points (bug needs to be fixed)
511 $points = 0;
512 return $points;
513 }
514
515 function max_points($userid)
516 {
517 return output_summary_content ($userid,0);
518 }
519
520 function output_summary_content($userid,$display_output)
521 {
522 $sum_points = 0;
523 $sum_experience = 0;
524 $sum_experience_other = 0;
525 $max_points = 100;
526 $max_experience = 50;
527
528 $experience_limit_reached_txt = _("Limit reached");
529
530 if (check_date_limit($userid,18) != 1)
531 {
532 $max_experience = 10;
533 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
534 }
535 if (check_date_limit($userid,14) != 1)
536 {
537 $max_experience = 0;
538 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
539 }
540
541 $res = get_received_assurances_summary($userid);
542 while($row = mysql_fetch_assoc($res))
543 {
544 $points = calc_points ($row);
545
546 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
547 {
548 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
549 $points = $max_points;
550 }
551 $sum_points += $points*intval($row['number']);
552 }
553
554 $res = get_given_assurances_summary($userid);
555 while($row = mysql_fetch_assoc($res))
556 {
557 switch ($row['method'])
558 {
559 case 'Face to Face Meeting': // count Face to Face only
560 $sum_experience += 2*intval($row['number']);
561 break;
562 }
563
564 }
565
566 if ($sum_points > $max_points)
567 {
568 $sum_points_countable = $max_points;
569 $remark_points = _("Limit reached");
570 }
571 else
572 {
573 $sum_points_countable = $sum_points;
574 $remark_points = "&nbsp;";
575 }
576 if ($sum_experience > $max_experience)
577 {
578 $sum_experience_countable = $max_experience;
579 $remark_experience = $experience_limit_reached_txt;
580 }
581 else
582 {
583 $sum_experience_countable = $sum_experience;
584 $remark_experience = "&nbsp;";
585 }
586
587 if ($sum_experience_countable + $sum_experience_other > $max_experience)
588 {
589 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
590 $remark_experience_other = $experience_limit_reached_txt;
591 }
592 else
593 {
594 $sum_experience_other_countable = $sum_experience_other;
595 $remark_experience_other = "&nbsp;";
596 }
597
598 if ($sum_points_countable < $max_points)
599 {
600 if ($sum_experience_countable != 0)
601 $remark_experience = _("Points on hold due to less assurance points");
602 $sum_experience_countable = 0;
603 if ($sum_experience_other_countable != 0)
604 $remark_experience_other = _("Points on hold due to less assurance points");
605 $sum_experience_other_countable = 0;
606 }
607
608 $issue_points = 0;
609 $cats_test_passed = get_cats_state ($userid);
610 if ($cats_test_passed == 0)
611 {
612 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
613 if ($sum_points_countable < $max_points)
614 {
615 $issue_points_txt = "<strong style='color: red'>";
616 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
617 $issue_points_txt .= "</strong>";
618 }
619 }
620 else
621 {
622 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
623 $issue_points_txt = "";
624 if ($sum_points_countable == $max_points)
625 $issue_points = 10;
626 if ($experience_total >= 10)
627 $issue_points = 15;
628 if ($experience_total >= 20)
629 $issue_points = 20;
630 if ($experience_total >= 30)
631 $issue_points = 25;
632 if ($experience_total >= 40)
633 $issue_points = 30;
634 if ($experience_total >= 50)
635 $issue_points = 35;
636 if ($issue_points != 0)
637 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
638 }
639 if ($display_output)
640 {
641 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
642 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
643 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
644 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
645 }
646 return $issue_points;
647 }
648
649 /**
650 * Render assurances given by the user
651 * @param int $userid
652 * @param int $support - set to 1 if the output is for the support interface
653 * @param string $ticketno - the ticket number set in the support interface
654 */
655 function output_given_assurances($userid, $support=0, $ticketno='')
656 {
657 output_assurances_header(_("Assurance Points You Issued"),$support);
658 output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
659 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
660 }
661
662 /**
663 * Render assurances received by the user
664 * @param int $userid
665 * @param int $support - set to 1 if the output is for the support interface
666 * @param string $ticketno - the ticket number set in the support interface
667 */
668 function output_received_assurances($userid,$support=0, $ticketno='')
669 {
670 output_assurances_header(_("Your Assurance Points"),$support);
671 output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
672 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
673 }
674
675 function output_summary($userid)
676 {
677 output_summary_header();
678 output_summary_content($userid,1);
679 output_summary_footer();
680 }
681
682 function output_end_of_page()
683 {
684 ?>
685 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
686 <?
687 }
688
689 //functions to do with recording user agreements
690 /**
691 * write_user_agreement()
692 * writes a new record to the table user_agreement
693 *
694 * @param mixed $memid
695 * @param mixed $document
696 * @param mixed $method
697 * @param mixed $comment
698 * @param integer $active
699 * @param integer $secmemid
700 * @return
701 */
702 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
703 // write a new record to the table user_agreement
704 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
705 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
706 $res = mysql_query($query);
707 }
708
709 /**
710 * get_user_agreement_status()
711 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
712 * @param mixed $memid
713 * @param string $type
714 * @return
715 */
716 function get_user_agreement_status($memid, $type="CCA"){
717 $query="SELECT u.`document` FROM `user_agreements` u
718 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
719 $res = mysql_query($query);
720 if(mysql_num_rows($res) <=0){
721 return 0;
722 }else{
723 return 1;
724 }
725 }
726
727 /**
728 * Get the first user_agreement entry of the requested type
729 * @param int $memid
730 * @param string $type - the type of user agreement, by default all
731 * agreements are listed
732 * @param int $active - whether to get active or passive agreements:
733 * 0 := passive
734 * 1 := active
735 * null := both
736 * @return array(string=>mixed) - an associative array containing
737 * 'document', 'date', 'method', 'comment', 'active'
738 */
739 function get_first_user_agreement($memid, $type=null, $active=null){
740 $filter = '';
741 if (!is_null($type)) {
742 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
743 }
744
745 if (!is_null($active)) {
746 $filter .= " AND u.`active` = ".intval($active);
