Source code taken from cacert-20141124.tar.bz2
[cacert.git] / includes / notary.inc.php
index b34b2f4..3b8e736 100644 (file)
@@ -16,6 +16,9 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
+define('NULL_DATETIME', '0000-00-00 00:00:00');
+define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
+
        function query_init ($query)
        {
                return mysql_query($query);
@@ -35,7 +38,7 @@
        function get_number_of_assurances ($userid)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
+                       WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' and `deleted` = 0");
                $row = query_getnextrow($res);
 
                return intval($row['list']);
@@ -44,7 +47,7 @@
        function get_number_of_ttpassurances ($userid)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
+                       WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' and `deleted` = 0");
                $row = query_getnextrow($res);
 
                return intval($row['list']);
@@ -53,7 +56,7 @@
        function get_number_of_assurees ($userid)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
+                       WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' and `deleted` = 0");
                $row = query_getnextrow($res);
 
                return intval($row['list']);
@@ -62,7 +65,7 @@
        function get_top_assurer_position ($no_of_assurances)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting'
+                       WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
                        GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
                return intval(query_get_number_of_rows($res)+1);
        }
        function get_top_assuree_position ($no_of_assurees)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting'
+                       WHERE `method` = 'Face to Face Meeting' and `deleted` = 0
                        GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
                return intval(query_get_number_of_rows($res)+1);
        }
 
-       function get_given_assurances ($userid)
+       /**
+        * Get the list of assurances given by the user
+        * @param int $userid - id of the assurer
+        * @param int $log - if set to 1 also includes deleted assurances
+        * @return resource - a MySQL result set
+        */
+       function get_given_assurances($userid, $log=0)
        {
-               $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
+               $deleted='';
+               if ($log == 0) {
+                       $deleted = ' and `deleted` = 0 ';
+               }
+               $res = query_init("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc");
                return $res;
        }
 
-       function get_received_assurances ($userid)
+       /**
+        * Get the list of assurances received by the user
+        * @param int $userid - id of the assuree
+        * @param int $log - if set to 1 also includes deleted assurances
+        * @return resource - a MySQL result set
+        */
+       function get_received_assurances($userid, $log=0)
        {
-               $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
+               $deleted='';
+               if ($log == 0) {
+                       $deleted = ' and `deleted` = 0 ';
+               }
+               $res = query_init("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` $deleted order by `id` asc  ");
                return $res;
        }
 
        function get_given_assurances_summary ($userid)
        {
-               $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
+               $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
                return $res;
        }
 
        function get_received_assurances_summary ($userid)
        {
-               $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
+               $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' and `deleted` = 0 group by points,awarded,method");
                return $res;
        }
 
                return mysql_num_rows($res);
        }
 
-       function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
+
+       /**
+        * Calculate awarded points (corrects some issues like out of range points
+        * or points that were issued by means that have been deprecated)
+        *
+        * @param array $row - associative array containing the data from the
+        *     `notary` table
+        * @return int - the awarded points for this assurance
+        */
+       function calc_awarded($row)
+       {
+               // Back in the old days there was no `awarded` column => is now zero,
+               // there the `points` column contained that data
+               $points = max(intval($row['awarded']), intval($row['points']));
+
+               // Set negative points to zero, yes there are such things in the database
+               $points = max($points, 0);
+
+               switch ($row['method'])
+               {
+                       // These programmes have been revoked
+                       case 'Thawte Points Transfer':    // revoke all Thawte-points     (as per arbitration)
+                       case 'CT Magazine - Germany':      // revoke c't                   (only one test-entry)
+                       case 'Temporary Increase':            // revoke 'temporary increase'  (Current usage breaks audit aspects, needs to be reimplemented)
+                               $points = 0;
+                               break;
+
+                       case 'Administrative Increase':  // ignore AI with 2 points or less (historical for experiance points, now other calculation)
+                               if ($points <= 2)              // maybe limit to 35/50 pts in the future?
+                                       $points = 0;
+                               break;
+
+                       // TTP assurances, limit to 35
+                       case 'TTP-Assisted':
+                               $points = min($points, 35);
+                               break;
+
+                               // TTP TOPUP, limit to 30
+                       case 'TOPUP':
+                               $points = min($points, 30);
+
+                       // All these should be preserved for the time being
+                       case 'Unknown':                  // to be revoked in the future? limit to max 50 pts?
+                       case 'Trusted Third Parties':        // to be revoked in the future? limit to max 35 pts?
+                       case '':                                // to be revoked in the future? limit to max 50 pts?
+                       case 'Face to Face Meeting': // normal assurances (and superassurances?), limit to 35/50 pts in the future?
+                               break;
+
+                       default:                                // should never happen ... ;-)
+                               $points = 0;
+               }
+
+               return $points;
+       }
+
+
+       /**
+        * Calculate the experience points from a given Assurance
+        * @param array  $row - [inout] associative array containing the data from
+        *     the `notary` table, the keys 'experience' and 'calc_awarded' will be
+        *     added
+        * @param int    $sum_points - [inout] the sum of already counted assurance
+        *     points the assurer issued
+        * @param int    $sum_experience - [inout] the sum of already counted
+        *     experience points that were awarded to the assurer
+        */
+       function calc_experience(&$row, &$sum_points, &$sum_experience)
        {
-               $apoints = max($row['points'], $row['awarded']);
-               $points += $apoints;
-               $experience = "&nbsp;";
-               $revoked = false;                               # to be coded later (after DB-upgrade)
+               $row['calc_awarded'] = calc_awarded($row);
+
+               // Don't count revoked assurances even if we are displaying them
+               if ($row['deleted'] !== NULL_DATETIME) {
+                       $row['experience'] = 0;
+                       return;
+               }
+
+               $experience = 0;
                if ($row['method'] == "Face to Face Meeting")
                {
-                       $sum_experience = $sum_experience +2;
-                       $experience = "2";
+                       $experience = 2;
                }
-               return $apoints;
+               $sum_experience += $experience;
+               $row['experience'] = $experience;
+
+               $sum_points += $row['calc_awarded'];
        }
 
