2004-10-16 00:28:17 +00:00
< ? /*
Copyright ( C ) 2004 by Duane Groth < duane_at_CAcert_dot_org >
This file is part of CAcert .
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address :
http :// www . cacert . org / src - lic . php
CAcert is distributed WITHOUT ANY WARRANTY ; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE . See the License for more details .
*/ ?>
< ?
2004-11-10 06:12:43 +00:00
require_once ( " ../includes/loggedin.php " );
2004-10-16 00:28:17 +00:00
loadem ( " account " );
if (( $id == 5 || $oldid == 5 || $id == 6 || $oldid == 6 ) && $_SESSION [ 'profile' ][ 'points' ] < 100 )
{
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " You don't have access to view these pages. " ) . " </p> " ;
showfooter ();
exit ;
}
if ( $oldid == 6 && intval ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]) <= 0 )
{
unset ( $oldid );
$id = 5 ;
}
if ( $oldid == 5 )
{
2004-11-03 01:45:21 +00:00
$query = " select * from `users` where `email`=' " . mysql_escape_string ( stripslashes ( $_POST [ 'email' ])) . " ' " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) != 1 )
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " I'm sorry, there was no email matching what you entered in the system. Please double check your information. " );
} else {
$_SESSION [ '_config' ][ 'notarise' ] = mysql_fetch_assoc ( $res );
}
}
if ( $oldid == 5 || $oldid == 6 )
{
if ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] == $_SESSION [ 'profile' ][ 'id' ])
{
$id = 5 ;
unset ( $oldid );
2004-10-24 01:46:49 +00:00
$_SESSION [ '_config' ][ 'error' ] = _ ( " You are never allowed to Assure yourself! " );
2004-10-16 00:28:17 +00:00
}
}
if ( $oldid == 5 || $oldid == 6 )
{
$query = " select * from `notary` where `from`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' and
`to` = '".$_SESSION[' _config '][' notarise '][' id ']."' " ;
2004-11-30 23:31:18 +00:00
$_SESSION [ '_config' ][ 'alreadydone' ] = 0 ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
2004-10-31 04:22:52 +00:00
if ( mysql_num_rows ( $res ) > 0 && $_SESSION [ 'profile' ][ 'points' ] <= 150 )
2004-10-16 00:28:17 +00:00
{
$id = 5 ;
unset ( $oldid );
2004-10-24 01:46:49 +00:00
$_SESSION [ '_config' ][ 'error' ] = _ ( " You are only allowed to Assure someone once! " );
2004-10-16 00:28:17 +00:00
} elseif ( $oldid == 5 ) {
$id = 6 ;
}
2004-11-30 23:31:18 +00:00
if ( $id == 6 && mysql_num_rows ( $res ) > 0 )
{
$_SESSION [ '_config' ][ 'alreadydone' ] = 1 ;
}
unset ( $_SESSION [ '_config' ][ 'pointsalready' ]);
2005-03-12 19:40:24 +00:00
if ( $id == 6 && $_SESSION [ 'profile' ][ 'points' ] >= 100 )
2004-11-30 23:31:18 +00:00
{
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] . " ' group by `to` " ;
$res = mysql_query ( $query );
$drow = mysql_fetch_assoc ( $res );
$_SESSION [ '_config' ][ 'pointsalready' ] = $drow [ 'total' ];
}
2005-03-12 19:40:24 +00:00
unset ( $_SESSION [ '_config' ][ 'verified' ]);
if ( $id == 6 && $_SESSION [ 'profile' ][ 'points' ] >= 100 )
{
$query = " select `verified` from `users` where `id`=' " . $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] . " ' " ;
$res = mysql_query ( $query );
$drow = mysql_fetch_assoc ( $res );
$_SESSION [ '_config' ][ 'verified' ] = $drow [ 'verified' ];
}
2004-10-16 00:28:17 +00:00
}
if ( $oldid == 6 )
{
2004-10-16 16:22:33 +00:00
if ( $_POST [ 'assertion' ] != 1 || $_POST [ 'rules' ] != 1 )
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " );
}
2005-02-16 18:11:53 +00:00
if ( $_POST [ 'certify' ] != 1 && $_SESSION [ 'profile' ][ 'board' ] != 1 )
2004-10-16 00:28:17 +00:00
{
$id = $oldid ;
unset ( $oldid );
$_SESSION [ '_config' ][ 'error' ] = _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " );
}
}
2005-02-16 18:11:53 +00:00
if ( $oldid == 6 && $_SESSION [ 'profile' ][ 'board' ] != 1 )
2004-10-16 00:28:17 +00:00
{
2004-12-03 23:19:04 +00:00
if ( $_POST [ 'location' ] == " " )
2004-10-16 00:28:17 +00:00
{
$id = $oldid ;
unset ( $oldid );
2004-12-03 23:19:04 +00:00
$_SESSION [ '_config' ][ 'error' ] = _ ( " You failed to enter a location of your meeting. " );
2004-10-16 00:28:17 +00:00
}
}
if ( $oldid == 6 )
{
$max = maxpoints ();
2005-02-16 18:11:53 +00:00
$newpoints = intval ( $_POST [ 'points' ]);
if ( $newpoints > $max )
$newpoints = $max ;
2004-10-16 00:28:17 +00:00
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] . " ' group by `to` " ;
$res = mysql_query ( $query );
$drow = mysql_fetch_assoc ( $res );
2005-01-02 03:39:11 +00:00
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 && $drow [ 'total' ] > 150 )
2005-01-02 03:39:11 +00:00
{
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " You tried to give a temporary points increase to someone that already has more then 150 points. Can't continue. " ) . " </p> " ;
showfooter ();
exit ;
}
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 && intval ( $_POST [ 'sponsor' ]) <= 0 )
2005-01-03 01:03:03 +00:00
{
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " You didn't list a valid sponsor for this action. " ) . " </p> " ;
showfooter ();
exit ;
}
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 && intval ( $_POST [ 'sponsor' ]) > 0 )
2005-01-03 01:03:03 +00:00
{
2005-02-16 18:11:53 +00:00
$resc = mysql_query ( " select * from `users` where `id`=' " . intval ( $_POST [ 'sponsor' ]) . " ' and `board`='1' " );
2005-01-03 01:03:03 +00:00
$rc = mysql_num_rows ( $resc );
$sponsor = mysql_fetch_assoc ( $resc );
if ( $rc <= 0 )
{
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " You listed an invalid sponsor for this action. " ) . " </p> " ;
showfooter ();
exit ;
}
}
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 )
2005-01-02 03:39:11 +00:00
{
$_POST [ 'method' ] == " Administrative Increase " ;
2005-02-16 18:11:53 +00:00
$newpoints = 200 - $drow [ 'total' ];
2005-01-03 01:03:03 +00:00
if ( intval ( $_POST [ 'expire' ]) > 45 )
$_POST [ 'expire' ] = 45 ;
2005-02-16 18:11:53 +00:00
if ( intval ( $_POST [ 'expire' ]) <= 7 )
$_POST [ 'expire' ] = 7 ;
2005-01-02 03:39:11 +00:00
} else {
$_POST [ 'expire' ] = 0 ;
2005-02-16 18:11:53 +00:00
if (( $drow [ 'total' ] + $newpoints ) > 100 && $max < 100 )
$newpoints = 100 - $drow [ 'total' ];
if (( $drow [ 'total' ] + $newpoints ) > $max && $max >= 100 )
$newpoints = $max - $drow [ 'total' ];
if ( $newpoints < 0 )
$newpoints = 0 ;
2005-01-02 03:39:11 +00:00
}
2004-10-31 07:08:42 +00:00
2004-11-03 01:45:21 +00:00
if ( mysql_escape_string ( stripslashes ( $_POST [ 'date' ])) == " " )
2004-10-31 07:08:42 +00:00
$_POST [ 'date' ] = date ( " Y-m-d H:i:s " );
2004-10-16 00:28:17 +00:00
$query = " insert into `notary` set `from`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ',
`to` = '".$_SESSION[' _config '][' notarise '][' id ']."' ,
2005-02-16 18:11:53 +00:00
`points` = '$newpoints' ,
2004-11-03 01:45:21 +00:00
`location` = '".mysql_escape_string(stripslashes($_POST[' location ']))."' ,
2004-12-02 11:42:34 +00:00
`date` = '".mysql_escape_string(stripslashes($_POST[' date ']))."' ,
`when` = NOW () " ;
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 )
2005-01-02 03:39:11 +00:00
{
2005-01-03 01:03:03 +00:00
$query .= " , \n `method`='Temporary Increase' " ;
2005-01-02 03:39:11 +00:00
$query .= " , \n `expire`=DATE_ADD(NOW(), INTERVAL ' " . intval ( $_POST [ 'expire' ]) . " ' DAY) " ;
2005-01-03 01:03:03 +00:00
$query .= " , \n `sponsor`=' " . intval ( $_POST [ 'sponsor' ]) . " ' " ;
2005-02-16 18:11:53 +00:00
