Combined fixes for
- https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management"
This commit is contained in:
parent
81932bfd0a
commit
843bbeb8c0
19 changed files with 1245 additions and 1051 deletions
|
@ -19,7 +19,7 @@
|
|||
<form method="post" action="account.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
|
||||
<td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
|
||||
|
@ -34,17 +34,20 @@
|
|||
$query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
|
||||
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
|
||||
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
|
||||
`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
|
||||
`domaincerts`.`expire`,
|
||||
`domaincerts`.`revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`revoked`) as `revoked`,
|
||||
if (`domaincerts`.`expire`=0,CURRENT_TIMESTAMP(),`domaincerts`.`modified`) as `modified`,
|
||||
`CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
|
||||
`domaincerts`.`description`
|
||||
from `domaincerts`,`domains`
|
||||
where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
|
||||
if($viewall != 1)
|
||||
{
|
||||
$query .= "AND `revoked`=0 AND `renewed`=0 ";
|
||||
$query .= "HAVING `timeleft` > 0 ";
|
||||
$query .= "HAVING `timeleft` > 0 or `expire` = 0 ";
|
||||
}
|
||||
$query .= "ORDER BY `domaincerts`.`modified` desc";
|
||||
$query .= "ORDER BY `modified` desc";
|
||||
//echo $query."<br>\n";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
|
@ -69,24 +72,24 @@
|
|||
?>
|
||||
<tr>
|
||||
<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
|
||||
<td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
|
||||
<td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/></td>
|
||||
<? } else if($verified != _("Revoked")) { ?>
|
||||
<td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
|
||||
<td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/></td>
|
||||
<? } else { ?>
|
||||
<td class="DataTD"> </td>
|
||||
<? } ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><a href="account.php?id=15&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
|
||||
<td class="DataTD"><a href="account.php?id=15&cert=<?=intval($row['id'])?>"><?=htmlspecialchars($row['CN'])?></a></td>
|
||||
<td class="DataTD"><?=$row['serial']?></td>
|
||||
<td class="DataTD"><?=$row['revoke']?></td>
|
||||
<td class="DataTD"><?=$row['expires']?></td>
|
||||
<td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
|
||||
<td class="DataTD"><?=$row['expire']?></td>
|
||||
<td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="8">
|
||||
<a href="account.php?id=12&viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
|
||||
<a href="account.php?id=12&viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
@ -104,6 +107,6 @@
|
|||
<td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>"/>
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>"/>
|
||||
<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/>
|
||||
</form>
|
||||
|
|
|
@ -52,22 +52,22 @@
|
|||
<? if($_SESSION['profile']['points'] == 0) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("First Name")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="fname" value="<?=$user['fname']?>"></td>
|
||||
<td class="DataTD" width="125"><input type="text" name="fname" value="<?=sanitizeHTML($user['fname'])?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
|
||||
(<?=_("optional")?>)
|
||||
</td>
|
||||
<td class="DataTD"><input type="text" name="mname" value="<?=$user['mname']?>"></td>
|
||||
<td class="DataTD"><input type="text" name="mname" value="<?=sanitizeHTML($user['mname'])?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Last Name")?>: </td>
|
||||
<td class="DataTD"><input type="text" name="lname" value="<?=$user['lname']?>"></td>
|
||||
<td class="DataTD"><input type="text" name="lname" value="<?=sanitizeHTML($user['lname'])?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Suffix")?><br>
|
||||
(<?=_("optional")?>)</td>
|
||||
<td class="DataTD"><input type="text" name="suffix" value="<?=$user['suffix']?>"></td>
|
||||
<td class="DataTD"><input type="text" name="suffix" value="<?=sanitizeHTML($user['suffix'])?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Date of Birth")?><br>
|
||||
|
