cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 1 Projects Releases 2 Wiki Activity

Fix for https://bugs.cacert.org/view.php?id=1281

Browse Source 
"Internal Error on training page"
pull/1/head
Wytze van der Raay 10 years ago
parent 73daac8e42
commit 59a03ee6fe
2 changed files with 163 additions and 154 deletions
Show Stats Download Patch File Download Diff File

235
pages/account/55.php
Unescape Escape View File

@ -1,113 +1,122 @@
<? /* <? /*
LibreSSL - CAcert web application LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc. Copyright (C) 2004-2008 CAcert Inc.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License. the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?> */ ?>
<? <?
if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) { if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
$user_id = intval($_SESSION['profile']['id']); $user_id = intval($_SESSION['profile']['id']);
?> ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr> <tr>
<td colspan="5" class="title"><?=_("Your passed Tests")?></td> <td colspan="5" class="title"><?=_("Your passed Tests")?></td>
</tr> </tr>
<tr> <tr>
<td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td> <td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
</tr> </tr>
</table> </table>
<? <?
} else { } else {
$user_id = intval($_REQUEST['userid']); $user_id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0"; $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
$res = mysql_query($query); $res = mysql_query($query);
if(mysql_num_rows($res) <= 0) if(mysql_num_rows($res) <= 0)
{ {
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!"); echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else { } else {
$row = mysql_fetch_assoc($res); $row = mysql_fetch_assoc($res);
} }
?> ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr> <tr>
<td colspan="5" class="title"><?=_("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td> <td colspan="5" class="title"><?=_("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
</tr> </tr>
</table> </table>
<? <?
} }
?> ?>
<br> <br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr> <tr>
<td class="DataTD"><b><?=_("Date")?></b></td> <td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Test")?></b></td> <td class="DataTD"><b><?=_("Test")?></b></td>
<td class="DataTD"><b><?=_("Variant")?></b></td> <td class="DataTD"><b><?=_("Variant")?></b></td>
</tr> </tr>
<? <?
$query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ". $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
" FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ". " FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
" WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'". " WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'".
" ORDER BY `CP`.`pass_date`"; " ORDER BY `CP`.`pass_date`";
$res = mysql_query($query); $res = mysql_query($query);
$HaveTest=0; $HaveTest=0;
while($row = mysql_fetch_array($res, MYSQL_NUM)) while($row = mysql_fetch_array($res, MYSQL_NUM))
{ {
if ($row[1] == "Assurer Challenge") { if ($row[1] == "Assurer Challenge") {
$HaveTest=1; $HaveTest=1;
} }
?> ?>
<tr> <tr>
<td class="DataTD"><?=sanitizeHTML($row[0])?></td> <td class="DataTD"><?=sanitizeHTML($row[0])?></td>
<td class="DataTD"><?=sanitizeHTML($row[1])?></td> <td class="DataTD"><?=sanitizeHTML($row[1])?></td>
<td class="DataTD"><?=sanitizeHTML($row[2])?></td> <td class="DataTD"><?=sanitizeHTML($row[2])?></td>
</tr> </tr>
<? } <? }
?> ?>
</table> </table>
<br> <br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr> <tr>
<? <?
if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) { if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
?> ?>
<tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr> <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr>
<? <?
} else { } else {
$query = 'SELECT `u`.id, `u`.`assurer`, SUM(`points`) FROM `users` AS `u`, `notary` AS `n` '. $query = '
' WHERE `u`.`id` = \''.(int)intval($_SESSION['profile']['id']).'\' AND `n`.`to` = `u`.`id` AND `expire` < now() and and `n`.`deleted` = 0'. SELECT `u`.`id`,
' GROUP BY `u`.id, `u`.`assurer`'; `u`.`assurer`,
$res = mysql_query($query); SUM(`points`)
if (!$res) { FROM `users` AS `u`,
print '<td colspan="3" class="DataTD">'._('Internal Error').'</td>'."\n"; `notary` AS `n`
} else { WHERE `u`.`id` = \''.intval($_SESSION['profile']['id']).'\'
$row = mysql_fetch_array($res, MYSQL_NUM); AND `n`.`to` = `u`.`id`
if ($HaveTest && ($row[2]>=100)) { AND `expire` < NOW()
if (!$row[1]) { AND `n`.`deleted` = 0
// This should not happen... GROUP BY `u`.`id`, `u`.`assurer`
fix_assurer_flag($_SESSION['profile']['id']); ';
} $res = mysql_query($query);
?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td> if (!$res) {
<? } elseif (($row[2]>=100) && !$HaveTest) { print '<td colspan="3" class="DataTD">'._('Internal Error').'</td>'."\n";
?> <td colspan="3" class="DataTD"><?=_("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td> } else {
<? } elseif ($HaveTest && ($row[2]<100)) { $row = mysql_fetch_array($res, MYSQL_NUM);
?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td> if ($HaveTest && ($row[2]>=100)) {
<? } if (!$row[1]) {
} // This should not happen...
} fix_assurer_flag($_SESSION['profile']['id']);
?> </tr> }
</table> ?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td>
<? } elseif (($row[2]>=100) && !$HaveTest) {
?> <td colspan="3" class="DataTD"><?=_("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td>
<? } elseif ($HaveTest && ($row[2]<100)) {
?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td>
<? }
}
}
?> </tr>
</table>

82
pages/account/56.php
Unescape Escape View File

@ -1,41 +1,41 @@
<? /* <? /*
LibreSSL - CAcert web application LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc. Copyright (C) 2004-2008 CAcert Inc.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License. the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?> */ ?>
<?=_("List of Organisation Assurers:")?> <?=_("List of Organisation Assurers:")?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr> <tr>
<td colspan="1" class="title"><?=_("Name")?></td> <td colspan="1" class="title"><?=_("Name")?></td>
<td colspan="1" class="title"><?=_("Email")?></td> <td colspan="1" class="title"><?=_("Email")?></td>
<td colspan="1" class="title"><?=_("Country")?></td> <td colspan="1" class="title"><?=_("Country")?></td>
</tr> </tr>
<? <?
$query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;"; $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
$res = mysql_query($query); $res = mysql_query($query);
while($row = mysql_fetch_assoc($res)) while($row = mysql_fetch_assoc($res))
{ {
?> ?>
<tr> <tr>
<td><?=sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td> <td><?=sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td>
<td><a href="mailto:<?=sanitizeHTML($row['email'])?>"><?=sanitizeHTML($row['email'])?></a></td> <td><a href="mailto:<?=sanitizeHTML($row['email'])?>"><?=sanitizeHTML($row['email'])?></a></td>
<td><?=sanitizeHTML($row['name'])?></td> <td><?=sanitizeHTML($row['name'])?></td>
</tr> </tr>
<? <?
} }
?> ?>
</table> </table>

Write Preview
Loading…
Cancel
Save