747 }
748
749 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
750 WHERE u.`memid`=".intval($memid)."
751 $filter
752 ORDER BY u.`date` LIMIT 1";
753 $res = mysql_query($query);
754 if(mysql_num_rows($res) >0){
755 $rec = mysql_fetch_assoc($res);
756 }else{
757 $rec=array();
758 }
759 return $rec;
760 }
761
762 /**
763 * Get the last user_agreement entry of the requested type
764 * @param int $memid
765 * @param string $type - the type of user agreement, by default all
766 * agreements are listed
767 * @param int $active - whether to get active or passive agreements:
768 * 0 := passive,
769 * 1 := active,
770 * null := both
771 * @return array(string=>mixed) - an associative array containing
772 * 'document', 'date', 'method', 'comment', 'active'
773 */
774 function get_last_user_agreement($memid, $type=null, $active=null){
775 $filter = '';
776 if (!is_null($type)) {
777 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
778 }
779
780 if (!is_null($active)) {
781 $filter .= " AND u.`active` = ".intval($active);
782 }
783
784 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
785 WHERE u.`memid`=".intval($memid)."
786 $filter
787 ORDER BY u.`date` DESC LIMIT 1";
788 $res = mysql_query($query);
789 if(mysql_num_rows($res) >0){
790 $rec = mysql_fetch_assoc($res);
791 }else{
792 $rec=array();
793 }
794 return $rec;
795 }
796
797 /**
798 * Get the all user_agreement entries of the requested type
799 * @param int $memid
800 * @param string $type - the type of user agreement, by default all
801 * agreements are listed
802 * @param int $active - whether to get an active or passive agreements:
803 * 0 := passive,
804 * 1 := active,
805 * null := both
806 * @return resource - a mysql result set containing all agreements
807 */
808 function get_user_agreements($memid, $type=null, $active=null){
809 $filter = '';
810 if (!is_null($type)) {
811 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
812 }
813
814 if (!is_null($active)) {
815 $filter .= " AND u.`active` = ".intval($active);
816 }
817
818 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
819 WHERE u.`memid`=".intval($memid)."
820 $filter
821 ORDER BY u.`date`";
822 return mysql_query($query);
823 }
824
825 /**
826 * delete_user_agreement()
827 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
828 * @param mixed $memid
829 * @param string $type
830 * @return
831 */
832 function delete_user_agreement($memid, $type=false){
833 if ($type === false) {
834 $filter = '';
835 } else {
836 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
837 }
838 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
839 }
840
841 // functions for 6.php (assure somebody)
842
843 function AssureHead($confirmation,$checkname)
844 {
845 ?>
846 <form method="post" action="wot.php">
847 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
848 <tr>
849 <td colspan="2" class="title"><?=$confirmation?></td>
850 </tr>
851 <tr>
852 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
853 </tr>
854 <?
855 }
856
857 function AssureTextLine($field1,$field2)
858 {
859 ?>
860 <tr>
861 <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
862 <td class="DataTD"><?=$field2?></td>
863 </tr>
864 <?
865 }
866
867 function AssureBoxLine($type,$text,$checked)
868 {
869 ?>
870 <tr>
871 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
872 <td class="DataTD"><?=$text?></td>
873 </tr>
874 <?
875 }
876
877 function AssureMethodLine($text,$methods,$remark)
878 {
879 if (count($methods) != 1) {
880 ?>
881 <tr>
882 <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
883 <td class="DataTD">
884 <select name="method">
885 <?
886 foreach($methods as $val) {
887 ?>
888 <option value="<?=$val?>"><?=$val?></option>
889 <?
890 }
891 ?>
892 </select>
893 <br />
894 <?=$remark?>
895 </td>
896 </tr>
897 <?
898 } else {
899 ?>
900 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
901 <?
902 }
903 }
904
905 function AssureInboxLine($type,$field,$value,$description)
906 {
907 ?>
908 <tr>
909 <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
910 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
911 </tr>
912 <?
913 }
914
915 function AssureFoot($oldid,$confirm)
916 {
917 ?>
918 <tr>
919 <td class="DataTD" colspan="2">
920 <input type="submit" name="process" value="<?=$confirm?>" />
921 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
922 </td>
923 </tr>
924 </table>
925 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
926 <input type="hidden" name="oldid" value="<?=$oldid?>" />
927 </form>
928 <?