-       function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
+       /**
+        * Calculate the points received from a received Assurance
+        * @param array  $row - [inout] associative array containing the data from
+        *     the `notary` table, the keys 'experience' and 'calc_awarded' will be
+        *     added
+        * @param int    $sum_points - [inout] the sum of already counted assurance
+        *     points the assuree received
+        * @param int    $sum_experience - [inout] the sum of already counted
+        *     experience points that were awarded to the assurer
+        */
+       function calc_assurances(&$row, &$sum_points, &$sum_experience)
        {
-               $awarded = calc_points($row);
-               $revoked = false;
+               $row['calc_awarded'] = calc_awarded($row);
+               $experience = 0;
 
-               if ($awarded > 100)
+               // High point values mean that some of them are experience points
+               if ($row['calc_awarded'] > 100)
                {
-                       $experience = $awarded - 100;           // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
-                       $awarded = 100;
+                       $experience = $row['calc_awarded'] - 100;               // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
+                       $row['calc_awarded'] = 100;
                }
-               else
-                       $experience = 0;
 
                switch ($row['method'])
                {
                        case 'Thawte Points Transfer':
                        case 'CT Magazine - Germany':
                        case 'Temporary Increase':            // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
-                               $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
-                               $experience=0;
-                               $revoked=true;
+                               $experience = 0;
+                               $row['deleted'] = THAWTE_REVOCATION_DATETIME;
                                break;
-                       default:
-                               $points += $awarded;
                }
-               $sumexperience = $sumexperience + $experience;
-       }
 
+               // Don't count revoked assurances even if we are displaying them
+               if ($row['deleted'] !== NULL_DATETIME) {
+                       $row['experience'] = 0;
+                       return;
+               }
+
+               $sum_experience += $experience;
+               $row['experience'] = $experience;
+               $sum_points += $row['calc_awarded'];
+       }
 
-       function show_user_link ($name,$userid)
+       /**
+        * Generate a link to the support engineer page for the user with the name
+        * of the user as link text
+        * @param array $user - associative array containing the data from the
+        *     `user` table
+        * @return string
+        */
+       function show_user_link($user)
        {
-               $name = trim($name);
+               $name = trim($user['fname'].' '.$user['lname']);
+               $userid = intval($user['id']);
+
                if($name == "")
                {
-                       if ($userid == 0)
+                       if ($userid == 0) {
                                $name = _("System");
-                       else
+                       } else {
                                $name = _("Deleted account");
+                       }
                }
                else
-                       $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>".sanitizeHTML($name)."</a>";
+               {
+                       $name = "<a href='wot.php?id=9&amp;userid=".$userid."'>".sanitizeHTML($name)."</a>";
+               }
+
                return $name;
        }
 
-       function show_email_link ($email,$userid)
+       /**
+        * Generate a link to the support engineer page for the user with the email
+        * address as link text
+        * @param array $user - associative array containing the data from the
+        *     `user` table
+        * @return string
+        */
+       function show_email_link($user)
        {
-               $email = trim($email);
-               if($email != "")
-                       $email = "<a href='account.php?id=43&amp;userid=".intval($userid)."'>".sanitizeHTML($email)."</a>";
+               $email = trim($user['email']);
+               if($email != "") {
+                       $email = "<a href='account.php?id=43&amp;userid=".intval($user['id'])."'>".sanitizeHTML($email)."</a>";
+               }
                return $email;
        }
 
 <?
        }
 
-       function output_assurances_header($title,$support)
+       /**
+        * Render header for the assurance table (same for given/received)
+        * @param string $title - The title for the table
+        * @param int    $support - set to 1 if the output is for the support interface
+        * @param int    $log - if set to 1 also includes deleted assurances
+        */
+       function output_assurances_header($title, $support, $log)
        {
+               if ($support == 1) {
+                       $log = 1;
+               }
+
+               $colspan = 7;
+               if ($support == 1) {
+                       $colspan += 2;
+               }
+               if ($log == 1) {
+                       $colspan += 1;
+               }
 ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
        <tr>
-<?
-       if ($support == "1")
-       {
-?>
-               <td colspan="10" class="title"><?=$title?></td>
-<?
-       } else {
-?>
-               <td colspan="7" class="title"><?=$title?></td>
-<?
-       }
-?>
+               <td colspan="<?=$colspan?>" class="title"><?=$title?></td>
        </tr>
        <tr>
                <td class="DataTD"><strong><?=_("ID")?></strong></td>
                <td class="DataTD"><strong><?=_("Date")?></strong></td>
 <?
-       if ($support == "1")
-       {
+               if ($support == 1)
+               {
 ?>
                <td class="DataTD"><strong><?=_("When")?></strong></td>
                <td class="DataTD"><strong><?=_("Email")?></strong></td>
 <?
-       }
+               }
 ?>
                <td class="DataTD"><strong><?=_("Who")?></strong></td>
                <td class="DataTD"><strong><?=_("Points")?></strong></td>
                <td class="DataTD"><strong><?=_("Method")?></strong></td>
                <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
 <?
-       if ($support == "1")
-       {
+               if ($log == 1)
+               {
 ?>
-               <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
+               <td class="DataTD"><strong><?=_("Revoked")?></strong></td>
 <?
-       }
+               }
 ?>
        </tr>
 <?
        }
 
