2018-11-10 15:57:13 +00:00
.. index :: includes
.. index :: PHP
==========================
Directory :file: `includes`
==========================
.. sourcefile :: includes/.cvsignore
:file: `.cvsignore` includes the parameters for CVS, which files to ignore by
versioning
.. note :: CVS is long dead, is this still used?
.. sourcefile :: includes/.gitignore
:file: `.gitignore` contains file patterns to be ignored by Git.
2018-12-03 12:37:14 +00:00
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/about_menu.php
2018-12-03 12:37:14 +00:00
:links:
"http://blog.cacert.org/"
"http://blog.CAcert.org/feed/"
"http://bugs.CAcert.org/"
"https://lists.cacert.org/wws"
"http://wiki.CAcert.org/"
"http://wiki.cacert.org/Board"
"http://wiki.cacert.org/FAQ/Privileges"
"www/policy/"
"www/src-lic.php"
:file: `about_menu.php` is a part (<div>) of a PHP-Page, containing most of
the CAcert-related links. It uses :php:global: `$_SESSION['mconn']`
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/account_stuff.php
2018-11-13 18:53:51 +00:00
2018-12-03 12:37:14 +00:00
2018-11-13 18:53:51 +00:00
2018-12-03 12:37:14 +00:00
:uses:
2018-11-13 18:53:51 +00:00
2018-12-03 12:37:14 +00:00
includes/about_menu.php
2018-11-13 18:53:51 +00:00
2018-12-03 12:37:14 +00:00
:file: `includes/account_stuff.php` provides two procedures to be used for building the output of some HTML-pages.
It uses the global variables:
:php:global: `$_REQUEST['id']`
.. php:function :: showheader($title = "CAcert.org", $title2 = "")
2018-11-13 18:53:51 +00:00
2018-12-03 12:37:14 +00:00
This function renders a page depending on the calling file.
It uses the global variables:
:php:global: `$_SERVER['PHP_SELF']` ,
:php:global: `$_SESSION['_config']['header']` ,
:php:global: `$_SESSION['_config']['normalhostname']` ,
:php:global: `$_SESSION['profile']['adadmin']` ,
:php:global: `$_SESSION['profile']['admin']` ,
:php:global: `$_SESSION['profile']['assurer']` ,
:php:global: `$_SESSION['profile']['dob']` ,
:php:global: `$_SESSION['profile']['email']` ,
:php:global: `$_SESSION['profile']['fname']` ,
:php:global: `$_SESSION['profile']['id']` ,
:php:global: `$_SESSION['profile']['lname']` ,
:php:global: `$_SESSION['profile']['locadmin']` ,
:php:global: `$_SESSION['profile']['mname']` ,
:php:global: `$_SESSION['profile']['orgadmin']` ,
:php:global: `$_SESSION['profile']['points']` ,
:php:global: `$_SESSION['profile']['suff']`
2018-11-13 18:53:51 +00:00
:param string $title:
:param string $title2:
:global: * *(int)* - $id:
:global: * *(string)* - $PHP_SELF:
.. php:function :: showfooter()
This function renders a page-footer.
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/account.php
2018-11-13 18:53:51 +00:00
:uses:
includes/loggedin.php
includes/lib/l10n.php
includes/lib/check_weak_key.php
includes/notary.inc.php
2018-11-28 23:54:17 +00:00
:file: `includes/account.php` first loads some more includefiles via :php:func: `loadem` . It defines two functions and read the global variables
:php:global: `$_REQUEST['id']` ,
:php:global: `$_REQUEST['oldid']` ,
:php:global: `$_REQUEST['process']` ,
:php:global: `$_REQUEST['showdetails']` ,
:php:global: `$_REQUEST['cert']` ,
:php:global: `$_REQUEST['orgid']` ,
:php:global: `$_REQUEST['memid']` ,
:php:global: `$_REQUEST['domid']` ,
:php:global: `$_REQUEST['action']` ,
:php:global: `$_REQUEST['ticketno']` ,
:php:global: `$_SESSION['mconn']`
2018-11-13 18:53:51 +00:00
.. php:function :: buildSubject(array $domains, $include_xmpp_addr = true)
2018-11-28 23:54:17 +00:00
Build a subject string as needed by the signer.
This function uses
:php:func: `account_domain_delete` ,
:php:func: `account_email_delete` ,
:php:func: `buildSubjectFromSession` ,
:php:func: `check_client_cert_running` ,
:php:func: `check_gpg_cert_running` ,
:php:func: `check_is_orgadmin` ,
:php:func: `check_server_cert_running` ,
:php:func: `checkEmail` ,
:php:func: `checkpw` ,
:php:func: `checkWeakKeyCSR` ,
:php:func: `checkWeakKeySPKAC` ,
:php:func: `checkWeakKeyX509` ,
:php:func: `clean_csr` ,
:php:meth: `HashAlgorithms::clean` ,
:php:func: `csrf_check` ,
:php:func: `extractit` ,
:php:func: `generatecertpath` ,
:php:meth: `L10n::get_translation` ,
:php:func: `getalt` ,
:php:func: `getalt2` ,
:php:func: `getcn` ,
:php:func: `getcn2` ,
:php:func: `make_hash` ,
:php:func: `revoke_all_private_cert` ,
:php:func: `runCommand` ,
:php:func: `sanitizeHTML` ,
:php:func: `sendmail` ,
:php:meth: `L10n::set_recipient_language` ,
:php:meth: `L10n::set_translation` ,
:php:func: `showheader` ,
:php:func: `showfooter` ,
:php:attr: `L10n::$translations` ,
:php:func: `valid_ticket_number` ,
:php:func: `waitForResult` ,
:php:func: `write_se_log` ,
:php:func: `write_user_agreement`
2018-11-13 18:53:51 +00:00
:param array(string) $domains: First domain is used as CN and repeated in subjectAltName. Duplicates should already been removed
:param bool $include_xmpp_addr: [default: true] Whether to include the XmppAddr in the subjectAltName. This is needed if the Jabber server is jabber.example.com but a Jabber ID on that server would be alice@example.com
:return: * (string) - subject string as needed by the signer
.. php:function :: buildSubjectFromSession()
Builds the subject string from the session variables $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
:return: * (string) -
2018-11-27 11:36:49 +00:00
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/general_stuff.php
2018-11-28 23:54:17 +00:00
:uses:
2018-12-03 12:37:14 +00:00
includes/lib/l10n.php
2018-11-28 23:54:17 +00:00
This process uses
:php:func: `showbodycontent` ,
:php:func: `showfooter` ,
:php:func: `showheader`
.. php:function :: showbodycontent($title = "CAcert.org", $title2 = "")
2018-12-16 17:11:36 +00:00
.. sourcefile :: includes/general.php
:uses:
includes/lib/general.php
includes/mysql.php
includes/lib/account.php
includes/lib/l10n.php
:file: `includes/general.php` is included by the file :file: `www/.htaccess` that controls the behavior of the webserver.
