bug 1121: Added backticks to sql-queries, small typo fix
authorINOPIAE <inopiae@cacert.org>
Sun, 6 Jan 2013 22:09:02 +0000 (23:09 +0100)
committerINOPIAE <inopiae@cacert.org>
Sun, 6 Jan 2013 22:09:02 +0000 (23:09 +0100)
includes/notary.inc.php
www/wot.php

index 81c79f0..2e064e6 100644 (file)
        //functions to do with recording user agreements
        function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
        // write a new record to the table user_agreement
-               $query="insert into user_agreements set memid=".$memid.", secmemid=".$secmemid.
-                       ",document='".$document."',date=NOW(), active=".$active.",method='".$method."',`comment`='".$comment."'" ;
+               $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
+                       ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
                $res = mysql_query($query);
        }
        
        function get_user_agreement_status($memid, $type="CCA"){
        //returns 0 - no user agreement, 1- at least one entry
-               $query="SELECT u.`document` FROM user_agreements u 
+               $query="SELECT u.`document` FROM `user_agreements` u 
                        WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) <=0){
                }else{
                        $filter="u.`secmemid`=".$memid;
                }
-               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u
+               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
                        WHERE u.`document` = '".$type."' AND ".$filter."
                        ORDER BY u.`date` Limit 1;";
                $res = mysql_query($query);
 
        function get_last_user_agreement($memid, $type="CCA"){
        //returns an array (`document`,`date`,`method`, `comment`,`active`)
-               $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by date desc limit 1)
+               $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
  union
- (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by date desc limit 1" ;
+ (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
                        $row = mysql_fetch_assoc($res);
index c09f910..0b8e23a 100644 (file)
@@ -298,8 +298,9 @@ $iecho= "c";
                mysql_query($query);
                fix_assurer_flag($_SESSION['_config']['notarise']['id']);
                include_once("../includes/notary.inc.php");
-               write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);
-/* to be activates after the CCA recording is announced
+/*to be activated after CCA accept option is implemented in form
+               write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);}*/
+/* to be activated after the CCA recording is announced
                write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']); */
                
                if($_SESSION['profile']['points'] < 150)