Source code taken from cacert-20140115.tar.bz2
authorMichael Tänzer <neo@nhng.de>
Tue, 4 Feb 2014 14:58:59 +0000 (15:58 +0100)
committerMichael Tänzer <neo@nhng.de>
Tue, 4 Feb 2014 14:58:59 +0000 (15:58 +0100)
15 files changed:
CommModule/client.pl
includes/account.php
includes/notary.inc.php
pages/account/11.php
pages/account/13.php
pages/account/21.php
pages/account/5.php
pages/account/6.php
pages/index/1.php
pages/wot/6.php
scripts/53de-ate-amberg-email.txt [new file with mode: 0644]
scripts/53de-ate-amberg-mail.php.txt [new file with mode: 0644]
scripts/db_migrations/version3.sh [new file with mode: 0755]
scripts/db_migrations/version4.sh [new file with mode: 0755]
www/wot.php

index bf92b27..bd3eb02 100755 (executable)
@@ -834,8 +834,15 @@ sub HandleCerts($$)
 
       my $days=$org?($server?(365*2):365):calculateDays($row{"memid"});
 
-
-      $crt=Request($ver,1,1,$row{'rootcert'}-1,$profile,$row{'md'}eq"sha1"?2:0,$days,$row{'keytype'}eq"NS"?1:0,$content,$SAN,$subject);
+      my $md_id = 0;
+      $md_id = 1 if( $row{'md'} eq "md5");
+      $md_id = 2 if( $row{'md'} eq "sha1");
+      $md_id = 3 if( $row{'md'} eq "rmd160");
+      $md_id = 8 if( $row{'md'} eq "sha256");
+      $md_id = 9 if( $row{'md'} eq "sha384");
+      $md_id =10 if( $row{'md'} eq "sha512");
+
+      $crt=Request($ver,1,1,$row{'rootcert'}-1,$profile,$md_id,$days,$row{'keytype'}eq"NS"?1:0,$content,$SAN,$subject);
       if(length($crt))
       {
         if($crt=~m/^-----BEGIN CERTIFICATE-----/)
index f28cf49..7c3748d 100644 (file)
 
        loadem("account");
 
-       $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
-       $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
-       $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
+/**
+ * Build a subject string as needed by the signer
+ *
+ * @param array(string) $domains
+ *     First domain is used as CN and repeated in subjectAltName. Duplicates
+ *     should already been removed
+ *
+ * @param bool $include_xmpp_addr
+ *     [default: true] Whether to include the XmppAddr in the subjectAltName.
+ *     This is needed if the Jabber server is jabber.example.com but a Jabber ID
+ *     on that server would be alice@example.com
+ *
+ * @return string
+ */
+function buildSubject(array $domains, $include_xmpp_addr = true) {
+       $subject = "/CN=${domains[0]}";
+
+       foreach ($domains as $domain) {
+               $subject .= "/subjectAltName=DNS:$domain";
+
+               if ($include_xmpp_addr) {
+                       $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
+               }
+       }
+
+       return $subject;
+}
+
+/**
+ * Builds the subject string from the session variables
+ * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
+ *
+ * @return string
+ */
+function buildSubjectFromSession() {
+       $domains = array();
+
+       if (is_array($_SESSION['_config']['rows'])) {
+               $domains = array_merge($domains, $_SESSION['_config']['rows']);
+       }
+
+       if (is_array($_SESSION['_config']['altrows']))
+               foreach ($_SESSION['_config']['altrows'] as $row) {
+                       if (substr($row, 0, 4) === "DNS:") {
+                               $domains[] = substr($row, 4);
+                       }
+               }
+
+       return buildSubject(array_unique($domains));
+}
 
-       $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
-       $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
-       $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
-       $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
+       $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
+       $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
+       $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
+//     $showdetalis refers to Secret Question and Answers from account/13.php
+       $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
+
+       $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
+       $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
+       $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
+       $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
 
 
        if(!$_SESSION['mconn'])
                        exit;
                }
 
-               $subject = "";
-               $count = 0;
-               $supressSAN=0;
-               if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
+               $subject = buildSubjectFromSession();
 
-               if(is_array($_SESSION['_config']['rows']))
-                       foreach($_SESSION['_config']['rows'] as $row)
-                       {
-                               $count++;
-                               if($count <= 1)
-                               {
-                                       $subject .= "/CN=$row";
-                                       if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
-                                       if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
-                               } else {
-                                       if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
-                                       if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
-                               }
-                       }
-               if(is_array($_SESSION['_config']['altrows']))
-                       foreach($_SESSION['_config']['altrows'] as $row)
-                       {
-                               if(substr($row, 0, 4) == "DNS:")
-                               {
-                                       $row = substr($row, 4);
-                                       if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
-                                       if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
-                               }
-                       }
                if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
                        $_SESSION['_config']['rootcert'] = 1;
 
