From 64cd470088c8bc63365528ce0b32f75ef81321d2 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Sat, 9 Dec 2006 00:23:15 +0000
Subject: [PATCH] advertising admin code

---
 includes/account.php       |  9 +++++++++
 includes/general_stuff.php | 18 +++++++++++++++++-
 pages/account/40.php       | 17 +++++++++++++----
 pages/account/43.php       |  4 ++++
 pages/index/11.php         | 17 +++++++++++++----
 stamp/displogo.php         |  4 ++--
 stamp/index.php            |  3 ++-
 stamp/showlogo.php         |  4 ++--
 www/cap.php                |  2 +-
 www/index.php              |  2 +-
 10 files changed, 64 insertions(+), 16 deletions(-)

diff --git a/includes/account.php b/includes/account.php
index bda1673..f4a5f5a 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2284,6 +2284,15 @@
 		mysql_query("update `users` set `ttpadmin`='$ver' where `id`='$memid'");
 	}
 
+	if($id == 43 && $_REQUEST['adadmin'] > 0)
+	{
+		$memid = $_REQUEST['userid'] = intval($_REQUEST['adadmin']);
+		$query = "select * from `users` where `id`='$memid'";
+		$row = mysql_fetch_assoc(mysql_query($query));
+		$ver = !$row['adadmin'];
+		mysql_query("update `users` set `adadmin`='$ver' where `id`='$memid'");
+	}
+
 	if($id == 43 && $_REQUEST['locadmin'] > 0)
 	{
 		$memid = $_REQUEST['userid'] = intval($_REQUEST['locadmin']);
diff --git a/includes/general_stuff.php b/includes/general_stuff.php
index aac9e92..98b4de5 100644
--- a/includes/general_stuff.php
+++ b/includes/general_stuff.php
@@ -40,7 +40,7 @@ function hideall() {
         var max = Nodes.length
         for(var i = 0;i < max;i++) {
                 var nodeObj = Nodes.item(i)
-		if (nodeObj.className == "menu") {
+		if (nodeObj.className == "menu" && nodeObj.id != "recom") {
 	                nodeObj.style.display = 'none';
 		}
         }
@@ -88,6 +88,22 @@ google_color_border = "FFFFFF";
       <h3 onclick="explode('trans')"><?=_("Translations")?></h3>
       <ul class="menu" id="trans"><? foreach($_SESSION['_config']['translations'] as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=$id?>&lang=<?=$key?>"><?=$val?></a></li><? } ?></ul>
     </div>
+    <div class="relatedLinks">
+      <h3 onclick="explode('recom')"><?=_("Web Links")?></h3>
+      <ul class="menu" id="recom"><?
+	$arr = array(	"www.detektei.de" => "Detektei",
+			"www.emion.de" => "Internetagentur",
+			"www.suma-group.com" => "Suchmaschinenoptimierung",
+			"www.emion-gmbh.de" => "Webverzeichnis",
+			"www.traumhaus4me.de" => "Haus Hauskauf Immobilien",
+			"www.guxme.de" => "K&uuml;nstler",
+			"www.tintencenter.com" => "Druckerpatrone Tintenpatrone",
+			"www.sms-sprueche-bilder.de" => "ringtones",
+			"www.tuerkei-ferien.de/lastminute/index.htm" => "Lastminute T&uuml;rkei");
+	foreach($arr as $key => $val)
+		echo "<li><a href='http://$key' target='_new'>$val</a></li>";
+?></ul>
+    </div>
   </div>
   <div id="content">
     <div class="story">
diff --git a/pages/account/40.php b/pages/account/40.php
index 9c63784..58f35b2 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -23,10 +23,10 @@
 <p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
 <p><a href="http://lists.cacert.org/cgi-bin/mailman/listinfo/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
 <p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" action="<?=$_SERVER['PHP_SELF']?>">
+<form method="post" action="<?=$_SERVER['PHP_SELF']?>" name="form1">
   <input type="hidden" name="oldid" value="<?=$id?>">
   <input type="hidden" name="support" value="yes">
-  <input type="hidden" name="secrethash" value="<?=$_SESSION['_config']['secrethash']?>">
+  <input type="hidden" name="secrethash2" value="">
   <table border="0">
     <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
     <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
@@ -47,8 +47,8 @@
 
