@ -16,27 +16,27 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
if($_REQUEST['assurance'] > 0)
{
$assurance = mysql_escape_string($_REQUEST['assurance']);
mysql_query("delete from `notary` where `id`='$assurance'");
}
if($_REQUEST['assurance'] > 0)
{
$assurance = mysql_escape_string($_REQUEST['assurance']);
mysql_query("delete from `notary` where `id`='$assurance'");
}
if(intval($_REQUEST['userid']) < = 0)
{
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
if(!strstr($email, "%"))
$emailsearch = "%$email%";
if(intval($email) > 0)
$emailsearch = "";
if(intval($_REQUEST['userid']) < = 0)
{
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
if(!strstr($email, "%"))
$emailsearch = "%$email%";
if(intval($email) > 0)
$emailsearch = "";
$query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
where `users`.`id`=`email`.`memid` and
(`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
`email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
group by `users`.`id` limit 100";
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
$query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
where `users`.`id`=`email`.`memid` and
(`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
`email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
group by `users`.`id` limit 100";
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Select Specific Account Details" ) ?> </ td >
@ -46,8 +46,8 @@
< td class = "DataTD" > <? = _ ( "Email" ) ?> </ td >
< / tr >
<?
while($row = mysql_fetch_assoc($res))
{ ?>
while($row = mysql_fetch_assoc($res))
{ ?>
< tr >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> " > <? = $row [ 'id' ] ?> </ a ></ td >
< td class = "DataTD" >< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> " > <? = $row [ 'email' ] ?> </ a ></ td >
@ -62,28 +62,28 @@
< / tr >
<? } ?>
< / table > < br > < br >
<? } elseif ( mysql_num_rows ( $res ) == 1 ) {
$row = mysql_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
printf(_("No users found matching %s"), $email);
}
}
<? } elseif ( mysql_num_rows ( $res ) == 1 ) {
$row = mysql_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
printf(_("No users found matching %s"), $email);
}
}
if(intval($_REQUEST['userid']) > 0)
{
$id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) < = 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
} else {
$row = mysql_fetch_assoc($res);
$query = "select sum(`points`) as `points` from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$row['id']."'"));
if(intval($_REQUEST['userid']) > 0)
{
$id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) < = 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
} else {
$row = mysql_fetch_assoc($res);
$query = "select sum(`points`) as `points` from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$row['id']."'"));
?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
@ -104,10 +104,10 @@
< tr >
< td class = "DataTD" > <? = _ ( "Last Name" ) ?> :</ td >
< td class = "DataTD" > < form method = "post" action = "account.php" onSubmit = "if(!confirm('Are you sure you want to modify this DOB and/or last name?')) return false;" >
< input type = "hidden" name = "oldid" value = "43" >
< input type = "hidden" name = "action" value = "updatedob" >
< input type = "hidden" name = "userid" value = " <? = $id ?> " >
< input type = "text" name = "lname" value = " <? = $row [ 'lname' ] ?> " ></ td >
< input type = "hidden" name = "oldid" value = "43" >
< input type = "hidden" name = "action" value = "updatedob" >
< input type = "hidden" name = "userid" value = " <? = $id ?> " >
< input type = "text" name = "lname" value = " <? = $row [ 'lname' ] ?> " ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Suffix" ) ?> :</ td >
@ -117,10 +117,10 @@
< td class = "DataTD" > <? = _ ( "Date of Birth" ) ?> :</ td >
< td class = "DataTD" >
<?
$year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?>< nobr > < select name = "day" >
$year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?>< nobr > < select name = "day" >
<?
for($i = 1; $i < = 31; $i++)
{
@ -145,6 +145,18 @@
< input type = "text" name = "year" value = " <? = $year ?> " size = "4" >
< input type = "submit" value = "Go" > < / form > < / nobr > < / td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Trainings" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=55&userid= <? = $row [ 'id' ] ?> " > show</ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Is Assurer" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer= <? = $row [ 'id' ] ?> " > <? = $row [ 'assurer' ] ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Blocked Assurer" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&assurer_blocked= <? = $row [ 'id' ] ?> " > <? = $row [ 'assurer_blocked' ] ?> </ a ></ td >
< / tr >
< tr >
< td class = "DataTD" > <? = _ ( "Account Locking" ) ?> :</ td >
< td class = "DataTD" >< a href = "account.php?id=43&locked= <? = $row [ 'id' ] ?> " > <? = $row [ 'locked' ] ?> </ a ></ td >
@ -202,8 +214,8 @@
< td class = "DataTD" >< a href = "account.php?id=50&userid= <? = $row [ 'id' ] ?> " > <? = _ ( "Delete Account" ) ?> </ a ></ td >
< / tr >
<?
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if($_GET['showlostpw'] != "yes") {
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if($_GET['showlostpw'] != "yes") {
?>
< tr >
< td class = "DataTD" colspan = "2" >< a href = "account.php?id=43&userid= <? = $row [ 'id' ] ?> &showlostpw=yes" > <? = _ ( "Show Lost Password Details" ) ?> </ a ></ td >
@ -256,17 +268,17 @@
< / tr >
< / table >
< br > <?
$query = "select * from `email` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''
and `email`!='".$row['email']."'";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
$query = "select * from `email` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''
and `email`!='".$row['email']."'";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Alternate Verified Email Addresses" ) ?> </ td >
</ tr > <?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
< tr >
< td class = "DataTD" > <? = _ ( "Secondary Emails" ) ?> :</ td >
< td class = "DataTD" > <? = $drow [ 'email' ] ?> </ td >
@ -275,16 +287,16 @@
< / table >
< br > <? } ?>
<?
$query = "select * from `domains` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
$query = "select * from `domains` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
< table align = "center" valign = "middle" border = "0" cellspacing = "0" cellpadding = "0" class = "wrapper" >
< tr >
< td colspan = "5" class = "title" > <? = _ ( "Verified Domains" ) ?> </ td >
</ tr > <?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
< tr >
< td class = "DataTD" > <? = _ ( "Domain" ) ?> :</ td >
< td class = "DataTD" > <? = $drow [ 'domain' ] ?> </ td >
@ -306,13 +318,13 @@
< td class = "DataTD" >< b > <? = _ ( "Revoke" ) ?> </ b ></ td >
< / tr >
<?
$query = "select * from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['from']."'"));
$points += $drow['points'];
$query = "select * from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['from']."'"));
$points += $drow['points'];
?>
< tr >
< td class = "DataTD" > <? = $drow [ 'date' ] ?> </ td >
@ -343,13 +355,13 @@
< td class = "DataTD" >< b > <? = _ ( "Revoke" ) ?> </ b ></ td >
< / tr >
<?
$query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
$points += $drow['points'];
$query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
$points += $drow['points'];
?>
< tr >
< td class = "DataTD" > <? = $drow [ 'date' ] ?> </ td >