                        echo _("Domain not verified.");
                        showfooter();
                        exit;
-
                }
 
                mysql_query($query);
                                        continue;
                                }
 
-                               $subject = "";
-                               $count = 0;
-                               if(is_array($_SESSION['_config']['rows']))
-                                       foreach($_SESSION['_config']['rows'] as $row)
-                                       {
-                                               $count++;
-                                               if($count <= 1)
-                                               {
-                                                       $subject .= "/CN=$row";
-                                                       if(!strstr($subject, "=$row/") &&
-                                                               substr($subject, -strlen("=$row")) != "=$row")
-                                                               $subject .= "/subjectAltName=$row";
-                                               } else {
-                                                       if(!strstr($subject, "=$row/") &&
-                                                               substr($subject, -strlen("=$row")) != "=$row")
-                                                               $subject .= "/subjectAltName=$row";
-                                               }
-                                       }
-                               if(is_array($_SESSION['_config']['altrows']))
-                                       foreach($_SESSION['_config']['altrows'] as $row)
-                                               if(!strstr($subject, "=$row/") &&
-                                                       substr($subject, -strlen("=$row")) != "=$row")
-                                                       $subject .= "/subjectAltName=$row";
+                               $subject = buildSubjectFromSession();
                                $subject = mysql_real_escape_string($subject);
                                mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
 
                {
                        echo _("You did not select any certificates for renewal.");
                }
+
                showfooter();
                exit;
        }
                exit;
        }
 
-
-       if($oldid == 6 && $_REQUEST['certid'] != "")
-       {
-               if(trim($_REQUEST['description']) != ""){
-                       $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
-               }else{
-                       $description= "";
-               }
-
-               if(trim($_REQUEST['disablelogin']) == "1"){
-                       $disablelogin = 1;
-               }else{
-                       $disablelogin = 0;
-               }
-
-               mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
-       }
-
-       if($oldid == 13 && $process != "")
+       if($oldid == 13 && $process != "" && $showdetails!="")
        {
                csrf_check("perschange");
                $_SESSION['_config']['user'] = $_SESSION['profile'];
                                                where `id`='".$_SESSION['profile']['id']."'";
                        mysql_query($query);
                }
-               $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
-                                               `Q2`='".$_SESSION['_config']['user']['Q2']."',
-                                               `Q3`='".$_SESSION['_config']['user']['Q3']."',
-                                               `Q4`='".$_SESSION['_config']['user']['Q4']."',
-                                               `Q5`='".$_SESSION['_config']['user']['Q5']."',
-                                               `A1`='".$_SESSION['_config']['user']['A1']."',
-                                               `A2`='".$_SESSION['_config']['user']['A2']."',
-                                               `A3`='".$_SESSION['_config']['user']['A3']."',
-                                               `A4`='".$_SESSION['_config']['user']['A4']."',
-                                               `A5`='".$_SESSION['_config']['user']['A5']."'
-                                               where `id`='".$_SESSION['profile']['id']."'";
-               mysql_query($query);
+               if ($showdetails!="") {
+                       $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
+                                                       `Q2`='".$_SESSION['_config']['user']['Q2']."',
+                                                       `Q3`='".$_SESSION['_config']['user']['Q3']."',
+                                                       `Q4`='".$_SESSION['_config']['user']['Q4']."',
+                                                       `Q5`='".$_SESSION['_config']['user']['Q5']."',
+                                                       `A1`='".$_SESSION['_config']['user']['A1']."',
+                                                       `A2`='".$_SESSION['_config']['user']['A2']."',
+                                                       `A3`='".$_SESSION['_config']['user']['A3']."',
+                                                       `A4`='".$_SESSION['_config']['user']['A4']."',
+                                                       `A5`='".$_SESSION['_config']['user']['A5']."'
+                                                       where `id`='".$_SESSION['profile']['id']."'";
+                       mysql_query($query);
+               }
 
                //!!!Should be rewritten
                $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
 
        if($oldid == 16 && $process != "")
        {
-
                if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
                {
                        $_REQUEST['codesign'] = 1;
                //if($org['contact'])
                //      $csrsubject .= "/emailAddress=".trim($org['contact']);
 
