827 fixed CATs-test, fixed calculation of points
[cacert-devel.git] / includes / wot.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT `users`. *, count(*) AS `list` FROM `users`, `notary`
38 WHERE `users`.`id` = `notary`.`from` AND `notary`.`from` != `notary`.`to` AND `from`='".intval($userid)."'
39 GROUP BY `notary`.`from`");
40 $row = query_getnextrow($res);
41
42 return intval($row['list']);
43 }
44
45 function get_number_of_assurees ($userid)
46 {
47 $res = query_init ("SELECT `users`. *, count(*) AS `list` FROM `users`, `notary`
48 WHERE `users`.`id` = `notary`.`to` AND `notary`.`from` != `notary`.`to` AND `to`='".intval($userid)."'
49 GROUP BY `notary`.`to`");
50 $row = query_getnextrow($res);
51
52 return intval($row['list']);
53 }
54
55 function get_top_assurer_position ($no_of_assurances)
56 {
57 $res = query_init ("SELECT count(*) AS `list` FROM `users`
58 inner join `notary` on `users`.`id` = `notary`.`from`
59 GROUP BY `notary`.`from` HAVING count(*) > '".intval($no_of_assurances)."'");
60 return intval(query_get_number_of_rows($res)+1);
61 }
62
63 function get_top_assuree_position ($no_of_assurees)
64 {
65 $res = query_init ("SELECT count(*) AS `list` FROM `users`
66 inner join `notary` on `users`.`id` = `notary`.`to`
67 GROUP BY `notary`.`to` HAVING count(*) > '".intval($no_of_assurees)."'");
68 return intval(query_get_number_of_rows($res)+1);
69 }
70
71 function get_given_assurances ($userid)
72 {
73 $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
74 return $res;
75 }
76
77 function get_received_assurances ($userid)
78 {
79 $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
80 return $res;
81 }
82
83 function get_given_assurances_summary ($userid)
84 {
85 $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
86 return $res;
87 }
88
89 function get_received_assurances_summary ($userid)
90 {
91 $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
92 return $res;
93 }
94
95 function get_user ($userid)
96 {
97 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
98 return mysql_fetch_assoc($res);
99 }
100
101 function get_cats_state ($userid)
102 {
103
104 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
105 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
106 return mysql_num_rows($res);
107 }
108
109 function calc_experience ($row,&$points,&$experience,&$sum_experience)
110 {
111 $points += $row['awarded'];
112 $experience = "&nbsp;";
113 if ($row['method'] == "Face to Face Meeting")
114 {
115 $sum_experience = $sum_experience +2;
116 $experience = "2";
117 }
118 return $row['awarded'];
119 }
120
121 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
122 {
123 $awarded = calc_points($row);
124
125 if ($awarded > 100)
126 {
127 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
128 $awarded = 100;
129 }
130 else
131 $experience = 0;
132
133 switch ($row['method'])
134 {
135 case 'Thawte Points Transfer':
136 case 'CT Magazine - Germany':
137 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
138 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
139 $experience=0;
140 break;
141 default:
142 $points += $awarded;
143 }
144 $sumexperience = $sumexperience + $experience;
145 }
146
147
148 function show_user_link ($name,$userid)
149 {
150 $name = trim($name);
151 if($name == "")
152 $name = _("Deleted before Verification");
153 else
154 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
155 return $name;
156 }
157
158 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
159 {
160 $num_of_assurances = get_number_of_assurances (intval($userid));
161 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
162 }
163
164 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
165 {
166 $num_of_assurees = get_number_of_assurees (intval($userid));
167 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
168 }
169
170
171 // ************* html table definitions ******************
172
173 function output_ranking($userid)
174 {
175 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
176 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
177
178 ?>
179 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
180 <tr>
181 <td class="title"><?=_("Assurer Ranking")?></td>
182 </tr>
183 <tr>
184 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
185 </tr>
186 <tr>
187 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
188 </tr>
189 </table>
190 <br/>
191 <?
