2004-10-16 00:28:17 +00:00
< ? /*
2008-04-06 19:45:09 +00:00
LibreSSL - CAcert web application
Copyright ( C ) 2004 - 2008 CAcert Inc .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; version 2 of the License .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 51 Franklin Street , Fifth Floor , Boston , MA 02110 - 1301 USA
2004-10-16 00:28:17 +00:00
*/ ?>
< ?
2012-01-24 14:26:05 +00:00
require_once ( " ../includes/loggedin.php " );
require_once ( " ../includes/lib/l10n.php " );
2013-09-06 15:21:06 +00:00
require_once ( " ../includes/notary.inc.php " );
2012-01-24 14:26:05 +00:00
2011-12-12 09:51:45 +00:00
function show_page ( $target , $message , $error )
{
showheader ( _ ( " My CAcert.org Account! " ));
if ( $error != " " )
$message = _ ( " ERROR " ) . " : " . $error ;
if ( $message != " " )
echo " <p><font color='orange' size='+1'> " . $message . " </font></p> " ;
switch ( $target )
{
case '0' :
case 'InfoPage' : includeit ( 0 , " wot " );
break ;
case '1' :
case 'ListByCity' : includeit ( 1 , " wot " );
break ;
case '2' :
case 'BecomeAssurer' : includeit ( 2 , " wot " );
break ;
case '3' :
case 'TrustRules' : includeit ( 3 , " wot " );
break ;
case '4' :
case 'ShowTTPInfo' : includeit ( 4 , " wot " );
break ;
case '5' ;
case 'EnterEmail' : includeit ( 5 , " wot " );
break ;
case '6' :
case 'VerifyData' : includeit ( 6 , " wot " );
break ;
// case '7':
// case '???': includeit(7, "wot");
// break;
case '8' :
case 'EnterMyInfo' : includeit ( 8 , " wot " );
break ;
case '9' :
case 'ContactAssurer' : includeit ( 9 , " wot " );
break ;
case '10' :
case 'MyPointsOld' : includeit ( 10 , " wot " );
break ;
// case '11':
// case 'OAInfo': includeit(11, "wot");
// break;
case '12' :
case 'SearchAssurer' : includeit ( 12 , " wot " );
break ;
case '13' :
case 'EnterMyCity' : includeit ( 13 , " wot " );
break ;
// case '14':
// case 'EnterEmail': includeit(14, "wot");
// break;
case '15' :
case 'MyPointsNew' : includeit ( 15 , " wot " );
break ;
}
showfooter ();
}
function send_reminder ()
{
$body = " " ;
2012-01-24 14:26:05 +00:00
$my_translation = L10n :: get_translation ();
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
$_SESSION [ '_config' ][ 'reminder-lang' ] = $_POST [ 'reminder-lang' ];
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
$reminder_translations [] = $_POST [ 'reminder-lang' ];
if ( ! in_array ( " en " , $reminder_translations , $strict = true ) ) {
$reminder_translations [] = " en " ;
}
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
foreach ( $reminder_translations as $translation ) {
L10n :: set_translation ( $translation );
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
$body .= L10n :: $translations [ $translation ] . " : \n \n " ;
2011-12-12 09:51:45 +00:00
$body .= sprintf ( _ ( " This is a short reminder that you filled out forms to become trusted with CAcert.org, and %s has attempted to issue you points. Please create your account at %s as soon as possible and then notify %s so that the points can be issued. " ), $_SESSION [ 'profile' ][ 'fname' ] . " ( " . $_SESSION [ 'profile' ][ 'email' ] . " ) " , " http://www.cacert.org " , $_SESSION [ 'profile' ][ 'fname' ]) . " \n \n " ;
$body .= _ ( " Best regards " ) . " \n " ;
2012-01-24 14:26:05 +00:00
$body .= _ ( " CAcert Support Team " ) . " \n \n " ;
2011-12-12 09:51:45 +00:00
}
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
L10n :: set_translation ( $reminder_translations [ 0 ]); // for the subject
2011-12-12 09:51:45 +00:00
sendmail ( $_POST [ 'email' ], " [CAcert.org] " . _ ( " Reminder Notice " ), $body , $_SESSION [ 'profile' ][ 'email' ], " " , " " , $_SESSION [ 'profile' ][ 'fname' ]);