Here the session is started/restarted with the name "cacert". Then the raw HTTP header is sent.
2018-11-28 23:54:17 +00:00
2018-12-16 17:11:36 +00:00
:php:global: `$_SESSION['_config']['errmsg']` is set to empty string.
2018-11-28 23:54:17 +00:00
2018-12-16 17:11:36 +00:00
After that, the script only continues if :php:global: `$_SERVER['HTTP_HOST']` contains one of the values from :php:global: `$_SESSION['_config']['normalhostname']` , :php:global: `$_SESSION['_config']['securehostname']` , :php:global: `$_SESSION['_config']['tverify']` or "stamp.cacert.org" and also :php:global: `$_SERVER['HTTPS']` must have the value "on".
Next the language is organized via :php:meth: `L10n::detect_language` and :php:meth: `L10n::init_gettext` .
Then it is checked in :ref: `users` if the user whose userid is stored in :php:global: `$_SESSION['profile']['id']` is locked, else its total points are calculated from :ref: `notary` and stored in :php:global: `$_SESSION['profile']['points']` .
After that executable part of the script there are some functions defined
2018-11-28 23:54:17 +00:00
2018-12-16 17:11:36 +00:00
.. php:function :: loadem($section = "index")
2018-11-10 15:57:13 +00:00
2018-12-16 17:11:36 +00:00
Depending on the content of section an additiv file will be included.
- "account" includes :php:global: `$_SESSION['_config']['filepath']` ."/includes/account_stuff.php"
- "tverify" includes :php:global: `$_SESSION['_config']['filepath']` ."/includes/tverify_stuff.php"
- "index" includes :php:global: `$_SESSION['_config']['filepath']` ."/includes/general_stuff.php"
- all other are handled like "index"
:param string $section: The section that is to handle. Allowed are
- "account",
- "index",
- "tverify";
- all other are handeled as "index".
.. php:function :: includeit($id = "0", $section = "index")
ipsum
.. php:function :: checkpwlight($pwd)
ipsum
.. php:function :: checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
.. php:function :: extractit()
.. php:function :: getcn()
.. php:function :: getalt()
.. php:function :: getcn2()
.. php:function :: getalt2()
.. php:function :: checkownership($hostname)
.. php:function :: maxpoints($id = 0)
.. php:function :: gpg_hex2bin($data)
.. php:function :: signmail($to, $subject, $message, $from, $replyto = "")
.. php:function :: checkEmail($email)
.. php:function :: waitForResult($table, $certid, $id = 0, $show = 1)
.. php:function :: generateTicket()
.. php:function :: sanitizeHTML($input)
.. php:function :: make_hash()
.. php:function :: csrf_check($nam, $show=1)
.. php:function :: make_csrf($nam)
.. php:function:. clean_csr($CSR)
.. php:function :: clean_gpgcsr($CSR)
.. php:function :: sanitizeFilename($text)
.. php:function :: no_assurer_text($Status)
.. php:function :: is_assurer($userID)
.. php:function :: get_assurer_reason($userID)
.. php:function :: generatecertpath($type,$kind,$id)
2018-11-10 15:57:13 +00:00
2018-12-16 17:11:36 +00:00
.. php:function :: mysql_timed_query($sql)
2018-11-28 23:54:17 +00:00
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/keygen.php
.. sourcefile :: includes/loggedin.php
2018-11-27 11:36:49 +00:00
:uses:
includes/lib/general.php
SOME__get_user_id_from_cert
includes/lib/l10n.php
SOME__L10n::get_translation
SOME__L10n::set_translation
SOME__L10n::init_gettext
includes/mysql.php
includes/notary.inc.php
SOME__get_user_agreement_status
.. todo :: analyze the module
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/mysql.php
:file: `includes/mysql.php` is not contained in the :cacertgit: `cacert-devel`
repository but is used by several other files. The file is copied from
:sourcefile: `includes/mysql.php.sample` and defines the database connection
information.
This file is parsed directly by :sourcefile: `CommModule/client.pl`
format changes might break the CommModule code.
.. sourcefile :: includes/mysql.php.sample
:file: `mysql.php.sample` is a template for the database connection handling
code that is meant to be copied to :file: `mysql.php` .
2018-11-28 23:54:17 +00:00
The template defines the MySQL connection as a session variable :php:global: `$_SESSION['mconn']` while connecting to that database. It also defines the session variables
:php:global: `$_SESSION['_config']['normalhostname']` , :php:global: `$_SESSION['_config']['securehostname']` and :php:global: `$_SESSION['_config']['tverify']` .
2018-11-10 15:57:13 +00:00
The template defines a function :php:func: `sendmail` for sending mails.