 <p><b><?=_("Sensitive Information")?></b></p>
 <p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="<?=$_SERVER['PHP_SELF']?>">
-  <input type="hidden" name="secrethash" value="<?=$_SESSION['_config']['secrethash']?>">
+<form method="post" action="<?=$_SERVER['PHP_SELF']?>" name="form2">
+  <input type="hidden" name="secrethash2" value="">
   <input type="hidden" name="oldid" value="<?=$id?>">
   <table border="0">
     <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
@@ -67,3 +67,12 @@ CAcert Inc.<br>
 P.O. Box 81<br>
 Banksia NSW 2216<br>
 Australia</p>
+
+<script type="text/javascript">
+<!--
+	var pagehash = '<?=$_SESSION['_config']['secrethash']?>';
+
+	document.form1.secrethash2.value = pagehash;
+	document.form2.secrethash2.value = pagehash;
+-->
+</script>
diff --git a/pages/account/43.php b/pages/account/43.php
index a560e15..2b74ea2 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -166,6 +166,10 @@
     <td class="DataTD"><?=_("Admin")?>:</td>
     <td class="DataTD"><a href="account.php?id=43&admin=<?=$row['id']?>"><?=$row['admin']?></a></td>
   </tr>
+  <tr>
+    <td class="DataTD"><?=_("Ad Admin")?>:</td>
+    <td class="DataTD"><a href="account.php?id=43&adadmin=<?=$row['id']?>"><?=$row['adadmin']?></a></td>
+  </tr>
   <tr>
     <td class="DataTD"><?=_("Tverify Account")?>:</td>
     <td class="DataTD"><a href="account.php?id=43&tverify=<?=$row['id']?>"><?=$row['tverify']?></a></td>
diff --git a/pages/index/11.php b/pages/index/11.php
index 9c63784..58f35b2 100644
--- a/pages/index/11.php
+++ b/pages/index/11.php
@@ -23,10 +23,10 @@
 <p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
 <p><a href="http://lists.cacert.org/cgi-bin/mailman/listinfo/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
 <p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" action="<?=$_SERVER['PHP_SELF']?>">
+<form method="post" action="<?=$_SERVER['PHP_SELF']?>" name="form1">
   <input type="hidden" name="oldid" value="<?=$id?>">
   <input type="hidden" name="support" value="yes">
-  <input type="hidden" name="secrethash" value="<?=$_SESSION['_config']['secrethash']?>">
+  <input type="hidden" name="secrethash2" value="">
   <table border="0">
     <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
     <tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
@@ -47,8 +47,8 @@
 
 <p><b><?=_("Sensitive Information")?></b></p>
 <p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
-<form method="post" action="<?=$_SERVER['PHP_SELF']?>">
-  <input type="hidden" name="secrethash" value="<?=$_SESSION['_config']['secrethash']?>">
+<form method="post" action="<?=$_SERVER['PHP_SELF']?>" name="form2">
+  <input type="hidden" name="secrethash2" value="">
   <input type="hidden" name="oldid" value="<?=$id?>">
   <table border="0">
     <tr><td><?=_("Your Name")?>:</td><td><input type="text" name="who"></td></tr>
@@ -67,3 +67,12 @@ CAcert Inc.<br>
 P.O. Box 81<br>
 Banksia NSW 2216<br>
 Australia</p>
+
+<script type="text/javascript">
+<!--
+	var pagehash = '<?=$_SESSION['_config']['secrethash']?>';
+
+	document.form1.secrethash2.value = pagehash;
+	document.form2.secrethash2.value = pagehash;
+-->
+</script>
diff --git a/stamp/displogo.php b/stamp/displogo.php
index 8578186..7e5b5d6 100644
--- a/stamp/displogo.php
+++ b/stamp/displogo.php
@@ -8,8 +8,8 @@
 	$arr = explode("/", $arr['1'], 2);
 	$siteref = $arr['0'];
 
-
-	header('Content-type: image/png');
+	if($_REQUEST['debug'] != 1)
+		header('Content-type: image/png');
 	$im = imagecreatefrompng($img);
 
 	if($ref == "" || ($ref != $siteref && $siteref != ""))
diff --git a/stamp/index.php b/stamp/index.php
index 82083b5..08f5375 100644
--- a/stamp/index.php
+++ b/stamp/index.php
@@ -32,6 +32,7 @@ google_ad_channel = "";
       <p>&lt;script type="text/javascript" src="http&lt? if($_SERVER['HTTPS']=="on") { echo "s"; } ?&gt;://stamp.cacert.org/showlogo.php"&gt;&lt;/script&gt;</p>
       <script type="text/javascript" src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://stamp.cacert.org/showlogo.php"></script>
     </div>
-   </div>
+  </div>
+ </div>
 </body>
 </html>
diff --git a/stamp/showlogo.php b/stamp/showlogo.php
index 8450f79..3b67ce7 100644
--- a/stamp/showlogo.php
+++ b/stamp/showlogo.php
@@ -1,8 +1,8 @@
 <?
 	if($_SERVER['HTTPS']=="on")
-		$URI = "http://";
-	else
 		$URI = "https://";
+	else
+		$URI = "http://";
 ?>
 var curDateTime = new Date();
 var tz = -(curDateTime.getTimezoneOffset()/60);
diff --git a/www/cap.php b/www/cap.php
index ce7c628..cdb26e7 100644
--- a/www/cap.php
+++ b/www/cap.php
@@ -64,7 +64,7 @@
 			$this->Write(4,recode($_SESSION['_config']['recode'], _("It's encouraged that you tear the top of this form off and give it to the person you are assuring as a reminder to sign up, and as a side benefit the tear off section also contains a method of offline verification of our fingerprints.")));
 
 			// Assuree Section
-			$top = 110;
+			$top = 130;
 			$this->Rect(11, $top, $this->w - 25, 50, "D");
 			$this->SetXY(11, $top + 5);
 			$this->SetFont("Arial", "BUI", "20");
diff --git a/www/index.php b/www/index.php
index 2e36930..d8fd6a9 100644
--- a/www/index.php
+++ b/www/index.php
@@ -429,7 +429,7 @@
 		$email = stripslashes($_REQUEST['email']);
 		$subject = stripslashes($subject);
 		$message = stripslashes($message);
-		$secrethash = $_REQUEST['secrethash'];
+		$secrethash = $_REQUEST['secrethash2'];
 
 		if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "" ||
 			strstr($subject, "botmetka") || strstr($subject, "servermetka"))