-               if(is_array($_SESSION['_config']['rows']))
-                       foreach($_SESSION['_config']['rows'] as $row)
-                               $csrsubject .= "/commonName=$row";
-               $SAN="";
-               if(is_array($_SESSION['_config']['altrows']))
-                       foreach($_SESSION['_config']['altrows'] as $subalt)
-                       {
-                               if($SAN != "")
-                                       $SAN .= ",";
-                               $SAN .= "$subalt";
-                       }
-
-               if($SAN != "")
-                       $csrsubject .= "/subjectAltName=".$SAN;
+               $csrsubject .= buildSubjectFromSession();
 
                $type="";
                if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
 
                        sendmail($row['email'], "[CAcert.org] "._("Password Update Notification"), $body,
                                                "support@cacert.org", "", "", "CAcert Support");
-
                }
+
                showfooter();
                exit;
        }
index 1f0ec92..b34b2f4 100644 (file)
                $res = mysql_query($query);
        }
 
+       /**
+        * get_user_agreement_status()
+        *  returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
+        * @param mixed $memid
+        * @param string $type
+        * @return
+        */
        function get_user_agreement_status($memid, $type="CCA"){
-       //returns 0 - no user agreement, 1- at least one entry
                $query="SELECT u.`document` FROM `user_agreements` u
-                       WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
+                       WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) <=0){
                        return 0;
                }
        }
 
+       /**
+        * get_first_user_agreement()
+        *  returns the first user_agreement entry of the requested type depending on thes status of active of a given user
+        * @param mixed $memid
+        * @param integer $active, 0 - passive, 1 -active
+        * @param string $type
+        * @return
+        */
        function get_first_user_agreement($memid, $active=1, $type="CCA"){
        //returns an array (`document`,`date`,`method`, `comment`,`active`)
-               if($active==1){
-                       $filter="u.`memid`=".$memid;
-               }else{
-                       $filter="u.`secmemid`=".$memid;
-               }
-               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
-                       WHERE u.`document` = '".$type."' AND ".$filter."
-                       ORDER BY u.`date` Limit 1;";
+               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` AS u
+                       WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) . " AND u.`active`=" . intval($active) .
+                       " ORDER BY u.`date` Limit 1;";
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
-                       $row = mysql_fetch_assoc($res);
-                       $rec['document']= $row['document'];
-                       $rec['date']= $row['date'];
-                       $rec['method']= $row['method'];
-                       $rec['comment']= $row['comment'];
-                       $rec['active']= $row['active'];
+                       $rec = mysql_fetch_assoc($res);
                }else{
                        $rec=array();
                }
                return $rec;
        }
 
+       /**
+        * get_last_user_agreement()
+        *  returns the last user_agreement entry of a given type and of a given user
+        * @param mixed $memid
+        * @param string $type
+        * @return
+        */
        function get_last_user_agreement($memid, $type="CCA"){
        //returns an array (`document`,`date`,`method`, `comment`,`active`)
-               $query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
-                       union
-                       (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
+               $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ;
                $res = mysql_query($query);
                if(mysql_num_rows($res) >0){
-                       $row = mysql_fetch_assoc($res);
-                       $rec['document']= $row['document'];
-                       $rec['date']= $row['date'];
-                       $rec['method']= $row['method'];
-                       $rec['comment']= $row['comment'];
-                       $rec['active']= $row['active'];
+                       $rec = mysql_fetch_assoc($res);
                }else{
                        $rec=array();
                }
                return $rec;
        }
 
-       function delete_user_agreement($memid, $type="CCA"){
+       /**
+        * delete_user_agreement()
+        *  deletes all entries for a given type from user_agreement of a given user, if type is not given all
+        * @param mixed $memid
+        * @param string $type
+        * @return
+        */
+       function delete_user_agreement($memid, $type=false){
        //deletes all entries to an user for the given type of user agreements
-               mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
-               mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
+               if ($type === false) {
+                       $filter = '';
+               } else {
+                       $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
+               }
+               mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
        }
 
