@ -14,30 +14,30 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
*/
include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$ticketno='';
$ticketvalidation=FALSE;
if(array_key_exists('assurance',$_REQUEST) & & $_REQUEST['assurance'] > 0)
{
$assurance = mysql_escape_string(intval($_REQUEST['assurance']));
$row = 0;
$res = mysql_query("select `to` from `notary` where `id`='$assurance'");
if ($res) {
$row = mysql_fetch_assoc($res);
}
mysql_query("delete from `notary` where `id`='$assurance'");
if ($row) {
fix_assurer_flag($row['to']);
if (isset($_SESSION['ticketno'])) {
$ticketno = $_SESSION['ticketno'];
$ticketvalidation = valid_ticket_number($ticketno);
}
if (isset($_SESSION['ticketmsg'])) {
$ticketmsg = $_SESSION['ticketmsg'];
} else {
$ticketmsg = '';
}
// search for an account by email search, if more than one is found display list to choose
if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) < = 0)
{
$_REQUEST['userid'] = 0;
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
$emailsearch = $email = mysql_real_ escape_string(stripslashes($_REQUEST['email']));
//Disabled to speed up the queries
//if(!strstr($email, "%"))
@ -64,7 +64,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
// bug-975 ted+uli changes --- end
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
if(mysql_num_rows($res) > 1) {
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Select Specific Account Details" ) ?> </ td >
@ -75,22 +76,32 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< / tr >
<?
while($row = mysql_fetch_assoc($res))
{ ?>
{
?>
< tr >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> " > <? = intval ( $row [ 'id' ]) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> " > <? = sanitizeHTML ( $row [ 'email' ]) ?> </ a ></ td >
< / tr >
<? } if ( mysql_num_rows ( $res ) >= 100 ) { ?>
<?
}
if(mysql_num_rows($res) >= 100) {
?>
< tr >
< td class = "DataTD" colspan = "2" > <? = _ ( "Only the first 100 rows are displayed." ) ?> </ td >
< / tr >
<? } else { ?>
<?
} else {
?>
< tr >
< td class = "DataTD" colspan = "2" > <? printf ( _ ( "%s rows displayed." ), mysql_num_rows ( $res )); ?> </ td >
< / tr >
<? } ?>
<?
}
?>
< / table > < br > < br >
<? } elseif ( mysql_num_rows ( $res ) == 1 ) {
<?
} elseif(mysql_num_rows($res) == 1) {
$row = mysql_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
@ -98,21 +109,66 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
}
if(intval($_REQUEST['userid']) > 0)
{
// display user information for given user id
if(intval($_REQUEST['userid']) > 0) {
$userid = intval($_REQUEST['userid']);
$query = "select * from `users` where `users`.`id`='$userid' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) < = 0)
{
$res =get_user_data($userid);
if(mysql_num_rows($res) < = 0) {
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else {
$row = mysql_fetch_assoc($res);
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."'";
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."' and `deleted` = 0 ";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($row['id'])."'"));
$alerts =get_alerts(intval($row['id']));
//display account data
//deletes an assurance
if(array_key_exists('assurance',$_REQUEST) & & $_REQUEST['assurance'] > 0 & & $ticketvalidation == true)
{
if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno)) {
$ticketmsg=_("Writing to the admin log failed. Can't continue.");
} else {
$assurance = intval($_REQUEST['assurance']);
$trow = 0;
$res = mysql_query("select `to` from `notary` where `id`='".intval($assurance)."' and `deleted` = 0");
if ($res) {
$trow = mysql_fetch_assoc($res);
if ($trow) {
mysql_query("update `notary` set `deleted`=NOW() where `id`='".intval($assurance)."'");
fix_assurer_flag($trow['to']);
}
}
}
} elseif(array_key_exists('assurance',$_REQUEST) & & $_REQUEST['assurance'] > 0 & & $ticketvalidation == FALSE) {
$ticketmsg=_('No assurance revoked. Ticket number is missing!');
}
//Ticket number
?>
< form method = "post" action = "account.php?id=43&userid= <? = intval ( $_REQUEST [ 'userid' ]) ?> " >
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "2" class = "title" > <? = _ ( 'Ticket handling' ) ?> </ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( 'Ticket no' ) ?> :</ td >
< td class = "DataTD" >< input type = "text" name = "ticketno" value = " <? = sanitizeHTML ( $ticketno ) ?> " /></ td >
< / tr >
< tr >
< td colspan = "2" class = "DataTDError" > <? = $ticketmsg ?> </ td > <?php $_SESSION [ 'ticketmsg' ] = '' ?>
< / tr >
< tr >
< td colspan = "2" >< input type = "submit" value = " <? = _ ( 'Set ticket number' ) ?> " ></ td >
< / tr >
< / table >
< / form >
< br / >
<!-- display data table -->
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? printf ( _ ( "%s's Account Details" ), sanitizeHTML ( $row [ 'email' ])); ?> </ td >
@ -125,7 +181,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = _ ( "First Name" ) ?> :</ td >
< td class = "DataTD" >< form method = "post" action = "account.php" onSubmit = "if(!confirm(' <? = _ ( "Are you sure you want to modify this DOB and/or last name?" ) ?> ')) return false;" >
< input type = "hidden" name = "csrf" value = " <? = make_csrf ( 'admchangepers' ) ?> " />