@ -100,22 +100,22 @@
|
|||
<? } else { ?>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("First Name")?>: </td>
|
||||
<td class="DataTD" width="125"><?=$user['fname']?></td>
|
||||
<td class="DataTD" width="125"><?=sanitizeHTML($user['fname'])?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
|
||||
(<?=_("optional")?>)
|
||||
</td>
|
||||
<td class="DataTD"><?=$user['mname']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($user['mname'])?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Last Name")?>: </td>
|
||||
<td class="DataTD"><?=$user['lname']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($user['lname'])?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Suffix")?><br>
|
||||
(<?=_("optional")?>)</td>
|
||||
<td class="DataTD"><?=$user['suffix']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($user['suffix'])?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Date of Birth")?><br>
|
||||
|
@ -124,7 +124,10 @@
|
|||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td colspan="2" class="title"><a href="account.php?id=13&showdetails=<?=!$showdetails?>"><?=_("View secret question & answers and OTP phrases")?></a></td>
|
||||
<td colspan="2" class="title"><a href="account.php?id=59&oldid=13&userid=<?=intval($_SESSION['profile']['id'])?>"><?=_('Show account history')?></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="title"><a href="account.php?id=13&showdetails=<?=intval(!$showdetails)?>"><?=_("View secret question & answers and OTP phrases")?></a></td>
|
||||
</tr>
|
||||
<? if($showdetails){ ?>
|
||||
<tr>
|
||||
|
@ -167,5 +170,5 @@
|
|||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="csrf" value="<?=make_csrf('perschange')?>" />
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>">
|
||||
</form>
|
||||
|
|
|
@ -42,7 +42,7 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Department")?>:</td>
|
||||
<td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?($_SESSION['_config']['OU']):''?>"/></td>
|
||||
<td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?(sanitizeHTML($_SESSION['_config']['OU'])):''?>"/></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
|
|
|
@ -79,6 +79,7 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
|
|||
UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
|
||||
`oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
|
||||
if (`oemail`.`expire`=0,CURRENT_TIMESTAMP(),`oemail`.`modified`) as `modified`,
|
||||
`oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
|
||||
`oemail`.`description`, `oemail`.`ou`, `orginfo`.`O`
|
||||
from `orgemailcerts` as `oemail`, `org`, `orginfo`
|
||||
|
@ -92,17 +93,17 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
|
|||
if(0==$status)
|
||||
{
|
||||
$query .= "AND `oemail`.`revoked`=0 AND `oemail`.`renewed`=0 ";
|
||||
$query .= "HAVING `timeleft` > 0 AND `revoked`=0 ";
|
||||
$query .= "HAVING `timeleft` > 0 AND `revoked`=0 or `expires` = 0 ";
|
||||
}
|
||||
switch ($sorting){
|
||||
case 0:
|
||||
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`expire` desc";
|
||||
$query .= "ORDER BY `orginfo`.`O`, `modified` desc";
|
||||
break;
|
||||
case 1:
|
||||
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`ou`, `oemail`.`expire` desc";
|
||||
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`ou`, `modified` desc";
|
||||
break;
|
||||
case 2:
|
||||
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`CN`, `oemail`.`expire` desc";
|
||||
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`CN`, `modified` desc";
|
||||
break;
|
||||
}
|
||||
$res = mysql_query($query);
|
||||
|
|
|
@ -41,7 +41,7 @@ if (is_array($_SESSION['_config']['altrows'])) {
|
|||
}
|
||||
|
||||
echo _("Organisation"), ": {$org['O']}<br>\n";
|
||||
echo _("Org. Unit"), ": {$_SESSION['_config']['OU']}<br>\n";
|
||||
echo _("Org. Unit"), ": ", sanitizeHTML($_SESSION['_config']['OU']), "<br>\n";
|
||||
echo _("Location"), ": {$org['L']}<br>\n";
|
||||
echo _("State/Province"), ": {$org['ST']}<br>\n";
|
||||
echo _("Country"), ": {$org['C']}<br>\n";
|
||||
|
@ -52,7 +52,7 @@ echo _("Country"), ": {$org['C']}<br>\n";
|
|||
<input type="submit" name="process" value="<?=_("Submit")?>">
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</p>
|
||||
|
||||
|
||||
<?