        // functions for 6.php (assure somebody)
index 4e070cb..5f94122 100644 (file)
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+
 <p>
-<?=_("Please make sure the following details are correct before proceeding any further.")?>
+<?=_("Please make sure the following details are correct before proceeding ".
+               "any further.")?>
 </p>
-<?// print_r($_SESSION['_config']['altrows']); ?>
+
+<p><?
+if (is_array($_SESSION['_config']['rows'])) {
+       foreach ($_SESSION['_config']['rows'] as $row) {
+               echo _("CommonName"), ": $row<br>\n";
+       }
+}
+
+if (is_array($_SESSION['_config']['altrows'])) {
+       foreach ($_SESSION['_config']['altrows'] as $row) {
+               echo _("subjectAltName"), ": $row<br>\n";
+       }
+}
+?></p>
+
 <p>
-<? if(is_array($_SESSION['_config']['rows']))
-       foreach($_SESSION['_config']['rows'] as $row) { ?>
-<?=_("CommonName")?>: <?=$row?><br>
-<? } ?>
-<? if(is_array($_SESSION['_config']['altrows']))
-       foreach($_SESSION['_config']['altrows'] as $row) { ?>
-<?=_("subjectAltName")?>: <?=$row?><br>
-<? } ?>
-<? if(1 == 0) { ?>
-<?=_("Organisation")?>: <?=$_SESSION['_config']['O']?><br>
-<?=_("Org. Unit")?>: <?=$_SESSION['_config']['OU']?><br>
-<?=_("Location")?>: <?=$_SESSION['_config']['L']?><br>
-<?=_("State/Province")?>: <?=$_SESSION['_config']['ST']?><br>
-<?=_("Country")?>: <?=$_SESSION['_config']['C']?><br>
-<?=_("Email Address")?>: <?=$_SESSION['_config']['emailAddress']?><br>
-<? } ?>
-<?=_("No additional information will be included on certificates because it can not be automatically checked by the system.")?>
-<? if(array_key_exists('rejected',$_SESSION['_config']) && is_array($_SESSION['_config']['rejected'])) { ?>
-<br><br><?=_("The following hostnames were rejected because the system couldn't link them to your account, if they are valid please verify the domains against your account.")?><br>
-<? foreach($_SESSION['_config']['rejected'] as $row) { ?>
-<?=_("Rejected")?>: <a href="account.php?id=7&amp;newdomain=<?=$row?>"><?=$row?></a><br>
-<? } } ?>
-<? if(is_array($_SESSION['_config']['rows']) || is_array($_SESSION['_config']['altrows'])) { ?>
-<form method="post" action="account.php">
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-<? } else { ?>
-<br><br><b><?=_("Unable to continue as no valid commonNames or subjectAltNames were present on your certificate request.")?></b>
-<? } ?>
+<?=_("No additional information will be included on certificates because it ".
+               "can not be automatically checked by the system.")?>
 </p>
+
+<p><?
+if (array_key_exists('rejected',$_SESSION['_config']) &&
+               is_array($_SESSION['_config']['rejected'])) {
+       echo _("The following hostnames were rejected because the system couldn't ".
+                       "link them to your account, if they are valid please verify the ".
+                       "domains against your account."), "<br>\n";
+       
+       foreach ($_SESSION['_config']['rejected'] as $row) {
+               echo _("Rejected");
+               echo ": <a href='account.php?id=7&amp;newdomain=$row'>$row</a><br>\n";
+       }
+}
+?></p>
+
+<?
+if (is_array($_SESSION['_config']['rows']) ||
+               is_array($_SESSION['_config']['altrows'])) {
+       ?>
+       <form method="post" action="account.php">
+               <p>
+                       <input type="submit" name="process" value="<?=_("Submit")?>">
+                       <input type="hidden" name="oldid" value="<?=$id?>">
+               </p>
+       </form>
+       <?
+} else {
+       ?>
+       <p>
+               <b><?=_("Unable to continue as no valid commonNames or ".
+                               "subjectAltNames were present on your certificate request.")?></b>
+       </p>
+       <?
+}
index 1c1cfc6..08f325d 100644 (file)
@@ -23,7 +23,8 @@
   $year = intval(substr($user['dob'], 0, 4));
   $month = intval(substr($user['dob'], 5, 2));
   $day = intval(substr($user['dob'], 8, 2));
-  $showdetails = array_key_exists('showdetails', $_REQUEST) && !!intval($_REQUEST['showdetails']);
+  $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
+
   if($showdetails){
     $body  = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
     $body .= _("You receive this automatic mail since you yourself or someone ".
     <td class="DataTD"><input type="text" name="A5" value="<?=sanitizeHTML($user['A5'])?>"></td>
   </tr>
   <tr>
+  <input type="hidden" name="showdetails" value="1" />
   <? } ?>
     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
   </tr>
index 6c3786b..75827fb 100644 (file)
     You should have received a copy of the GNU General Public License
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-*/ ?>
-<?
-       $org = $_SESSION['_config']['row'];
-       if($org['id'] <= 0)
-               $org = $_SESSION['_config']['altrow'];
+*/
+
+$org = $_SESSION['_config']['row'];
+if ($org['id'] <= 0) {
+       $org = $_SESSION['_config']['altrow'];
+}
 ?>
-<p>
-<?=_("Please make sure the following details are correct before proceeding any further.")?>
-</p>
 