} else if ( $_SESSION [ 'profile' ][ 'board' ] == 1 ) {
2004-11-03 01:45:21 +00:00
$query .= " , \n `method`=' " . mysql_escape_string ( stripslashes ( $_POST [ 'method' ])) . " ' " ;
2005-01-02 03:39:11 +00:00
}
2004-10-16 00:28:17 +00:00
mysql_query ( $query );
2004-10-31 07:08:42 +00:00
if ( $_SESSION [ 'profile' ][ 'points' ] < 150 )
2004-10-31 01:25:51 +00:00
{
$query = " insert into `notary` set `from`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ',
`to` = '".$_SESSION[' profile '][' id ']."' ,
`points` = '2' ,
2004-11-03 01:45:21 +00:00
`location` = '".mysql_escape_string(stripslashes($_POST[' location ']))."' ,
`date` = '".mysql_escape_string(stripslashes($_POST[' date ']))."' ,
2004-12-02 11:42:34 +00:00
`method` = 'Administrative Increase' ,
`when` = NOW () " ;
2004-10-31 01:25:51 +00:00
mysql_query ( $query );
2004-10-31 07:08:42 +00:00
$_SESSION [ 'profile' ][ 'points' ] += 2 ;
2004-10-31 01:25:51 +00:00
}
2004-10-16 00:28:17 +00:00
2004-10-16 15:41:39 +00:00
if ( $_SESSION [ '_config' ][ 'notarise' ][ 'language' ] != " " )
{
$userlang = $_SESSION [ '_config' ][ 'notarise' ][ 'language' ];
2005-01-02 03:39:11 +00:00
putenv ( " LANG= " . $userlang );
setlocale ( LC_ALL , $$userlang );
2004-10-16 15:41:39 +00:00
}
2004-10-31 01:25:51 +00:00
$body = sprintf ( _ ( " You are receiving this email because you have been assured by %s %s (%s). " ), $_SESSION [ 'profile' ][ 'fname' ], $_SESSION [ 'profile' ][ 'lname' ], $_SESSION [ 'profile' ][ 'email' ]) . " \n \n " ;
2005-02-16 18:11:53 +00:00
if ( $_POST [ 'points' ] != $newpoints )
$body .= sprintf ( _ ( " You were issued %s points however the system has rounded this down to %s and you now have %s points in total. " ), $_POST [ 'points' ], $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
else
$body .= sprintf ( _ ( " You were issued %s points and you now have %s points in total. " ), $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
2004-10-16 00:28:17 +00:00
2005-02-16 18:11:53 +00:00
if (( $drow [ 'total' ] + $newpoints ) < 100 && ( $drow [ 'total' ] + $newpoints ) >= 50 )
2004-10-16 00:28:17 +00:00
{
$body .= _ ( " You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years. " ) . " \n \n " ;
}
2005-02-16 18:11:53 +00:00
if (( $drow [ 'total' ] + $newpoints ) >= 100 && $newpoints > 0 )
2004-10-16 00:28:17 +00:00
{
2004-10-24 01:46:49 +00:00
$body .= _ ( " You now have over 100 points and can start assuring others. " ) . " \n \n " ;
2004-10-16 00:28:17 +00:00
}
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 )
2005-01-02 03:39:11 +00:00
$body .= sprintf ( _ ( " Please Note: this is a temporary increase for %s days only. After that time your points will be reduced to 150 points. " ), intval ( $_POST [ 'expire' ])) . " \n \n " ;
2004-12-30 22:16:58 +00:00
$body .= _ ( " Best regards " ) . " \n " ;
2004-10-16 00:28:17 +00:00
$body .= _ ( " CAcert Support Team " );
2004-12-09 01:48:16 +00:00
sendmail ( $_SESSION [ '_config' ][ 'notarise' ][ 'email' ], " [CAcert.org] " . _ ( " You've been Assured. " ), $body , " support@cacert.org " , " returns@cacert.org " , " " , " CAcert Website " );
2004-10-16 15:41:39 +00:00
putenv ( " LANG= " . $_SESSION [ '_config' ][ 'language' ]);
setlocale ( LC_ALL , $_SESSION [ '_config' ][ 'language' ]);
2004-10-16 00:28:17 +00:00
2004-10-31 01:25:51 +00:00
$body = sprintf ( _ ( " You are receiving this email because you have assured %s %s (%s). " ), $_SESSION [ '_config' ][ 'notarise' ][ 'fname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'lname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'email' ]) . " \n \n " ;
2005-02-16 18:11:53 +00:00
if ( $_POST [ 'points' ] != $newpoints )
