Source code taken from cacert-20130906.tar.bz2
authorMichael Tänzer <neo@nhng.de>
Sun, 8 Sep 2013 19:35:14 +0000 (21:35 +0200)
committerMichael Tänzer <neo@nhng.de>
Sun, 8 Sep 2013 19:35:14 +0000 (21:35 +0200)
28 files changed:
includes/account.php
includes/account_stuff.php
includes/notary.inc.php
includes/wot.inc.php [deleted file]
pages/account/10.php
pages/account/12.php
pages/account/13.php
pages/account/16.php
pages/account/18.php
pages/account/20.php
pages/account/22.php
pages/account/3.php
pages/account/43.php
pages/account/5.php
pages/account/50.php
pages/account/6.php
pages/account/8.php
pages/gpg/0.php
pages/gpg/2.php
pages/index/21.php
pages/wot/15.php
pages/wot/4.php
pages/wot/6.php
www/disputes.php
www/gpg.php
www/images/btn_paynowCC_LG.gif
www/images/btn_subscribeCC_LG.gif [new file with mode: 0644]
www/wot.php

index cc2c581..54373b0 100644 (file)
@@ -17,7 +17,8 @@
 */
        require_once("../includes/loggedin.php");
        require_once("../includes/lib/l10n.php");
-       require_once('lib/check_weak_key.php');
+       require_once("../includes/lib/check_weak_key.php");
+       require_once("../includes/notary.inc.php");
 
        loadem("account");
 
@@ -70,9 +71,7 @@
                }
                $oldid=0;
                $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
-               $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
-               $res = mysql_query($query);
-               if(mysql_num_rows($res) > 0)
+               if(check_email_exists($_REQUEST['email'])==true)
                {
                        showheader(_("My CAcert.org Account!"));
                        printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
                                {
                                        $row = mysql_fetch_assoc($res);
                                        echo $row['email']."<br>\n";
-                                       $query = "select `emailcerts`.`id` 
-                                                       from `emaillink`,`emailcerts` where
-                                                       `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
-                                                       `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
-                                                       group by `emailcerts`.`id`";
-                                       $dres = mysql_query($query);
-                                       while($drow = mysql_fetch_assoc($dres))
-                                               mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
-       
-                                       $query = "update `email` set `deleted`=NOW() where `id`='$id'";
-                                       mysql_query($query);
+                                       account_email_delete($row['id']);
                                        $delcount++;
                                }
                        }
 
        if($process != "" && $oldid == 3)
        {
+               if(!array_key_exists('CCA',$_REQUEST))
+               {
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+                       showfooter();
+                       exit;
+               }
+
                if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
                {
                        showheader(_("My CAcert.org Account!"));
                        $_REQUEST['keytype'] = "MS";
                        $csr = clean_csr($_REQUEST['optionalCSR']);
                }
+               if(trim($_REQUEST['description']) != ""){
+                       $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $_SESSION['_config']['description']= "";
+               }
        }
 
        if($oldid == 4)
                                exit;
                        }
                        
+                       write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
                        $query = "insert into emailcerts set
                                                `CN`='$defaultemail', 
                                                `keytype`='NS',
                                                `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
                                                `codesign`='".intval($_SESSION['_config']['codesign'])."',
                                                `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
-                                               `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
+                                               `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                        mysql_query($query);
                        $emailid = mysql_insert_id();
                        if(is_array($addys))
                        fputs($fp, $emails);
                        fclose($fp);
                        $challenge=$_SESSION['spkac_hash'];
-                        $res=`openssl spkac -verify -in $CSRname`;
-                        if(!strstr($res,"Challenge String: ".$challenge))
-                        {
-                                $id = $oldid;
-                                showheader(_("My CAcert.org Account!"));
-                                echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
-                                showfooter();
-                                exit;
-                        }
+                       $res=`openssl spkac -verify -in $CSRname`;
+                       if(!strstr($res,"Challenge String: ".$challenge))
+                       {
+                               $id = $oldid;
+                               showheader(_("My CAcert.org Account!"));
+                               echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
+                               showfooter();
+                               exit;
+                       }
                        mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
                } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
                        if($csr == "")
                        $csrsubject="";
 
                        $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
-                        if(strlen($user['mname']) == 1)
-                                $user['mname'] .= '.';
+                       if(strlen($user['mname']) == 1)
+                               $user['mname'] .= '.';
                        if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
                                $csrsubject = "/CN=CAcert WoT User";
                        if($_SESSION['_config']['incname'] == 1)
                                                `subject`='".mysql_real_escape_string($csrsubject)."',
                                                `codesign`='".$_SESSION['_config']['codesign']."',
                                                `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
-                                               `rootcert`='".$_SESSION['_config']['rootcert']."'";
+                                               `rootcert`='".$_SESSION['_config']['rootcert']."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                        mysql_query($query);
                        $emailid = mysql_insert_id();
                        if(is_array($addys))
                csrf_check("adddomain");
                if(strstr($_REQUEST['newdomain'],"\x00"))
                {
-                        showheader(_("My CAcert.org Account!"));
-                        echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
-                        showfooter();
-                        exit;
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
+                       showfooter();
+                       exit;
                }
 
                list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
                                {
                                        $row = mysql_fetch_assoc($res);
                                        echo $row['domain']."<br>\n";
-                                       
-                                       $dres = mysql_query(
-                                               "select `domaincerts`.`id`
-                                                       from `domaincerts`
-                                                       where `domaincerts`.`domid` = '$id'
-                                               union distinct
-                                               select `domaincerts`.`id`
-                                                       from `domaincerts`, `domlink`
-                                                       where `domaincerts`.`id` = `domlink`.`certid`
-                                                       and `domlink`.`domid` = '$id'");
-                                       while($drow = mysql_fetch_assoc($dres))
-                                       {
-                                               mysql_query(
-                                                       "update `domaincerts`
-                                                               set `revoked`='1970-01-01 10:00:01'
-                                                               where `id` = '".$drow['id']."'
-                                                               and `revoked` = 0
-                                                               and UNIX_TIMESTAMP(`expire`) -
-                                                                               UNIX_TIMESTAMP() > 0");
-                                       }
-                                       
-                                       mysql_query(
-                                               "update `domains`
-                                                       set `deleted`=NOW()
-                                                       where `id` = '$id'");
+                                       account_domain_delete($row['id']);
                                }
+
                        }
                }
                else
 
        if($process != "" && $oldid == 10)
        {
+               if(!array_key_exists('CCA',$_REQUEST))
+               {
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+                       showfooter();
+                       exit;
+               }
+
                $CSR = clean_csr($_REQUEST['CSR']);
                if(strpos($CSR,"---BEGIN")===FALSE)
                {
-                 // In case the CSR is missing the ---BEGIN lines, add them automatically:
-                 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
+                       // In case the CSR is missing the ---BEGIN lines, add them automatically:
+                       $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
                }
                
                if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
                        exit;
                }
                
+               if(trim($_REQUEST['description']) != ""){
+                       $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $_SESSION['_config']['description']= "";
+               }
+
                $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
                $fp = fopen($_SESSION['_config']['tmpfname'], "w");
                fputs($fp, $CSR);
                $subject = "";
                $count = 0;
                $supressSAN=0;
-                if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
+               if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
 
                if(is_array($_SESSION['_config']['rows']))
                        foreach($_SESSION['_config']['rows'] as $row)
                if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
                        $_SESSION['_config']['rootcert'] = 1;
 
+               write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
                if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
                {
                        $query = "insert into `domaincerts` set 
                                                `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
                                                `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
                                                `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
-                                               `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
+                                               `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
                        $query = "insert into `domaincerts` set 
                                                `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
                                                `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
                                                `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
-                                               `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
+                                               `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                } else {
                        showheader(_("My CAcert.org Account!"));
                        echo _("Domain not verified.");
                                                `modified`=NOW(), 
                                                `rootcert`='".$row['rootcert']."',
                                                `type`='".$row['type']."',
-                                               `pkhash`='".$row['pkhash']."'";
+                                               `pkhash`='".$row['pkhash']."',
+                                               `description`='".$row['description']."'";
                                mysql_query($query);
                                $newid = mysql_insert_id();
                                $newfile=generatecertpath("csr","server",$newid);
                exit;
        }
 
+       if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+       {
+               showheader(_("My CAcert.org Account!"));
+               foreach($_REQUEST as $id => $val)
+               {
+                       if(substr($id,0,14)=="check_comment_")
+                       {
+                               $cid = intval(substr($id,14));
+                               $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+                               mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
+                       }
+               }
+               echo(_("Certificate settings have been changed.")."<br/>\n");
+               showfooter();
+               exit;
+       }
+
+
        if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
        {
                showheader(_("My CAcert.org Account!"));
                                                `modified`=NOW(),
                                                `disablelogin`='".$row['disablelogin']."',
                                                `codesign`='".$row['codesign']."',
-                                               `rootcert`='".$row['rootcert']."'";
+                                               `rootcert`='".$row['rootcert']."',
+                                               `description`='".$row['description']."'";
                                mysql_query($query);
                                $newid = mysql_insert_id();
                                $newfile=generatecertpath("csr","client",$newid);
 
        if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
        {
-         showheader(_("My CAcert.org Account!"));
-         //echo _("Now changing the settings for the following certificates:")."<br>\n";
-         foreach($_REQUEST as $id => $val)
-         {
-           //echo $id."<br/>";
-           if(substr($id,0,5)=="cert_")
-           {
-             $id = intval(substr($id,5));
-             $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
-             //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
-             mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
-             //$row = mysql_fetch_assoc($res);
-           }
-         }
-         echo(_("Certificate settings have been changed.")."<br/>\n");
-         showfooter();
-         exit;
+               showheader(_("My CAcert.org Account!"));
+               foreach($_REQUEST as $id => $val)
+               {
+                       if(substr($id,0,5)=="cert_")
+                       {
+                               $cid = intval(substr($id,5));
+                               $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
+                               mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+                       }
+                       if(substr($id,0,14)=="check_comment_")
+                       {
+                               $cid = intval(substr($id,14));
+                               if(!empty($_REQUEST['check_comment_'.$cid])) {
+                                       $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+                                       mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+                               }
+                       }
+               }
+               echo(_("Certificate settings have been changed.")."<br/>\n");
+               showfooter();
+               exit;
        }
 
 
+       if($oldid == 6 && $_REQUEST['certid'] != "")
+       {
+               if(trim($_REQUEST['description']) != ""){
+                       $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $description= "";
+               }
+
+               if(trim($_REQUEST['disablelogin']) == "1"){
+                       $disablelogin = 1;
+               }else{
+                       $disablelogin = 0;
+               }
+
+               mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
+       }
+
        if($oldid == 13 && $process != "")
        {
                csrf_check("perschange");
                $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
                $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
 
-                if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
-                        $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
-                        $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
-                        $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
-                        $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
-                        $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
-                        $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
-                        $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
-                        $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
-                        $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
-                {
-                        $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
-                        $id = $oldid;
+               if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
+                               $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
+                               $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
+                               $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
+                               $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
+                               $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
+                               $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
+                               $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
+                               $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
+                               $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
+               {
+                       $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
+                       $id = $oldid;
                        $oldid=0;
-                }
+               }
 
                if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
                        $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
                }
                $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
                $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
+
+
+               if(trim($_REQUEST['description']) != ""){
+                       $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $_SESSION['_config']['description']= "";
+               }
        }
 
        if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
                if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
                        $_SESSION['_config']['rootcert'] = 1;
 
+               if(trim($_REQUEST['description']) != ""){
+                       $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $_SESSION['_config']['description']= "";
+               }
+
                if(@count($_SESSION['_config']['emails']) > 0)
                        $id = 17;
        }
                        if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
                                $_SESSION['_config']['rootcert'] = 1;
 
+
                        $emails .= "SPKAC = $spkac";
                        if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
                        {
                                                `orgid`='".$org['orgid']."',
                                                `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
                                                `codesign`='".$_SESSION['_config']['codesign']."',
-                                               `rootcert`='".$_SESSION['_config']['rootcert']."'";
+                                               `rootcert`='".$_SESSION['_config']['rootcert']."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                        mysql_query($query);
                        $emailid = mysql_insert_id();
 
                        fputs($fp, $emails);
                        fclose($fp);
                        $challenge=$_SESSION['spkac_hash'];
-                        $res=`openssl spkac -verify -in $CSRname`;
-                        if(!strstr($res,"Challenge String: ".$challenge))
-                        {
-                                $id = $oldid;
-                                showheader(_("My CAcert.org Account!"));
-                                echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
-                                showfooter();
-                                exit;
-                        }
+                       $res=`openssl spkac -verify -in $CSRname`;
+                       if(!strstr($res,"Challenge String: ".$challenge))
+                       {
+                               $id = $oldid;
+                               showheader(_("My CAcert.org Account!"));
+                               echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
+                               showfooter();
+                               exit;
+                       }
                        mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
                } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
                        $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
                                                `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
                                                `subject`='$csrsubject',
                                                `codesign`='".$_SESSION['_config']['codesign']."',
-                                               `rootcert`='".$_SESSION['_config']['rootcert']."'";
+                                               `rootcert`='".$_SESSION['_config']['rootcert']."',
+                                               `description`='".$_SESSION['_config']['description']."'";
                        mysql_query($query);
                        $emailid = mysql_insert_id();
 
                                                `created`='".$row['created']."', 
                                                `modified`=NOW(),
                                                `codesign`='".$row['codesign']."',
-                                               `rootcert`='".$row['rootcert']."'";
+                                               `rootcert`='".$row['rootcert']."',
+                                               `description`='".$row['description']."'";
                                mysql_query($query);
                                $newid = mysql_insert_id();
                                $newfile=generatecertpath("csr","orgclient",$newid);
                exit;
        }
 
