bug 1138: Whitespace changes and code formatting
[cacert-devel.git] / www / api / cemails.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 $username = mysql_escape_string($_REQUEST['username']);
19 $password = mysql_escape_string($_REQUEST['password']);
20
21 $query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))";
22 $res = mysql_query($query);
23 if(mysql_num_rows($res) != 1)
24 die("403,That username couldn't be found\n");
25 echo "200,Authentication Ok\n";
26 $user = mysql_fetch_assoc($res);
27 $memid = $user['id'];
28 $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `notary`.`deleted`=0 group by `to`";
29 $row = mysql_fetch_assoc(mysql_query($query));
30 $points = $row['points'];
31 echo "CS=".intval($user['codesign'])."\n";
32 echo "NAME=CAcert WoT User\n";
33 if($points >= 50)
34 {
35 echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])."\n";
36 if($user['mname'] != "")
37 echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])."\n";
38 if($user['suffix'] != "")
39 echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n";
40 if($user['mname'] != "" && $user['suffix'] != "")
41 echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n";
42 }
43 $query = "select * from `email` where `memid`='".intval($memid)."' and `hash`='' and `deleted`=0";
44 $res = mysql_query($query);
45 while($row = mysql_fetch_assoc($res)) {
46 echo "EMAIL=".sanitizeHTML($row['email'])."\n";
47 }
48 ?>