Source code taken from cacert-20111007.tar.bz2
[cacert-devel.git] / includes / wot.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
38 WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
39 $row = query_getnextrow($res);
40
41 return intval($row['list']);
42 }
43
44 function get_number_of_assurees ($userid)
45 {
46 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
47 WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
48 $row = query_getnextrow($res);
49
50 return intval($row['list']);
51 }
52
53 function get_top_assurer_position ($no_of_assurances)
54 {
55 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
56 WHERE `method` = 'Face to Face Meeting'
57 GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
58 return intval(query_get_number_of_rows($res)+1);
59 }
60
61 function get_top_assuree_position ($no_of_assurees)
62 {
63 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
64 WHERE `method` = 'Face to Face Meeting'
65 GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
66 return intval(query_get_number_of_rows($res)+1);
67 }
68
69 function get_given_assurances ($userid)
70 {
71 $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
72 return $res;
73 }
74
75 function get_received_assurances ($userid)
76 {
77 $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
78 return $res;
79 }
80
81 function get_given_assurances_summary ($userid)
82 {
83 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
84 return $res;
85 }
86
87 function get_received_assurances_summary ($userid)
88 {
89 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
90 return $res;
91 }
92
93 function get_user ($userid)
94 {
95 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
96 return mysql_fetch_assoc($res);
97 }
98
99 function get_cats_state ($userid)
100 {
101
102 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
103 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
104 return mysql_num_rows($res);
105 }
106
107 function calc_experience ($row,&$points,&$experience,&$sum_experience)
108 {
109 $points += $row['awarded'];
110 $experience = "&nbsp;";
111 if ($row['method'] == "Face to Face Meeting")
112 {
113 $sum_experience = $sum_experience +2;
114 $experience = "2";
115 }
116 return $row['awarded'];
117 }
118
119 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
120 {
121 $awarded = calc_points($row);
122
123 if ($awarded > 100)
124 {
125 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
126 $awarded = 100;
127 }
128 else
129 $experience = 0;
130
131 switch ($row['method'])
132 {
133 case 'Thawte Points Transfer':
134 case 'CT Magazine - Germany':
135 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
136 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
137 $experience=0;
138 break;
139 default:
140 $points += $awarded;
141 }
142 $sumexperience = $sumexperience + $experience;
143 }
144
145
146 function show_user_link ($name,$userid)
147 {
148 $name = trim($name);
149 if($name == "")
150 {
151 if ($userid == 0)
152 $name = _("System");
153 else
154 $name = _("Deleted account");
155 }
156 else
157 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
158 return $name;
159 }
160
161 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
162 {
163 $num_of_assurances = get_number_of_assurances (intval($userid));
164 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
165 }
166
167 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
168 {
169 $num_of_assurees = get_number_of_assurees (intval($userid));
170 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
171 }
172
173
174 // ************* html table definitions ******************
175
176 function output_ranking($userid)
177 {
178 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
179 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
180
181 ?>
182 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
183 <tr>
184 <td class="title"><?=_("Assurer Ranking")?></td>
185 </tr>
186 <tr>
187 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
188 </tr>
189 <tr>
190 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
191 </tr>
192 </table>
193 <br/>
194 <?
195 }
196
197 function output_assurances_header($title)
198 {
199 ?>
200 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
201 <tr>
202 <td colspan="7" class="title"><?=$title?></td>
203 </tr>
204 <tr>
205 <td class="DataTD"><strong><?=_("ID")?></strong></td>
206 <td class="DataTD"><strong><?=_("Date")?></strong></td>
207 <td class="DataTD"><strong><?=_("Who")?></strong></td>
208 <td class="DataTD"><strong><?=_("Points")?></strong></td>
209 <td class="DataTD"><strong><?=_("Location")?></strong></td>
210 <td class="DataTD"><strong><?=_("Method")?></strong></td>
211 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
212 </tr>
213 <?