< input type = "text" name = "fname" value = " <? = sanitizeHTML ( $row [ 'fname' ]) ?> " ></ td >
< input type = "text" name = "fname" value = " <? = sanitizeHTML ( $row [ 'fname' ]) ?> " >
< / td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Middle Name" ) ?> :</ td >
@ -136,7 +193,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > < input type = "hidden" name = "oldid" value = "43" >
< input type = "hidden" name = "action" value = "updatedob" >
< input type = "hidden" name = "userid" value = " <? = intval ( $userid ) ?> " >
< input type = "text" name = "lname" value = " <? = sanitizeHTML ( $row [ 'lname' ]) ?> " ></ td >
< input type = "text" name = "lname" value = " <? = sanitizeHTML ( $row [ 'lname' ]) ?> " >
< / td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Suffix" ) ?> :</ td >
@ -149,21 +207,22 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?>< nobr > < select name = "day" >
?>
< nobr >
< select name = "day" >
<?
for($i = 1; $i < = 31; $i++)
{
for($i = 1; $i < = 31; $i++) {
echo "< option " ;
if($day == $i)
if($day == $i) {
echo " selected='selected'";
}
echo ">$i< / option > ";
}
?>
< / select >
< select name = "month" >
<?
for($i = 1; $i < = 12; $i++)
{
for($i = 1; $i < = 12; $i++) {
echo "< option value = '$i' " ;
if($month == $i)
echo " selected='selected'";
@ -172,11 +231,17 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
?>
< / select >
< input type = "text" name = "year" value = " <? = $year ?> " size = "4" >
< input type = "submit" value = "Go" > < / form > < / nobr > < / td >
< input type = "submit" value = "Go" >
< input type = "hidden" name = "ticketno" value = " <? = sanitizeHTML ( $ticketno ) ?> " />
< / form >
< / nobr >
< / td >
< / tr >
<? // list of flags ?>
< tr >
< td class = "DataTD" > <? = _ ( "CCA accepted" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=57&userid= <? = intval ( $row [ 'id' ]) ?> " > <? = intval ( get_user_agreement_status ( $row [ 'id' ])) ? _ ( "Yes" ) : _ ( "No" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=57&userid= <? = intval ( $row [ 'id' ]) ?> " > <? = intval ( get_user_agreement_status ( $row [ 'id' ] , 'CCA' )) ? _ ( "Yes" ) : _ ( "No" ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Trainings" ) ?> :</ td >
@ -184,71 +249,84 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Is Assurer" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer= <? = intval ( $row [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admsetassuret' ) ?> "> <? = $row [ 'assurer' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer= <? = intval ( $row [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admsetassuret' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'assurer' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Blocked Assurer" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer_blocked= <? = intval ( $row [ 'id' ]) ?> "> <? = $row [ 'assurer_blocked' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer_blocked= <? = intval ( $row [ 'id' ]) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'assurer_blocked' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Account Locking" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&locked= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admactlock' ) ?> "> <? = $row [ 'locked' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&locked= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admactlock' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'locked' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Code Signing" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&codesign= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admcodesign' ) ?> "> <? = $row [ 'codesign' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&codesign= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admcodesign' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'codesign' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Org Assurer" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&orgadmin= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admorgadmin' ) ?> "> <? = $row [ 'orgadmin' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&orgadmin= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admorgadmin' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'orgadmin' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "TTP Admin" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&ttpadmin= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admttpadmin' ) ?> "> <? = $row [ 'ttpadmin' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&ttpadmin= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admttpadmin' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'ttpadmin' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Location Admin" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&locadmin= <? = $row [ 'id' ] ?> " > <? = $row [ 'locadmin' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&locadmin= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = $row [ 'locadmin' ] ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Admin" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&admin= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admsetadmin' ) ?> "> <? = $row [ 'admin' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&admin= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admsetadmin' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> "> <? = intval ( $row [ 'admin' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Ad Admin" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&adadmin= <? = $row [ 'id' ] ?> " > <? = $row [ 'adadmin' ] ?> </ a > (0 = none, 1 = submit, 2 = approve)</ td >