|
||||
if ($_SESSION['profile']['admin'] == 1) {
|
||||
?>
|
||||
|
|
|
@ -78,7 +78,9 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
|
|||
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
|
||||
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired`,
|
||||
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
|
||||
UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoked`,
|
||||
if (`orgdomaincerts`.`expire`=0,CURRENT_TIMESTAMP(),`orgdomaincerts`.`modified`) as `modified`,
|
||||
`CN`,
|
||||
`orgdomaincerts`.`serial`,
|
||||
`orgdomaincerts`.`id` as `id`,
|
||||
`orgdomaincerts`.`description`, `orginfo`.`O`
|
||||
|
@ -94,14 +96,14 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
|
|||
if(0==$status)
|
||||
{
|
||||
$query .= "AND `revoked`=0 AND `renewed`=0 ";
|
||||
$query .= "HAVING `timeleft` > 0 ";
|
||||
$query .= "HAVING `timeleft` > 0 or `expires` = 0 ";
|
||||
}
|
||||
switch ($sorting){
|
||||
case 0:
|
||||
$query .= "ORDER BY `orginfo`.`O`, `orgdomaincerts`.`expire` desc";
|
||||
$query .= "ORDER BY `orginfo`.`O`, `modified` desc";
|
||||
break;
|
||||
case 1:
|
||||
$query .= "ORDER BY `orginfo`.`O`, `orgdomaincerts`.`CN`, `orgdomaincerts`.`expire` desc";
|
||||
$query .= "ORDER BY `orginfo`.`O`, `orgdomaincerts`.`CN`, `modified` desc";
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
1885
pages/account/43.php
1885
pages/account/43.php
File diff suppressed because it is too large
Load diff
|
@ -14,8 +14,28 @@
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/ ?>
|
||||
<? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } ?>
|
||||
*/
|
||||
|
||||
if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") {
|
||||
?>
|
||||
<div style="color: orange;">ERROR: <?=$_SESSION['_config']['error']?></div>
|
||||
<?
|
||||
unset($_SESSION['_config']['error']);
|
||||
}
|
||||
|
||||
$ticketno = "";
|
||||
if (array_key_exists('ticketno', $_SESSION)) {
|
||||
$ticketno = $_SESSION['ticketno'];
|
||||
}
|
||||
|
||||
if (!valid_ticket_number($ticketno)) {
|
||||
printf(_("I'm sorry, you did not enter a ticket number! %s You cannot reset the password."), '<br/>');
|
||||
echo '<br/><a href="account.php?id=43&userid='.intval($_REQUEST['userid']).'">'._('Back to previous page.').'</a>';
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
<form method="post" action="account.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
|
@ -34,5 +54,6 @@
|
|||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="userid" value="<?=intval($_REQUEST['userid'])?>">
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>">
|
||||
<input type="hidden" name="ticketno" value="<?=sanitizeHTML($ticketno)?>"/>
|
||||
</form>
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
<form method="post" action="account.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
|
||||
<td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
|
||||
|
@ -34,23 +34,24 @@
|
|||
$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
|
||||
`emailcerts`.`expire` as `expires`,
|
||||
`emailcerts`.`expire`,
|
||||
`emailcerts`.`revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
|
||||
if (`emailcerts`.`expire`=0,CURRENT_TIMESTAMP(),`emailcerts`.`modified`) as `modified` ,
|
||||
`emailcerts`.`id`,
|
||||
`emailcerts`.`CN`,
|
||||
`emailcerts`.`serial`,
|
||||
`emailcerts`.`disablelogin` as `disablelogin`,
|
||||
`emailcerts`.`description`
|
||||
from `emailcerts`
|
||||
where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
|
||||
where `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'
|
||||
";
|
||||
if($viewall != 1)
|
||||
$query .= " AND `revoked`=0 AND `renewed`=0 ";
|
||||
$query .= " GROUP BY `emailcerts`.`id` ";
|
||||
if($viewall != 1)
|
||||
$query .= " HAVING `timeleft` > 0 ";
|
||||
$query .= " ORDER BY `emailcerts`.`modified` desc";
|
||||
$query .= " HAVING `timeleft` > 0 or `expire` = 0 ";
|
||||
$query .= " ORDER BY `modified` desc";
|
||||
// echo $query."<br>\n";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
|
@ -75,32 +76,32 @@
|
|||
?>
|
||||
<tr>
|
||||
<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
|
||||
<td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
|
||||
<td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"></td>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><a href="account.php?id=6&cert=<?=$row['id']?>"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></a></td>
|
||||
<td class="DataTD"><a href="account.php?id=6&cert=<?=intval($row['id'])?>"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></a></td>
|
||||
<? } else if($verified != _("Revoked")) { ?>
|
||||
<td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
|
||||
<td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"></td>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
|
||||
<? } else { ?>
|
||||
<td class="DataTD"> </td>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
|
||||
<? } ?>
|
||||
<td class="DataTD"><?=$row['serial']?></td>
|
||||
<td class="DataTD"><?=$row['revoke']?></td>
|
||||
<td class="DataTD"><?=$row['expires']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['revoke'])?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['expire'])?></td>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":'checked="checked"'?>/>
|
||||
<input type="hidden" name="cert_<?=$row['id']?>" value="1" />
|
||||
<input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":'checked="checked"'?>/>
|
||||
<input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
|
||||
</td>
|
||||
<td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
|
||||
<td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="9">
|
||||
<a href="account.php?id=5&viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
|
||||
<a href="account.php?id=5&viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
|
@ -119,7 +120,7 @@
|
|||
</tr>
|
||||
<? } ?>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>" />
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>" />
|
||||
<input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
|
||||
</form>
|
||||
<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
|
||||
|
|
|
@ -14,45 +14,51 @@
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/ ?>
|
||||
<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
|
||||
<?
