(CATS import interface is not fit to handle non-Assurer Challenge tests)
This commit is contained in:
Wytze van der Raay
parent
f27e77391e
commit
6ef19fd6eb
4 changed files with 56 additions and 16 deletions
|
|
@ -38,6 +38,7 @@
|
|||
$_SESSION['_config']['filepath'] = "/www";
|
||||
|
||||
require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
|
||||
require_once($_SESSION['_config']['filepath'].'/includes/lib/account.php');
|
||||
|
||||
if(array_key_exists('HTTP_HOST',$_SERVER) &&
|
||||
$_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] &&
|
||||
|
|
@ -847,19 +848,6 @@
|
|||
$text=preg_replace("/[^\w-.@]/","",$text);
|
||||
return($text);
|
||||
}
|
||||
|
||||
function fix_assurer_flag($userID)
|
||||
{
|
||||
// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
|
||||
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).
|
||||
'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
|
||||
' AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100'); // Challenge has been passed and non-expired points >= 100
|
||||
|
||||
// Reset flag if requirements are not met
|
||||
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID).
|
||||
'\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
|
||||
' OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `n`.`expire` < now()) < 100)');
|
||||
}
|
||||
|
||||
// returns 0 if $userID is an Assurer
|
||||
// Otherwise :
|
||||
|
|
|
|||
51
includes/lib/account.php
Normal file
51
includes/lib/account.php
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
/*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 of the License.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
|
||||
function fix_assurer_flag($userID)
|
||||
{
|
||||
// Update Assurer-Flag on users table if 100 points.
|
||||
// Should the number of points be SUM(points) or SUM(awarded)?
|
||||
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE '.
|
||||
'`u`.`id` = \''.(int)intval($userID).'\' AND '.
|
||||
'EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
|
||||
'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
|
||||
'`cp`.`user_id` = `u`.`id`) AND '.
|
||||
'(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` '.
|
||||
'AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100');
|
||||
// Challenge has been passed and non-expired points >= 100
|
||||
|
||||
if (!$query) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Reset flag if requirements are not met
|
||||
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE '.
|
||||
'`u`.`id` = \''.(int)intval($userID).'\' AND '.
|
||||
'(NOT EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS '.
|
||||
'`cv` WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 '.
|
||||
'AND `cp`.`user_id` = `u`.`id`) OR '.
|
||||
'(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` '.
|
||||
'AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)');
|
||||
|
||||
if (!$query) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
@ -30,7 +30,7 @@
|
|||
$query = "
|
||||
select u.email, fname, lname, sum(n.points) from users u, notary n
|
||||
where n.to=u.id
|
||||
and not exists(select 1 from cats_passed cp where cp.user_id=u.id)
|
||||
and not EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)
|
||||
and exists(select 1 from notary n2 where n2.from=u.id and year(n2.`when`)>2007)
|
||||
and (select count(*) from notary n3 where n3.from=u.id) > 1
|
||||
group by email, fname, lname
|
||||
|
|
|
|||
|
|
@ -24,6 +24,8 @@
|
|||
API for CATS to import passed tests into main CAcert database.
|
||||
*/
|
||||
|
||||
require_once('../../includes/lib/account.php');
|
||||
|
||||
function sanitize_string($buffer) {
|
||||
return htmlentities(utf8_decode($buffer), (int)ENQ_QUOTES);
|
||||
}
|
||||
|
|
@ -154,8 +156,7 @@ if (!$query) {
|
|||
}
|
||||
|
||||
// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
|
||||
$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`) AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100;'); // Challenge has been passed and non-expired points >= 100
|
||||
if (!$query) {
|
||||
if (!fix_assurer_flag($userID)) {
|
||||
echo 'Invalid query'."\r\n";
|
||||
trigger_error('Invalid query', E_USER_ERROR);
|
||||
exit();
|
||||
|
|
|
|||
Loading…
Reference in a new issue