+       if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+       {
+               showheader(_("My CAcert.org Account!"));
+               foreach($_REQUEST as $id => $val)
+               {
+                       if(substr($id,0,14)=="check_comment_")
+                       {
+                               $cid = intval(substr($id,14));
+                               $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+                               mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
+                       }
+               }
+               echo(_("Certificate settings have been changed.")."<br/>\n");
+               showfooter();
+               exit;
+       }
+
+
        if($process != "" && $oldid == 20)
        {
                $CSR = clean_csr($_REQUEST['CSR']);
                        exit;
                }
                
+               if(trim($_REQUEST['description']) != ""){
+                       $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }else{
+                       $_SESSION['_config']['description']= "";
+               }
+
                $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
                $fp = fopen($_SESSION['_config']['tmpfname'], "w");
                fputs($fp, $CSR);
                        exit;
                }
 
-                if($_SESSION['_config']['rowid']['0'] > 0)
-                {
+               if($_SESSION['_config']['rowid']['0'] > 0)
+               {
                        $query = "select * from `org`,`orginfo` where
                                        `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
                                        `orginfo`.`id`=`org`.`orgid` and
                if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
                        $_SESSION['_config']['rootcert'] = 1;
 
-                if($_SESSION['_config']['rowid']['0'] > 0)
-                {
-                        $query = "insert into `orgdomaincerts` set 
-                                               `CN`='".$_SESSION['_config']['rows']['0']."',
-                                               `orgid`='".$org['id']."',
-                                                `created`=NOW(),
-                                               `subject`='$csrsubject',
-                                               `rootcert`='".$_SESSION['_config']['rootcert']."',
-                                               `type`='$type'";
-                } else {
-                        $query = "insert into `orgdomaincerts` set 
-                                               `CN`='".$_SESSION['_config']['altrows']['0']."',
-                                               `orgid`='".$org['id']."',
-                                                `created`=NOW(),
-                                               `subject`='$csrsubject',
-                                               `rootcert`='".$_SESSION['_config']['rootcert']."',
-                                               `type`='$type'";
-                }
-                mysql_query($query);
+               if($_SESSION['_config']['rowid']['0'] > 0)
+               {
+                       $query = "insert into `orgdomaincerts` set
+                                       `CN`='".$_SESSION['_config']['rows']['0']."',
+                                       `orgid`='".$org['id']."',
+                                       `created`=NOW(),
+                                       `subject`='$csrsubject',
+                                       `rootcert`='".$_SESSION['_config']['rootcert']."',
+                                       `type`='$type',
+                                       `description`='".$_SESSION['_config']['description']."'";
+               } else {
+                       $query = "insert into `orgdomaincerts` set
+                                       `CN`='".$_SESSION['_config']['altrows']['0']."',
+                                       `orgid`='".$org['id']."',
+                                       `created`=NOW(),
+                                       `subject`='$csrsubject',
+                                       `rootcert`='".$_SESSION['_config']['rootcert']."',
+                                       `type`='$type',
+                                       `description`='".$_SESSION['_config']['description']."'";
+               }
+               mysql_query($query);
                $CSRid = mysql_insert_id();
 
                $CSRname=generatecertpath("csr","orgserver",$CSRid);
                                                `modified`=NOW(), 
                                                `subject`='".$row['subject']."', 
                                                `type`='".$row['type']."',
-                                               `rootcert`='".$row['rootcert']."'";
+                                               `rootcert`='".$row['rootcert']."',
+                                               `description`='".$row['description']."'";
                                mysql_query($query);
                                $newid = mysql_insert_id();
                                //echo "NewID: $newid<br/>\n";
                exit;
        }
 
+       if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+       {
+               showheader(_("My CAcert.org Account!"));
+               foreach($_REQUEST as $id => $val)
+               {
+                       if(substr($id,0,14)=="check_comment_")
+                       {
+                               $cid = intval(substr($id,14));
+                               $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+                               mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
+                       }
+               }
+               echo(_("Certificate settings have been changed.")."<br/>\n");
+               showfooter();
+               exit;
+       }
+
+
        if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
                $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
                $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
        }
 
        if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") || 
-                    ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
+                       ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
                        $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
        {
                $id = 53;
                $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
                $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
                $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
-               $lat =  array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
+               $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
                $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
 
                if($locid > 0 && $action == "edit")
                mysql_query($query);
        }
 
+       if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+       {
+               $userid = intval($_REQUEST['userid']);
+               revoke_all_private_cert($userid);
+               $id=43;
+       }
+
        if($oldid == 48 && $_REQUEST['domain'] == "")
        {
                $id = $oldid;
                mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
        }
 
-  if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0)
-  {
-    csrf_check('admsetassuret');
-    $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']);
-    $query = "select * from `users` where `id`='$memid'";
-    $row = mysql_fetch_assoc(mysql_query($query));
-    $ver = !$row['assurer'];
-    mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
-  }
-
-  if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0)
-  {
-    $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
-    $query = "select * from `users` where `id`='$memid'";
-    $row = mysql_fetch_assoc(mysql_query($query));
-    $ver = !$row['assurer_blocked'];
-    mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
-  }
+       if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0)
+       {
+               csrf_check('admsetassuret');
+               $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']);
+               $query = "select * from `users` where `id`='$memid'";
+               $row = mysql_fetch_assoc(mysql_query($query));
+               $ver = !$row['assurer'];
+               mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
+       }
+
+       if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0)
+       {
+               $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
+               $query = "select * from `users` where `id`='$memid'";
+               $row = mysql_fetch_assoc(mysql_query($query));
+               $ver = !$row['assurer_blocked'];
+               mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
+       }
 
        if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0)
        {
        if($oldid == 50 && $process != "")
        {
                $_REQUEST['userid'] = intval($_REQUEST['userid']);
-               $res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'");
-               if(mysql_num_rows($res) > 0)
-               {
-                       $query = "update `domaincerts`,`domains` SET `domaincerts`.`revoked`='1970-01-01 10:00:01'
-                                       WHERE `domaincerts`.`domid` = `domains`.`id` AND `domains`.`memid`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
-                       $query = "update `domains` SET `deleted`=NOW() WHERE `domains`.`memid`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
-                       $query = "update `emailcerts` SET `revoked`='1970-01-01 10:00:01' WHERE `memid`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
-                       $query = "update `email` SET `deleted`=NOW() WHERE `memid`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
-                       $query = "delete from `org` WHERE `memid`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
-                       $query = "update `users` SET `deleted`=NOW() WHERE `id`='".intval($_REQUEST['userid'])."'";
-                       mysql_query($query);
+               if (trim($_REQUEST['arbitrationno'])==""){
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("You did not enter an arbitration number entry.");
+                       showfooter();
+                       exit;
+               }
+               if ( 1 !== preg_match('/^[a-z]\d{8}\.\d+\.\d+$/i',trim($_REQUEST['arbitrationno'])) ) {
+                       showheader(_("My CAcert.org Account!"));
+                       printf(_("'%s' is not a valid arbitration number entry."), sanitizeHTML(trim($_REQUEST['arbitrationno'])));
+                       showfooter();
+                       exit;
+               }
+               if (check_email_exists(trim($_REQUEST['arbitrationno']).'@cacert.org')) {
+                       showheader(_("My CAcert.org Account!"));
+                       printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['arbitrationno'].'@cacert.org'));
+                       showfooter();
+                       exit;
+                }
+               if (check_client_cert_running($_REQUEST['userid'],1) ||
+                       check_server_cert_running($_REQUEST['userid'],1) ||
+                       check_gpg_cert_running($_REQUEST['userid'],1)) {
+                       showheader(_("My CAcert.org Account!"));
+                       printf(_("The CCA retention time for at least one certificate is not over. Can't continue."));
+                       showfooter();
+                       exit;
+               }
+               if (check_is_orgadmin($_REQUEST['userid'],1)) {
+                       showheader(_("My CAcert.org Account!"));
+                       printf(_("The user is listed as Organisation Administrator. Can't continue."));
+                       showfooter();
+                       exit;
                }
+               account_delete($_REQUEST['userid'], trim($_REQUEST['arbitrationno']), $_SESSION['profile']['id']);
        }
 
        if(($id == 51 || $id == 52 || $oldid == 52) && $_SESSION['profile']['tverify'] <= 0)
index b9544e0..dbebf6a 100644 (file)
@@ -172,7 +172,7 @@ function hideall() {
     </div>
     <div class="relatedLinks">
       <h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3>
-      <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
+      <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("View/Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
        if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897)
                echo "<li><a href='sqldump.php'>SQL Dump</a></li>";
        ?></ul>
@@ -281,7 +281,7 @@ function hideall() {
   <div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
        <a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> | <a href="account.php?id=40"><?=_("Contact Us")?></a>
                | &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
-</div>  
-</body>             
+</div>
+</body>
 </html><?
        }
index d6f86a8..37a7ed0 100644 (file)
                return intval($row['list']);
        }
 
+       function get_number_of_ttpassurances ($userid)
+       {
+               $res = query_init ("SELECT count(*) AS `list` FROM `notary`
+                       WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
+               $row = query_getnextrow($res);
+
+               return intval($row['list']);
+       }
+
        function get_number_of_assurees ($userid)
        {
                $res = query_init ("SELECT count(*) AS `list` FROM `notary`
 
        function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
        {
-                $apoints = max($row['points'],$row['awarded']);
+               $apoints = max($row['points'], $row['awarded']);
                $points += $apoints;
                $experience = "&nbsp;";
                $revoked = false;                               # to be coded later (after DB-upgrade)
 
 ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
-       <td class="title"><?=_("Assurer Ranking")?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
-    </tr>
+       <tr>
+               <td class="title"><?=_("Assurer Ranking")?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
+       </tr>
 </table>
 <br/>
 <?
        {
 ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
+       <tr>
 <?
        if ($support == "1")
        {
 ?>
-       <td colspan="10" class="title"><?=$title?></td>
+               <td colspan="10" class="title"><?=$title?></td>
 <?
        } else {
 ?>
-       <td colspan="7" class="title"><?=$title?></td>
-<?     }
+               <td colspan="7" class="title"><?=$title?></td>
+<?
+       }
 ?>
-    </tr>
-    <tr>
-       <td class="DataTD"><strong><?=_("ID")?></strong></td>
-       <td class="DataTD"><strong><?=_("Date")?></strong></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><strong><?=_("ID")?></strong></td>
+               <td class="DataTD"><strong><?=_("Date")?></strong></td>
 <?
        if ($support == "1")
        {
 ?>
-       <td class="DataTD"><strong><?=_("When")?></strong></td>
-       <td class="DataTD"><strong><?=_("Email")?></strong></td>
-<?     } ?>
-       <td class="DataTD"><strong><?=_("Who")?></strong></td>
-       <td class="DataTD"><strong><?=_("Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Location")?></strong></td>
-       <td class="DataTD"><strong><?=_("Method")?></strong></td>
-       <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
+               <td class="DataTD"><strong><?=_("When")?></strong></td>
+               <td class="DataTD"><strong><?=_("Email")?></strong></td>
+<?
+       }
+?>
+               <td class="DataTD"><strong><?=_("Who")?></strong></td>
+               <td class="DataTD"><strong><?=_("Points")?></strong></td>
+               <td class="DataTD"><strong><?=_("Location")?></strong></td>
+               <td class="DataTD"><strong><?=_("Method")?></strong></td>
+               <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
 <?
        if ($support == "1")
        {
 ?>
-       <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
+               <td class="DataTD"><strong><?=_("Revoke")?></strong></td>
 <?
        }
 ?>
-    </tr>
+       </tr>
 <?
        }
 
        function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience,$support)
        {
 ?>
-    <tr>
-       <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td>
-       <td class="DataTD"><?=$points?></td>
-       <td class="DataTD">&nbsp;</td>
-       <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
-       <td class="DataTD"><?=$sumexperience?></td>
+       <tr>
+               <td<?=($support == "1")?' colspan="5"':' colspan="3"'?> class="DataTD"><strong><?=$points_txt?>:</strong></td>
+               <td class="DataTD"><?=$points?></td>
+               <td class="DataTD">&nbsp;</td>
+               <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
+               <td class="DataTD"><?=$sumexperience?></td>
 <?
        if ($support == "1")
        {
 ?>
-       <td class="DataTD">&nbsp;</td>
+               <td class="DataTD">&nbsp;</td>
 <?
        }
 ?>
 
-    </tr>
+       </tr>
 </table>
 <br/>
 <?
        function output_assurances_row($assuranceid,$date,$when,$email,$name,$awarded,$points,$location,$method,$experience,$userid,$support,$revoked)
        {
 
-       $tdstyle="";
-       $emopen="";
-       $emclose="";
+               $tdstyle="";
+               $emopen="";
+               $emclose="";
 
-       if ($awarded == $points)
-       {
-               if ($awarded == "0")
+               if ($awarded == $points)
                {
-                       if ($when < "2006-09-01")
+                       if ($awarded == "0")
                        {
-                               $tdstyle="style='background-color: #ffff80'";
-                               $emopen="<em>";
-                               $emclose="</em>";
+                               if ($when < "2006-09-01")
+                               {
+                                       $tdstyle="style='background-color: #ffff80'";
+                                       $emopen="<em>";
+                                       $emclose="</em>";
+                               }
                        }
                }
-       }
 ?>
-    <tr>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
+       <tr>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
 <?
-       if ($support == "1")
-       {
+               if ($support == "1")
+               {
 ?>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
                <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
-<?     }
+<?
+               }
 ?>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
 <?
-       if ($support == "1")
-       {
-               if ($revoked == true)
+               if ($support == "1")
                {
+                       if ($revoked == true)
+                       {
 ?>
-                       <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
-<?             } else {
+               <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
+<?
+                       } else {
 ?>
-                       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
+               <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
 <?
+                       }
                }
-       }
 ?>
     </tr>
 <?
        {
 ?>
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
-       <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><strong><?=_("Description")?></strong></td>
-       <td class="DataTD"><strong><?=_("Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Remark")?></strong></td>
+       <tr>
+               <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><strong><?=_("Description")?></strong></td>
+               <td class="DataTD"><strong><?=_("Points")?></strong></td>
+               <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
+               <td class="DataTD"><strong><?=_("Remark")?></strong></td>
     </tr>
 <?
        }
        function output_summary_row($title,$points,$points_countable,$remark)
        {
 ?>
-    <tr>
-       <td class="DataTD"><strong><?=$title?></strong></td>
-       <td class="DataTD"><?=$points?></td>
-       <td class="DataTD"><?=$points_countable?></td>
-       <td class="DataTD"><?=$remark?></td>
-    </tr>
+       <tr>
+               <td class="DataTD"><strong><?=$title?></strong></td>
+               <td class="DataTD"><?=$points?></td>
+               <td class="DataTD"><?=$points_countable?></td>
+               <td class="DataTD"><?=$remark?></td>
+       </tr>
 <?
        }
 
