Merge branch 'bug-1047' into bug-1042
[cacert-devel.git] / includes / notary.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 define('NULL_DATETIME', '0000-00-00 00:00:00');
20 define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
21
22 function query_init ($query)
23 {
24 return mysql_query($query);
25 }
26
27 function query_getnextrow ($res)
28 {
29 $row1 = mysql_fetch_assoc($res);
30 return $row1;
31 }
32
33 function query_get_number_of_rows ($resultset)
34 {
35 return intval(mysql_num_rows($resultset));
36 }
37
38 function get_number_of_assurances ($userid)
39 {
40 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
41 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' and `deleted` = 0");
42 $row = query_getnextrow($res);
43
44 return intval($row['list']);
45 }
46
47 function get_number_of_ttpassurances ($userid)
48 {
49 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
50 WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' and `deleted` = 0");
51 $row = query_getnextrow($res);
52
53 return intval($row['list']);
54 }
55
56 function get_number_of_assurees ($userid)
57 {
58 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
59 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' and `deleted` = 0");
60 $row = query_getnextrow($res);
61
62 return intval($row['list']);
63 }
64
65 function get_top_assurer_position ($no_of_assurances)
66 {
67 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
68 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
69 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
70 return intval(query_get_number_of_rows($res)+1);
71 }
72
73 function get_top_assuree_position ($no_of_assurees)
74 {
75 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
76 WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
77 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
78 return intval(query_get_number_of_rows($res)+1);
79 }
80
81 /**
82 * Get the list of assurances given by the user
83 * @param int $userid - id of the assurer
84 * @param int $log - if set to 1 also includes deleted assurances
85 * @return resource - a MySQL result set
86 */
87 function get_given_assurances($userid, $log=0)
88 {
89 $deleted='';
90 if ($log == 0) {
91 $deleted = ' and `deleted` = 0 ';
92 }
93 $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
94 return $res;
95 }
96
97 /**
98 * Get the list of assurances received by the user
99 * @param int $userid - id of the assuree
100 * @param int $log - if set to 1 also includes deleted assurances
101 * @return resource - a MySQL result set
102 */
103 function get_received_assurances($userid, $log=0)
104 {
105 $deleted='';
106 if ($log == 0) {
107 $deleted = ' and `deleted` = 0 ';
108 }
109 $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc ");
110 return $res;
111 }
112
113 function get_given_assurances_summary ($userid)
114 {
115 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
116 return $res;
117 }
118
119 function get_received_assurances_summary ($userid)
120 {
121 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
122 return $res;
123 }
124
125 function get_user ($userid)
126 {
127 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
128 return mysql_fetch_assoc($res);
129 }
130
131 function get_cats_state ($userid)
132 {
133
134 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
135 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
136 return mysql_num_rows($res);
137 }
138
139
140 /**
141 * Calculate awarded points (corrects some issues like out of range points
142 * or points that were issued by means that have been deprecated)
143 *
144 * @param array $row - associative array containing the data from the
145 * `notary` table
146 * @return int - the awarded points for this assurance
147 */
148 function calc_awarded($row)
149 {
150 // Back in the old days there was no `awarded` column => is now zero,
151 // there the `points` column contained that data
152 $points = max(intval($row['awarded']), intval($row['points']));
153
154 // Set negative points to zero, yes there are such things in the database
155 $points = max($points, 0);
156
157 switch ($row['method'])
158 {
159 // These programmes have been revoked
160 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
161 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
162 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
163 $points = 0;
164 break;
165
166 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
167 if ($points <= 2) // maybe limit to 35/50 pts in the future?
168 $points = 0;
169 break;
170
171 // TTP assurances, limit to 35
172 case 'TTP-Assisted':
173 $points = min($points, 35);
174 break;
175
176 // TTP TOPUP, limit to 30
177 case 'TOPUP':
178 $points = min($points, 30);
179
180 // All these should be preserved for the time being
181 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
182 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
183 case '': // to be revoked in the future? limit to max 50 pts?
184 case 'Face to Face Meeting': // normal assurances (and superassurances?), limit to 35/50 pts in the future?
185 break;
186
187 default: // should never happen ... ;-)
188 $points = 0;
189 }
190
191 return $points;
192 }
193
194
195 /**
196 * Calculate the experience points from a given Assurance
197 * @param array $row - [inout] associative array containing the data from
198 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
199 * added
200 * @param int $sum_points - [inout] the sum of already counted assurance
201 * points the assurer issued
202 * @param int $sum_experience - [inout] the sum of already counted
203 * experience points that were awarded to the assurer
204 */
205 function calc_experience(&$row, &$sum_points, &$sum_experience)
206 {
207 $row['calc_awarded'] = calc_awarded($row);
208
209 // Don't count revoked assurances even if we are displaying them
210 if ($row['deleted'] !== NULL_DATETIME) {
211 $row['experience'] = 0;
212 return;
213 }
214
215 $experience = 0;
216 if ($row['method'] == "Face to Face Meeting")
217 {
218 $experience = 2;
219 }
220 $sum_experience += $experience;
221 $row['experience'] = $experience;
222
223 $sum_points += $row['calc_awarded'];
224 }
225
226 /**
227 * Calculate the points received from a received Assurance
228 * @param array $row - [inout] associative array containing the data from
229 * the `notary` table, the keys 'experience' and 'calc_awarded' will be
230 * added
231 * @param int $sum_points - [inout] the sum of already counted assurance
232 * points the assuree received
233 * @param int $sum_experience - [inout] the sum of already counted
234 * experience points that were awarded to the assurer
235 */
236 function calc_assurances(&$row, &$sum_points, &$sum_experience)
237 {
238 $row['calc_awarded'] = calc_awarded($row);
239 $experience = 0;
240
241 // High point values mean that some of them are experience points
242 if ($row['calc_awarded'] > 100)
243 {
244 $experience = $row['calc_awarded'] - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
245 $row['calc_awarded'] = 100;
246 }
247
248 switch ($row['method'])
249 {
250 case 'Thawte Points Transfer':
251 case 'CT Magazine - Germany':
252 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
253 $experience = 0;
254 $row['deleted'] = THAWTE_REVOCATION_DATETIME;
255 break;
256 }
257
258 // Don't count revoked assurances even if we are displaying them
259 if ($row['deleted'] !== NULL_DATETIME) {
260 $row['experience'] = 0;
261 return;
262 }
263
264 $sum_experience += $experience;
265 $row['experience'] = $experience;
266 $sum_points += $row['calc_awarded'];
267 }
268
269 /**
270 * Generate a link to the support engineer page for the user with the name
271 * of the user as link text
272 * @param array $user - associative array containing the data from the
273 * `user` table
274 * @return string
275 */
276 function show_user_link($user)
277 {
278 $name = trim($user['fname'].' '.$user['lname']);
279 $userid = intval($user['id']);
280
281 if($name == "")
282 {
283 if ($userid == 0) {
284 $name = _("System");
285 } else {
286 $name = _("Deleted account");
287 }
288 }
289 else
290 {
291 $name = "<a href='wot.php?id=9&amp;userid=".$userid."'>".sanitizeHTML($name)."</a>";
292 }