-       function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
+       /**
+        * Render footer for the assurance table (same for given/received)
+        * @param string $points_txt - Description for sum of assurance points
+        * @param int    $sumpoints - sum of assurance points
+        * @param string $experience_txt - Description for sum of experience points
+        * @param int    $sumexperience - sum of experience points
+        * @param int    $support - set to 1 if the output is for the support interface
+        * @param int    $log - if set to 1 also includes deleted assurances
+        */
+       function output_assurances_footer(
+                       $points_txt,
+                       $sumpoints,
+                       $experience_txt,
+                       $sumexperience,
+                       $support,
+                       $log)
        {
 ?>
        <tr>
-               <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
-               <td class="DataTD"><?=$points?></td>
+               <td colspan="<?=($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?=$points_txt?>:</strong></td>
+               <td class="DataTD"><?=intval($sumpoints)?></td>
                <td class="DataTD">&nbsp;</td>
                <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
-               <td class="DataTD"><?=$sumexperience?></td>
+               <td class="DataTD"><?=intval($sumexperience)?></td>
 <?
-       if ($support == "1")
-       {
+               if ($log == 1)
+               {
 ?>
                <td class="DataTD">&nbsp;</td>
 <?
-       }
+               }
 ?>
-
        </tr>
 </table>
 <br/>
 <?
        }
 
-       function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
+       /**
+        * Render an assurance for a view
+        * @param array   $assurance - associative array containing the data from the `notary` table
+        * @param int     $userid - Id of the user whichs given/received assurances are displayed
+        * @param array   $other_user - associative array containing the other users data from the `users` table
+        * @param int     $support - set to 1 if the output is for the support interface
+        * @param string  $ticketno - ticket number currently set in the support interface
+        * @param int     $log - if set to 1 also includes deleted assurances
+        */
+       function output_assurances_row(
+                       $assurance,
+                       $userid,
+                       $other_user,
+                       $support,
+                       $ticketno,
+                       $log)
        {
+               $assuranceid = intval($assurance['id']);
+               $date = $assurance['date'];
+               $when = $assurance['when'];
+               $awarded = intval($assurance['calc_awarded']);
+               $points = intval($assurance['points']);
+               $location = $assurance['location'];
+               $method = $assurance['method'] ? _($assurance['method']) : '';
+               $experience = intval($assurance['experience']);
+               $revoked = $assurance['deleted'] !== NULL_DATETIME;
+
+               $email = show_email_link($other_user);
+               $name = show_user_link($other_user);
+
+               if ($support == 1) {
+                       $log = 1;
+               }
 
                $tdstyle="";
                $emopen="";
 
                if ($awarded == $points)
                {
-                       if ($awarded == "0")
+                       if ($awarded == 0)
                        {
                                if ($when < "2006-09-01")
                                {
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
 <?
-               if ($support == "1")
+               if ($support == 1)
                {
 ?>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
                }
 ?>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
-               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
-               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=sanitizeHTML($location)?><?=$emclose?></td>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
-               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?$experience:'&nbsp;'?><?=$emclose?></td>
 <?
-               if ($support == "1")
+               if ($log == 1)
                {
                        if ($revoked == true)
                        {
 ?>
-               <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
+               <td class="DataTD" <?=$tdstyle?>><?=$assurance['deleted']?></td>
+<?
+                       } elseif ($support == 1) {
+?>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
 <?
                        } else {
 ?>
-               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
 <?
                        }
                }
 ?>
-    </tr>
+       </tr>
 <?
        }
 
 
 // ************* output given assurances ******************
 
-       function output_given_assurances_content($userid,&$points,&$sum_experience,$support)
+       /**
+        * Helper function to render assurances given by the user
+        * @param int  $userid
+        * @param int& $sum_points - [out] sum of given points
+        * @param int& $sum_experience - [out] sum of experience points gained
+        * @param int  $support - set to 1 if the output is for the support interface
+        * @param string $ticketno - the ticket number set in the support interface
+        * @param int  $log - if set to 1 also includes deleted assurances
+        */
+       function output_given_assurances_content(
+                       $userid,
+                       &$sum_points,
+                       &$sum_experience,
+                       $support,
+                       $ticketno,
+                       $log)
        {
-               $points = 0;
+               $sum_points = 0;
                $sumexperience = 0;
-               $res = get_given_assurances(intval($userid));
+               $res = get_given_assurances(intval($userid), $log);
                while($row = mysql_fetch_assoc($res))
                {
-                       $fromuser = get_user (intval($row['to']));
-                       $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked);
-                       $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
-                       $email = show_email_link ($fromuser['email'],intval($row['to']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+                       $assuree = get_user(intval($row['to']));
+                       calc_experience($row, $sum_points, $sum_experience);
+                       output_assurances_row($row, $userid, $assuree, $support, $ticketno, $log);
                }
        }
 
