Source code taken from cacert-20110820.tar.bz2
[cacert.git] / includes / wot.inc.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 function query_init ($query)
20 {
21 return mysql_query($query);
22 }
23
24 function query_getnextrow ($res)
25 {
26 $row1 = mysql_fetch_assoc($res);
27 return $row1;
28 }
29
30 function query_get_number_of_rows ($resultset)
31 {
32 return intval(mysql_num_rows($resultset));
33 }
34
35 function get_number_of_assurances ($userid)
36 {
37 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
38 WHERE `notary`.`from` != `notary`.`to` AND `notary`.`from`='".intval($userid)."'");
39 $row = query_getnextrow($res);
40
41 return intval($row['list']);
42 }
43
44 function get_number_of_assurees ($userid)
45 {
46 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
47 WHERE `notary`.`from` != `notary`.`to` AND `notary`.`to`='".intval($userid)."'");
48 $row = query_getnextrow($res);
49
50 return intval($row['list']);
51 }
52
53 function get_top_assurer_position ($no_of_assurances)
54 {
55 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
56 GROUP BY `notary`.`from` HAVING count(*) > '".intval($no_of_assurances)."'");
57 return intval(query_get_number_of_rows($res)+1);
58 }
59
60 function get_top_assuree_position ($no_of_assurees)
61 {
62 $res = query_init ("SELECT count(*) AS `list` FROM `notary`
63 GROUP BY `notary`.`to` HAVING count(*) > '".intval($no_of_assurees)."'");
64 return intval(query_get_number_of_rows($res)+1);
65 }
66
67 function get_given_assurances ($userid)
68 {
69 $res = query_init ("select * from `notary` where `notary`.`from`='".intval($userid)."' and `notary`.`from` != `to` order by `notary`.`id` asc");
70 return $res;
71 }
72
73 function get_received_assurances ($userid)
74 {
75 $res = query_init ("select * from `notary` where `notary`.`to`='".intval($userid)."' and `notary`.`from` != `notary`.`to` order by `notary`.`id` asc ");
76 return $res;
77 }
78
79 function get_given_assurances_summary ($userid)
80 {
81 $res = query_init ("select count(*) as number,points,awarded,method from notary where `notary`.`from`='".intval($userid)."' group by points,awarded,method");
82 return $res;
83 }
84
85 function get_received_assurances_summary ($userid)
86 {
87 $res = query_init ("select count(*) as number,points,awarded,method from notary where `notary`.`to`='".intval($userid)."' group by points,awarded,method");
88 return $res;
89 }
90
91 function get_user ($userid)
92 {
93 $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
94 return mysql_fetch_assoc($res);
95 }
96
97 function get_cats_state ($userid)
98 {
99
100 $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
101 WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
102 return mysql_num_rows($res);
103 }
104
105 function calc_experience ($row,&$points,&$experience,&$sum_experience)
106 {
107 $points += $row['awarded'];
108 $experience = "&nbsp;";
109 if ($row['method'] == "Face to Face Meeting")
110 {
111 $sum_experience = $sum_experience +2;
112 $experience = "2";
113 }
114 return $row['awarded'];
115 }
116
117 function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
118 {
119 $awarded = calc_points($row);
120
121 if ($awarded > 100)
122 {
123 $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
124 $awarded = 100;
125 }
126 else
127 $experience = 0;
128
129 switch ($row['method'])
130 {
131 case 'Thawte Points Transfer':
132 case 'CT Magazine - Germany':
133 case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
134 $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
135 $experience=0;
136 break;
137 default:
138 $points += $awarded;
139 }
140 $sumexperience = $sumexperience + $experience;
141 }
142
143
144 function show_user_link ($name,$userid)
145 {
146 $name = trim($name);
147 if($name == "")
148 $name = _("Deleted before Verification");
149 else
150 $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
151 return $name;
152 }
153
154 function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
155 {
156 $num_of_assurances = get_number_of_assurances (intval($userid));
157 $rank_of_assurer = get_top_assurer_position($num_of_assurances);
158 }
159
160 function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
161 {
162 $num_of_assurees = get_number_of_assurees (intval($userid));
163 $rank_of_assuree = get_top_assuree_position($num_of_assurees);
164 }
165
166
167 // ************* html table definitions ******************
168
169 function output_ranking($userid)
170 {
171 get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
172 get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
173
174 ?>
175 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
176 <tr>
177 <td class="title"><?=_("Assurer Ranking")?></td>
178 </tr>
179 <tr>
180 <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
181 </tr>
182 <tr>
183 <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
184 </tr>
185 </table>
186 <br/>
187 <?
