Source code taken from cacert-20130129.tar.bz2
[cacert.git] / includes / general.php
index 4919c84..d762586 100644 (file)
@@ -15,6 +15,9 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
+
+       require_once(dirname(__FILE__)."/lib/general.php");
+
        session_name("cacert");
        session_start();
 
 
                //echo "Points due to name matches: $points<br/>";
 
-               $do = `grep '$pwd' /usr/share/dict/american-english`;
+               $shellpwd = escapeshellarg($pwd);
+               $do = `grep $shellpwd /usr/share/dict/american-english`;
                if($do)
                        $points--;
 
                                return(0);
                }
 
-               if($points >= 300)
-                       return(200);
-               if($points >= 200)
-                       return(150);
                if($points >= 150)
                        return(35);
                if($points >= 140)
                return($text);
        }
        
-       // returns 0 if $userID is an Assurer
-       // Otherwise :
-       //       Bit 0 is always set
-       //       Bit 1 is set if 100 Assurance Points are not reached
-       //       Bit 2 is set if Assurer Test is missing
-       //       Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
-       function get_assurer_status($userID)
-       {
-               $Result = 0;
-               $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
-                       '  WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
-               if(mysql_num_rows($query) < 1)
-               {
-                       $Result |= 5;
-               }
-               
-               $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
-               $row = mysql_fetch_assoc($query);
-               if ($row['points'] < 100) {
-                       $Result |= 3;
-               }
-               
-               $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
-               $row = mysql_fetch_assoc($query);
-               if ($row['assurer_blocked'] > 0) {
-                       $Result |= 9;
-               }
-               
-               return $Result;
-       }
-       
+
        // returns text message to be shown to the user given the result of is_no_assurer
        function no_assurer_text($Status)
        {