@ -53,14 +53,14 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
} else {
// $email contains non-digits ==> search for mail addresses
// Be defensive here (outer join) if primary mail is not listed in email table
$query = "select `users`.`id` as `id`, `email`.`email` as `email`
$query = "select `users`.`id` as `id`, `email`.`email` as `email`
from `users` left outer join `email` on (`users`.`id`=`email`.`memid`)
where (`email`.`email` like '$emailsearch'
where (`email`.`email` like '$emailsearch'
or `users`.`email` like '$emailsearch')
and `users`.`deleted`=0
group by `users`.`id` limit 100";
}
// bug-975 ted+uli changes --- end
// bug-975 ted+uli changes --- end
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
@ -342,7 +342,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
< td colspan = "2" class = "title" > <? = _ ( "Account State" ) ?> </ td >
< / tr >
<?
<?
// --- bug-975 begin ---
// potential db inconsistency like in a20110804.1
// Admin console -> don't list user account
@ -363,7 +363,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
4. email.email = primary-email (???) or'd
not covered by admin console find user routine, but may block users login
5. users.verified = 0|1
further "special settings"
further "special settings"
6. users.locked (setting displayed in display form)
7. users.assurer_blocked (setting displayed in display form)
@ -374,7 +374,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
1. users.verified = 1
2. users.deleted = 0
3. users.locked = 0
4. users.email = primary-email
4. users.email = primary-email
--- Assurer, assure someone find user query
select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
@ -388,11 +388,11 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
1. email.hash = '' Yes No No
2. email.deleted = 0 Yes No No
3. users.deleted = 0 Yes Yes Yes
4. users.verified = 1 No Yes No
4. users.verified = 1 No Yes No
5. users.locked = 0 No Yes No
6. users.email = prim-email No Yes Yes
7. email.email = prim-email Yes No No
full usable account needs all 7 requirements fulfilled
so if one setting isn't set/cleared there is an inconsistency either way
if eg email.email is not avail, admin console cannot open user info
@ -436,7 +436,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
}
if ($drow) {
$eemail = $drow['eemail'];
$edeleted = $drow['edeleted'];
@ -455,11 +455,11 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
}
if ($edeleted!=0) {
$inconsistency += 8;
$inccause .= (empty($inccause)?"":"< br > ")._("Email record set deleted");
$inccause .= (empty($inccause)?"":"< br > ")._("Email record set deleted");
}
if ($ehash!='') {
$inconsistency += 16;
$inccause .= (empty($inccause)?"":"< br > ")._("Email record hash not unset");
$inccause .= (empty($inccause)?"":"< br > ")._("Email record hash not unset");
}
} else {
$inconsistency = 32;
@ -478,14 +478,14 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
"operations and needs to be fixed manually through arbitration/critical ".
"team.")?>
< / td >
< / tr >
< / tr >
<? }
// --- bug-975 end ---
?>
< / table >
< br >
<?
<?
// End - Debug infos
?>
@ -514,12 +514,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `domains` inner join `domaincerts`
@ -530,7 +530,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
@ -539,7 +539,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
@ -572,12 +572,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `emailcerts`
@ -587,7 +587,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@ -595,7 +595,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@ -627,12 +627,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `gpg`
@ -641,7 +641,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
@ -649,7 +649,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
?>
< td class = "DataTD" > <? = intval ( $total ) ?> </ td >
< td class = "DataTD" > <? = intval ( $valid ) ?> </ td >
@ -676,12 +676,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `orgdomaincerts` as `orgcerts` inner join `org`
@ -692,7 +692,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@ -701,7 +701,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@ -736,12 +736,12 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
if ($drow['maxexpire']) {
$maxexpire = $drow['maxexpire'];
}
if($total > 0) {
$query = "select COUNT(*) as `valid`
from `orgemailcerts` as `orgcerts` inner join `org`
@ -752,7 +752,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "select COUNT(*) as `expired`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@ -761,7 +761,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "select COUNT(*) as `revoked`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
@ -831,7 +831,7 @@ function showassuredto()
< td class = "DataTD" > <? = intval ( $drow [ 'points' ]) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'location' ]) ?> </ td >
< td class = "DataTD" > <? = sanitizeHTML ( $drow [ 'method' ]) ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'to' ]) ?> &assurance= <? = intval ( $drow [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = _( "Are you sure you want to revoke th is assurance?" )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = intval ( $drow [ 'to' ]) ?> &assurance= <? = intval ( $drow [ 'id' ]) ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = sprintf( _( "Are you sure you want to revoke th e assurance with ID "%s"?"), $drow [ 'id' ] )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< / tr >
<? } ?>
< tr >
@ -877,7 +877,7 @@ function showassuredby()
< td class = "DataTD" > <? = $drow [ 'points' ] ?> </ td >
< td class = "DataTD" > <? = $drow [ 'location' ] ?> </ td >
< td class = "DataTD" > <? = $drow [ 'method' ] ?> </ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = $drow [ 'from' ] ?> &assurance= <? = $drow [ 'id' ] ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = _( "Are you sure you want to revoke th is assurance?" )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = $drow [ 'from' ] ?> &assurance= <? = $drow [ 'id' ] ?> &csrf= <? = make_csrf ( 'admdelassurance' ) ?> " onclick = "return confirm(' <? = sprintf( _( "Are you sure you want to revoke th e assurance with ID "%s"?"), $drow [ 'id' ] )?> ');" > <? = _ ( "Revoke" ) ?> </ a ></ td >
< / tr >
<? } ?>
< tr >
@ -888,7 +888,7 @@ function showassuredby()
< / table >
<? } ?>
< br > < br >
<? } }
<? } }
switch ($_GET['shownotary'])
{