cacert-testmgr/manager/application/controllers/ManageAccountController.php

<?php
/**
 * @author Michael Tänzer
 */

class ManageAccountController extends Zend_Controller_Action
{
    const MAX_POINTS_PER_ASSURANCE = 35;
    const MAX_ASSURANCE_POINTS = 100;
    
    protected $db;
    
    public function init()
    {
        $config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/application.ini',
            APPLICATION_ENV);

        $this->db = Zend_Db::factory($config->ca_mgr->db->auth->pdo,
    	    $config->ca_mgr->db->auth);
    }
    
    public function indexAction()
    {
        // Just render the view
        return;
    }
    
    public function assuranceAction()
    {
        // Validate form
        $form = $this->getAssuranceForm();
        if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
            $this->view->assurance_form = $form;
            return $this->render('assuranceform');
        }
        
        // Form is valid -> get values for processing
        $values = $form->getValues();
        
        
        // Check identity of the user
        $session = Zend_Registry::get('session');
        if ($session->authdata['authed'] !== true) {
            throw new Exception(__METHOD__ . ': you need to log in to use this feature');
        }
        $query = 'select `id` from `users` where `id` = :user';
        $query_params['user'] = $session->authdata['authed_id'];
        $result = $this->db->query($query, $query_params);
        if ($result->rowCount() !== 1) {
            throw new Exception(__METHOD__ . ': user ID not found in the data base');
        }
        $row = $result->fetch();
        $user['id'] = $row['id'];
        
        
        // Get current points of the user
        $query = 'select sum(`points`) as `total` from `notary` where `to` = :user';
        $query_params['user'] = $user['id'];
        $row = $this->db->query($query, $query_params)->fetch();
        if ($row['total'] === NULL) $row['total'] = 0;
        $user['points'] = $row['total'];
        
        
        // Do the actual assurances
        $assurance = array(); // Make sure the array is empty
        $assurance['to'] = $user['id'];
        $assurance['location'] = $values['location'];
        $assurance['date'] = $values['date'];
        $assurance['when'] = new Zend_Db_Expr('now()');
        $this->view->assurancesDone = array();
        
        $quantity = $values['quantity'];
        do {
            // split up into multiple assurances
            if ($quantity > self::MAX_POINTS_PER_ASSURANCE) {
                $assurance['awarded'] = self::MAX_POINTS_PER_ASSURANCE;
                $quantity -= self::MAX_POINTS_PER_ASSURANCE;
            } else {
                $assurance['awarded'] = $quantity;
                $quantity = 0;
            }
            
            // Get the assurer for this assurance
            $assurance['from'] = $this->getNewAssurer($user['id']);
            
            // only assign points whithin the limit
            if ($user['points'] + $assurance['awarded'] > self::MAX_ASSURANCE_POINTS){
                $assurance['points'] = self::MAX_ASSURANCE_POINTS - $user['points'];
            } else {
                $assurance['points'] = $assurance['awarded'];
            }
            
            $this->db->insert('notary', $assurance);
            
            $user['points'] += $assurance['points'];
            $this->view->assurancesDone[] = $assurance['points'];
        } while ($quantity > 0);
        
        
        // Fix the assurer flag
        $query = 'UPDATE `users` SET `assurer` = 1 WHERE `users`.`id` = :user AND '.
            
            'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
            'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
            '`cp`.`user_id` = :user) AND '.
            
		    '(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '.
		    '`expire` < now()) >= 100';
        $query_params['user'] = $user['id'];
        $this->db->query($query, $query_params);
        
        return;
    }
    
    /**
     * Get the first assurer who didn't already assure the user
     * 
     * @param int $user_id The ID of the user who should get assured
     * @return int The ID of the selected assurer
     */
    protected function getNewAssurer($user_id)
    {
        $query = 'select min(`id`) as `assurer` from `users` ' .
        	'where `email` like \'john.doe-___@example.com\' and ' .
            '`id` not in (select `from` from `notary` where `to` = :user)';
        $query_params['user'] = $user_id;
        $row = $this->db->query($query, $query_params)->fetch();
        
        if ($row['assurer'] === NULL) {
            throw new Exception(__METHOD__ . ': no more assurers that haven\'t '.
                'already assured this account');
        }
        
        return $row['assurer'];
    }
    
    protected function getAssuranceForm()
    {
        $form = new Zend_Form();
        $form->setAction('/add-points/assurance')->setMethod('post');
        