214 }
215
216 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
217 {
218 ?>
219 <tr>
220 <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
221 <td class="DataTD"><?=$points?></td>
222 <td class="DataTD">&nbsp;</td>
223 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
224 <td class="DataTD"><?=$sumexperience?></td>
225 </tr>
226 </table>
227 <br/>
228 <?
229 }
230
231 function output_assurances_row($assuranceid,$date,$name,$awarded,$points,$location,$method,$experience)
232 {
233
234 $tdstyle="";
235 $emopen="";
236 $emclose="";
237
238 if ($awarded == $points)
239 {
240 if ($awarded == "0")
241 {
242 $tdstyle="style='background-color: #ffff80'";
243 $emopen="<em>";
244 $emclose="</em>";
245 }
246 }
247
248 ?>
249 <tr>
250 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
251 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
252 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
253 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
254 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
255 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
256 <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
257 </tr>
258 <?
259 }
260
261 function output_summary_header()
262 {
263 ?>
264 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
265 <tr>
266 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
267 </tr>
268 <tr>
269 <td class="DataTD"><strong><?=_("Description")?></strong></td>
270 <td class="DataTD"><strong><?=_("Points")?></strong></td>
271 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
272 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
273 </tr>
274 <?
275 }
276
277 function output_summary_footer()
278 {
279 ?>
280 </table>
281 <br/>
282 <?
283 }
284
285 function output_summary_row($title,$points,$points_countable,$remark)
286 {
287 ?>
288 <tr>
289 <td class="DataTD"><strong><?=$title?></strong></td>
290 <td class="DataTD"><?=$points?></td>
291 <td class="DataTD"><?=$points_countable?></td>
292 <td class="DataTD"><?=$remark?></td>
293 </tr>
294 <?
295 }
296
297
298 // ************* output given assurances ******************
299
300 function output_given_assurances_content($userid,&$points,&$sum_experience)
301 {
302 $points = 0;
303 $sumexperience = 0;
304 $res = get_given_assurances(intval($userid));
305 while($row = mysql_fetch_assoc($res))
306 {
307 $fromuser = get_user (intval($row['to']));
308 calc_experience ($row,$points,$experience,$sum_experience);
309 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
310 output_assurances_row (intval($row['id']),$row['date'],$name,intval($row['awarded']),intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
311 }
312 }
313
314 // ************* output received assurances ******************
315
316 function output_received_assurances_content($userid,&$points,&$sum_experience)
317 {
318 $points = 0;
319 $sumexperience = 0;
320 $res = get_received_assurances(intval($userid));
321 while($row = mysql_fetch_assoc($res))
322 {
323 $fromuser = get_user (intval($row['from']));
324 calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
325 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
326 output_assurances_row (intval($row['id']),$row['date'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
327 }
328 }
329
330 // ************* output summary table ******************
331
332 function check_date_limit ($userid,$age)
333 {
334 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
335 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
336 return intval(query_get_number_of_rows($res));
337 }
338
339 function calc_points($row)
340 {
341 $awarded = intval($row['awarded']);
342 if ($awarded == "")
343 $awarded = 0;
344 if (intval($row['points']) < $awarded)
345 $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value
346 else
347 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
348 switch ($row['method'])
349 {
350 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
351 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
352 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
353 $points = 0;
354 break;
355 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
356 if ($points <= 2) // maybe limit to 35/50 pts in the future?
357 $points = 0;
358 break;
359 case 'Unknown': // to be revoked in the future? limit to max 50 pts?
360 case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
361 case '': // to be revoked in the future? limit to max 50 pts?
