65637785ca1cd1c4fb7adcbc7eb4efd8b1cba028
[cacert-devel.git] / includes / wot.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
38 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
39 $row = query_getnextrow($res);
40
41 return intval($row['list']);
42 }
43
44 function get_number_of_assurees ($userid)
45 {
46 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
47 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
48 $row = query_getnextrow($res);
49
50 return intval($row['list']);
51 }
52
53 function get_top_assurer_position ($no_of_assurances)
54 {
55 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
56 WHERE `method` = 'Face to Face Meeting'
57 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
58 return intval(query_get_number_of_rows($res)+1);
59 }
60
61 function get_top_assuree_position ($no_of_assurees)
62 {
63 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
64 WHERE `method` = 'Face to Face Meeting'
65 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
66 return intval(query_get_number_of_rows($res)+1);
67 }
68
69 function get_given_assurances ($userid)
70 {
71 $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
72 return $res;
73 }
74
75 function get_received_assurances ($userid)
76 {
77 $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
78 return $res;
79 }
80
81 function get_given_assurances_summary ($userid)
82 {
83 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
84 return $res;
85 }
86
87 function get_received_assurances_summary ($userid)
88 {
89 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
90 return $res;
91 }
92
93 function get_user ($userid)
94 {
95 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
96 return mysql_fetch_assoc($res);
97 }
98
99 function get_cats_state ($userid)
100 {
101
102 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
103 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
104 return mysql_num_rows($res);
105 }
106
107 function calc_experience ($row,&$points,&$experience,&$sum_experience)
108 {
109 $apoints = max($row['points'], $row['awarded']);
110
111 $points += $apoints;
112
113 $experience = "&nbsp;";
114 if ($row['method'] == "Face to Face Meeting")
115 {
116 $sum_experience = $sum_experience +2;
117 $experience = "2";
118 }
119 return $apoints;
120 }
121
122 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
123 {
124 $awarded = calc_points($row);
125
126 if ($awarded > 100)
127 {
128 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
129 $awarded = 100;
130 }
131 else
132 $experience = 0;
133
134 switch ($row['method'])
135 {
136 case 'Thawte Points Transfer':
137 case 'CT Magazine - Germany':
138 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
139 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
140 $experience=0;
141 break;
142 default:
143 $points += $awarded;
144 }
145 $sumexperience = $sumexperience + $experience;
146 }
147
148
149 function show_user_link ($name,$userid)
150 {
151 $name = trim($name);
152 if($name == "")
153 {
154 if ($userid == 0)
155 $name = _("System");
156 else
157 $name = _("Deleted account");
158 }
159 else
160 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
161 return $name;
162 }
163
164 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
165 {
166 $num_of_assurances = get_number_of_assurances (intval($userid));
167 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
168 }
169
170 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
171 {
172 $num_of_assurees = get_number_of_assurees (intval($userid));
173 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
174 }
175
176
177 // ************* html table definitions ******************
178
179 function output_ranking($userid)
180 {
181 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
182 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
183
184 ?>
185 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
186 <tr>
187 <td class="title"><?=_("Assurer Ranking")?></td>
188 </tr>
189 <tr>
190 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
191 </tr>
192 <tr>
193 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
194 </tr>
195 </table>
196 <br/>
197 <?
198 }
199
200 function output_assurances_header($title)
201 {
202 ?>
203 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
204 <tr>
205 <td colspan="7" class="title"><?=$title?></td>
206 </tr>
207 <tr>
208 <td class="DataTD"><strong><?=_("ID")?></strong></td>
209 <td class="DataTD"><strong><?=_("Date")?></strong></td>
210 <td class="DataTD"><strong><?=_("Who")?></strong></td>
211 <td class="DataTD"><strong><?=_("Points")?></strong></td>
212 <td class="DataTD"><strong><?=_("Location")?></strong></td>
213 <td class="DataTD"><strong><?=_("Method")?></strong></td>
214 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
215 </tr>
216 <?
217 }
218
219 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
220 {
221 ?>
222 <tr>
223 <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
224 <td class="DataTD"><?=$points?></td>
225 <td class="DataTD">&nbsp;</td>
226 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
227 <td class="DataTD"><?=$sumexperience?></td>
228 </tr>
229 </table>
230 <br/>
231 <?
232 }
233
234 function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience)
235 {
236
237 $tdstyle="";
238 $emopen="";
239 $emclose="";
240
241 if ($awarded == $points)
242 {
243 if ($awarded == "0")
244 {
245 if ($when < "2006-09-01")
246 {
247 $tdstyle="style='background-color: #ffff80'";
248 $emopen="<em>";
249 $emclose="</em>";
250 }
251 }
252 }
253
254 ?>
255 <tr>
256 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
257 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
258 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
259 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
260 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
261 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
262 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
263 </tr>
264 <?
