Merge branch 'bug-649' into testserver-stable
authorBenny Baumann <BenBE@geshi.org>
Sun, 25 Jan 2015 12:31:44 +0000 (13:31 +0100)
committerBenny Baumann <BenBE@geshi.org>
Sun, 25 Jan 2015 12:31:44 +0000 (13:31 +0100)
1  2 
includes/account_stuff.php
includes/notary.inc.php
www/wot.php

                case 50:
                case 54:
                case 53: $expand = " explode('sysadmin');"; break;
 -              case 500:
 +              case 500:                                               // CAcert Web of Trust
                case 501:
 -              case 502:
 -              case 503:
 -              case 504:
 -              case 505:
 +              case 502:                                               // Become an Assurer
 +              case 503:                                               // CAcert Web of Trust Roles
 +              case 504:                                               // TTP
 +              case 505:                                               // Assurer Some one
                case 506:
                case 509:
 -              case 510:
                case 511:
-               case 512: $expand = " explode('WoT');"; break;          // Find Assurer
 -              case 512:
 -              case 516:                                       // TTP form
 -              case 517: $expand = " explode('WoT');"; break;  //Assurer check
++              case 512:                                               // Find Assurer
++              case 516:                                               // TTP form
++              case 517: $expand = " explode('WoT');"; break;          // Assurer check
                case 1000:
                case 1001:
 -              case 1002:
 +              case 1002:                                              // View GPG key
                case 1003:
                case 1004:
                case 1005:
@@@ -1402,936 -1126,45 +1402,958 @@@ function get_user_agreements($memid, $t
                return (strtotime($date)<=time()+$diff*86400);
        }
  
 +      // table layout for organisation
 +      /**
 +       * org_edit_org_table()
 +       *
 +       * @param mixed $orgname
 +       * @param mixed $contactmail
 +       * @param mixed $town
 +       * @param mixed $state
 +       * @param mixed $country
 +       * @param mixed $comment
 +       * @param integer $type  0 - new, 1, edit
 +       * @return
 +       */
 +      function org_edit_org_table($orgname, $contactmail, $town, $state, $country, $comment, $type=0){
 +              if ($type > 0) {
 +                      $title = _('Edit Organisation');
 +                      $action = _('Update');
 +              } else {
 +                      $title = _('New Organisation');
 +                      $action = _('Next');
 +              }
 +              org_edit_org_table_header($title);
 +              org_edit_org_table_row(_('Organisation Name'), 'O', $orgname, 64);
 +              org_edit_org_table_row(_('Contact Email'), 'contact', $contactmail, 255);
 +              org_edit_org_table_row(_('Town/Suburb'), 'L', $town, 128);
 +              org_edit_org_table_row(_('State/Province'), 'ST', $state, 128);
 +              org_edit_org_table_country(_('Country'), 'C', $country, 2);
 +              org_edit_org_table_comment(_('Comments'), 'comments', $comment);
 +              org_edit_org_table_footer($action);
 +      }
 +
 +      /**
 +       * org_edit_org_table_header()
 +       *
 +       * @param mixed $title
 +       * @return
 +       */
 +      function org_edit_org_table_header($title){
 +?>
 +              <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
 +                      <tr>
 +                              <td colspan="3" class="title"><?=$title?></td>
 +                      </tr>
 +<?
 +      }
 +
 +      /**
 +       * org_edit_org_table_row()
 +       *
 +       * @param mixed $label
 +       * @param mixed $name
 +       * @param mixed $value
 +       * @param mixed $length
 +       * @return
 +       */
 +      function org_edit_org_table_row($label, $name, $value, $length){
 +?>
 +                      <tr>
 +                              <td class="DataTD"><?=$label?>:</td>
 +                              <td class="DataTD"><input type="text" name="<?=$name?>" value="<?=SanitizeHTML($value)?>" maxlength="<?=intval($length)?>" size="90"></td>
 +                              <td class="DataTD"><? printf(_('max %d characters'),$length)?></td>
 +                      </tr>
 +<?