|
||||
*/
|
||||
|
||||
if($_SESSION['profile']['tverify'] <= 0) {
|
||||
echo _("You don't have access to this area.");
|
||||
} else {
|
||||
$uid = intval($_GET['uid']);
|
||||
$query = "select * from `tverify` where `id`='$uid' and `modified`=0";
|
||||
$query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
if(mysql_num_rows($res) > 0) {
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$memid = intval($row['memid']);
|
||||
|
||||
$query2 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
|
||||
$rc2 = mysql_num_rows(mysql_query($query2));
|
||||
if($rc2 > 0)
|
||||
{
|
||||
$query2 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'";
|
||||
$rc2 = mysql_num_rows(mysql_query($query2));
|
||||
if($rc2 > 0) {
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo _("You have already voted on this request.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$query = "select sum(`points`) as `points` from `notary` where `to`='$memid'";
|
||||
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `deleted` = 0";
|
||||
$notary = mysql_fetch_assoc(mysql_query($query));
|
||||
$query = "select * from `users` where `id`='$memid'";
|
||||
$query = "select * from `users` where `id`='".intval($memid)."'";
|
||||
$user = mysql_fetch_assoc(mysql_query($query));
|
||||
$tobe = 50 - $notary['points'];
|
||||
if($row['URL'] != '' && $row['photoid'] != '')
|
||||
if($row['URL'] != '' && $row['photoid'] != '') {
|
||||
$tobe = 150 - $notary['points'];
|
||||
else if($row['URL'] != '')
|
||||
} else if($row['URL'] != '') {
|
||||
$tobe = 90 - $notary['points'];
|
||||
if(intval($tobe) <= 0)
|
||||
}
|
||||
if(intval($tobe) <= 0) {
|
||||
$tobe = 0;
|
||||
}
|
||||
?>
|
||||
<?=_("Request Details")?>:<br>
|
||||
<?=_("Name on file")?>: <?=$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']?><br>
|
||||
<?=_("Primary email address")?>: <?=$user['email']." (".$user['id'].")"?><br>
|
||||
<?=_("Certificate Subject")?>: <?=$row['CN']?><br>
|
||||
<? if($row['URL'] != '') { ?><?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br><? } ?>
|
||||
<? if($row['photoid'] != '') { ?><?=_("Photo ID URL")?>: <a href="/account.php?id=51&photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br><? } ?>
|
||||
<?=_("Name on file")?>: <?=sanitizeHTML($user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'])?><br>
|
||||
<?=_("Primary email address")?>: <?=sanitizeHTML($user['email'])." (".intval($user['id']).")"?><br>
|
||||
<?=_("Certificate Subject")?>: <?=sanitizeHTML($row['CN'])?><br>
|
||||
<? if($row['URL'] != '') { ?>
|
||||
<?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br>
|
||||
<? } ?>
|
||||
<? if($row['photoid'] != '') { ?>
|
||||
<?=_("Photo ID URL")?>: <a href="/account.php?id=51&photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br>
|
||||
<? } ?>
|
||||
<?=_("Current Points")?>: <?=intval($notary['points'])?><br>
|
||||
<?=_("Potential Points")?>: <?=intval($tobe)?><br>
|
||||
<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br>
|
||||
|
@ -63,40 +69,37 @@
|
|||
<input type="submit" name="agree" value="<?=_("I agree with this Application")?>">
|
||||
<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>">
|
||||
<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>">
|
||||
<input type="hidden" name="uid" value="<?=$uid?>">
|
||||
<input type="hidden" name="uid" value="<?=intval($uid)?>">
|
||||
</form>
|
||||
<? } else {
|
||||
$query = "select * from `tverify` where `id`='$uid' and `modified`=1";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
echo _("This UID has already been voted on.")."<br/>";
|
||||
<?