293
294 return $name;
295 }
296
297 /**
298 * Generate a link to the support engineer page for the user with the email
299 * address as link text
300 * @param array $user - associative array containing the data from the
301 * `user` table
302 * @return string
303 */
304 function show_email_link($user)
305 {
306 $email = trim($user['email']);
307 if($email != "") {
308 $email = "<a href='account.php?id=43&amp;userid=".intval($user['id'])."'>".sanitizeHTML($email)."</a>";
309 }
310 return $email;
311 }
312
313 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
314 {
315 $num_of_assurances = get_number_of_assurances (intval($userid));
316 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
317 }
318
319 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
320 {
321 $num_of_assurees = get_number_of_assurees (intval($userid));
322 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
323 }
324
325 /**
326 * Helper function to sum all assurance points received by the user
327 * @param int $userid
328 */
329 function get_received_assurance_points($userid)
330 {
331 $sum_points = 0;
332 $sum_experience = 0;
333 $res = get_received_assurances(intval($userid));
334 while($row = mysql_fetch_assoc($res))
335 {
336 $fromuser = get_user(intval($row['from']));
337 calc_assurances($row, $sum_points, $sum_experience);
338 }
339 return $sum_points;
340 }
341
342 /**
343 * Helper function to sum all assurance points received by the user
344 * @param int $userid
345 */
346 function get_received_experience_points($userid)
347 {
348 $sum_points = 0;
349 $sum_experience = 0;
350 $res = get_received_assurances(intval($userid));
351 while($row = mysql_fetch_assoc($res))
352 {
353 $fromuser = get_user(intval($row['from']));
354 calc_assurances($row, $sum_points, $sum_experience);
355 }
356 return $sum_experience;
357 }
358
359 /**
360 * Helper function to sum all points received by the user
361 * @param int $userid
362 */
363 function get_received_total_points($userid)
364 {
365 $sum_points = 0;
366 $sum_experience = 0;
367 $res = get_received_assurances(intval($userid));
368 while($row = mysql_fetch_assoc($res))
369 {
370 $fromuser = get_user(intval($row['from']));
371 calc_assurances($row, $sum_points, $sum_experience);
372 }
373 return $sum_experience + $sum_points;
374 }
375
376 /**
377 * Updates the assurance points in $_SESSION['profile']
378 */
379 function update_points_in_profile(){
380 $_SESSION['profile']['points'] = get_received_total_points($_SESSION['profile']['id']);
381 }
382
383 // ************* html table definitions ******************
384
385 function output_ranking($userid)
386 {
387 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
388 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
389
390 ?>
391 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
392 <tr>
393 <td class="title"><?=_("Assurer Ranking")?></td>
394 </tr>
395 <tr>
396 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
397 </tr>
398 <tr>
399 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
400 </tr>
401 </table>
402 <br/>
403 <?
404 }
405
406 /**
407 * Render header for the assurance table (same for given/received)
408 * @param string $title - The title for the table
409 * @param int $support - set to 1 if the output is for the support interface
410 * @param int $log - if set to 1 also includes deleted assurances
411 */
412 function output_assurances_header($title, $support, $log)
413 {
414 if ($support == 1) {
415 $log = 1;
416 }
417
418 $colspan = 7;
419 if ($support == 1) {
420 $colspan += 2;
421 }
422 if ($log == 1) {
423 $colspan += 1;
424 }
425 ?>
426 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
427 <tr>
428 <td colspan="<?=$colspan?>" class="title"><?=$title?></td>
429 </tr>
430 <tr>
431 <td class="DataTD"><strong><?=_("ID")?></strong></td>
432 <td class="DataTD"><strong><?=_("Date")?></strong></td>
433 <?
434 if ($support == 1)
435 {
436 ?>
437 <td class="DataTD"><strong><?=_("When")?></strong></td>
438 <td class="DataTD"><strong><?=_("Email")?></strong></td>
439 <?
440 }
441 ?>
442 <td class="DataTD"><strong><?=_("Who")?></strong></td>
443 <td class="DataTD"><strong><?=_("Points")?></strong></td>
444 <td class="DataTD"><strong><?=_("Location")?></strong></td>
445 <td class="DataTD"><strong><?=_("Method")?></strong></td>
446 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
447 <?
448 if ($log == 1)
449 {
450 ?>
451 <td class="DataTD"><strong><?=_("Revoked")?></strong></td>
452 <?
453 }
454 ?>
455 </tr>
456 <?
457 }
458
459 /**
460 * Render footer for the assurance table (same for given/received)
461 * @param string $points_txt - Description for sum of assurance points
462 * @param int $sumpoints - sum of assurance points
463 * @param string $experience_txt - Description for sum of experience points
464 * @param int $sumexperience - sum of experience points
465 * @param int $support - set to 1 if the output is for the support interface
466 * @param int $log - if set to 1 also includes deleted assurances
467 */
468 function output_assurances_footer(
469 $points_txt,
470 $sumpoints,
471 $experience_txt,
472 $sumexperience,
473 $support,
474 $log)
475 {
476 ?>
477 <tr>
478 <td colspan="<?=($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?=$points_txt?>:</strong></td>
479 <td class="DataTD"><?=intval($sumpoints)?></td>
480 <td class="DataTD">&nbsp;</td>
481 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
482 <td class="DataTD"><?=intval($sumexperience)?></td>
483 <?
484 if ($log == 1)
485 {
486 ?>
487 <td class="DataTD">&nbsp;</td>
488 <?
489 }
490 ?>
491 </tr>
492 </table>
493 <br/>
494 <?
495 }
496
497 /**
498 * Render an assurance for a view
499 * @param array $assurance - associative array containing the data from the `notary` table
500 * @param int $userid - Id of the user whichs given/received assurances are displayed
501 * @param array $other_user - associative array containing the other users data from the `users` table
502 * @param int $support - set to 1 if the output is for the support interface
503 * @param string $ticketno - ticket number currently set in the support interface
504 * @param int $log - if set to 1 also includes deleted assurances
505 */
506 function output_assurances_row(
507 $assurance,
508 $userid,
509 $other_user,
510 $support,
511 $ticketno,
512 $log)
513 {
514 $assuranceid = intval($assurance['id']);
515 $date = $assurance['date'];
516 $when = $assurance['when'];
517 $awarded = intval($assurance['calc_awarded']);
518 $points = intval($assurance['points']);
519 $location = $assurance['location'];
520 $method = $assurance['method'] ? _($assurance['method']) : '';
521 $experience = intval($assurance['experience']);
522 $revoked = $assurance['deleted'] !== NULL_DATETIME;
523
524 $email = show_email_link($other_user);
525 $name = show_user_link($other_user);
526
527 if ($support == 1) {
528 $log = 1;
529 }
530
531 $tdstyle="";
532 $emopen="";
533 $emclose="";
534
535 if ($awarded == $points)
536 {
537 if ($awarded == 0)
538 {
539 if ($when < "2006-09-01")
540 {
541 $tdstyle="style='background-color: #ffff80'";
542 $emopen="<em>";
543 $emclose="</em>";
544 }
545 }
546 }
547 ?>
548 <tr>
549 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
550 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
551 <?
552 if ($support == 1)
553 {
554 ?>
555 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
556 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
557 <?
558 }
559 ?>
560 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
561 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?=$emclose?></td>
562 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=sanitizeHTML($location)?><?=$emclose?></td>
563 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
564 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?$experience:'&nbsp;'?><?=$emclose?></td>
565 <?
566 if ($log == 1)
567 {
568 if ($revoked == true)
569 {
570 ?>
571 <td class="DataTD" <?=$tdstyle?>><?=$assurance['deleted']?></td>
572 <?
573 } elseif ($support == 1) {
574 ?>
575 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
576 <?
577 } else {
578 ?>
579 <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
580 <?
581 }
582 }
583 ?>
584 </tr>
585 <?
