@ -133,9 +133,9 @@ function send_reminder()
//This mail does not need to be translated
$body = "Hi TTP adminstrators,\n\n";
$body .= "User ".$_SESSION['profile']['fname']." ".
$_SESSION['profile']['lname']." with email address '".
$_SESSION['profile']['email']."' is requesting a TTP assurances for ".
mysql_escape_string(stripslashes($_POST['country'])).".\n\n";
$_SESSION['profile']['lname']." with email address '".
$_SESSION['profile']['email']."' is requesting a TTP assurances for ".
mysql_escape_string(stripslashes($_POST['country'])).".\n\n";
if ($_POST['ttptopup']=='1') {
$body .= "The user is also requesting TTP TOPUP.\n\n";
}else{
@ -224,8 +224,8 @@ function send_reminder()
exit;
}
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and
`to`='".$_SESSION['_config']['notarise']['id']."'";
$query = "select * from `notary` where `from`='".intval( $_SESSION['profile']['id']) ."' and
`to`='".intval( $_SESSION['_config']['notarise']['id']) ."' and `deleted` = 0 ";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -310,7 +310,7 @@ $iecho= "c";
exit;
}
$query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
$query = "select * from `users` where `id`='".intval( $_SESSION['_config']['notarise']['id']) ."'";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
@ -332,7 +332,7 @@ $iecho= "c";
if($newpoints < 0 )
$newpoints = $awarded = 0;
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
$query = "select sum(`points`) as `total` from `notary` where `to`='".intval( $_SESSION['_config']['notarise']['id']) ."' and `deleted` = 0 group by `to`";
$res = mysql_query($query);
$drow = mysql_fetch_assoc($res);
@ -345,14 +345,15 @@ $iecho= "c";
if($newpoints < 0 )
$newpoints = 0;
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
if(mysql_real_ escape_string(stripslashes($_POST['date'])) == "")
$_POST['date'] = date("Y-m-d H:i:s");
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND
`to`='".$_SESSION['_config']['notarise']['id']."' AND
`awarded`='$awarded' AND
`location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND
`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
$query = "select * from `notary` where `from`='".intval($_SESSION['profile']['id'])."' AND
`to`='".intval($_SESSION['_config']['notarise']['id'])."' AND
`awarded`='".intval($awarded)."' AND
`location`='".mysql_real_escape_string(stripslashes($_POST['location']))."' AND
`date`='".mysql_real_escape_string(stripslashes($_POST['date']))."' AND
`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -363,11 +364,11 @@ $iecho= "c";
if($oldid == 6)
{
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['_config']['notarise']['id']."',
`points`='$newpoints', `awarded`='$awarded',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
$query = "insert into `notary` set `from`='".intval( $_SESSION['profile']['id']) ."',
`to`='".intval( $_SESSION['_config']['notarise']['id']) ."',
`points`='".intval( $newpoints)." ', `awarded`='".intval( $awarded)." ',
`location`='".mysql_real_ escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_real_ escape_string(stripslashes($_POST['date']))."',
`when`=NOW()";
//record active acceptance by Assurer
if (check_date_format(trim($_REQUEST['date']),2010)) {
@ -388,11 +389,11 @@ $iecho= "c";
$addpoints = 2;
else if($_SESSION['profile']['points'] == 149 & & $_SESSION['profile']['points'] >= 100)
$addpoints = 1;
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['profile']['id']."',
`points`='$addpoints', `awarded`='$addpoints',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
$query = "insert into `notary` set `from`='".intval( $_SESSION['profile']['id']) ."',
`to`='".intval( $_SESSION['profile']['id']) ."',
`points`='".intval( $addpoints)." ', `awarded`='".intval( $addpoints)." ',
`location`='".mysql_real_ escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_real_ escape_string(stripslashes($_POST['date']))."',
`method`='Administrative Increase',
`when`=NOW()";
mysql_query($query);
@ -478,7 +479,7 @@ $iecho= "c";
{
csrf_check("chgcontact");
$info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$info = mysql_real_ escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$listme = intval($_POST['listme']);
if($listme < 0 | | $ listme > 1)
$listme = 0;
@ -486,7 +487,7 @@ $iecho= "c";
$_SESSION['profile']['listme'] = $listme;
$_SESSION['profile']['contactinfo'] = $info;
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'";
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".intval( $_SESSION['profile']['id']) ."'";
mysql_query($query);
showheader(_("My CAcert.org Account!"));
@ -507,9 +508,9 @@ $iecho= "c";
$body = $_REQUEST['message'];
$subject = $_REQUEST['subject'];
$userid = intval($_REQUEST['userid']);
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval( $userid)." ' and `listme`=1"));
$points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
where `to`='".intval( $user['id']) ."' and `deleted` = 0 group by `to` HAVING SUM(`points`) > 0"));
if($points > 0)
{
$my_translation = L10n::get_translation();
@ -545,7 +546,7 @@ $iecho= "c";
showheader(_("My CAcert.org Account!"));?>
< p >
<? printf ( _ ( "Your email has been sent to %s." ), $user [ 'fname' ] ); ?>
<? printf ( _ ( "Your email has been sent to %s." ), sanitizeHTML ( $user [ 'fname' ] ) ); ?>
< / p >
< p > [ < a href = 'javascript:history.go(-2)' > <? = _ ( "Go Back" ) ?> </ a > ]</ p >
<?