Source code taken from cacert-20111021.tar.bz2
authorMichael Tänzer <neo@nhng.de>
Fri, 21 Oct 2011 18:30:04 +0000 (20:30 +0200)
committerMichael Tänzer <neo@nhng.de>
Fri, 21 Oct 2011 18:30:04 +0000 (20:30 +0200)
pages/account/12.php
pages/account/18.php
pages/account/22.php
pages/account/43.php
pages/account/5.php
pages/index/1.php
scripts/37de-blit2011-email.txt [new file with mode: 0644]
scripts/37de-blit2011-mail.php.txt [new file with mode: 0644]

index 40135be..44926ca 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="5" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
+       <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
   </tr>
@@ -33,7 +34,7 @@
                        UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
                        `domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
-                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`id` as `id`
+                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
                        from `domaincerts`,`domains`
                        where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
        if($viewall != 1)
@@ -48,7 +49,7 @@
        {
 ?>
   <tr>
-    <td colspan="5" class="DataTD"><?=_("No domains are currently listed.")?></td>
+    <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
 <? } ?>
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
+       <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
            <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
   </tr>
 <? } ?>
index 5ee1a3b..47fac9e 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="5" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
+       <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
 
@@ -33,7 +34,7 @@
                        UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`expire`) as `expired`,
                        `expire` as `expires`, `revoked` as `revoke`,
-                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `id`
+                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `serial`, `id`
                        from `orgemailcerts`, `org`
                        where `memid`='".intval($_SESSION['profile']['id'])."' and
                                `org`.`orgid`=`orgemailcerts`.`orgid` ";
@@ -48,7 +49,7 @@
        {
 ?>
   <tr>
-    <td colspan="5" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+    <td colspan="6" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
 <? } ?>
+       <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
                        <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
   </tr>
 <? } ?>
index 565cb5f..9df8200 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="5" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
+       <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
 
@@ -33,7 +34,9 @@
                        UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired`,
                        `orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
-                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `orgdomaincerts`.`id` as `id`
+                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
+                       `orgdomaincerts`.`serial`,
+                        `orgdomaincerts`.`id` as `id`
                        from `orgdomaincerts`,`org`
                        where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
        if($viewall != 1)
@@ -48,7 +51,7 @@
        {
 ?>
   <tr>
-    <td colspan="5" class="DataTD"><?=_("No domains are currently listed.")?></td>
+    <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
 <? } ?>
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
+       <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
            <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
   </tr>
 <? } ?>
index 3212667..f058770 100644 (file)
@@ -41,14 +41,26 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
     //if(!strstr($email, "%"))
     //  $emailsearch = "%$email%";
 
-    if(intval($email) > 0)
-      $emailsearch = "";
-
-    $query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
-        where `users`.`id`=`email`.`memid` and
-        (`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
-        `email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
-        group by `users`.`id` limit 100";
+    // bug-975 ted+uli changes --- begin
+    if(preg_match("/^[0-9]+$/", $email)) {
+      // $email consists of digits only ==> search for IDs
+      // Be defensive here (outer join) if primary mail is not listed in email table
+      $query = "select `users`.`id` as `id`, `email`.`email` as `email`
+          from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
+          where (`email`.`id`='$email' or `users`.`id`='$email')
+            and `users`.`deleted`=0
+          group by `users`.`id` limit 100";
+    } else {
+      // $email contains non-digits ==> search for mail addresses
+      // Be defensive here (outer join) if primary mail is not listed in email table
+      $query = "select `users`.`id` as `id`, `email`.`email` as `email` 
+          from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
+          where (`email`.`email` like '$emailsearch' 
+                 or `users`.`email` like '$emailsearch')
+            and `users`.`deleted`=0
+          group by `users`.`id` limit 100";
+    }
+    // bug-975 ted+uli changes --- end 
     $res = mysql_query($query);
     if(mysql_num_rows($res) > 1) { ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
@@ -141,7 +153,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
         {
                 echo "<option";
                 if($day == $i)
-                       echo " selected='selected'";
+                    echo " selected='selected'";
                 echo ">$i</option>";
         }
 ?>
@@ -320,6 +332,158 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 </table>
 <br>
 <? } ?>
+<? //  Begin - Debug infos ?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+  <tr>
+    <td colspan="2" class="title"><?=_("Account State")?></td>
+  </tr>
+
+<?  