|
||||
} else {
|
||||
if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
|
||||
}
|
||||
|
||||
// Search for open requests:
|
||||
$query = "select * from `tverify` where `modified`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
echo "<br/>"._("The following requests are still open:")."<br/><ul>";
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
$uid=intval($row['id']);
|
||||
$query3 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
|
||||
$rc3 = mysql_num_rows(mysql_query($query3));
|
||||
if($rc3 <= 0)
|
||||
{
|
||||
echo "<li><a href='account.php?id=52&uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n";
|
||||
$query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=1";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0) {
|
||||
echo _("This UID has already been voted on.")."<br/>";
|
||||
} else {
|
||||
if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
|
||||
}
|
||||
|
||||
// Search for open requests:
|
||||
$query = "select * from `tverify` where `modified`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0) {
|
||||
echo "<br/>"._("The following requests are still open:")."<br/><ul>";
|
||||
while($row = mysql_fetch_assoc($res)) {
|
||||
$uid=intval($row['id']);
|
||||
$query3 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'";
|
||||
$rc3 = mysql_num_rows(mysql_query($query3));
|
||||
if($rc3 <= 0)
|
||||
{
|
||||
echo "<li><a href='account.php?id=52&uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</ul>\n<br>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "<br/>"._("There are no pending requests where you haven't voted yet.");
|
||||
echo "</ul>\n<br>\n";
|
||||
} else {
|
||||
echo "<br/>"._("There are no pending requests where you haven't voted yet.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
} } ?>
|
||||
?>
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
<tr>
|
||||
<td colspan="5" class="title"><?=_("Your passed Tests")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
@ -34,7 +34,7 @@
|
|||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
|
||||
} else {
|
||||
$row = mysql_fetch_assoc($res);
|
||||
}
|
||||
|
@ -58,11 +58,11 @@
|
|||
<?
|
||||
$query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
|
||||
" FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
|
||||
" WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".(int)$user_id."'".
|
||||
" WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'".
|
||||
" ORDER BY `CP`.`pass_date`";
|
||||
|
||||
|
||||
$res = mysql_query($query);
|
||||
|
||||
|
||||
$HaveTest=0;
|
||||
while($row = mysql_fetch_array($res, MYSQL_NUM))
|
||||
{
|
||||
|
@ -71,23 +71,24 @@
|
|||
}
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=$row[0]?></td>
|
||||
<td class="DataTD"><?=$row[1]?></td>
|
||||
<td class="DataTD"><?=$row[2]?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row[0])?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row[1])?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row[2])?></td>
|
||||
</tr>
|
||||
<? }
|
||||
<? }
|
||||
?>
|
||||
</table>
|
||||
<br>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<tr>
|
||||
<?
|
||||
if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
|
||||
?>
|
||||
<tr><td colspan="3" class="DataTD"><a href="account.php?id=43&userid=<?=$user_id ?>">back</a></td></tr>
|
||||
<? } else {
|
||||
<tr><td colspan="3" class="DataTD"><a href="account.php?id=43&userid=<?=intval($user_id)?>">back</a></td></tr>
|
||||
<?
|
||||
} else {
|
||||
$query = 'SELECT `u`.id, `u`.`assurer`, SUM(`points`) FROM `users` AS `u`, `notary` AS `n` '.
|
||||
' WHERE `u`.`id` = \''.(int)intval($_SESSION['profile']['id']).'\' AND `n`.`to` = `u`.`id` AND `expire` < now() '.
|
||||
' WHERE `u`.`id` = \''.(int)intval($_SESSION['profile']['id']).'\' AND `n`.`to` = `u`.`id` AND `expire` < now() and and `n`.`deleted` = 0'.
|
||||
' GROUP BY `u`.id, `u`.`assurer`';
|
||||
$res = mysql_query($query);
|
||||
if (!$res) {
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
|
||||
} else {
|
||||
$row = mysql_fetch_assoc($res);
|
||||
?>
|
||||
|
@ -48,12 +48,12 @@
|
|||
<td class="DataTD"><b><?=_('Type')?></b></td>
|
||||
</tr>
|
||||
<?
|
||||
$data=get_first_user_agreement($user_id,1);
|
||||
$data=get_first_user_agreement($user_id, 'CCA', 1);
|
||||
if (!isset($data['active'])){
|
||||
$type='';
|
||||
}else{
|
||||
}else{
|
||||
$type=_('active');
|
||||
}
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_('First active CCA')?></td>
|
||||
|
@ -62,7 +62,7 @@
|
|||
<td class="DataTD"><?=$type?></td>
|
||||
</tr>
|
||||
<?
|
||||
$data=get_first_user_agreement($user_id,0);
|
||||
$data=get_first_user_agreement($user_id, 'CCA', 0);
|
||||
if (!isset($data['active'])){
|
||||
$type="";
|
||||
}else{
|
||||
|
@ -76,14 +76,14 @@
|
|||
<td class="DataTD"><?=$type?></td>
|
||||
</tr>
|
||||
<?
