cacert-webdb/pages/account/43.php

396 lines
16 KiB
PHP
Raw Normal View History

2004-10-28 02:13:59 +00:00
<? /*
2008-04-06 19:45:09 +00:00
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
2004-10-28 02:13:59 +00:00
2008-04-06 19:45:09 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
2004-10-28 02:13:59 +00:00
2008-04-06 19:45:09 +00:00
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
2004-10-28 02:13:59 +00:00
2008-04-06 19:45:09 +00:00
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
2004-10-28 02:13:59 +00:00
*/ ?>
<?
2008-09-05 15:31:11 +00:00
if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0)
2008-05-11 15:14:30 +00:00
{
2008-08-22 12:00:33 +00:00
$assurance = mysql_escape_string(intval($_REQUEST['assurance']));
2009-04-05 00:31:11 +00:00
$row = 0;
$res = mysql_query("select `to` from `notary` where `id`='$assurance'");
if ($res) {
$row = mysql_fetch_assoc($res);
}
mysql_query("delete from `notary` where `id`='$assurance'");
if ($row) {
fix_assurer_flag($row['to']);
}
2008-05-11 15:14:30 +00:00
}
2005-12-04 21:04:05 +00:00
2008-09-19 21:54:52 +00:00
if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
2008-05-11 15:14:30 +00:00
{
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
//Disabled to speed up the queries
//if(!strstr($email, "%"))
// $emailsearch = "%$email%";
2008-05-11 15:14:30 +00:00
if(intval($email) > 0)
$emailsearch = "";
2005-12-04 21:04:05 +00:00
2008-05-11 15:14:30 +00:00
$query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
where `users`.`id`=`email`.`memid` and
(`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
`email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
group by `users`.`id` limit 100";
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
2004-10-28 02:13:59 +00:00
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
</tr>
2005-12-04 21:04:05 +00:00
<tr>
<td class="DataTD"><?=_("User ID")?></td>
<td class="DataTD"><?=_("Email")?></td>
</tr>
2004-10-28 02:13:59 +00:00
<?
2008-05-11 15:14:30 +00:00
while($row = mysql_fetch_assoc($res))
{ ?>
2004-10-28 02:13:59 +00:00
<tr>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=intval($row['id'])?></a></td>
<td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
2004-10-28 02:13:59 +00:00
</tr>
<? } if(mysql_num_rows($res) >= 100) { ?>
<tr>
<td class="DataTD" colspan="2"><?=_("Only the first 100 rows are displayed.")?></td>
</tr>
<? } else { ?>
<tr>
<td class="DataTD" colspan="2"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
</tr>
2004-10-28 02:13:59 +00:00
<? } ?>
</table><br><br>
2008-05-11 15:14:30 +00:00
<? } elseif(mysql_num_rows($res) == 1) {
$row = mysql_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
2008-11-24 12:50:09 +00:00
printf(_("No users found matching %s"), sanitizeHTML($email));
2008-05-11 15:14:30 +00:00
}
}
2004-10-28 02:13:59 +00:00
2008-05-11 15:14:30 +00:00
if(intval($_REQUEST['userid']) > 0)
{
$id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
} else {
$row = mysql_fetch_assoc($res);
2008-11-23 05:01:21 +00:00
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."'";
2008-05-11 15:14:30 +00:00
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
2008-11-23 05:01:21 +00:00
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($row['id'])."'"));
2004-10-28 02:13:59 +00:00
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
2008-11-23 05:01:21 +00:00
<td colspan="5" class="title"><? printf(_("%s's Account Details"), sanitizeHTML($row['email'])); ?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("First Name")?>:</td>
<td class="DataTD"><form method="post" action="account.php" onSubmit="if(!confirm('Are you sure you want to modify this DOB and/or last name?')) return false;">
2008-09-07 22:01:52 +00:00
<input type="hidden" name="csrf" value="<?=make_csrf('admchangepers')?>" />
2008-11-23 05:01:21 +00:00
<input type="text" name="fname" value="<?=sanitizeHTML($row['fname'])?>"></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Middle Name")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="mname" value="<?=sanitizeHTML($row['mname'])?>"></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Last Name")?>:</td>
<td class="DataTD"> <input type="hidden" name="oldid" value="43">
2008-05-11 15:14:30 +00:00
<input type="hidden" name="action" value="updatedob">
2008-11-23 05:01:21 +00:00
<input type="hidden" name="userid" value="<?=intval($id)?>">
<input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>"></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Suffix")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="suffix" value="<?=sanitizeHTML($row['suffix'])?>"></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?>:</td>
2006-08-13 17:39:31 +00:00
<td class="DataTD">
2006-08-07 18:34:48 +00:00
<?