                                break;
                        case 'Unknown':                  // to be revoked in the future? limit to max 50 pts?
                        case 'Trusted Third Parties':        // to be revoked in the future? limit to max 35 pts?
+                       case 'TTP-Assisted':         // TTP assurances, limit to 35
+                       case 'TOPUP':        // TOPUP to be delevoped in the future, limit to 30
                        case '':                                // to be revoked in the future? limit to max 50 pts?
                        case 'Face to Face Meeting':        // normal assurances, limit to 35/50 pts in the future?
                                break;
                return $issue_points;
        }
 
-       function output_given_assurances($userid,$support)
+       function output_given_assurances($userid,$support=0)
        {
                output_assurances_header(_("Assurance Points You Issued"),$support);
                output_given_assurances_content($userid,$points,$sum_experience,$support);
                output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
        }
 
-       function output_received_assurances($userid,$support)
+       function output_received_assurances($userid,$support=0)
        {
                output_assurances_header(_("Your Assurance Points"),$support);
                output_received_assurances_content($userid,$points,$sum_experience,$support);
        <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
 <?
        }
-       
+
        //functions to do with recording user agreements
+       /**
+        * write_user_agreement()
+        * writes a new record to the table user_agreement
+        *
+        * @param mixed $memid
+        * @param mixed $document
+        * @param mixed $method
+        * @param mixed $comment
+        * @param integer $active
+        * @param integer $secmemid
+        * @return
+        */
        function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
        // write a new record to the table user_agreement
-               $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
-                       ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
+               $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
+                       ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
                $res = mysql_query($query);
        }
-       
+
        function get_user_agreement_status($memid, $type="CCA"){
        //returns 0 - no user agreement, 1- at least one entry
-               $query="SELECT u.`document` FROM `user_agreements` u 
+               $query="SELECT u.`document` FROM `user_agreements` u
                        WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) <=0){
        function get_last_user_agreement($memid, $type="CCA"){
        //returns an array (`document`,`date`,`method`, `comment`,`active`)
                $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
- union
- (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
                      union
                      (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
                        $row = mysql_fetch_assoc($res);
                        $rec=array();
                }
                return $rec;
-}
+       }
 
        function delete_user_agreement($memid, $type="CCA"){
        //deletes all entries to an user for the given type of user agreements
                mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
        }
 