265 }
266
267 function output_summary_header()
268 {
269 ?>
270 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
271 <tr>
272 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
273 </tr>
274 <tr>
275 <td class="DataTD"><strong><?=_("Description")?></strong></td>
276 <td class="DataTD"><strong><?=_("Points")?></strong></td>
277 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
278 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
279 </tr>
280 <?
281 }
282
283 function output_summary_footer()
284 {
285 ?>
286 </table>
287 <br/>
288 <?
289 }
290
291 function output_summary_row($title,$points,$points_countable,$remark)
292 {
293 ?>
294 <tr>
295 <td class="DataTD"><strong><?=$title?></strong></td>
296 <td class="DataTD"><?=$points?></td>
297 <td class="DataTD"><?=$points_countable?></td>
298 <td class="DataTD"><?=$remark?></td>
299 </tr>
300 <?
301 }
302
303
304 // ************* output given assurances ******************
305
306 function output_given_assurances_content($userid,&$points,&$sum_experience)
307 {
308 $points = 0;
309 $sumexperience = 0;
310 $res = get_given_assurances(intval($userid));
311 while($row = mysql_fetch_assoc($res))
312 {
313 $fromuser = get_user (intval($row['to']));
314 $apoints = calc_experience ($row,$points,$experience,$sum_experience);
315 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
316 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
317 }
318 }
319
320 // ************* output received assurances ******************
321
322 function output_received_assurances_content($userid,&$points,&$sum_experience)
323 {
324 $points = 0;
325 $sumexperience = 0;
326 $res = get_received_assurances(intval($userid));
327 while($row = mysql_fetch_assoc($res))
328 {
329 $fromuser = get_user (intval($row['from']));
330 calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
331 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
332 output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
333 }
334 }
335
336 // ************* output summary table ******************
337
338 function check_date_limit ($userid,$age)
339 {
340 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
341 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
342 return intval(query_get_number_of_rows($res));
343 }
344
345 function calc_points($row)
346 {
347 $awarded = intval($row['awarded']);
348 if ($awarded == "")
349 $awarded = 0;
350 if (intval($row['points']) < $awarded)
351 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
352 else
353 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
354 switch ($row['method'])
355 {
356 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
357 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
358 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
359 $points = 0;
360 break;
361 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
362 if ($points <= 2) // maybe limit to 35/50 pts in the future?
363 $points = 0;
364 break;
365 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
366 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
367 case '': // to be revoked in the future? limit to max 50 pts?
368 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
369 case 'TTP-Assisted': // TTP assurances, limit to 35
370 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
371 break;
372 default: // should never happen ... ;-)
373 $points = 0;
374 }
375 if ($points < 0) // ignore negative points (bug needs to be fixed)
376 $points = 0;
377 return $points;
378 }
379
380 function max_points($userid)
381 {
382 return output_summary_content ($userid,0);
383 }
384
385 function output_summary_content($userid,$display_output)
386 {
387 $sum_points = 0;
388 $sum_experience = 0;
389 $sum_experience_other = 0;
390 $max_points = 100;
391 $max_experience = 50;
392
393 $experience_limit_reached_txt = _("Limit reached");
394
395 if (check_date_limit($userid,18) != 1)
396 {
397 $max_experience = 10;
398 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
399 }
400 if (check_date_limit($userid,14) != 1)
401 {
402 $max_experience = 0;
403 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
404 }
405
406 $res = get_received_assurances_summary($userid);
407 while($row = mysql_fetch_assoc($res))
408 {
409 $points = calc_points ($row);
410
411 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
412 {
413 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
414 $points = $max_points;
415 }
416 $sum_points += $points*intval($row['number']);
417 }
418
419 $res = get_given_assurances_summary($userid);
420 while($row = mysql_fetch_assoc($res))
421 {
422 switch ($row['method'])
423 {
424 case 'Face to Face Meeting': // count Face to Face only
425 $sum_experience += 2*intval($row['number']);
426 break;
427 }
428
429 }
430
431 if ($sum_points > $max_points)
432 {
433 $sum_points_countable = $max_points;
434 $remark_points = _("Limit reached");
435 }
436 else
437 {
