2004-10-16 00:28:17 +00:00
< ? /*
Copyright ( C ) 2004 by Duane Groth < duane_at_CAcert_dot_org >
This file is part of CAcert .
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address :
http :// www . cacert . org / src - lic . php
CAcert is distributed WITHOUT ANY WARRANTY ; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE . See the License for more details .
*/ ?>
< ?
if ( $_SERVER [ 'HTTP_HOST' ] == " secure.cacert.org " )
{
$query = " select * from `emailcerts` where `serial`=' " . mysql_escape_string ( $_SERVER [ 'SSL_CLIENT_M_SERIAL' ]) . " '
and `revoked` = 0 and UNIX_TIMESTAMP ( `expire` ) - UNIX_TIMESTAMP () > 0 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$row = mysql_fetch_assoc ( $res );
$_SESSION [ 'profile' ] = mysql_fetch_assoc ( mysql_query ( " select * from `users` where `id`=' $row[memid] ' " ));
$_SESSION [ 'profile' ][ 'loggedin' ] = 1 ;
} else {
$_SESSION [ 'profile' ][ 'loggedin' ] = 0 ;
unset ( $_SESSION [ '_config' ][ 'oldlocation' ]);
foreach ( $_GET as $key => $val )
{
if ( $_SESSION [ '_config' ][ 'oldlocation' ])
$_SESSION [ '_config' ][ 'oldlocation' ] .= " & " ;
$_SESSION [ '_config' ][ 'oldlocation' ] .= " $key = $val " ;
}
$_SESSION [ '_config' ][ 'oldlocation' ] = " wot.php? " . $_SESSION [ '_config' ][ 'oldlocation' ];
header ( " location: https:// " . $_SERVER [ 'HTTP_HOST' ] . " /index.php?id=4 " );
exit ;
}
} else if ( $_SERVER [ 'HTTP_HOST' ] == " secure.cacert.org " && $_SESSION [ 'profile' ][ 'id' ] > 0 ) {
$_SESSION [ 'profile' ] = mysql_fetch_assoc ( mysql_query ( " select * from `users` where `id`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' " ));
}
if ( $_SERVER [ 'HTTP_HOST' ] == " secure.cacert.org " && ( $_SESSION [ 'profile' ][ 'id' ] <= 0 || $_SESSION [ 'profile' ][ 'loggedin' ] == 0 ))
{
header ( " location: https://www.cacert.org " );
exit ;
}
2004-10-16 14:45:32 +00:00
if ( $_SERVER [ 'HTTP_HOST' ] == " secure.cacert.org " && $_SESSION [ 'profile' ][ 'id' ] > 0 )
{
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' group by `to` " ;
$res = mysql_query ( $query );
$row = mysql_fetch_assoc ( $res );
$_SESSION [ 'profile' ][ 'points' ] = $row [ 'total' ];
if ( $_SESSION [ 'profile' ][ 'language' ] == " " )
{
$query = " update `users` set `language`=' " . $_SESSION [ '_config' ][ 'language' ] . " '
where `id` = '".$_SESSION[' profile '][' id ']."' " ;
mysql_query ( $query );
2004-10-16 15:14:46 +00:00
} else {
$_SESSION [ '_config' ][ 'language' ] = $_SESSION [ 'profile' ][ 'language' ];
putenv ( " LANG= " . $_SESSION [ '_config' ][ 'language' ]);
setlocale ( LC_ALL , $_SESSION [ '_config' ][ 'language' ]);
$domain = 'messages' ;
bindtextdomain ( " $domain " , " /home/cacert/locale " );
textdomain ( " $domain " );
2004-10-16 14:45:32 +00:00
}
}
2004-10-16 00:28:17 +00:00
if ( $id == " logout " )
{
$_SESSION [ 'profile' ][ 'loggedin' ] = 0 ;
header ( " location: https:// " . $_SERVER [ 'HTTP_HOST' ] . " /index.php " );
exit ;
}
if ( $_SESSION [ 'profile' ][ 'loggedin' ] < 1 )
{
unset ( $_SESSION [ '_config' ][ 'oldlocation' ]);
foreach ( $_GET as $key => $val )
{
if ( $_SESSION [ '_config' ][ 'oldlocation' ])
$_SESSION [ '_config' ][ 'oldlocation' ] .= " & " ;
$_SESSION [ '_config' ][ 'oldlocation' ] .= " $key = $val " ;
}
$_SESSION [ '_config' ][ 'oldlocation' ] = " wot.php? " . $_SESSION [ '_config' ][ 'oldlocation' ];
header ( " location: https:// " . $_SERVER [ 'HTTP_HOST' ] . " /index.php?id=4 " );
exit ;
}
loadem ( " account " );
if (( $id == 5 || $oldid == 5 || $id == 6 || $oldid == 6 ) && $_SESSION [ 'profile' ][ 'points' ] < 100 )
{
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " You don't have access to view these pages. " ) . " </p> " ;
showfooter ();
exit ;
}
if ( $oldid == 6 && intval ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]) <= 0 )
{
unset ( $oldid );
$id = 5 ;
}
if ( $oldid == 5 )
{
$query = " select * from `users` where `email`=' " . mysql_escape_string ( $_POST [ 'email' ]) . " ' " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) != 1 )
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " I'm sorry, there was no email matching what you entered in the system. Please double check your information. " );
} else {
$_SESSION [ '_config' ][ 'notarise' ] = mysql_fetch_assoc ( $res );
}
}
if ( $oldid == 5 || $oldid == 6 )
{
if ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] == $_SESSION [ 'profile' ][ 'id' ])
{
$id = 5 ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You are never allowed to Notarise yourself! " );
}
}
if ( $oldid == 5 || $oldid == 6 )
{
$query = " select * from `notary` where `from`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' and