586 }
587
588 function output_summary_header()
589 {
590 ?>
591 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
592 <tr>
593 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
594 </tr>
595 <tr>
596 <td class="DataTD"><strong><?=_("Description")?></strong></td>
597 <td class="DataTD"><strong><?=_("Points")?></strong></td>
598 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
599 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
600 </tr>
601 <?
602 }
603
604 function output_summary_footer()
605 {
606 ?>
607 </table>
608 <br/>
609 <?
610 }
611
612 function output_summary_row($title,$points,$points_countable,$remark)
613 {
614 ?>
615 <tr>
616 <td class="DataTD"><strong><?=$title?></strong></td>
617 <td class="DataTD"><?=$points?></td>
618 <td class="DataTD"><?=$points_countable?></td>
619 <td class="DataTD"><?=$remark?></td>
620 </tr>
621 <?
622 }
623
624
625 // ************* output given assurances ******************
626
627 /**
628 * Helper function to render assurances given by the user
629 * @param int $userid
630 * @param int& $sum_points - [out] sum of given points
631 * @param int& $sum_experience - [out] sum of experience points gained
632 * @param int $support - set to 1 if the output is for the support interface
633 * @param string $ticketno - the ticket number set in the support interface
634 * @param int $log - if set to 1 also includes deleted assurances
635 */
636 function output_given_assurances_content(
637 $userid,
638 &$sum_points,
639 &$sum_experience,
640 $support,
641 $ticketno,
642 $log)
643 {
644 $sum_points = 0;
645 $sum_experience = 0;
646 $res = get_given_assurances(intval($userid), $log);
647 while($row = mysql_fetch_assoc($res))
648 {
649 $assuree = get_user(intval($row['to']));
650 calc_experience($row, $sum_points, $sum_experience);
651 output_assurances_row($row, $userid, $assuree, $support, $ticketno, $log);
652 }
653 }
654
655 // ************* output received assurances ******************
656
657 /**
658 * Helper function to render assurances received by the user
659 * @param int $userid
660 * @param int& $sum_points - [out] sum of received points
661 * @param int& $sum_experience - [out] sum of experience points the assurers gained
662 * @param int $support - set to 1 if the output is for the support interface
663 * @param string $ticketno - the ticket number set in the support interface
664 * @param int $log - if set to 1 also includes deleted assurances
665 */
666 function output_received_assurances_content(
667 $userid,
668 &$sum_points,
669 &$sum_experience,
670 $support,
671 $ticketno,
672 $log)
673 {
674 $sum_points = 0;
675 $sum_experience = 0;
676 $res = get_received_assurances(intval($userid), $log);
677 while($row = mysql_fetch_assoc($res))
678 {
679 $fromuser = get_user(intval($row['from']));
680 calc_assurances($row, $sum_points, $sum_experience);
681 output_assurances_row($row, $userid, $fromuser, $support, $ticketno, $log);
682 }
683 }
684
685 // ************* output summary table ******************
686
687 function check_date_limit ($userid,$age)
688 {
689 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
690 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
691 return intval(query_get_number_of_rows($res));
692 }
693
694 function max_points($userid)
695 {
696 return output_summary_content ($userid,0);
697 }
698
699 function output_summary_content($userid,$display_output)
700 {
701 $sum_points = 0;
702 $sum_experience = 0;
703 $sum_experience_other = 0;
704 $max_points = 100;
705 $max_experience = 50;
706
707 $experience_limit_reached_txt = _("Limit reached");
708
709 if (check_date_limit($userid,18) != 1)
710 {
711 $max_experience = 10;
712 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
713 }
714 if (check_date_limit($userid,14) != 1)
715 {
716 $max_experience = 0;
717 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
718 }
719
720 $res = get_received_assurances_summary($userid);
721 while($row = mysql_fetch_assoc($res))
722 {
723 $points = calc_awarded($row);
724
725 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
726 {
727 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
728 $points = $max_points;
729 }
730 $sum_points += $points*intval($row['number']);
731 }
732
733 $res = get_given_assurances_summary($userid);
734 while($row = mysql_fetch_assoc($res))
735 {
736 switch ($row['method'])
737 {
738 case 'Face to Face Meeting': // count Face to Face only
739 $sum_experience += 2*intval($row['number']);
740 break;
741 }
742
743 }
744
745 if ($sum_points > $max_points)
746 {
747 $sum_points_countable = $max_points;
748 $remark_points = _("Limit reached");
749 }
750 else
751 {
752 $sum_points_countable = $sum_points;
753 $remark_points = "&nbsp;";
754 }
755 if ($sum_experience > $max_experience)
756 {
757 $sum_experience_countable = $max_experience;
758 $remark_experience = $experience_limit_reached_txt;
759 }
760 else
761 {
762 $sum_experience_countable = $sum_experience;
763 $remark_experience = "&nbsp;";
764 }
765
766 if ($sum_experience_countable + $sum_experience_other > $max_experience)
767 {
768 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
769 $remark_experience_other = $experience_limit_reached_txt;
770 }
771 else
772 {
773 $sum_experience_other_countable = $sum_experience_other;
774 $remark_experience_other = "&nbsp;";
775 }
776
777 if ($sum_points_countable < $max_points)
778 {
779 if ($sum_experience_countable != 0)
780 $remark_experience = _("Points on hold due to less assurance points");
781 $sum_experience_countable = 0;
782 if ($sum_experience_other_countable != 0)
783 $remark_experience_other = _("Points on hold due to less assurance points");
784 $sum_experience_other_countable = 0;
785 }
786
787 $issue_points = 0;
788 $cats_test_passed = get_cats_state ($userid);
789 if ($cats_test_passed == 0)
790 {
791 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
792 if ($sum_points_countable < $max_points)
793 {
794 $issue_points_txt = "<strong style='color: red'>";
795 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
796 $issue_points_txt .= "</strong>";
797 }
798 }
799 else
800 {
801 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
802 $issue_points_txt = "";
803 if ($sum_points_countable == $max_points)
804 $issue_points = 10;
805 if ($experience_total >= 10)
806 $issue_points = 15;
807 if ($experience_total >= 20)
808 $issue_points = 20;
809 if ($experience_total >= 30)
810 $issue_points = 25;
811 if ($experience_total >= 40)
812 $issue_points = 30;
813 if ($experience_total >= 50)
814 $issue_points = 35;
815 if ($issue_points != 0)
816 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
817 }
818 if ($display_output)
819 {
820 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
821 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
822 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
823 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
824 }
825 return $issue_points;
826 }
827
828 /**
829 * Render assurances given by the user
830 * @param int $userid
831 * @param int $support - set to 1 if the output is for the support interface
832 * @param string $ticketno - the ticket number set in the support interface
833 * @param int $log - if set to 1 also includes deleted assurances
834 */
835 function output_given_assurances($userid, $support=0, $ticketno='', $log=0)
836 {
837 output_assurances_header(
838 _("Assurance Points You Issued"),
839 $support,
840 $log);
841
842 output_given_assurances_content(
843 $userid,
844 $sum_points,
845 $sum_experience,
846 $support,
847 $ticketno,
848 $log);
849
850 output_assurances_footer(
851 _("Total Points Issued"),
852 $sum_points,
853 _("Total Experience Points"),
854 $sum_experience,
855 $support,
856 $log);
857 }
858
859 /**
860 * Render assurances received by the user
861 * @param int $userid
862 * @param int $support - set to 1 if the output is for the support interface
863 * @param string $ticketno - the ticket number set in the support interface
864 * @param int $log - if set to 1 also includes deleted assurances
865 */
866 function output_received_assurances($userid, $support=0, $ticketno='', $log=0)
867 {
868 output_assurances_header(
869 _("Assurance Points You Received"),
870 $support,
871 $log);
872
873 output_received_assurances_content(
874 $userid,
875 $sum_points,
876 $sum_experience,
877 $support,
878 $ticketno,
879 $log);
880
881 output_assurances_footer(
882 _("Total Points Received"),
883 $sum_points,
884 _("Total Experience Points"),
885 $sum_experience,
886 $support,
887 $log);
888 }
889
890 function output_summary($userid)
891 {
892 output_summary_header();
893 output_summary_content($userid,1);
894 output_summary_footer();
895 }
896
897 function output_end_of_page()
898 {
899 ?>
900 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
901 <?
