cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 4 Projects Releases 2 Wiki Activity

http://bugs.cacert.org/view.php?id=588

Browse Source
pull/1/head
root 16 years ago
parent d0bcb42f53
commit 4848d4d04d
3 changed files with 32 additions and 20 deletions
Show Stats Download Patch File Download Diff File

18
includes/account.php
Unescape Escape View File

@ -1110,10 +1110,11 @@
if($oldid == 13 && $process != "") if($oldid == 13 && $process != "")
{ {
$ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$ddres = mysql_query($ddquery); $ddres = mysql_query($ddquery);
$ddrow = mysql_fetch_assoc($ddres); $ddrow = mysql_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total']; $_SESSION['profile']['points'] = $ddrow['total'];
if($_SESSION['profile']['points'] == 0) if($_SESSION['profile']['points'] == 0)
{ {
$_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname'])))); $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
@ -1179,10 +1180,10 @@
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
$_SESSION['profile']['loggedin'] = 1; $_SESSION['profile']['loggedin'] = 1;
$ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$ddres = mysql_query($ddquery); $ddres = mysql_query($ddquery);
$ddrow = mysql_fetch_assoc($ddres); $ddrow = mysql_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total']; $_SESSION['profile']['points'] = $ddrow['total'];
$id = 13; $id = 13;
@ -2715,6 +2716,7 @@
{ {
mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points', mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points',
`method`='Thawte Points Transfer', `when`=NOW()"); `method`='Thawte Points Transfer', `when`=NOW()");
fix_assurer_flag($memid);
} }
$totalpoints = intval($tmp['points']) + $points; $totalpoints = intval($tmp['points']) + $points;

2
includes/account_stuff.php
Unescape Escape View File

@ -217,7 +217,7 @@ function hideall() {
<? } ?> <? } ?>
<div class="relatedLinks"> <div class="relatedLinks">
<h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> <h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
<ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['points'] < 100) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted Third Parties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul> <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul>
</div> </div>
<div class="relatedLinks"> <div class="relatedLinks">
<h3 onclick="explode('WoTForms')">+ <?=_("CAP/TTP Forms")?></h3><? <h3 onclick="explode('WoTForms')">+ <?=_("CAP/TTP Forms")?></h3><?

32
includes/general.php
Unescape Escape View File

@ -828,15 +828,14 @@
function fix_assurer_flag($userID) function fix_assurer_flag($userID)
{ {
// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)? // Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
// Note: If other tests are implemented an additional restriction for cats_passed would be needed here...
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID). $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).
'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`)'. '\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
' AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100'); // Challenge has been passed and non-expired points >= 100 ' AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100'); // Challenge has been passed and non-expired points >= 100
// Reset flag if requirements are not met // Reset flag if requirements are not met
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID). $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID).
'\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`)'. '\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
' OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `n`.`expire` < now()) < 100)'); ' OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `n`.`expire` < now()) < 100)');
} }
// returns 0 if $userID is an Assurer // returns 0 if $userID is an Assurer
@ -845,12 +844,11 @@
// Bit 1 is set if 100 Assurance Points are not reached // Bit 1 is set if 100 Assurance Points are not reached
// Bit 2 is set if Assurer Test is missing // Bit 2 is set if Assurer Test is missing
// Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0) // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
function is_no_assurer($userID) function get_assurer_status($userID)
{ {
$Result = 0; $Result = 0;
$query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
// Note: If other tests are implemented an additional restriction for cats_passed would be needed here... ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
$query = mysql_query('SELECT * FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = \''.(int)intval($userID).'\'');
if(mysql_num_rows($query) < 1) if(mysql_num_rows($query) < 1)
{ {
$Result |= 5; $Result |= 5;
@ -883,13 +881,25 @@
} elseif ($Status == 7) { } elseif ($Status == 7) {
$Result = _("To become an Assurer have to collect 100 Assurance Points and pass the ").'<a href="https://cats.cacert.org/">Assurer Challenge</a>!'; $Result = _("To become an Assurer have to collect 100 Assurance Points and pass the ").'<a href="https://cats.cacert.org/">Assurer Challenge</a>!';
} elseif ($Status & 8 > 0) { } elseif ($Status & 8 > 0) {
$Result = _("Sorry, you are not allowed to be an Assurer. Please contact ").'<a href="mailto:support@cacert.org">support@cacert.org</a>'._(" if you feel that this is not corect."); $Result = _("Sorry, you are not allowed to be an Assurer. Please contact ").'<a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>'._(" if you feel that this is not corect.");
} else { } else {
$Result = _("You are not an Assurer, but the reason is not stored in the database. Please contact ").'<a href="mailto:support@cacert.org">support@cacert.org</a>.'; $Result = _("You are not an Assurer, but the reason is not stored in the database. Please contact ").'<a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>.';
} }
return $Result; return $Result;
} }
function is_assurer($userID)
{
if (get_assurer_status($userID))
return 0;
else
return 1;
}
function get_assurer_reason($userID)
{
return no_assurer_text(get_assurer_status($userID));
}
?> ?>

Write Preview
Loading…
Cancel
Save