929 }
930
931 function account_email_delete($mailid){
932 //deletes an email entry from an acount
933 //revolkes all certifcates for that email address
934 //called from www/account.php if($process != "" && $oldid == 2)
935 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
936 //called from account_delete
937 $mailid = intval($mailid);
938 revoke_all_client_cert($mailid);
939 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
940 mysql_query($query);
941 }
942
943 function account_domain_delete($domainid){
944 //deletes an domain entry from an acount
945 //revolkes all certifcates for that domain address
946 //called from www/account.php if($process != "" && $oldid == 9)
947 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
948 //called from account_delete
949 $domainid = intval($domainid);
950 revoke_all_server_cert($domainid);
951 mysql_query(
952 "update `domains`
953 set `deleted`=NOW()
954 where `id` = '$domainid'");
955 }
956
957 function account_delete($id, $arbno, $adminid){
958 //deletes an account following the deleted account routnie V3
959 // called from www/account.php if($oldid == 50 && $process != "")
960 //change password
961 $id = intval($id);
962 $arbno = mysql_real_escape_string($arbno);
963 $adminid = intval($adminid);
964 $pool = 'abcdefghijklmnopqrstuvwxyz';
965 $pool .= '0123456789!()ยง';
966 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
967 srand ((double)microtime()*1000000);
968 $password="";
969 for($index = 0; $index < 30; $index++)
970 {
971 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
972 }
973 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
974
975 //create new mail for arbitration number
976 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
977 mysql_query($query);
978 $emailid = mysql_insert_id();
979
980 //set new mail as default
981 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
982 mysql_query($query);
983
984 //delete all other email address
985 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
986 $res=mysql_query($query);
987 while($row = mysql_fetch_assoc($res)){
988 account_email_delete($row['id']);
989 }
990
991 //delete all domains
992 $query = "select `id` from `domains` where `memid`='".$id."'";
993 $res=mysql_query($query);
994 while($row = mysql_fetch_assoc($res)){
995 account_domain_delete($row['id']);
996 }
997
998 //clear alert settings
999 mysql_query(
1000 "update `alerts` set
1001 `general`='0',
1002 `country`='0',
1003 `regional`='0',
1004 `radius`='0'
1005 where `memid`='$id'");
1006
1007 //set default location
1008 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1009 mysql_query($query);
1010
1011 //clear listings
1012 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1013 mysql_query($query);
1014
1015 //set lanuage to default
1016 //set default language
1017 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1018 //delete secondary langugaes
1019 mysql_query("delete from `addlang` where `userid`='".$id."'");
1020
1021 //change secret questions
1022 for($i=1;$i<=5;$i++){
1023 $q="";
1024 $a="";
1025 for($index = 0; $index < 30; $index++)
1026 {
1027 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1028 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1029 }
1030 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1031 mysql_query($query);
1032 }
1033
1034 //change personal information to arbitration number and DOB=1900-01-01
1035 $query = "update `users` set `fname`='".$arbno."',
1036 `mname`='".$arbno."',
1037 `lname`='".$arbno."',
1038 `suffix`='".$arbno."',
1039 `dob`='1900-01-01'
1040 where `id`='".$id."'";
1041 mysql_query($query);
1042
1043 //clear all admin and board flags
1044 mysql_query(
1045 "update `users` set
1046 `assurer`='0',
1047 `assurer_blocked`='0',
1048 `codesign`='0',
1049 `orgadmin`='0',
1050 `ttpadmin`='0',
1051 `locadmin`='0',
1052 `admin`='0',
1053 `adadmin`='0',
1054 `tverify`='0',
1055 `board`='0'
1056 where `id`='$id'");
1057
1058 //block account
1059 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1060 }
1061
1062
1063 function check_email_exists($email){
1064 // called from includes/account.php if($process != "" && $oldid == 1)
1065 // called from includes/account.php if($oldid == 50 && $process != "")
1066 $email = mysql_real_escape_string($email);
1067 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1068 $res = mysql_query($query);
1069 return mysql_num_rows($res) > 0;
1070 }
1071
1072 function check_gpg_cert_running($uid,$cca=0){
1073 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1074 // called from includes/account.php if($oldid == 50 && $process != "")
1075 $uid = intval($uid);
1076 if (0==$cca) {
1077 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1078 }else{
1079 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1080 }
1081 $res = mysql_query($query);
1082 return mysql_num_rows($res) > 0;
1083 }
1084
1085 function check_client_cert_running($uid,$cca=0){
1086 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1087 // called from includes/account.php if($oldid == 50 && $process != "")
1088 $uid = intval($uid);
1089 if (0==$cca) {
1090 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1091 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1092 }else{
1093 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1094 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1095 }
1096 $res = mysql_query($query1);
1097 $r1 = mysql_num_rows($res)>0;
1098 $res = mysql_query($query2);
1099 $r2 = mysql_num_rows($res)>0;
1100 return !!($r1 || $r2);
1101 }
1102
1103 function check_server_cert_running($uid,$cca=0){
1104 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1105 // called from includes/account.php if($oldid == 50 && $process != "")
1106 $uid = intval($uid);
1107 if (0==$cca) {
1108 $query1 = "
1109 select 1 from `domaincerts` join `domains`
1110 on `domaincerts`.`domid` = `domains`.`id`
1111 where `domains`.`memid` = '$uid'
1112 and `domaincerts`.`expire` > NOW()
1113 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1114 $query2 = "
1115 select 1 from `domaincerts` join `domains`
1116 on `domaincerts`.`domid` = `domains`.`id`
1117 where `domains`.`memid` = '$uid'
1118 and `revoked`>NOW()";
1119 }else{
1120 $query1 = "
1121 select 1 from `domaincerts` join `domains`
1122 on `domaincerts`.`domid` = `domains`.`id`
1123 where `domains`.`memid` = '$uid'
1124 and `expire`>(NOW()-90*86400)
1125 and `revoked`<`created`";
1126 $query2 = "
1127 select 1 from `domaincerts` join `domains`
1128 on `domaincerts`.`domid` = `domains`.`id`
1129 where `domains`.`memid` = '$uid'
1130 and `revoked`>(NOW()-90*86400)";
1131 }
1132 $res = mysql_query($query1);
1133 $r1 = mysql_num_rows($res)>0;
1134 $res = mysql_query($query2);
1135 $r2 = mysql_num_rows($res)>0;
1136 return !!($r1 || $r2);
1137 }
1138
1139 function check_is_orgadmin($uid){
1140 // called from includes/account.php if($oldid == 50 && $process != "")
1141 $uid = intval($uid);
1142 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1143 $res = mysql_query($query);
1144 return mysql_num_rows($res) > 0;
1145 }
1146
1147
1148 // revokation of certificates
1149 function revoke_all_client_cert($mailid){
1150 //revokes all client certificates for an email address
1151 $mailid = intval($mailid);
1152 $query = "select `emailcerts`.`id`
1153 from `emaillink`,`emailcerts` where
1154 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1155 group by `emailcerts`.`id`";
1156 $dres = mysql_query($query);
1157 while($drow = mysql_fetch_assoc($dres)){
1158 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1159 }
1160 }
1161
1162 function revoke_all_server_cert($domainid){
1163 //revokes all server certs for an domain
1164 $domainid = intval($domainid);
1165 $query =
1166 "select `domaincerts`.`id`
1167 from `domaincerts`
1168 where `domaincerts`.`domid` = '$domainid'
1169 union distinct
1170 select `domaincerts`.`id`
1171 from `domaincerts`, `domlink`
1172 where `domaincerts`.`id` = `domlink`.`certid`
1173 and `domlink`.`domid` = '$domainid'";
1174 $dres = mysql_query($query);
1175 while($drow = mysql_fetch_assoc($dres))
1176 {
1177 mysql_query(
1178 "update `domaincerts`
1179 set `revoked`='1970-01-01 10:00:01'
1180 where `id` = '".$drow['id']."'