+       // functions for 6.php (assure somebody)
+
+       function AssureHead($confirmation,$checkname)
+       {
+?>
+<form method="post" action="wot.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
+       <tr>
+               <td colspan="2" class="title"><?=$confirmation?></td>
+       </tr>
+       <tr>
+               <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+       </tr>
+<?
+       }
+
+       function AssureTextLine($field1,$field2)
+       {
+?>
+       <tr>
+               <td class="DataTD"><?=$field1.(empty($field1)?'':':')?>:</td>
+               <td class="DataTD"><?=$field2?></td>
+       </tr>
+<?
+       }
+
+       function AssureBoxLine($type,$text,$checked)
+       {
+?>
+       <tr>
+               <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
+               <td class="DataTD"><?=$text?></td>
+       </tr>
+<?
+       }
+
+       function AssureMethodLine($text,$methods,$remark)
+       {
+               if (count($methods) != 1) {
+?>
+       <tr>
+               <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
+               <td class="DataTD">
+                       <select name="method">
+<?
+                       foreach($methods as $val) {
+?>
+                               <option value="<?=$val?>"><?=$val?></option>
+<?
+                       }
+?>
+                       </select>
+                       <br />
+                       <?=$remark?>
+               </td>
+       </tr>
+<?
+               } else {
+?>
+       <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>" />
+<?
+               }
+       }
+
+       function AssureInboxLine($type,$field,$value,$description)
+       {
+?>
+       <tr>
+               <td class="DataTD"><?=$field.(empty($field)?'':':')?>:</td>
+               <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+       </tr>
+<?
+       }
+
+       function AssureFoot($oldid,$confirm)
+       {
 ?>
+       <tr>
+               <td class="DataTD" colspan="2">
+                       <input type="submit" name="process" value="<?=$confirm?>" />
+                       <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
+               </td>
+       </tr>
+</table>
+<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
+<input type="hidden" name="oldid" value="<?=$oldid?>" />
+</form>
+<?
+       }
+
+       function account_email_delete($mailid){
+       //deletes an email entry from an acount
+       //revolkes all certifcates for that email address
+       //called from www/account.php if($process != "" && $oldid == 2)
+       //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
+       //called from account_delete
+               $mailid = intval($mailid);
+               revoke_all_client_cert($mailid);
+               $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
+               mysql_query($query);
+       }
+
+       function account_domain_delete($domainid){
+       //deletes an domain entry from an acount
+       //revolkes all certifcates for that domain address
+       //called from www/account.php if($process != "" && $oldid == 9)
+       //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
+       //called from account_delete
+               $domainid = intval($domainid);
+               revoke_all_server_cert($domainid);
+               mysql_query(
+                       "update `domains`
+                       set `deleted`=NOW()
+                       where `id` = '$domainid'");
+       }
+
+       function account_delete($id, $arbno, $adminid){
+       //deletes an account following the deleted account routnie V3
+       // called from www/account.php if($oldid == 50 && $process != "")
+       //change password
+               $id = intval($id);
+               $arbno = mysql_real_escape_string($arbno);
+               $adminid = intval($adminid);
+               $pool = 'abcdefghijklmnopqrstuvwxyz';
+               $pool .= '0123456789!()§';
+               $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+               srand ((double)microtime()*1000000);
+               $password="";
+               for($index = 0; $index < 30; $index++)
+               {
+                       $password .= substr($pool,(rand()%(strlen ($pool))), 1);
+               }
+               mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
+
+       //create new mail for arbitration number
+               $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
+               mysql_query($query);
+               $emailid = mysql_insert_id();
+
+       //set new mail as default
+               $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
+               mysql_query($query);
+
+       //delete all other email address
+               $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       account_email_delete($row['id']);
+               }
+
+       //delete all domains
+               $query = "select `id` from `domains` where `memid`='".$id."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       account_domain_delete($row['id']);
+               }
+
+       //clear alert settings
+               mysql_query(
+                       "update `alerts` set
+                               `general`='0',
+                               `country`='0',
+                               `regional`='0',
+                               `radius`='0'
+                       where `memid`='$id'");
+
+       //set default location
+               $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
+               mysql_query($query);
+
+       //clear listings
+               $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
+               mysql_query($query);
+
+       //set lanuage to default
+               //set default language
+               mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
+               //delete secondary langugaes
+               mysql_query("delete from `addlang` where `userid`='".$id."'");
+
+       //change secret questions
+               for($i=1;$i<=5;$i++){
+                       $q="";
+                       $a="";
+                       for($index = 0; $index < 30; $index++)
+                       {
+                               $q .= substr($pool,(rand()%(strlen ($pool))), 1);
+                               $a .= substr($pool,(rand()%(strlen ($pool))), 1);
+                       }
+                       $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
+                       mysql_query($query);
+               }
+
+       //change personal information to arbitration number and DOB=1900-01-01
+               $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
+               $details = mysql_fetch_assoc(mysql_query($query));
+               $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
+                       `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'";
+               mysql_query($query);
+               $query = "update `users` set `fname`='".$arbno."',
+                       `mname`='".$arbno."',
+                       `lname`='".$arbno."',
+                       `suffix`='".$arbno."',
+                       `dob`='1900-01-01'
+                       where `id`='".$id."'";
+               mysql_query($query);
+
+       //clear all admin and board flags
+               mysql_query(
+                       "update `users` set
+                               `assurer`='0',
+                               `assurer_blocked`='0',
+                               `codesign`='0',
+                               `orgadmin`='0',
+                               `ttpadmin`='0',
+                               `locadmin`='0',
+                               `admin`='0',
+                               `adadmin`='0',
+                               `tverify`='0',
+                               `board`='0'
+                       where `id`='$id'");
+
+       //block account
+               mysql_query("update `users` set `locked`='1' where `id`='$id'");  //, `deleted`=Now()
+       }
+
+
+       function check_email_exists($email){
+       // called from includes/account.php if($process != "" && $oldid == 1)
+       // called from includes/account.php     if($oldid == 50 && $process != "")
+               $email = mysql_real_escape_string($email);
+               $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
+               $res = mysql_query($query);
+               return mysql_num_rows($res) > 0;
+       }
+
+       function check_gpg_cert_running($uid,$cca=0){
+               //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+               // called from includes/account.php     if($oldid == 50 && $process != "")
+               $uid = intval($uid);
+               if (0==$cca) {
+                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
+               }else{
+                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
+               }
+               $res = mysql_query($query);
+               return mysql_num_rows($res) > 0;
+       }
+
+       function check_client_cert_running($uid,$cca=0){
+               //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+               // called from includes/account.php     if($oldid == 50 && $process != "")
+               $uid = intval($uid);
+               if (0==$cca) {
+                       $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
+                       $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
+               }else{
+                       $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400)  and `revoked`<`created`";
+                       $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
+               }
+               $res = mysql_query($query1);
+               $r1 = mysql_num_rows($res)>0;
+               $res = mysql_query($query2);
+               $r2 = mysql_num_rows($res)>0;
+               return !!($r1 || $r2);
+       }
+
+       function check_server_cert_running($uid,$cca=0){
+               //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+               // called from includes/account.php     if($oldid == 50 && $process != "")
+               $uid = intval($uid);
+               if (0==$cca) {
+                       $query1 = "
+                               select 1 from `domaincerts` join `domains`
+                                       on `domaincerts`.`domid` = `domains`.`id`
+                               where `domains`.`memid` = '$uid'
+                                       and `domaincerts`.`expire` > NOW()
+                                       and `domaincerts`.`revoked` < `domaincerts`.`created`";
+                       $query2 = "
+                               select 1 from `domaincerts` join `domains`
+                                       on `domaincerts`.`domid` = `domains`.`id`
+                               where `domains`.`memid` = '$uid'
+                                       and `revoked`>NOW()";
+               }else{
+                       $query1 = "
+                               select 1 from `domaincerts` join `domains`
+                                       on `domaincerts`.`domid` = `domains`.`id`
+                               where `domains`.`memid` = '$uid'
+                                       and `expire`>(NOW()-90*86400)
+                                       and `revoked`<`created`";
+                       $query2 = "
+                               select 1 from `domaincerts` join `domains`
+                                       on `domaincerts`.`domid` = `domains`.`id`
+                               where `domains`.`memid` = '$uid'
+                                       and `revoked`>(NOW()-90*86400)";
+               }
+               $res = mysql_query($query1);
+               $r1 = mysql_num_rows($res)>0;
+               $res = mysql_query($query2);
+               $r2 = mysql_num_rows($res)>0;
+               return !!($r1 || $r2);
+       }
+
+       function check_is_orgadmin($uid){
+               // called from includes/account.php     if($oldid == 50 && $process != "")
+               $uid = intval($uid);
+               $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
+               $res = mysql_query($query);
+               return mysql_num_rows($res) > 0;
+       }
+
+
+       // revokation of certificates
+       function revoke_all_client_cert($mailid){
+               //revokes all client certificates for an email address
+               $mailid = intval($mailid);
+               $query = "select `emailcerts`.`id`
+                       from `emaillink`,`emailcerts` where
+                       `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
+                       group by `emailcerts`.`id`";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres)){
+                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+               }
+       }
+
+       function revoke_all_server_cert($domainid){
+               //revokes all server certs for an domain
+               $domainid = intval($domainid);
+               $query =
+                       "select `domaincerts`.`id`
+                               from `domaincerts`
+                               where `domaincerts`.`domid` = '$domainid'
+                       union distinct
+                       select `domaincerts`.`id`
+                               from `domaincerts`, `domlink`
+                               where `domaincerts`.`id` = `domlink`.`certid`
+                               and `domlink`.`domid` = '$domainid'";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres))
+               {
+                       mysql_query(
+                       "update `domaincerts`
+                               set `revoked`='1970-01-01 10:00:01'
+                               where `id` = '".$drow['id']."'
+                               and `revoked` = 0");
+               }
+       }
+
+       function revoke_all_private_cert($uid){
+               //revokes all certificates linked to a personal accounts
+               //gpg revokation needs to be added to a later point
+               $uid=intval($uid);
+               $query = "select `id` from `email` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_client_cert($row['id']);
+               }
+
+
+               $query = "select `id` from `domains` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_server_cert($row['id']);
+               }
+       }
+
+       /**
+        * check_date_format()
+        * checks if the date is entered in the right date format YYYY-MM-DD and
+        * if the date is after the 1st January of the given year
+        *
+        * @param mixed $date
+        * @param integer $year
+        * @return
+        */
+       function check_date_format($date, $year=2000){
+               if (!strpos($date,'-')) {
+                       return FALSE;
+               }
+               $arr=explode('-',$date);
+
+               if ((count($arr)!=3)) {
+                       return FALSE;
+               }
+               if (intval($arr[0])<=$year) {
+                       return FALSE;
+               }
+               if (intval($arr[1])>12 or intval($arr[1])<=0) {
+                       return FALSE;
+               }
+               if (intval($arr[2])>31 or intval($arr[2])<=0) {
+                       return FALSE;
+               }
+
+               return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
+
+       }
+
+       /**
+        * check_date_difference()
+        * returns false if the date is larger then today + time diffrence
+        *
+        * @param mixed $date
+        * @param integer $diff
+        * @return
+        */
+       function check_date_difference($date, $diff=1){
+               return (strtotime($date)<=time()+$diff*86400);
+       }
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
deleted file mode 100644 (file)
index 9471bee..0000000
+++ /dev/null
@@ -1,640 +0,0 @@
-<? /*
-    LibreSSL - CAcert web application
-    Copyright (C) 2004-2011  CAcert Inc.
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; version 2 of the License.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ 
-
-       function query_init ($query)
-       {
-               return mysql_query($query);
-       }
-
-       function query_getnextrow ($res)
-       {
-               $row1 = mysql_fetch_assoc($res);
-               return $row1;
-       }
-
-       function query_get_number_of_rows ($resultset)
-       {
-               return intval(mysql_num_rows($resultset));
-       }
-
-       function get_number_of_assurances ($userid)
-       {
-               $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
-               $row = query_getnextrow($res);
-
-               return intval($row['list']);
-       }
-       
-       function get_number_of_ttpassurances ($userid)
-       {
-               $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE (`method`='Trusted Third Parties' or `method`='TTP-Assisted') AND `to`='".intval($userid)."' ");
-               $row = query_getnextrow($res);
-
-               return intval($row['list']);
-       }
-
-       function get_number_of_assurees ($userid)
-       {
-               $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
-               $row = query_getnextrow($res);
-
-               return intval($row['list']);
-       }
-
-       function get_top_assurer_position ($no_of_assurances)
-       {
-               $res = query_init ("SELECT count(*) AS `list` FROM `notary` 
-                       WHERE `method` = 'Face to Face Meeting' 
-                       GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
-               return intval(query_get_number_of_rows($res)+1);
-       }
-
-       function get_top_assuree_position ($no_of_assurees)
-       {
-               $res = query_init ("SELECT count(*) AS `list` FROM `notary`
-                       WHERE `method` = 'Face to Face Meeting'
-                       GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
-               return intval(query_get_number_of_rows($res)+1);
-       }
-
-       function get_given_assurances ($userid)
-       {
-               $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
-               return $res;
-       }
-
-       function get_received_assurances ($userid)
-       {
-               $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
-               return $res;
-       }
-
-       function get_given_assurances_summary ($userid)
-       {
-               $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
-               return $res;
-       }
-       
-       function get_received_assurances_summary ($userid)
-       {
-               $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
-               return $res;
-       }
-
-       function get_user ($userid)
-       {
-               $res = query_init ("select * from `users` where `id`='".intval($userid)."'");
-               return mysql_fetch_assoc($res);
-       }
-
-       function get_cats_state ($userid)
-       {
-
-               $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
-                       WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
-               return mysql_num_rows($res);
-       }
-
-       function calc_experience ($row,&$points,&$experience,&$sum_experience)
-       {
-               $apoints = max($row['points'], $row['awarded']);
-
-               $points += $apoints;
-
-               $experience = "&nbsp;";
-               if ($row['method'] == "Face to Face Meeting")
-               {
-                       $sum_experience = $sum_experience +2;
-                       $experience = "2";
-               }
-               return $apoints;
-       }
-
-       function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
-       {
-               $awarded = calc_points($row);
-
-               if ($awarded > 100)
-               {
-                       $experience = $awarded - 100;           // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
-                       $awarded = 100;
-               }
-               else
-                       $experience = 0;        
-
-               switch ($row['method'])
-               {
-                       case 'Thawte Points Transfer':
-                       case 'CT Magazine - Germany':
-                       case 'Temporary Increase':            // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
-                               $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
-                               $experience=0;
-                               break;
-                       default:
-                               $points += $awarded;
-               }
-               $sumexperience = $sumexperience + $experience;
-       }
-
-
-       function show_user_link ($name,$userid)
-       {
-               $name = trim($name);
-               if($name == "")
-               {
-                       if ($userid == 0)
-                               $name = _("System");
-                       else
-                               $name = _("Deleted account");
-               }
-               else
-                       $name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
-               return $name;
-       }
-
-       function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
-       {
-               $num_of_assurances = get_number_of_assurances (intval($userid));
-               $rank_of_assurer = get_top_assurer_position($num_of_assurances);
-       }
-
-       function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
-       {
-               $num_of_assurees = get_number_of_assurees (intval($userid));
-               $rank_of_assuree = get_top_assuree_position($num_of_assurees);
-       }
-
-
-// ************* html table definitions ******************
-
-       function output_ranking($userid)
-       {
-               get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
-               get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
-
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
-       <td class="title"><?=_("Assurer Ranking")?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
-    </tr>
-</table>
-<br/>
-<?
-       }
-
-       function output_assurances_header($title)
-       {
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
-       <td colspan="7" class="title"><?=$title?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><strong><?=_("ID")?></strong></td>
-       <td class="DataTD"><strong><?=_("Date")?></strong></td>
-       <td class="DataTD"><strong><?=_("Who")?></strong></td>
-       <td class="DataTD"><strong><?=_("Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Location")?></strong></td>
-       <td class="DataTD"><strong><?=_("Method")?></strong></td>
-       <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
-    </tr>
-<?
-       }
-
-       function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
-       {
-?>
-    <tr>
-       <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
-       <td class="DataTD"><?=$points?></td>
-       <td class="DataTD">&nbsp;</td>
-       <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
-       <td class="DataTD"><?=$sumexperience?></td>
-    </tr>
-</table>
-<br/>
-<?
-       }
-
-       function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience)
-       {
-
-       $tdstyle="";
-       $emopen="";
-       $emclose="";
-
-       if ($awarded == $points)
-       {
-               if ($awarded == "0")
-               {
-                       if ($when < "2006-09-01")
-                       {
-                               $tdstyle="style='background-color: #ffff80'";
-                               $emopen="<em>";
-                               $emclose="</em>";
-                       }
-               }
-       }
-
-?>
-    <tr>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
-       <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
-    </tr>
-<?
-       }
-
-       function output_summary_header()
-       {
-?>
-<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-    <tr>
-       <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
-    </tr>
-    <tr>
-       <td class="DataTD"><strong><?=_("Description")?></strong></td>
-       <td class="DataTD"><strong><?=_("Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
-       <td class="DataTD"><strong><?=_("Remark")?></strong></td>
-    </tr>
-<?
-       }
-
-       function output_summary_footer()
-       {
-?>
-</table>
-<br/>
-<?
-       }
-
-       function output_summary_row($title,$points,$points_countable,$remark)
-       {
-?>
-    <tr>
-       <td class="DataTD"><strong><?=$title?></strong></td>
-       <td class="DataTD"><?=$points?></td>
-       <td class="DataTD"><?=$points_countable?></td>
-       <td class="DataTD"><?=$remark?></td>
-    </tr>
-<?
-       }
-
-
-// ************* output given assurances ******************
-
-       function output_given_assurances_content($userid,&$points,&$sum_experience)
-       {
-               $points = 0;
-               $sumexperience = 0;
-               $res = get_given_assurances(intval($userid));
-               while($row = mysql_fetch_assoc($res))
-               {
-                       $fromuser = get_user (intval($row['to'])); 
-                       $apoints = calc_experience ($row,$points,$experience,$sum_experience);
-                       $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
-               }
-       }
-
-// ************* output received assurances ******************
-
-       function output_received_assurances_content($userid,&$points,&$sum_experience)
-       {
-               $points = 0;
-               $sumexperience = 0;
-               $res = get_received_assurances(intval($userid));
-               while($row = mysql_fetch_assoc($res))
-               {
-                       $fromuser = get_user (intval($row['from']));
-                       calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
-                       $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
-                       output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
-               }
-       }
-
-// ************* output summary table ******************
-
-       function check_date_limit ($userid,$age)
-       {
-               $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
-               $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
-               return intval(query_get_number_of_rows($res));
-       }
-
-       function calc_points($row)
-       {
-               $awarded = intval($row['awarded']);
-               if ($awarded == "")
-                       $awarded = 0;
-               if (intval($row['points']) < $awarded)
-                       $points = $awarded;      // if 'sum of added points' > 100, awarded shows correct value
-               else
-                       $points = intval($row['points']);       // on very old assurances, awarded is '0' instead of correct value
-               switch ($row['method'])
-               {
-                       case 'Thawte Points Transfer':    // revoke all Thawte-points     (as per arbitration)
-                       case 'CT Magazine - Germany':      // revoke c't                   (only one test-entry)
-                       case 'Temporary Increase':            // revoke 'temporary increase'  (Current usage breaks audit aspects, needs to be reimplemented)
-                               $points = 0;
-                               break;
-                       case 'Administrative Increase':  // ignore AI with 2 points or less (historical for experiance points, now other calculation)
-                               if ($points <= 2)              // maybe limit to 35/50 pts in the future?
-                                       $points = 0;
-                               break;
-                       case 'Unknown':                  // to be revoked in the future? limit to max 50 pts?
-                       case 'Trusted Third Parties':        // to be revoked in the future? limit to max 35 pts?
-                       case 'TTP-Assisted':         // TTP assurances, limit to 35
-                       case 'TOPUP':        // TOPUP to be delevoped in the future, limit to 30
-                       case '':                                // to be revoked in the future? limit to max 50 pts?
-                       case 'Face to Face Meeting':        // normal assurances, limit to 35/50 pts in the future?
-                               break;
-                       default:                                // should never happen ... ;-)
-                               $points = 0;
-               }
-               if ($points < 0)                                // ignore negative points (bug needs to be fixed)
-                       $points = 0;
-               return $points;
-       }
-
-       function max_points($userid)
-       {
-               return output_summary_content ($userid,0);
-       }
-
-       function output_summary_content($userid,$display_output)
-       {
-               $sum_points = 0;
-               $sum_experience = 0;
-               $sum_experience_other = 0;
-               $max_points = 100;
-               $max_experience = 50;
-
-               $experience_limit_reached_txt = _("Limit reached");
-
-               if (check_date_limit($userid,18) != 1)
-               {
-                       $max_experience = 10;
-                       $experience_limit_reached_txt = _("Limit given by PoJAM reached");
-               }
-               if (check_date_limit($userid,14) != 1)
-               {
-                       $max_experience = 0;
-                       $experience_limit_reached_txt = _("Limit given by PoJAM reached");
-               }
-
-               $res = get_received_assurances_summary($userid);
-               while($row = mysql_fetch_assoc($res))
-               {
-                       $points = calc_points ($row);
-
-                       if ($points > $max_points)                      // limit to 100 points, above is experience (needs to be fixed)
-                       {
-                               $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
-                               $points = $max_points;
-                       }
-                       $sum_points += $points*intval($row['number']);
-               }
-
-               $res = get_given_assurances_summary($userid);
-               while($row = mysql_fetch_assoc($res))
-               {
-                       switch ($row['method'])
-                       {
-                               case 'Face to Face Meeting':                    // count Face to Face only
-                                       $sum_experience += 2*intval($row['number']);
-                                       break;
-                       }
-
-               }
-
-               if ($sum_points > $max_points)
-                       {
-                       $sum_points_countable = $max_points;
-                       $remark_points = _("Limit reached");
-                       }
-               else
-                       {
-                       $sum_points_countable = $sum_points;
-                       $remark_points = "&nbsp;";
-                       }
-               if ($sum_experience > $max_experience)
-                       {
-                       $sum_experience_countable = $max_experience;
-                       $remark_experience = $experience_limit_reached_txt;
-                       }
-               else
-                       {
-                       $sum_experience_countable = $sum_experience;
-                       $remark_experience = "&nbsp;";
-                       }
-
-               if ($sum_experience_countable + $sum_experience_other > $max_experience)
-                       {
-                       $sum_experience_other_countable = $max_experience-$sum_experience_countable;
-                       $remark_experience_other = $experience_limit_reached_txt;
-                       }
-               else
-                       {
-                       $sum_experience_other_countable = $sum_experience_other;
-                       $remark_experience_other = "&nbsp;";
-                       }
-
-               if ($sum_points_countable < $max_points)
-                       {
-                       if ($sum_experience_countable != 0)
-                               $remark_experience = _("Points on hold due to less assurance points");
-                       $sum_experience_countable = 0;
-                       if ($sum_experience_other_countable != 0)
-                               $remark_experience_other = _("Points on hold due to less assurance points");
-                       $sum_experience_other_countable = 0;
-                       }
-
-               $issue_points = 0;
-               $cats_test_passed = get_cats_state ($userid);
-               if ($cats_test_passed == 0)
-               {
-                       $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
-                       if ($sum_points_countable < $max_points)
-                       {
-                               $issue_points_txt = "<strong style='color: red'>";
-                               $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
-                               $issue_points_txt .= "</strong>";
-                       }
-               }
-               else
-               {
-                       $experience_total = $sum_experience_countable+$sum_experience_other_countable;
-                       $issue_points_txt = "";
-                       if ($sum_points_countable == $max_points)
-                               $issue_points = 10;
-                       if ($experience_total >= 10)
-                               $issue_points = 15;
-                       if ($experience_total >= 20)
-                               $issue_points = 20;
-                       if ($experience_total >= 30)
-                               $issue_points = 25;
-                       if ($experience_total >= 40)
-                               $issue_points = 30;
-                       if ($experience_total >= 50)
-                               $issue_points = 35;
-                       if ($issue_points != 0)
-                               $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
-               }
-               if ($display_output)
-               {
-                       output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
-                       output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
-                       output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
-                       output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
-               }
-               return $issue_points;
-       }
-
-       function output_given_assurances($userid)
-       {
-               output_assurances_header(_("Assurance Points You Issued"));
-               output_given_assurances_content($userid,$points,$sum_experience);
-               output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
-       }
-
-       function output_received_assurances($userid)
-       {
-               output_assurances_header(_("Your Assurance Points"));
-               output_received_assurances_content($userid,$points,$sum_experience);
-               output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
-       }
-
-       function output_summary($userid)
-       {
-               output_summary_header();
-               output_summary_content($userid,1);
-               output_summary_footer();
-       }
-
-       function output_end_of_page()
-       {
-?>
-       <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
-<?
-       }
-
-// functions for 6.php (assure somebody)
-
-function AssureHead($confirmation,$checkname)
-{
-?>
-<form method="post" action="wot.php">
-       <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
-       <tr>
-               <td colspan="2" class="title"><?=$confirmation?></td>
-       </tr>
-       <tr>
-               <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
-       </tr>
-<?
- } 
-
-function AssureTextLine($field1,$field2)
-{
-?>
-       <tr>
-               <td class="DataTD"><?=$field1?>:</td>
-               <td class="DataTD"><?=$field2?></td>
-       </tr>
-<?
-}
-
-function AssureCCABoxLine($type,$text)
-{
-       return;
-       AssureBoxLine($type,$text);
-}
-
-function AssureBoxLine($type,$text,$checked)
-{
-?>
-       <tr>
-               <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
-               <td class="DataTD"><?=$text?></td>
-       </tr>
-<?
-}
-
-function AssureMethodLine($text,$methods,$remark)
-{
-       if (count($methods) != 1)
-       {
-?>
-       <tr>
-               <td class="DataTD"><?=$text?></td>
-               <td class="DataTD">
-                       <select name="method">
-<?
-                       foreach($methods as $val) { ?>
-                               <option value="<?=$val?>"> <?=$val?></option>
-
-<? } ?>
-                       </select>
-                       </br><?=$remark?>
-               </td>
-       </tr>
-<?
-       } else {
-?>
-       <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
-<?
-       }
-}
-
-function AssureInboxLine($type,$field,$value,$description)
-{
-?>
-       <tr>
-               <td class="DataTD"><?=$field?>:</td>
-               <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
-       </tr>
-<?
-}
-
-function AssureFoot($oldid,$confirm)
-{?>
-       <tr>
-               <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
-       </tr>
-       </table>
-       <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
-       <input type="hidden" name="oldid" value="<?=$oldid?>">
-</form>
-<?
-}
-
index a394695..6371f76 100644 (file)
 