902 }
903
904 //functions to do with recording user agreements
905 /**
906 * write_user_agreement()
907 * writes a new record to the table user_agreement
908 *
909 * @param mixed $memid
910 * @param mixed $document
911 * @param mixed $method
912 * @param mixed $comment
913 * @param integer $active
914 * @param integer $secmemid
915 * @return
916 */
917 function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
918 // write a new record to the table user_agreement
919 $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
920 ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
921 $res = mysql_query($query);
922 }
923
924 /**
925 * get_user_agreement_status()
926 * returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
927 * @param mixed $memid
928 * @param string $type
929 * @return
930 */
931 function get_user_agreement_status($memid, $type="CCA"){
932 $query="SELECT u.`document` FROM `user_agreements` u
933 WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
934 $res = mysql_query($query);
935 if(mysql_num_rows($res) <=0){
936 return 0;
937 }else{
938 return 1;
939 }
940 }
941
942 /**
943 * Get the first user_agreement entry of the requested type
944 * @param int $memid
945 * @param string $type - the type of user agreement, by default all
946 * agreements are listed
947 * @param int $active - whether to get active or passive agreements:
948 * 0 := passive
949 * 1 := active
950 * null := both
951 * @return array(string=>mixed) - an associative array containing
952 * 'document', 'date', 'method', 'comment', 'active'
953 */
954 function get_first_user_agreement($memid, $type=null, $active=null){
955 $filter = '';
956 if (!is_null($type)) {
957 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
958 }
959
960 if (!is_null($active)) {
961 $filter .= " AND u.`active` = ".intval($active);
962 }
963
964 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
965 WHERE u.`memid`=".intval($memid)."
966 $filter
967 ORDER BY u.`date` LIMIT 1";
968 $res = mysql_query($query);
969 if(mysql_num_rows($res) >0){
970 $rec = mysql_fetch_assoc($res);
971 }else{
972 $rec=array();
973 }
974 return $rec;
975 }
976
977 /**
978 * Get the last user_agreement entry of the requested type
979 * @param int $memid
980 * @param string $type - the type of user agreement, by default all
981 * agreements are listed
982 * @param int $active - whether to get active or passive agreements:
983 * 0 := passive,
984 * 1 := active,
985 * null := both
986 * @return array(string=>mixed) - an associative array containing
987 * 'document', 'date', 'method', 'comment', 'active'
988 */
989 function get_last_user_agreement($memid, $type=null, $active=null){
990 $filter = '';
991 if (!is_null($type)) {
992 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
993 }
994
995 if (!is_null($active)) {
996 $filter .= " AND u.`active` = ".intval($active);
997 }
998
999 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
1000 WHERE u.`memid`=".intval($memid)."
1001 $filter
1002 ORDER BY u.`date` DESC LIMIT 1";
1003 $res = mysql_query($query);
1004 if(mysql_num_rows($res) >0){
1005 $rec = mysql_fetch_assoc($res);
1006 }else{
1007 $rec=array();
1008 }
1009 return $rec;
1010 }
1011
1012 /**
1013 * Get the all user_agreement entries of the requested type
1014 * @param int $memid
1015 * @param string $type - the type of user agreement, by default all
1016 * agreements are listed
1017 * @param int $active - whether to get an active or passive agreements:
1018 * 0 := passive,
1019 * 1 := active,
1020 * null := both
1021 * @return resource - a mysql result set containing all agreements
1022 */
1023 function get_user_agreements($memid, $type=null, $active=null){
1024 $filter = '';
1025 if (!is_null($type)) {
1026 $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
1027 }
1028
1029 if (!is_null($active)) {
1030 $filter .= " AND u.`active` = ".intval($active);
1031 }
1032
1033 $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
1034 WHERE u.`memid`=".intval($memid)."
1035 $filter
1036 ORDER BY u.`date`";
1037 return mysql_query($query);
1038 }
1039
1040 /**
1041 * delete_user_agreement()
1042 * deletes all entries for a given type from user_agreement of a given user, if type is not given all
1043 * @param mixed $memid
1044 * @param string $type
1045 * @return
1046 */
1047 function delete_user_agreement($memid, $type=false){
1048 if ($type === false) {
1049 $filter = '';
1050 } else {
1051 $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
1052 }
1053 mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
1054 }
1055
1056 // functions for 6.php (assure somebody)
1057
1058 function AssureHead($confirmation,$checkname)
1059 {
1060 ?>
1061 <form method="post" action="wot.php">
1062 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
1063 <tr>
1064 <td colspan="2" class="title"><?=$confirmation?></td>
1065 </tr>
1066 <tr>
1067 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
1068 </tr>
1069 <?
1070 }
1071
1072 function AssureTextLine($field1,$field2)
1073 {
1074 ?>
1075 <tr>
1076 <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
1077 <td class="DataTD"><?=$field2?></td>
1078 </tr>
1079 <?
1080 }
1081
1082 function AssureBoxLine($type,$text,$checked)
1083 {
1084 ?>
1085 <tr>
1086 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
1087 <td class="DataTD"><?=$text?></td>
1088 </tr>
1089 <?
1090 }
1091
1092 function AssureMethodLine($text,$methods,$remark)
1093 {
1094 if (count($methods) != 1) {
1095 ?>
1096 <tr>
1097 <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
1098 <td class="DataTD">
1099 <select name="method">
1100 <?
1101 foreach($methods as $val) {
1102 ?>
1103 <option value="<?=$val?>"><?=$val?></option>
1104 <?
1105 }
1106 ?>
1107 </select>
1108 <br />
1109 <?=$remark?>
1110 </td>
1111 </tr>
1112 <?
1113 } else {
1114 ?>
1115 <input type="hidden" name="method" value="<?=$methods[0]?>" />
1116 <?
1117 }
1118 }
1119
1120 function AssureInboxLine($type,$field,$value,$description)
1121 {
1122 ?>
1123 <tr>
1124 <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
1125 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
1126 </tr>
1127 <?
1128 }
1129
1130 function AssureFoot($oldid,$confirm)
1131 {
1132 ?>
1133 <tr>
1134 <td class="DataTD" colspan="2">
1135 <input type="submit" name="process" value="<?=$confirm?>" />
1136 <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
1137 </td>
1138 </tr>
1139 </table>
1140 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
1141 <input type="hidden" name="oldid" value="<?=$oldid?>" />
1142 </form>
1143 <?