1181 and `revoked` = 0");
1182 }
1183 }
1184
1185 function revoke_all_private_cert($uid){
1186 //revokes all certificates linked to a personal accounts
1187 //gpg revokation needs to be added to a later point
1188 $uid=intval($uid);
1189 $query = "select `id` from `email` where `memid`='".$uid."'";
1190 $res=mysql_query($query);
1191 while($row = mysql_fetch_assoc($res)){
1192 revoke_all_client_cert($row['id']);
1193 }
1194
1195
1196 $query = "select `id` from `domains` where `memid`='".$uid."'";
1197 $res=mysql_query($query);
1198 while($row = mysql_fetch_assoc($res)){
1199 revoke_all_server_cert($row['id']);
1200 }
1201 }
1202
1203 /**
1204 * check_date_format()
1205 * checks if the date is entered in the right date format YYYY-MM-DD and
1206 * if the date is after the 1st January of the given year
1207 *
1208 * @param mixed $date
1209 * @param integer $year
1210 * @return
1211 */
1212 function check_date_format($date, $year=2000){
1213 if (!strpos($date,'-')) {
1214 return FALSE;
1215 }
1216 $arr=explode('-',$date);
1217
1218 if ((count($arr)!=3)) {
1219 return FALSE;
1220 }
1221 if (intval($arr[0])<=$year) {
1222 return FALSE;
1223 }
1224 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1225 return FALSE;
1226 }
1227 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1228 return FALSE;
1229 }
1230
1231 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1232
1233 }
1234
1235 /**
1236 * check_date_difference()
1237 * returns false if the date is larger then today + time diffrence
1238 *
1239 * @param mixed $date
1240 * @param integer $diff
1241 * @return
1242 */
1243 function check_date_difference($date, $diff=1){
1244 return (strtotime($date)<=time()+$diff*86400);
1245 }
1246
1247 /**
1248 * Write some information to the adminlog
1249 *
1250 * @param int $uid - id of the user account
1251 * @param int $adminid - id of the admin
1252 * @param string $type - the operation that was performed on the user account
1253 * @param string $info - the ticket / arbitration number or other information
1254 * @return bool - true := success, false := error
1255 */
1256 function write_se_log($uid, $adminid, $type, $info){
1257 //records all support engineer actions changing a user account
1258 $uid = intval($uid);
1259 $adminid = intval($adminid);
1260 $type = mysql_real_escape_string($type);
1261 $info = mysql_real_escape_string($info);
1262 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1263 (Now(), $uid, $adminid, '$type', '$info')";
1264 return mysql_query($query);
1265 }
1266
1267 /**
1268 * Check if the entered information is a valid ticket or arbitration number
1269 * @param string $ticketno
1270 * @return bool
1271 */
1272 function valid_ticket_number($ticketno){
1273 //a arbitration case
1274 //d dispute action
1275 //s support case
1276 //m board motion
1277 $pattern='/[adsmADSM]\d{8}\./';
1278 if (preg_match($pattern, $ticketno)) {
1279 return true;
1280 }
1281 return false;
1282 }
1283
1284 // function for handling account/43.php
1285 /**
1286 * Get all data of an account given by the id from the `users` table
1287 * @param int $userid - account id
1288 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1289 * @return resource - a mysql result set
1290 */
1291 function get_user_data($userid, $deleted=0){
1292 $userid = intval($userid);
1293 $filter='';
1294 if (0==$deleted) {
1295 $filter .=' and `users`.`deleted`=0';
1296 }
1297 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1298 return mysql_query($query);
1299 }
1300
1301 /**
1302 * Get the alert settings for a user
1303 * @param int $userid for the requested account
1304 * @return array - associative array
1305 */
1306 function get_alerts($userid){
1307 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1308 }
1309
1310 /**
1311 * Get all email addresses linked to the account
1312 * @param int $userid
1313 * @param string $exclude - if given the email address will be excluded
1314 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1315 * @return resource - a mysql result set
1316 */
1317 function get_email_addresses($userid, $exclude, $deleted=0){
1318 //should be entered in account/2.php
1319 $userid = intval($userid);
1320 $filter='';
1321 if (0==$deleted) {
1322 $filter .= ' and `deleted`=0';
1323 }
1324 if ($exclude) {
1325 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1326 }
1327 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1328 return mysql_query($query);
1329 }
1330
1331 /**
1332 * Get all domains linked to the account
1333 * @param int $userid
1334 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1335 * @return resource - a mysql result set
1336 */
1337 function get_domains($userid, $deleted=0){
1338 //should be entered in account/9.php
1339 $userid = intval($userid);
1340 $filter='';
1341 if (0==$deleted) {
1342 $filter .= ' and `deleted`=0';
1343 }
1344 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1345 return mysql_query($query);
1346 }
1347
1348 /**
1349 * Get all training results for the account
1350 * @param int $userid
1351 * @return resource - a mysql result set
1352 */
1353 function get_training_results($userid){