2013-01-17 15:06:35 +00:00
2012-01-24 14:26:05 +00:00
L10n :: set_translation ( $my_translation );
2013-01-17 15:06:35 +00:00
2011-12-12 09:51:45 +00:00
$_SESSION [ '_config' ][ 'remindersent' ] = 1 ;
2012-01-24 14:26:05 +00:00
$_SESSION [ '_config' ][ 'error' ] = _ ( " A reminder notice has been sent. " );
2011-12-12 09:51:45 +00:00
}
2004-10-16 00:28:17 +00:00
loadem ( " account " );
2008-08-27 23:07:49 +00:00
if ( array_key_exists ( 'date' , $_POST ) && $_POST [ 'date' ] != " " )
2005-03-18 16:08:22 +00:00
$_SESSION [ '_config' ][ 'date' ] = $_POST [ 'date' ];
2008-08-27 23:07:49 +00:00
if ( array_key_exists ( 'location' , $_POST ) && $_POST [ 'location' ] != " " )
2005-03-18 16:08:22 +00:00
$_SESSION [ '_config' ][ 'location' ] = $_POST [ 'location' ];
2013-01-17 15:06:35 +00:00
$oldid = array_key_exists ( 'oldid' , $_REQUEST ) ? intval ( $_REQUEST [ 'oldid' ]) : 0 ;
2008-09-22 15:32:03 +00:00
2005-12-04 21:04:05 +00:00
if ( $oldid == 12 )
$id = $oldid ;
2013-09-06 15:21:06 +00:00
2013-04-24 13:13:08 +00:00
if ( $oldid == 4 )
{
if ( $_POST [ 'ttp' ] != '' ) {
//This mail does not need to be translated
$body = " Hi TTP adminstrators, \n \n " ;
$body .= " User " . $_SESSION [ 'profile' ][ 'fname' ] . " " .
2014-06-07 09:14:52 +00:00
$_SESSION [ 'profile' ][ 'lname' ] . " with email address ' " .
$_SESSION [ 'profile' ][ 'email' ] . " ' is requesting a TTP assurances for " .
mysql_escape_string ( stripslashes ( $_POST [ 'country' ])) . " . \n \n " ;
2013-04-24 13:13:08 +00:00
if ( $_POST [ 'ttptopup' ] == '1' ) {
$body .= " The user is also requesting TTP TOPUP. \n \n " ;
} else {
$body .= " The user is NOT requesting TTP TOPUP. \n \n " ;
}
$body .= " The user received " . intval ( $_SESSION [ 'profile' ][ 'points' ]) . " assurance points up to today. \n \n " ;
$body .= " Please start the TTP assurance process. " ;
sendmail ( " support@cacert.org " , " [CAcert.org] TTP request. " , $body , " support@cacert.org " , " " , " " , " CAcert Website " );
//This mail needs to be translated
$body = _ ( " You are receiving this email because you asked for TTP assurance. " ) . " \n \n " ;
if ( $_POST [ 'ttptopup' ] == '1' ) {
$body .= _ ( " You are requesting TTP TOPUP. " ) . " \n \n " ;
} else {
$body .= _ ( " You are NOT requesting TTP TOPUP. " ) . " \n \n " ;
}
$body .= _ ( " Best regards " ) . " \n " ;
$body .= _ ( " CAcert Support Team " );
sendmail ( $_SESSION [ 'profile' ][ 'email' ], " [CAcert.org] " . _ ( " You requested TTP assurances " ), $body , " support@cacert.org " , " " , " " , " CAcert Support " );
}
}
2005-12-04 21:04:05 +00:00
2009-04-05 00:31:50 +00:00
if (( $id == 5 || $oldid == 5 || $id == 6 || $oldid == 6 ))
2013-01-17 15:06:35 +00:00
if ( ! is_assurer ( $_SESSION [ 'profile' ][ 'id' ]))
2011-12-12 09:51:45 +00:00
{
show_page ( " Exit " , " " , get_assurer_reason ( $_SESSION [ 'profile' ][ 'id' ]));
exit ;
}
2004-10-16 00:28:17 +00:00
if ( $oldid == 6 && intval ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]) <= 0 )
{
2011-12-12 09:51:45 +00:00
show_page ( " EnterEmail " , " " , _ ( " Something went wrong. Please enter the email address again " ));
exit ;
2004-10-16 00:28:17 +00:00
}
2008-09-22 15:32:03 +00:00
if ( $oldid == 5 && array_key_exists ( 'reminder' , $_POST ) && $_POST [ 'reminder' ] != " " )
2005-03-20 17:07:33 +00:00
{
2011-12-12 09:51:45 +00:00
send_reminder ();
show_page ( " EnterEmail " , _ ( " A reminder notice has been sent. " ), " " );
exit ;
2005-03-20 17:07:33 +00:00
}
2004-10-16 00:28:17 +00:00
if ( $oldid == 5 )
{
2005-07-01 13:12:14 +00:00