+  // ---  bug-975 begin ---
+  //  potential db inconsistency like in a20110804.1
+  //    Admin console -> don't list user account
+  //    User login -> impossible
+  //    Assurer, assure someone -> user displayed
+  /*  regular user account search with regular settings
+
+    --- Admin Console find user query
+    $query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
+        where `users`.`id`=`email`.`memid` and
+        (`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
+        `email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
+        group by `users`.`id` limit 100";
+     => requirements
+       1.  email.hash = ''
+       2.  email.deleted = 0
+       3.  users.deleted = 0
+       4.  email.email = primary-email       (???) or'd
+      not covered by admin console find user routine, but may block users login
+       5.  users.verified = 0|1
+      further "special settings"   
+       6.  users.locked  (setting displayed in display form)
+       7.  users.assurer_blocked   (setting displayed in display form)
+
+    --- User login user query
+    select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
+                                               `password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0
+               => requirements
+       1. users.verified = 1
+       2. users.deleted = 0
+       3. users.locked = 0
+       4. users.email = primary-email                          
+
+    --- Assurer, assure someone find user query
+    select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
+           and `deleted`=0
+               => requirements
+       1. users.deleted = 0
+       2. users.email = primary-email
+                                     Admin      User        Assurer
+      bit                            Console    Login       assure someone
+
+       1.  email.hash = ''            Yes        No           No
+       2.  email.deleted = 0          Yes        No           No
+       3.  users.deleted = 0          Yes        Yes          Yes
+       4.  users.verified = 1         No         Yes          No       
+       5.  users.locked = 0           No         Yes          No
+       6.  users.email = prim-email   No         Yes          Yes
+       7.  email.email = prim-email   Yes        No           No
+                 
+    full usable account needs all 7 requirements fulfilled
+    so if one setting isn't set/cleared there is an inconsistency either way
+    if eg email.email is not avail, admin console cannot open user info
+    but user can login and assurer can display user info
+    if user verified is not set to 1, admin console displays user record
+    but user cannot login, but assurer can search for the user and the data displays
+
+    consistency check:
+    1. search primary-email in users.email
+    2. search primary-email in email.email
+    3. userid = email.memid
+    4. check settings from table 1. - 5.
+
+   */
+
+  $inconsistency = 0;
+  $inconsistencydisp = "";
+  $inccause = "";
+   // current userid  intval($row['id'])
+  $query = "select `email` as `uemail`, `deleted` as `udeleted`, `verified`, `locked`
+      from `users` where `id`='".intval($row['id'])."' ";
+  $dres = mysql_query($query);
+  $drow = mysql_fetch_assoc($dres);
+  $uemail    = $drow['uemail'];
+  $udeleted  = $drow['udeleted'];
+  $uverified = $drow['verified'];
+  $ulocked   = $drow['locked'];
+
+  $query = "select `hash`, `email` as `eemail` from `email`
+      where `memid`='".intval($row['id'])."' and
+      `email` ='".$uemail."' and
+      `deleted` = 0";
+  $dres = mysql_query($query);
+  if ($drow = mysql_fetch_assoc($dres)) {
+    $drow['edeleted'] = 0;
+  } else {
+       // try if there are deleted entries
+    $query = "select `hash`, `deleted` as `edeleted`, `email` as `eemail` from `email`
+        where `memid`='".intval($row['id'])."' and
+        `email` ='".$uemail."'";
+    $dres = mysql_query($query);
+    $drow = mysql_fetch_assoc($dres);
+  }
+  
+  if ($drow) {
+    $eemail    = $drow['eemail'];
+    $edeleted  = $drow['edeleted'];
+    $ehash     = $drow['hash'];
+    if ($udeleted!=0) {
+      $inconsistency += 1;
+      $inccause .= (empty($inccause)?"":"<br>")._("Users record set to deleted");
+    }
+    if ($uverified!=1) {
+      $inconsistency += 2;
+      $inccause .= (empty($inccause)?"":"<br>")._("Users record verified not set");
+    }
+    if ($ulocked!=0) {
+      $inconsistency += 4;
+      $inccause .= (empty($inccause)?"":"<br>")._("Users record locked set");
+    }
+    if ($edeleted!=0) {
+      $inconsistency += 8;
+      $inccause .= (empty($inccause)?"":"<br>")._("Email record set deleted");    
+    }
+    if ($ehash!='') {
+      $inconsistency += 16;
+      $inccause .= (empty($inccause)?"":"<br>")._("Email record hash not unset");        
+    }
+  } else {
+    $inconsistency = 32;
+    $inccause = _("Prim. email, Email record doesn't exist");
+  }
+  if ($inconsistency>0) {
+     // $inconsistencydisp = _("Yes");
+?>
+  <tr>
+    <td class="DataTD"><?=_("Account inconsistency")?>:</td>
+    <td class="DataTD"><?=$inccause?><br>code: <?=$inconsistency?></td>
+  </tr>
+  <tr>
+    <td colspan="2" class="DataTD" style="max-width: 75ex">
+      <?=_("Account inconsistency can cause problems in daily account ".