362 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
363 break;
364 default: // should never happen ... ;-)
365 $points = 0;
366 }
367 if ($points < 0) // ignore negative points (bug needs to be fixed)
368 $points = 0;
369 return $points;
370 }
371
372 function max_points($userid)
373 {
374 return output_summary_content ($userid,0);
375 }
376
377 function output_summary_content($userid,$display_output)
378 {
379 $sum_points = 0;
380 $sum_experience = 0;
381 $sum_experience_other = 0;
382 $max_points = 100;
383 $max_experience = 50;
384
385 $experience_limit_reached_txt = _("Limit reached");
386
387 if (check_date_limit($userid,18) != 1)
388 {
389 $max_experience = 10;
390 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
391 }
392 if (check_date_limit($userid,14) != 1)
393 {
394 $max_experience = 0;
395 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
396 }
397
398 $res = get_received_assurances_summary($userid);
399 while($row = mysql_fetch_assoc($res))
400 {
401 $points = calc_points ($row);
402
403 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
404 {
405 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
406 $points = $max_points;
407 }
408 $sum_points += $points*intval($row['number']);
409 }
410
411 $res = get_given_assurances_summary($userid);
412 while($row = mysql_fetch_assoc($res))
413 {
414 switch ($row['method'])
415 {
416 case 'Face to Face Meeting': // count Face to Face only
417 $sum_experience += 2*intval($row['number']);
418 break;
419 }
420
421 }
422
423 if ($sum_points > $max_points)
424 {
425 $sum_points_countable = $max_points;
426 $remark_points = _("Limit reached");
427 }
428 else
429 {
430 $sum_points_countable = $sum_points;
431 $remark_points = "&nbsp;";
432 }
433 if ($sum_experience > $max_experience)
434 {
435 $sum_experience_countable = $max_experience;
436 $remark_experience = $experience_limit_reached_txt;
437 }
438 else
439 {
440 $sum_experience_countable = $sum_experience;
441 $remark_experience = "&nbsp;";
442 }
443
444 if ($sum_experience_countable + $sum_experience_other > $max_experience)
445 {
446 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
447 $remark_experience_other = $experience_limit_reached_txt;
448 }
449 else
450 {
451 $sum_experience_other_countable = $sum_experience_other;
452 $remark_experience_other = "&nbsp;";
453 }
454
455 if ($sum_points_countable < $max_points)
456 {
457 if ($sum_experience_countable != 0)
458 $remark_experience = _("Points on hold due to less assurance points");
459 $sum_experience_countable = 0;
460 if ($sum_experience_other_countable != 0)
461 $remark_experience_other = _("Points on hold due to less assurance points");
462 $sum_experience_other_countable = 0;
463 }
464
465 $issue_points = 0;
466 $cats_test_passed = get_cats_state ($userid);
467 if ($cats_test_passed == 0)
468 {
469 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
470 if ($sum_points_countable < $max_points)
471 {
472 $issue_points_txt = "<strong style='color: red'>";
473 $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
474 $issue_points_txt .= "</strong>";
475 }
476 }
477 else
478 {
479 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
480 $issue_points_txt = "";
481 if ($sum_points_countable == $max_points)
482 $issue_points = 10;
483 if ($experience_total >= 10)
484 $issue_points = 15;
485 if ($experience_total >= 20)
486 $issue_points = 20;
487 if ($experience_total >= 30)
488 $issue_points = 25;
489 if ($experience_total >= 40)
490 $issue_points = 30;
491 if ($experience_total >= 50)
492 $issue_points = 35;
493 if ($issue_points != 0)
494 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
495 }
496 if ($display_output)
497 {
498 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
499 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
500 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
501 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
502 }
503 return $issue_points;
504 }
505
506 function output_given_assurances($userid)
507 {
508 output_assurances_header(_("Assurance Points You Issued"));
509 output_given_assurances_content($userid,$points,$sum_experience);
510 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
511 }
512
513 function output_received_assurances($userid)
514 {
515 output_assurances_header(_("Your Assurance Points"));
516 output_received_assurances_content($userid,$points,$sum_experience);
517 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
518 }
519
520 function output_summary($userid)
521 {
522 output_summary_header();
523 output_summary_content($userid,1);
524 output_summary_footer();
525 }
526
527 function output_end_of_page()
528 {
529 ?>
530 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
531 <?
532 }
533 ?>