$query = " select * from `users` where `email`=' " . mysql_escape_string ( stripslashes ( $_POST [ 'email' ])) . " ' and `deleted`=0 " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) != 1 )
{
2005-11-08 10:06:04 +00:00
$_SESSION [ '_config' ][ 'noemailfound' ] = 1 ;
2011-12-12 09:51:45 +00:00
show_page ( " EnterEmail " , " " , _ ( " I'm sorry, there was no email matching what you entered in the system. Please double check your information. " ));
exit ;
2013-01-17 15:06:35 +00:00
} else
2011-12-12 09:51:45 +00:00
{
$_SESSION [ '_config' ][ 'noemailfound' ] = 0 ;
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'notarise' ] = mysql_fetch_assoc ( $res );
2011-12-12 09:51:45 +00:00
if ( $_SESSION [ '_config' ][ 'notarise' ][ 'verified' ] == 0 )
{
show_page ( " EnterEmail " , " " , _ ( " User is not yet verified. Please try again in 24 hours! " ));
exit ;
}
2004-10-16 00:28:17 +00:00
}
2013-01-17 15:06:35 +00:00
$query = " select * from `users` where `email`=' " . mysql_escape_string ( stripslashes ( $_POST [ 'email' ])) . " ' and `locked`=1 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) >= 1 )
{
$_SESSION [ '_config' ][ 'noemailfound' ] = 0 ;
show_page ( " EnterEmail " , " " , _ ( " This account is locked and can not be assured. For more information ask support@cacert.org. " ));
exit ;
}
2004-10-16 00:28:17 +00:00
}
if ( $oldid == 5 || $oldid == 6 )
{
2011-12-12 09:51:45 +00:00
$id = 6 ;
// $oldid=0;
2008-09-22 15:32:03 +00:00
if ( array_key_exists ( 'cancel' , $_REQUEST ) && $_REQUEST [ 'cancel' ] != " " )
2006-08-16 19:35:58 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " EnterEmail " , " " , " " );
2006-08-16 19:35:58 +00:00
exit ;
}
2004-10-16 00:28:17 +00:00
if ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ] == $_SESSION [ 'profile' ][ 'id' ])
{
2011-12-12 09:51:45 +00:00
show_page ( " EnterEmail " , " " , _ ( " You are never allowed to Assure yourself! " ));
exit ;
2004-10-16 00:28:17 +00:00
}
2014-06-07 09:14:52 +00:00
$query = " select * from `notary` where `from`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' and
`to` = '".intval($_SESSION[' _config '][' notarise '][' id '])."' and `deleted` = 0 " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
2011-12-12 09:51:45 +00:00
if ( mysql_num_rows ( $res ) > 0 )
2005-03-12 19:40:24 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " EnterEmail " , " " , _ ( " You are only allowed to Assure someone once! " ));
exit ;
2005-03-12 19:40:24 +00:00
}
2004-10-16 00:28:17 +00:00
}
if ( $oldid == 6 )
{
2011-12-12 09:51:45 +00:00
$iecho = " c " ;
2013-09-06 15:21:06 +00:00
//date checks
if ( trim ( $_REQUEST [ 'date' ]) == '' )
{
show_page ( " VerifyData " , " " , _ ( " You must enter the date when you met the assuree. " ));
exit ;
}
if ( ! check_date_format ( trim ( $_REQUEST [ 'date' ])))
{
show_page ( " VerifyData " , " " , _ ( " You must enter the date in this format: YYYY-MM-DD. " ));
exit ;
}
if ( ! check_date_difference ( trim ( $_REQUEST [ 'date' ])))
{
show_page ( " VerifyData " , " " , _ ( " You must not enter a date in the future. " ));
exit ;
}
//proof of identity check and accept arbitration, implements CCA
2011-12-12 09:51:45 +00:00
if ( ! array_key_exists ( 'assertion' , $_POST ) || $_POST [ 'assertion' ] != 1 )
2004-10-16 16:22:33 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " VerifyData " , " " , _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " ));
exit ;
2004-10-16 16:22:33 +00:00
}
2013-09-06 15:21:06 +00:00
//proof of CCA agreement by assuree after 2010-01-01
if (( ! array_key_exists ( 'CCAAgreed' , $_POST ) || $_POST [ 'CCAAgreed' ] != 1 ) and ( check_date_format ( trim ( $_REQUEST [ 'date' ]), 2010 )))