< td class = "DataTD" >< a href = "account.php?id=43&adadmin= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $row [ 'adadmin' ] ) ?> </ a > (0 = none, 1 = submit, 2 = approve)</ td >
< / tr >
<!-- presently not needed
< tr >
< td class = "DataTD" > <? = _ ( "Tverify Account" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&tverify= <? = $row [ 'id' ] ?> " > <? = $row [ 'tverify' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&tverify= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $row [ 'tverify' ] ) ?> </ a ></ td >
< / tr >
-->
< tr >
< td class = "DataTD" > <? = _ ( "General Announcements" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&general= <? = $row [ 'id' ] ?> " > <? = $alerts [ 'general' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&general= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $alerts [ 'general' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Country Announcements" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&country= <? = $row [ 'id' ] ?> " > <? = $alerts [ 'country' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&country= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $alerts [ 'country' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Regional Announcements" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&regional= <? = $row [ 'id' ] ?> " > <? = $alerts [ 'regional' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&regional= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $alerts [ 'regional' ] ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Within 200km Announcements" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&radius= <? = $row [ 'id' ] ?> " > <? = $alerts [ 'radius' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&radius= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = intval ( $alerts [ 'radius' ] ) ?> </ a ></ td >
< / tr >
<? //change password, view secret questions and delete account section ?>
< tr >
< td class = "DataTD" > <? = _ ( "Change Password" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=44&userid= <? = $row [ 'id' ] ?> " > <? = _ ( "Change Password" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=44&userid= <? = intval ( $row [ 'id' ] )?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Change Password" ) ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Delete Account" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=50&userid= <? = $row [ 'id' ] ?> &csrf= <? = make_csrf ( 'admdelaccount' ) ?> " > <? = _ ( "Delete Account" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=50&userid= <? = intval ( $row [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admdelaccount' ) ?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Delete Account" ) ?> </ a ></ td >
< / tr >
<?
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if(array_key_exists('showlostpw',$_GET) & & $_GET['showlostpw'] == "yes") {
if(array_key_exists('showlostpw',$_GET) & & $_GET['showlostpw'] == "yes" & & $ticketvalidation==true) {
if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno)) {
?>
< tr >
< td class = "DataTD" colspan = "2" > <? = _ ( "Writing to the admin log failed. Can't continue." ) ?> </ td >
< / tr >
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &showlostpw=yes&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Show Lost Password Details" ) ?> </ a ></ td >
< / tr >
<?
} else {
?>
< tr >
< td class = "DataTD" > <? = _ ( "Lost Password" ) ?> - Q1:</ td >
@ -290,54 +368,85 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = _ ( "Lost Password" ) ?> - A5:</ td >
< td class = "DataTD" > <? = sanitizeHTML ( $row [ 'A5' ]) ?> </ td >
< / tr >
<? } else { ?>
<?
}
} elseif (array_key_exists('showlostpw',$_GET) & & $_GET['showlostpw'] == "yes" & & $ticketvalidation==false) {
?>
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &showlostpw=yes" > <? = _ ( "Show Lost Password Details" ) ?> </ a ></ td >
< td class = "DataTD" colspan = "2" > <? = _ ( 'No access granted. Ticket number is missing' ) ?> </td >
< / tr >
<? } ?>
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &showlostpw=yes&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Show Lost Password Details" ) ?> </ a ></ td >
< / tr >
<?
} else {
?>
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &showlostpw=yes&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Show Lost Password Details" ) ?> </ a ></ td >
< / tr >
<? }
// list assurance points
?>
< tr >
< td class = "DataTD" > <? = _ ( "Assurance Points" ) ?> :</ td >
< td class = "DataTD" > <? = intval ( $drow [ 'points' ]) ?> </ td >
< / tr >
<?
