bug 1010: fixed sql-statement for org query and the filter for status
[cacert-devel.git] / pages / account / 18.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 $orgfilterd = array_key_exists('orgfilterid',$_SESSION['_config']) ? intval($_SESSION['_config']['orgfilterid']) : 0;
20 $sorting = array_key_exists('sorting',$_SESSION['_config']) ? intval($_SESSION['_config']['sorting']) : 0;
21 $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_config']['status']) : 0;
22 ?>
23 <form method="post" action="account.php">
24 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
25 <tr>
26 <td colspan="9" class="title"><?=_("Organisation Client Certificates")?> </td>
27 </tr>
28 <tr>
29 <td colspan="9" class="title"><?=_("Filter/Sorting")?></td>
30 </tr>
31 <tr>
32 <td class="DataTD"><?=_("Organisation")?></td>
33 <td colspan="8" class="DataTD" >
34 <select name="orgfilterid">
35 <?=sprintf("<option value='%d' %s>%s</option>",0, 0 == $orgfilterid? " selected" : "" ,_("All")) ?>
36 <? $query = "select `orginfo`.`O`, `orginfo`.`id`
37 from `org`, `orginfo`
38 where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orginfo`.`id` = `org`.`orgid`
39 ORDER BY `oemail`.`modified` desc";
40 $reso = mysql_query($query);
41 if(mysql_num_rows($reso) >= 1){
42 while($row = mysql_fetch_assoc($res)){
43 printf("<option value='%d' %s>%s</option>",$row['id'], $row['id'] == $orgfilterid? " selected" : "" , $row['O']);
44 }
45 }?>
46 </select>
47 </td>
48 </tr>
49 <tr>
50 <td class="DataTD"><?=_("Sorting")?></td>
51 <td colspan="8" class="DataTD" >
52 <select name="sorting">
53 <?=sprintf("<option value='%d' %s>%s</option>",0, 0 == $sorting? " selected" : "" ,_("expire date (desc)")) ?>
54 <?=sprintf("<option value='%d' %s>%s</option>",1, 1 == $sorting ? " selected" : "" ,_("OU, expire date (desc)")) ?>
55 <?=sprintf("<option value='%d' %s>%s</option>",2, 2 == $sorting ? " selected" : "" ,_("Common name, expire date (desc)")) ?>
56 </select>
57 </td>
58 </tr>
59 <tr>
60 <td class="DataTD"><?=_("Certificate status")?></td>
61 <td colspan="8" class="DataTD" >
62 <select name="status">
63 <?=sprintf("<option value='%d' %s>%s</option>",0, 0 == $status? " selected" : "" ,_("Currrent/Active")) ?>
64 <?=sprintf("<option value='%d' %s>%s</option>",1, 1 == $status ? " selected" : "" ,_("All")) ?>
65 </select>
66 </td>
67 </tr>
68 <tr>
69 <td class="DataTD" colspan="9"><input type="submit" name="reset" value="<?=_("Reset")?>" />&#160;&#160;&#160;&#160;
70 <input type="submit" name="filter" value="<?=_("Apply filter/sort")?>" /></td>
71 </tr>
72 <td colspan="9" class="DataTD"> </td>
73 </tr>
74
75 <?
76 $query = "select UNIX_TIMESTAMP(`oemail`.`created`) as `created`,
77 UNIX_TIMESTAMP(`oemail`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
78 UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
79 `oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
80 UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
81 `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
82 `oemail`.`description`, `oemail`.`ou`, `orginfo`.`O`
83 from `orgemailcerts` as `oemail`, `org`, `orginfo`
84 where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
85 `org`.`orgid`=`oemail`.`orgid` and `orginfo`.`id` = `org`.`orgid`";
86 if($orgfilterid>0)
87 {
88 $query .= "AND `org`.`orgid`=$orgfilterid ";
89 }
90
91 if(0==$status)
92 {
93 $query .= "AND `oemail`.`revoked`=0 AND `oemail`.`renewed`=0 ";
94 $query .= "HAVING `timeleft` > 0 AND `revoked`=0 ";
95 }
96 switch ($sorting){
97 case 0:
98 $query .= "ORDER BY `orginfo`.`O`, `oemail`.`expire` desc";
99 break;
100 case 1:
101 $query .= "ORDER BY `orginfo`.`O`, `oemail`.`ou`, `oemail`.`expire` desc";
102 break;
103 case 2:
104 $query .= "ORDER BY `orginfo`.`O`, `oemail`.`CN`, `oemail`.`expire` desc";
105 break;
106 }
107 $res = mysql_query($query);
108 if(mysql_num_rows($res) <= 0)
109 {
110 ?>
111
112 <tr>
113 <td colspan="9" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
114 </tr>
115 <? } else {
116 $orgname='';
117 while($row = mysql_fetch_assoc($res))
118 {
119 if ($row['O']<>$orgname) {
120 $orgname=$row['O'];?>
121 <tr>
122 <td colspan="9" class="title"></td>
123 </tr>
124 <tr>
125 <td colspan="9" class="title"><?=_("Certificates for ").$orgname?> </td>
126 </tr>
127 <tr>
128 <td class="DataTD"><?=_("OU/Department")?></td>
129 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
130 <td class="DataTD"><?=_("Status")?></td>
131 <td class="DataTD"><?=_("CommonName")?></td>
132 <td class="DataTD"><?=_("SerialNumber")?></td>
133 <td class="DataTD"><?=_("Revoked")?></td>
134 <td class="DataTD"><?=_("Expires")?></td>
135 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
136 </tr>
137 <?
138 }
139 if($row['timeleft'] > 0)
140 $verified = _("Valid");
141 if($row['timeleft'] < 0)
142 $verified = _("Expired");
143 if($row['expired'] == 0)
144 $verified = _("Pending");
145 if($row['revoked'] > 0)
146 $verified = _("Revoked");
147 if($row['revoked'] == 0)
148 $row['revoke'] = _("Not Revoked");
149 ?>
150 <tr>
151 <td class="DataTD"><?=$row['ou']?></td>
152 <? if($verified == _("Valid") || $verified == _("Expired")) { ?>
153 <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
154 <td class="DataTD"><?=$verified?></td>
155 <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
156 <? } else if($verified == _("Pending")) { ?>
157 <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
158 <td class="DataTD"><?=$verified?></td>
159 <td class="DataTD"><?=$row['CN']?></td>
160 <? } else { ?>
161 <td class="DataTD">&nbsp;</td>
162 <td class="DataTD"><?=$verified?></td>
163 <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
164 <? } ?>
165 <td class="DataTD"><?=$row['serial']?></td>
166 <td class="DataTD"><?=$row['revoke']?></td>
167 <td class="DataTD"><?=$row['expires']?></td>
168 <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
169 <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
170 </tr>
171 <? } ?>
172 <tr>
173 <td class="DataTD" colspan="9">
174 <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
175 </td>
176 </tr>
177 <tr>
178 <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
179 <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
180 <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
181 </tr>
182 <tr>
183 <td class="DataTD" colspan="9"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
184 </tr>
185 <? } ?>
186 </table>
187 <input type="hidden" name="oldid" value="<?=$id?>">
188 <input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
189 </form>