438 $sum_points_countable = $sum_points;
439 $remark_points = "&nbsp;";
440 }
441 if ($sum_experience > $max_experience)
442 {
443 $sum_experience_countable = $max_experience;
444 $remark_experience = $experience_limit_reached_txt;
445 }
446 else
447 {
448 $sum_experience_countable = $sum_experience;
449 $remark_experience = "&nbsp;";
450 }
451
452 if ($sum_experience_countable + $sum_experience_other > $max_experience)
453 {
454 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
455 $remark_experience_other = $experience_limit_reached_txt;
456 }
457 else
458 {
459 $sum_experience_other_countable = $sum_experience_other;
460 $remark_experience_other = "&nbsp;";
461 }
462
463 if ($sum_points_countable < $max_points)
464 {
465 if ($sum_experience_countable != 0)
466 $remark_experience = _("Points on hold due to less assurance points");
467 $sum_experience_countable = 0;
468 if ($sum_experience_other_countable != 0)
469 $remark_experience_other = _("Points on hold due to less assurance points");
470 $sum_experience_other_countable = 0;
471 }
472
473 $issue_points = 0;
474 $cats_test_passed = get_cats_state ($userid);
475 if ($cats_test_passed == 0)
476 {
477 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
478 if ($sum_points_countable < $max_points)
479 {
480 $issue_points_txt = "<strong style='color: red'>";
481 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
482 $issue_points_txt .= "</strong>";
483 }
484 }
485 else
486 {
487 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
488 $issue_points_txt = "";
489 if ($sum_points_countable == $max_points)
490 $issue_points = 10;
491 if ($experience_total >= 10)
492 $issue_points = 15;
493 if ($experience_total >= 20)
494 $issue_points = 20;
495 if ($experience_total >= 30)
496 $issue_points = 25;
497 if ($experience_total >= 40)
498 $issue_points = 30;
499 if ($experience_total >= 50)
500 $issue_points = 35;
501 if ($issue_points != 0)
502 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
503 }
504 if ($display_output)
505 {
506 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
507 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
508 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
509 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
510 }
511 return $issue_points;
512 }
513
514 function output_given_assurances($userid)
515 {
516 output_assurances_header(_("Assurance Points You Issued"));
517 output_given_assurances_content($userid,$points,$sum_experience);
518 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
519 }
520
521 function output_received_assurances($userid)
522 {
523 output_assurances_header(_("Your Assurance Points"));
524 output_received_assurances_content($userid,$points,$sum_experience);
525 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
526 }
527
528 function output_summary($userid)
529 {
530 output_summary_header();
531 output_summary_content($userid,1);
532 output_summary_footer();
533 }
534
535 function output_end_of_page()
536 {
537 ?>
538 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
539 <?
540 }
541
542 // functions for 6.php (assure somebody)
543
544 function AssureHead($confirmation,$checkname)
545 {
546 ?>
547 <form method="post" action="wot.php">
548 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
549 <tr>
550 <td colspan="2" class="title"><?=$confirmation?></td>
551 </tr>
552 <tr>
553 <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
554 </tr>
555 <?
556 }
557
558 function AssureTextLine($field1,$field2)
559 {
560 ?>
561 <tr>
562 <td class="DataTD"><?=$field1?>:</td>
563 <td class="DataTD"><?=$field2?></td>
564 </tr>
565 <?
566 }
567
568 function AssureCCABoxLine($type,$text)
569 {
570 return;
571 AssureBoxLine($type,$text);
572 }
573
574 function AssureBoxLine($type,$text,$checked)
575 {
576 ?>
577 <tr>
578 <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
579 <td class="DataTD"><?=$text?></td>
580 </tr>
581 <?
582 }
583
584 function AssureMethodLine($text,$methods,$remark)
585 {
586 if (count($methods) != 1)
587 {
588 ?>
589 <tr>
590 <td class="DataTD"><?=$text?></td>
591 <td class="DataTD">
592 <select name="method">
593 <?
594 foreach($methods as $val) { ?>
595 <option value="<?=$val?>"> <?=$val?></option>
596
597 <? } ?>
598 </select>
599 </br><?=$remark?>
600 </td>
601 </tr>
602 <?
603 } else {
604 ?>
605 <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
606 <?
607 }
608 }
609
610 function AssureInboxLine($type,$field,$value,$description)
611 {
612 ?>
613 <tr>
614 <td class="DataTD"><?=$field?>:</td>
615 <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
616 </tr>
617 <?
618 }
619
620 function AssureFoot($oldid,$confirm)
621 {?>
622 <tr>
623 <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
624 </tr>
625 </table>
626 <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
627 <input type="hidden" name="oldid" value="<?=$oldid?>">
628 </form>
629 <?
630 }
631