You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
cacert-webdb/www/wot.php

220 lines
7.8 KiB
PHTML

<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<?
require_once("../includes/loggedin.php");
loadem("account");
if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6) && $_SESSION['profile']['points'] < 100)
{
showheader(_("My CAcert.org Account!"));
echo "<p>"._("You don't have access to view these pages.")."</p>";
showfooter();
exit;
}
if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0)
{
unset($oldid);
$id = 5;
}
if($oldid == 5)
{
$query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'";
$res = mysql_query($query);
if(mysql_num_rows($res) != 1)
{
$id = $oldid;
unset($oldid);
$_SESSION['_config']['error'] = _("I'm sorry, there was no email matching what you entered in the system. Please double check your information.");
} else {
$_SESSION['_config']['notarise'] = mysql_fetch_assoc($res);
}
}
if($oldid == 5 || $oldid == 6)
{
if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id'])
{
$id = 5;
unset($oldid);
20 years ago
$_SESSION['_config']['error'] = _("You are never allowed to Assure yourself!");
}
}
if($oldid == 5 || $oldid == 6)
{
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and
`to`='".$_SESSION['_config']['notarise']['id']."'";
$res = mysql_query($query);
20 years ago
if(mysql_num_rows($res) > 0 && $_SESSION['profile']['points'] <= 150)
{
$id = 5;
unset($oldid);
20 years ago
$_SESSION['_config']['error'] = _("You are only allowed to Assure someone once!");
} elseif($oldid == 5) {
$id = 6;
}
}
if($oldid == 6)
{
20 years ago
if($_POST['assertion'] != 1 || $_POST['rules'] != 1)
{
$id = $oldid;
unset($oldid);
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
}
if($_POST['certify'] != 1 && $_SESSION['profile']['admin'] != 1)
{
$id = $oldid;
unset($oldid);
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
}
}
20 years ago
if($oldid == 6 && $_SESSION['profile']['admin'] != 1)
{
if($_POST['location'] == "" || $_POST['date'] == "")
{
$id = $oldid;
unset($oldid);
$_SESSION['_config']['error'] = _("You failed to enter a location and date of your meeting.");
}
}
if($oldid == 6)
{
$max = maxpoints();
if($_POST['points'] > $max)
$_POST['points'] = $max;
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
$res = mysql_query($query);
$drow = mysql_fetch_assoc($res);
if(($drow['total'] + $_POST['points']) > 100 && $max < 100)
$_POST['points'] = 100 - $drow['total'];
if(($drow['total'] + $_POST['points']) > $max && $max >= 100)
$_POST['points'] = $max - $drow['total'];
if($_POST['points'] < 0)
$_POST['points'] = 0;
20 years ago
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
20 years ago
$_POST['date'] = date("Y-m-d H:i:s");
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['_config']['notarise']['id']."',
`points`='".intval($_POST['points'])."',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
20 years ago
if($_SESSION['profile']['admin'] == 1)
$query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'";
mysql_query($query);
20 years ago
if($_SESSION['profile']['points'] < 150)
20 years ago
{
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['profile']['id']."',
`points`='2',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
20 years ago
`method`='Administrative Increase'";
mysql_query($query);
20 years ago
$_SESSION['profile']['points'] += 2;
20 years ago
}
20 years ago
if($_SESSION['_config']['notarise']['language'] != "")
{
$userlang = $_SESSION['_config']['notarise']['language'];
putenv("LANG=".$_SESSION['_config']['translations'][$userlang]);
setlocale(LC_ALL, $_SESSION['_config']['translations'][$userlang]);
}
20 years ago
$body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n";
$body .= sprintf(_("You were issued %s points and you now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
if(($drow['total'] + $_POST['points']) < 100 && ($drow['total'] + $_POST['points']) >= 50)
{
$body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n";
}
if(($drow['total'] + $_POST['points']) >= 100 && $_POST['points'] > 0)
{
20 years ago
$body .= _("You now have over 100 points and can start assuring others.")."\n\n";
}
$body .= _("Best Regards")."\n";
$body .= _("CAcert Support Team");
20 years ago
mail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "From: CAcert-Support <duane@cacert.org>");
20 years ago
putenv("LANG=".$_SESSION['_config']['language']);
setlocale(LC_ALL, $_SESSION['_config']['language']);
20 years ago
$body = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n";
$body .= sprintf(_("You issued them %s points and they now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
$body .= _("Best Regards")."\n";
$body .= _("CAcert Support Team");
20 years ago
mail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "From: CAcert-Support <duane@cacert.org>");
showheader(_("My CAcert.org Account!"));
20 years ago
echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";
showfooter();
exit;
}
if($oldid == 8)
{
$info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$listme = intval($_POST['listme']);
if($listme < 0 || $listme > 1)
$listme = 0;
$_SESSION['profile']['listme'] = $listme;
$_SESSION['profile']['contactinfo'] = $info;
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'";
mysql_query($query);
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Your account information has been updated.")."</p>";
showfooter();
exit;
}
if($oldid == 9 && $_SESSION['_config']['user']['id'] > 0 && $_SESSION['profile']['id'] > 0)
{
$body = $_POST['message'];
$subject = $_POST['subject'];
20 years ago
mail($_SESSION['_config']['user']['email'], "[CAcert.org] ".$_POST['subject'], $_POST['message'],
"From: '".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']."' <".
$_SESSION['profile']['email'].">");
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Your email has been sent to ").$_SESSION['_config']['user']['fname'].".</p>";
echo "<p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p>\n";
showfooter();
exit;
} elseif($oldid == 9) {
unset($oldid);
$error = _("There was an error and I couldn't proceed");
$id = 9;
}
showheader(_("My CAcert.org Account!"));
includeit($id, "wot");
showfooter();
?>