1144 }
1145
1146 function account_email_delete($mailid){
1147 //deletes an email entry from an acount
1148 //revolkes all certifcates for that email address
1149 //called from www/account.php if($process != "" && $oldid == 2)
1150 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
1151 //called from account_delete
1152 $mailid = intval($mailid);
1153 revoke_all_client_cert($mailid);
1154 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
1155 mysql_query($query);
1156 }
1157
1158 function account_domain_delete($domainid){
1159 //deletes an domain entry from an acount
1160 //revolkes all certifcates for that domain address
1161 //called from www/account.php if($process != "" && $oldid == 9)
1162 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
1163 //called from account_delete
1164 $domainid = intval($domainid);
1165 revoke_all_server_cert($domainid);
1166 mysql_query(
1167 "update `domains`
1168 set `deleted`=NOW()
1169 where `id` = '$domainid'");
1170 }
1171
1172 function account_delete($id, $arbno, $adminid){
1173 //deletes an account following the deleted account routnie V3
1174 // called from www/account.php if($oldid == 50 && $process != "")
1175 //change password
1176 $id = intval($id);
1177 $arbno = mysql_real_escape_string($arbno);
1178 $adminid = intval($adminid);
1179 $pool = 'abcdefghijklmnopqrstuvwxyz';
1180 $pool .= '0123456789!()ยง';
1181 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
1182 srand ((double)microtime()*1000000);
1183 $password="";
1184 for($index = 0; $index < 30; $index++)
1185 {
1186 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
1187 }
1188 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
1189
1190 //create new mail for arbitration number
1191 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
1192 mysql_query($query);
1193 $emailid = mysql_insert_id();
1194
1195 //set new mail as default
1196 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
1197 mysql_query($query);
1198
1199 //delete all other email address
1200 $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
1201 $res=mysql_query($query);
1202 while($row = mysql_fetch_assoc($res)){
1203 account_email_delete($row['id']);
1204 }
1205
1206 //delete all domains
1207 $query = "select `id` from `domains` where `memid`='".$id."'";
1208 $res=mysql_query($query);
1209 while($row = mysql_fetch_assoc($res)){
1210 account_domain_delete($row['id']);
1211 }
1212
1213 //clear alert settings
1214 mysql_query(
1215 "update `alerts` set
1216 `general`='0',
1217 `country`='0',
1218 `regional`='0',
1219 `radius`='0'
1220 where `memid`='$id'");
1221
1222 //set default location
1223 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
1224 mysql_query($query);
1225
1226 //clear listings
1227 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
1228 mysql_query($query);
1229
1230 //set lanuage to default
1231 //set default language
1232 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
1233 //delete secondary langugaes
1234 mysql_query("delete from `addlang` where `userid`='".$id."'");
1235
1236 //change secret questions
1237 for($i=1;$i<=5;$i++){
1238 $q="";
1239 $a="";
1240 for($index = 0; $index < 30; $index++)
1241 {
1242 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
1243 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
1244 }
1245 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
1246 mysql_query($query);
1247 }
1248
1249 //change personal information to arbitration number and DOB=1900-01-01
1250 $query = "update `users` set `fname`='".$arbno."',
1251 `mname`='".$arbno."',
1252 `lname`='".$arbno."',
1253 `suffix`='".$arbno."',
1254 `dob`='1900-01-01'
1255 where `id`='".$id."'";
1256 mysql_query($query);
1257
1258 //clear all admin and board flags
1259 mysql_query(
1260 "update `users` set
1261 `assurer`='0',
1262 `assurer_blocked`='0',
1263 `codesign`='0',
1264 `orgadmin`='0',
1265 `ttpadmin`='0',
1266 `locadmin`='0',
1267 `admin`='0',
1268 `adadmin`='0',
1269 `tverify`='0',
1270 `board`='0'
1271 where `id`='$id'");
1272
1273 //block account
1274 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
1275 }
1276
1277
1278 function check_email_exists($email){
1279 // called from includes/account.php if($process != "" && $oldid == 1)
1280 // called from includes/account.php if($oldid == 50 && $process != "")
1281 $email = mysql_real_escape_string($email);
1282 $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
1283 $res = mysql_query($query);
1284 return mysql_num_rows($res) > 0;
1285 }
1286
1287 function check_gpg_cert_running($uid,$cca=0){
1288 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1289 // called from includes/account.php if($oldid == 50 && $process != "")
1290 $uid = intval($uid);
1291 if (0==$cca) {
1292 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
1293 }else{
1294 $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
1295 }
1296 $res = mysql_query($query);
1297 return mysql_num_rows($res) > 0;
1298 }
1299
1300 function check_client_cert_running($uid,$cca=0){
1301 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1302 // called from includes/account.php if($oldid == 50 && $process != "")
1303 $uid = intval($uid);
1304 if (0==$cca) {
1305 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
1306 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
1307 }else{
1308 $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
1309 $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
1310 }
1311 $res = mysql_query($query1);
1312 $r1 = mysql_num_rows($res)>0;
1313 $res = mysql_query($query2);
1314 $r2 = mysql_num_rows($res)>0;
1315 return !!($r1 || $r2);
1316 }
1317
1318 function check_server_cert_running($uid,$cca=0){
1319 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
1320 // called from includes/account.php if($oldid == 50 && $process != "")
1321 $uid = intval($uid);
1322 if (0==$cca) {
1323 $query1 = "
1324 select 1 from `domaincerts` join `domains`
1325 on `domaincerts`.`domid` = `domains`.`id`
1326 where `domains`.`memid` = '$uid'
1327 and `domaincerts`.`expire` > NOW()
1328 and `domaincerts`.`revoked` < `domaincerts`.`created`";
1329 $query2 = "
1330 select 1 from `domaincerts` join `domains`
1331 on `domaincerts`.`domid` = `domains`.`id`
1332 where `domains`.`memid` = '$uid'
1333 and `revoked`>NOW()";
1334 }else{
1335 $query1 = "
1336 select 1 from `domaincerts` join `domains`
1337 on `domaincerts`.`domid` = `domains`.`id`
1338 where `domains`.`memid` = '$uid'
1339 and `expire`>(NOW()-90*86400)
1340 and `revoked`<`created`";
1341 $query2 = "
1342 select 1 from `domaincerts` join `domains`
1343 on `domaincerts`.`domid` = `domains`.`id`
1344 where `domains`.`memid` = '$uid'
1345 and `revoked`>(NOW()-90*86400)";
1346 }
1347 $res = mysql_query($query1);
1348 $r1 = mysql_num_rows($res)>0;
1349 $res = mysql_query($query2);
1350 $r2 = mysql_num_rows($res)>0;
1351 return !!($r1 || $r2);
1352 }
1353
1354 function check_is_orgadmin($uid){
1355 // called from includes/account.php if($oldid == 50 && $process != "")
1356 $uid = intval($uid);
1357 $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
1358 $res = mysql_query($query);
1359 return mysql_num_rows($res) > 0;
1360 }
1361
1362
1363 // revokation of certificates
1364 function revoke_all_client_cert($mailid){
1365 //revokes all client certificates for an email address
1366 $mailid = intval($mailid);
1367 $query = "select `emailcerts`.`id`
1368 from `emaillink`,`emailcerts` where
1369 `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
1370 group by `emailcerts`.`id`";
1371 $dres = mysql_query($query);
1372 while($drow = mysql_fetch_assoc($dres)){
1373 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
1374 }
1375 }
1376
1377 function revoke_all_server_cert($domainid){
1378 //revokes all server certs for an domain
1379 $domainid = intval($domainid);
1380 $query =
1381 "select `domaincerts`.`id`
1382 from `domaincerts`
1383 where `domaincerts`.`domid` = '$domainid'
1384 union distinct
1385 select `domaincerts`.`id`
1386 from `domaincerts`, `domlink`
1387 where `domaincerts`.`id` = `domlink`.`certid`
1388 and `domlink`.`domid` = '$domainid'";
1389 $dres = mysql_query($query);
1390 while($drow = mysql_fetch_assoc($dres))
1391 {
1392 mysql_query(
1393 "update `domaincerts`
1394 set `revoked`='1970-01-01 10:00:01'
1395 where `id` = '".$drow['id']."'