.. php:function :: sendmail($to, $subject, $message, $from, $replyto="", \
$toname="", $fromname="", $errorsto="returns@cacert.org", \
$use_utf8=true)
Send an email. The function reimplements functionality that is readily
available in PHP. The function does not properly escape headers and
sends raw SMTP commands.
:param string $to: recipient email address
:param string $subject: subject
:param string $message: email body
:param string $from: from email address
:param string $replyto: reply-to email address
:param string $fromname: unused in the code
:param string $toname: unused in the code
:param string $errorsto: email address used for Sender and Errors-To
headers
:param bool $use_utf8: decides whether the Content-Type header uses
a charset parameter of utf-8 or iso-8859-1
Configuration and actual code are mixed. It would be better to have a
separate file that just includes configuration.
.. sourcefile :: includes/notary.inc.php
2018-12-03 12:37:14 +00:00
:file: `includes/notary.inc.php` defines the global constants :php:const: `NULL_DATETIME` and :php:const: `THAWTE_REVOCATION_DATETIME` . It also provides a set of funktions; here listed in the given order:
2018-11-13 18:53:51 +00:00
.. php:function :: query_init ($query)
Accesss the database to execute the passed query.
:param string $query: query to execute
:return: * (resource) - result of the passed query.
.. php:function :: query_getnextrow ($res)
Return the next row of a previous received result of a database query.
:param resource $res: Result of a previous database query.
:return: * (object) - next row in the passed resource
.. php:function :: query_get_number_of_rows ($resultset)
Return the number of rows of the passed $resource which has to be the result of a previous database query, select-statement
:param resource $resultset: Result of a previous database query
:return: * (int) - number of rows in the passed resource
.. php:function :: get_number_of_assurances ($userid)
2018-11-27 11:36:49 +00:00
Returns the number of assurances the user with the passed userid has given. Uses :php:func: `query_init` and :php:func: `query_getnextrow` .
2018-11-13 18:53:51 +00:00
:param int $userid: userid of be controled
:return: * (int) - number of given assurances
.. php:function :: get_number_of_ttpassurances ($userid)
2018-11-27 11:36:49 +00:00
Returns the number of TTP-assurances the user with the passed userid has received. Uses :php:func: `query_init` and :php:func: `query_getnextrow` .
2018-11-13 18:53:51 +00:00
:param int $userid: userid of be controled
:return: * (int) - number of received TTP-assurances
.. php:function :: get_number_of_assurees ($userid)
2018-11-27 11:36:49 +00:00
Returns the number of assurances the user with the passed userid has received. Uses :php:func: `query_init` and :php:func: `query_getnextrow` .
2018-11-13 18:53:51 +00:00
:param int $userid: userid of be controled
:return: * (int) - number of received assurances
.. php:function :: get_top_assurer_position ($no_of_assurances)
2018-11-27 11:36:49 +00:00
Returns the ranking of an assurer with the passed number of given assurances. Uses :php:func: `query_init` and :php:func: `query_get_number_of_rows` .
2018-11-13 18:53:51 +00:00
:param int $no_of_assurances: number of assurances
:return: * (int) - position at the list of top assurers
.. php:function :: get_top_assuree_position ($no_of_assurees)
2018-11-27 11:36:49 +00:00
Returns the ranking of an assuree with the passed number of received assurances. Uses :php:func: `query_init` and :php:func: `query_get_number_of_rows` .
2018-11-13 18:53:51 +00:00
:param int $no_of_assurances: number of assurances
:return: * (int) - position at the list of top assurees
.. php:function :: get_given_assurances($userid, $log=0)
2018-11-27 11:36:49 +00:00
Get the list of assurances given by the user. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of the assurer
:param int $log: if set to 1 also includes deleted assurances
:return: * (resource) - a MySQL result set
.. php:function :: get_received_assurances($userid, $log=0)
2018-11-27 11:36:49 +00:00
Get the list of assurances received by the user. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of the assuree
:param int $log: if set to 1 also includes deleted assurances
:return: * (resource) - a MySQL result set
.. php:function :: get_given_assurances_summary ($userid)
2018-11-27 11:36:49 +00:00
Get the count of given assurances of the user with the passed userid grouped by points, awarded, method. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of the assurer
:return: * (resource) - list of number of given assurances grouped by points, awarded, method
.. php:function :: get_received_assurances_summary ($userid)
2018-11-27 11:36:49 +00:00
Get the count of received assurances of the user with the passed userid grouped by points, awarded, method. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of the assuree
:return: * (resource) - list of number of received assurances grouped by points, awarded, method
.. php:function :: get_user ($userid)
2018-11-27 11:36:49 +00:00
Get data of user with the passed userid. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of the user
:return: * (resource) - data frum table users belonging to passed userid.
.. php:function :: get_cats_state ($userid)
2018-11-27 11:36:49 +00:00
Get the number of passed CATS for the given userid. Uses :php:func: `query_init` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:return: * (int) - number of passed CATS
.. php:function :: calc_awarded($row)
Calculate awarded points (corrects some issues like out of range points or points that were issued by means that have been deprecated)
:param array $row: associative array containing the data from the `notary` table
:return: * (int) - the awarded points for this assurance
.. php:function :: calc_experience(&$row, &$sum_points, &$sum_experience)
2018-11-27 11:36:49 +00:00
Calculate the experience points from a given Assurance. Uses :php:func: `calc_awarded` .
2018-11-13 18:53:51 +00:00
:param array $row: [inout] associative array containing the data from the `notary` table, the keys 'experience' and 'calc_awarded' will be added
:param int $sum_points: [inout] the sum of already counted assurance points the assurer issued
:param int $sum_experience: [inout] the sum of already counted experience points that were awarded to the assurer
.. php:function :: calc_assurances(&$row, &$sum_points, &$sum_experience)
2018-11-27 11:36:49 +00:00
Calculate the points received from a received Assurance. Uses :php:func: `calc_awarded` .