+      "operations and needs to be fixed manually through arbitration/critical ".
+      "team.")?>
+     </td>
+  </tr>  
+<? }
+
+  // ---  bug-975 end ---
+?>
+</table>
+<br>
+<?    
+ //  End - Debug infos
+?>
 
 <a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
  (<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
index ee500c0..5c131ba 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="7" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("Email Address")?></td>
+       <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
     <td class="DataTD"><?=_("Login")?></td>
@@ -38,6 +39,7 @@
                        UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`, 
                        `emailcerts`.`id`,
                        `emailcerts`.`CN`,
+                       `emailcerts`.`serial`,
                        emailcerts.disablelogin as `disablelogin`
                        from `emailcerts`
                        where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
@@ -54,7 +56,7 @@
        {
 ?>
   <tr>
-    <td colspan="5" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+    <td colspan="7" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
@@ -84,6 +86,7 @@
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
 <? } ?>
+       <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
     <td class="DataTD">
index f4343e7..a60a242 100644 (file)
 <form method="post" action="index.php" autocomplete="off">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
   <tr>
-    <td colspan="2" class="title"><?=_("My Details")?></td>
+    <td colspan="3" class="title"><?=_("My Details")?></td>
   </tr>
+
   <tr>
     <td class="DataTD" width="125"><?=_("First Name")?>: </td>
     <td class="DataTD" width="125"><input type="text" name="fname" value="<?=array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" autocomplete="off"></td>
+    <td rowspan="4" class="DataTD" width="125"><? printf(_("Help on Names %sin the wiki%s"),'<a href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td>
   </tr>
+
   <tr>
     <td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
       (<?=_("optional")?>)
     </td>
     <td class="DataTD"><input type="text" name="mname" value="<?=array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" autocomplete="off"></td>
   </tr>
+
   <tr>
     <td class="DataTD"><?=_("Last Name")?>: </td>
     <td class="DataTD"><input type="text" name="lname" value="<?=array_key_exists('lname',$_REQUEST)?sanitizeHTML($_REQUEST['lname']):""?>" autocomplete="off"></td>
   </tr>
+
   <tr>
     <td class="DataTD"><?=_("Suffix")?><br>
       (<?=_("optional")?>)</td>
-    <td class="DataTD"><input type="text" name="suffix" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" autocomplete="off"><br><?=sprintf(_("Please only write %sName Suffixes%s into this field."),'<a href="http://en.wikipedia.org/wiki/Suffix_%28name%29" target="_blank">','</a>')?></td>
+    <td class="DataTD"><input type="text" name="suffix" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" autocomplete="off"><br><?=sprintf(_("Please only write Name Suffixes into this field."))?></td>
   </tr>
+
   <tr>
     <td class="DataTD"><?=_("Date of Birth")?><br>
            (<?=_("dd/mm/yyyy")?>)</td>
     </select>
     <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['signup']) ? sanitizeHTML($_SESSION['signup']['year']):""?>" size="4" autocomplete="off"></nobr>
     </td>
+    <td class="DataTD">&nbsp;</td>
   </tr>
+
   <tr>
     <td class="DataTD"><?=_("Email Address")?>: </td>
-    <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" autocomplete="off"><br/><?=_("I own or am authorised to control this email address")?>
-</td>
+    <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" autocomplete="off"></td>
+    <td class="DataTD"><?=_("I own or am authorised to control this email address")?></td>
   </tr>
+
   <tr>
     <td class="DataTD"><?=_("Pass Phrase")?><font color="red">*</font>: </td>
     <td class="DataTD"><input type="password" name="pword1" autocomplete="off"></td>
+    <td class="DataTD" rowspan="2">&nbsp;</td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Pass Phrase Again")?><font color="red">*</font>: </td>
     <td class="DataTD"><input type="password" name="pword2" autocomplete="off"></td>
   </tr>
+
   <tr>
-    <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td>
+    <td class="DataTD" colspan="3"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td>
   </tr>
+
   <tr>
-    <td class="DataTD" colspan="2"><?=_("Lost Pass Phrase Questions - Please enter five questions and your responses to be used for security verification.")?></td>
+    <td class="DataTD" colspan="3"><?=_("Lost Pass Phrase Questions - Please enter five questions and your responses to be used for security verification.")?></td>
   </tr>
+
   <tr>
     <td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?=array_key_exists('Q1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q1']):""?>"></td>