1396 and `revoked` = 0");
1397 }
1398 }
1399
1400 function revoke_all_private_cert($uid){
1401 //revokes all certificates linked to a personal accounts
1402 //gpg revokation needs to be added to a later point
1403 $uid=intval($uid);
1404 $query = "select `id` from `email` where `memid`='".$uid."'";
1405 $res=mysql_query($query);
1406 while($row = mysql_fetch_assoc($res)){
1407 revoke_all_client_cert($row['id']);
1408 }
1409
1410
1411 $query = "select `id` from `domains` where `memid`='".$uid."'";
1412 $res=mysql_query($query);
1413 while($row = mysql_fetch_assoc($res)){
1414 revoke_all_server_cert($row['id']);
1415 }
1416 }
1417
1418 /**
1419 * check_date_format()
1420 * checks if the date is entered in the right date format YYYY-MM-DD and
1421 * if the date is after the 1st January of the given year
1422 *
1423 * @param mixed $date
1424 * @param integer $year
1425 * @return
1426 */
1427 function check_date_format($date, $year=2000){
1428 if (!strpos($date,'-')) {
1429 return FALSE;
1430 }
1431 $arr=explode('-',$date);
1432
1433 if ((count($arr)!=3)) {
1434 return FALSE;
1435 }
1436 if (intval($arr[0])<=$year) {
1437 return FALSE;
1438 }
1439 if (intval($arr[1])>12 or intval($arr[1])<=0) {
1440 return FALSE;
1441 }
1442 if (intval($arr[2])>31 or intval($arr[2])<=0) {
1443 return FALSE;
1444 }
1445
1446 return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
1447
1448 }
1449
1450 /**
1451 * check_date_difference()
1452 * returns false if the date is larger then today + time diffrence
1453 *
1454 * @param mixed $date
1455 * @param integer $diff
1456 * @return
1457 */
1458 function check_date_difference($date, $diff=1){
1459 return (strtotime($date)<=time()+$diff*86400);
1460 }
1461
1462 /**
1463 * Write some information to the adminlog
1464 *
1465 * @param int $uid - id of the user account
1466 * @param int $adminid - id of the admin
1467 * @param string $type - the operation that was performed on the user account
1468 * @param string $info - the ticket / arbitration number or other information
1469 * @return bool - true := success, false := error
1470 */
1471 function write_se_log($uid, $adminid, $type, $info){
1472 //records all support engineer actions changing a user account
1473 $uid = intval($uid);
1474 $adminid = intval($adminid);
1475 $type = mysql_real_escape_string($type);
1476 $info = mysql_real_escape_string($info);
1477 $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
1478 (Now(), $uid, $adminid, '$type', '$info')";
1479 return mysql_query($query);
1480 }
1481
1482 /**
1483 * Check if the entered information is a valid ticket or arbitration number
1484 * @param string $ticketno
1485 * @return bool
1486 */
1487 function valid_ticket_number($ticketno){
1488 //a arbitration case
1489 //d dispute action
1490 //s support case
1491 //m board motion
1492 $pattern='/[adsmADSM]\d{8}\.\d+/';
1493 if (preg_match($pattern, $ticketno)) {
1494 return true;
1495 }
1496 return false;
1497 }
1498
1499 // function for handling account/43.php
1500 /**
1501 * Get all data of an account given by the id from the `users` table
1502 * @param int $userid - account id
1503 * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
1504 * @return resource - a mysql result set
1505 */
1506 function get_user_data($userid, $deleted=0){
1507 $userid = intval($userid);
1508 $filter='';
1509 if (0==$deleted) {
1510 $filter .=' and `users`.`deleted`=0';
1511 }
1512 $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
1513 return mysql_query($query);
1514 }
1515
1516 /**
1517 * Get the alert settings for a user
1518 * @param int $userid for the requested account
1519 * @return array - associative array
1520 */
1521 function get_alerts($userid){
1522 return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
1523 }
1524
1525 /**
1526 * Get all email addresses linked to the account
1527 * @param int $userid
1528 * @param string $exclude - if given the email address will be excluded
1529 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1530 * @return resource - a mysql result set
1531 */
1532 function get_email_addresses($userid, $exclude, $deleted=0){
1533 //should be entered in account/2.php
1534 $userid = intval($userid);
1535 $filter='';
1536 if (0==$deleted) {
1537 $filter .= ' and `deleted`=0';
1538 }
1539 if ($exclude) {
1540 $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
1541 }
1542 $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
1543 return mysql_query($query);
1544 }
1545
1546 /**
1547 * Get all domains linked to the account
1548 * @param int $userid
1549 * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
1550 * @return resource - a mysql result set
1551 */
1552 function get_domains($userid, $deleted=0){
1553 //should be entered in account/9.php
1554 $userid = intval($userid);
1555 $filter='';
1556 if (0==$deleted) {
1557 $filter .= ' and `deleted`=0';
1558 }
1559 $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
1560 return mysql_query($query);
1561 }
1562
1563 /**
1564 * Get all training results for the account
1565 * @param int $userid
1566 * @return resource - a mysql result set
1567 */
1568 function get_training_results($userid){
1569 //should be entered in account/55.php
1570 $userid = intval($userid);
1571 $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
1572 " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
1573 " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
1574 " ORDER BY `CP`.`pass_date`";
1575 return mysql_query($query);
1576 }
1577
1578 /**
1579 * Get all SE log entries for the account
1580 * @param int $userid
1581 * @return resource - a mysql result set
1582 */
1583 function get_se_log($userid){
1584 $userid = intval($userid);
1585 $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
1586 FROM `adminlog`, `users`
1587 WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
1588 ORDER BY `adminlog`.`when`";
1589 return mysql_query($query);
1590 }
1591
1592 /**
1593 * Get all client certificates linked to the account
1594 * @param int $userid
1595 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1596 * @return resource - a mysql result set
1597 */
1598 function get_client_certs($userid, $viewall=0){
1599 //add to account/5.php
1600 $userid = intval($userid);
1601 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
1602 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1603 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
1604 `emailcerts`.`expire`,
1605 `emailcerts`.`revoked` as `revoke`,
1606 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
1607 `emailcerts`.`id`,
1608 `emailcerts`.`CN`,
1609 `emailcerts`.`serial`,
1610 `emailcerts`.`disablelogin`,
1611 `emailcerts`.`description`
1612 from `emailcerts`
1613 where `emailcerts`.`memid`='".$userid."'";
1614 if($viewall == 0)
1615 {
1616 $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
1617 $query .= " HAVING `timeleft` > 0";
1618 }
1619 $query .= " ORDER BY `emailcerts`.`modified` desc";
1620 return mysql_query($query);
1621 }
1622
1623 /**
1624 * Get all server certs linked to the account
1625 * @param int $userid
1626 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1627 * @return resource - a mysql result set
1628 */
1629 function get_server_certs($userid, $viewall=0){
1630 //add to account/12.php
1631 $userid = intval($userid);
1632 $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
1633 UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1634 UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
1635 `domaincerts`.`expire`,
1636 `domaincerts`.`revoked` as `revoke`,
1637 UNIX_TIMESTAMP(`revoked`) as `revoked`,
1638 `domaincerts`.`CN`,
1639 `domaincerts`.`serial`,
1640 `domaincerts`.`id`,
1641 `domaincerts`.`description`
1642 from `domaincerts`,`domains`
1643 where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
1644 if($viewall == 0)
1645 {
1646 $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
1647 $query .= " HAVING `timeleft` > 0";
1648 }
1649 $query .= " ORDER BY `domaincerts`.`modified` desc";
1650 return mysql_query($query);
1651 }
1652
1653 /**
1654 * Get all gpg certs linked to the account
1655 * @param int $userid
1656 * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
1657 * @return resource - a mysql result set
1658 */
1659 function get_gpg_certs($userid, $viewall=0){
1660 //add to gpg/2.php
1661 $userid = intval($userid);
1662 $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
1663 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
1664 UNIX_TIMESTAMP(`expire`) as `expired`,
1665 `expire`, `id`, `level`, `email`, `keyid`, `description`
1666 from `gpg` where `memid`='".$userid."'";
1667 if ($viewall == 0) {
1668 $query .= " HAVING `timeleft` > 0";
1669 }
1670 $query .= " ORDER BY `issued` desc";
1671 return mysql_query($query);
1672 }
1673
1674
1675
1676 /**
1677 * Show the table header to the email table for the admin log
1678 */
1679 function output_log_email_header(){
1680 ?>
1681 <tr>
1682 <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
1683 <td class="DataTD bold"><?= _("Created") ?></td>
1684 <td class="DataTD bold"><?= _("Deleted") ?></td>
1685 </tr>
1686
1687 <?