{
show_page ( " VerifyData " , " " , _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " ));
exit ;
}
//assurance done according to rules
if ( ! array_key_exists ( 'rules' , $_POST ) || $_POST [ 'rules' ] != 1 )
2011-12-12 09:51:45 +00:00
{
show_page ( " VerifyData " , " " , _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " ));
exit ;
}
2013-09-06 15:21:06 +00:00
//met assuree in person, not appliciable for TTP / TTP Topup assurances
if (( ! array_key_exists ( 'certify' , $_POST ) || $_POST [ 'certify' ] != 1 ) && $_REQUEST [ 'method' ] != " Trusted 3rd Parties " )
2004-10-16 00:28:17 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " VerifyData " , " " , _ ( " You failed to check all boxes to validate your adherence to the rules and policies of CAcert " ));
exit ;
2004-10-16 00:28:17 +00:00
}
2013-09-06 15:21:06 +00:00
//check location, min 3 characters
if ( ! array_key_exists ( 'location' , $_POST ) || trim ( $_POST [ 'location' ]) == " " )
2004-10-16 00:28:17 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " VerifyData " , " " , _ ( " You failed to enter a location of your meeting. " ));
exit ;
}
2013-09-06 15:21:06 +00:00
if ( strlen ( trim ( $_REQUEST [ 'location' ])) <= 2 )
{
show_page ( " VerifyData " , " " , _ ( " You must enter a location with at least 3 characters eg town and country. " ));
exit ;
}
//check for points in range 0-35, for nucleus 35 + 15 temporary
if ( $_REQUEST [ 'points' ] == " " || ! is_numeric ( $_REQUEST [ 'points' ]))
2011-12-12 09:51:45 +00:00
{
show_page ( " VerifyData " , " " , _ ( " You must enter the number of points you wish to allocate to this person. " ));
exit ;
2004-10-16 00:28:17 +00:00
}
2013-09-06 15:21:06 +00:00
if ( $_REQUEST [ 'points' ] < 0 || ( $_REQUEST [ 'points' ] > 35 ))
{
show_page ( " VerifyData " , " " , _ ( " The number of points you entered are out of the range given by policy. " ));
exit ;
}
2014-06-07 09:14:52 +00:00
$query = " select * from `users` where `id`=' " . intval ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]) . " ' " ;
2005-07-14 19:56:28 +00:00
$res = mysql_query ( $query );
$row = mysql_fetch_assoc ( $res );
$name = $row [ 'fname' ] . " " . $row [ 'mname' ] . " " . $row [ 'lname' ] . " " . $row [ 'suffix' ];
2005-12-04 21:04:05 +00:00
if ( $_SESSION [ '_config' ][ 'wothash' ] != md5 ( $name . " - " . $row [ 'dob' ]) || $_SESSION [ '_config' ][ 'wothash' ] != $_REQUEST [ 'pagehash' ])
2005-07-14 19:56:28 +00:00
{
2011-12-12 09:51:45 +00:00
show_page ( " VerifyData " , " " , _ ( " Race condition discovered, user altered details during assurance procedure. PLEASE MAKE SURE THE NEW DETAILS BELOW MATCH THE ID DOCUMENTS. " ));
exit ;
2005-07-14 19:56:28 +00:00
}
}
2006-08-14 08:26:42 +00:00
2004-10-16 00:28:17 +00:00
if ( $oldid == 6 )
{
$max = maxpoints ();
2011-12-12 09:51:45 +00:00
$awarded = $newpoints = intval ( $_POST [ 'points' ]);
if ( $newpoints > $max )
$newpoints = $awarded = $max ;
if ( $newpoints < 0 )
$newpoints = $awarded = 0 ;
2013-01-17 15:06:35 +00:00
2014-06-07 09:14:52 +00:00
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . intval ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]) . " ' and `deleted` = 0 group by `to` " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
$drow = mysql_fetch_assoc ( $res );
2005-01-02 03:39:11 +00:00
2011-12-12 09:51:45 +00:00
$_POST [ 'expire' ] = 0 ;
2004-10-31 07:08:42 +00:00
2011-12-12 09:51:45 +00:00
if (( $drow [ 'total' ] + $newpoints ) > 100 && $max < 100 )
$newpoints = 100 - $drow [ 'total' ];
if (( $drow [ 'total' ] + $newpoints ) > $max && $max >= 100 )