 <form method="post" action="account.php">
 <? if($_SESSION['profile']['points'] >= 50) { ?>
-<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
-<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<input type="radio" name="rootcert" value="1"/> <?=_("Sign by class 1 root certificate")?><br />
+<input type="radio" name="rootcert" value="2" checked/> <?=_("Sign by class 3 root certificate")?><br />
 <p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
 <? } ?>
+<p><?=_("Optional comment, only used in the certifictate overview")?><br>
+       <input type="text" name="description" maxlength="80" size=80/></p>
 <p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<textarea name="CSR" cols="80" rows="15"></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+  <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
 </form>
index fa8b41a..6d85cdc 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
-       <td class="DataTD"><?=_("SerialNumber")?></td>
+    <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
+    <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
   </tr>
 <?
        $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
                        UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
                        `domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
-                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
+                       UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
+                       `domaincerts`.`description`
                        from `domaincerts`,`domains`
                        where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
        if($viewall != 1)
@@ -49,7 +51,7 @@
        {
 ?>
   <tr>
-    <td colspan="6" class="DataTD"><?=_("No certificates are currently listed.")?></td>
+    <td colspan="8" class="DataTD"><?=_("No certificates are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
                        $verified = _("Pending");
                if($row['revoked'] > 0)
                        $verified = _("Revoked");
-                if($row['revoked'] == 0)
-                        $row['revoke'] = _("Not Revoked");
+               if($row['revoked'] == 0)
+                       $row['revoke'] = _("Not Revoked");
 ?>
   <tr>
 <? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
-    <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
+    <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
 <? } else if($verified != _("Revoked")) { ?>
-    <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
+    <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
 <? } else { ?>
     <td class="DataTD">&nbsp;</td>
 <? } ?>
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
-       <td class="DataTD"><?=$row['serial']?></td>
+    <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
+    <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+    <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
+    <td class="DataTD" colspan="8">
+      <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+    </td>
+  </tr>
+  <tr>
+    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>"/>&#160;&#160;&#160;&#160;
            <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+       <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"/> </td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="6"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+    <td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
   </tr>
 </table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>" />
+<input type="hidden" name="oldid" value="<?=$id?>"/>
+<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/>
 </form>
index c2b7cc5..1c1cfc6 100644 (file)
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
 <?
-        $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
-        $res = mysql_query($query);
-        $user = mysql_fetch_assoc($res);
+  $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
+  $res = mysql_query($query);
+  $user = mysql_fetch_assoc($res);
 
-       $year = intval(substr($user['dob'], 0, 4));
-       $month = intval(substr($user['dob'], 5, 2));
-       $day = intval(substr($user['dob'], 8, 2));
+  $year = intval(substr($user['dob'], 0, 4));
+  $month = intval(substr($user['dob'], 5, 2));
+  $day = intval(substr($user['dob'], 8, 2));
+  $showdetails = array_key_exists('showdetails', $_REQUEST) && !!intval($_REQUEST['showdetails']);
+  if($showdetails){
+    $body  = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
+    $body .= _("You receive this automatic mail since you yourself or someone ".
+      "else looked up your secret questions and answers for a forgotten ".
+      "password.\n\n".
+      "If it was you who looked up or changed that data, or clicked ".
+      "through the menu in your account, everything is in best order ".
+      "and you can ignore this mail.\n\n".
+      "But if you received this mail without a recognisable reason, ".
+      "there is a danger that an unauthorised person accessed your ".
+      "account, and you should promptly change your password and your ".
+      "secret questions and answers.")."\n\n";
 
-       $body  = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
-       $body .= _("You receive this automatic mail since you yourself or someone ".
-                       "else looked up your secret questions and answers for a forgotten ".
-                       "password.\n\n".
-                       "If it was you who looked up or changed that data, or clicked ".
-                       "through the menu in your account, everything is in best order ".
-                       "and you can ignore this mail.\n\n".
-                       "But if you received this mail without a recognisable reason, ".
-                       "there is a danger that an unauthorised person accessed your ".
-                       "account, and you should promptly change your password and your ".
-                       "secret questions and answers.")."\n\n";
+    $body .= _("Best regards")."\n"._("CAcert Support");
 
-       $body .= _("Best regards")."\n"._("CAcert Support");
-
-       sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+    sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+  }
 ?>
+
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
   <tr>
            (<?=_("dd/mm/yyyy")?>)</td>
     <td class="DataTD"><nobr><select name="day">
 <?
-       for($i = 1; $i <= 31; $i++)
-       {
-               echo "<option";
-               if($day == $i)
-                       echo " selected='selected'";
-               echo ">$i</option>";
-       }
+  for($i = 1; $i <= 31; $i++)
+  {
+    echo "<option";
+    if($day == $i)
+      echo " selected='selected'";
+    echo ">$i</option>";
+  }
 ?>
     </select>
     <select name="month">
 <?
-       for($i = 1; $i <= 12; $i++)
-       {
-               echo "<option value='$i'";
-               if($month == $i)
-                       echo " selected='selected'";
-               echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
-       }
+  for($i = 1; $i <= 12; $i++)
+  {
+    echo "<option value='$i'";
+    if($month == $i)
+      echo " selected='selected'";
+      echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
+  }
 ?>
     </select>
     <input type="text" name="year" value="<?=$year?>" size="4"></nobr>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Date of Birth")?><br>
-           (<?=_("dd/mm/yyyy")?>)</td>
+      (<?=_("dd/mm/yyyy")?>)</td>
     <td class="DataTD"><?=$day?> <?=ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$month,1,1))))?> <?=$year?></td>
   </tr>
 <? } ?>
   <tr>
+    <td colspan="2" class="title"><a href="account.php?id=13&amp;showdetails=<?=!$showdetails?>"><?=_("View secret question & answers and OTP phrases")?></a></td>
+  </tr>
+  <? if($showdetails){ ?>
+  <tr>
    <td class="DataTD"><?=_("OTP Hash")?><br>
-           (<?=_("Not displayed")?>)</td>
+    (<?=_("Not displayed")?>)</td>
    <td class="DataTD"><input type="text" name="otphash"></td>
   </tr>
   <tr>
    <td class="DataTD"><?=_("OTP PIN")?><br>
-           (<?=_("Not displayed")?>)</td>
+    (<?=_("Not displayed")?>)</td>
    <td class="DataTD"><input type="text" name="otppin"></td>
   </tr>
   <tr>
     <td class="DataTD"><input type="text" name="A5" value="<?=sanitizeHTML($user['A5'])?>"></td>
   </tr>
   <tr>
+  <? } ?>
     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
   </tr>
 </table>
index 514ecfd..6f055d7 100644 (file)
        foreach($_SESSION['_config']['emails'] as $val) { ?>
   <tr>
     <td class="DataTD"><?=_("Email")?>:</td>
-    <td class="DataTD"><input type="text" name="emails[]" value="<?=$val?>"></td>
+    <td class="DataTD"><input type="text" name="emails[]" value="<?=$val?>"/></td>
   </tr>
 <? } ?>
   <tr>
     <td class="DataTD"><?=_("Email")?>:</td>
-    <td class="DataTD"><input type="text" name="emails[]"></td>
+    <td class="DataTD"><input type="text" name="emails[]"/></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Name")?>:</td>
-    <td class="DataTD"><input type="text" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"></td>
+    <td class="DataTD"><input type="text" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Department")?>:</td>
-    <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?($_SESSION['_config']['OU']):''?>"></td>
+    <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?($_SESSION['_config']['OU']):''?>"/></td>
   </tr>
   <tr>
     <td class="DataTD" colspan="2" align="left">
-        <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
-        <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
+        <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
+        <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
         <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 60))?>
     </td>
   </tr>
     <td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td>
   </tr>
 <? } ?>
+   <tr>
+   <td class="DataTD" colspan="2" align="left">
+      <?=_("Optional comment, only used in the certifictate overview")?><br />
+       <input type="text" name="description" maxlength="80" size=80 />
+   </td>
+  </tr>
   <tr>
     <td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
-                       <input type="submit" name="process" value="<?=_("Next")?>"></td>
+                       <input type="submit" name="process" value="<?=_("Next")?>" /></td>
   </tr>
 </table>
 <input type="hidden" name="oldid" value="<?=$id?>">
index 13dcc30..2fbb8b4 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="6" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="8" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=18&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
-       <td class="DataTD"><?=_("SerialNumber")?></td>
+         <td class="DataTD"><?=_("SerialNumber")?></td>
+               <td class="DataTD"><?=_("Comment")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
 
@@ -35,7 +36,8 @@
                        UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
                        `oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
                        UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
-                       `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`
+                       `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
+                       `oemail`.`description`
                        from `orgemailcerts` as `oemail`, `org`
                        where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
                                `org`.`orgid`=`oemail`.`orgid` ";
@@ -50,7 +52,7 @@
        {
 ?>
   <tr>
-    <td colspan="6" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+    <td colspan="8" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
 <? } ?>
-       <td class="DataTD"><?=$row['serial']?></td>
+         <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
+    <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+    <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
   </tr>
 <? } ?>
   <tr>
+    <td class="DataTD" colspan="8">
+      <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+    </td>
+  </tr>
+  <tr>
     <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
                        <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+    <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
   </tr>
 <? } ?>
 </table>
index 510b708..0187013 100644 (file)
 <p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
 
 <form method="post" action="account.php">
-<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
-<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<input type="radio" name="rootcert" value="1" /> <?=_("Sign by class 1 root certificate")?><br />
+<input type="radio" name="rootcert" value="2" checked /> <?=_("Sign by class 3 root certificate")?><br />
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br />
+       <input type="text" name="description" maxlength="80" size=80 /></p>
 <p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
 <p><?=_("Paste your CSR below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
+<textarea name="CSR" cols="80" rows="15"></textarea><br />
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
+</form>
\ No newline at end of file
index 9df8200..cb40cf2 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="6" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=22&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("CommonName")?></td>
-       <td class="DataTD"><?=_("SerialNumber")?></td>
+    <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
-
+    <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 <?
        $query = "select UNIX_TIMESTAMP(`orgdomaincerts`.`created`) as `created`,
                        UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
@@ -36,7 +36,8 @@
                        `orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
                        UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
                        `orgdomaincerts`.`serial`,
-                        `orgdomaincerts`.`id` as `id`
+                       `orgdomaincerts`.`id` as `id`,
+                       `orgdomaincerts`.`description`
                        from `orgdomaincerts`,`org`
                        where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
        if($viewall != 1)
@@ -51,7 +52,7 @@
        {
 ?>
   <tr>
-    <td colspan="6" class="DataTD"><?=_("No domains are currently listed.")?></td>
+    <td colspan="8" class="DataTD"><?=_("No domains are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
 <? } ?>
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
-       <td class="DataTD"><?=$row['serial']?></td>
+    <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
+    <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+    <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
-           <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+    <td class="DataTD" colspan="8">
+      <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+    </td>
+  </tr>
+  <tr>
+    <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
+           <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
+    <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
   </tr>
 <? } ?>
 </table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
 <input type="hidden" name="csrf" value="<?=make_csrf('orgsrvcerchange')?>" />
 </form>
 <p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
index 5590488..b760c11 100644 (file)
@@ -44,7 +44,7 @@
     <td class="DataTD"><input type="checkbox" name="addid[]" value="<?=intval($row['id'])?>"></td>
     <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
   </tr>
-<? } 
+<? }
 if($_SESSION['profile']['points'] >= 50)
 {
        $fname = $_SESSION['profile']['fname'];
@@ -52,55 +52,68 @@ if($_SESSION['profile']['points'] >= 50)
        $lname = $_SESSION['profile']['lname'];
        $suffix = $_SESSION['profile']['suffix'];
 ?>
-  <tr>
     <td class="DataTD" colspan="2" align="left">
-       <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
-       <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
-       <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
+      <input type="radio" name="rootcert" value="1" checked /> <?=_("Sign by class 1 root certificate")?><br />
+      <input type="radio" name="rootcert" value="2" /> <?=_("Sign by class 3 root certificate")?><br />
+      <?=str_replace("\n", "<br />\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
     </td>
   </tr>
   <tr>
     <td class="DataTD" colspan="2" align="left">
-       <input type="radio" name="incname" value="0" checked> <?=_("No Name")?><br>
-<? if($fname && $lname) { ?><input type="radio" name="incname" value="1"> <?=_("Include")?> '<?=$fname." ".$lname?>'<br><? } ?>
-<? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br><? } ?>
-<? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3"> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br><? } ?>
-<? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br><? } ?>
+      <input type="radio" name="incname" value="0" checked /> <?=_("No Name")?><br />
+      <? if($fname && $lname) { ?><input type="radio" name="incname" value="1" /> <?=_("Include")?> '<?=$fname." ".$lname?>'<br /><? } ?>
+      <? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br /><? } ?>
+      <? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3" /> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br /><? } ?>
+      <? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4" /> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br /><? } ?>
     </td>
   </tr>
-<? } ?> 
+<? } ?>
 <? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
   <tr>
+    <td class="DataTD">
+      <input type="checkbox" name="codesign" value="1" />
+    </td>
     <td class="DataTD" align="left">
-       <input type="checkbox" name="codesign" value="1"> <?=_("Code Signing")?></td>
-    <td class="DataTD" align="left">
-       <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
+      <?=_("Code Signing")?><br />
+      <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
     </td>
   </tr>
 <? } ?>
 