 +      }
 +
 +      /**
 +       * org_edit_org_table_country()
 +       *
 +       * @param mixed $label
 +       * @param mixed $name
 +       * @param mixed $value
 +       * @param mixed $length
 +       * @return
 +       */
 +      function org_edit_org_table_country($label, $name, $value, $length){
 +?>
 +                      <tr>
 +                              <td class="DataTD"><?=$label?>:</td>
 +                              <td class="DataTD">
 +                                      <input type="text" name="<?=$name?>" value="<?=SanitizeHTML($value)?>" maxlength="<?=intval($length)?>" size="<?=intval($length)?>" />
 +                                      <? printf(_('(2 letter %s ISO code %s )'), '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">', '</a>')?>
 +                              </td>
 +                              <td class="DataTD"><?=sprintf(_('max %d characters'),$length)?></td>
 +                      </tr>
 +<?
 +      }
 +
 +      /**
 +       * org_edit_org_table_comment()
 +       *
 +       * @param mixed $label
 +       * @param mixed $name
 +       * @param mixed $value
 +       * @return
 +       */
 +      function org_edit_org_table_comment($label, $name, $value){
 +?>
 +                      <tr>
 +                              <td class="DataTD"><?=$label?>:</td>
 +                              <td class="DataTD"><textarea name="<?=$name?>" cols=60 rows=10><?=SanitizeHTML($value)?></textarea></td>
 +                              <td class="DataTD">&nbsp</td>
 +                      </tr>
 +<?
 +      }
 +
 +      /**
 +       * org_edit_org_table_footer()
 +       *
 +       * @param mixed $label
 +       * @return
 +       */
 +      function org_edit_org_table_footer($label){
 +?>
 +                      <tr>
 +                              <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=$label?>"></td>
 +                      </tr>
 +              </table>
 +<?
 +    }
 +
 +      /**
 +       * get_array_from_ini()
 +       *  gets an array from an ini file and trims all entries
 +       * @param mixed $inifile, path and filename of the ini file
 +       * @return
 +       */
 +      function get_array_from_ini($inifile){
 +              $array = parse_ini_file('../config/ttp.ini');
 +              ksort($array);
 +              foreach($array as $key => $value)
 +              {
 +                      unset($array[$key]);
 +                      $array[trim($key)] = trim($value);
 +              }
 +              return  $array;
 +      }
 +
 +      /**
 +      *  create_selectbox_HTML()
 +       *
 +       * @param mixed $name, name for the select element
 +       * @param mixed $options, array with the data for the dropdown
 +       * @param string $value, TRUE if the value for the option should be added
 +       * @param string $firstline, if the should be a first line like┬┤Choose country
 +       * @param string $selected, if selection matches option key the
 +       *         entry is preselected in the dropdownbox
 +       * @return
 +       */
 +      function create_selectbox_HTML($name, array $options, $firstline = '', $value='', $selected = ''){
 +              $return_str='<select name="' . $name . '">';
 +              if (''!= $firstline) {
 +                      $return_str .= '<option>' . $firstline .'</option>';
 +              }
 +              foreach ($options as $key => $avalue) {
 +                      $return_str.='<option';
 +                      if ($value) {
 +                              $return_str.=' value="'.$avalue.'"';
 +                      }
 +                      if ($key==$selected){
 +                              $return_str.=' selected="selected"';
 +                      }
 +                      $return_str.='>'.$key.'</option>';
 +              }
 +              $return_str.='</select>';
 +              return  $return_str;
 +      }
 +
+       //user function
+       function get_user_id_from_email($email){
+               $email = mysql_real_escape_string(trim($email));
+               $res = query_init ("select `id` from `users` where `email` = '" . $email . "'");
+               $row = query_getnextrow($res);
+               return intval($row['id']);
+       }
+       function get_number_of_adminlog_entries($uid, $typeid, $hours=1){
+               $uid = intval($uid);
+               $typeid = intval($typeid);
+               $hours = intval($hours);
+               $res = query_init ("SELECT count(*) AS `no` FROM `adminlog`
+                       WHERE `adminid` = " . $uid . " AND `actiontypeid`=" . $typeid . " and `when` >  NOW() - INTERVAL " . $hours . " HOUR " );
+               $row = query_getnextrow($res);