188 }
189
190 function output_assurances_header($title)
191 {
192 ?>
193 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
194 <tr>
195 <td colspan="7" class="title"><?=$title?></td>
196 </tr>
197 <tr>
198 <td class="DataTD"><strong><?=_("ID")?></strong></td>
199 <td class="DataTD"><strong><?=_("Date")?></strong></td>
200 <td class="DataTD"><strong><?=_("Who")?></strong></td>
201 <td class="DataTD"><strong><?=_("Points")?></strong></td>
202 <td class="DataTD"><strong><?=_("Location")?></strong></td>
203 <td class="DataTD"><strong><?=_("Method")?></strong></td>
204 <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
205 </tr>
206 <?
207 }
208
209 function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
210 {
211 ?>
212 <tr>
213 <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
214 <td class="DataTD"><?=$points?></td>
215 <td class="DataTD">&nbsp;</td>
216 <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
217 <td class="DataTD"><?=$sumexperience?></td>
218 </tr>
219 </table>
220 <br/>
221 <?
222 }
223
224 function output_assurances_row($assuranceid,$date,$name,$points,$location,$method,$experience)
225 {
226 ?>
227 <tr>
228 <td class="DataTD"><?=$assuranceid?></td>
229 <td class="DataTD"><?=$date?></td>
230 <td class="DataTD"><?=$name?></td>
231 <td class="DataTD"><?=$points?></td>
232 <td class="DataTD"><?=$location?></td>
233 <td class="DataTD"><?=$method?></td>
234 <td class="DataTD"><?=$experience?></td>
235 </tr>
236 <?
237 }
238
239 function output_summary_header()
240 {
241 ?>
242 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
243 <tr>
244 <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
245 </tr>
246 <tr>
247 <td class="DataTD"><strong><?=_("Description")?></strong></td>
248 <td class="DataTD"><strong><?=_("Points")?></strong></td>
249 <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
250 <td class="DataTD"><strong><?=_("Remark")?></strong></td>
251 </tr>
252 <?
253 }
254
255 function output_summary_footer()
256 {
257 ?>
258 </table>
259 <br/>
260 <?
261 }
262
263 function output_summary_row($title,$points,$points_countable,$remark)
264 {
265 ?>
266 <tr>
267 <td class="DataTD"><strong><?=$title?></strong></td>
268 <td class="DataTD"><?=$points?></td>
269 <td class="DataTD"><?=$points_countable?></td>
270 <td class="DataTD"><?=$remark?></td>
271 </tr>
272 <?
273 }
274
275 function output_cats_needed()
276 {
277 ?>
278 <tr>
279 <td class="DataTD" colspan=4><strong style='color: red'><?=_("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")?></strong></td>
280 </tr>
281 <?
282 }
283
284
285 // ************* output given assurances ******************
286
287 function output_given_assurances_content($userid,&$points,&$sum_experience)
288 {
289 $points = 0;
290 $sumexperience = 0;
291 $res = get_given_assurances(intval($userid));
292 while($row = mysql_fetch_assoc($res))
293 {
294 $fromuser = get_user (intval($row['to']));
295 calc_experience ($row,$points,$experience,$sum_experience);
296 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
297 output_assurances_row (intval($row['id']),$row['date'],$name,intval($row['awarded']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
298 }
299 }
300
301 // ************* output received assurances ******************
302
303 function output_received_assurances_content($userid,&$points,&$sum_experience)
304 {
305 $points = 0;
306 $sumexperience = 0;
307 $res = get_received_assurances(intval($userid));
308 while($row = mysql_fetch_assoc($res))
309 {
310 $fromuser = get_user (intval($row['from']));
311 calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
312 $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
313 output_assurances_row (intval($row['id']),$row['date'],$name,$awarded,$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
314 }
315 }
316
317 // ************* output summary table ******************
318
319 function check_date_limit ($userid,$age)
320 {
321 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
322 $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
323 return intval(query_get_number_of_rows($res));
324 }
325
326 function calc_points($row)
327 {
328 if (intval($row['points']) < intval($row['awarded']))
329 $points = intval($row['awarded']); // if 'sum of added points' > 100, awarded shows correct value
330 else
331 $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
332 switch ($row['method'])
333 {
334 case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
335 case 'CT Magazine - Germany': // revoke c't (only one test-entry)
336 case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
337 $points = 0;
338 break;
339 case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
340 if ($points <= 2) // maybe limit to 35/50 pts in the future?
341 $points = 0;
342 break;
343 case 'unknown': // to be revoked in the future? limit to max 50 pts?