2018-11-13 18:53:51 +00:00
:param array $row: [inout] associative array containing the data from the `notary` table, the keys 'experience' and 'calc_awarded' will be added
:param int $sum_points: [inout] the sum of already counted assurance points the assuree received
:param int $sum_experience: [inout] the sum of already counted experience points that were awarded to the assurer
.. php:function :: show_user_link($user)
2018-11-27 11:36:49 +00:00
Generate a link to the support engineer page for the user with the name of the user as link text. Uses :php:func: `sanitizeHTML` .
2018-11-13 18:53:51 +00:00
:param array $user: associative array containing the data from the `user` table
:return: * (string) - name of the user with the passed userid or System or deleted
.. php:function :: show_email_link($user)
2018-11-27 11:36:49 +00:00
Generate a link to the support engineer page for the user with the email address as link text. Uses :php:func: `sanitizeHTML` .
2018-11-13 18:53:51 +00:00
:param array $user: associative array containing the data from the `user` table
:return: * (string) - email-address
.. php:function :: get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
2018-11-27 11:36:49 +00:00
Getting the number of given assurances and the rank of the user with the passed userid. Uses :php:func: `get_number_of_assurances` and :php:func: `get_top_assurer_position` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of an user
:param int $num_of_assurances: [inout] number of given assurances
:param int $rank_of_assurer: [inout] rank in assurer-list
.. php:function :: get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
2018-11-27 11:36:49 +00:00
Getting the number of received assurances and the rank of the user with the passed userid. Uses :php:func: `get_number_of_assurees` and :php:func: `get_top_assuree_position` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of an user
:param int $num_of_assurees: [inout] number of received assurances
:param int $rank_of_assuree: [inout] rank in assuree-list
.. php:function :: output_ranking($userid)
2018-11-27 11:36:49 +00:00
Generating HTML-code for showing the assurer/assuree data. Uses :php:func: `get_assurer_ranking` and :php:func: `get_assuree_ranking` .
2018-11-13 18:53:51 +00:00
:param int $userid: userid to build the page format
.. php:function :: output_assurances_header($title, $support, $log)
Render header for the assurance table (same for given/received)
:param string $title: The title for the table
:param int $support: set to 1 if the output is for the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_assurances_footer($points_txt,$sumpoints,$experience_txt,$sumexperience,$support,$log)
Render footer for the assurance table (same for given/received)
:param string $points_txt: Description for sum of assurance points
:param int $sumpoints: sum of assurance points
:param string $experience_txt: Description for sum of experience points
:param int $sumexperience: sum of experience points
:param int $support: set to 1 if the output is for the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_assurances_row($assurance,$userid,$other_user,$support,$ticketno,$log)
2018-11-27 11:36:49 +00:00
Render an assurance for a view. Uses :php:func: `show_email_link` , :php:func: `show_user_link` , :php:func: `sanitizeHTML` and :php:func: `make_csrf` .
2018-11-13 18:53:51 +00:00
:param array $assurance: associative array containing the data from the `notary` table
:param int $userid: Id of the user whichs given/received assurances are displayed
:param array $other_user: associative array containing the other users data from the `users` table
:param int $support: set to 1 if the output is for the support interface
:param string $ticketno: ticket number currently set in the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_summary_header()
Render the header for the summary.
.. php:function :: output_summary_footer()
Render the footer for the summary.
.. php:function :: output_summary_row($title,$points,$points_countable,$remark)
Render a row of the summary of points
:param string $title: The description of the row
:param inf $points:
:param int $points_countable:
:param string $remark:
.. todo :: check points and points_countable
.. php:function :: output_given_assurances_content($userid,&$sum_points,&$sum_experience,$support,$ticketno,$log)
2018-11-27 11:36:49 +00:00
Helper function to render assurances given by the user. Uses :php:func: `get_given_assurances` , :php:func: `get_user` , :php:func: `calc_experience` and :php:func: `output_assurances_row` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:param int &$sum_points: [out] sum of given points
:param int &$sum_experience: [out] sum of experience points gained
:param int $support: set to 1 if the output is for the support interface
:param string $ticketno: the ticket number set in the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_received_assurances_content($userid,&$sum_points,&$sum_experience,$support,$ticketno,$log)
2018-11-27 11:36:49 +00:00
Helper function to render assurances received by the user. Uses :php:func: `get_received_assurances` , :php:func: `get_user` , :php:func: `calc_assurances` and :php:func: `output_assurances_row` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:param int& $sum_points: [out] sum of received points
:param int& $sum_experience: [out] sum of experience points the assurers gained
:param int $support: set to 1 if the output is for the support interface
:param string $ticketno: the ticket number set in the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: check_date_limit ($userid,$age)
2018-11-27 11:36:49 +00:00
Checks if the user with the passed userid has reached a given age. Uses :php:func: `query_init` , :php:func: `query_get_number_of_rows` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:param int $age: the age to be checked against
:return: * (int) - 1: if the given age is reached; 0 else
.. php:function :: max_points($userid)
2018-11-27 11:36:49 +00:00
Determin, how many points the user can issue at most. Uses :php:func: `output_summary_content` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:return: * (int) - max to issue points
.. php:function :: output_summary_content($userid,$display_output)
2018-11-27 11:36:49 +00:00
Calculate points and render them for output. Uses :php:func: `check_date_limit` , :php:func: `get_received_assurances_summary` , :php:func: `calc_awarded` , :php:func: `get_given_assurances_summary` , :php:func: `get_cats_state` , :php:func: `output_summary_row` .