1354 //should be entered in account/55.php
1355 $userid = intval($userid);
1356 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1357 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1358 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1359 " ORDER BY `CP`.`pass_date`";
1360 return mysql_query($query);
1361 }
1362
1363 /**
1364 * Get all SE log entries for the account
1365 * @param int $userid
1366 * @return resource - a mysql result set
1367 */
1368 function get_se_log($userid){
1369 $userid = intval($userid);
1370 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1371 FROM `adminlog`, `users`
1372 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1373 ORDER BY `adminlog`.`when`";
1374 return mysql_query($query);
1375 }
1376
1377 /**
1378 * Get all client certificates linked to the account
1379 * @param int $userid
1380 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1381 * @return resource - a mysql result set
1382 */
1383 function get_client_certs($userid, $viewall=0){
1384 //add to account/5.php
1385 $userid = intval($userid);
1386 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1387 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1388 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1389 `emailcerts`.`expire`,
1390 `emailcerts`.`revoked` as `revoke`,
1391 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1392 `emailcerts`.`id`,
1393 `emailcerts`.`CN`,
1394 `emailcerts`.`serial`,
1395 `emailcerts`.`disablelogin`,
1396 `emailcerts`.`description`
1397 from `emailcerts`
1398 where `emailcerts`.`memid`='".$userid."'";
1399 if($viewall == 0)
1400 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1401 $query .= " HAVING `timeleft` > 0";
1402 $query .= " ORDER BY `emailcerts`.`modified` desc";
1403 return mysql_query($query);
1404 }
1405
1406 /**
1407 * Get all server certs linked to the account
1408 * @param int $userid
1409 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1410 * @return resource - a mysql result set
1411 */
1412 function get_server_certs($userid, $viewall=0){
1413 //add to account/12.php
1414 $userid = intval($userid);
1415 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1416 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1417 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1418 `domaincerts`.`expire`,
1419 `domaincerts`.`revoked` as `revoke`,
1420 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1421 `domaincerts`.`CN`,
1422 `domaincerts`.`serial`,
1423 `domaincerts`.`id`,
1424 `domaincerts`.`description`
1425 from `domaincerts`,`domains`
1426 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1427 if($viewall == 0)
1428 {
1429 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1430 $query .= " HAVING `timeleft` > 0";
1431 }
1432 $query .= " ORDER BY `domaincerts`.`modified` desc";
1433 return mysql_query($query);
1434 }
1435
1436 /**
1437 * Get all gpg certs linked to the account
1438 * @param int $userid
1439 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1440 * @return resource - a mysql result set
1441 */
1442 function get_gpg_certs($userid, $viewall=0){
1443 //add to gpg/2.php
1444 $userid = intval($userid);
1445 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1446 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1447 UNIX_TIMESTAMP(`expire`) as `expired`,
1448 `expire`, `id`, `level`, `email`, `keyid`, `description`
1449 from `gpg` where `memid`='".$userid."'";
1450 if ($viewall == 0) {
1451 $query .= " HAVING `timeleft` > 0";
1452 }
1453 $query .= " ORDER BY `issued` desc";
1454 return mysql_query($query);
1455 }
1456
1457
1458
1459 /**
1460 * Show the table header to the email table for the admin log
1461 */
1462 function output_log_email_header(){
1463 ?>
1464 <tr>
1465 <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
1466 <td class="DataTD bold"><?= _("Created") ?></td>
1467 <td class="DataTD bold"><?= _("Deleted") ?></td>
1468 </tr>
1469
1470 <?
1471 }
1472 /**
1473 * Show all email data for the admin log
1474 * @param array $row - associative array containing the column data
1475 * @param string $primary - if given the primary address is highlighted
1476 */
1477 function output_log_email($row, $primary){
1478 $primaryemailaddress='';
1479 $deletedemailaddress='';
1480 if ($row['deleted'] !== NULL_DATETIME) {
1481 $deletedemailaddress=' deletedemailaddress';
1482 }
1483 if ($primary==$row['email'] && $row['deleted'] === NULL_DATETIME) {
1484 $primaryemailaddress= ' primaryemailaddress';
1485 }
1486 ?>
1487 <tr>
1488 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['email']?></td>
1489 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['created']?></td>
1490 <td class="DataTD<?= $primaryemailaddress . $deletedemailaddress ?>"><?=$row['deleted']?></td>
1491 </tr>
1492 <?
1493 }
1494
1495 /**
1496 * Show the table header to the domains table for the admin log
1497 */
1498 function output_log_domains_header(){
1499 ?>
1500 <tr>
1501 <td class="DataTD bold"><?= _("Domain") ?></td>
1502 <td class="DataTD bold"><?= _("Created") ?></td>
1503 <td class="DataTD bold"><?= _("Deleted") ?></td>
1504 </tr>
1505
1506 <?
