'".intval($no_of_assurances)."'"); return intval(query_get_number_of_rows($res)+1); } function get_top_assuree_position ($no_of_assurees) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method` = 'Face to Face Meeting' GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'"); return intval(query_get_number_of_rows($res)+1); } function get_given_assurances ($userid) { $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc"); return $res; } function get_received_assurances ($userid) { $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc "); return $res; } function get_given_assurances_summary ($userid) { $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method"); return $res; } function get_received_assurances_summary ($userid) { $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method"); return $res; } function get_user ($userid) { $res = query_init ("select * from `users` where `id`='".intval($userid)."'"); return mysql_fetch_assoc($res); } function get_cats_state ($userid) { $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1 WHERE `cats_passed`.`user_id` = '".intval($userid)."'"); return mysql_num_rows($res); } function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked) { $apoints = max($row['points'], $row['awarded']); $points += $apoints; $experience = " "; $revoked = false; # to be coded later (after DB-upgrade) if ($row['method'] == "Face to Face Meeting") { $sum_experience = $sum_experience +2; $experience = "2"; } return $apoints; } function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked) { $awarded = calc_points($row); $revoked = false; if ($awarded > 100) { $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100) $awarded = 100; } else $experience = 0; switch ($row['method']) { case 'Thawte Points Transfer': case 'CT Magazine - Germany': case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented $awarded=sprintf("%s",_("Revoked")); $experience=0; $revoked=true; break; default: $points += $awarded; } $sumexperience = $sumexperience + $experience; } function show_user_link ($name,$userid) { $name = trim($name); if($name == "") { if ($userid == 0) $name = _("System"); else $name = _("Deleted account"); } else $name = "".sanitizeHTML($name).""; return $name; } function show_email_link ($email,$userid) { $email = trim($email); if($email != "") $email = "".sanitizeHTML($email).""; return $email; } function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer) { $num_of_assurances = get_number_of_assurances (intval($userid)); $rank_of_assurer = get_top_assurer_position($num_of_assurances); } function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree) { $num_of_assurees = get_number_of_assurees (intval($userid)); $rank_of_assuree = get_top_assuree_position($num_of_assurees); } // ************* html table definitions ****************** function output_ranking($userid) { get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer); get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree); ?>

class="DataTD">:
  :  