2018-11-13 18:53:51 +00:00
:param int $userid: id of a user
:param int $display_output: flag if to display (1) or not (0)
:retur: * (int) - max to issue points
.. php:function :: output_given_assurances($userid, $support=0, $ticketno='', $log=0)
2018-11-27 11:36:49 +00:00
Render assurances given by the user. Uses :php:func: `output_assurances_header` , :php:func: `output_given_assurances_content` , :php:func: `output_assurances_footer` .
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param int $userid: id of a user
2018-11-13 18:53:51 +00:00
:param int $support: set to 1 if the output is for the support interface
:param string $ticketno: the ticket number set in the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_received_assurances($userid, $support=0, $ticketno='', $log=0)
2018-11-27 11:36:49 +00:00
Render assurances received by the user. Uses :php:func: `output_assurances_header` , :php:func: `output_received_assurances_content` , :php:func: `output_assurances_footer` .
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param int $userid: id of a user
2018-11-13 18:53:51 +00:00
:param int $support: set to 1 if the output is for the support interface
:param string $ticketno: the ticket number set in the support interface
:param int $log: if set to 1 also includes deleted assurances
.. php:function :: output_summary($userid)
2018-11-27 11:36:49 +00:00
Render the page output for a user. Uses :php:func: `output_summary_header` , :php:func: `output_summary_content` , :php:func: `output_summary_footer` .
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param int $userid: id of a user
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: output_end_of_page()
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
Adds a goBack-button to the page.
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0)
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
Writes a new record to the table user_agreement.
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param mixed $memid: id of a user
:param mixed $document:
:param mixed $method:
:param mixed $comment:
:param integer $active:
:param integer $secmemid:
:return:
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: get_user_agreement_status($memid, $type="CCA")
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
Returns 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param mixed $memid: userid
:param string $type: "CCA"
:return: * (int) - 1 if the user has an entry for the given type in user_agreement, 0 if no entry is recorded
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: get_first_user_agreement($memid, $type=null, $active=null)
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
Get the first user_agreement entry of the requested type
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param int $memid:
:param string $type: the type of user agreement, by default all agreements are listed
:param int $active: whether to get active or passive agreements:
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
* 0 := passive
* 1 := active
* null := both
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:return: * (array(string=>mixed)) - an associative array containing 'document', 'date', 'method', 'comment', 'active'.
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: get_last_user_agreement($memid, $type=null, $active=null)
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
Get the last user_agreement entry of the requested type
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
:param int $memid:
:param string $type: the type of user agreement, by default all agreements are listed
:param int $active: whether to get active or passive agreements:
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
* 0 := passive
* 1 := active
* null := both
:return: * (array(string=>mixed)) - an associative array containing 'document', 'date', 'method', 'comment', 'active'.
.. php:function :: get_user_agreements($memid, $type=null, $active=null)
Get all user_agreement entrys of the requested type
:param int $memid:
:param string $type: the type of user agreement, by default all agreements are listed
:param int $active: whether to get active or passive agreements:
* 0 := passive
* 1 := active
* null := both
:return: * (resource) - a mysql result set containing all agreements
.. php:function :: delete_user_agreement($memid, $type=false)
Deletes all entries for a given type from user_agreement of a given user, if type is not given, delete all all
:param mixed $memid: Member-id
:param string $type: the type of user agreement ; if false all
.. :php:function :: AssureHead($confirmation,$checkname)
Render the header for assurance-page /pages/wot/6.php
:param string $confirmation: text of title
:param string $checkname: textline including then ame of the person to be assured
.. php:function :: AssureTextLine($field1,$field2)
Prepares a text line for assurance-page /pages/wot/6.php; two cells in a row
:param string $field1: text string
:param string $field2: text string
.. php:function :: AssureBoxLine($type,$text,$checked)
Prepares a box line for assurance-page /pages/wot/6.php; two cells in a row, a checkbox with stats and a text
:param string $type: type/name of checkbox
:param string $text: text to present
:param string $checked: status of the ceckbox
.. php:function :: AssureMethodLine($text,$methods,$remark)
Prepares another row for assurance-page /pages/wot/6.php containing the methods of the assurance
:param string $text$: text
:param array(string) $methods: possible methods of assurance
:param string $remark: a possible remark to the assurance
.. php:function :: AssureInboxLine($type,$field,$value,$description)
Prepare an inBox line.
:param string $type: name of the information shown in line
:param string $field: readable name of the information of the line
:param string $value: value of the information
:param string $description: description/remarks to displayed the information
.. php:function :: AssureFoot($oldid,$confirm)
Prepares the footer of the assurance page /pages/wot/6.php.
:param int $oldid: field to hide containing the actual id of the dialog
:param string $confirm: text for confirmation
.. php:function :: account_email_delete($mailid)
Deletes an email entry from an acount, revolkes all certifcates for that email address. Uses :php:func: `revoke_all_client_cert` .
:param int $mailid: Id of the email address to be deleted
.. php:function :: account_domain_delete($domainid)
Deletes an domain entry from an acount, revolkes all certifcates for that domain address. Uses :php:func: `revoke_all_server_cert` .
:param int $domainid: Id of the domain to be deleted
.. php:function :: account_delete($id, $arbno, $adminid)
Deletes an account following the deleted account routnie V3 and change password (arbitration). Uses :php:func: `account_email_delete` , :php:func: `account_domain_delete` ,
:param int $id: Id of the account to be deleted
:param string $arbno: Arbitrationnumber that justifies the deletion.
:param int $adminid: ID of the administrator who fullfilled the deletion
.. php:function :: check_email_exists($email)
Checks if an email address exists.
:param string $email: Email address to be checked
:returns: * (bool): true if email exists; else false
.. php:function :: check_gpg_cert_running($uid,$cca=0)
Checks if a non-expired gpg certificatation exists.