 <p>
-<? if(is_array($_SESSION['_config']['rows']))
-       foreach($_SESSION['_config']['rows'] as $row) { ?>
-<?=_("CommonName")?>: <?=$row?><br>
-<? } ?>
-<? if(is_array($_SESSION['_config']['altrows']))
-       foreach($_SESSION['_config']['altrows'] as $row) { ?>
-<?=_("subjectAltName")?>: <?=$row?><br>
-<? } ?>
-<?=_("Organisation")?>: <?=$org['O']?><br>
-<?=_("Org. Unit")?>: <?=($_SESSION['_config']['OU'])?><br>
-<?=_("Location")?>: <?=$org['L']?><br>
-<?=_("State/Province")?>: <?=$org['ST']?><br>
-<?=_("Country")?>: <?=$org['C']?><br>
+<?=_("Please make sure the following details are correct before proceeding ".
+               "any further.")?>
+</p>
 
+<p><?
+if (is_array($_SESSION['_config']['rows'])) {
+       foreach ($_SESSION['_config']['rows'] as $row) {
+               echo _("CommonName"), ": $row<br>\n";
+       }
+}
 
-<form method="post" action="account.php">
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+if (is_array($_SESSION['_config']['altrows'])) {
+       foreach ($_SESSION['_config']['altrows'] as $row) {
+               echo _("subjectAltName"), ": $row<br>\n";
+       }
+}
 
+echo _("Organisation"), ": {$org['O']}<br>\n";
+echo _("Org. Unit"), ": {$_SESSION['_config']['OU']}<br>\n";
+echo _("Location"), ": {$org['L']}<br>\n";
+echo _("State/Province"), ": {$org['ST']}<br>\n";
+echo _("Country"), ": {$org['C']}<br>\n";
+?>
 
-<? if($_SESSION['profile']['admin'] == 1) { ?>
-<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
-<input type="checkbox" name="ocspcert" value="OCSPCert"/> <?=_("OCSP certificate")?>
-<? } ?>
+<form method="post" action="account.php">
+       <p>
+               <input type="submit" name="process" value="<?=_("Submit")?>">
+               <input type="hidden" name="oldid" value="<?=$id?>">
+       </p>
+       
+       <?
+       if ($_SESSION['profile']['admin'] == 1) {
+               ?>
+               <p>
+                       <br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
+                       <br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
+                       <br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
+                       <input type="checkbox" name="ocspcert" value="OCSPCert"/>
+                               <?=_("OCSP certificate")?>
+               </p>
+               <?
+       }
+       ?>
 
 </form>
-</p>
index 44763e2..934ca0c 100644 (file)
@@ -91,7 +91,7 @@
     <td class="DataTD"><?=$row['revoke']?></td>
     <td class="DataTD"><?=$row['expires']?></td>
     <td class="DataTD">
-      <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
+      <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":'checked="checked"'?>/>
       <input type="hidden" name="cert_<?=$row['id']?>" value="1" />
     </td>
     <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
index 0054b7a..8455499 100644 (file)
@@ -115,7 +115,6 @@ if (array_key_exists('format', $_REQUEST)) {
        echo "<pre>$cert</pre>";
 