$newpoints = $max - $drow [ 'total' ];
if ( $newpoints < 0 )
$newpoints = 0 ;
2013-01-17 15:06:35 +00:00
2014-06-07 09:14:52 +00:00
if ( mysql_real_escape_string ( stripslashes ( $_POST [ 'date' ])) == " " )
2004-10-31 07:08:42 +00:00
$_POST [ 'date' ] = date ( " Y-m-d H:i:s " );
2014-06-07 09:14:52 +00:00
$query = " select * from `notary` where `from`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' AND
`to` = '".intval($_SESSION[' _config '][' notarise '][' id '])."' AND
`awarded` = '".intval($awarded)."' AND
`location` = '".mysql_real_escape_string(stripslashes($_POST[' location ']))."' AND
`date` = '".mysql_real_escape_string(stripslashes($_POST[' date ']))."' AND
`deleted` = 0 " ;
2006-08-14 16:03:10 +00:00
$res = mysql_query ( $query );
2006-08-15 03:52:57 +00:00
if ( mysql_num_rows ( $res ) > 0 )
2006-08-14 16:03:10 +00:00
{
2013-09-06 15:21:06 +00:00
show_page ( " VerifyEmail " , " " , _ ( " Identical Assurance attempted, will not continue. " ));
2011-12-12 09:51:45 +00:00
exit ;
2006-08-14 16:03:10 +00:00
}
}
if ( $oldid == 6 )
{
2014-06-07 09:14:52 +00:00
$query = " insert into `notary` set `from`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ',
`to` = '".intval($_SESSION[' _config '][' notarise '][' id '])."' ,
`points` = '".intval($newpoints)."' , `awarded` = '".intval($awarded)."' ,
`location` = '".mysql_real_escape_string(stripslashes($_POST[' location ']))."' ,
`date` = '".mysql_real_escape_string(stripslashes($_POST[' date ']))."' ,
2004-12-02 11:42:34 +00:00
`when` = NOW () " ;
2013-09-06 15:21:06 +00:00
//record active acceptance by Assurer
if ( check_date_format ( trim ( $_REQUEST [ 'date' ]), 2010 )) {
2014-01-15 15:55:29 +00:00
write_user_agreement ( $_SESSION [ 'profile' ][ 'id' ], " CCA " , " assurance " , " Assuring " , 1 , $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]);
write_user_agreement ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ], " CCA " , " assurance " , " Being assured " , 0 , $_SESSION [ 'profile' ][ 'id' ]);
2013-09-06 15:21:06 +00:00
}
2013-06-26 11:00:43 +00:00
if ( $_SESSION [ 'profile' ][ 'ttpadmin' ] == 1 && ( $_POST [ 'method' ] == 'Trusted 3rd Parties' || $_POST [ 'method' ] == 'Trusted Third Parties' )) {
2013-01-17 14:55:28 +00:00
$query .= " , \n `method`='TTP-Assisted' " ;
2005-01-02 03:39:11 +00:00
}
2004-10-16 00:28:17 +00:00
mysql_query ( $query );
2009-04-05 00:31:50 +00:00
fix_assurer_flag ( $_SESSION [ '_config' ][ 'notarise' ][ 'id' ]);
2013-05-15 09:37:21 +00:00
include_once ( " ../includes/notary.inc.php " );
2013-01-17 15:06:35 +00:00
2004-10-31 07:08:42 +00:00
if ( $_SESSION [ 'profile' ][ 'points' ] < 150 )
2004-10-31 01:25:51 +00:00
{
2005-07-01 13:12:14 +00:00
$addpoints = 0 ;
if ( $_SESSION [ 'profile' ][ 'points' ] < 149 && $_SESSION [ 'profile' ][ 'points' ] >= 100 )
$addpoints = 2 ;
else if ( $_SESSION [ 'profile' ][ 'points' ] == 149 && $_SESSION [ 'profile' ][ 'points' ] >= 100 )
$addpoints = 1 ;
2014-06-07 09:14:52 +00:00
$query = " insert into `notary` set `from`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ',
`to` = '".intval($_SESSION[' profile '][' id '])."' ,
`points` = '".intval($addpoints)."' , `awarded` = '".intval($addpoints)."' ,
`location` = '".mysql_real_escape_string(stripslashes($_POST[' location ']))."' ,
`date` = '".mysql_real_escape_string(stripslashes($_POST[' date ']))."' ,
2004-12-02 11:42:34 +00:00
`method` = 'Administrative Increase' ,
`when` = NOW () " ;
2004-10-31 01:25:51 +00:00
mysql_query ( $query );
2013-05-15 09:37:21 +00:00
2009-04-05 00:31:50 +00:00
// No need to fix_assurer_flag here, this should only happen for assurers...