`to` = '".$_SESSION[' _config '][' notarise '][' id ']."' " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$id = 5 ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You are only allowed to Notarise someone once! " );
} elseif ( $oldid == 5 ) {
$id = 6 ;
}
}
if ( $oldid == 6 )
{
if ( $_POST [ 'certify' ] != 1 || $_POST [ 'assertion' ] != 1 || $_POST [ 'rules' ] != 1 )
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " );
}
}
if ( $oldid == 6 )
{
if ( $_POST [ 'location' ] == " " || $_POST [ 'date' ] == " " )
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You failed to enter a location and date of your meeting. " );
}
}
if ( $oldid == 6 )
{
$max = maxpoints ();
if ( $_POST [ 'points' ] > $max )
$_POST [ 'points' ] = $max ;
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] . " ' group by `to` " ;
$res = mysql_query ( $query );
$drow = mysql_fetch_assoc ( $res );
if (( $drow [ 'total' ] + $_POST [ 'points' ]) > 100 && $max < 100 )
$_POST [ 'points' ] = 100 - $drow [ 'total' ];
if (( $drow [ 'total' ] + $_POST [ 'points' ]) > $max && $max >= 100 )
$_POST [ 'points' ] = $max - $drow [ 'total' ];
if ( $_POST [ 'points' ] < 0 )
$_POST [ 'points' ] = 0 ;
$query = " insert into `notary` set `from`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ',
`to` = '".$_SESSION[' _config '][' notarise '][' id ']."' ,
`points` = '".intval($_POST[' points '])."' ,
`location` = '".mysql_escape_string($_POST[' location '])."' ,
`date` = '".mysql_escape_string($_POST[' date '])."' " ;
mysql_query ( $query );
$body = _ ( " You are receiving this email because you have been notarised by another member of the CAcert community. " ) . " \n \n " ;
$body .= _ ( sprintf ( " You were issued %s points and you now have %s points in total. " , $_POST [ 'points' ], ( $_POST [ 'points' ] + $drow [ 'total' ]))) . " \n \n " ;
if (( $drow [ 'total' ] + $_POST [ 'points' ]) < 100 && ( $drow [ 'total' ] + $_POST [ 'points' ]) >= 50 )
{
$body .= _ ( " You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years. " ) . " \n \n " ;
}
if (( $drow [ 'total' ] + $_POST [ 'points' ]) >= 100 && $_POST [ 'points' ] > 0 )
{
$body .= _ ( " You now have over 100 points and can start notarising others. " ) . " \n \n " ;
}
$body .= _ ( " Best Regards " ) . " \n " ;
$body .= _ ( " CAcert Support Team " );
mail ( $_SESSION [ '_config' ][ 'notarise' ][ 'email' ], " [CAcert.org] You've been Notarised. " , $body , " Errors-To: returns@cacert.org \n from: \" CAcert Support \" <duane@cacert.org> " );
$body = _ ( " You are receiving this email because you have notarised another member of the CAcert community. " ) . " \n \n " ;
$body .= _ ( sprintf ( " You issued them %s points and they now have %s points in total. " , $_POST [ 'points' ], ( $_POST [ 'points' ] + $drow [ 'total' ]))) . " \n \n " ;
$body .= _ ( " Best Regards " ) . " \n " ;
$body .= _ ( " CAcert Support Team " );
mail ( $_SESSION [ 'profile' ][ 'email' ], " [CAcert.org] You've Notarised Another Member. " , $body , " Errors-To: returns@cacert.org \n from: \" CAcert Support \" <duane@cacert.org> " );
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Shortly you and the person you were notarising will receive and email confirmation, there is no action on your behalf required to complete this. " ) . " </p> " ;
showfooter ();
exit ;
}
if ( $oldid == 8 )
{
$info = mysql_escape_string ( strip_tags ( $_POST [ 'contactinfo' ]));
$listme = intval ( $_POST [ 'listme' ]);
if ( $listme < 0 || $listme > 1 )
$listme = 0 ;
$_SESSION [ 'profile' ][ 'listme' ] = $listme ;
$_SESSION [ 'profile' ][ 'contactinfo' ] = $info ;
$query = " update `users` set `listme`=' $listme ',`contactinfo`=' $info ' where `id`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' " ;
mysql_query ( $query );
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Your account information has been updated. " ) . " </p> " ;
showfooter ();
exit ;
}
if ( $oldid == 9 && $_SESSION [ '_config' ][ 'user' ][ 'id' ] > 0 && $_SESSION [ 'profile' ][ 'id' ] > 0 )
{
$body = $_POST [ 'message' ];
$subject = $_POST [ 'subject' ];
2004-10-16 15:14:46 +00:00
mail ( $_SESSION [ '_config' ][ 'user' ][ 'email' ], " [CAcert.org] " . $_POST [ 'subject' ], $_POST [ 'message' ],
2004-10-16 00:28:17 +00:00
" Errors-To: returns@cacert.org \n " .
" From: ' " . $_SESSION [ 'profile' ][ 'fname' ] . " " . $_SESSION [ 'profile' ][ 'lname' ] . " ' < " .
$_SESSION [ 'profile' ][ 'email' ] . " > " );
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Your email has been sent to " ) . $_SESSION [ '_config' ][ 'user' ][ 'fname' ] . " .</p> " ;
echo " <p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p> \n " ;
showfooter ();
exit ;
} elseif ( $oldid == 9 ) {
unset ( $oldid );
$error = _ ( " There was an error and I couldn't proceed " );
$id = 9 ;
}
showheader ( _ ( " My CAcert.org Account! " ));
includeit ( $id , " wot " );
showfooter ();
?>