|
||||
$data=get_last_user_agreement($user_id);
|
||||
$data=get_last_user_agreement($user_id, 'CCA');
|
||||
if (!isset($data['active'])){
|
||||
$type="";
|
||||
}elseif($data['active']==1){
|
||||
$type=_('active');
|
||||
}else{
|
||||
$type=_('passive');
|
||||
}
|
||||
$type="";
|
||||
}elseif($data['active']==1){
|
||||
$type=_('active');
|
||||
}else{
|
||||
$type=_('passive');
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_('Last CCA')?></td>
|
||||
|
@ -98,7 +98,7 @@
|
|||
<?
|
||||
if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
|
||||
?>
|
||||
<tr><td colspan="3" class="DataTD"><a href="account.php?id=43&userid=<?=$user_id ?>">back</a></td></tr>
|
||||
<tr><td colspan="3" class="DataTD"><a href="account.php?id=43&userid=<?=intval($user_id)?>">back</a></td></tr>
|
||||
<? }
|
||||
?> </table>
|
||||
<?
|
||||
|
|
|
@ -23,7 +23,7 @@ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST)
|
|||
$query = "select `users`.`fname`, `users`.`mname`, `users`.`lname` from `users` where `id`='$user_id' and `users`.`deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) != 1){
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
|
||||
} else {
|
||||
if ($row = mysql_fetch_assoc($res)){
|
||||
$username=sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname']);
|
||||
|
@ -54,7 +54,7 @@ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST)
|
|||
}
|
||||
?></table>
|
||||
<? }else{
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,7 +25,7 @@ if(array_key_exists('cert',$_REQUEST)) {
|
|||
$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
|
||||
`emailcerts`.`expire` as `expires`,
|
||||
`emailcerts`.`expire`,
|
||||
`emailcerts`.`revoked` as `revoke`,
|
||||
UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
|
||||
`emailcerts`.`id`,
|
||||
|
@ -137,11 +137,11 @@ if (array_key_exists('format', $_REQUEST)) {
|
|||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Email Address")?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
|
||||
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("SerialNumber")?></td>
|
||||
<td class="DataTD"><?=$row['serial']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Revoked")?></td>
|
||||
|
@ -149,7 +149,7 @@ if (array_key_exists('format', $_REQUEST)) {
|
|||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Expires")?></td>
|
||||
<td class="DataTD"><?=$row['expires']?></td>
|
||||
<td class="DataTD"><?=$row['expire']?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Login")?></td>
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
$query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
|
||||
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
|
||||
UNIX_TIMESTAMP(`expire`) as `expired`,
|
||||
`expire` as `expires`, `id`, `level`,
|
||||
`expire`, `id`, `level`,
|
||||
`email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
|
||||
ORDER BY `issued` desc";
|
||||
$res = mysql_query($query);
|
||||
|
@ -43,6 +43,7 @@
|
|||
<? } else {
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
$verified = '';
|
||||
if($row['timeleft'] > 0)
|
||||
$verified = _("Valid");
|
||||
if($row['timeleft'] < 0)
|
||||
|
@ -53,18 +54,18 @@
|
|||
<tr>
|
||||
<? if($verified == _("Valid")) { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
|
||||
<? } else if($verified == _("Pending")) { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=$row['email']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
|
||||
<? } else { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
|
||||
<? } ?>
|
||||
<td class="DataTD"><?=$row['expires']?></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
|
||||
<td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
|
||||
<td class="DataTD"><?=$row['expire']?></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['keyid'])?></a></td>
|
||||
<td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
|
||||
<td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<? } ?>
|
||||
|
@ -77,5 +78,5 @@
|
|||
<td class="DataTD" colspan="6"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>" />
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>" />
|
||||
</form>
|
||||
|
|
|
@ -14,9 +14,9 @@
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/ ?>
|
||||
<?