// show account history
?>
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=59&oldid=43&userid= <? = intval ( $row [ 'id' ]) ?> &ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( 'Show account history' ) ?> </ a ></ td >
< / tr >
< / table >
< br > <?
$query = "select * from `email` where `memid`='".intval($row['id'])."' and `deleted`=0 and `hash`=''
and `email`!='".mysql_escape_string($row['email'])."'";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
< br / >
<?
//list secondary email addresses
$dres = get_email_addresses(intval($row['id']),$row['email']);
if(mysql_num_rows($dres) > 0) {
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Alternate Verified Email Addresses" ) ?> </ td >
< /tr > <?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
< /tr >
<?
while($drow = mysql_fetch_assoc($dres)) {
?>
< tr >
< td class = "DataTD" > <? = _ ( "Secondary Emails" ) ?> :</ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'email' ]) ?> </ td >
< / tr >
<? } ?>
<?
}
?>
< / table >
< br > <? } ?>
< br / >
<?
$query = "select * from `domains` where `memid`='".intval($row['id'])."' and `deleted`=0 and `hash`=''";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
}
// list of domains
$dres=get_domains(intval($row['id']));
if(mysql_num_rows($dres) > 0) {
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Verified Domains" ) ?> </ td >
< /tr > <?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
< /tr >
<?
while($drow = mysql_fetch_assoc($dres)) {
?>
< tr >
< td class = "DataTD" > <? = _ ( "Domain" ) ?> :</ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'domain' ]) ?> </ td >
< / tr >
<? } ?>
<?
}
?>
< / table >
< br >
<? } ?>
< br / >
<?
}
?>
<? // Begin - Debug infos ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
@ -379,11 +488,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
4. users.email = primary-email
--- Assurer, assure someone find user query
select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
select * from `users` where `email`='".mysql_rea l_escape_string(stripslashes($_POST['email']))."'
and `deleted`=0
=> requirements
1. users.deleted = 0
2. users.email = primary-email
Admin User Assurer
bit Console Login assure someone
@ -413,6 +523,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$inconsistency = 0;
$inconsistencydisp = "";
$inccause = "";
// current userid intval($row['id'])
$query = "select `email` as `uemail`, `deleted` as `udeleted`, `verified`, `locked`
from `users` where `id`='".intval($row['id'])."' ";
@ -472,30 +583,30 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
?>
< tr >
< td class = "DataTD" > <? = _ ( "Account inconsistency" ) ?> :</ td >
< td class = "DataTD" > <? = $inccause ?> < br > code: <? = $inconsistency ?> </ td >
< td class = "DataTD" > <? = $inccause ?> < br > code: <? = intval ( $inconsistency ) ?> </ td >
< / tr >
< tr >
< td colspan = "2" class = "DataTD" style = "max-width: 75ex" >
<? = _ ( "Account inconsistency can cause problems in daily account " .
"operations and needs to be fixed manually through arbitration/critical ".
"team.")?>
< td colspan = "2" class = "DataTD" style = "max-width: 75ex;" >
<? = _ ( "Account inconsistency can cause problems in daily account operations and needs to be fixed manually through arbitration/critical team." ) ?>
< / td >
< / tr >
<? }
<?
}
// --- bug-975 end ---
?>
< / table >
< br >
< br / >
<?
// End - Debug infos
// certificate overview
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "6" class = "title" > <? = _ ( "Certificates" ) ?> </ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Cert Type" ) ?> :</ td >
< td class = "DataTD" > <? = _ ( "Total" ) ?> </ td >
@ -508,11 +619,13 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< tr >
< td class = "DataTD" > <? = _ ( "Server" ) ?> :</ td >
<?
$query = "select COUNT(*) as `total`,
$query = "
select COUNT(*) as `total`,
MAX(`domaincerts`.`expire`) as `maxexpire`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
where `domains`.`memid` = '".intval($row['id'])."' ";
where `domains`.`memid` = '".intval($row['id'])."'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
@ -523,30 +636,36 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
$query = "
select COUNT(*) as `valid`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
where `domains`.`memid` = '".intval($row['id'])."'
and `revoked` = '0000-00-00 00:00:00'
and `expire` > NOW()";
and `expire` > NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
$query = "
select COUNT(*) as `expired`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
where `domains`.`memid` = '".intval($row['id'])."'