   <tr>
-    <td class="DataTD" colspan="2" align="left">
-      <input type="checkbox" name="login" value="1" checked="checked"> <?=_("Enable certificate login with this certificate")?><br>
+    <td class="DataTD">
+      <input type="checkbox" name="login" value="1" checked="checked" />
+    </td>
+    <td class="DataTD"> <?=_("Enable certificate login with this certificate")?><br />
       <?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?><br/>
     </td>
   </tr>
-
+  <tr>
+   <td class="DataTD" colspan="2" align="left">
+      <?=_("Optional comment, only used in the certifictate overview max. 100 characters")?><br />
+       <input type="text" name="description" maxlength="100" size="100" />
+   </td>
+  </tr>
 
   <tr name="expertoff" style="display:none">
-    <td class="DataTD" colspan="2" align="left">
-      <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)"/><?=_("Show advanced options")?>
+    <td class="DataTD">
+      <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)" />
+    </td>
+    <td class="DataTD">
+      <?=_("Show advanced options")?>
     </td>
   </tr>
 
   <tr name="expert">
     <td class="DataTD" colspan="2" align="left">
-       <input type="radio" name="SSO" value="0" checked> <?=_("No Single Sign On ID")?><br>
-       <input type="radio" name="SSO" value="1"> <?=_("Add Single Sign On ID Information")?><br>
+       <input type="radio" name="SSO" value="0" checked /> <?=_("No Single Sign On ID")?><br />
+       <input type="radio" name="SSO" value="1" /> <?=_("Add Single Sign On ID Information")?><br />
        <?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
        <a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a>
     </td>
   </tr>
+
+
  <tr name="expert">
     <td class="DataTD" colspan="2"><?=_("Optional Client CSR, no information on the certificate will be used")?></td>
  </tr>
@@ -108,10 +121,19 @@ if($_SESSION['profile']['points'] >= 50)
     <td class="DataTD" colspan="2"><textarea name="optionalCSR" cols="80" rows="5"></textarea></td>
  </tr>
  <tr>
-    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+    <td class="DataTD">
+      <input type="checkbox" name="CCA" />
+    </td>
+    <td class="DataTD" align="left">
+      <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+        <?=_("Please Note: You need to accept the CCA to proceed.")?>
+    </td>
+  </tr>
+  <tr>
+    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>" /></td>
   </tr>
 </table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
 </form>
 
 <script language="javascript">
index 234e01a..a942f18 100644 (file)
@@ -100,8 +100,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 
   if(intval($_REQUEST['userid']) > 0)
   {
-    $id = intval($_REQUEST['userid']);
-    $query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
+    $userid = intval($_REQUEST['userid']);
+    $query = "select * from `users` where `users`.`id`='$userid' and `users`.`deleted`=0";
     $res = mysql_query($query);
     if(mysql_num_rows($res) <= 0)
     {
@@ -135,7 +135,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
     <td class="DataTD"><?=_("Last Name")?>:</td>
     <td class="DataTD">  <input type="hidden" name="oldid" value="43">
   <input type="hidden" name="action" value="updatedob">
-  <input type="hidden" name="userid" value="<?=intval($id)?>">
+  <input type="hidden" name="userid" value="<?=intval($userid)?>">
   <input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>"></td>
   </tr>
   <tr>
@@ -786,9 +786,20 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
                <?
        } ?>
        </tr>
+       <tr>
+               <td colspan="6" class="title">
+                       <form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to revoke all private certificates?")?>')) return false;">
+                               <input type="hidden" name="action" value="revokecert">
+                               <input type="hidden" name="oldid" value="43">
+                               <input type="hidden" name="userid" value="<?=intval($userid)?>">
+                               <input type="submit" value="<?=_('revoke certificates')?>">
+                       </form>
+               </td>
+       </tr>
 </table>
 <br>
 
+
 <a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
  (<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
 <br />
@@ -837,7 +848,7 @@ function showassuredto()
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
+    <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
     <td class="DataTD"><?=$points?></td>
     <td class="DataTD" colspan="3">&nbsp;</td>
   </tr>
@@ -883,7 +894,7 @@ function showassuredby()
   </tr>
 <? } ?>
   <tr>
-    <td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
+    <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
     <td class="DataTD"><?=$points?></td>
     <td class="DataTD" colspan="3">&nbsp;</td>
   </tr>
index 5c131ba..9607850 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="7" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+    <td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("Email Address")?></td>
-       <td class="DataTD"><?=_("SerialNumber")?></td>
+    <td class="DataTD"><?=_("SerialNumber")?></td>
     <td class="DataTD"><?=_("Revoked")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
     <td class="DataTD"><?=_("Login")?></td>
-
+    <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 <?
        $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
                        UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
-                       `emailcerts`.`expire` as `expires`, 
+                       `emailcerts`.`expire` as `expires`,
                        `emailcerts`.`revoked` as `revoke`,
-                       UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`, 
+                       UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
                        `emailcerts`.`id`,
                        `emailcerts`.`CN`,
                        `emailcerts`.`serial`,
-                       emailcerts.disablelogin as `disablelogin`
+                       `emailcerts`.`disablelogin` as `disablelogin`,
+                       `emailcerts`.`description`
                        from `emailcerts`
                        where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
                        ";
@@ -56,7 +57,7 @@
        {
 ?>
   <tr>
-    <td colspan="7" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+    <td colspan="10" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
     <td class="DataTD"><?=$verified?></td>
     <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
 <? } ?>
-       <td class="DataTD"><?=$row['serial']?></td>
+    <td class="DataTD"><?=$row['serial']?></td>
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
     <td class="DataTD">
       <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
-      <input type="hidden" name="cert_<?=$row['id']?>" value="1"/>
+      <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
     </td>
+    <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+    <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
   </tr>
-<? } ?>
+    <? } ?>
   <tr>
-    <td class="DataTD" colspan="8">
+    <td class="DataTD" colspan="9">
       <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
     </td>
   </tr>
 
   <tr>
-    <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
-                       <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
+    <td class="DataTD" colspan="9">
+      <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+    </td>
+  </tr>
+
+  <tr>
+    <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
+       <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
 
-    <td class="DataTD" colspan="3"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+    <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
 
   </tr>
 <? } ?>
 </table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
 <input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
 </form>
 <p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
index 1604156..a4c2413 100644 (file)
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="2" class="title"><?=_("Change Password")?></td>
+    <td colspan="2" class="title"><?=_("Delete Account")?></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Email")?>:</td>
     <td class="DataTD"><b><?=sanitizeHTML($_REQUEST['email'])?></b></td>
   </tr>
   <tr>
+    <td class="DataTD"><?=_("New Username from arbitration number + sequence number a20xxyyzz.a.b")?>:</td>
+    <td class="DataTD"><input type="text" name="arbitrationno"></td>
+  </tr>
+  <tr>
     <td class="DataTD" colspan="2"><?=_("Are you sure you want to delete this user, while not actually deleting the account it will completely disable it and revoke any/all certificates currently issued.")?></td>
   </tr>
   <tr>
index 38af8e8..0054b7a 100644 (file)
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<?
-       $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
-
-       $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
-       $res = mysql_query($query);
-       if(mysql_num_rows($res) <= 0)
-       {
-               showheader(_("My CAcert.org Account!"));
-               echo _("No such certificate attached to your account.");
-               showfooter();
-               exit;
+*/
+
+// Get certificate information
+$certid = 0;
+if(array_key_exists('cert',$_REQUEST)) {
+       $certid = intval($_REQUEST['cert']);
+}
+
+$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
+                       UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
+                       UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
+                       `emailcerts`.`expire` as `expires`,
+                       `emailcerts`.`revoked` as `revoke`,
+                       UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
+                       `emailcerts`.`id`,
+                       `emailcerts`.`CN`,
+                       `emailcerts`.`serial`,
+                       `emailcerts`.`disablelogin` as `disablelogin`,
+                       `emailcerts`.`crt_name`,
+                       `emailcerts`.`keytype`,
+                       `emailcerts`.`description`
+               from `emailcerts`
+               where `emailcerts`.`id`='$certid' and
+                       `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+if(mysql_num_rows($res) <= 0) {
+       showheader(_("My CAcert.org Account!"));
+       echo _("No such certificate attached to your account.");
+       showfooter();
+       exit;
+}
+$row = mysql_fetch_assoc($res);
+
+
+if (array_key_exists('format', $_REQUEST)) {
+       // Which output format?
+       if ($_REQUEST['format'] === 'der') {
+               $outform = '-outform DER';
+               $extension = 'cer';
+       } else {
+               $outform = '-outform PEM';
+               $extension = 'crt';
        }
-       $row = mysql_fetch_assoc($res);
 
        $crtname=escapeshellarg($row['crt_name']);
-       $cert = `/usr/bin/openssl x509 -in $crtname`;
-
-       if($row['keytype'] == "NS")
-       {
-               if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
-               {
-                       header("Content-Type: application/x-x509-user-cert");
-                       header("Content-Length: ".strlen($cert));
-                       $fname=sanitizeFilename($row['CN']);
-                       if($fname=="") $fname="certificate";
-                       header('Content-Disposition: inline; filename="'.$fname.'.crt"');
-                       echo $cert;
-                       exit;
-               } else {
-                       showheader(_("My CAcert.org Account!"));
-                       echo "<h3>"._("Installing your certificate")."</h3>\n";
-                       echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n";
-                       echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n";
-                       showfooter();
-                       exit;
-               }
-       } else {
-               showheader(_("My CAcert.org Account!"));
-?>
-<h3><?=_("Installing your certificate")?></h3>
+       $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
 
-<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
+       header("Content-Type: application/pkix-cert");
+       header("Content-Length: ".strlen($cert));
 
-<OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</OBJECT>
-<FORM >
-<INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
-</FORM>
+       $fname = sanitizeFilename($row['CN']);
+       if ($fname=="") $fname="certificate";
+       header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
 
-</P>
+       echo $cert;
+       exit;
 
-<SCRIPT LANGUAGE=VBS>
-   Sub CertInst_OnClick
-      certchain  = _
-<?
-       $lines = explode("\n", $cert);
-       if(is_array($lines))
-       foreach($lines as $line)
-       {
-               $line = trim($line);
-               if($line != "-----END CERTIFICATE-----")
-                       echo "\"$line\" & _\n";
-               else {
-                       echo "\"$line\"\n";
-                       break;
-               }
-       }
-?>
+} elseif (array_key_exists('install', $_REQUEST)) {
+       if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+                       strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
 
-      On Error Resume Next
-
-      Dim obj
-      Set obj=CreateObject("X509Enrollment.CX509Enrollment")
-      If IsObject(obj) Then
-        obj.Initialize(1)
-        obj.InstallResponse 0,certchain,0,""
-        if err.number<>0 then
-          msgbox err.Description
-       else
-         msgbox "<?=_("Certificate installed successfully. Please don't forget to backup now")?>"
-       end if
-      else
-
-
-
-
-      cec.DeleteRequestCert = FALSE
-      err.clear
-
-      cec.WriteCertToCSP = TRUE
-      cec.acceptPKCS7(certchain)
-      if err.number <> 0 Then
-         cec.WriteCertToCSP = FALSE
-      end if
-      err.clear
-      cec.acceptPKCS7(certchain)
-      if err.number <> 0 then
-         errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
-                        "(Error code " & err.number & ")"
-         msgRes   = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
-      else
-         okMsg    = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
-                        "See Tools->Internet Options->Content->Certificates"
-         msgRes   = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
-      end if
-     End If
-   End Sub
-</SCRIPT>
-
-<p><?=_("Your certificate:")?></p>
-<pre><?=$cert?></pre>
-<?
-               showfooter();
+               // Handle IE
+               //TODO
+
+       } else {
+               // All other browsers
+               $crtname=escapeshellarg($row['crt_name']);
+               $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+               header("Content-Type: application/x-x509-user-cert");
+               header("Content-Length: ".strlen($cert));
+
+               $fname = sanitizeFilename($row['CN']);
+               if ($fname=="") $fname="certificate";
+               header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+               echo $cert;
                exit;
        }
+
+} else {
+       showheader(_("My CAcert.org Account!"), _("Install your certificate"));
+       echo '<ul class="no_indent">';
+       echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
+               _("Install the certificate into your browser").
+               "</a></li>\n";
+
+       echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
+               _("Download the certificate in PEM format")."</a></li>\n";
+
+       echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
+               _("Download the certificate in DER format")."</a></li>\n";
+       echo '</ul>';
+
+       // Allow to directly copy and paste the cert in PEM format
+       $crtname=escapeshellarg($row['crt_name']);
+       $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
+       echo "<pre>$cert</pre>";
+
+       ?>
+<form method="post" action="account.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+       <tr>
+               <td colspan="2" class="title"><?=_("Information about the certificate")?></td>
+       </tr>
+<?
+       if($row['timeleft'] > 0)
+               $verified = _("Valid");
+       if($row['timeleft'] < 0)
+               $verified = _("Expired");
+       if($row['expired'] == 0)
+               $verified = _("Pending");
+       if($row['revoked'] > 0)
+               $verified = _("Revoked");
+       if($row['revoked'] == 0)
+               $row['revoke'] = _("Not Revoked");
 ?>
+       <tr>
+               <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
+<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
+               <td class="DataTD"><input type="checkbox" name="revokeid[<?=$row['id']?>]" ></td>
+<? } else if($verified != _("Revoked")) { ?>
+               <td class="DataTD"><input type="checkbox" name="delid[<?=$row['id']?>]"></td>
+<? } else { ?>
+               <td class="DataTD">&nbsp;</td>
+<? } ?>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Status")?></td>
+               <td class="DataTD"><?=$verified?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Email Address")?></td>
+               <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("SerialNumber")?></td>
+               <td class="DataTD"><?=$row['serial']?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Revoked")?></td>
+               <td class="DataTD"><?=$row['revoke']?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Expires")?></td>
+               <td class="DataTD"><?=$row['expires']?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Login")?></td>
+               <td class="DataTD">
+                       <input type="checkbox" name="disablelogin" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
+               </td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Comment")?></td>
+               <td class="DataTD"><input type="text" name="description" maxlength="100" size=100 value="<?=htmlspecialchars($row['description'])?>"></td>
+       </tr>
+       <tr>
+               <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+       </tr>
+</table>
+<input type="hidden" name="oldid" value="6">
+<input type="hidden" name="certid" value="<?=$certid?>">
+</form>
 
