bug 1138: inserted revoke certificate handling
authorINOPIAE <inopiae@cacert.org>
Mon, 20 Jan 2014 15:31:40 +0000 (16:31 +0100)
committerINOPIAE <inopiae@cacert.org>
Mon, 20 Jan 2014 15:31:40 +0000 (16:31 +0100)
includes/account.php
includes/notary.inc.php
pages/account/43.php

index 2960954..f75c5e8 100644 (file)
                $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
        }
 
-       if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+       if($oldid == 43 && $_REQUEST['action'] == 'revokecert' && $ticketvalidation==TRUE)
        {
                $userid = intval($_REQUEST['userid']);
                revoke_all_private_cert($userid);
+               write_se_log($userid, $_SESSION['profile']['id'], 'AD Revoke all certificates',$ticketno);
                $id=43;
        }
 
  */
        if($id == 59){
                if ($oldid == 43 && $_SESSION['profile']['admin'] == 1) {
-                       write_se_log($_REQUEST['userid'], $_SESSION['profile']['id'], 'View account history', $_REQUEST['ticketno']);
+                       write_se_log($_REQUEST['userid'], $_SESSION['profile']['id'], 'AD View account history', $_REQUEST['ticketno']);
                        $_SESSION['support']=1;
                }ELSEIF ($oldid == 13 && $_REQUEST['userid'] == $_SESSION['profile']['id']){
                        $_SESSION['support']=0;
index aaee304..52789b4 100644 (file)
 <?
        }
 
-       function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
+       function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked, $ticketno)
        {
 
                $tdstyle="";
 <?
                        } else {
 ?>
-               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
 <?
                        }
                }
 
 // ************* output given assurances ******************
 
-       function output_given_assurances_content($userid,&$points,&$sum_experience,$support)
+       function output_given_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
        {
                $points = 0;
                $sumexperience = 0;
                        $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
                        $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
                        $email = show_email_link ($fromuser['email'],intval($row['to']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
                }
        }
 
 // ************* output received assurances ******************
 
-       function output_received_assurances_content($userid,&$points,&$sum_experience,$support)
+       function output_received_assurances_content($userid,&$points,&$sum_experience,$support, $ticketno)
        {
                $points = 0;
                $sumexperience = 0;
                        calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
                        $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
                        $email = show_email_link ($fromuser['email'],intval($row['from']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked, $ticketno);
                }
        }
 
                return $issue_points;
        }
 
-       function output_given_assurances($userid,$support=0)
+       function output_given_assurances($userid,$support=0, $ticketno)
        {
                output_assurances_header(_("Assurance Points You Issued"),$support);
-               output_given_assurances_content($userid,$points,$sum_experience,$support);
+               output_given_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
                output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
        }
 
-       function output_received_assurances($userid,$support=0)
+       function output_received_assurances($userid,$support=0, $ticketno)
        {
                output_assurances_header(_("Your Assurance Points"),$support);
-               output_received_assurances_content($userid,$points,$sum_experience,$support);
+               output_received_assurances_content($userid,$points,$sum_experience,$support, $ticketno);
                output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
        }
 
index bee4b20..34fc1ec 100644 (file)
@@ -952,6 +952,7 @@ if(intval($_REQUEST['userid']) > 0) {
                     <input type="hidden" name="oldid" value="43">
                     <input type="hidden" name="userid" value="<?=intval($userid)?>">
                     <input type="submit" value="<?=_('revoke certificates')?>">
+                    <input type="hidden" name="ticketno" value="<?=$ticketno?>"/>
                 </form>
             </td>
         </tr>
@@ -1008,7 +1009,7 @@ if(intval($_REQUEST['userid']) > 0) {
             <td class="DataTD"><?=intval($drow['points'])?></td>
             <td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
             <td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
-            <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
+            <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
         </tr>
     <?
         }
@@ -1055,7 +1056,7 @@ if(intval($_REQUEST['userid']) > 0) {
             <td class="DataTD"><?=$drow['points']?></td>
             <td class="DataTD"><?=$drow['location']?></td>
             <td class="DataTD"><?=$drow['method']?></td>
-            <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
+            <td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=$ticketno?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$drow['id'])?>');"><?=_("Revoke")?></a></td>
         </tr>
     <?
         }
@@ -1080,10 +1081,10 @@ if(isset($_GET['shownotary'])) {
             showassuredby();
             break;
         case 'assuredto15':
-            output_received_assurances(intval($_GET['userid']),1);
+            output_received_assurances(intval($_GET['userid']),1,$ticketno);
             break;
         case 'assuredby15':
-            output_given_assurances(intval($_GET['userid']),1);
+            output_given_assurances(intval($_GET['userid']),1, $ticketno);
             break;
     }
 }