cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

bug #159

Browse Source
pull/1/head
root 18 years ago
parent 6efdd162c4
commit cc90dd70e8
3 changed files with 47 additions and 36 deletions
Show Stats Download Patch File Download Diff File

47
pages/account/13.php
Unescape Escape View File

@ -13,17 +13,18 @@
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<?
$year = intval(substr($_SESSION['_config']['user']['dob'], 0, 4));
$month = intval(substr($_SESSION['_config']['user']['dob'], 5, 2));
$day = intval(substr($_SESSION['_config']['user']['dob'], 8, 2));
$user = $_SESSION['profile'];
$year = intval(substr($user['dob'], 0, 4));
$month = intval(substr($user['dob'], 5, 2));
$day = intval(substr($user['dob'], 8, 2));
$body = sprintf(_("Hi %s,"),$_SESSION['_config']['user']['fname'])."\n";
$body = sprintf(_("Hi %s,"),$user['fname'])."\n";
$body .= _("You are receiving this email because you or someone else")."\n";
$body .= _("has viewed your lost password questions.")."\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
sendmail($_SESSION['_config']['user']['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
@ -33,22 +34,22 @@
<? if($_SESSION['profile']['points'] == 0) { ?>
<tr>
<td class="DataTD" width="125"><?=_("First Name")?>: </td>
<td class="DataTD" width="125"><input type="text" name="fname" value="<?=$_SESSION['_config']['user']['fname']?>"></td>
<td class="DataTD" width="125"><input type="text" name="fname" value="<?=$user['fname']?>"></td>
</tr>
<tr>
<td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
(<?=_("optional")?>)
</td>
<td class="DataTD"><input type="text" name="mname" value="<?=$_SESSION['_config']['user']['mname']?>"></td>
<td class="DataTD"><input type="text" name="mname" value="<?=$user['mname']?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Last Name")?>: </td>
<td class="DataTD"><input type="text" name="lname" value="<?=$_SESSION['_config']['user']['lname']?>"></td>
<td class="DataTD"><input type="text" name="lname" value="<?=$user['lname']?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Suffix")?><br>
(<?=_("optional")?>)</td>
<td class="DataTD"><input type="text" name="suffix" value="<?=$_SESSION['_config']['user']['suffix']?>"></td>
<td class="DataTD"><input type="text" name="suffix" value="<?=$user['suffix']?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?><br>
@ -81,22 +82,22 @@
<? } else { ?>
<tr>
<td class="DataTD" width="125"><?=_("First Name")?>: </td>
<td class="DataTD" width="125"><?=$_SESSION['_config']['user']['fname']?></td>
<td class="DataTD" width="125"><?=$user['fname']?></td>
</tr>
<tr>
<td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
(<?=_("optional")?>)
</td>
<td class="DataTD"><?=$_SESSION['_config']['user']['mname']?></td>
<td class="DataTD"><?=$user['mname']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Last Name")?>: </td>
<td class="DataTD"><?=$_SESSION['_config']['user']['lname']?></td>
<td class="DataTD"><?=$user['lname']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Suffix")?><br>
(<?=_("optional")?>)</td>
<td class="DataTD"><?=$_SESSION['_config']['user']['suffix']?></td>
<td class="DataTD"><?=$user['suffix']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?><br>
@ -108,24 +109,24 @@
<td class="DataTD" colspan="2"><?=_("Lost Pass Phrase Questions")?></td>
</tr>
<tr>
<td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?=$_SESSION['_config']['user']['Q1']?>"></td>
<td class="DataTD"><input type="text" name="A1" value="<?=$_SESSION['_config']['user']['A1']?>"></td>
<td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?=$user['Q1']?>"></td>
<td class="DataTD"><input type="text" name="A1" value="<?=$user['A1']?>"></td>
</tr>
<tr>
<td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?=$_SESSION['_config']['user']['Q2']?>"></td>
<td class="DataTD"><input type="text" name="A2" value="<?=$_SESSION['_config']['user']['A2']?>"></td>
<td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?=$user['Q2']?>"></td>
<td class="DataTD"><input type="text" name="A2" value="<?=$user['A2']?>"></td>
</tr>
<tr>
<td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?=$_SESSION['_config']['user']['Q3']?>"></td>
<td class="DataTD"><input type="text" name="A3" value="<?=$_SESSION['_config']['user']['A3']?>"></td>
<td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?=$user['Q3']?>"></td>
<td class="DataTD"><input type="text" name="A3" value="<?=$user['A3']?>"></td>
</tr>
<tr>
<td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?=$_SESSION['_config']['user']['Q4']?>"></td>
<td class="DataTD"><input type="text" name="A4" value="<?=$_SESSION['_config']['user']['A4']?>"></td>
<td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?=$user['Q4']?>"></td>
<td class="DataTD"><input type="text" name="A4" value="<?=$user['A4']?>"></td>
</tr>
<tr>
<td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?=$_SESSION['_config']['user']['Q5']?>"></td>
<td class="DataTD"><input type="text" name="A5" value="<?=$_SESSION['_config']['user']['A5']?>"></td>
<td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?=$user['Q5']?>"></td>
<td class="DataTD"><input type="text" name="A5" value="<?=$user['A5']?>"></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>

4
pages/wot/9.php
Unescape Escape View File

@ -17,7 +17,6 @@
if(mysql_num_rows($res) <= 0)
{
echo _("Sorry, I was unable to locate that user, the person doesn't wish to be contacted, or isn't an assurer.");
unset($_SESSION['_config']['user']);
} else {
$user = mysql_fetch_array($res);
@ -27,14 +26,13 @@
if($points <= 0)
{
echo _("Sorry, I was unable to locate that user.");
unset($_SESSION['_config']['user']);
} else {
$_SESSION['_config']['user'] = $user;
$_SESSION['_config']['pagehash'] = md5(date("U"));
?>
<? if($_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } ?>
<form method="post" action="wot.php">
<input type="hidden" name="userid" value="<?=$user['id']?>">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Contact Assurer")?></td>

32
www/wot.php
Unescape Escape View File

@ -401,7 +401,7 @@
exit;
}
if($oldid == 9 && $_SESSION['_config']['user']['id'] > 0 && $_SESSION['profile']['id'] > 0)
if($oldid == 9 && $_REQUEST['userid'] > 0 && $_SESSION['profile']['id'] > 0)
{
if($_SESSION['_config']['pagehash'] != $_REQUEST['pageid'])
{
@ -409,15 +409,27 @@
$id = 9;
$error = _("It looks like you were trying to contact multiple people, this isn't allowed due to data security reasons.");
} else {
$body = $_POST['message'];
$subject = $_POST['subject'];
sendmail($_SESSION['_config']['user']['email'], "[CAcert.org] ".$_POST['subject'], $_POST['message'],
$_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']);
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Your email has been sent to ").$_SESSION['_config']['user']['fname'].".</p>";
echo "<p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p>\n";
showfooter();
exit;
$body = $_REQUEST['message'];
$subject = $_REQUEST['subject'];
$userid = intval($_REQUEST['userid']);
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
$points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
if($points > 0)
{
sendmail($user['email'], "[CAcert.org] ".$_REQUEST['subject'], $_REQUEST['message'],
$_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']);
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Your email has been sent to ").$user['fname'].".</p>";
echo "<p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p>\n";
showfooter();
exit;
} else {
showheader(_("My CAcert.org Account!"));
echo _("Sorry, I was unable to locate that user.");
showfooter();
exit;
}
}
} elseif($oldid == 9) {
unset($oldid);

Write Preview
Loading…
Cancel
Save