and `expire` < = NOW()";
and `expire` < = NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
$query = "
select COUNT(*) as `revoked`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
where `domains`.`memid` = '".intval($row['id'])."'
and `revoked` != '0000-00-00 00:00:00'";
and `revoked` != '0000-00-00 00:00:00'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$revoked = $drow['revoked'];
@ -555,22 +674,24 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
< td class = "DataTD" > <? = intval ( $expired ) ?> </ td >
< td class = "DataTD" > <? = intval ( $revoked ) ?> </ td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ?
substr($maxexpire, 0, 10) : _("Pending")?>< / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ? substr ( $maxexpire , 0 , 10 ) : _ ( "Pending" ) ?> </ td >
<?
} else { // $total > 0
?>
< td colspan = "5" class = "DataTD" > <? = _ ( "None" ) ?> </ td >
<?
} ?>
}
?>
< / tr >
<!-- client certificates -->
< tr >
< td class = "DataTD" > <? = _ ( "Client" ) ?> :</ td >
<?
$query = "select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
$query = "
select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
from `emailcerts`
where `memid` = '".intval($row['id'])."' ";
where `memid` = '".intval($row['id'])."'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
@ -581,27 +702,33 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
$query = "
select COUNT(*) as `valid`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
and `revoked` = '0000-00-00 00:00:00'
and `expire` > NOW()";
and `expire` > NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
$query = "
select COUNT(*) as `expired`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
and `expire` < = NOW()";
and `expire` < = NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
$query = "
select COUNT(*) as `revoked`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
and `revoked` != '0000-00-00 00:00:00'";
and `revoked` != '0000-00-00 00:00:00'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$revoked = $drow['revoked'];
@ -610,22 +737,24 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
< td class = "DataTD" > <? = intval ( $expired ) ?> </ td >
< td class = "DataTD" > <? = intval ( $revoked ) ?> </ td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ?
substr($maxexpire, 0, 10) : _("Pending")?>< / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ? substr ( $maxexpire , 0 , 10 ) : _ ( "Pending" ) ?> </ td >
<?
} else { // $total > 0
?>
< td colspan = "5" class = "DataTD" > <? = _ ( "None" ) ?> </ td >
<?
} ?>
}
?>
< / tr >
<!-- gpg certificates -->
< tr >
< td class = "DataTD" > <? = _ ( "GPG" ) ?> :</ td >
<?
$query = "select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
$query = "
select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
from `gpg`
where `memid` = '".intval($row['id'])."' ";
where `memid` = '".intval($row['id'])."'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
@ -636,45 +765,50 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
$query = "
select COUNT(*) as `valid`
from `gpg`
where `memid` = '".intval($row['id'])."'
and `expire` > NOW()";
and `expire` > NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
$query = "
select COUNT(*) as `expired`
from `gpg`
where `memid` = '".intval($row['id'])."'
and `expire` < = NOW()";
and `expire` < = NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
?>
< td class = "DataTD" > <? = intval ( $total ) ?> </ td >
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
< td class = "DataTD" > <? = intval ( $expired ) ?> </ td >
< td class = "DataTD" > < / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ?
substr($maxexpire, 0, 10) : _("Pending")?>< / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ? substr ( $maxexpire , 0 , 10 ) : _ ( "Pending" ) ?> </ td >
<?
} else { // $total > 0
?>
< td colspan = "5" class = "DataTD" > <? = _ ( "None" ) ?> </ td >
<?
} ?>
}
?>
< / tr >
<!-- org server certificates -->
< tr >
< td class = "DataTD" >< a href = "account.php?id=58&userid= <? = intval ( $row [ 'id' ]) ?> " > <? = _ ( "Org Server" ) ?> </ a > :</ td >
<?
$query = "select COUNT(*) as `total`,
$query = "
select COUNT(*) as `total`,
MAX(`orgcerts`.`expire`) as `maxexpire`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."' ";
where `org`.`memid` = '".intval($row['id'])."'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
@ -685,30 +819,36 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
$query = "
select COUNT(*) as `valid`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
and `orgcerts`.`expire` > NOW()";
and `orgcerts`.`expire` > NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
$query = "
select COUNT(*) as `expired`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`expire` < = NOW()";
and `orgcerts`.`expire` < = NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
$query = "
select COUNT(*) as `revoked`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'";
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$revoked = $drow['revoked'];
@ -717,24 +857,26 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
< td class = "DataTD" > <? = intval ( $expired ) ?> </ td >
< td class = "DataTD" > <? = intval ( $revoked ) ?> </ td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ?
substr($maxexpire, 0, 10) : _("Pending")?>< / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ? substr ( $maxexpire , 0 , 10 ) : _ ( "Pending" ) ?> </ td >
<?