     <td class="DataTD"><input type="text" name="A1" value="<?=array_key_exists('A1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A1']):""?>" autocomplete="off"></td>
+    <td class="DataTD" rowspan="5">&nbsp;</td>
   </tr>
+
   <tr>
     <td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?=array_key_exists('Q2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q2']):""?>"></td>
     <td class="DataTD"><input type="text" name="A2" value="<?=array_key_exists('A2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A2']):""?>" autocomplete="off"></td>
   </tr>
+
   <tr>
     <td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?=array_key_exists('Q3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q3']):""?>"></td>
     <td class="DataTD"><input type="text" name="A3" value="<?=array_key_exists('A3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A3']):""?>" autocomplete="off"></td>
   </tr>
+
   <tr>
     <td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?=array_key_exists('Q4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q4']):""?>"></td>
     <td class="DataTD"><input type="text" name="A4" value="<?=array_key_exists('A4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A4']):""?>" autcomplete="off"></td>
   </tr>
+
   <tr>
   <td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?=array_key_exists('Q5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q5']):""?>"></td>
     <td class="DataTD"><input type="text" name="A5" value="<?=array_key_exists('A5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A5']):""?>" autocomplete="off"></td>
   </tr>
+
   <tr>
-    <td class="DataTD" colspan="2"><?=_("It's possible to get notifications of up and coming events and even just general announcements, untick any notifications you don't wish to receive. For country, regional and radius notifications to work you must choose your location once you've verified your account and logged in.")?></td>
+    <td class="DataTD" colspan="3"><?=_("It's possible to get notifications of up and coming events and even just general announcements, untick any notifications you don't wish to receive. For country, regional and radius notifications to work you must choose your location once you've verified your account and logged in.")?></td>
   </tr>
+
   <tr>
     <td class="DataTD" valign="top"><?=_("Alert me if")?>: </td>
     <td class="DataTD" align="left">
        <input type="checkbox" name="country" value="1" <?=array_key_exists('country',$_SESSION['signup'])? ($_SESSION['signup']['country'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Country Announcements")?><br>
        <input type="checkbox" name="regional" value="1" <?=array_key_exists('regional',$_SESSION['signup'])? ($_SESSION['signup']['regional'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Regional Announcements")?><br>
        <input type="checkbox" name="radius" value="1" <?=array_key_exists('radius',$_SESSION['signup'])? ($_SESSION['signup']['radius'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Within 200km Announcements")?></td>
+    <td class="DataTD">&nbsp;</td>
   </tr>
+
   <tr>
-    <td class="DataTD" colspan="2"><?=_("When you click on next, we will send a confirmation email to the email address you have entered above.")?></td>
+    <td class="DataTD" colspan="3"><?=_("When you click on next, we will send a confirmation email to the email address you have entered above.")?></td>
   </tr>
   <tr>
-    <td class="DataTD" colspan="2"><input type="checkbox" name="cca_agree" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> ><?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.php">http://www.cacert.org/policy/CAcertCommunityAgreement.php</a></td>
+    <td class="DataTD" colspan="3"><input type="checkbox" name="cca_agree" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> ><?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.php">http://www.cacert.org/policy/CAcertCommunityAgreement.php</a></td>
   </tr>
 
   <tr>
-    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+    <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=_("Next")?>"></td>
   </tr>
 
 </table>
diff --git a/scripts/37de-blit2011-email.txt b/scripts/37de-blit2011-email.txt
new file mode 100644 (file)
index 0000000..365bd5b
--- /dev/null
@@ -0,0 +1,18 @@
+8. Brandenburger Linux-Infotag 2011 -- Helfer Gesucht
+:::::::::::::::::::::::::::::::::::::::::::::::::::::
+
+Hallo CAcerties,
+
+am Samstag, dem 5. November 2011 moechte sich CAcert mit einem Stand auf dem 8. Brandenburger Linux-Infotag 2011 (Motto: "Freie Gedanken - Freie Systeme") praesentieren. Hierzu wurde nun im Wiki eine Organisationsseite eingerichtet, auf der Ihr Euch als Helfer eintragen koennt
+ http://wiki.cacert.org/events/BLIT2011
+Sofern Ihr aus Berlin, Potsdam sowie Umgebung oder von woanders kommt und Zeit wie auch Lust habt, dann tragt Euch bitte, gerne auch nur fuer einen
+bestimmten Zeitraum, ein. Wer in den vergangenen Jahren dabei war, weiss vieviel Spass es allen gemacht hat!