192 }
193
194 function output_assurances_header($title)
195 {
196 ?>
197 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
198 <tr>
199 <td colspan="7" class="title"><?=$title?></td>
200 </tr>
201 <tr>
202 <td class="DataTD"><strong><?=_("ID")?></strong></td>
203 <td class="DataTD"><strong><?=_("Date")?></strong></td>
204 <td class="DataTD"><strong><?=_("Who")?></strong></td>
205 <td class="DataTD"><strong><?=_("Points")?></strong></td>
206 <td class="DataTD"><strong><?=_("Location")?></strong></td>
207 <td class="DataTD"><strong><?=_("Method")?></strong></td>
208 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
209 </tr>
210 <?
211 }
212
213 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
214 {
215 ?>
216 <tr>
217 <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
218 <td class="DataTD"><?=$points?></td>
219 <td class="DataTD">&nbsp;</td>
220 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
221 <td class="DataTD"><?=$sumexperience?></td>
222 </tr>
223 </table>
224 <br/>
225 <?
226 }
227
228 function output_assurances_row($assuranceid,$date,$name,$points,$location,$method,$experience)
229 {
230 ?>
231 <tr>
232 <td class="DataTD"><?=$assuranceid?></td>
233 <td class="DataTD"><?=$date?></td>
234 <td class="DataTD"><?=$name?></td>
235 <td class="DataTD"><?=$points?></td>
236 <td class="DataTD"><?=$location?></td>
237 <td class="DataTD"><?=$method?></td>
238 <td class="DataTD"><?=$experience?></td>
239 </tr>
240 <?
241 }
242
243 function output_summary_header()
244 {
245 ?>
246 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
247 <tr>
248 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
249 </tr>
250 <tr>
251 <td class="DataTD"><strong><?=_("Description")?></strong></td>
252 <td class="DataTD"><strong><?=_("Points")?></strong></td>
253 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
254 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
255 </tr>
256 <?
257 }
258
259 function output_summary_footer()
260 {
261 ?>
262 </table>
263 <br/>
264 <?
265 }
266
267 function output_summary_row($title,$points,$points_countable,$remark)
268 {
269 ?>
270 <tr>
271 <td class="DataTD"><strong><?=$title?></strong></td>
272 <td class="DataTD"><?=$points?></td>
273 <td class="DataTD"><?=$points_countable?></td>
274 <td class="DataTD"><?=$remark?></td>
275 </tr>
276 <?
277 }
278
279 function output_cats_needed()
280 {
281 ?>
282 <tr>
283 <td class="DataTD" colspan=4><strong style='color: red'><?=_("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")?></strong></td>
284 </tr>
285 <?
286 }
287
288
289 // ************* output given assurances ******************
290
291 function output_given_assurances_content($userid,&$points,&$sum_experience)
292 {
293 $points = 0;
294 $sumexperience = 0;
295 $res = get_given_assurances(intval($userid));
296 while($row = mysql_fetch_assoc($res))
297 {
298 $fromuser = get_user (intval($row['to']));
299 calc_experience ($row,$points,$experience,$sum_experience);
300 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
301 output_assurances_row (intval($row['id']),$row['date'],$name,intval($row['awarded']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
302 }
303 }
304
305 // ************* output received assurances ******************
306
307 function output_received_assurances_content($userid,&$points,&$sum_experience)
308 {
309 $points = 0;
310 $sumexperience = 0;
311 $res = get_received_assurances(intval($userid));
312 while($row = mysql_fetch_assoc($res))
313 {
314 $fromuser = get_user (intval($row['from']));
315 calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
316 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
317 output_assurances_row (intval($row['id']),$row['date'],$name,$awarded,$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
318 }
319 }
320
321 // ************* output summary table ******************
322
323 function check_date_limit ($userid,$age)
324 {
325 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
326 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
327 return intval(query_get_number_of_rows($res));
328 }
329
330 function calc_points($row)
331 {
332 if (intval($row['points']) < intval($row['awarded']))
333 $points = intval($row['awarded']); // if 'sum of added points' > 100, awarded shows correct value
334 else
335 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
336 switch ($row['method'])
337 {
338 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
339 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
340 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
341 $points = 0;
342 break;
343 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
344 if ($points <= 2) // maybe limit to 35/50 pts in the future?
345 $points = 0;
346 break;
347 case 'unknown': // to be revoked in the future? limit to max 50 pts?
348 case 'Trusted 3rd Parties': // to be revoked in the future? limit to max 35 pts?