"; $emclose=""; } } } ?> > > > > > > > > > >');">

100, awarded shows correct value else $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value switch ($row['method']) { case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration) case 'CT Magazine - Germany': // revoke c't (only one test-entry) case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented) $points = 0; break; case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation) if ($points <= 2) // maybe limit to 35/50 pts in the future? $points = 0; break; case 'Unknown': // to be revoked in the future? limit to max 50 pts? case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? case 'TTP-Assisted': // TTP assurances, limit to 35 case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30 case '': // to be revoked in the future? limit to max 50 pts? case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? break; default: // should never happen ... ;-) $points = 0; } if ($points < 0) // ignore negative points (bug needs to be fixed) $points = 0; return $points; } function max_points($userid) { return output_summary_content ($userid,0); } function output_summary_content($userid,$display_output) { $sum_points = 0; $sum_experience = 0; $sum_experience_other = 0; $max_points = 100; $max_experience = 50; $experience_limit_reached_txt = _("Limit reached"); if (check_date_limit($userid,18) != 1) { $max_experience = 10; $experience_limit_reached_txt = _("Limit given by PoJAM reached"); } if (check_date_limit($userid,14) != 1) { $max_experience = 0; $experience_limit_reached_txt = _("Limit given by PoJAM reached"); } $res = get_received_assurances_summary($userid); while($row = mysql_fetch_assoc($res)) { $points = calc_points ($row); if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed) { $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']); $points = $max_points; } $sum_points += $points*intval($row['number']); } $res = get_given_assurances_summary($userid); while($row = mysql_fetch_assoc($res)) { switch ($row['method']) { case 'Face to Face Meeting': // count Face to Face only $sum_experience += 2*intval($row['number']); break; } } if ($sum_points > $max_points) { $sum_points_countable = $max_points; $remark_points = _("Limit reached"); } else { $sum_points_countable = $sum_points; $remark_points = " "; } if ($sum_experience > $max_experience) { $sum_experience_countable = $max_experience; $remark_experience = $experience_limit_reached_txt; } else { $sum_experience_countable = $sum_experience; $remark_experience = " "; } if ($sum_experience_countable + $sum_experience_other > $max_experience) { $sum_experience_other_countable = $max_experience-$sum_experience_countable; $remark_experience_other = $experience_limit_reached_txt; } else { $sum_experience_other_countable = $sum_experience_other; $remark_experience_other = " "; } if ($sum_points_countable < $max_points) { if ($sum_experience_countable != 0) $remark_experience = _("Points on hold due to less assurance points"); $sum_experience_countable = 0; if ($sum_experience_other_countable != 0) $remark_experience_other = _("Points on hold due to less assurance points"); $sum_experience_other_countable = 0; } $issue_points = 0; $cats_test_passed = get_cats_state ($userid); if ($cats_test_passed == 0) { $issue_points_txt = ""._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer").""; if ($sum_points_countable < $max_points) { $issue_points_txt = ""; $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points)); $issue_points_txt .= ""; } } else { $experience_total = $sum_experience_countable+$sum_experience_other_countable; $issue_points_txt = ""; if ($sum_points_countable == $max_points) $issue_points = 10; if ($experience_total >= 10) $issue_points = 15; if ($experience_total >= 20) $issue_points = 20; if ($experience_total >= 30) $issue_points = 25; if ($experience_total >= 40) $issue_points = 30; if ($experience_total >= 50) $issue_points = 35; if ($issue_points != 0) $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points); } if ($display_output) { output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points); output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience); output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other); output_summary_row (_("Total Points")," ",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt); } return $issue_points; } function output_given_assurances($userid,$support=0) { output_assurances_header(_("Assurance Points You Issued"),$support); output_given_assurances_content($userid,$points,$sum_experience,$support); output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support); } function output_received_assurances($userid,$support=0) { output_assurances_header(_("Your Assurance Points"),$support); output_received_assurances_content($userid,$points,$sum_experience,$support); output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support); } function output_summary($userid) { output_summary_header(); output_summary_content($userid,1); output_summary_footer(); } function output_end_of_page() { ?>

[ ]

0){ $rec = mysql_fetch_assoc($res); }else{ $rec=array(); } return $rec; } /** * get_last_user_agreement() * returns the last user_agreement entry of a given type and of a given user * @param mixed $memid * @param string $type * @return */ function get_last_user_agreement($memid, $type="CCA"){ //returns an array (`document`,`date`,`method`, `comment`,`active`) $query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ; $res = mysql_query($query); if(mysql_num_rows($res) >0){ $rec = mysql_fetch_assoc($res); }else{ $rec=array(); } return $rec; } /** * delete_user_agreement() * deletes all entries for a given type from user_agreement of a given user, if type is not given all * @param mixed $memid * @param string $type * @return */ function delete_user_agreement($memid, $type=false){ //deletes all entries to an user for the given type of user agreements if ($type === false) { $filter = ''; } else { $filter = " and `document` = '" . mysql_real_escape_string($type) . "'"; } mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter ); } // functions for 6.php (assure somebody) function AssureHead($confirmation,$checkname) { ?>
>