+<?
+       showfooter();
+       exit;
+}
index 6b3de01..79448d1 100644 (file)
@@ -25,7 +25,7 @@
   if(is_array($_SESSION['_config']['addy']))
        foreach($_SESSION['_config']['addy'] as $add) { ?>
   <tr>
-    <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?>></td>
+    <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?> /></td>
     <td class="DataTD" width="175"><?=$add?></td>
   </tr>
 <? } ?>
@@ -34,5 +34,5 @@
   </tr>
 </table>
 <input type="hidden" name="csrf" value="<?=make_csrf('ctcinfo')?>" />
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
 </form>
index ce3b72a..f490511 100644 (file)
 ?>
 <p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
 <form method="post" action="gpg.php">
-<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<p><?=_("Optional comment, only used in the certifictate overview")?><br />
+       <input type="text" name="description" maxlength="80" size=80 /></p>
+<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+  <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
+<input type="submit" name="process" value="<?=_("Submit")?>" />
+<input type="hidden" name="oldid" value="<?=$id?>" />
 </form>
index e10935e..cc8a872 100644 (file)
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+<form method="post" action="gpg.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
   <tr>
-    <td colspan="5" class="title"><?=_("OpenPGP Keys")?></td>
+    <td colspan="6" class="title"><?=_("OpenPGP Keys")?></td>
   </tr>
   <tr>
     <td class="DataTD"><?=_("Status")?></td>
     <td class="DataTD"><?=_("Email Address")?></td>
     <td class="DataTD"><?=_("Expires")?></td>
     <td class="DataTD"><?=_("Key ID")?></td>
-
+    <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
 <?
        $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
                        UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
                        UNIX_TIMESTAMP(`expire`) as `expired`,
-                       `expire` as `expires`, `id`, `level`, 
-                       `email`,`keyid` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
+                       `expire` as `expires`, `id`, `level`,
+                       `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
                        ORDER BY `issued` desc";
        $res = mysql_query($query);
        if(mysql_num_rows($res) <= 0)
        {
 ?>
   <tr>
-    <td colspan="5" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
+    <td colspan="6" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
   </tr>
 <? } else {
        while($row = mysql_fetch_assoc($res))
 <? } ?>
     <td class="DataTD"><?=$row['expires']?></td>
     <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
-
+    <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+    <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
   </tr>
 <? } ?>
 <? } ?>
+  <tr>
+    <td class="DataTD" colspan="6">
+      <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+    </td>
+  </tr>
+  <tr>
+    <td class="DataTD" colspan="6"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
+  </tr>
 </table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?=$id?>" />
 </form>
index 0521f67..f07bbb8 100644 (file)
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<? /*
-page called from the following pages 
+*/
+
+/*
+page called from the following pages
  a. https://wiki.cacert.org/Price [^]
  b. https://wiki.cacert.org/CacertMembership/DE [^]
  c. https://wiki.cacert.org/CacertMembership [^]
  d. https://wiki.cacert.org/CAcertInc [^]
- e. https://wiki.cacert.org/Brain/CAcertInc [^] 
- */ ?>
+ e. https://wiki.cacert.org/Brain/CAcertInc [^]
+*/ ?>
+
 <h3><?=_("For CAcert Association Members")?></h3>
 
-<b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b>
-<p><?=_("If not then select this PayPal button to establish annual payment of your US$10 membership fee.")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<p><b><?=_("Have you paid your CAcert Association membership fees for the year?")?></b></p>
+
+<p><?=_("If not then select this PayPal button to establish annual payment of your 10 EUR membership fee.")?></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
 <input type="hidden" name="cmd" value="_s-xclick">
-<input type="image" src="/images/payment2.png" border="0" name="submit" alt="Make payments with PayPal">
-<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHiAYJKoZIhvcNAQcEoIIHeTCCB3UCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAVW/F7PUYp3SMSCdOj1L4lNmZk8TPLmyFBXiYe/dP6bdcsvvx0A58mLC/3j961TCs95gXWqYx5vDD9znDEii5An7weRqtaxFa9B+UplKT2kcQJpi45zsGKzhwtHF/g0aJQdLmzrDYNnWd16UvhuasUIV501LaZB3ykq5j2eDJV/DELMAkGBSsOAwIaBQAwggEEBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJHKnDgLaYrEgIHgjYPDm0r2cH9hexIMEuCuiO9eOIsYxpzC50y9+ZWltUA9Eqp8avPT3ExC4qaw6FS8eo4+UWweESWXpAk3QrNTXgeV+Zf/4RjUEurpkRECinPUCtTgJvs6XLaPU50hAAaV9QmknT4DICcmB7djry0tB1FbLOmnqMyOTpT2pKDuL7r6hgEIAnCyASBtO5E8YJWFgSneQ53PbtT+YuAcVwIOD83wFRDAjlwYhs50VD6ugK07SXxC5I8RFV65PZS/qIiEEBCv7yiXi/U9DK4QG+3ojuxkP6ZjwshGb/99uK1NZCqgggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzExMDMwNzA2NDdaMCMGCSqGSIb3DQEJBDEWBBQQVDeJMeMteu3fuP5xIdpSiYrfLDANBgkqhkiG9w0BAQEFAASBgHIt5M/R6uPXFU0bVQJWcoO++ETE4nPbp+Nz+o7bclXsxIQL+yG5C5vQdpgNeCLuq42sPv+QUuVoMxio6hecCgHewwqAxkrUUr+teGOFSEqpfXBhjWfkUvZLvOy1ix6pSpjLnUu4bbJxaA5eM0gZQDZCJ8nh0HxPScdi5BhVuPSk-----END PKCS7-----
-">
+<input type="hidden" name="hosted_button_id" value="AMCDNMBBDXGA2">
+<input type="image" src="/images/btn_subscribeCC_LG.gif" border="0" name="submit" alt="Subscription payment for membership fee">
 </form>
 
-<p><?=_("To do a single US$10 Membership-Fee Payment, please use this button:")?></p>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<p><?=_("To do a single 10 EUR membership fee payment, please use this button:")?></p>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
 <input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="586280">
-<input type="image" src="/images/btn_paynowCC_LG.gif" border="0" name="submit" alt="">
-</form> 
+<input type="hidden" name="hosted_button_id" value="8F4WL72WX857J">
+<input type="image" src="/images/btn_paynowCC_LG.gif" border="0" name="submit" alt="Single payment for membership fee">
+</form>
 
-<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of US$10 in AU$.")?></p>
+<p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of 10 EUR in AUD.")?></p>
 
 <p><?=_("Please also include your name in the transaction so we know who it came from and send an email to secretary at cacert dot org with the details:")?></p>
 
@@ -49,6 +51,5 @@ page called from the following pages
 <li>Account Name: CAcert Inc</li>
 <li>SWIFT: WPACAU2S</li>
 <li>BSB: 032073</li>
-<li>Account No.: 180264</li>
+<li>Account No: 180264</li>
 </ul>
-<br/><br/>
index 8579588..cca2702 100644 (file)
@@ -16,7 +16,7 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ 
 
-       include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+       require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 
        $userid = intval($_SESSION['profile']['id']);
 
index befdfe4..628e6a5 100644 (file)
@@ -15,7 +15,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
-require_once(dirname(__FILE__).'/../../includes/wot.inc.php');
+require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
 ?>
 
 <h3><?=_("Trusted Third Parties")?></h3>
index 28c1875..1031090 100644 (file)
        $name = $fname." ".$mname." ".$lname." ".$suffix;
        $_SESSION['_config']['wothash'] = md5($name."-".$dob);
 
-       include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
+       require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 
        AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
        AssureTextLine(_("Name"),$name);
        AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
-       AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+       AssureMethodLine(_("Method"),$methods,'');
+       AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person."), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+       AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s has accepted the CAcert Community Agreement."), $fname, $mname, $lname),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);
        AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
-       AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
-       AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+       AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("The date when the assurance took place. Please adjust the date if you assured the person on a different day (YYYY-MM-DD)."));
+       AssureTextLine("",_("Only tick the next box if the Assurance was face to face."));
        AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
-       AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
-       AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+       AssureBoxLine("rules",_("I have read and understood the CAcert Community Agreement (CCA), Assurance Policy and the Assurance Handbook. I am making this Assurance subject to and in compliance with the CCA, Assurance policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
+       AssureTextLine(_("Policy"),"<a href=\"/policy/CAcert Community Agreement.php\" target=\"_blank\">"._("CAcert Community Agreement")."</a> -<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
        AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
-       AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
-       AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
        AssureFoot($id,_("I confirm this Assurance"));
 ?>
index 4944d8c..34a447a 100644 (file)
@@ -17,6 +17,7 @@
 */ ?>
 <?
        require_once("../includes/loggedin.php");
+       require_once("../includes/notary.inc.php");
 
        loadem("account");
 
                        {
                                $row = mysql_fetch_assoc($res);
                                echo $row['email']."<br>\n";
-                               $query = "select `emailcerts`.`id`
-                                               from `emaillink`,`emailcerts` where
-                                               `emailid`='$emailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
-                                               `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
-                                               group by `emailcerts`.`id`";
-                               $dres = mysql_query($query);
-                               while($drow = mysql_fetch_assoc($dres))
-                                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'");
-
-                               $do = `../scripts/runclient`;
-                               $query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'";
-                               mysql_query($query);
+                               account_email_delete($row['id']);
                        }
                        mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");
-                       $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
-                       $rc = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
-                       $res = mysql_query("select * from `users` where `id`='$oldmemid'");
-                       $user = mysql_fetch_assoc($res);
+                       $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
+                       $rc2 = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
+                       $res = mysql_query("select * from `users` where `id`='$oldmemid'");
+                       $user = mysql_fetch_assoc($res);
                        if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email'])
                        {
                                mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'");
                        showheader(_("Domain Dispute"));
                        echo "<p>"._("You have opted to accept this dispute and the request will now remove this domain from the existing account, and revoke any current certificates.")."</p>";
                        echo "<p>"._("The following accounts have been removed:")."<br>\n";
+                       //new account_domain_delete($domainid, $memberID)
                        $query = "select * from `domains` where `id`='$domainid' and deleted=0";
                        $res = mysql_query($query);
                        if(mysql_num_rows($res) > 0)
                        {
-                                echo $_SESSION['_config']['domain']."<br>\n";
-                                mysql_query("update `domains` set `deleted`=NOW() where `id`='$domainid'");
-                               $query = "select * from `domlink` where `domid`='$domainid'";
-                               $res = mysql_query($query);
-                               while($row = mysql_fetch_assoc($res))
-                                       mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
-                               $do = `../scripts/runserver`;
+                               echo $_SESSION['_config']['domain']."<br>\n";
+                               account_domain_delete($domainid);
                        }
                        mysql_query("update `disputedomain` set hash='',action='accept' where `id`='$domainid'");
                        showfooter();
index 345b559..f24d84c 100644 (file)
@@ -17,6 +17,8 @@
 */ ?>
 <?
        require_once("../includes/loggedin.php");
+       require_once("../includes/lib/general.php");
+       require_once('../includes/notary.inc.php');
 
         $id = 0; if(array_key_exists('id',$_REQUEST)) $id=intval($_REQUEST['id']);
        $oldid = $_REQUEST['oldid'] = array_key_exists('oldid',$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
@@ -52,7 +54,7 @@ if(0)
   {
     showheader(_("Welcome to CAcert.org"));
     echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience.";
-  
+
     exit(0);
   }
 }
@@ -82,17 +84,44 @@ function verifyEmail($email)
        $state=0;
        if($oldid == "0" && $CSR != "")
        {
-               $debugkey = $gpgkey = clean_gpgcsr($CSR);
+               if(!array_key_exists('CCA',$_REQUEST))
+               {
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+                       showfooter();
+                       exit;
+               }
 