 // ************* output received assurances ******************
 
-       function output_received_assurances_content($userid,&$points,&$sum_experience,$support)
+       /**
+        * Helper function to render assurances received by the user
+        * @param int  $userid
+        * @param int& $sum_points - [out] sum of received points
+        * @param int& $sum_experience - [out] sum of experience points the assurers gained
+        * @param int  $support - set to 1 if the output is for the support interface
+        * @param string $ticketno - the ticket number set in the support interface
+        * @param int  $log - if set to 1 also includes deleted assurances
+        */
+       function output_received_assurances_content(
+                       $userid,
+                       &$sum_points,
+                       &$sum_experience,
+                       $support,
+                       $ticketno,
+                       $log)
        {
-               $points = 0;
+               $sum_points = 0;
                $sumexperience = 0;
-               $res = get_received_assurances(intval($userid));
+               $res = get_received_assurances(intval($userid), $log);
                while($row = mysql_fetch_assoc($res))
                {
-                       $fromuser = get_user (intval($row['from']));
-                       calc_assurances ($row,$points,$experience,$sum_experience,$awarded,$revoked);
-                       $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
-                       $email = show_email_link ($fromuser['email'],intval($row['from']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked);
+                       $fromuser = get_user(intval($row['from']));
+                       calc_assurances($row, $sum_points, $sum_experience);
+                       output_assurances_row($row, $userid, $fromuser, $support, $ticketno, $log);
                }
        }
 
                return intval(query_get_number_of_rows($res));
        }
 
-       function calc_points($row)
-       {
-               $awarded = intval($row['awarded']);
-               if ($awarded == "")
-                       $awarded = 0;
-               if (intval($row['points']) < $awarded)
-                       $points = $awarded;      // if 'sum of added points' > 100, awarded shows correct value
-               else
-                       $points = intval($row['points']);       // on very old assurances, awarded is '0' instead of correct value
-               switch ($row['method'])
-               {
-                       case 'Thawte Points Transfer':    // revoke all Thawte-points     (as per arbitration)
-                       case 'CT Magazine - Germany':      // revoke c't                   (only one test-entry)
-                       case 'Temporary Increase':            // revoke 'temporary increase'  (Current usage breaks audit aspects, needs to be reimplemented)
-                               $points = 0;
-                               break;
-                       case 'Administrative Increase':  // ignore AI with 2 points or less (historical for experiance points, now other calculation)
-                               if ($points <= 2)              // maybe limit to 35/50 pts in the future?
-                                       $points = 0;
-                               break;
-                       case 'Unknown':                  // to be revoked in the future? limit to max 50 pts?
-                       case 'Trusted Third Parties':        // to be revoked in the future? limit to max 35 pts?
-                       case 'TTP-Assisted':         // TTP assurances, limit to 35
-                       case 'TOPUP':        // TOPUP to be delevoped in the future, limit to 30
-                       case '':                                // to be revoked in the future? limit to max 50 pts?
-                       case 'Face to Face Meeting':        // normal assurances, limit to 35/50 pts in the future?
-                               break;
-                       default:                                // should never happen ... ;-)
-                               $points = 0;
-               }
-               if ($points < 0)                                // ignore negative points (bug needs to be fixed)
-                       $points = 0;
-               return $points;
-       }
-
        function max_points($userid)
        {
                return output_summary_content ($userid,0);
                $res = get_received_assurances_summary($userid);
                while($row = mysql_fetch_assoc($res))
                {
-                       $points = calc_points ($row);
+                       $points = calc_awarded($row);
 
                        if ($points > $max_points)                      // limit to 100 points, above is experience (needs to be fixed)
                        {
                return $issue_points;
        }
 
-       function output_given_assurances($userid,$support=0)
+       /**
+        * Render assurances given by the user
+        * @param int $userid
+        * @param int $support - set to 1 if the output is for the support interface
+        * @param string $ticketno - the ticket number set in the support interface
+        * @param int $log - if set to 1 also includes deleted assurances
+        */
+       function output_given_assurances($userid, $support=0, $ticketno='', $log=0)
        {
-               output_assurances_header(_("Assurance Points You Issued"),$support);
-               output_given_assurances_content($userid,$points,$sum_experience,$support);
-               output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
+               output_assurances_header(
+                               _("Assurance Points You Issued"),
+                               $support,
+                               $log);
+
+               output_given_assurances_content(
+                               $userid,
+                               $sum_points,
+                               $sum_experience,
+                               $support,
+                               $ticketno,
+                               $log);
+
+               output_assurances_footer(
+                               _("Total Points Issued"),
+                               $sum_points,
+                               _("Total Experience Points"),
+                               $sum_experience,
+                               $support,
+                               $log);
        }
 
-       function output_received_assurances($userid,$support=0)
+       /**
+        * Render assurances received by the user
+        * @param int $userid
+        * @param int $support - set to 1 if the output is for the support interface
+        * @param string $ticketno - the ticket number set in the support interface
+        * @param int $log - if set to 1 also includes deleted assurances
+        */
+       function output_received_assurances($userid, $support=0, $ticketno='', $log=0)
        {
-               output_assurances_header(_("Your Assurance Points"),$support);
-               output_received_assurances_content($userid,$points,$sum_experience,$support);
-               output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
+               output_assurances_header(
+                               _("Assurance Points You Received"),
+                               $support,
+                               $log);
+
+               output_received_assurances_content(
+                               $userid,
+                               $sum_points,
+                               $sum_experience,
+                               $support,
+                               $ticketno,
+                               $log);
+
+               output_assurances_footer(
+                               _("Total Points Received"),
+                               $sum_points,
+                               _("Total Experience Points"),
+                               $sum_experience,
+                               $support,
+                               $log);
        }
 
