Combined fixes for
- https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" (fix committed on June 7, 2014, but this new file was left unreported).
This commit is contained in:
parent
13f78be640
commit
cda3e7f0db
1 changed files with 385 additions and 0 deletions
385
pages/account/59.php
Normal file
385
pages/account/59.php
Normal file
|
@ -0,0 +1,385 @@
|
|||
<?/*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 of the License.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
|
||||
|
||||
|
||||
$userid = intval($_REQUEST['userid']);
|
||||
|
||||
$res = get_user_data($userid);
|
||||
if (mysql_num_rows($res) <= 0)
|
||||
{
|
||||
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
|
||||
exit;
|
||||
}
|
||||
|
||||
$user = mysql_fetch_assoc($res);
|
||||
|
||||
$fname = $user['fname'];
|
||||
$mname = $user['mname'];
|
||||
$lname = $user['lname'];
|
||||
$suffix = $user['suffix'];
|
||||
$dob = $user['dob'];
|
||||
$username = $fname." ".$mname." ".$lname." ".$suffix;
|
||||
$email = $user['email'];
|
||||
$alerts =get_alerts($userid);
|
||||
|
||||
$ticketno = "";
|
||||
if (array_key_exists('ticketno', $_SESSION)) {
|
||||
$ticketno = $_SESSION['ticketno'];
|
||||
}
|
||||
|
||||
$oldid = 0;
|
||||
if (array_key_exists('oldid', $_REQUEST)) {
|
||||
$oldid = intval($_REQUEST['oldid']);
|
||||
}
|
||||
|
||||
// Support Engineer access restrictions
|
||||
$support=0;
|
||||
if ($userid != $_SESSION['profile']['id']) {
|
||||
// Check if support engineer
|
||||
if (array_key_exists('admin', $_SESSION['profile']) &&
|
||||
$_SESSION['profile']['admin'] != 0)
|
||||
{
|
||||
$support=$_SESSION['profile']['admin'];
|
||||
|
||||
} else {
|
||||
echo _("You do not have access to this page.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!valid_ticket_number($ticketno)) {
|
||||
printf(_("I'm sorry, you did not enter a ticket number! %s Support is not allowed to view the account history without a ticket number."), '<br/>');
|
||||
echo '<br/><a href="account.php?id=43&userid='.intval($userid).'">'. _('Back to previous page.') .'</a>';
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE View account history', $ticketno)) {
|
||||
echo _("Writing to the admin log failed. Can't continue.");
|
||||
echo '<br/><a href="account.php?id=43&userid='.intval($userid).'">'. _('Back to previous page.') .'</a>';
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Account details
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?printf(_('Account history of %s'),$username)?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_('User actions')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_('User name')?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($username)?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_('Date of Birth')?></td>
|
||||
<td class="DataTD"><?=sanitizeHTML($dob)?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Is Assurer")?>:</td>
|
||||
<td class="DataTD"><?= ($user['assurer']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Blocked Assurer")?>:</td>
|
||||
<td class="DataTD"><?= ($user['assurer_blocked']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Account Locking")?>:</td>
|
||||
<td class="DataTD"><?= ($user['locked']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Code Signing")?>:</td>
|
||||
<td class="DataTD"><?= ($user['codesign']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Org Assurer")?>:</td>
|
||||
<td class="DataTD"><?= ($user['orgadmin']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("TTP Admin")?>:</td>
|
||||
<td class="DataTD"><?= $user['ttpadmin']._(' - 0 = none, 1 = TTP Admin, 2 = TTP TOPUP admin')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Location Admin")?>:</td>
|
||||
<td class="DataTD"><?= ($user['locadmin']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Admin")?>:</td>
|
||||
<td class="DataTD"><?= ($user['admin']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Ad Admin")?>:</td>
|
||||
<td class="DataTD"><?= $user['adadmin']._(' - 0 = none, 1 = submit, 2 = approve')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("General Announcements")?>:</td>
|
||||
<td class="DataTD"><?= ($alerts['general']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Country Announcements")?>:</td>
|
||||
<td class="DataTD"><?= ($alerts['country']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Regional Announcements")?>:</td>
|
||||
<td class="DataTD"><?= ($alerts['regional']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
|
||||
<td class="DataTD"><?= ($alerts['radius']==0)? _('No'):_('Yes')?></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br/>
|
||||
<?
|
||||
|
||||
// Email addresses
|
||||
$dres = get_email_addresses($userid,'',1);
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="3" class="title"><?=_('Email addresses')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_log_email_header();
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_log_email($drow,$email);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="3" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
<?
|
||||
|
||||
// Domains
|
||||
$dres = get_domains($userid, 1);
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="3" class="title"><?=_('Domains')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_log_domains_header();
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_log_domains($drow);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="3" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
// Trainings
|
||||
$dres = get_training_results($userid);
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="3" class="title"><?=_('Trainings')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_log_training_header();
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_log_training($drow);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="3" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
// User Agreements
|
||||
$dres = get_user_agreements($userid);
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="4" class="title"><?=_('User agreements')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_log_agreement_header();
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_log_agreement($drow);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="4" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
// Client Certificates
|
||||
$dres = get_client_certs($userid, 1);
|
||||
$colspan=8;
|
||||
if (1 == $support) {
|
||||
$colspan=6;
|
||||
}
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" class="title"><?=_('Client certificates')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_client_cert_header($support);
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_client_cert($drow,$support);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
// Server Certificates
|
||||
$dres = get_server_certs($userid,1);
|
||||
$colspan = 7;
|
||||
if (1 == $support) {
|
||||
$colspan = 5;
|
||||
}
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" class="title"><?=_('Server certificates')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_server_certs_header($support);
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_server_certs($drow,$support);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
// GPG Certificates
|
||||
$dres = get_gpg_certs($userid,1);
|
||||
$colspan = 6;
|
||||
if (1 == $support) {
|
||||
$colspan = 4;
|
||||
}
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" class="title"><?=_('GPG/PGP certificates')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_gpg_certs_header($support);
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_gpg_certs($drow, $support);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}?>
|
||||
</table>
|
||||
<br/>
|
||||
|
||||
<?
|
||||
|
||||
output_given_assurances($userid, $support, $ticketno, 1);
|
||||
?><br/><?
|
||||
|
||||
output_received_assurances($userid, $support, $ticketno, 1);
|
||||
?><br/><?
|
||||
|
||||
$dres = get_se_log($userid);
|
||||
$colspan = 2;
|
||||
if (1 == $support) {
|
||||
$colspan = 4;
|
||||
}
|
||||
?>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" class="title"><?=_('Admin log')?></td>
|
||||
</tr>
|
||||
<?
|
||||
if (mysql_num_rows($dres) > 0) {
|
||||
output_log_se_header($support);
|
||||
while ($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
output_log_se($drow,$support);
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
|
||||
</tr>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="<?=$colspan?>" >
|
||||
<a href="account.php?id=<?=$oldid?intval($oldid):($support?43:13)?>&userid=<?=intval($userid)?>"><?= _('Back to previous page.')?></a>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
</table>
|
Loading…
Reference in a new issue