1507 }
1508
1509 /**
1510 * Show the domain data for the admin log
1511 * @param array $row - associative array containing the column data
1512 */
1513 function output_log_domains($row){
1514 $italic='';
1515 if ($row['deleted'] !== NULL_DATETIME) {
1516 $italic=' italic';
1517 }
1518 ?>
1519 <tr>
1520 <td class="DataTD<? $italic ?>"><?=$row['domain']?></td>
1521 <td class="DataTD<? $italic ?>"><?=$row['created']?></td>
1522 <td class="DataTD<? $italic ?>"><?=$row['deleted']?></td>
1523 </tr>
1524 <?
1525 }
1526
1527 /**
1528 * Show the table header to the user agreement table for the admin log
1529 */
1530 function output_log_agreement_header(){
1531 ?>
1532 <tr>
1533 <td class="DataTD bold"><?= _("Agreement") ?></td>
1534 <td class="DataTD bold"><?= _("Date") ?></td>
1535 <td class="DataTD bold"><?= _("Method") ?></td>
1536 <td class="DataTD bold"><?= _("Active ") ?></td>
1537 </tr>
1538 <?
1539 }
1540
1541 /**
1542 * Show the agreement data for the admin log
1543 * @param array $row - associative array containing the column data
1544 */
1545 function output_log_agreement($row){
1546 ?>
1547 <tr>
1548 <td class="DataTD" ><?=$row['document']?></td>
1549 <td class="DataTD" ><?=$row['date']?></td>
1550 <td class="DataTD" ><?=$row['method']?></td>
1551 <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
1552 </tr>
1553 <?
1554 }
1555
1556 /**
1557 * Show the table header to the training table
1558 */
1559 function output_log_training_header(){
1560 //should be entered in account/55.php
1561 ?>
1562 <tr>
1563 <td class="DataTD bold"><?= _("Agreement") ?></td>
1564 <td class="DataTD bold"><?= _("Test") ?></td>
1565 <td class="DataTD bold"><?= _("Variant") ?></td>
1566 </tr>
1567 <?
1568 }
1569
1570 /**
1571 * Show the training data
1572 * @param array $row - associative array containing the column data
1573 */
1574 function output_log_training($row){
1575 //should be entered in account/55.php
1576 ?>
1577 <tr>
1578 <td class="DataTD"><?=$row['pass_date']?></td>
1579 <td class="DataTD"><?=$row['type_text']?></td>
1580 <td class="DataTD"><?=$row['test_text']?></td>
1581 </tr>
1582 <?
1583 }
1584
1585 /**
1586 * Show the table header to the SE log table for the admin log
1587 * @param int $support - if support = 1 more information is visible
1588 */
1589 function output_log_se_header($support=0){
1590 ?>
1591 <tr>
1592 <td class="DataTD bold"><?= _("Date") ?></td>
1593 <td class="DataTD bold"><?= _("Type") ?></td>
1594 <?
1595 if (1 == $support) {
1596 ?>
1597 <td class="DataTD bold"><?= _("Information") ?></td>
1598 <td class="DataTD bold"><?= _("Admin") ?></td>
1599 <?
1600 }
1601 ?>
1602 </tr>
1603 <?
1604 }
1605
1606 /**
1607 * Show the SE log data for the admin log
1608 * @param array $row - associative array containing the column data
1609 * @param int $support - if support = 1 more information is visible
1610 */
1611 function output_log_se($row, $support=0){
1612 //should be entered in account/55.php
1613 ?>
1614 <tr>
1615 <td class="DataTD"><?=$row['when']?></td>
1616 <td class="DataTD"><?=$row['type']?></td>
1617 <?
1618 if (1 == $support) {
1619 ?>
1620 <td class="DataTD"><?=$row['information']?></td>
1621 <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
1622 <?
1623 }
1624 ?>
1625 </tr>
1626 <?
1627 }
1628
1629 /**
1630 * Shows the table header to the client cert table
1631 * @param int $support - if support = 1 some columns ar not visible
1632 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1633 */
1634 function output_client_cert_header($support=0, $readonly=true){
1635 //should be added to account/5.php
1636 ?>
1637 <tr>
1638 <?
1639 if (!$readonly) {
1640 ?>
1641 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1642 <?
1643 }
1644 ?>
1645 <td class="DataTD"><?=_("Status")?></td>
1646 <td class="DataTD"><?=_("Email Address")?></td>
1647 <td class="DataTD"><?=_("SerialNumber")?></td>
1648 <td class="DataTD"><?=_("Revoked")?></td>
1649 <td class="DataTD"><?=_("Expires")?></td>
1650 <td class="DataTD"><?=_("Login")?></td>
1651 <?
1652 if (1 != $support) {
1653 ?>
1654 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1655 <?
1656 }
1657 ?>
1658 </tr>
1659 <?
1660 }
1661
1662 /**
1663 * Show the client cert data
1664 * @param array $row - associative array containing the column data
1665 * @param int $support - if support = 1 some columns are not visible
1666 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1667 */
1668 function output_client_cert($row, $support=0, $readonly=true){
1669 //should be entered in account/5.php
1670 $verified="";
1671 if ($row['timeleft'] > 0) {
1672 $verified = _("Valid");
1673 } else {
1674 $verified = _("Expired");
1675 }
1676
1677 if ($row['expired'] == 0) {
1678 $verified = _("Pending");
1679 }
1680
1681 if ($row['revoked'] == 0) {
1682 $row['revoke'] = _("Not Revoked");
1683 } else {
1684 $verified = _("Revoked");
1685 }
1686
1687 ?>
1688 <tr>
1689 <?