|
||||
$res=mysql_fetch_assoc(mysql_query("select sum(acount) as summe from countries"));
|
||||
*/
|
||||
|
||||
$res=mysql_fetch_assoc(mysql_query("select sum(acount) as summe from countries"));
|
||||
$total1 =$res['summe'];
|
||||
|
||||
$locid=array_key_exists('locid',$_REQUEST)?intval($_REQUEST['locid']):0;
|
||||
|
@ -91,7 +91,7 @@
|
|||
{
|
||||
$query = "select *, `users`.`id` as `id` from `users`,`notary` where `listme`='1' and
|
||||
`ccid`='".$ccid."' and `regid`='".$regid."' and
|
||||
`locid`='".$locid."' and `users`.`id`=`notary`.`to`
|
||||
`locid`='".$locid."' and `users`.`id`=`notary`.`to` and `notary`.`deleted`=0
|
||||
group by `notary`.`to` HAVING SUM(`points`) >= 100 order by `points` desc";
|
||||
$list = mysql_query($query);
|
||||
if(mysql_num_rows($list) > 0)
|
||||
|
@ -104,19 +104,19 @@
|
|||
<td class="title"><?=_("Contact Details")?></td>
|
||||
<td class="title"><?=_("Email Assurer")?></td>
|
||||
<td class="title"><?=_("Assurer Challenge")?></td>
|
||||
|
||||
</tr>
|
||||
<? while($row = mysql_fetch_assoc($list)) { ?>
|
||||
|
||||
<? while($row = mysql_fetch_assoc($list)) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" width="100"><nobr><?=$row['fname']?> <?=substr($row['lname'], 0, 1)?></nobr></td>
|
||||
<td class="DataTD" width="100"><nobr><?=sanitizeHTML($row['fname'])?> <?=substr($row['lname'], 0, 1)?>.</nobr></td>
|
||||
<td class="DataTD"><?=maxpoints($row['id'])?></td>
|
||||
<td class="DataTD"><?=$row['contactinfo']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['contactinfo'])?></td>
|
||||
<td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td>
|
||||
<td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td>
|
||||
|
||||
</tr>
|
||||
<? }
|
||||
}
|
||||
<?
|
||||
}
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<td colspan="5" class="title"><?=_("Assurer Ranking")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<?
|
||||
<?// the rank calculation is not adjusted to the new deletion method
|
||||
$query = "SELECT `users`. *, count(*) AS `list` FROM `users`, `notary`
|
||||
WHERE `users`.`id` = `notary`.`from` AND `notary`.`from` != `notary`.`to`
|
||||
AND `from`='".intval($_SESSION['profile']['id'])."' GROUP BY `notary`.`from`";
|
||||
|
@ -36,8 +36,8 @@
|
|||
WHERE `users`.`id` = `notary`.`from` AND `notary`.`from` != `notary`.`to`
|
||||
GROUP BY `notary`.`from` HAVING count(*) > '$rc' ORDER BY `notary`.`when` DESC";
|
||||
*/
|
||||
$query = "SELECT count(*) AS `list` FROM `users`
|
||||
inner join `notary` on `users`.`id` = `notary`.`from`
|
||||
$query = "SELECT count(*) AS `list` FROM `users`
|
||||
inner join `notary` on `users`.`id` = `notary`.`from`
|
||||
GROUP BY `notary`.`from` HAVING count(*) > '$rc'";
|
||||
|
||||
$rank = mysql_num_rows(mysql_query($query)) + 1;
|
||||
|
@ -64,18 +64,18 @@
|
|||
<td class="DataTD"><b><?=_("Method")?></b></td>
|
||||
</tr>
|
||||
<?
|
||||
$query = "select * from `notary` where `to`='".intval($_SESSION['profile']['id'])."'";
|
||||
$query = "select `id`, `date`, `from`, `points`, `location`, `method` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['from'])."'"));
|
||||
$fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['from'])."'"));
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=$row['id']?></td>
|
||||
<td class="DataTD"><?=intval($row['id'])?></td>
|
||||
<td class="DataTD"><?=$row['date']?></td>
|
||||
<td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($row['from'])?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
|
||||
<td class="DataTD"><?=$row['points']?></td>
|
||||
<td class="DataTD"><?=$row['location']?></td>
|
||||
<td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($row['from'])?>"><?=sanitizeHTML(trim($fromuser['fname']." ".$fromuser['lname']))?></td>
|
||||
<td class="DataTD"><?=intval($row['points'])?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['location'])?></td>
|
||||
<td class="DataTD"><?=_(sprintf("%s", $row['method']))?></td>
|
||||
</tr>
|
||||
<?
|
||||
|
@ -114,30 +114,30 @@ if ($thawte)
|
|||
</tr>
|
||||
<?