} else { // $total > 0
?>
< td colspan = "5" class = "DataTD" > <? = _ ( "None" ) ?> </ td >
<?
} ?>
}
?>
< / tr >
<!-- org client certificates -->
< tr >
< td class = "DataTD" > <? = _ ( "Org Client" ) ?> :</ td >
<?
$query = "select COUNT(*) as `total`,
$query = "
select COUNT(*) as `total`,
MAX(`orgcerts`.`expire`) as `maxexpire`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."' ";
where `org`.`memid` = '".intval($row['id'])."'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
@ -745,30 +887,36 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
$query = "
select COUNT(*) as `valid`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
and `orgcerts`.`expire` > NOW()";
and `orgcerts`.`expire` > NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
$query = "
select COUNT(*) as `expired`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`expire` < = NOW()";
and `orgcerts`.`expire` < = NOW()
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
$query = "
select COUNT(*) as `revoked`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'";
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$revoked = $drow['revoked'];
@ -777,14 +925,14 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
< td class = "DataTD" > <? = intval ( $expired ) ?> </ td >
< td class = "DataTD" > <? = intval ( $revoked ) ?> </ td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ?
substr($maxexpire, 0, 10) : _("Pending")?>< / td >
< td class = "DataTD" > <? = ( $maxexpire != "0000-00-00 00:00:00" ) ? substr ( $maxexpire , 0 , 10 ) : _ ( "Pending" ) ?> </ td >
<?
} else { // $total > 0
?>
< td colspan = "5" class = "DataTD" > <? = _ ( "None" ) ?> </ td >
<?
} ?>
}
?>
< / tr >
< tr >
< td colspan = "6" class = "title" >
@ -793,24 +941,32 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< input type = "hidden" name = "oldid" value = "43" >
< input type = "hidden" name = "userid" value = " <? = intval ( $userid ) ?> " >
< input type = "submit" value = " <? = _ ( 'revoke certificates' ) ?> " >
< input type = "hidden" name = "ticketno" value = " <? = sanitizeHTML ( $ticketno ) ?> " />
< / form >
< / td >
< / tr >
< / table >
< br >
< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &shownotary=assuredto" > <? = _ ( "Show Assurances the user got" ) ?> </ a >
(< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &shownotary=assuredto15" > <? = _ ( "New calculation" ) ?> </ a > )
< br / >
< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &shownotary=assuredby" > <? = _ ( "Show Assurances the user gave" ) ?> </ a >
(< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &shownotary=assuredby15" > <? = _ ( "New calculation" ) ?> </ a > )
< br / >
<? // list assurances ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td class = "DataTD" >
< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &shownotary=assuredto&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Show Assurances the user got" ) ?> </ a >
(< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &shownotary=assuredto15&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "New calculation" ) ?> </ a > )
< / td >
< / tr >
< tr >
< td class = "DataTD" >
< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &shownotary=assuredby&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "Show Assurances the user gave" ) ?> </ a >
(< a href = "account.php?id=43&userid= <? = intval ( $row [ 'id' ]) ?> &shownotary=assuredby15&ticketno= <? = sanitizeHTML ( $ticketno ) ?> " > <? = _ ( "New calculation" ) ?> </ a > )
< / td >
< / tr >
< / table >
<?
// if(array_key_exists('assuredto',$_GET) & & $_GET['assuredto'] == "yes") {
function showassuredto()
function showassuredto($ticketno)
{
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
@ -828,11 +984,10 @@ function showassuredto()
< td class = "DataTD" >< b > <? = _ ( "Revoke" ) ?> </ b ></ td >
< / tr >
<?
