From 98c8c419c867501a01dc7f27033d08c7cdb548ff Mon Sep 17 00:00:00 2001
From: Wytze van der Raay <wytze@cacert.org>
Date: Wed, 15 May 2013 09:37:21 +0000
Subject: [PATCH] Fix for https://bugs.cacert.org/view.php?id=1121 "Record the
 CCA acception for the account creation"

---
 includes/notary.inc.php     | 70 +++++++++++++++++++++++++++++++++++++
 scripts/cron/removedead.php |  4 ++-
 www/index.php               |  3 ++
 www/wot.php                 |  6 ++++
 4 files changed, 82 insertions(+), 1 deletion(-)

diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index cc0e0eb..240b649 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -602,4 +602,74 @@
 	<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
 <?
 	}
+	
+	//functions to do with recording user agreements
+	function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
+	// write a new record to the table user_agreement
+		$query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
+			",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
+		$res = mysql_query($query);
+	}
+	
+	function get_user_agreement_status($memid, $type="CCA"){
+	//returns 0 - no user agreement, 1- at least one entry
+		$query="SELECT u.`document` FROM `user_agreements` u 
+			WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." or u.`secmemid`=".$memid.")" ;
+		$res = mysql_query($query);
+		if(mysql_num_rows($res) <=0){
+			return 0;
+		}else{
+			return 1;
+		}
+	}
+
+	function get_first_user_agreement($memid, $active=1, $type="CCA"){
+	//returns an array (`document`,`date`,`method`, `comment`,`active`)
+		if($active==1){
+			$filter="u.`memid`=".$memid;
+		}else{
+			$filter="u.`secmemid`=".$memid;
+		}
+		$query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM `user_agreements` u
+			WHERE u.`document` = '".$type."' AND ".$filter."
+			ORDER BY u.`date` Limit 1;";
+		$res = mysql_query($query);
+		if(mysql_num_rows($res) >0){
+			$row = mysql_fetch_assoc($res);
+			$rec['document']= $row['document'];
+			$rec['date']= $row['date'];
+			$rec['method']= $row['method'];
+			$rec['comment']= $row['comment'];
+			$rec['active']= $row['active'];
+		}else{
+			$rec=array();
+		}
+		return $rec;
+	}
+
+	function get_last_user_agreement($memid, $type="CCA"){
+	//returns an array (`document`,`date`,`method`, `comment`,`active`)
+		$query="(SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 1 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND (u.`memid`=".$memid." ) order by `date` desc limit 1)
+ union
+ (SELECT u.`document`, u.`date`, u.`method`, u.`comment`, 0 as `active` FROM user_agreements u WHERE u.`document` = '".$type."' AND ( u.`secmemid`=".$memid.")) order by `date` desc limit 1" ;
+		$res = mysql_query($query);
+		if(mysql_num_rows($res) >0){
+			$row = mysql_fetch_assoc($res);
+			$rec['document']= $row['document'];
+			$rec['date']= $row['date'];
+			$rec['method']= $row['method'];
+			$rec['comment']= $row['comment'];
+			$rec['active']= $row['active'];
+		}else{
+			$rec=array();
+		}
+		return $rec;
+}
+
+	function delete_user_agreement($memid, $type="CCA"){
+	//deletes all entries to an user for the given type of user agreements
+		mysql_query("delete from `user_agreements` where `memid`='".$memid."'");
+		mysql_query("delete from `user_agreements` where `secmemid`='".$memid."'");
+	}
+
 ?>
diff --git a/scripts/cron/removedead.php b/scripts/cron/removedead.php
index aadda81..2257dc8 100755
--- a/scripts/cron/removedead.php
+++ b/scripts/cron/removedead.php
@@ -19,7 +19,8 @@
 
 	require_once(dirname(__FILE__).'/../../includes/mysql.php');
 	require_once(dirname(__FILE__).'/../../includes/lib/l10n.php');
-
+	require_once(dirname(__FILE__).'/../../includes/notary.inc.php');
+	
 	$query = "select * from `users`	where `users`.`verified`=0 and
 			(UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`users`.`created`)) >= 172800";
 	$res = mysql_query($query);
@@ -27,6 +28,7 @@
 	{
 		mysql_query("delete from `email` where `memid`='".$row['id']."'");
 		mysql_query("delete from `users` where `id`='".$row['id']."'");
+		delete_user_agreement($row['id']);
 	}
 
 	$query = "delete from `domains` where `hash`!='' and
diff --git a/www/index.php b/www/index.php
index 35d22d7..c7cc03e 100644
--- a/www/index.php
+++ b/www/index.php
@@ -18,6 +18,7 @@
 
 require_once('../includes/lib/l10n.php');
 
+
         $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
         $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
         $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
@@ -544,6 +545,8 @@ require_once('../includes/lib/l10n.php');
 						`regional`='".$_SESSION['signup']['regional']."',
 						`radius`='".$_SESSION['signup']['radius']."'";
 			mysql_query($query);
+			include_once("../includes/notary.inc.php");
+			write_user_agreement($memid, "CCA", "account creation", "", 1);
 
 			$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
 			$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
diff --git a/www/wot.php b/www/wot.php
index 551e485..35ee564 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -340,6 +340,11 @@ $iecho= "c";
 		}
 		mysql_query($query);
 		fix_assurer_flag($_SESSION['_config']['notarise']['id']);
+		include_once("../includes/notary.inc.php");
+/*to be activated after CCA accept option is implemented in form
+		write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']);}*/
+/* to be activated after the CCA recording is announced
+		write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']); */
 
 		if($_SESSION['profile']['points'] < 150)
 		{
@@ -356,6 +361,7 @@ $iecho= "c";
 							`method`='Administrative Increase',
 							`when`=NOW()";
 			mysql_query($query);
+
 			// No need to fix_assurer_flag here, this should only happen for assurers...
 			$_SESSION['profile']['points'] += $addpoints;
 		}