        ?>
-<form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
        <tr>
                <td colspan="2" class="title"><?=_("Information about the certificate")?></td>
@@ -133,16 +132,6 @@ if (array_key_exists('format', $_REQUEST)) {
                $row['revoke'] = _("Not Revoked");
 ?>
        <tr>
-               <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
-<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
-               <td class="DataTD"><input type="checkbox" name="revokeid[<?=$row['id']?>]" ></td>
-<? } else if($verified != _("Revoked")) { ?>
-               <td class="DataTD"><input type="checkbox" name="delid[<?=$row['id']?>]"></td>
-<? } else { ?>
-               <td class="DataTD">&nbsp;</td>
-<? } ?>
-       </tr>
-       <tr>
                <td class="DataTD"><?=_("Status")?></td>
                <td class="DataTD"><?=$verified?></td>
        </tr>
@@ -165,21 +154,14 @@ if (array_key_exists('format', $_REQUEST)) {
        <tr>
                <td class="DataTD"><?=_("Login")?></td>
                <td class="DataTD">
-                       <input type="checkbox" name="disablelogin" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
+                       <input type="checkbox" name="disablelogin" disabled="disabled" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
                </td>
        </tr>
        <tr>
                <td class="DataTD"><?=_("Comment")?></td>
-               <td class="DataTD"><input type="text" name="description" maxlength="100" size=100 value="<?=htmlspecialchars($row['description'])?>"></td>
-       </tr>
-       <tr>
-               <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+               <td class="DataTD"><?=htmlspecialchars($row['description'])?></td>
        </tr>
 </table>
-<input type="hidden" name="oldid" value="6">
-<input type="hidden" name="certid" value="<?=$certid?>">
-</form>
-
 <?
        showfooter();
        exit;
index a60a242..4f0ca83 100644 (file)
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
-<p><?=_("By joining CAcert and becoming a Member, you agree to the CAcert Community Agreement. Please take a moment now to read that and agree to it; this will be required to complete the process of joining.")?></p>
+<p><?=_("By joining CAcert and becoming a member, you agree to the CAcert Community Agreement. Please take a moment now to read that and agree to it; this will be required to complete the process of joining.")?></p>
 <p><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
 <p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
+<b><?=_("Note: Please enter your date of birth and names as they are written in your official documents.")?></b><br /><br />
+<?=_("Because CAcert is a certificate authority (CA) people rely on us knowing about the identity of the users of our certificates. So even as we value privacy very much, we need to collect at least some basic information about our members. This is especially the case for everybody who wants to take part in our web of trust.")?>
+<?=_("Your private information will be used for internal procedures only and will not be shared with third parties.")?>
+</p>
+<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
 <?=_("A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br>
 <b><?=_("Note: White spaces at the beginning and end of a password will be removed.")?></b>
 </p>
index ef8cac7..a565aa7 100644 (file)
@@ -79,7 +79,7 @@
        AssureTextLine("",_("Only tick the next box if the Assurance was face to face."));
        AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
        AssureBoxLine("rules",_("I have read and understood the CAcert Community Agreement (CCA), Assurance Policy and the Assurance Handbook. I am making this Assurance subject to and in compliance with the CCA, Assurance policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
-       AssureTextLine(_("Policy"),"<a href=\"/policy/CAcert Community Agreement.php\" target=\"_blank\">"._("CAcert Community Agreement")."</a> -<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
+       AssureTextLine(_("Policy"),"<a href=\"/policy/CAcertCommunityAgreement.php\" target=\"_blank\">"._("CAcert Community Agreement")."</a> -<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
        AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
        AssureFoot($id,_("I confirm this Assurance"));
 ?>
diff --git a/scripts/53de-ate-amberg-email.txt b/scripts/53de-ate-amberg-email.txt
new file mode 100644 (file)
index 0000000..d8f76ff
--- /dev/null
@@ -0,0 +1,93 @@
+[Deutsch]
+
+Es hat sich viel getan in den letzten Jahren. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+    wenn du ein fremdes Ausweisdokument das erste Mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Montag, den 6. Januar 2014
+- in der Zeit von: 12:00 - ca. 16:00 Uhr
+- ASAMnet e.V.
+- Emailfabrik 1. Stock
+- Emailfabrikstrasse 12
+- 92224 Amberg
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2014-01-06ATE-Amberg]
+Blog [http://blog.cacert.org/2013/12/ate-amberg-de-2014-01-06/]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Amberg teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Monday, January 6th 2014
+- during: 12:00 - ca. 16:00
+- ASAMnet e.V.
+- Emailfabrik 1. Stock
+- Emailfabrikstrasse 12
+- 92224 Amberg
+
+Details to the location can be found:
+Wiki [https://wiki.cacert.org/Events/2014-01-06ATE-Amberg]