:param int $uid: account ID to be checked for gpg certification
:param int $cca: 0 if just expired, =1 if CCA retention +3 month should be obeyed
:returns: * (bool) - true if a gpg certification exists; else false
.. php:function :: check_client_cert_running($uid,$cca=0)
Checks if a non-expired, non-revoked client certificate exists for an account.
:param int $uid: account ID to be checked for client certificates
:param int $cca: 0 if just expired, =1 if CCA retention +3 month should be obeyed
:returns: * (bool) - true if a client certificate exists; else false
.. php:function :: check_server_cert_running($uid,$cca=0)
Checks if a non-expired, non-revoked server certificate exists for an account.
:param int $uid: account ID to be checked for server certificates
:param int $cca: 0 if just expired, =1 if CCA retention +3 month should be obeyed
:returns: * (bool) - true if a server certificate exists; else false
.. php:function :: check_is_orgadmin($uid)
Checks if a given account is an organisation administrator.
:param int $uid: account ID to be checked as organisation administrator
:returns: * (bool) - true if the account belongs to an organisation administrator; else false
.. php:function :: revoke_all_client_cert($mailid)
Revokes all client certificates for a given email address.
:param int $mailid: ID of an email address.
.. php:function :: function revoke_all_server_cert($domainid)
Revokes all server certs for an domain.
:param int $domainid: ID of an domain.
.. php:function :: revoke_all_private_cert($uid)
Revokes all certificates linked to a personal accounts, gpg revokation needs to be added to a later point. Uses :php:func: `revoke_all_client_cert` , :php:func: `revoke_all_server_cert` .
:param int $uid: ID of the account whos certificates have to be rovoked
2018-11-13 18:53:51 +00:00
2018-11-27 11:36:49 +00:00
.. php:function :: check_date_format($date, $year=2000)
Checks if the date is entered in the right date format YYYY-MM-DD and if the date is after the 1st January of the given year
:param mixed $date: Date to check
:param integer $year: Year to check against
:returns: * (bool) - true if date is valid; false if not
.. php:function :: check_date_difference($date, $diff=1)
Checks if the given date is less or equal then today plus a given time difference
:param mixed $date: Date to be checked
:param integer $diff: difference in days (positive future, negative past) to add to the current date
:returns: * (bool) - returns false if the date is larger then today + time difference
.. php:function :: write_se_log($uid, $adminid, $type, $info)
Records all support engineer actions changing a user account writing the information to the adminlog.
:param int $uid: id of the user account
:param int $adminid: id of the admin
:param string $type: the operation that was performed on the user account
:param string $info: the ticket / arbitration number or other information
:returns: * (bool) - true := success, false := error
.. php:function :: valid_ticket_number($ticketno)
Check if the entered information is a valid ticket or arbitration number.
:param string $ticketno:
:returns: * (bool) -
.. php:function :: get_user_data($userid, $deleted=0)
Get all data of an account given by the id from the `users`
:param int $userid: account id
:param int $deleted: states if deleted data should be visible , default = 0 - not visible
:returns: * (resource) - a mysql result set
.. php:function :: get_alerts($userid)
Get the alert settings for a user (function for handling account/43.php)
:param int $userid: for the requested account
:returns: * (array) - associative array
.. php:function :: get_email_addresses($userid, $exclude, $deleted=0)
Get all email addresses linked to the account (should be entered in account/2.php)
:param int $userid:
:param string $exclude: if given the email address will be excluded
:param int $deleted: states if deleted data should be visible, default = 0 - not visible
:returns: * (resource) - a mysql result set
.. php:function :: get_domains($userid, $deleted=0)
Get all domains linked to the account (should be entered in account/9.php).
:param int $userid:
:param int $deleted: states if deleted data should be visible, default = 0 - not visible
:returns: * (resource) - a mysql result set
.. php:function :: get_training_results($userid)
Get all training results for the account (should be entered in account/55.php)
:param int $userid:
:returns: * (resource) - a mysql result set
.. php:function :: get_se_log($userid)
Get all SE log entries for the account
:param int $userid:
:returns: * (resource) - a mysql result set
.. php:function :: get_client_certs($userid, $viewall=0)
Get all client certificates linked to the account (add to account/5.php)
:param int $userid:
:param int $viewall: states if expired certs should be visible, default = 0 - not visible
:returns: * (resource) - a mysql result set
.. php:function :: get_server_certs($userid, $viewall=0)
Get all server certs linked to the account (add to account/12.php)
:param int $userid:
:param int $viewall: states if expired certs should be visible, default = 0 - not visible
:returns: * (resource - a mysql result set)
.. php:function :: get_gpg_certs($userid, $viewall=0)
Get all gpg certs linked to the account (add to gpg/2.php)
:param int $userid:
:param int $viewall: states if expired certs should be visible, default = 0 - not visible
:returns: * (resource) - a mysql result set
.. php:function :: output_log_email_header()
Show the table header to the email table for the admin log
.. php:function :: output_log_email($row, $primary)
Show all email data for the admin log
:param array $row: associative array containing the column data
:param string $primary: if given the primary address is highlighted
.. php:function :: output_log_domains_header()
Show the table header to the domains table for the admin log.
.. php:function :: output_log_domains($row)
Show the domain data for the admin log
:param array $row: associative array containing the column data
.. php:function :: output_log_agreement_header()
Show the table header to the user agreement table for the admin log.
.. php:function :: output_log_agreement($row)
Show the agreement data for the admin log.
:param array $row: associative array containing the column data
.. php:function :: output_log_training_header()
Show the table header to the training table (should be entered in account/55.php).
.. php:function :: output_log_training($row)
Show the training data (should be entered in account/55.php).
:param array $row: associative array containing the column data
.. php:function :: output_log_se_header($support=0)
Show the table header to the SE log table for the admin log.