-               $tnam = tempnam('/tmp/', '__gpg');
-               $fp = fopen($tnam, 'w');
-               fwrite($fp, $gpgkey);
-               fclose($fp);
-               $debugpg = $gpg = trim(`gpg --with-colons --homedir /tmp 2>&1 < $tnam`);
-               unlink($tnam);
+               $err = runCommand('mktemp --directory /tmp/cacert_gpg.XXXXXXXXXX',
+                               "",
+                               $tmpdir);
+               if (!$tmpdir)
+               {
+                       $err = true;
+               }
+
+               if (!$err)
+               {
+                       $err = runCommand("gpg --with-colons --homedir $tmpdir 2>&1",
+                                       clean_gpgcsr($CSR),
+                                       $gpg);
+
+                       `rm -r $tmpdir`;
+               }
+
+               if ($err)
+               {
+                       showheader(_("Welcome to CAcert.org"));
+
+                       echo "<p style='color:#ff0000'>"._("There was an error parsing your key.")."</p>";
+                       unset($_REQUEST['process']);
+                       $id = $oldid;
+                       unset($oldid);
+                       exit();
+               }
 
                $lines = "";
-               $gpgarr = explode("\n", $gpg);
+               $gpgarr = explode("\n", trim($gpg));
                foreach($gpgarr as $line)
                {
                        #echo "Line[]: $line <br/>\n";
@@ -143,7 +172,7 @@ function verifyEmail($email)
                        $uidformatwrong=0;
 
                        if(sizeof($bits)<10) $uidformatwrong=1;
-                       
+
                        if(preg_match("/\@.*\@/",$bits[9]))
                        {
                                showheader(_("Welcome to CAcert.org"));
@@ -251,7 +280,6 @@ function verifyEmail($email)
                }
                $resulttable.="</table>";
 
-
                if($nok==0)
                {
                        showheader(_("Welcome to CAcert.org"));
@@ -261,7 +289,6 @@ function verifyEmail($email)
                        unset($_REQUEST['process']);
                        $id = $oldid;
                        unset($oldid);
-                       $do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`;
                        exit();
                }
                elseif($nerr)
@@ -275,12 +302,22 @@ function verifyEmail($email)
 
        if($oldid == "0" && $CSR != "")
        {
+               write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
+               //set variable for comment
+               if(trim($_REQUEST['description']) == ""){
+                       $description= "";
+               }else{
+                       $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
+               }
+
                $query = "insert into `gpg` set `memid`='".intval($_SESSION['profile']['id'])."',
                                                `email`='".mysql_real_escape_string($lastvalidemail)."',
                                                `level`='1',
                                                `expires`='".mysql_real_escape_string($expires)."',
                                                `multiple`='".mysql_real_escape_string($multiple)."',
-                                               `keyid`='".mysql_real_escape_string($keyid)."'";
+                                               `keyid`='".mysql_real_escape_string($keyid)."',
+                                               `description`='".mysql_real_escape_string($description)."'";
                mysql_query($query);
                $id = mysql_insert_id();
 
@@ -296,7 +333,7 @@ function verifyEmail($email)
                system("gpg --homedir $cwd --import $cwd/gpg.csr");
 
 
-               $debugpg = $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`);
+               $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`);
                $lines = "";
                $gpgarr = explode("\n", $gpg);
                foreach($gpgarr as $line)
@@ -334,7 +371,7 @@ function verifyEmail($email)
                                }
 
                                $mail="";
-                               if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
+                               if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
                                        //echo "Found: ".$match[1];
                                        $mail = trim(hex2bin($match[1]));
                                }
@@ -342,7 +379,7 @@ function verifyEmail($email)
                                {
                                        //echo "Not found!\n";
                                }
-       
+
                                $emailok=verifyEmail($mail);
 
                                $uidid=$bits[7];
@@ -384,95 +421,89 @@ function verifyEmail($email)
                        }
                }
 
+               if(count($ToBeDeleted)>0)
+               {
+                       $descriptorspec = array(
+                               0 => array("pipe", "r"),  // stdin is a pipe that the child will read from
+                               1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
+                               2 => array("pipe", "w") // stderr is a file to write to
+                       );
 
+                       $stderr = fopen('php://stderr', 'w');
 
+                       //echo "Keyid: $keyid\n";
 
-        if(count($ToBeDeleted)>0)
-       {
+                       $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes);
 
+                       //echo "Process: $process\n";
+                       //fputs($stderr,"Process: $process\n");
 
-               $descriptorspec = array(
-                       0 => array("pipe", "r"),  // stdin is a pipe that the child will read from
-                       1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
-                       2 => array("pipe", "w") // stderr is a file to write to
-               );
-               $stderr = fopen('php://stderr', 'w'); 
-
-
-               //echo "Keyid: $keyid\n";
-
-               $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes);
-               //echo "Process: $process\n";
-               //fputs($stderr,"Process: $process\n");
-
-               if (is_resource($process)) {
-               //echo("it is a resource\n");
-               // $pipes now looks like this:
-               // 0 => writeable handle connected to child stdin
-               // 1 => readable handle connected to child stdout
-               // Any error output will be appended to /tmp/error-output.txt
-                       while (!feof($pipes[1])) 
-                       {
-                               $buffer = fgets($pipes[1], 4096);
-                               //echo $buffer;
-
-      if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n")
-      {
-        fputs($pipes[0],"yes\n");
-      }
-      elseif($buffer == "[GNUPG:] GOT_IT\n")
-      {
-      }
-      elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer))
-      {
-        fputs($pipes[0],"yes\n");
-      }
-      elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer))
-      {
-        if(count($ToBeDeleted)>0)
-        {
-         $delthisuid=array_pop($ToBeDeleted);
-         //echo "Deleting an UID $delthisuid\n";
-          fputs($pipes[0],"uid ".$delthisuid."\n");
-        }
-        else
-        {
-         //echo "Saving\n";
-          fputs($pipes[0],$state?"save\n":"deluid\n");
-          $state++;
-        }
-      }
-      elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n")
-      {
-      }
-      elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer))
-      {
-        echo "Key expired!\n";
-       exit;
-      }
-      elseif($buffer == "")
-      {
-        //echo "Empty!\n";
-      }
-      else
-      {
-        echo "ERROR: UNKNOWN $buffer\n";
-      }
+                       if (is_resource($process)) {
+                       //echo("it is a resource\n");
+                       // $pipes now looks like this:
+                       // 0 => writeable handle connected to child stdin
+                       // 1 => readable handle connected to child stdout
+                       // Any error output will be appended to /tmp/error-output.txt
+                               while (!feof($pipes[1]))
+                               {
+                                       $buffer = fgets($pipes[1], 4096);
+                                       //echo $buffer;
+
+                       if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n")
+                       {
+                               fputs($pipes[0],"yes\n");
+                       }
+                       elseif($buffer == "[GNUPG:] GOT_IT\n")
+                       {
+                       }
+                       elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer))
+                       {
+                               fputs($pipes[0],"yes\n");
+                       }
+                       elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer))
+                       {
+                               if(count($ToBeDeleted)>0)
+                               {
+                                       $delthisuid=array_pop($ToBeDeleted);
+                                       //echo "Deleting an UID $delthisuid\n";
+                                       fputs($pipes[0],"uid ".$delthisuid."\n");
+                               }
+                               else
+                               {
+                                       //echo "Saving\n";
+                                       fputs($pipes[0],$state?"save\n":"deluid\n");
+                                       $state++;
+                               }
+                       }
+                       elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n")
+                       {
+                       }
+                       elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer))
+                       {
+                               echo "Key expired!\n";
+                               exit;
+                       }
+                       elseif($buffer == "")
+                       {
+                               //echo "Empty!\n";
+                       }
+                       else
+                       {
+                               echo "ERROR: UNKNOWN $buffer\n";
+                       }
 
 
                        }
                        //echo "Fertig\n";
                        fclose($pipes[0]);
+
                        //echo stream_get_contents($pipes[1]);
                        fclose($pipes[1]);
+
                        // It is important that you close any pipes before calling
                        // proc_close in order to avoid a deadlock
                        $return_value = proc_close($process);
+
                        //echo "command returned $return_value\n";
                }
                else
@@ -508,6 +539,23 @@ function verifyEmail($email)
                exit;
        }
 
+       if($oldid == 2 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
+       {
+               showheader(_("My CAcert.org Account!"));
+               foreach($_REQUEST as $id => $val)
+               {
+                       if(substr($id,0,14)=="check_comment_")
+                       {
+                               $cid = intval(substr($id,14));
+                               $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
+                               mysql_query("update `gpg` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+                       }
+               }
+               echo(_("Certificate settings have been changed.")."<br/>\n");
+               showfooter();
+               exit;
+       }
+
        $id = intval($id);
 
        showheader(_("Welcome to CAcert.org"));
index f2edb8f..99fda23 100644 (file)
Binary files a/www/images/btn_paynowCC_LG.gif and b/www/images/btn_paynowCC_LG.gif differ
diff --git a/www/images/btn_subscribeCC_LG.gif b/www/images/btn_subscribeCC_LG.gif
new file mode 100644 (file)
index 0000000..a5cd278
Binary files /dev/null and b/www/images/btn_subscribeCC_LG.gif differ
index 1b84f51..8395a58 100644 (file)
@@ -18,6 +18,8 @@
 <?
 require_once("../includes/loggedin.php");
 require_once("../includes/lib/l10n.php");
+require_once("../includes/notary.inc.php");
+
 
 
 function show_page($target,$message,$error)
@@ -113,9 +115,6 @@ function send_reminder()
        $_SESSION['_config']['error'] = _("A reminder notice has been sent.");
 }
 
-
-
-
        loadem("account");
        if(array_key_exists('date',$_POST) && $_POST['date'] != "")
                $_SESSION['_config']['date'] = $_POST['date'];
@@ -127,7 +126,7 @@ function send_reminder()
 
        if($oldid == 12)
                $id = $oldid;
-               
+
        if($oldid == 4)
        {
                if ($_POST['ttp']!='') {
@@ -238,37 +237,79 @@ function send_reminder()
        if($oldid == 6)
        {
 $iecho= "c";
+               //date checks
+               if(trim($_REQUEST['date']) == '')
+               {
+                       show_page("VerifyData","",_("You must enter the date when you met the assuree."));
+                       exit;
+               }
+
+               if(!check_date_format(trim($_REQUEST['date'])))
+               {
+                       show_page("VerifyData","",_("You must enter the date in this format: YYYY-MM-DD."));
+                       exit;
+               }
+
+               if(!check_date_difference(trim($_REQUEST['date'])))
+               {
+                       show_page("VerifyData","",_("You must not enter a date in the future."));
+                       exit;
+               }
+
+               //proof of identity check and accept arbitration, implements CCA
                if(!array_key_exists('assertion',$_POST) || $_POST['assertion'] != 1)
                {
                        show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
                        exit;
                }
 
-/*             if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
+               //proof of CCA agreement by assuree after 2010-01-01
+               if((!array_key_exists('CCAAgreed',$_POST) || $_POST['CCAAgreed'] != 1) and (check_date_format(trim($_REQUEST['date']),2010)))
+               {
+                       show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
+                       exit;
+               }
+
+               //assurance done according to rules
+               if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
                {
                        show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
                        exit;
                }
-*/
 
-               if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 )  && $_SESSION['profile']['ttpadmin'] != 1)
+               //met assuree in person, not appliciable for TTP / TTP Topup assurances
+               if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 )  && $_REQUEST['method'] != "Trusted 3rd Parties")
                {
                        show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
                        exit;
                }
 
-               if($_SESSION['profile']['ttpadmin'] != 1 && $_POST['location'] == "")
+               //check location, min 3 characters
+               if(!array_key_exists('location',$_POST) || trim($_POST['location']) == "")
                {
                        show_page("VerifyData","",_("You failed to enter a location of your meeting."));
                        exit;
                }
 
-               if($_REQUEST['points'] == "")
+               if(strlen(trim($_REQUEST['location']))<=2)
+               {
+                       show_page("VerifyData","",_("You must enter a location with at least 3 characters eg town and country."));
+                       exit;
+               }
+
+               //check for points in range 0-35, for nucleus 35 + 15 temporary
+               if($_REQUEST['points'] == "" || !is_numeric($_REQUEST['points']))
                {
                        show_page("VerifyData","",_("You must enter the number of points you wish to allocate to this person."));
                        exit;
                }
 
+               if($_REQUEST['points'] <0 || ($_REQUEST['points']>35))
+               {
+                       show_page("VerifyData","",_("The number of points you entered are out of the range given by policy."));
+                       exit;
+               }
+
                $query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
                $res = mysql_query($query);
                $row = mysql_fetch_assoc($res);
@@ -315,7 +356,7 @@ $iecho= "c";
                $res = mysql_query($query);
                if(mysql_num_rows($res) > 0)
                {
-                        show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue."));
+                       show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue."));
                        exit;
                }
        }
@@ -328,6 +369,10 @@ $iecho= "c";
                                                `location`='".mysql_escape_string(stripslashes($_POST['location']))."',
                                                `date`='".mysql_escape_string(stripslashes($_POST['date']))."',
                                                `when`=NOW()";
+               //record active acceptance by Assurer
+               if (check_date_format(trim($_REQUEST['date']),2010)) {
+                       write_user_agreement($_SESSION['profile']['id'], "CCA", "Assurance", "Assurer", 1, $_SESSION['_config']['notarise']['id']);
+               }
                if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) {
                        $query .= ",\n`method`='TTP-Assisted'";
                }
@@ -404,16 +449,16 @@ $iecho= "c";
                echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";
 ?><form method="post" action="wot.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
-  <tr>
-    <td colspan="2" class="title"><?=_("Assure Someone")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD"><?=_("Email")?>:</td>
-    <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
-  </tr>
-  <tr>
-    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
-  </tr>
+       <tr>
+               <td colspan="2" class="title"><?=_("Assure Someone")?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Email")?>:</td>
+               <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
+       </tr>
+       <tr>
+               <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+       </tr>
 </table>
 <input type="hidden" name="oldid" value="5">
 </form>
@@ -466,7 +511,7 @@ $iecho= "c";
                        $subject = $_REQUEST['subject'];
                        $userid = intval($_REQUEST['userid']);
                        $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
-                       $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
+                       $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
                                                where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
                        if($points > 0)
                        {