        function output_summary($userid)
        }
 
        /**
-        * get_first_user_agreement()
-        *  returns the first user_agreement entry of the requested type depending on thes status of active of a given user
-        * @param mixed $memid
-        * @param integer $active, 0 - passive, 1 -active
-        * @param string $type
-        * @return
+        * Get the first user_agreement entry of the requested type
+        * @param int $memid
+        * @param string $type - the type of user agreement, by default all
+        *     agreements are listed
+        * @param int $active - whether to get active or passive agreements:
+        *     0 := passive
+        *     1 := active
+        *     null := both
+        * @return array(string=>mixed) - an associative array containing
+        *     'document', 'date', 'method', 'comment', 'active'
         */
-       function get_first_user_agreement($memid, $active=1, $type="CCA"){
-       //returns an array (`document`,`date`,`method`, `comment`,`active`)
+       function get_first_user_agreement($memid, $type=null, $active=null){
+               $filter = '';
+               if (!is_null($type)) {
+                       $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+               }
+
+               if (!is_null($active)) {
+                       $filter .= " AND u.`active` = ".intval($active);
+               }
+
                $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
-                       WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) . " AND u.`active`=" . intval($active) .
-                       " ORDER BY u.`date` Limit 1;";
+                       WHERE u.`memid`=".intval($memid)."
+                               $filter
+                       ORDER BY u.`date` LIMIT 1";
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
                        $rec = mysql_fetch_assoc($res);
        }
 
        /**
-        * get_last_user_agreement()
-        *  returns the last user_agreement entry of a given type and of a given user
-        * @param mixed $memid
-        * @param string $type
-        * @return
+        * Get the last user_agreement entry of the requested type
+        * @param int $memid
+        * @param string $type - the type of user agreement, by default all
+        *     agreements are listed
+        * @param int $active - whether to get active or passive agreements:
+        *     0 := passive,
+        *     1 := active,
+        *     null := both
+        * @return array(string=>mixed) - an associative array containing
+        *     'document', 'date', 'method', 'comment', 'active'
         */
-       function get_last_user_agreement($memid, $type="CCA"){
-       //returns an array (`document`,`date`,`method`, `comment`,`active`)
-               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ;
+       function get_last_user_agreement($memid, $type=null, $active=null){
+               $filter = '';
+               if (!is_null($type)) {
+                       $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+               }
+
+               if (!is_null($active)) {
+                       $filter .= " AND u.`active` = ".intval($active);
+               }
+
+               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
+                       WHERE u.`memid`=".intval($memid)."
+                               $filter
+                       ORDER BY u.`date` DESC LIMIT 1";
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
                        $rec = mysql_fetch_assoc($res);
                return $rec;
        }
 
+/**
+ * Get the all user_agreement entries of the requested type
+ * @param int $memid
+ * @param string $type - the type of user agreement, by default all
+ *     agreements are listed
+ * @param int $active - whether to get an active or passive agreements:
+ *     0 := passive,
+ *     1 := active,
+ *     null := both
+ * @return resource - a mysql result set containing all agreements
+ */
+function get_user_agreements($memid, $type=null, $active=null){
+       $filter = '';
+       if (!is_null($type)) {
+               $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+       }
+
+       if (!is_null($active)) {
+               $filter .= " AND u.`active` = ".intval($active);
+       }
+
+       $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
+               WHERE u.`memid`=".intval($memid)."
+                       $filter
+               ORDER BY u.`date`";
+       return mysql_query($query);
+}
+
        /**
         * delete_user_agreement()
         *  deletes all entries for a given type from user_agreement of a given user, if type is not given all
         * @return
         */
        function delete_user_agreement($memid, $type=false){
-       //deletes all entries to an user for the given type of user agreements
                if ($type === false) {
                        $filter = '';
                } else {
 <?
                } else {
 ?>
-       <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
+       <input type="hidden" name="method" value="<?=$methods[0]?>" />
 <?
                }
        }
                }
 