:param int $support: if support = 1 more information is visible
.. php:function :: output_log_se($row, $support=0)
Show the SE log data for the admin log (should be entered in account/55.php)
:param array $row: associative array containing the column data
:param int $support: if support = 1 more information is visible
.. php:function :: output_client_cert_header($support=0, $readonly=true)
Shows the table header to the client cert table (should be added to account/5.php)
:param int $support: if support = 1 some columns ar not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true`
.. php:function :: output_client_cert($row, $support=0, $readonly=true)
Show the client cert data (should be entered in account/5.php)
:param array $row: associative array containing the column data
:param int $support: if support = 1 some columns are not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true`
.. php:function :: output_server_certs_header($support=0, $readonly=true)
Show the table header to the server cert table (should be entered in account/12.php)
:param int $support: if support = 1 some columns ar not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true`
.. php:function :: output_server_certs($row, $support=0, $readonly=true)
Show the server cert data (should be entered in account/12.php)
:param array $row: associative array containing the column data
:param int $support: if support = 1 some columns are not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true`
.. php:function :: output_gpg_certs_header($support=0, $readonly=true)
Show the table header to the gpg cert table.
:param int $support: if support = 1 some columns ar not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true` ($readonly is currently ignored but kept for consistency)
.. php:function :: output_gpg_certs($row, $support=0, $readonly=true)
Show the gpg cert data (should be entered in account/55.php)
:param array $row: associative array containing the column data
:param int $support: if support = 1 some columns are not visible
:param bool $readonly: whether elements to modify data should be hidden, default is `true`
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/shutdown.php
.. sourcefile :: includes/sponsorinfo.php
.. sourcefile :: includes/tverify_stuff.php
.. index :: includes/lib
.. index :: PHP
Directory :file: `includes/lib`
==============================
.. sourcefile :: includes/lib/account.php
2018-11-28 23:54:17 +00:00
:file: `include/lib/account.php` defines a function and a class for use by other precedures.
.. php:function :: fix_assurer_flag($userID = NULL)
Function to recalculate the cached Assurer status. Update Assurer-Flag on users table if 100 points and CATS passed. We may have some performance issues here if no userID is given there are ~150k assurances and ~220k users currently but the exists-clause on cats_passed should be a good filter.
:param int $userID: if the user ID is not given the flag will be recalculated for all users
:returns: * (bool) - false if there was an error on fixing the flag. This does NOT return the new value of the flag
.. php:class :: HashAlgorithms
Supported hash algorithms for signing certificates.
.. php:attr :: $default
Default hash algorithm identifier for signing
.. php:staticmethod :: getInfo()
Get display strings for the supported hash algorithms.
:returns: * (array(string=>array('name'=>string, 'info'=>string)))
#. [$hash_identifier]['name'] = Name that should be displayed in UI
#. [$hash_identifier]['info'] = Additional information that can help with the selection of a suitable algorithm
.. php:staticmethod :: clean($hash_identifier)
Check if the input is a supported hash algorithm identifier otherwise return the identifier of the default hash algorithm
:param string $hash_identifier:
:returns: * (string) - The cleaned identifier
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/lib/check_weak_key.php
2018-11-28 23:54:17 +00:00
:uses:
includes/lib/general.php
:file: `includes/lib/check_weak_key.php` does the checking of keys for vulnaribilities and therefore provides some functions to be used by other procedures.
.. php:function :: checkWeakKeyCSR($csr, $encoding = "PEM")
Checks whether the given CSR contains a vulnerable key.
This function uses:
:php:func: `checkWeakKeyText` ,
:php:func: `failWithId` ,
:php:func: `runCommand`
2018-12-03 12:37:14 +00:00
2018-11-28 23:54:17 +00:00
:param string $csr: The CSR to be checked
:param string [optional] $encoding: The encoding the CSR is in (for the "-inform" parameter of OpenSSL, currently only "PEM" (default) or "DER" allowed)
:returns: * (string) - containing the reason if the key is considered weak, empty string otherwise
.. php:function :: checkWeakKeyX509($cert, $encoding = "PEM")
Checks whether the given X509 certificate contains a vulnerable key.
This function uses:
:php:func: `checkWeakKeyText` ,
:php:func: `failWithId` ,
:php:func: `runCommand`
:param string $cert: The X509 certificate to be checked
:param string [optional] $encoding: The encoding the certificate is in (for the "-inform" parameter of OpenSSL, currently only "PEM" (default), "DER" or "NET" allowed)
:returns: * (string) - String containing the reason if the key is considered weak, empty string otherwise
.. php:function :: checkWeakKeySPKAC($spkac, $spkacname = "SPKAC")
Checks whether the given SPKAC certificate contains a vulnerable key.
This function uses:
:php:func: `checkWeakKeyText` ,
:php:func: `failWithId` ,
:php:func: `runCommand`
:param string $spkac: The SPKAC to be checked
:param string [optional] $spkacname: The name of the variable that contains the SPKAC. The default is "SPKAC"
:returns: * (string) - String containing the reason if the key is considered weak, empty string otherwise
.. php:function :: checkWeakKeyText($text)
Checks whether the given text representation of a CSR or a SPKAC contains a weak key.
This function uses:
:php:func: `checkDebianVulnerability` ,
:php:func: `failWithId` ,
:php:func: `runCommand`
:param string $text: The text representation of a key as output by the "openssl <foo> -text -noout" commands
:returns: * (string) - String containing the reason if the key is considered weak, empty string otherwise
.. php:function :: checkDebianVulnerability($text, $keysize = 0)
2018-12-03 12:37:14 +00:00
Reimplement the functionality of the openssl-vulnkey tool.
It triggers the exeptions:
:php:exc: `E_USER_NOTICE` ,
:php:exc: `E_USER_WARNING` ,
:php:exc: `E_USER_ERROR`
2018-11-28 23:54:17 +00:00
:param string $text: The text representation of a key as output by the "openssl <foo> -text -noout" commands
:param int [optional] $keysize: If the key size is already known it can be provided so it doesn't have to be parsed again. This also skips the check whether the key is an RSA key => use wisely.