1690 if (!$readonly) {
1691 if ($verified === _("Pending")) {
1692 ?>
1693 <td class="DataTD">
1694 <input type="checkbox" name="delid[]" value="<?=$row['id']?>">
1695 </td>
1696 <?
1697
1698 } elseif ($verified === _("Revoked")) {
1699 ?>
1700 <td class="DataTD">&nbsp;</td>
1701 <?
1702
1703 } else {
1704 ?>
1705 <td class="DataTD">
1706 <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>">
1707 </td>
1708 <?
1709 }
1710 }
1711
1712 ?>
1713 <td class="DataTD"><?=$verified?></td>
1714 <?
1715
1716 if ($verified === _("Pending")) {
1717 ?>
1718 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
1719 <?
1720 } else {
1721 ?>
1722 <td class="DataTD">
1723 <a href="account.php?id=6&amp;cert=<?=$row['id']?>">
1724 <?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?>
1725 </a>
1726 </td>
1727 <?
1728 }
1729
1730 ?>
1731 <td class="DataTD"><?=$row['serial']?></td>
1732 <td class="DataTD"><?=$row['revoke']?></td>
1733 <td class="DataTD"><?=$row['expire']?></td>
1734 <td class="DataTD">
1735 <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
1736 <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
1737 </td>
1738 <?
1739
1740 if (1 != $support) {
1741 ?>
1742 <td class="DataTD">
1743 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1744 </td>
1745 <?
1746 if (!$readonly) {
1747 ?>
1748 <td class="DataTD">
1749 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1750 </td>
1751 <?
1752 }
1753 }
1754
1755 ?>
1756 </tr>
1757 <?
1758 }
1759
1760 /**
1761 * Show the table header to the server cert table
1762 * @param int $support - if support = 1 some columns ar not visible
1763 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1764 */
1765 function output_server_certs_header($support=0, $readonly=true){
1766 //should be entered in account/12.php
1767 ?>
1768 <tr>
1769 <?
1770 if (!$readonly) {
1771 ?>
1772 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1773 <?
1774 }
1775 ?>
1776 <td class="DataTD"><?=_("Status")?></td>
1777 <td class="DataTD"><?=_("CommonName")?></td>
1778 <td class="DataTD"><?=_("SerialNumber")?></td>
1779 <td class="DataTD"><?=_("Revoked")?></td>
1780 <td class="DataTD"><?=_("Expires")?></td>
1781 <?
1782 if (1 != $support) {
1783 ?>
1784 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1785 <?
1786 }
1787 ?>
1788 </tr>
1789 <?
1790 }
1791
1792 /**
1793 * Show the server cert data
1794 * @param array $row - associative array containing the column data
1795 * @param int $support - if support = 1 some columns are not visible
1796 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1797 */
1798 function output_server_certs($row, $support=0, $readonly=true){
1799 //should be entered in account/12.php
1800 $verified="";
1801 if ($row['timeleft'] > 0) {
1802 $verified = _("Valid");
1803 } else {
1804 $verified = _("Expired");
1805 }
1806
1807 if ($row['expired'] == 0) {
1808 $verified = _("Pending");
1809 }
1810
1811 if ($row['revoked'] == 0) {
1812 $row['revoke'] = _("Not Revoked");
1813 } else {
1814 $verified = _("Revoked");
1815 }
1816
1817 ?>
1818 <tr>
1819 <?
1820 if (!$readonly) {
1821 if ($verified === _("Pending")) {
1822 ?>
1823 <td class="DataTD">
1824 <input type="checkbox" name="delid[]" value="<?=$row['id']?>"/>
1825 </td>
1826 <?
1827 } elseif($verified === _("Revoked")) {
1828 ?>
1829 <td class="DataTD">&nbsp;</td>
1830 <?
1831 } else {
1832 ?>
1833 <td class="DataTD">
1834 <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/>
1835 </td>
1836 <?
1837 }
1838 }
1839
1840 ?>
1841 <td class="DataTD"><?=$verified?></td>
1842 <?
1843
1844 if ($verified === _("Pending")) {
1845 ?>
1846 <td class="DataTD"><?=$row['CN']?></td>
1847 <?
1848 } else {
1849 ?>
1850 <td class="DataTD">
1851 <a href="account.php?id=15&amp;cert=<?=$row['id']?>">
1852 <?=$row['CN']?>
1853 </a>
1854 </td>
1855 <?
1856 }
1857
1858 ?>
1859 <td class="DataTD"><?=$row['serial']?></td>
1860 <td class="DataTD"><?=$row['revoke']?></td>
1861 <td class="DataTD"><?=$row['expire']?></td>
1862 <?
1863
1864 if (1 != $support) {
1865 ?>
1866 <td class="DataTD">
1867 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1868 </td>
1869 <?
1870 if (!$readonly) {
1871 ?>
1872 <td class="DataTD">
1873 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1874 </td>
1875 <?
1876 }
1877 }
1878
1879 ?>
1880 </tr>
1881 <?
1882 }
1883
1884 /**
1885 * Show the table header to the gpg cert table
1886 * @param int $support - if support = 1 some columns ar not visible
1887 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1888 */
1889 function output_gpg_certs_header($support=0, $readonly=true){
1890 // $readonly is currently ignored but kept for consistency
1891 ?>
1892 <tr>
1893 <td class="DataTD"><?=_("Status")?></td>
1894 <td class="DataTD"><?=_("Email Address")?></td>
1895 <td class="DataTD"><?=_("Expires")?></td>
1896 <td class="DataTD"><?=_("Key ID")?></td>
1897 <?
1898 if (1 != $support) {
1899 ?>
1900 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1901 <?
1902 }
1903 ?>
1904 </tr>
1905 <?