1688 }
1689 /**
1690 * Show all email data for the admin log
1691 * @param array $row - associative array containing the column data
1692 * @param string $primary - if given the primary address is highlighted
1693 */
1694 function output_log_email($row, $primary){
1695 $style = '';
1696 if ($row['deleted'] !== NULL_DATETIME) {
1697 $style = ' deletedemailaddress';
1698 } elseif ($primary == $row['email']) {
1699 $style = ' primaryemailaddress';
1700 }
1701 ?>
1702 <tr>
1703 <td class="DataTD<?=$style?>"><?=$row['email']?></td>
1704 <td class="DataTD<?=$style?>"><?=$row['created']?></td>
1705 <td class="DataTD<?=$style?>"><?=$row['deleted']?></td>
1706 </tr>
1707 <?
1708 }
1709
1710 /**
1711 * Show the table header to the domains table for the admin log
1712 */
1713 function output_log_domains_header(){
1714 ?>
1715 <tr>
1716 <td class="DataTD bold"><?= _("Domain") ?></td>
1717 <td class="DataTD bold"><?= _("Created") ?></td>
1718 <td class="DataTD bold"><?= _("Deleted") ?></td>
1719 </tr>
1720
1721 <?
1722 }
1723
1724 /**
1725 * Show the domain data for the admin log
1726 * @param array $row - associative array containing the column data
1727 */
1728 function output_log_domains($row){
1729 $italic='';
1730 if ($row['deleted'] !== NULL_DATETIME) {
1731 $italic=' italic';
1732 }
1733 ?>
1734 <tr>
1735 <td class="DataTD<?=$italic?>"><?=$row['domain']?></td>
1736 <td class="DataTD<?=$italic?>"><?=$row['created']?></td>
1737 <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td>
1738 </tr>
1739 <?
1740 }
1741
1742 /**
1743 * Show the table header to the user agreement table for the admin log
1744 */
1745 function output_log_agreement_header(){
1746 ?>
1747 <tr>
1748 <td class="DataTD bold"><?= _("Agreement") ?></td>
1749 <td class="DataTD bold"><?= _("Date") ?></td>
1750 <td class="DataTD bold"><?= _("Method") ?></td>
1751 <td class="DataTD bold"><?= _("Active ") ?></td>
1752 </tr>
1753 <?
1754 }
1755
1756 /**
1757 * Show the agreement data for the admin log
1758 * @param array $row - associative array containing the column data
1759 */
1760 function output_log_agreement($row){
1761 ?>
1762 <tr>
1763 <td class="DataTD" ><?=$row['document']?></td>
1764 <td class="DataTD" ><?=$row['date']?></td>
1765 <td class="DataTD" ><?=$row['method']?></td>
1766 <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
1767 </tr>
1768 <?
1769 }
1770
1771 /**
1772 * Show the table header to the training table
1773 */
1774 function output_log_training_header(){
1775 //should be entered in account/55.php
1776 ?>
1777 <tr>
1778 <td class="DataTD bold"><?= _("Agreement") ?></td>
1779 <td class="DataTD bold"><?= _("Test") ?></td>
1780 <td class="DataTD bold"><?= _("Variant") ?></td>
1781 </tr>
1782 <?
1783 }
1784
1785 /**
1786 * Show the training data
1787 * @param array $row - associative array containing the column data
1788 */
1789 function output_log_training($row){
1790 //should be entered in account/55.php
1791 ?>
1792 <tr>
1793 <td class="DataTD"><?=$row['pass_date']?></td>
1794 <td class="DataTD"><?=$row['type_text']?></td>
1795 <td class="DataTD"><?=$row['test_text']?></td>
1796 </tr>
1797 <?
1798 }
1799
1800 /**
1801 * Show the table header to the SE log table for the admin log
1802 * @param int $support - if support = 1 more information is visible
1803 */
1804 function output_log_se_header($support=0){
1805 ?>
1806 <tr>
1807 <td class="DataTD bold"><?= _("Date") ?></td>
1808 <td class="DataTD bold"><?= _("Type") ?></td>
1809 <?
1810 if (1 == $support) {
1811 ?>
1812 <td class="DataTD bold"><?= _("Information") ?></td>
1813 <td class="DataTD bold"><?= _("Admin") ?></td>
1814 <?
1815 }
1816 ?>
1817 </tr>
1818 <?
1819 }
1820
1821 /**
1822 * Show the SE log data for the admin log
1823 * @param array $row - associative array containing the column data
1824 * @param int $support - if support = 1 more information is visible
1825 */
1826 function output_log_se($row, $support=0){
1827 //should be entered in account/55.php
1828 ?>
1829 <tr>
1830 <td class="DataTD"><?=$row['when']?></td>
1831 <td class="DataTD"><?=$row['type']?></td>
1832 <?
1833 if (1 == $support) {
1834 ?>
1835 <td class="DataTD"><?=$row['information']?></td>
1836 <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
1837 <?
1838 }
1839 ?>
1840 </tr>
1841 <?
1842 }
1843
1844 /**
1845 * Shows the table header to the client cert table
1846 * @param int $support - if support = 1 some columns ar not visible
1847 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1848 */
1849 function output_client_cert_header($support=0, $readonly=true){
1850 //should be added to account/5.php
1851 ?>
1852 <tr>
1853 <?
1854 if (!$readonly) {
1855 ?>
1856 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1857 <?
1858 }
1859 ?>
1860 <td class="DataTD"><?=_("Status")?></td>
1861 <td class="DataTD"><?=_("Email Address")?></td>
1862 <td class="DataTD"><?=_("SerialNumber")?></td>
1863 <td class="DataTD"><?=_("Revoked")?></td>
1864 <td class="DataTD"><?=_("Expires")?></td>
1865 <td class="DataTD"><?=_("Login")?></td>
1866 <?
1867 if (1 != $support) {
1868 ?>
1869 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
1870 <?
1871 }
1872 ?>
1873 </tr>
1874 <?
1875 }
1876
1877 /**
1878 * Show the client cert data
1879 * @param array $row - associative array containing the column data
1880 * @param int $support - if support = 1 some columns are not visible
1881 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1882 */
1883 function output_client_cert($row, $support=0, $readonly=true){
1884 //should be entered in account/5.php
1885 $verified="";
1886 if ($row['timeleft'] > 0) {
1887 $verified = _("Valid");
1888 } else {
1889 $verified = _("Expired");
1890 }
1891
1892 if ($row['expired'] == 0) {
1893 $verified = _("Pending");
1894 }
1895
1896 if ($row['revoked'] == 0) {
1897 $row['revoke'] = _("Not Revoked");
1898 } else {
1899 $verified = _("Revoked");
1900 }
1901
1902 ?>
1903 <tr>
1904 <?