+Blog [http://blog.cacert.org/2013/12/ate-amberg-de-2014-01-06/]
+
+User reply for registration: 'I will attend the ATE-Amberg'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/53de-ate-amberg-mail.php.txt b/scripts/53de-ate-amberg-mail.php.txt
new file mode 100644 (file)
index 0000000..4be2ebd
--- /dev/null
@@ -0,0 +1,133 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2013  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+    include_once("../includes/mysql.php");
+
+    $lines = "";
+    $fp = fopen("53de-ate-amberg-email.txt", "r");
+    while(!feof($fp))
+    {
+        $line = trim(fgets($fp, 4096));
+        $lines .= wordwrap($line, 75, "\n")."\n";
+    }
+    fclose($fp);
+
+
+//  $locid = intval($_REQUEST['location']);
+//  $maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km]
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld
+//   $locid = 715191;        // Hamburg
+//   $locid = 1102495;       // London
+//   $locid = 606058;        // Frankfurt
+//   $locid = 1775784;       // Stuttgart
+//   $locid = 228950;        // Berlin
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin
+//   $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, United States
+//   $locid = 1486658;       // Potsdam
+//   $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//   $locid = 2094781;       // Mission Hills (Los Angeles), California, United States
+//   $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark
+//   $locid = 2093625;       // Los Angeles, CA ???
+//   $locid = 2094326       // Los Angeles (Los Angeles), California, United States
+//   $locid = 2257312;       // Sydney, New South Wales, Australia
+//   $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany
+//   $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany
+//   $locid = 1260319;       // Muenchen
+//   $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//   $locid = 873779;       // Karlsruhe, Baden-Wuerttemberg, Germany
+//   $locid = 520340;       // Dusseldorf, Nordrhein-Westfalen, Germany
+//       $locid = 2262656;       // Melbourne, Victoria, Australia
+//   $locid = 2185076;       // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+//   $locid = 2126955;       // Lawrence (Douglas), Kansas, United States
+//   $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+//   $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+//   $locid = 919560;       // Kiel, Schleswig-Holstein, Germany
+//   $eventname = "ATE-Kiel";
+//   $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+//       $locid = 228950;        // Berlin
+//       $eventname = "Linuxtag Berlin";
+//       $city = "22.-25. Mai, 2013";
+
+// $locid = 1117395;       // Lubeck Hansestadt, Schleswig-Holstein, Germany
+// $eventname = "ATE-Luebeck";
+// $city = "07. Juni 2013";
+
+//   $locid = 675661;       // Graz, Steiermark, Austria
+//   $eventname = "ATE-Graz";
+//   $city = "16. August 2013";
+
+//   $locid = 1992733;       // Wien, Wien, Austria
+//   $eventname = "ATE-Wien";
+//   $city = "15. Oktober 2013";
+
+   $locid = 54334;           // Amberg, Bayern, Germany
+   $eventname = "ATE-Amberg";
+   $city = "06. Januar 2014";
+    $query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+    $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+            (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+             COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+            FROM `locations`
+                inner join `users`  on `users`.`locid` = `locations`.`id`
+                inner join `alerts` on `users`.`id`=`alerts`.`memid`
+                inner join `notary` on `users`.`id`=`notary`.`to`
+            WHERE   (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+            GROUP BY `users`.`id`
+            HAVING `distance` <= '$maxdist'
+            ORDER BY `distance` ";
+     echo $query;
+
+    // comment next line when starting to send mail not only to me
+    //  $query = "select * from `users` where `email` like 'cacerttest%'";
+
+    $res = mysql_query($query);
+    $xrows = mysql_num_rows($res);
+
+    while($row = mysql_fetch_assoc($res))
+    {
+    //    uncomment next line to send mails ...
+        sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    }
+  // 1x cc to events.cacert.org
+    sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    // 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+    // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/scripts/db_migrations/version3.sh b/scripts/db_migrations/version3.sh
new file mode 100755 (executable)
index 0000000..8febfe7
--- /dev/null
@@ -0,0 +1,98 @@
+#!/bin/sh
+# LibreSSL - CAcert web application
+# Copyright (C) 2004-2011  CAcert Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+
+# script to do database migrations
+
+# This particular version migrates from the preversioned state to version 1
+# If you want to reuse it for further migrations you probably should pay special
+# attention because you have to adjust it a bit
+
+set -e # script fails if any command fails
+
+STDIN=0
+STDOUT=1
+STDERR=2
+
+if [ "$1" = "--help" ]; then
+       cat >&$STDERR <<- USAGE
+               Usage: $0 [MYSQL_OPTIONS]
+               You have to specify all options needed by "mysql" as if you had started
+               the MySQL command line client directly (including the name of the