        //change personal information to arbitration number and DOB=1900-01-01
-               $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
-               $details = mysql_fetch_assoc(mysql_query($query));
-               $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
-                       `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'";
-               mysql_query($query);
                $query = "update `users` set `fname`='".$arbno."',
                        `mname`='".$arbno."',
                        `lname`='".$arbno."',
        function check_date_difference($date, $diff=1){
                return (strtotime($date)<=time()+$diff*86400);
        }
+
+/**
+ * Write some information to the adminlog
+ *
+ * @param int $uid - id of the user account
+ * @param int $adminid - id of the admin
+ * @param string $type - the operation that was performed on the user account
+ * @param string $info - the ticket / arbitration number or other information
+ * @return bool - true := success, false := error
+ */
+function write_se_log($uid, $adminid, $type, $info){
+       //records all support engineer actions changing a user account
+       $uid = intval($uid);
+       $adminid = intval($adminid);
+       $type = mysql_real_escape_string($type);
+       $info = mysql_real_escape_string($info);
+       $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
+               (Now(), $uid, $adminid, '$type', '$info')";
+       return mysql_query($query);
+}
+
+/**
+ * Check if the entered information is a valid ticket or arbitration number
+ * @param string $ticketno
+ * @return bool
+ */
+function valid_ticket_number($ticketno){
+       //a arbitration case
+       //d dispute action
+       //s support case
+       //m board motion
+       $pattern='/[adsmADSM]\d{8}\.\d+/';
+       if (preg_match($pattern, $ticketno)) {
+               return true;
+       }
+       return false;
+}
+
+// function for handling account/43.php
+/**
+ * Get all data of an account given by the id from the `users` table
+ * @param int $userid - account id
+ * @param int $deleted - states if deleted data should be visible , default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_user_data($userid, $deleted=0){
+       $userid = intval($userid);
+       $filter='';
+       if (0==$deleted) {
+               $filter .=' and `users`.`deleted`=0';
+       }
+       $query = "select * from `users` where `users`.`id`='$userid' ".$filter;
+       return mysql_query($query);
+}
+
+/**
+ * Get the alert settings for a user
+ * @param int $userid for the requested account
+ * @return array - associative array
+ */
+function get_alerts($userid){
+       return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
+}
+
+/**
+ * Get all email addresses linked to the account
+ * @param int    $userid
+ * @param string $exclude - if given the email address will be excluded
+ * @param int    $deleted - states if deleted data should be visible, default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_email_addresses($userid, $exclude, $deleted=0){
+       //should be entered in account/2.php
+       $userid = intval($userid);
+       $filter='';
+       if (0==$deleted) {
+               $filter .= ' and `deleted`=0';
+       }
+       if ($exclude) {
+               $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
+       }
+       $query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
+       return mysql_query($query);
+}
+
+/**
+ * Get all domains linked to the account
+ * @param int $userid
+ * @param int $deleted - states if deleted data should be visible, default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_domains($userid, $deleted=0){
+       //should be entered in account/9.php
+       $userid = intval($userid);
+       $filter='';
+       if (0==$deleted) {
+               $filter .= ' and `deleted`=0';
+       }
+       $query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
+       return mysql_query($query);
+}
+
+/**
+ * Get all training results for the account
+ * @param int $userid
+ * @return resource - a mysql result set
+ */
+function get_training_results($userid){
+       //should be entered in account/55.php
+       $userid = intval($userid);
+       $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
+               " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
+               " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
+               " ORDER BY `CP`.`pass_date`";
+       return mysql_query($query);
+}
+
+/**
+ * Get all SE log entries for the account
+ * @param int $userid
+ * @return resource - a mysql result set
+ */
+function get_se_log($userid){
+       $userid = intval($userid);
+       $query = "SELECT `adminlog`.`when`, `adminlog`.`type`, `adminlog`.`information`, `users`.`fname`, `users`.`lname`
+               FROM `adminlog`, `users`
+               WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
+               ORDER BY `adminlog`.`when`";
+       return mysql_query($query);
+}
+
+/**
+ * Get all client certificates linked to the account
+ * @param int $userid
+ * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_client_certs($userid, $viewall=0){
+       //add to account/5.php
+       $userid = intval($userid);
+       $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
+               UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+               UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
+               `emailcerts`.`expire`,
+               `emailcerts`.`revoked` as `revoke`,
+               UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
+               `emailcerts`.`id`,
+               `emailcerts`.`CN`,
+               `emailcerts`.`serial`,
+               `emailcerts`.`disablelogin`,
+               `emailcerts`.`description`
+               from `emailcerts`
+               where `emailcerts`.`memid`='".$userid."'";
+       if($viewall == 0)
+       {
+               $query .= " AND `emailcerts`.`revoked`=0 AND `emailcerts`.`renewed`=0";
+               $query .= " HAVING `timeleft` > 0";
+       }
+       $query .= " ORDER BY `emailcerts`.`modified` desc";
+       return mysql_query($query);
+}
+
+/**
+ * Get all server certs linked to the account
+ * @param int $userid
+ * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_server_certs($userid, $viewall=0){
+       //add to account/12.php
+       $userid = intval($userid);
+       $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
+                       UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+                       UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
+                       `domaincerts`.`expire`,
+                       `domaincerts`.`revoked` as `revoke`,
+                       UNIX_TIMESTAMP(`revoked`) as `revoked`,
+                       `domaincerts`.`CN`,
+                       `domaincerts`.`serial`,
+                       `domaincerts`.`id`,
+                       `domaincerts`.`description`
+                       from `domaincerts`,`domains`
+                       where `domains`.`memid`='".$userid."' and `domaincerts`.`domid`=`domains`.`id`";
+       if($viewall == 0)
+       {
+               $query .= " AND `domaincerts`.`revoked`=0 AND `domaincerts`.`renewed`=0";
+               $query .= " HAVING `timeleft` > 0";
+       }
+       $query .= " ORDER BY `domaincerts`.`modified` desc";
+       return mysql_query($query);
+}
+
+/**
+ * Get all gpg certs linked to the account
+ * @param int $userid
+ * @param int $viewall - states if expired certs should be visible, default = 0 - not visible
+ * @return resource - a mysql result set
+ */
+function get_gpg_certs($userid, $viewall=0){
+       //add to gpg/2.php
+       $userid = intval($userid);
+       $query = $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