2005-07-01 13:12:14 +00:00
$_SESSION [ 'profile' ][ 'points' ] += $addpoints ;
2004-10-31 01:25:51 +00:00
}
2004-10-16 00:28:17 +00:00
2012-01-24 14:26:05 +00:00
$my_translation = L10n :: get_translation ();
L10n :: set_translation ( $_SESSION [ '_config' ][ 'notarise' ][ 'language' ]);
2013-01-17 15:06:35 +00:00
2004-10-31 01:25:51 +00:00
$body = sprintf ( _ ( " You are receiving this email because you have been assured by %s %s (%s). " ), $_SESSION [ 'profile' ][ 'fname' ], $_SESSION [ 'profile' ][ 'lname' ], $_SESSION [ 'profile' ][ 'email' ]) . " \n \n " ;
2005-02-16 18:11:53 +00:00
if ( $_POST [ 'points' ] != $newpoints )
$body .= sprintf ( _ ( " You were issued %s points however the system has rounded this down to %s and you now have %s points in total. " ), $_POST [ 'points' ], $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
else
$body .= sprintf ( _ ( " You were issued %s points and you now have %s points in total. " ), $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
2004-10-16 00:28:17 +00:00
2005-02-16 18:11:53 +00:00
if (( $drow [ 'total' ] + $newpoints ) < 100 && ( $drow [ 'total' ] + $newpoints ) >= 50 )
2004-10-16 00:28:17 +00:00
{
$body .= _ ( " You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years. " ) . " \n \n " ;
}
2005-02-16 18:11:53 +00:00
if (( $drow [ 'total' ] + $newpoints ) >= 100 && $newpoints > 0 )
2004-10-16 00:28:17 +00:00
{
2013-04-24 13:13:08 +00:00
$body .= _ ( " You have at least 100 Assurance Points, if you want to become an assurer try the Assurer Challenge " ) . " ( https://cats.cacert.org ) \n \n " ;
$body .= _ ( " To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to: " ) . " \n " ;
2005-05-13 15:34:39 +00:00
$body .= " https://www.cacert.org/wot.php?id=8 \n \n " ;
2012-11-01 13:57:40 +00:00
$body .= _ ( " You can list your location by going to: " ) . " \n " ;
2007-02-23 21:21:18 +00:00
$body .= " https://www.cacert.org/wot.php?id=13 \n \n " ;
2004-10-16 00:28:17 +00:00
}
2004-12-30 22:16:58 +00:00
$body .= _ ( " Best regards " ) . " \n " ;
2004-10-16 00:28:17 +00:00
$body .= _ ( " CAcert Support Team " );
2005-05-23 01:53:59 +00:00
sendmail ( $_SESSION [ '_config' ][ 'notarise' ][ 'email' ], " [CAcert.org] " . _ ( " You've been Assured. " ), $body , " support@cacert.org " , " " , " " , " CAcert Website " );
2004-10-16 15:41:39 +00:00
2012-01-24 14:26:05 +00:00
L10n :: set_translation ( $my_translation );
2004-10-16 00:28:17 +00:00
2004-10-31 01:25:51 +00:00
$body = sprintf ( _ ( " You are receiving this email because you have assured %s %s (%s). " ), $_SESSION [ '_config' ][ 'notarise' ][ 'fname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'lname' ], $_SESSION [ '_config' ][ 'notarise' ][ 'email' ]) . " \n \n " ;
2005-02-16 18:11:53 +00:00
if ( $_POST [ 'points' ] != $newpoints )
$body .= sprintf ( _ ( " You issued %s points however the system has rounded this down to %s and they now have %s points in total. " ), $_POST [ 'points' ], $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
else
$body .= sprintf ( _ ( " You issued %s points and they now have %s points in total. " ), $newpoints , ( $newpoints + $drow [ 'total' ])) . " \n \n " ;
2004-12-30 22:16:58 +00:00
$body .= _ ( " Best regards " ) . " \n " ;
2004-10-16 00:28:17 +00:00
$body .= _ ( " CAcert Support Team " );
2005-05-23 01:53:59 +00:00
sendmail ( $_SESSION [ 'profile' ][ 'email' ], " [CAcert.org] " . _ ( " You've Assured Another Member. " ), $body , " support@cacert.org " , " " , " " , " CAcert Support " );
2004-10-16 00:28:17 +00:00
showheader ( _ ( " My CAcert.org Account! " ));