+               database to operate on). The MySQL user used has to have enough
+               privileges to do all necessary operations (among others CREATE, ALTER,
+               DROP, UPDATE, INSERT, DELETE).
+               You might need to enter the mysql password multiple times if you
+               specify the -p option.
+       USAGE
+       exit 1
+fi
+
+mysql_opt=" --batch --skip-column-names $@"
+
+schema_version=$( mysql $mysql_opt <<- 'SQL'
+
+       SELECT MAX(`version`) FROM `schema_version`;
+SQL
+)
+if [ $schema_version != 2 ]; then
+       cat >&$STDERR <<- ERROR
+               Error: database schema is not in the right version to do the migration!
+               Expected version: 2
+       ERROR
+       exit 2
+fi
+
+mysql $mysql_opt <<- 'SQL'
+
+
+-- alter table Admin log
+
+ALTER TABLE `adminlog` ADD `type` VARCHAR( 50 ) NOT NULL ,
+  ADD `information` VARCHAR( 50 ) NOT NULL;
+
+-- create new table OrgAdminLog
+
+CREATE TABLE IF NOT EXISTS `orgadminlog` (
+  `when` datetime NOT NULL,
+  `oid` int(11) NOT NULL,
+  `adminid` int(11) NOT NULL,
+  `type` varchar(50) NOT NULL,
+  `information` varchar(50) NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+-- alter table OrgDomainCerts
+ALTER TABLE `orgdomaincerts` ADD orgadminid int(11) NULL,
+  ADD revokeorgadminid int(11) NULL;
+
+-- alter table OrgEmailCerts
+ALTER TABLE `orgemailcerts` ADD orgadminid int(11) NULL,
+  ADD revokeorgadminid int(11) NULL;
+
+
+
+       -- Update schema version number
+       INSERT INTO `schema_version`
+               (`version`, `when`) VALUES
+               ('3'      , NOW() );
+SQL
+
+
+echo "Database successfully migrated to version 3"
+exit 0
+
diff --git a/scripts/db_migrations/version4.sh b/scripts/db_migrations/version4.sh
new file mode 100755 (executable)
index 0000000..9a8aded
--- /dev/null
@@ -0,0 +1,100 @@
+#!/bin/sh
+# LibreSSL - CAcert web application
+# Copyright (C) 2004-2011  CAcert Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+
+# script to do database migrations
+
+# This particular version migrates from the preversioned state to version 1
+# If you want to reuse it for further migrations you probably should pay special
+# attention because you have to adjust it a bit
+
+set -e # script fails if any command fails
+
+STDIN=0
+STDOUT=1
+STDERR=2
+
+if [ "$1" = "--help" ]; then
+       cat >&$STDERR <<- USAGE
+               Usage: $0 [MYSQL_OPTIONS]
+               You have to specify all options needed by "mysql" as if you had started
+               the MySQL command line client directly (including the name of the
+               database to operate on). The MySQL user used has to have enough
+               privileges to do all necessary operations (among others CREATE, ALTER,
+               DROP, UPDATE, INSERT, DELETE).
+               You might need to enter the mysql password multiple times if you
+               specify the -p option.
+       USAGE
+       exit 1
+fi
+
+mysql_opt=" --batch --skip-column-names $@"
+
+schema_version=$( mysql $mysql_opt <<- 'SQL'
+
+       SELECT MAX(`version`) FROM `schema_version`;
+SQL
+)
+if [ $schema_version != 3 ]; then
+       cat >&$STDERR <<- ERROR
+               Error: database schema is not in the right version to do the migration!
+               Expected version: 3
+       ERROR
+       exit 2
+fi
+
+mysql $mysql_opt <<- 'SQL'
+
+-- dump table AdminLog
+SELECT *
+  INTO OUTFILE "adminlog_table_backup_1135"
+  FIELDS TERMINATED BY ','
+  OPTIONALLY ENCLOSED BY '"'
+  LINES TERMINATED BY "\n"
+  FROM `adminlog`;
+SQL
+
+
+echo "Dump table create in adminlog_table_backup_1135"
+
+
+mysql $mysql_opt <<- 'SQL'
+-- update table admin log
+
+UPDATE `adminlog` SET `type` = 'old name or dob change',
+`information` = 'see adminlog_table_backup_1135';
+
+-- alter table admin log
+
+ALTER TABLE `adminlog`
+  DROP `old-lname`,
+  DROP `old-dob`,
+  DROP `new-lname`,
+  DROP `new-dob`;
+
+
+       -- Update schema version number
+       INSERT INTO `schema_version`
+               (`version`, `when`) VALUES
+               ('4'      , NOW() );
+SQL
+
+
+echo "Database successfully migrated to version 4"
+exit 0
+
index 8395a58..7200517 100644 (file)
@@ -371,7 +371,8 @@ $iecho= "c";
                                                `when`=NOW()";
                //record active acceptance by Assurer
                if (check_date_format(trim($_REQUEST['date']),2010)) {
-                       write_user_agreement($_SESSION['profile']['id'], "CCA", "Assurance", "Assurer", 1, $_SESSION['_config']['notarise']['id']);
+                       write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);
+                       write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']);
                }
                if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) {
                        $query .= ",\n`method`='TTP-Assisted'";
@@ -379,10 +380,6 @@ $iecho= "c";
                mysql_query($query);
                fix_assurer_flag($_SESSION['_config']['notarise']['id']);
                include_once("../includes/notary.inc.php");
-/*to be activated after CCA accept option is implemented in form
-               write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);}*/
-/* to be activated after the CCA recording is announced
-               write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']); */
 
                if($_SESSION['profile']['points'] < 150)
                {