+               return intval($row['no']);
+       }
  /**
-  * Write some information to the adminlog
+  * write_se_log()
+  *  writes an information to the adminlog
   *
 - * @param mixed $uid - id of the user account
 - * @param mixed $adminid - id of the admin
 - * @param mixed $type - what was changed
 - * @param mixed $info - the ticket / arbitration no or other information
 - * @return
 + * @param int $uid - id of the user account
 + * @param int $adminid - id of the admin
 + * @param string $type - the operation that was performed on the user account
 + * @param string $info - the ticket / arbitration number or other information
 + * @return bool - true := success, false := error
   */
- function write_se_log($uid, $adminid, $type, $info){
 -// function write_se_log needs to be adjusted after merge with bug 1138
+ function write_se_log($uid, $adminid, $type, $info, $typeid=1){
        //records all support engineer actions changing a user account
        $uid = intval($uid);
        $adminid = intval($adminid);
        $type = mysql_real_escape_string($type);
        $info = mysql_real_escape_string($info);
-       $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
-               (Now(), $uid, $adminid, '$type', '$info')";
-       return mysql_query($query);
+       $typeid = intval($typeid);
+       $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`,`actiontypeid`) values
+               (Now(), $uid, $adminid, '$type', '$info', '$typeid')";
+       mysql_query($query);
  }
 +
 +/**
 + * Check if the entered information is a valid ticket or arbitration number
 + * @param string $ticketno
 + * @return bool
 + */
 +function valid_ticket_number($ticketno){
 +      //a arbitration case
 +      //d dispute action
 +      //s support case
 +      //m board motion
 +      $pattern='/[adsmADSM]\d{8}\.\d+/';
 +      if (preg_match($pattern, $ticketno)) {
 +              return true;
 +      }
 +      return false;
 +}
 +
 +// function for handling account/43.php
 +/**
 + * Get all data of an account given by the id from the `users` table
 + * @param int $userid - account id
 + * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_user_data($userid, $deleted=0){
 +      $userid = intval($userid);
 +      $filter='';
 +      if (0==$deleted) {
 +              $filter .=' and `users`.`deleted`=0';
 +      }
 +      $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get the alert settings for a user
 + * @param int $userid for the requested account
 + * @return array - associative array
 + */
 +function get_alerts($userid){
 +      return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
 +}
 +
 +/**
 + * Get all email addresses linked to the account
 + * @param int    $userid
 + * @param string $exclude - if given the email address will be excluded
 + * @param int    $deleted - states if deleted data should be visible, default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_email_addresses($userid, $exclude, $deleted=0){
 +      //should be entered in account/2.php
 +      $userid = intval($userid);
 +      $filter='';
 +      if (0==$deleted) {
 +              $filter .= ' and `deleted`=0';
 +      }
 +      if ($exclude) {
 +              $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
 +      }
 +      $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all domains linked to the account
 + * @param int $userid
 + * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_domains($userid, $deleted=0){
 +      //should be entered in account/9.php
 +      $userid = intval($userid);
 +      $filter='';
 +      if (0==$deleted) {
 +              $filter .= ' and `deleted`=0';
 +      }
 +      $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all training results for the account
 + * @param int $userid
 + * @return resource - a mysql result set
 + */
 +function get_training_results($userid){
 +      //should be entered in account/55.php
 +      $userid = intval($userid);
 +      $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
 +              " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
 +              " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
 +              " ORDER BY `CP`.`pass_date`";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all SE log entries for the account
 + * @param int $userid
 + * @return resource - a mysql result set
 + */
 +function get_se_log($userid){
 +      $userid = intval($userid);
 +      $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
 +              FROM `adminlog`, `users`
 +              WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