349 case '': // to be revoked in the future? limit to max 50 pts?
350 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
351 break;
352 default: // should never happen ... ;-)
353 $points = 0;
354 }
355 if ($points < 0) // ignore negative points (bug needs to be fixed)
356 $points = 0;
357 return $points;
358 }
359
360 function max_points($userid)
361 {
362 return output_summary_content ($userid,0);
363 }
364
365 function output_summary_content($userid,$display_output)
366 {
367 $sum_points = 0;
368 $sum_experience = 0;
369 $sum_experience_other = 0;
370 $max_points = 100;
371 $max_experience = 50;
372
373 $experience_limit_reached_txt = _("Limit reached");
374
375 if (check_date_limit($userid,18) != 1)
376 {
377 $max_experience = 10;
378 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
379 }
380 if (check_date_limit($userid,14) != 1)
381 {
382 $max_experience = 0;
383 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
384 }
385
386 $res = get_received_assurances_summary($userid);
387 while($row = mysql_fetch_assoc($res))
388 {
389 $points = calc_points ($row);
390
391 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
392 {
393 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
394 $points = $max_points;
395 }
396 $sum_points += $points*intval($row['number']);
397 }
398
399 $res = get_given_assurances_summary($userid);
400 while($row = mysql_fetch_assoc($res))
401 {
402 switch ($row['method'])
403 {
404 case 'Face to Face Meeting': // count Face to Face only
405 $sum_experience += 2*intval($row['number']);
406 break;
407 }
408
409 }
410
411 if ($sum_points > $max_points)
412 {
413 $sum_points_countable = $max_points;
414 $remark_points = _("Limit reached");
415 }
416 else
417 {
418 $sum_points_countable = $sum_points;
419 $remark_points = "&nbsp";
420 }
421 if ($sum_experience > $max_experience)
422 {
423 $sum_experience_countable = $max_experience;
424 $remark_experience = $experience_limit_reached_txt;
425 }
426 else
427 {
428 $sum_experience_countable = $sum_experience;
429 $remark_experience = "&nbsp;";
430 }
431
432 if ($sum_experience_countable + $sum_experience_other > $max_experience)
433 {
434 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
435 $remark_experience_other = $experience_limit_reached_txt;
436 }
437 else
438 {
439 $sum_experience_other_countable = $sum_experience_other;
440 $remark_experience_other = "&nbsp;";
441 }
442
443 if ($sum_points_countable < $max_points)
444 {
445 if ($sum_experience_countable != 0)
446 $remark_experience = $points_on_hold_txt;_("Points on hold due to less assurance points");
447 $sum_experience_countable = 0;
448 if ($sum_experience_other_countable != 0)
449 $remark_experience_other = _("Points on hold due to less assurance points");
450 $sum_experience_other_countable = 0;
451 }
452
453 $issue_points = 0;
454 $cats_test_passed = get_cats_state ($userid);
455 if ($cats_test_passed == 0)
456 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
457 else
458 {
459 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
460 $issue_points_txt = "";
461 if ($sum_points_countable = $max_points)
462 $issue_points = 10;
463 if ($experience_total >= 10)
464 $issue_points = 15;
465 if ($experience_total >= 20)
466 $issue_points = 20;
467 if ($experience_total >= 30)
468 $issue_points = 25;
469 if ($experience_total >= 40)
470 $issue_points = 30;
471 if ($experience_total >= 50)
472 $issue_points = 35;
473 if ($issue_points != 0)
474 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
475 }
476 if ($display_output)
477 {
478 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
479 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
480 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
481 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
482 }
483 return $issue_points;
484 }
485
486 function output_given_assurances($userid)
487 {
488 output_assurances_header(_("Assurance Points You Issued"));
489 output_given_assurances_content($userid,$points,$sum_experience);
490 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
491 }
492
493 function output_received_assurances($userid)
494 {
495 output_assurances_header(_("Your Assurance Points"));
496 output_received_assurances_content($userid,$points,$sum_experience);
497 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
498 }
499
500 function output_summary($userid)
501 {
502 output_summary_header();
503 output_summary_content($userid,1);
504 output_summary_footer();
505 }
506
507 function output_end_of_page()
508 {
509 ?>
510 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
511 <?
512 }
513 ?>