1905 if (!$readonly) {
1906 if ($verified === _("Pending")) {
1907 ?>
1908 <td class="DataTD">
1909 <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>">
1910 </td>
1911 <?
1912
1913 } elseif ($verified === _("Revoked")) {
1914 ?>
1915 <td class="DataTD">&nbsp;</td>
1916 <?
1917
1918 } else {
1919 ?>
1920 <td class="DataTD">
1921 <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>">
1922 </td>
1923 <?
1924 }
1925 }
1926
1927 ?>
1928 <td class="DataTD"><?=$verified?></td>
1929 <?
1930
1931 if ($verified === _("Pending")) {
1932 ?>
1933 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
1934 <?
1935 } else {
1936 ?>
1937 <td class="DataTD">
1938 <a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>">
1939 <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
1940 </a>
1941 </td>
1942 <?
1943 }
1944
1945 ?>
1946 <td class="DataTD"><?=$row['serial']?></td>
1947 <td class="DataTD"><?=$row['revoke']?></td>
1948 <td class="DataTD"><?=$row['expire']?></td>
1949 <td class="DataTD">
1950 <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
1951 <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
1952 </td>
1953 <?
1954
1955 if (1 != $support) {
1956 ?>
1957 <td class="DataTD">
1958 <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
1959 </td>
1960 <?
1961 if (!$readonly) {
1962 ?>
1963 <td class="DataTD">
1964 <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
1965 </td>
1966 <?
1967 }
1968 }
1969
1970 ?>
1971 </tr>
1972 <?
1973 }
1974
1975 /**
1976 * Show the table header to the server cert table
1977 * @param int $support - if support = 1 some columns ar not visible
1978 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
1979 */
1980 function output_server_certs_header($support=0, $readonly=true){
1981 //should be entered in account/12.php
1982 ?>
1983 <tr>
1984 <?
1985 if (!$readonly) {
1986 ?>
1987 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
1988 <?
1989 }
1990 ?>
1991 <td class="DataTD"><?=_("Status")?></td>
1992 <td class="DataTD"><?=_("CommonName")?></td>
1993 <td class="DataTD"><?=_("SerialNumber")?></td>
1994 <td class="DataTD"><?=_("Revoked")?></td>
1995 <td class="DataTD"><?=_("Expires")?></td>
1996 <?
1997 if (1 != $support) {
1998 ?>
1999 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
2000 <?
2001 }
2002 ?>
2003 </tr>
2004 <?
2005 }
2006
2007 /**
2008 * Show the server cert data
2009 * @param array $row - associative array containing the column data
2010 * @param int $support - if support = 1 some columns are not visible
2011 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
2012 */
2013 function output_server_certs($row, $support=0, $readonly=true){
2014 //should be entered in account/12.php
2015 $verified="";
2016 if ($row['timeleft'] > 0) {
2017 $verified = _("Valid");
2018 } else {
2019 $verified = _("Expired");
2020 }
2021
2022 if ($row['expired'] == 0) {
2023 $verified = _("Pending");
2024 }
2025
2026 if ($row['revoked'] == 0) {
2027 $row['revoke'] = _("Not Revoked");
2028 } else {
2029 $verified = _("Revoked");
2030 }
2031
2032 ?>
2033 <tr>
2034 <?
2035 if (!$readonly) {
2036 if ($verified === _("Pending")) {
2037 ?>
2038 <td class="DataTD">
2039 <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/>
2040 </td>
2041 <?
2042 } elseif($verified === _("Revoked")) {
2043 ?>
2044 <td class="DataTD">&nbsp;</td>
2045 <?
2046 } else {
2047 ?>
2048 <td class="DataTD">
2049 <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/>
2050 </td>
2051 <?
2052 }
2053 }
2054
2055 ?>
2056 <td class="DataTD"><?=$verified?></td>
2057 <?
2058
2059 if ($verified === _("Pending")) {
2060 ?>
2061 <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td>
2062 <?
2063 } else {
2064 ?>
2065 <td class="DataTD">
2066 <a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>">
2067 <?=htmlspecialchars($row['CN'])?>
2068 </a>
2069 </td>
2070 <?
2071 }
2072
2073 ?>
2074 <td class="DataTD"><?=$row['serial']?></td>
2075 <td class="DataTD"><?=$row['revoke']?></td>
2076 <td class="DataTD"><?=$row['expire']?></td>
2077 <?
2078
2079 if (1 != $support) {
2080 ?>
2081 <td class="DataTD">
2082 <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
2083 </td>
2084 <?
2085 if (!$readonly) {
2086 ?>
2087 <td class="DataTD">
2088 <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
2089 </td>
2090 <?
2091 }
2092 }
2093
2094 ?>
2095 </tr>
2096 <?
2097 }
2098
2099 /**
2100 * Show the table header to the gpg cert table
2101 * @param int $support - if support = 1 some columns ar not visible
2102 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
2103 */
2104 function output_gpg_certs_header($support=0, $readonly=true){
2105 // $readonly is currently ignored but kept for consistency
2106 ?>
2107 <tr>
2108 <td class="DataTD"><?=_("Status")?></td>
2109 <td class="DataTD"><?=_("Email Address")?></td>
2110 <td class="DataTD"><?=_("Expires")?></td>
2111 <td class="DataTD"><?=_("Key ID")?></td>
2112 <?
2113 if (1 != $support) {
2114 ?>
2115 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
2116 <?
2117 }
2118 ?>
2119 </tr>
2120 <?
2121 }
2122
2123 /**
2124 * Show the gpg cert data
2125 * @param array $row - associative array containing the column data
2126 * @param int $support - if support = 1 some columns are not visible
2127 * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
2128 */
2129 function output_gpg_certs($row, $support=0, $readonly=true){
2130 //should be entered in account/55.php
2131 $verified="";
2132 if ($row['timeleft'] > 0) {
2133 $verified = _("Valid");
2134 } else {
2135 $verified = _("Expired");
2136 }
2137
2138 if ($row['expired'] == 0) {
2139 $verified = _("Pending");
2140 }
2141
2142 ?>
2143 <tr>
2144 <td class="DataTD"><?=$verified?></td>
2145 <?
2146
2147 if($verified == _("Pending")) {
2148 ?>
2149 <td class="DataTD"><?=htmlspecialchars($row['email'])?></td>
2150 <?
2151 } else {
2152 ?>
2153 <td class="DataTD">
2154 <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
2155 <?=htmlspecialchars($row['email'])?>
2156 </a>
2157 </td>
2158 <?
2159 }
2160
2161 ?>
2162 <td class="DataTD"><?=$row['expire']?></td>
2163 <?
2164
2165 if($verified == _("Pending")) {
2166 ?>
2167 <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td>
2168 <?
2169 } else {
2170 ?>
2171 <td class="DataTD">
2172 <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
2173 <?=htmlspecialchars($row['keyid'])?>
2174 </a>
2175 </td>
2176 <?
2177 }
2178
2179 if (1 != $support) {
2180 ?>
2181 <td class="DataTD">
2182 <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
2183 </td>
2184 <?
2185 if (!$readonly) {
2186 ?>
2187 <td class="DataTD">
2188 <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
2189 </td>
2190 <?
2191 }
2192 }
2193
2194 ?>
2195 </tr>
2196 <?
2197 }