 +              ORDER BY `adminlog`.`when`";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all client certificates linked to the account
 + * @param int $userid
 + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_client_certs($userid, $viewall=0){
 +      //add to account/5.php
 +      $userid = intval($userid);
 +      $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
 +              UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
 +              UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
 +              `emailcerts`.`expire`,
 +              `emailcerts`.`revoked` as `revoke`,
 +              UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
 +              `emailcerts`.`id`,
 +              `emailcerts`.`CN`,
 +              `emailcerts`.`serial`,
 +              `emailcerts`.`disablelogin`,
 +              `emailcerts`.`description`
 +              from `emailcerts`
 +              where `emailcerts`.`memid`='".$userid."'";
 +      if($viewall == 0)
 +      {
 +              $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
 +              $query .= " HAVING `timeleft` > 0";
 +      }
 +      $query .= " ORDER BY `emailcerts`.`modified` desc";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all server certs linked to the account
 + * @param int $userid
 + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_server_certs($userid, $viewall=0){
 +      //add to account/12.php
 +      $userid = intval($userid);
 +      $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
 +                      UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
 +                      UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
 +                      `domaincerts`.`expire`,
 +                      `domaincerts`.`revoked` as `revoke`,
 +                      UNIX_TIMESTAMP(`revoked`) as `revoked`,
 +                      `domaincerts`.`CN`,
 +                      `domaincerts`.`serial`,
 +                      `domaincerts`.`id`,
 +                      `domaincerts`.`description`
 +                      from `domaincerts`,`domains`
 +                      where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
 +      if($viewall == 0)
 +      {
 +              $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
 +              $query .= " HAVING `timeleft` > 0";
 +      }
 +      $query .= " ORDER BY `domaincerts`.`modified` desc";
 +      return mysql_query($query);
 +}
 +
 +/**
 + * Get all gpg certs linked to the account
 + * @param int $userid
 + * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
 + * @return resource - a mysql result set
 + */
 +function get_gpg_certs($userid, $viewall=0){
 +      //add to gpg/2.php
 +      $userid = intval($userid);
 +      $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
 +                      UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
 +                      UNIX_TIMESTAMP(`expire`) as `expired`,
 +                      `expire`, `id`, `level`, `email`, `keyid`, `description`
 +                      from `gpg` where `memid`='".$userid."'";
 +      if ($viewall == 0) {
 +              $query .= " HAVING `timeleft` > 0";
 +      }
 +      $query .= " ORDER BY `issued` desc";
 +      return mysql_query($query);
 +}
 +
 +
 +
 +/**
 + * Show the table header to the email table for the admin log
 + */
 +function output_log_email_header(){
 +      ?>
 +      <tr>
 +              <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
 +              <td class="DataTD bold"><?= _("Created") ?></td>
 +              <td class="DataTD bold"><?= _("Deleted") ?></td>
 +      </tr>
 +
 +      <?
 +}
 +/**
 + * Show all email data for the admin log
 + * @param array  $row - associative array containing the column data
 + * @param string $primary - if given the primary address is highlighted
 + */
 +function output_log_email($row, $primary){
 +      $style = '';
 +      if ($row['deleted'] !== NULL_DATETIME) {
 +              $style = ' deletedemailaddress';
 +      } elseif ($primary == $row['email']) {
 +              $style = ' primaryemailaddress';
 +      }
 +      ?>
 +      <tr>
 +              <td class="DataTD<?=$style?>"><?=$row['email']?></td>
 +              <td class="DataTD<?=$style?>"><?=$row['created']?></td>
 +              <td class="DataTD<?=$style?>"><?=$row['deleted']?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the domains table for the admin log
 + */
 +function output_log_domains_header(){
 +      ?>
 +      <tr>
 +              <td class="DataTD bold"><?= _("Domain") ?></td>
 +              <td class="DataTD bold"><?= _("Created") ?></td>
 +              <td class="DataTD bold"><?= _("Deleted") ?></td>
 +      </tr>
 +
 +      <?