2008-05-11 15:14:30 +00:00
$year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?><nobr><select name="day">
2006-08-07 18:34:48 +00:00
<?
for($i = 1; $i <= 31; $i++)
{
echo "<option";
if($day == $i)
2008-09-03 17:43:31 +00:00
echo " selected='selected'";
2006-08-07 18:34:48 +00:00
echo ">$i</option>";
}
?>
</select>
<select name="month">
<?
for($i = 1; $i <= 12; $i++)
{
echo "<option value='$i'";
if($month == $i)
2008-09-03 17:43:31 +00:00
echo " selected='selected'";
2006-08-14 15:08:04 +00:00
echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))."</option>";
2006-08-07 18:34:48 +00:00
}
?>
</select>
<input type="text" name="year" value="<?=$year?>" size="4">
<input type="submit" value="Go"></form></nobr></td>
2004-10-28 02:13:59 +00:00
</tr>
2008-05-11 15:14:30 +00:00
<tr>
<td class="DataTD"><?=_("Trainings")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
2008-05-11 15:14:30 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Is Assurer")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;assurer=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admsetassuret')?>"><?=$row['assurer']?></a></td>
2008-05-11 15:14:30 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Blocked Assurer")?>:</td>
2008-11-23 20:58:27 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;assurer_blocked=<?=intval($row['id'])?>"><?=$row['assurer_blocked']?></a></td>
2008-05-11 15:14:30 +00:00
</tr>
2006-08-16 05:56:39 +00:00
<tr>
<td class="DataTD"><?=_("Account Locking")?>:</td>
2008-11-23 20:58:27 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;locked=<?=$row['id']?>&amp;csrf=<?=make_csrf('admactlock')?>"><?=$row['locked']?></a></td>
2006-08-16 05:56:39 +00:00
</tr>
2005-03-12 20:09:03 +00:00
<tr>
<td class="DataTD"><?=_("Code Signing")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;codesign=<?=$row['id']?>&amp;csrf=<?=make_csrf('admcodesign')?>"><?=$row['codesign']?></a></td>
2005-03-12 20:09:03 +00:00
</tr>
2006-11-27 02:02:09 +00:00
<tr>
<td class="DataTD"><?=_("Org Admin")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;orgadmin=<?=$row['id']?>&amp;csrf=<?=make_csrf('admorgadmin')?>"><?=$row['orgadmin']?></a></td>
2006-11-27 02:02:09 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("TTP Admin")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;ttpadmin=<?=$row['id']?>&amp;csrf=<?=make_csrf('admttpadmin')?>"><?=$row['ttpadmin']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location Admin")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;locadmin=<?=$row['id']?>"><?=$row['locadmin']?></a></td>
</tr>
2005-12-04 21:04:05 +00:00
<tr>
<td class="DataTD"><?=_("Admin")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;admin=<?=$row['id']?>&amp;csrf=<?=make_csrf('admsetadmin')?>"><?=$row['admin']?></a></td>
2005-12-04 21:04:05 +00:00
</tr>
2006-12-09 00:23:15 +00:00
<tr>
<td class="DataTD"><?=_("Ad Admin")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;adadmin=<?=$row['id']?>"><?=$row['adadmin']?></a> (0 = none, 1 = submit, 2 = approve)</td>
2006-12-09 00:23:15 +00:00
</tr>
2005-03-12 19:40:24 +00:00
<tr>
<td class="DataTD"><?=_("Tverify Account")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;tverify=<?=$row['id']?>"><?=$row['tverify']?></a></td>
2005-03-12 19:40:24 +00:00
</tr>
2006-08-16 17:53:18 +00:00
<tr>
<td class="DataTD"><?=_("General Announcements")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;general=<?=$row['id']?>"><?=$alerts['general']?></a></td>
2006-08-16 17:53:18 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Country Announcements")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;country=<?=$row['id']?>"><?=$alerts['country']?></a></td>
2006-08-16 17:53:18 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Regional Announcements")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;regional=<?=$row['id']?>"><?=$alerts['regional']?></a></td>
2006-08-16 17:53:18 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;radius=<?=$row['id']?>"><?=$alerts['radius']?></a></td>
2006-08-16 17:53:18 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Change Password")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><a href="account.php?id=44&amp;userid=<?=$row['id']?>"><?=_("Change Password")?></a></td>
</tr>
2004-12-07 13:21:06 +00:00
<tr>
<td class="DataTD"><?=_("Delete Account")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=50&amp;userid=<?=$row['id']?>&amp;csrf=<?=make_csrf('admdelaccount')?>"><?=_("Delete Account")?></a></td>
2004-12-07 13:21:06 +00:00
</tr>
2006-08-12 19:39:00 +00:00
<?