        $quantity = new Zend_Form_Element_Text('quantity');
        $quantity->setRequired(true)
                ->setLabel(I18n::_('Number of Points'))
                ->addFilter(new Zend_Filter_Int())
                ->addValidator(new Zend_Validate_Between(0, 100));
        $form->addElement($quantity);
        
        $location = new Zend_Form_Element_Text('location');
        $location->setRequired(true)
                ->setLabel(I18n::_('Location'))
                ->setValue(I18n::_('CAcert Test Manager'))
                ->addValidator(new Zend_Validate_StringLength(1,255));
        $form->addElement($location);
        
        $date = new Zend_Form_Element_Text('date');
        $date->setRequired(true)
            ->setLabel(I18n::_('Date of Assurance'))
            ->setValue(date('Y-m-d H:i:s'))
            ->addValidator(new Zend_Validate_StringLength(1,255));
        $form->addElement($date);
        
        $submit = new Zend_Form_Element_Submit('submit');
        $submit->setLabel(I18n::_('Assure Me'));
        $form->addElement($submit);
        
        return $form;
    }
}
Skeleton for AddPointsController Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`<?php`
			`/**`
			`* @author Michael Tänzer`
			`*/`

Rename AddPoints to ManageAccount The controller will contain all actions required to manage the test account Signed-off-by: Michael Tänzer <neo@nhng.de> 14 years ago			`class ManageAccountController extends Zend_Controller_Action`
Skeleton for AddPointsController Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`{`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`const MAX_POINTS_PER_ASSURANCE = 35;`
			`const MAX_ASSURANCE_POINTS = 100;`

			`protected $db;`

Skeleton for AddPointsController Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`public function init()`
			`{`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/application.ini',`
			`APPLICATION_ENV);`

			`$this->db = Zend_Db::factory($config->ca_mgr->db->auth->pdo,`
			`$config->ca_mgr->db->auth);`
Skeleton for AddPointsController Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`

			`public function indexAction()`
			`{`
Restructure to have the index action present an overview The index action should display an overview over the available actions Signed-off-by: Michael Tänzer <neo@nhng.de> 14 years ago			`// Just render the view`
			`return;`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`

			`public function assuranceAction()`
			`{`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`// Validate form`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$form = $this->getAssuranceForm();`
Restructure to have the index action present an overview The index action should display an overview over the available actions Signed-off-by: Michael Tänzer <neo@nhng.de> 14 years ago			`if (!$this->getRequest()->isPost() \|\| !$form->isValid($_POST)) {`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$this->view->assurance_form = $form;`
Restructure to have the index action present an overview The index action should display an overview over the available actions Signed-off-by: Michael Tänzer <neo@nhng.de> 14 years ago			`return $this->render('assuranceform');`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`

Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`// Form is valid -> get values for processing`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$values = $form->getValues();`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago

			`// Check identity of the user`
			`$session = Zend_Registry::get('session');`
			`if ($session->authdata['authed'] !== true) {`
			`throw new Exception(__METHOD__ . ': you need to log in to use this feature');`
			`}`
			$query = 'select `id` from `users` where `id` = :user';
			`$query_params['user'] = $session->authdata['authed_id'];`
			`$result = $this->db->query($query, $query_params);`
			`if ($result->rowCount() !== 1) {`
			`throw new Exception(__METHOD__ . ': user ID not found in the data base');`
			`}`
			`$row = $result->fetch();`
			`$user['id'] = $row['id'];`


			`// Get current points of the user`
			$query = 'select sum(`points`) as `total` from `notary` where `to` = :user';
			`$query_params['user'] = $user['id'];`
			`$row = $this->db->query($query, $query_params)->fetch();`
			`if ($row['total'] === NULL) $row['total'] = 0;`
			`$user['points'] = $row['total'];`


			`// Do the actual assurances`
			`$assurance = array(); // Make sure the array is empty`
			`$assurance['to'] = $user['id'];`
			`$assurance['location'] = $values['location'];`
			`$assurance['date'] = $values['date'];`
			`$assurance['when'] = new Zend_Db_Expr('now()');`
			`$this->view->assurancesDone = array();`

Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$quantity = $values['quantity'];`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`do {`
			`// split up into multiple assurances`
Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`if ($quantity > self::MAX_POINTS_PER_ASSURANCE) {`
Class constants have to be prefixed with self:: in PHP Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$assurance['awarded'] = self::MAX_POINTS_PER_ASSURANCE;`
Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$quantity -= self::MAX_POINTS_PER_ASSURANCE;`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`} else {`
Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$assurance['awarded'] = $quantity;`
			`$quantity = 0;`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`

A new Assurer has to be selected for every single assurance Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`// Get the assurer for this assurance`
			`$assurance['from'] = $this->getNewAssurer($user['id']);`

Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`// only assign points whithin the limit`
Class constants have to be prefixed with self:: in PHP Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`if ($user['points'] + $assurance['awarded'] > self::MAX_ASSURANCE_POINTS){`
			`$assurance['points'] = self::MAX_ASSURANCE_POINTS - $user['points'];`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`} else {`
			`$assurance['points'] = $assurance['awarded'];`
			`}`

			`$this->db->insert('notary', $assurance);`

			`$user['points'] += $assurance['points'];`
			`$this->view->assurancesDone[] = $assurance['points'];`
Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`} while ($quantity > 0);`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago

			`// Fix the assurer flag`
db->update() sucks for complicated where clauses Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			$query = 'UPDATE `users` SET `assurer` = 1 WHERE `users`.`id` = :user AND '.

			'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
			'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
			'`cp`.`user_id` = :user) AND '.

			'(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '.
			'`expire` < now()) >= 100';
			`$query_params['user'] = $user['id'];`
			`$this->db->query($query, $query_params);`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago
			`return;`
Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`

Refactor Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`/**`
			`* Get the first assurer who didn't already assure the user`
			`*`
			`* @param int $user_id The ID of the user who should get assured`
			`* @return int The ID of the selected assurer`
			`*/`
			`protected function getNewAssurer($user_id)`
			`{`
			$query = 'select min(`id`) as `assurer` from `users` ' .
			'where `email` like \'john.doe-___@example.com\' and ' .
			'`id` not in (select `from` from `notary` where `to` = :user)';
			`$query_params['user'] = $user_id;`
			`$row = $this->db->query($query, $query_params)->fetch();`

			`if ($row['assurer'] === NULL) {`
			`throw new Exception(__METHOD__ . ': no more assurers that haven\'t '.`
			`'already assured this account');`
			`}`

			`return $row['assurer'];`
			`}`

Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`protected function getAssuranceForm()`
			`{`
			`$form = new Zend_Form();`
			`$form->setAction('/add-points/assurance')->setMethod('post');`

			`$quantity = new Zend_Form_Element_Text('quantity');`
			`$quantity->setRequired(true)`
			`->setLabel(I18n::_('Number of Points'))`
			`->addFilter(new Zend_Filter_Int())`
			`->addValidator(new Zend_Validate_Between(0, 100));`
			`$form->addElement($quantity);`

Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$location = new Zend_Form_Element_Text('location');`
			`$location->setRequired(true)`
			`->setLabel(I18n::_('Location'))`
Proper capitalisation of "CAcert" Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`->setValue(I18n::_('CAcert Test Manager'))`
Flesh out AddPointsController - Implement procedure as in the live code (notification emails are not sent) - Add more elements to the form Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`->addValidator(new Zend_Validate_StringLength(1,255));`
			`$form->addElement($location);`

			`$date = new Zend_Form_Element_Text('date');`
			`$date->setRequired(true)`
			`->setLabel(I18n::_('Date of Assurance'))`
			`->setValue(date('Y-m-d H:i:s'))`
			`->addValidator(new Zend_Validate_StringLength(1,255));`
			`$form->addElement($date);`

Construct and display the AddPoints view * define input form (draft) * create the view and make it display the form * add a link to the view in the topNav Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`$submit = new Zend_Form_Element_Submit('submit');`
			`$submit->setLabel(I18n::_('Assure Me'));`
			`$form->addElement($submit);`

			`return $form;`
Skeleton for AddPointsController Signed-off-by: Michael Tänzer <neo@nhng.de> 15 years ago			`}`
			`}`