 +}
 +
 +/**
 + * Show the domain data for the admin log
 + * @param array $row - associative array containing the column data
 + */
 +function output_log_domains($row){
 +      $italic='';
 +      if ($row['deleted'] !== NULL_DATETIME) {
 +              $italic=' italic';
 +      }
 +      ?>
 +      <tr>
 +              <td class="DataTD<?=$italic?>"><?=$row['domain']?></td>
 +              <td class="DataTD<?=$italic?>"><?=$row['created']?></td>
 +              <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the user agreement table for the admin log
 + */
 +function output_log_agreement_header(){
 +      ?>
 +      <tr>
 +              <td class="DataTD bold"><?= _("Agreement") ?></td>
 +              <td class="DataTD bold"><?= _("Date") ?></td>
 +              <td class="DataTD bold"><?= _("Method") ?></td>
 +              <td class="DataTD bold"><?= _("Active ") ?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the agreement data for the admin log
 + * @param array $row - associative array containing the column data
 + */
 +function output_log_agreement($row){
 +      ?>
 +      <tr>
 +              <td class="DataTD" ><?=$row['document']?></td>
 +              <td class="DataTD" ><?=$row['date']?></td>
 +              <td class="DataTD" ><?=$row['method']?></td>
 +              <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the training table
 + */
 +function output_log_training_header(){
 +      //should be entered in account/55.php
 +      ?>
 +      <tr>
 +              <td class="DataTD bold"><?= _("Agreement") ?></td>
 +              <td class="DataTD bold"><?= _("Test") ?></td>
 +              <td class="DataTD bold"><?= _("Variant") ?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the training data
 + * @param array $row - associative array containing the column data
 + */
 +function output_log_training($row){
 +      //should be entered in account/55.php
 +      ?>
 +      <tr>
 +              <td class="DataTD"><?=$row['pass_date']?></td>
 +              <td class="DataTD"><?=$row['type_text']?></td>
 +              <td class="DataTD"><?=$row['test_text']?></td>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the SE log table for the admin log
 + * @param int $support - if support = 1 more information is visible
 + */
 +function output_log_se_header($support=0){
 +      ?>
 +      <tr>
 +              <td class="DataTD bold"><?= _("Date") ?></td>
 +              <td class="DataTD bold"><?= _("Type") ?></td>
 +              <?
 +              if (1 == $support) {
 +                      ?>
 +                      <td class="DataTD bold"><?= _("Information") ?></td>
 +                      <td class="DataTD bold"><?= _("Admin") ?></td>
 +                      <?
 +              }
 +              ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the SE log data for the admin log
 + * @param array $row - associative array containing the column data
 + * @param int   $support - if support = 1 more information is visible
 + */
 +function output_log_se($row, $support=0){
 +      //should be entered in account/55.php
 +      ?>
 +      <tr>
 +              <td class="DataTD"><?=$row['when']?></td>
 +              <td class="DataTD"><?=$row['type']?></td>
 +              <?
 +              if (1 == $support) {
 +                      ?>
 +                      <td class="DataTD"><?=$row['information']?></td>
 +                      <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
 +                      <?
 +              }
 +              ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Shows the table header to the client cert table
 + * @param int  $support - if support = 1 some columns ar not visible
 + * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_client_cert_header($support=0, $readonly=true){
 +      //should be added to account/5.php
 +      ?>
 +      <tr>
 +              <?
 +              if (!$readonly) {
 +                      ?>
 +                      <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
 +                      <?
 +              }
 +              ?>
 +              <td class="DataTD"><?=_("Status")?></td>
 +              <td class="DataTD"><?=_("Email Address")?></td>
 +              <td class="DataTD"><?=_("SerialNumber")?></td>
 +              <td class="DataTD"><?=_("Revoked")?></td>
 +              <td class="DataTD"><?=_("Expires")?></td>
 +              <td class="DataTD"><?=_("Login")?></td>
 +              <?
 +              if (1 != $support) {
 +                      ?>
 +                      <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 +                      <?
 +              }
 +              ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the client cert data
 + * @param array $row - associative array containing the column data
 + * @param int   $support - if support = 1 some columns are not visible
 + * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_client_cert($row, $support=0, $readonly=true){
 +      //should be entered in account/5.php
 +      $verified="";
 +      if ($row['timeleft'] > 0) {
 +              $verified = _("Valid");
 +      } else {
 +              $verified = _("Expired");
 +      }
 +
 +      if ($row['expired'] == 0) {
 +              $verified = _("Pending");
 +      }
 +
 +      if ($row['revoked'] == 0) {
 +              $row['revoke'] = _("Not Revoked");
 +      } else {
 +              $verified = _("Revoked");
 +      }
 +
 +      ?>
 +      <tr>
 +      <?