1906 }
1907
1908 /**
1909 * Show the gpg cert data
1910 * @param array $row - associative array containing the column data
1911 * @param int $support - if support = 1 some columns are not visible
1912 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1913 */
1914 function output_gpg_certs($row, $support=0, $readonly=true){
1915 //should be entered in account/55.php
1916 $verified="";
1917 if ($row['timeleft'] > 0) {
1918 $verified = _("Valid");
1919 } else {
1920 $verified = _("Expired");
1921 }
1922
1923 if ($row['expired'] == 0) {
1924 $verified = _("Pending");
1925 }
1926
1927 ?>
1928 <tr>
1929 <td class="DataTD"><?=$verified?></td>
1930 <?
1931
1932 if($verified == _("Pending")) {
1933 ?>
1934 <td class="DataTD"><?=$row['email']?></td>
1935 <?
1936 } else {
1937 ?>
1938 <td class="DataTD">
1939 <a href="gpg.php?id=3&amp;cert=<?=$row['id']?>">
1940 <?=$row['email']?>
1941 </a>
1942 </td>
1943 <?
1944 }
1945
1946 ?>
1947 <td class="DataTD"><?=$row['expire']?></td>
1948 <?
1949
1950 if($verified == _("Pending")) {
1951 ?>
1952 <td class="DataTD"><?=$row['keyid']?></td>
1953 <?
1954 } else {
1955 ?>
1956 <td class="DataTD">
1957 <a href="gpg.php?id=3&amp;cert=<?=$row['id']?>">
1958 <?=$row['keyid']?>
1959 </a>
1960 </td>
1961 <?
1962 }
1963
1964 if (1 != $support) {
1965 ?>
1966 <td class="DataTD">
1967 <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1968 </td>
1969 <?
1970 if (!$readonly) {
1971 ?>
1972 <td class="DataTD">
1973 <input type="checkbox" name="check_comment_<?=$row['id']?>" />
1974 </td>
1975 <?
1976 }
1977 }
1978
1979 ?>
1980 </tr>
1981 <?
1982 }
1983
1984 /**
1985 * output_log_given_assurances()
1986 * returns the list of all given assurances
1987 * @param mixed $userid - user id for the output
1988 * @param integer $support - support view = 1
1989 * @return
1990 */
1991 function output_log_given_assurances($userid, $support=0)
1992 {
1993 output_assurances_header(_("Assurance given"),$support);
1994 output_log_given_assurances_content($userid, $support);
1995 }
1996
1997 /**
1998 * output_log_given_assurances_content()
1999 *
2000 * @param mixed $userid
2001 * @param mixed $support
2002 * @return
2003 */
2004 function output_log_given_assurances_content($userid, $support)
2005 {
2006 $res = get_given_assurances(intval($userid), 1);
2007 while($row = mysql_fetch_assoc($res))
2008 {
2009 $fromuser = get_user (intval($row['to']));
2010 $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
2011 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
2012 $email = show_email_link ($fromuser['email'],intval($row['to']));
2013 $revoked = '';
2014 if ($row['date'] != 0) {
2015 $revoked = $row['deleted'];
2016 }
2017 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
2018 }
2019 }
2020
2021 /**
2022 * output_log_received_assurances()
2023 *
2024 * @param mixed $userid
2025 * @param integer $support
2026 * @return
2027 */
2028 function output_log_received_assurances($userid, $support=0)
2029 {
2030 output_assurances_header(_("Assurance received"), $support);
2031 output_log_received_assurances_content($userid, $support);
2032 }
2033
2034 /**
2035 * output_log_received_assurances_content()
2036 *
2037 * @param mixed $userid
2038 * @param mixed $support
2039 * @param mixed $points
2040 * @param mixed $sum_experience
2041 * @param mixed $ticketno
2042 * @return
2043 */
2044 function output_log_received_assurances_content($userid, $support)
2045 {
2046 $res = get_received_assurances(intval($userid), 1);
2047 while($row = mysql_fetch_assoc($res))
2048 {
2049 $fromuser = get_user (intval($row['from']));
2050 calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
2051 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
2052 $email = show_email_link ($fromuser['email'],intval($row['from']));
2053 $revoked = '';
2054 if ($row['date'] != 0) {
2055 $revoked = $revoked = $row['deleted'];
2056 }
2057 output_log_assurances_row(intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
2058 }
2059 }
2060
2061 /**
2062 * output_log_assurances_row()
2063 *
2064 * @param mixed $assuranceid
2065 * @param mixed $date
2066 * @param mixed $when
2067 * @param mixed $email
2068 * @param mixed $name
2069 * @param mixed $awarded
2070 * @param mixed $points
2071 * @param mixed $location
2072 * @param mixed $method
2073 * @param mixed $experience
2074 * @param mixed $userid
2075 * @param mixed $support
2076 * @param mixed $revoked
2077 * @return
2078 */
2079 function output_log_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
2080 {
2081
2082 $tdstyle="";
2083 $emopen="";
2084 $emclose="";
2085
2086 if ($awarded == $points)
2087 {
2088 if ($awarded == "0")
2089 {
2090 if ($when < "2006-09-01")
2091 {
2092 $tdstyle="style='background-color: #ffff80'";
2093 $emopen="<em>";
2094 $emclose="</em>";
2095 }
2096 }
2097 }
2098 ?>
2099 <tr>
2100 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
2101 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
2102 <?
2103 if ($support == "1")
2104 {
2105 ?>
2106 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
2107 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
2108 <?
2109 }
2110 ?>
2111 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
2112 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
2113 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
2114 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
2115 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
2116 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked?><?=$emclose?></td>
2117 </tr>
2118 <?
2119 }