2004-10-24 01:46:49 +00:00
echo " <p> " . _ ( " Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this. " ) . " </p> " ;
2005-11-08 10:06:04 +00:00
?> <form method="post" action="wot.php">
< table align = " center " valign = " middle " border = " 0 " cellspacing = " 0 " cellpadding = " 0 " class = " wrapper " >
2013-09-06 15:21:06 +00:00
< tr >
< td colspan = " 2 " class = " title " >< ? = _ ( " Assure Someone " ) ?> </td>
</ tr >
< tr >
< td class = " DataTD " >< ? = _ ( " Email " ) ?> :</td>
< td class = " DataTD " >< input type = " text " name = " email " id = " email " value = " " ></ td >
</ tr >
< tr >
< td class = " DataTD " colspan = " 2 " >< input type = " submit " name = " process " value = " <?=_( " Next " )?> " ></ td >
</ tr >
2005-11-08 10:06:04 +00:00
</ table >
< input type = " hidden " name = " oldid " value = " 5 " >
</ form >
2006-11-23 22:22:31 +00:00
< SCRIPT LANGUAGE = " JavaScript " >
//<![CDATA[
function my_init ()
{
document . getElementById ( " email " ) . focus ();
}
window . onload = my_init ();
//]]>
</ script >
2005-11-08 10:06:04 +00:00
< ?
2004-10-16 00:28:17 +00:00
showfooter ();
exit ;
}
if ( $oldid == 8 )
{
2008-09-07 02:46:35 +00:00
csrf_check ( " chgcontact " );
2014-06-07 09:14:52 +00:00
$info = mysql_real_escape_string ( strip_tags ( stripslashes ( $_POST [ 'contactinfo' ])));
2004-10-16 00:28:17 +00:00
$listme = intval ( $_POST [ 'listme' ]);
if ( $listme < 0 || $listme > 1 )
$listme = 0 ;
$_SESSION [ 'profile' ][ 'listme' ] = $listme ;
$_SESSION [ 'profile' ][ 'contactinfo' ] = $info ;
2014-06-07 09:14:52 +00:00
$query = " update `users` set `listme`=' $listme ',`contactinfo`=' $info ' where `id`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' " ;
2004-10-16 00:28:17 +00:00
mysql_query ( $query );
showheader ( _ ( " My CAcert.org Account! " ));
echo " <p> " . _ ( " Your account information has been updated. " ) . " </p> " ;
showfooter ();
exit ;
}
2006-08-16 03:33:47 +00:00
if ( $oldid == 9 && $_REQUEST [ 'userid' ] > 0 && $_SESSION [ 'profile' ][ 'id' ] > 0 )
2004-10-16 00:28:17 +00:00
{
2006-02-03 18:45:23 +00:00
if ( $_SESSION [ '_config' ][ 'pagehash' ] != $_REQUEST [ 'pageid' ])
{
2008-09-22 15:32:03 +00:00
$oldid = 0 ;
2006-02-03 18:45:23 +00:00
$id = 9 ;
2011-12-12 09:51:45 +00:00
show_page ( " ContactAssurer " , " " , _ ( " It looks like you were trying to contact multiple people, this isn't allowed due to data security reasons. " ));
exit ;
2006-02-03 18:45:23 +00:00
} else {
2006-08-16 03:33:47 +00:00
$body = $_REQUEST [ 'message' ];
$subject = $_REQUEST [ 'subject' ];
$userid = intval ( $_REQUEST [ 'userid' ]);
2014-06-07 09:14:52 +00:00
$user = mysql_fetch_assoc ( mysql_query ( " select * from `users` where `id`=' " . intval ( $userid ) . " ' and `listme`=1 " ));
2013-09-06 15:21:06 +00:00
$points = mysql_num_rows ( mysql_query ( " select sum(`points`) as `total` from `notary`
2014-06-07 09:14:52 +00:00
where `to` = '".intval($user[' id '])."' and `deleted` = 0 group by `to` HAVING SUM ( `points` ) > 0 " ));
2006-08-16 03:33:47 +00:00
if ( $points > 0 )
{
2012-10-13 13:53:59 +00:00
$my_translation = L10n :: get_translation ();
L10n :: set_translation ( $user [ 'language' ]);
2013-01-17 15:06:35 +00:00
2012-10-13 13:53:59 +00:00
$subject = " [CAcert.org] " . sprintf ( _ ( " Message from %s " ),
$_SESSION [ 'profile' ][ 'fname' ]);
2013-01-17 15:06:35 +00:00
2012-10-13 13:53:59 +00:00
$body = sprintf ( _ ( " Hi %s, " ), $user [ 'fname' ]) . " \n \n " ;
$body .= sprintf ( _ ( " %s %s has sent you a message via the " .