+                       UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+                       UNIX_TIMESTAMP(`expire`) as `expired`,
+                       `expire`, `id`, `level`, `email`, `keyid`, `description`
+                       from `gpg` where `memid`='".$userid."'";
+       if ($viewall == 0) {
+               $query .= " HAVING `timeleft` > 0";
+       }
+       $query .= " ORDER BY `issued` desc";
+       return mysql_query($query);
+}
+
+
+
+/**
+ * Show the table header to the email table for the admin log
+ */
+function output_log_email_header(){
+       ?>
+       <tr>
+               <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
+               <td class="DataTD bold"><?= _("Created") ?></td>
+               <td class="DataTD bold"><?= _("Deleted") ?></td>
+       </tr>
+
+       <?
+}
+/**
+ * Show all email data for the admin log
+ * @param array  $row - associative array containing the column data
+ * @param string $primary - if given the primary address is highlighted
+ */
+function output_log_email($row, $primary){
+       $style = '';
+       if ($row['deleted'] !== NULL_DATETIME) {
+               $style = ' deletedemailaddress';
+       } elseif ($primary == $row['email']) {
+               $style = ' primaryemailaddress';
+       }
+       ?>
+       <tr>
+               <td class="DataTD<?=$style?>"><?=$row['email']?></td>
+               <td class="DataTD<?=$style?>"><?=$row['created']?></td>
+               <td class="DataTD<?=$style?>"><?=$row['deleted']?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the domains table for the admin log
+ */
+function output_log_domains_header(){
+       ?>
+       <tr>
+               <td class="DataTD bold"><?= _("Domain") ?></td>
+               <td class="DataTD bold"><?= _("Created") ?></td>
+               <td class="DataTD bold"><?= _("Deleted") ?></td>
+       </tr>
+
+       <?
+}
+
+/**
+ * Show the domain data for the admin log
+ * @param array $row - associative array containing the column data
+ */
+function output_log_domains($row){
+       $italic='';
+       if ($row['deleted'] !== NULL_DATETIME) {
+               $italic=' italic';
+       }
+       ?>
+       <tr>
+               <td class="DataTD<?=$italic?>"><?=$row['domain']?></td>
+               <td class="DataTD<?=$italic?>"><?=$row['created']?></td>
+               <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the user agreement table for the admin log
+ */
+function output_log_agreement_header(){
+       ?>
+       <tr>
+               <td class="DataTD bold"><?= _("Agreement") ?></td>
+               <td class="DataTD bold"><?= _("Date") ?></td>
+               <td class="DataTD bold"><?= _("Method") ?></td>
+               <td class="DataTD bold"><?= _("Active ") ?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the agreement data for the admin log
+ * @param array $row - associative array containing the column data
+ */
+function output_log_agreement($row){
+       ?>
+       <tr>
+               <td class="DataTD" ><?=$row['document']?></td>
+               <td class="DataTD" ><?=$row['date']?></td>
+               <td class="DataTD" ><?=$row['method']?></td>
+               <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the training table
+ */
+function output_log_training_header(){
+       //should be entered in account/55.php
+       ?>
+       <tr>
+               <td class="DataTD bold"><?= _("Agreement") ?></td>
+               <td class="DataTD bold"><?= _("Test") ?></td>
+               <td class="DataTD bold"><?= _("Variant") ?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the training data
+ * @param array $row - associative array containing the column data
+ */
+function output_log_training($row){
+       //should be entered in account/55.php
+       ?>
+       <tr>
+               <td class="DataTD"><?=$row['pass_date']?></td>
+               <td class="DataTD"><?=$row['type_text']?></td>
+               <td class="DataTD"><?=$row['test_text']?></td>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the SE log table for the admin log
+ * @param int $support - if support = 1 more information is visible
+ */
+function output_log_se_header($support=0){
+       ?>
+       <tr>
+               <td class="DataTD bold"><?= _("Date") ?></td>
+               <td class="DataTD bold"><?= _("Type") ?></td>
+               <?
+               if (1 == $support) {
+                       ?>
+                       <td class="DataTD bold"><?= _("Information") ?></td>
+                       <td class="DataTD bold"><?= _("Admin") ?></td>
+                       <?
+               }
+               ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the SE log data for the admin log
+ * @param array $row - associative array containing the column data
+ * @param int   $support - if support = 1 more information is visible
+ */
+function output_log_se($row, $support=0){
+       //should be entered in account/55.php
+       ?>
+       <tr>
+               <td class="DataTD"><?=$row['when']?></td>
+               <td class="DataTD"><?=$row['type']?></td>
+               <?
+               if (1 == $support) {
+                       ?>
+                       <td class="DataTD"><?=$row['information']?></td>
+                       <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
+                       <?
+               }
+               ?>
+       </tr>
+       <?
+}
+
+/**
+ * Shows the table header to the client cert table
+ * @param int  $support - if support = 1 some columns ar not visible
+ * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_client_cert_header($support=0, $readonly=true){
+       //should be added to account/5.php
+       ?>
+       <tr>
+               <?
+               if (!$readonly) {
+                       ?>
+                       <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
+                       <?
+               }
+               ?>
+               <td class="DataTD"><?=_("Status")?></td>
+               <td class="DataTD"><?=_("Email Address")?></td>
+               <td class="DataTD"><?=_("SerialNumber")?></td>
+               <td class="DataTD"><?=_("Revoked")?></td>
+               <td class="DataTD"><?=_("Expires")?></td>
+               <td class="DataTD"><?=_("Login")?></td>
+               <?
+               if (1 != $support) {
+                       ?>
+                       <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+                       <?
+               }
+               ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the client cert data
+ * @param array $row - associative array containing the column data
+ * @param int   $support - if support = 1 some columns are not visible
+ * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_client_cert($row, $support=0, $readonly=true){
+       //should be entered in account/5.php
+       $verified="";
+       if ($row['timeleft'] > 0) {
+               $verified = _("Valid");
+       } else {
+               $verified = _("Expired");
+       }
+
+       if ($row['expired'] == 0) {
+               $verified = _("Pending");
+       }
+
+       if ($row['revoked'] == 0) {
+               $row['revoke'] = _("Not Revoked");
+       } else {
+               $verified = _("Revoked");
+       }
+
+       ?>
+       <tr>
+       <?
+       if (!$readonly) {
+               if ($verified === _("Pending")) {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>">
+                       </td>
+                       <?
+
+               } elseif ($verified === _("Revoked")) {
+                       ?>
+                       <td class="DataTD">&nbsp;</td>
+                       <?
+
+               } else {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>">
+                       </td>
+                       <?