" />
0; } function check_gpg_cert_running($uid,$cca=0){ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed // called from includes/account.php if($oldid == 50 && $process != "") $uid = intval($uid); if (0==$cca) { $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()"; }else{ $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)"; } $res = mysql_query($query); return mysql_num_rows($res) > 0; } function check_client_cert_running($uid,$cca=0){ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed // called from includes/account.php if($oldid == 50 && $process != "") $uid = intval($uid); if (0==$cca) { $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`"; $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()"; }else{ $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`"; $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)"; } $res = mysql_query($query1); $r1 = mysql_num_rows($res)>0; $res = mysql_query($query2); $r2 = mysql_num_rows($res)>0; return !!($r1 || $r2); } function check_server_cert_running($uid,$cca=0){ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed // called from includes/account.php if($oldid == 50 && $process != "") $uid = intval($uid); if (0==$cca) { $query1 = " select 1 from `domaincerts` join `domains` on `domaincerts`.`domid` = `domains`.`id` where `domains`.`memid` = '$uid' and `domaincerts`.`expire` > NOW() and `domaincerts`.`revoked` < `domaincerts`.`created`"; $query2 = " select 1 from `domaincerts` join `domains` on `domaincerts`.`domid` = `domains`.`id` where `domains`.`memid` = '$uid' and `revoked`>NOW()"; }else{ $query1 = " select 1 from `domaincerts` join `domains` on `domaincerts`.`domid` = `domains`.`id` where `domains`.`memid` = '$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`"; $query2 = " select 1 from `domaincerts` join `domains` on `domaincerts`.`domid` = `domains`.`id` where `domains`.`memid` = '$uid' and `revoked`>(NOW()-90*86400)"; } $res = mysql_query($query1); $r1 = mysql_num_rows($res)>0; $res = mysql_query($query2); $r2 = mysql_num_rows($res)>0; return !!($r1 || $r2); } function check_is_orgadmin($uid){ // called from includes/account.php if($oldid == 50 && $process != "") $uid = intval($uid); $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0"; $res = mysql_query($query); return mysql_num_rows($res) > 0; } // revokation of certificates function revoke_all_client_cert($mailid){ //revokes all client certificates for an email address $mailid = intval($mailid); $query = "select `emailcerts`.`id` from `emaillink`,`emailcerts` where `emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0 group by `emailcerts`.`id`"; $dres = mysql_query($query); while($drow = mysql_fetch_assoc($dres)){ mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'"); } } function revoke_all_server_cert($domainid){ //revokes all server certs for an domain $domainid = intval($domainid); $query = "select `domaincerts`.`id` from `domaincerts` where `domaincerts`.`domid` = '$domainid' union distinct select `domaincerts`.`id` from `domaincerts`, `domlink` where `domaincerts`.`id` = `domlink`.`certid` and `domlink`.`domid` = '$domainid'"; $dres = mysql_query($query); while($drow = mysql_fetch_assoc($dres)) { mysql_query( "update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id` = '".$drow['id']."' and `revoked` = 0"); } } function revoke_all_private_cert($uid){ //revokes all certificates linked to a personal accounts //gpg revokation needs to be added to a later point $uid=intval($uid); $query = "select `id` from `email` where `memid`='".$uid."'"; $res=mysql_query($query); while($row = mysql_fetch_assoc($res)){ revoke_all_client_cert($row['id']); } $query = "select `id` from `domains` where `memid`='".$uid."'"; $res=mysql_query($query); while($row = mysql_fetch_assoc($res)){ revoke_all_server_cert($row['id']); } } /** * check_date_format() * checks if the date is entered in the right date format YYYY-MM-DD and * if the date is after the 1st January of the given year * * @param mixed $date * @param integer $year * @return */ function check_date_format($date, $year=2000){ if (!strpos($date,'-')) { return FALSE; } $arr=explode('-',$date); if ((count($arr)!=3)) { return FALSE; } if (intval($arr[0])<=$year) { return FALSE; } if (intval($arr[1])>12 or intval($arr[1])<=0) { return FALSE; } if (intval($arr[2])>31 or intval($arr[2])<=0) { return FALSE; } return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0])); } /** * check_date_difference() * returns false if the date is larger then today + time diffrence * * @param mixed $date * @param integer $diff * @return */ function check_date_difference($date, $diff=1){ return (strtotime($date)<=time()+$diff*86400); }