" contact an Assurer form on CAcert.org. " ),
$_SESSION [ 'profile' ][ 'fname' ],
$_SESSION [ 'profile' ][ 'lname' ]) . " \n \n " ;
$body .= sprintf ( _ ( " Subject: %s " ), $_REQUEST [ 'subject' ]) . " \n " ;
$body .= _ ( " Message: " ) . " \n " ;
$body .= $_REQUEST [ 'message' ] . " \n \n " ;
$body .= " ------------------------------------------------ \n \n " ;
$body .= _ ( " Please note, that this is NOT a message on behalf " .
" of CAcert but another CAcert community member. If " .
" you suspect that the contact form might have been " .
" abused, please write to support@cacert.org " ) . " \n \n " ;
$body .= _ ( " Best regards " ) . " \n " ;
$body .= _ ( " Your CAcert Community " );
2013-01-17 15:06:35 +00:00
2012-10-13 13:53:59 +00:00
sendmail ( $user [ 'email' ], $subject , $body ,
$_SESSION [ 'profile' ][ 'email' ], //from
" " , //replyto
" " , //toname
$_SESSION [ 'profile' ][ 'fname' ] . " " .
$_SESSION [ 'profile' ][ 'lname' ]); //fromname
2013-01-17 15:06:35 +00:00
2012-10-13 13:53:59 +00:00
L10n :: set_translation ( $my_translation );
2013-01-17 15:06:35 +00:00
2012-04-29 18:47:47 +00:00
showheader ( _ ( " My CAcert.org Account! " )); ?>
< p >
2014-06-07 09:14:52 +00:00
< ? printf ( _ ( " Your email has been sent to %s. " ), sanitizeHTML ( $user [ 'fname' ])); ?>
2012-04-29 18:47:47 +00:00
</ p >
< p > [ < a href = 'javascript:history.go(-2)' >< ? = _ ( " Go Back " ) ?> </a> ]</p>
< ?
showfooter ();
2006-08-16 03:33:47 +00:00
exit ;
} else {
2011-12-12 09:51:45 +00:00
show_page ( 0 , " " , _ ( " Sorry, I was unable to locate that user. " ));
2006-08-16 03:33:47 +00:00
exit ;
}
2013-01-17 15:06:35 +00:00
2006-02-03 18:45:23 +00:00
}
2013-01-17 15:06:35 +00:00
}
if ( $oldid == 9 )
2011-12-12 09:51:45 +00:00
{
2008-09-22 15:32:03 +00:00
$oldid = 0 ;
2004-10-16 00:28:17 +00:00
$id = 9 ;
2011-12-12 09:51:45 +00:00
show_page ( " ContactAssurer " , " " , _ ( " There was an error and I couldn't proceed " ));
exit ;
2004-10-16 00:28:17 +00:00
}
2011-12-12 09:51:45 +00:00
// showheader(_("My CAcert.org Account!"));
// echo "ID now = ".$id."/".$oldid.">>".$iecho;
// includeit($id, "wot");
// showfooter();
show_page ( $id , " " , " " );
2004-10-16 00:28:17 +00:00
?>