 +      if (!$readonly) {
 +              if ($verified === _("Pending")) {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>">
 +                      </td>
 +                      <?
 +
 +              } elseif ($verified === _("Revoked")) {
 +                      ?>
 +                      <td class="DataTD">&nbsp;</td>
 +                      <?
 +
 +              } else {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>">
 +                      </td>
 +                      <?
 +              }
 +      }
 +
 +      ?>
 +      <td class="DataTD"><?=$verified?></td>
 +      <?
 +
 +      if ($verified === _("Pending")) {
 +              ?>
 +              <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
 +              <?
 +      } else {
 +              ?>
 +              <td class="DataTD">
 +                      <a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>">
 +                              <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
 +                      </a>
 +              </td>
 +              <?
 +      }
 +
 +      ?>
 +      <td class="DataTD"><?=$row['serial']?></td>
 +      <td class="DataTD"><?=$row['revoke']?></td>
 +      <td class="DataTD"><?=$row['expire']?></td>
 +      <td class="DataTD">
 +              <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
 +              <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
 +      </td>
 +      <?
 +
 +      if (1 != $support) {
 +              ?>
 +              <td class="DataTD">
 +                      <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
 +              </td>
 +              <?
 +              if (!$readonly) {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
 +                      </td>
 +                      <?
 +              }
 +      }
 +
 +      ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the server cert table
 + * @param int  $support - if support = 1 some columns ar not visible
 + * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_server_certs_header($support=0, $readonly=true){
 +      //should be entered in account/12.php
 +      ?>
 +      <tr>
 +      <?
 +              if (!$readonly) {
 +                      ?>
 +                      <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
 +                      <?
 +              }
 +              ?>
 +              <td class="DataTD"><?=_("Status")?></td>
 +              <td class="DataTD"><?=_("CommonName")?></td>
 +              <td class="DataTD"><?=_("SerialNumber")?></td>
 +              <td class="DataTD"><?=_("Revoked")?></td>
 +              <td class="DataTD"><?=_("Expires")?></td>
 +              <?
 +              if (1 != $support) {
 +                      ?>
 +                      <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 +                      <?
 +              }
 +      ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the server cert data
 + * @param array $row - associative array containing the column data
 + * @param int   $support - if support = 1 some columns are not visible
 + * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_server_certs($row, $support=0, $readonly=true){
 +      //should be entered in account/12.php
 +      $verified="";
 +      if ($row['timeleft'] > 0) {
 +              $verified = _("Valid");
 +      } else {
 +              $verified = _("Expired");
 +      }
 +
 +      if ($row['expired'] == 0) {
 +              $verified = _("Pending");
 +      }
 +
 +      if ($row['revoked'] == 0) {
 +              $row['revoke'] = _("Not Revoked");
 +      } else {
 +              $verified = _("Revoked");
 +      }
 +
 +      ?>
 +      <tr>
 +      <?
 +      if (!$readonly) {
 +              if ($verified === _("Pending")) {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/>
 +                      </td>
 +                      <?
 +              } elseif($verified === _("Revoked")) {
 +                      ?>
 +                      <td class="DataTD">&nbsp;</td>
 +                      <?
 +              } else {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/>
 +                      </td>
 +                      <?
 +              }
 +      }
 +
 +      ?>
 +      <td class="DataTD"><?=$verified?></td>
 +      <?
 +
 +      if ($verified === _("Pending")) {
 +              ?>
 +              <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td>
 +              <?
 +      } else {
 +              ?>
 +              <td class="DataTD">
 +                      <a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>">
 +                              <?=htmlspecialchars($row['CN'])?>
 +                      </a>
 +              </td>
 +              <?
 +      }
 +
 +      ?>
 +      <td class="DataTD"><?=$row['serial']?></td>
 +      <td class="DataTD"><?=$row['revoke']?></td>
 +      <td class="DataTD"><?=$row['expire']?></td>
 +      <?
 +
 +      if (1 != $support) {
 +              ?>
 +              <td class="DataTD">
 +                      <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
 +              </td>
 +              <?
 +              if (!$readonly) {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
 +                      </td>
 +                      <?