+
+Auf der Veranstaltung sind Professoren, wissenschaftliche Mitarbeiter und in jedem Fall viele Studenten zu erwarten. Es waere daher super, wenn wir dort moeglichst viele von CAcert ueberzeugen koennen, um dort eine neue Keimzelle entstehen lassen zu koennen. Daher benoetigen wir mindestens drei Assurer, um 100 Punkte vergeben zu koennen.
+
+Wir freuen uns auf Eure Mithilfe.
+
+
+Wiki Organisationsseite: [http://wiki.cacert.org/events/BLIT2011]
+
+Kontakt: events@cacert.org
diff --git a/scripts/37de-blit2011-mail.php.txt b/scripts/37de-blit2011-mail.php.txt
new file mode 100644 (file)
index 0000000..e0ecead
--- /dev/null
@@ -0,0 +1,106 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2009  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+       include_once("../includes/mysql.php");
+
+       $lines = "";
+       $fp = fopen("37de-blit2011-email.txt", "r");
+       while(!feof($fp))
+       {
+               $line = trim(fgets($fp, 4096));
+               $lines .= wordwrap($line, 75, "\n")."\n";
+       }
+       fclose($fp);
+
+
+//     $locid = intval($_REQUEST['location']);
+//     $maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km]
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld  
+//   $locid = 715191;        // Hamburg    
+//   $locid = 1102495;       // London     
+//   $locid = 520340;        // Duesseldorf
+//   $locid = 1260319;       // Muenchen   
+//   $locid = 606058;        // Frankfurt  
+//   $locid = 1775784;       // Stuttgart  
+//   $locid = 228950;        // Berlin  
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin  
+//     $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, US
+//       $locid = 1486658;       // Potsdam
+//       $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//       $locid = 2094781;       // Mission Hills (Los Angeles), California, US
+//       $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark 
+//       $locid = 2257312;       // Sydney, New South Wales, Australia
+//       $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany 
+//       $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany 
+//       $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//       $locid = 2102723;       // Washington (District of Columbia, ..., US
+//       $locid = 2177566;       // New York (Bronx), New York, United States
+
+// BLIT2011  
+       $locid = 1486658;       // Potsdam
+       $eventname = "8. Brandenburger Linux-Infotag 2011 - Potsdam";
+       $city = "5. Nov 2011";
+
+
+       $query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+       $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) + 
+                       (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) * 
+                        COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.* 
+                       FROM `locations`
+                               inner join `users`  on `users`.`locid` = `locations`.`id` 
+                               inner join `alerts` on `users`.`id`=`alerts`.`memid`
+                               inner join `notary` on `users`.`id`=`notary`.`to`
+                       WHERE   (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+                       GROUP BY `users`.`id`
+                       HAVING `distance` <= '$maxdist' 
+                       ORDER BY `distance` ";
+        echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+       $res = mysql_query($query);
+       $xrows = mysql_num_rows($res);
+
+       while($row = mysql_fetch_assoc($res))
+       {
+    //    uncomment next line to send mails ...
+               sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+       }
+  // 1x cc to events.cacert.org
+       sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+       // 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);       
+
+       // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);     
+       echo "invitation sent to $xrows recipients.\n";
+
+?>