$query = "select * from `notary` where `to`='".intval($_GET['userid'])."'";
$query = "select * from `notary` where `to`='".intval($_GET['userid'])."' and `deleted` = 0 ";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
while($drow = mysql_fetch_assoc($dres)) {
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['from'])."'"));
$points += $drow['points'];
?>
@ -844,19 +999,21 @@ function showassuredto()
< td class = "DataTD" > <? = intval ( $drow [ 'points' ]) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'location' ]) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'method' ]) ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'to' ]) ?> &assurance= <? = intval ( $drow [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = sprintf ( _ ( "Are you sure you want to revoke the assurance with ID "%s"?" ), $drow [ 'id' ] )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'to' ]) ?> &assurance= <? = intval ( $drow [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> " onclick = "return confirm(' <? = sprintf ( _ ( "Are you sure you want to revoke the assurance with ID "%s"?" ), intval ( $drow [ 'id' ] ) )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< / tr >
<? } ?>
<?
}
?>
< tr >
< td class = "DataTD" colspan = "4" >< b > <? = _ ( "Total Points" ) ?> :</ b ></ td >
< td class = "DataTD" > <? = $points ?> </ td >
< td class = "DataTD" > <? = intval ( $points ) ?> </ td >
< td class = "DataTD" colspan = "3" > < / td >
< / tr >
< / table >
<? } ?>
<?
function showassuredby()
}
function showassuredby($ticketno)
{
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
@ -874,48 +1031,50 @@ function showassuredby()
< td class = "DataTD" >< b > <? = _ ( "Revoke" ) ?> </ b ></ td >
< / tr >
<?
$query = "select * from `notary` where `from`='".intval($_GET['userid'])."'";
$query = "select * from `notary` where `from`='".intval($_GET['userid'])."' and `deleted` = 0 ";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
$points += $drow['points'];
while($drow = mysql_fetch_assoc($dres)) {
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['to'])."'"));
$points += intval($drow['points']);
?>
< tr >
< td class = "DataTD" > <? = $drow [ 'id' ] ?> </ td >
< td class = "DataTD" > <? = intval ( $drow [ 'id' ] ) ?> </ td >
< td class = "DataTD" > <? = $drow [ 'date' ] ?> </ td >
< td class = "DataTD" >< a href = "wot.php?id=9&userid= <? = $drow [ 'to' ] ?> " > <? = $fromuser [ 'fname' ] . " " . $fromuser [ 'lname' ] ?> </ td >
< td class = "DataTD" >< a href = "wot.php?id=9&userid= <? = intval ( $drow [ 'to' ] ) ?> " > <? = sanitizeHTML ( $fromuser [ 'fname' ] . " " . $fromuser [ 'lname' ] ) ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'to' ]) ?> " > <? = sanitizeHTML ( $fromuser [ 'email' ]) ?> </ a ></ td >
< td class = "DataTD" > <? = $drow [ 'points' ] ?> </ td >
< td class = "DataTD" > <? = $drow [ 'location' ] ?> </ td >
< td class = "DataTD" > <? = $drow [ 'method' ] ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = $drow [ 'from' ] ?> &assurance= <? = $drow [ 'id' ] ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = sprintf ( _ ( "Are you sure you want to revoke the assurance with ID "%s"?" ), $drow [ 'id' ] )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< td class = "DataTD" > <? = intval ( $drow [ 'points' ] ) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'location' ] ) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'method' ] ) ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'from' ] ) ?> &assurance= <? = intval ( $drow [ 'id' ] ) ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> &ticketno=<? = sanitizeHTML ( $ticketno ) ?> " onclick = "return confirm(' <? = sprintf ( _ ( "Are you sure you want to revoke the assurance with ID "%s"?" ), intval ( $drow [ 'id' ] ) )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< / tr >
<? } ?>
<?
}
?>
< tr >
< td class = "DataTD" colspan = "4" >< b > <? = _ ( "Total Points" ) ?> :</ b ></ td >
< td class = "DataTD" > <? = $points ?> </ td >
< td class = "DataTD" > <? = intval ( $points ) ?> </ td >
< td class = "DataTD" colspan = "3" > < / td >
< / tr >
< / table >
<? } ?>
< br > < br >
<? } }
< br / > < br / >
<?
} }
if(isset($_GET['shownotary'])) {
switch($_GET['shownotary']) {
case 'assuredto':
showassuredto();
showassuredto($ticketno );
break;
case 'assuredby':
showassuredby();
showassuredby($ticketno );
break;
case 'assuredto15':
output_received_assurances(intval($_GET['userid']),1);
output_received_assurances(intval($_GET['userid']),1,$ticketno );
break;
case 'assuredby15':
output_given_assurances(intval($_GET['userid']),1);
output_given_assurances(intval($_GET['userid']),1, $ticketno );
break;
}
}