:returns: * (mixed) - TRUE if key is vulnerable, FALSE otherwise, NULL in case of error
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/lib/general.php
2018-11-28 23:54:17 +00:00
:file: `includes/lib/general.php` provides the system with four functions.
2018-11-27 11:36:49 +00:00
.. php:function :: get_user_id_from_cert($serial, $issuer_cn)
Checks if the user may log in and retrieve the user id. Usually called with $_SERVER['SSL_CLIENT_M_SERIAL'] and $_SERVER['SSL_CLIENT_I_DN_CN']
:param string $serial: usually $_SERVER['SSL_CLIENT_M_SERIAL']
:param string $issuer_cn: usually $_SERVER['SSL_CLIENT_I_DN_CN']
:return: * (int) - the user id, -1 in case of error
.. php:function :: failWithId($errormessage)
Produces a log entry with the error message with log level E_USER_WARN and a random ID an returns a message that can be displayed to the user including the generated ID
:param $errormessage string: The error message that should be logged
:return: * (string) - containing the generated ID that can be displayed to the user
.. php:function :: runCommand($command, $input = "", &$output = null, &$errors = true)
Runs a command on the shell and return it's exit code and output
:param string $command: The command to run. Make sure that you escapeshellarg() any non-constant parts as this is executed on a shell!
:param string|bool $input: The input that is passed to the command via STDIN, if true the real STDIN is passed through
:param string|bool $output: The output the command wrote to STDOUT (this is passed as reference), if true the output will be written to the real STDOUT. Output is ignored by default
:param string|bool $errors: The output the command wrote to STDERR (this is passed as reference), if true (default) the output will be written to the real STDERR
:return: * (int|bool) - The exit code of the command, true if the execution of the command failed (true because then <code>if (runCommand('echo "foo"')) handle_error();</code> will work)
.. php:function :: get_assurer_status($userID)
Determine if the user with the passed userid is an assurer.
:param int $userid: id of the user to be checked.
2018-11-28 23:54:17 +00:00
:return: * (int) - 0 if user is an assurer; 3,7,11,15 if 100 ssurance points not reached; 5,7,13,15 if assurer test is missing; 9,11,13,15 if not allowed to be an assurer.
2018-11-27 11:36:49 +00:00
2018-11-10 15:57:13 +00:00
.. sourcefile :: includes/lib/l10n.php
2018-11-27 11:36:49 +00:00
:file: `includes/lib/l10n.php` defines the class L10n. Some methods use and manipulate the global variables:
.. php:global :: $_SESSION['_config']['language']
.. php:global :: $_SESSION['_config']['recode']
.. php:class :: L10n
2018-11-28 23:54:17 +00:00
.. php:attr :: $translations
An array of possible translations ("ISO-language code" => "native name of the language"). At the moment with values: "ar", "bg", "cs", "da", "de", "el", "en", "es", "fi", "fr", "hu", "it", "ja", "lv", "nl", "pl", "pt", "pt-br", "ru", "sv", "tr", "zh-cn", "zh-tw".
.. php:attr :: $locales
2018-11-27 11:36:49 +00:00
2018-11-28 23:54:17 +00:00
An array of allowed locales. Values at the moment: "ar_JO", "bg_BG", "cs_CZ", "da_DK", "de_DE", "el_GR", "en_US", "es_ES", "fa_IR", "fi_FI", "fr_FR", "he_IL", "hr_HR", "hu_HU", "id_ID", "is_IS", "it_IT", "ja_JP", "ka_GE", "ko_KR", "lv_LV", "nb_NO", "nl_NL", "pl_PL", "pt_PT", "pt_BR", "ro_RO", "ru_RU", "sl_SI", "sv_SE", "th_TH", "tr_TR", "uk_UA", "zh_CN", "zh_TW".
2018-11-27 11:36:49 +00:00
.. php:staticmethod :: detect_language()
It auto-detects the language that should be used and sets it. Only works for HTTP, not in a command line script. Priority:
#. explicit parameter "lang" passed in HTTP (e.g. via GET)
#. existing setting in the session (stick to the setting we had before)
#. auto-detect via the HTTP Accept-Language header sent by the user agent
Uses the global variables :php:global: `$_REQUEST["lang"]` , :php:global: `$_SERVER['HTTP_ACCEPT_LANGUAGE']` .
.. php:staticmethod :: normalise_translation($translation_code)
Normalise the translation code (e.g. from the old codes to the new)
:param string $translation_code: the translation code as specified in the keys of $translations
:return: * (string) - a translation code or the empty string if it can't be normalised
.. php:staticmethod :: get_translation()
Get the set translation. The method uses :php:global: `$_SESSION['_config']['language']`
:returns: * (string) - a translation code or the empty string if not set
.. php:staticmethod :: set_translation($translation_code)
Set the translation to use. Sets also the :php:global: `ENV LANG=` and if run in a session :php:global: `$_SESSION['_config']['language']` and :php:global: `$_SESSION['_config']['recode']` .
:param string $translation_code: the translation code as specified in the keys of {@link $translations}
:returns: * (bool) - true if the translation has been set successfully; false if the $translation_code was not contained in the white list or could not be set for other reasons (e.g. setlocale() failed because the locale has not been set up on the system - details will be logged)
.. php:staticmethod :: init_gettext($domain = 'messages')
Sets up the text domain used by gettext. Uses :php:global: `$_SESSION['_config']['filepath']` and appends '/locale'.
:param string $domain: the gettext domain that should be used, defaults to "messages"
.. php:staticmethod :: set_recipient_language($accountid)
Returns the language of a recipient to make sure that the language is correct
:param int $accountid: accountnumber of the recipient