344 case 'Trusted 3rd Parties': // to be revoked in the future? limit to max 35 pts?
345 case '': // to be revoked in the future? limit to max 50 pts?
346 case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
347 break;
348 default: // should never happen ... ;-)
349 $points = 0;
350 }
351 if ($points < 0) // ignore negative points (bug needs to be fixed)
352 $points = 0;
353 return $points;
354 }
355
356 function max_points($userid)
357 {
358 return output_summary_content ($userid,0);
359 }
360
361 function output_summary_content($userid,$display_output)
362 {
363 $sum_points = 0;
364 $sum_experience = 0;
365 $sum_experience_other = 0;
366 $max_points = 100;
367 $max_experience = 50;
368
369 $experience_limit_reached_txt = _("Limit reached");
370
371 if (check_date_limit($userid,18) != 1)
372 {
373 $max_experience = 10;
374 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
375 }
376 if (check_date_limit($userid,14) != 1)
377 {
378 $max_experience = 0;
379 $experience_limit_reached_txt = _("Limit given by PoJAM reached");
380 }
381
382 $res = get_received_assurances_summary($userid);
383 while($row = mysql_fetch_assoc($res))
384 {
385 $points = calc_points ($row);
386
387 if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
388 {
389 $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
390 $points = $max_points;
391 }
392 $sum_points += $points*intval($row['number']);
393 }
394
395 $res = get_given_assurances_summary($userid);
396 while($row = mysql_fetch_assoc($res))
397 {
398 switch ($row['method'])
399 {
400 case 'Face to Face Meeting': // count Face to Face only
401 $sum_experience += 2*intval($row['number']);
402 break;
403 }
404
405 }
406
407 if ($sum_points > $max_points)
408 {
409 $sum_points_countable = $max_points;
410 $remark_points = _("Limit reached");
411 }
412 else
413 {
414 $sum_points_countable = $sum_points;
415 $remark_points = "&nbsp";
416 }
417 if ($sum_experience > $max_experience)
418 {
419 $sum_experience_countable = $max_experience;
420 $remark_experience = $experience_limit_reached_txt;
421 }
422 else
423 {
424 $sum_experience_countable = $sum_experience;
425 $remark_experience = "&nbsp;";
426 }
427
428 if ($sum_experience_countable + $sum_experience_other > $max_experience)
429 {
430 $sum_experience_other_countable = $max_experience-$sum_experience_countable;
431 $remark_experience_other = $experience_limit_reached_txt;
432 }
433 else
434 {
435 $sum_experience_other_countable = $sum_experience_other;
436 $remark_experience_other = "&nbsp;";
437 }
438
439 if ($sum_points_countable < $max_points)
440 {
441 if ($sum_experience_countable != 0)
442 $remark_experience = $points_on_hold_txt;_("Points on hold due to less assurance points");
443 $sum_experience_countable = 0;
444 if ($sum_experience_other_countable != 0)
445 $remark_experience_other = _("Points on hold due to less assurance points");
446 $sum_experience_other_countable = 0;
447 }
448
449 $issue_points = 0;
450 $cats_test_passed = get_cats_state ($userid);
451 if ($cats_test_passed == 0)
452 $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
453 else
454 {
455 $experience_total = $sum_experience_countable+$sum_experience_other_countable;
456 $issue_points_txt = "";
457 if ($sum_points_countable == $max_points)
458 $issue_points = 10;
459 if ($experience_total >= 10)
460 $issue_points = 15;
461 if ($experience_total >= 20)
462 $issue_points = 20;
463 if ($experience_total >= 30)
464 $issue_points = 25;
465 if ($experience_total >= 40)
466 $issue_points = 30;
467 if ($experience_total >= 50)
468 $issue_points = 35;
469 if ($issue_points != 0)
470 $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
471 }
472 if ($display_output)
473 {
474 output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
475 output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
476 output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
477 output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
478 }
479 return $issue_points;
480 }
481
482 function output_given_assurances($userid)
483 {
484 output_assurances_header(_("Assurance Points You Issued"));
485 output_given_assurances_content($userid,$points,$sum_experience);
486 output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
487 }
488
489 function output_received_assurances($userid)
490 {
491 output_assurances_header(_("Your Assurance Points"));
492 output_received_assurances_content($userid,$points,$sum_experience);
493 output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
494 }
495
496 function output_summary($userid)
497 {
498 output_summary_header();
499 output_summary_content($userid,1);
500 output_summary_footer();
501 }
502
503 function output_end_of_page()
504 {
505 ?>
506 <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
507 <?
508 }
509 ?>