2008-05-11 15:14:30 +00:00
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
2008-09-05 15:31:11 +00:00
if(array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes") {
2006-08-12 19:39:00 +00:00
?>
2004-10-28 02:13:59 +00:00
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q1:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['Q1'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A1:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['A1'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q2:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['Q2'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A2:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['A2'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q3:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['Q3'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A3:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['A3'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q4:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['Q4'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A4:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['A4'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q5:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['Q5'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A5:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($row['A5'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
2008-09-05 15:31:11 +00:00
<? } else { ?>
<tr>
<td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;showlostpw=yes"><?=_("Show Lost Password Details")?></a></td>
</tr>
2006-08-07 22:55:24 +00:00
<? } ?>
2004-10-28 02:13:59 +00:00
<tr>
<td class="DataTD"><?=_("Assurance Points")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=intval($drow['points'])?></td>
2004-10-28 02:13:59 +00:00
</tr>
</table>
2004-12-02 11:34:07 +00:00
<br><?
2008-09-03 17:43:31 +00:00
$query = "select * from `email` where `memid`='".intval($row['id'])."' and `deleted`=0 and `hash`=''
and `email`!='".mysql_escape_string($row['email'])."'";
2008-05-11 15:14:30 +00:00
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
2004-12-02 11:34:07 +00:00
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Alternate Verified Email Addresses")?></td>
</tr><?
2008-05-11 15:14:30 +00:00
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
2004-12-02 11:34:07 +00:00
<tr>
<td class="DataTD"><?=_("Secondary Emails")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($drow['email'])?></td>
2004-12-02 11:34:07 +00:00
</tr>
<? } ?>
</table>
<br><? } ?>
<?
2008-09-04 13:46:19 +00:00
$query = "select * from `domains` where `memid`='".intval($row['id'])."' and `deleted`=0 and `hash`=''";
2008-05-11 15:14:30 +00:00
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
2004-12-02 11:34:07 +00:00
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Verified Domains")?></td>
</tr><?
2008-05-11 15:14:30 +00:00
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
2004-12-02 11:34:07 +00:00
<tr>
<td class="DataTD"><?=_("Domain")?>:</td>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($drow['domain'])?></td>
2004-12-02 11:34:07 +00:00
</tr>
<? } ?>
</table>
2004-10-31 07:08:42 +00:00
<br>
2004-12-02 11:34:07 +00:00
<? } ?>
2004-10-31 07:08:42 +00:00
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
2005-12-04 21:04:05 +00:00
<td colspan="6" class="title"><?=_("Your Assurance Points")?></td>
2004-10-31 07:08:42 +00:00
</tr>
<tr>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Points")?></b></td>
<td class="DataTD"><b><?=_("Location")?></b></td>
<td class="DataTD"><b><?=_("Method")?></b></td>
2005-12-04 21:04:05 +00:00
<td class="DataTD"><b><?=_("Revoke")?></b></td>
2004-10-31 07:08:42 +00:00
</tr>
<?
2008-09-03 17:43:31 +00:00
$query = "select * from `notary` where `to`='".intval($row['id'])."'";
2008-05-11 15:14:30 +00:00
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
2008-09-03 17:43:31 +00:00
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['from'])."'"));
2008-05-11 15:14:30 +00:00
$points += $drow['points'];
2004-10-31 07:08:42 +00:00
?>
<tr>
2008-09-03 17:43:31 +00:00
<td class="DataTD"><?=sanitizeHTML($drow['date'])?></td>
<td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($drow['from'])?>"><?=sanitizeHTML($fromuser['fname'])." ".sanitizeHTML($fromuser['lname'])?></td>
<td class="DataTD"><?=intval($drow['points'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
<td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
2004-10-31 07:08:42 +00:00
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
2005-12-04 21:04:05 +00:00
<td class="DataTD" colspan="3">&nbsp;</td>
2004-10-31 07:08:42 +00:00
</tr>
</table>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
2005-12-04 21:04:05 +00:00
<td colspan="6" class="title"><?=_("Assurance Points You Issued")?></td>
2004-10-31 07:08:42 +00:00
</tr>
<tr>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Points")?></b></td>
<td class="DataTD"><b><?=_("Location")?></b></td>
<td class="DataTD"><b><?=_("Method")?></b></td>
2005-12-04 21:04:05 +00:00
<td class="DataTD"><b><?=_("Revoke")?></b></td>
2004-10-31 07:08:42 +00:00
</tr>
<?
2008-05-11 15:14:30 +00:00
$query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
$points += $drow['points'];
2004-10-31 07:08:42 +00:00
?>
<tr>
<td class="DataTD"><?=$drow['date']?></td>
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['to']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>&amp;csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
2004-10-31 07:08:42 +00:00
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
2005-12-04 21:04:05 +00:00
<td class="DataTD" colspan="3">&nbsp;</td>
2004-10-31 07:08:42 +00:00
</tr>
</table>
<br><br>
2004-10-28 02:13:59 +00:00
<? } } ?>
2004-10-31 07:08:42 +00:00