|
||||
$points = 0;
|
||||
$query = "select * from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and `to`!='".intval($_SESSION['profile']['id'])."'";
|
||||
$query = "select `id`, `date`, `points`, `to`, `location`, `method` from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and `to`!='".intval($_SESSION['profile']['id'])."' and `deleted`=0" ;
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['to'])."'"));
|
||||
$points += $row['points'];
|
||||
$fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['to'])."'"));
|
||||
$points += intval($row['points']);
|
||||
$name = trim($fromuser['fname']." ".$fromuser['lname']);
|
||||
if($name == "")
|
||||
$name = _("Deleted before Verification");
|
||||
else
|
||||
$name = "<a href='wot.php?id=9&userid=".intval($row['to'])."'>$name</a>";
|
||||
$name = "<a href='wot.php?id=9&userid=".intval($row['to'])."'>".sanitizeHTML($name)."</a>";
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=intval($row['id'])?></td>
|
||||
<td class="DataTD"><?=$row['date']?></td>
|
||||
<td class="DataTD"><?=$name?></td>
|
||||
<td class="DataTD"><?=intval($row['points'])?></td>
|
||||
<td class="DataTD"><?=$row['location']?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($row['location'])?></td>
|
||||
<td class="DataTD"><?=$row['method']==""?"":_(sprintf("%s", $row['method']))?></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="3"><b><?=_("Total Points Issued")?>:</b></td>
|
||||
<td class="DataTD"><?=$points?></td>
|
||||
<td class="DataTD"><?=intval($points)?></td>
|
||||
<td class="DataTD" colspan="2"> </td>
|
||||
</tr>
|
||||
</table>
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
*/
|
||||
|
||||
require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
|
||||
|
||||
|
|
|
@ -15,9 +15,9 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
|
||||
|
||||
require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
|
||||
|
||||
|
||||
|
||||
$res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."' and `listme`='1'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
|
@ -28,9 +28,8 @@
|
|||
$user = mysql_fetch_array($res);
|
||||
$userlang = $user['language'];
|
||||
$points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
|
||||
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
|
||||
if($points <= 0)
|
||||
{
|
||||
where `to`='".intval($user['id'])."' and `deleted`=0 group by `to` HAVING SUM(`points`) > 0"));
|
||||
if($points <= 0) {
|
||||
echo _("Sorry, I was unable to locate that user.");
|
||||
} else {
|
||||
|
||||
|
@ -38,31 +37,31 @@
|
|||
?>
|
||||
<? if($_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
|
||||
<form method="post" action="wot.php">
|
||||
<input type="hidden" name="userid" value="<?=$user['id']?>">
|
||||
<input type="hidden" name="userid" value="<?=intval($user['id'])?>">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Contact Assurer")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("To")?>:</td>
|
||||
<td class="DataTD" align="left"><?=$user['fname']?> <?=substr($user['lname'], 0, 1)?></td>
|
||||
<td class="DataTD" align="left"><?=sanitizeHTML(trim($user['fname'].' '.substr($user['lname'], 0, 1)))?></td>
|
||||
</tr>
|
||||
<? if($userlang != "") { ?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Language")?>:</td>
|
||||
<td class="DataTD" align="left"><? printf(_("%s prefers to be contacted in %s"), $user['fname'], L10n::$translations[$userlang]) ?></td>
|
||||
<td class="DataTD" align="left"><? printf(_("%s prefers to be contacted in %s"), sanitizeHTML($user['fname']), L10n::$translations[$userlang]) ?></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<?
|
||||
$query = "select * from `addlang` where `userid`='".$user['id']."'";
|
||||
$query = "select * from `addlang` where `userid`='".intval($user['id'])."'";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
$lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='${row['lang']}'"));
|
||||
$lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_real_escape_string($row['lang'])."'"));
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Additional Language")?>:</td>
|
||||
<td class="DataTD" align="left"><? printf(_("%s will also accept email in %s - %s"), $user['fname'], $lang['lang'], $lang['country']) ?></td>
|
||||
<td class="DataTD" align="left"><? printf(_("%s will also accept email in %s - %s"), sanitizeHTML($user['fname']), sanitizeHTML($lang['lang']), sanitizeHTML($lang['country'])) ?></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
|
@ -79,7 +78,7 @@
|
|||
</table>
|
||||
<input type="hidden" name="pageid" value="<?=$_SESSION['_config']['pagehash']?>">
|
||||
<input type="hidden" name="userid" value="<?=intval($_REQUEST['userid'])?>">
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
<input type="hidden" name="oldid" value="<?=intval($id)?>">
|
||||
</form>
|
||||
<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
|
||||
<? } } ?>
|
||||
|
|
Loading…
Reference in a new issue