+               }
+       }
+
+       ?>
+       <td class="DataTD"><?=$verified?></td>
+       <?
+
+       if ($verified === _("Pending")) {
+               ?>
+               <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
+               <?
+       } else {
+               ?>
+               <td class="DataTD">
+                       <a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>">
+                               <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
+                       </a>
+               </td>
+               <?
+       }
+
+       ?>
+       <td class="DataTD"><?=$row['serial']?></td>
+       <td class="DataTD"><?=$row['revoke']?></td>
+       <td class="DataTD"><?=$row['expire']?></td>
+       <td class="DataTD">
+               <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
+               <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
+       </td>
+       <?
+
+       if (1 != $support) {
+               ?>
+               <td class="DataTD">
+                       <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+               </td>
+               <?
+               if (!$readonly) {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+                       </td>
+                       <?
+               }
+       }
+
+       ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the server cert table
+ * @param int  $support - if support = 1 some columns ar not visible
+ * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_server_certs_header($support=0, $readonly=true){
+       //should be entered in account/12.php
+       ?>
+       <tr>
+       <?
+               if (!$readonly) {
+                       ?>
+                       <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
+                       <?
+               }
+               ?>
+               <td class="DataTD"><?=_("Status")?></td>
+               <td class="DataTD"><?=_("CommonName")?></td>
+               <td class="DataTD"><?=_("SerialNumber")?></td>
+               <td class="DataTD"><?=_("Revoked")?></td>
+               <td class="DataTD"><?=_("Expires")?></td>
+               <?
+               if (1 != $support) {
+                       ?>
+                       <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+                       <?
+               }
+       ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the server cert data
+ * @param array $row - associative array containing the column data
+ * @param int   $support - if support = 1 some columns are not visible
+ * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_server_certs($row, $support=0, $readonly=true){
+       //should be entered in account/12.php
+       $verified="";
+       if ($row['timeleft'] > 0) {
+               $verified = _("Valid");
+       } else {
+               $verified = _("Expired");
+       }
+
+       if ($row['expired'] == 0) {
+               $verified = _("Pending");
+       }
+
+       if ($row['revoked'] == 0) {
+               $row['revoke'] = _("Not Revoked");
+       } else {
+               $verified = _("Revoked");
+       }
+
+       ?>
+       <tr>
+       <?
+       if (!$readonly) {
+               if ($verified === _("Pending")) {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/>
+                       </td>
+                       <?
+               } elseif($verified === _("Revoked")) {
+                       ?>
+                       <td class="DataTD">&nbsp;</td>
+                       <?
+               } else {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/>
+                       </td>
+                       <?
+               }
+       }
+
+       ?>
+       <td class="DataTD"><?=$verified?></td>
+       <?
+
+       if ($verified === _("Pending")) {
+               ?>
+               <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td>
+               <?
+       } else {
+               ?>
+               <td class="DataTD">
+                       <a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>">
+                               <?=htmlspecialchars($row['CN'])?>
+                       </a>
+               </td>
+               <?
+       }
+
+       ?>
+       <td class="DataTD"><?=$row['serial']?></td>
+       <td class="DataTD"><?=$row['revoke']?></td>
+       <td class="DataTD"><?=$row['expire']?></td>
+       <?
+
+       if (1 != $support) {
+               ?>
+               <td class="DataTD">
+                       <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+               </td>
+               <?
+               if (!$readonly) {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+                       </td>
+                       <?
+               }
+       }
+
+       ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the table header to the gpg cert table
+ * @param int  $support - if support = 1 some columns ar not visible
+ * @param bool $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_gpg_certs_header($support=0, $readonly=true){
+       // $readonly is currently ignored but kept for consistency
+       ?>
+       <tr>
+               <td class="DataTD"><?=_("Status")?></td>
+               <td class="DataTD"><?=_("Email Address")?></td>
+               <td class="DataTD"><?=_("Expires")?></td>
+               <td class="DataTD"><?=_("Key ID")?></td>
+               <?
+               if (1 != $support) {
+                       ?>
+                       <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+                       <?
+               }
+       ?>
+       </tr>
+       <?
+}
+
+/**
+ * Show the gpg cert data
+ * @param array $row - associative array containing the column data
+ * @param int   $support - if support = 1 some columns are not visible
+ * @param bool  $readonly - whether elements to modify data should be hidden, default is `true`
+ */
+function output_gpg_certs($row, $support=0, $readonly=true){
+       //should be entered in account/55.php
+       $verified="";
+       if ($row['timeleft'] > 0) {
+               $verified = _("Valid");
+       } else {
+               $verified = _("Expired");
+       }
+
+       if ($row['expired'] == 0) {
+               $verified = _("Pending");
+       }
+
+       ?>
+       <tr>
+               <td class="DataTD"><?=$verified?></td>
+       <?
+
+       if($verified == _("Pending")) {
+               ?>
+               <td class="DataTD"><?=htmlspecialchars($row['email'])?></td>
+               <?
+       } else {
+               ?>
+               <td class="DataTD">
+                       <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
+                               <?=htmlspecialchars($row['email'])?>
+                       </a>
+               </td>
+               <?
+       }
+
+       ?>
+       <td class="DataTD"><?=$row['expire']?></td>
+       <?
+
+       if($verified == _("Pending")) {
+               ?>
+               <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td>
+               <?
+       } else {
+               ?>
+               <td class="DataTD">
+                       <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
+                               <?=htmlspecialchars($row['keyid'])?>
+                       </a>
+               </td>
+               <?
+       }
+
+       if (1 != $support) {
+               ?>
+               <td class="DataTD">
+                       <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+               </td>
+               <?
+               if (!$readonly) {
+                       ?>
+                       <td class="DataTD">
+                               <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+                       </td>
+                       <?
+               }
+       }
+
+       ?>
+       </tr>
+       <?
+}