$body .= sprintf ( _ ( " You issued %s points however the system has rounded this down to %s and they now have %s points in total. " ), $_POST [ 'points' ], $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
else
$body .= sprintf ( _ ( " You issued %s points and they now have %s points in total. " ), $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 )
2005-01-02 03:39:11 +00:00
$body .= sprintf ( _ ( " Please Note: this is a temporary increase for %s days only. After that time their points will be reduced to 150 points. " ), intval ( $_POST [ 'expire' ])) . " \n \n " ;
2004-12-30 22:16:58 +00:00
$body .= _ ( " Best regards " ) . " \n " ;
2004-10-16 00:28:17 +00:00
$body .= _ ( " CAcert Support Team " );
2004-12-09 01:48:16 +00:00
sendmail ( $_SESSION [ 'profile' ][ 'email' ], " [CAcert.org] " . _ ( " You've Assured Another Member. " ), $body , " support@cacert.org " , " returns@cacert.org " , " " , " CAcert Support " );
2004-10-16 00:28:17 +00:00
2005-02-16 18:11:53 +00:00
if ( $_SESSION [ 'profile' ][ 'board' ] == 1 && intval ( $_POST [ 'expire' ]) > 0 )
2005-01-02 03:39:11 +00:00
{
2005-01-03 01:03:03 +00:00
$body = sprintf ( " %s %s (%s) has issued a temporary increase to 200 points for %s %s (%s) for %s days. This action was sponsored by %s %s (%s). " , $_SESSION [ 'profile' ][ 'fname' ], $_SESSION [ 'profile' ][ 'lname' ], $_SESSION [ 'profile' ][ 'email' ], $_SESSION [ '_config' ][ 'notarise' ][ 'fname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'lname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'email' ], intval ( $_POST [ 'expire' ]), $sponsor [ 'fname' ], $sponsor [ 'lname' ], $sponsor [ 'email' ]) . " \n \n " ;
2005-01-02 03:39:11 +00:00
sendmail ( " cacert-board@lists.cacert.org " , " [CAcert.org] Temporary Increase Issued. " , $body , " website@cacert.org " , " returns@cacert.org " , " " , " CAcert Website " );
}
2004-10-16 00:28:17 +00:00
showheader ( _ ( " My CAcert.org Account! " ));
2004-10-24 01:46:49 +00:00
echo " <p> " . _ ( " Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this. " ) . " </p> " ;
2004-10-16 00:28:17 +00:00
showfooter ();
exit ;
}
if ( $oldid == 8 )
{
2004-11-03 01:45:21 +00:00
$info = mysql_escape_string ( strip_tags ( stripslashes ( $_POST [ 'contactinfo' ])));
2004-10-16 00:28:17 +00:00
$listme = intval ( $_POST [ 'listme' ]);
if ( $listme < 0 || $listme > 1 )
$listme = 0 ;
$_SESSION [ 'profile' ][ 'listme' ] = $listme ;
$_SESSION [ 'profile' ][ 'contactinfo' ] = $info ;
$query = " update `users` set `listme`=' $listme ',`contactinfo`=' $info ' where `id`=' " . $_SESSION [ 'profile' ][ 'id' ] . " ' " ;
mysql_query ( $query );
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Your account information has been updated. " ) . " </p> " ;
showfooter ();
exit ;
}
if ( $oldid == 9 && $_SESSION [ '_config' ][ 'user' ][ 'id' ] > 0 && $_SESSION [ 'profile' ][ 'id' ] > 0 )
{
$body = $_POST [ 'message' ];
$subject = $_POST [ 'subject' ];
2004-12-09 01:48:16 +00:00
sendmail ( $_SESSION [ '_config' ][ 'user' ][ 'email' ], " [CAcert.org] " . $_POST [ 'subject' ], $_POST [ 'message' ],
$_SESSION [ 'profile' ][ 'email' ], " returns@cacert.org " , " " , $_SESSION [ 'profile' ][ 'fname' ] . " " . $_SESSION [ 'profile' ][ 'lname' ]);
2004-10-16 00:28:17 +00:00
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Your email has been sent to " ) . $_SESSION [ '_config' ][ 'user' ][ 'fname' ] . " .</p> " ;
echo " <p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p> \n " ;
showfooter ();
exit ;
} elseif ( $oldid == 9 ) {
unset ( $oldid );
$error = _ ( " There was an error and I couldn't proceed " );
$id = 9 ;
}
showheader ( _ ( " My CAcert.org Account! " ));
includeit ( $id , " wot " );
showfooter ();
?>