 +              }
 +      }
 +
 +      ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the table header to the gpg cert table
 + * @param int  $support - if support = 1 some columns ar not visible
 + * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_gpg_certs_header($support=0, $readonly=true){
 +      // $readonly is currently ignored but kept for consistency
 +      ?>
 +      <tr>
 +              <td class="DataTD"><?=_("Status")?></td>
 +              <td class="DataTD"><?=_("Email Address")?></td>
 +              <td class="DataTD"><?=_("Expires")?></td>
 +              <td class="DataTD"><?=_("Key ID")?></td>
 +              <?
 +              if (1 != $support) {
 +                      ?>
 +                      <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 +                      <?
 +              }
 +      ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * Show the gpg cert data
 + * @param array $row - associative array containing the column data
 + * @param int   $support - if support = 1 some columns are not visible
 + * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
 + */
 +function output_gpg_certs($row, $support=0, $readonly=true){
 +      //should be entered in account/55.php
 +      $verified="";
 +      if ($row['timeleft'] > 0) {
 +              $verified = _("Valid");
 +      } else {
 +              $verified = _("Expired");
 +      }
 +
 +      if ($row['expired'] == 0) {
 +              $verified = _("Pending");
 +      }
 +
 +      ?>
 +      <tr>
 +              <td class="DataTD"><?=$verified?></td>
 +      <?
 +
 +      if($verified == _("Pending")) {
 +              ?>
 +              <td class="DataTD"><?=htmlspecialchars($row['email'])?></td>
 +              <?
 +      } else {
 +              ?>
 +              <td class="DataTD">
 +                      <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
 +                              <?=htmlspecialchars($row['email'])?>
 +                      </a>
 +              </td>
 +              <?
 +      }
 +
 +      ?>
 +      <td class="DataTD"><?=$row['expire']?></td>
 +      <?
 +
 +      if($verified == _("Pending")) {
 +              ?>
 +              <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td>
 +              <?
 +      } else {
 +              ?>
 +              <td class="DataTD">
 +                      <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
 +                              <?=htmlspecialchars($row['keyid'])?>
 +                      </a>
 +              </td>
 +              <?
 +      }
 +
 +      if (1 != $support) {
 +              ?>
 +              <td class="DataTD">
 +                      <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
 +              </td>
 +              <?
 +              if (!$readonly) {
 +                      ?>
 +                      <td class="DataTD">
 +                              <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
 +                      </td>
 +                      <?
 +              }
 +      }
 +
 +      ?>
 +      </tr>
 +      <?
 +}
 +
 +/**
 + * revoke_assurance()
 + * revokes an assurance and adjusts the old point calculation
 + * @param mixed $assuranceid - id of the assurance
 + * @param mixed $toid        - id of the assuree
 + * @return
 + */
 +function revoke_assurance($assuranceid, $toid){
 +      $assuranceid = intval($assuranceid);
 +      $toid = intval($toid);
 +      $points = 0;
 +
 +      $query = "update `notary` set `deleted` = NOW() where `id` = '$assuranceid' LIMIT 1";
 +      mysql_query($query);
 +
 +      $query = "select * from `notary` where `to` = '$toid' and `method` != 'Administrative Increase' and `deleted` = 0 order by `when`";
 +      $res = mysql_query($query);
 +      while($row = mysql_fetch_assoc($res)){
 +              $maxToAward = max(100 - $points, 0);
 +              $newpoints = min($row['awarded'], $maxToAward);
 +
 +              $points += $row['awarded'];
 +
 +              $query = "update `notary` set `points` = '". (int)$newpoints ."' where `id`='" . (int)$row['id'] . "' LIMIT 1";
 +              mysql_query($query);
 +      }
 +
 +      fix_assurer_flag($toid);
 +}
diff --cc www/wot.php
@@@ -79,9 -80,9 +79,12 @@@ function show_page($target,$message,$er
                case '15':
                case 'MyPointsNew':     includeit(15, "wot");
                                        break;
-               case 'TTPForm': includeit(16, "wot");
-                       break;
 +              case '16':
++              case 'TTPForm':         includeit(16, "wot");
++                                      break;
+               case '17':
+               case 'AssurerCheck':    includeit(17, "wot");
+                                       break;
        }
  
        showfooter();