'".intval($no_of_assurances)."'");
return intval(query_get_number_of_rows($res)+1);
}
function get_top_assuree_position ($no_of_assurees)
{
$res = query_init ("SELECT count(*) AS `list` FROM `notary`
WHERE `method` = 'Face to Face Meeting'
GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
return intval(query_get_number_of_rows($res)+1);
}
function get_given_assurances ($userid)
{
$res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
return $res;
}
function get_received_assurances ($userid)
{
$res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
return $res;
}
function get_given_assurances_summary ($userid)
{
$res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
return $res;
}
function get_received_assurances_summary ($userid)
{
$res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
return $res;
}
function get_user ($userid)
{
$res = query_init ("select * from `users` where `id`='".intval($userid)."'");
return mysql_fetch_assoc($res);
}
function get_cats_state ($userid)
{
$res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
return mysql_num_rows($res);
}
function calc_experience ($row,&$points,&$experience,&$sum_experience,&$revoked)
{
$apoints = max($row['points'], $row['awarded']);
$points += $apoints;
$experience = " ";
$revoked = false; # to be coded later (after DB-upgrade)
if ($row['method'] == "Face to Face Meeting")
{
$sum_experience = $sum_experience +2;
$experience = "2";
}
return $apoints;
}
function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded,&$revoked)
{
$awarded = calc_points($row);
$revoked = false;
if ($awarded > 100)
{
$experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
$awarded = 100;
}
else
$experience = 0;
switch ($row['method'])
{
case 'Thawte Points Transfer':
case 'CT Magazine - Germany':
case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
$awarded=sprintf("%s",_("Revoked"));
$experience=0;
$revoked=true;
break;
default:
$points += $awarded;
}
$sumexperience = $sumexperience + $experience;
}
function show_user_link ($name,$userid)
{
$name = trim($name);
if($name == "")
{
if ($userid == 0)
$name = _("System");
else
$name = _("Deleted account");
}
else
$name = "".sanitizeHTML($name)."";
return $name;
}
function show_email_link ($email,$userid)
{
$email = trim($email);
if($email != "")
$email = "".sanitizeHTML($email)."";
return $email;
}
function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
{
$num_of_assurances = get_number_of_assurances (intval($userid));
$rank_of_assurer = get_top_assurer_position($num_of_assurances);
}
function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
{
$num_of_assurees = get_number_of_assurees (intval($userid));
$rank_of_assuree = get_top_assuree_position($num_of_assurees);
}
// ************* html table definitions ******************
function output_ranking($userid)
{
get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);
?>
";
$emclose="";
}
}
}
?>
| > |
> |
> |
> |
> |
> |
> |
> |
> |
> |
>');"> |
|
|
|
|
100, awarded shows correct value
else
$points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value
switch ($row['method'])
{
case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration)
case 'CT Magazine - Germany': // revoke c't (only one test-entry)
case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented)
$points = 0;
break;
case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation)
if ($points <= 2) // maybe limit to 35/50 pts in the future?
$points = 0;
break;
case 'Unknown': // to be revoked in the future? limit to max 50 pts?
case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
case 'TTP-Assisted': // TTP assurances, limit to 35
case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
case '': // to be revoked in the future? limit to max 50 pts?
case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
break;
default: // should never happen ... ;-)
$points = 0;
}
if ($points < 0) // ignore negative points (bug needs to be fixed)
$points = 0;
return $points;
}
function max_points($userid)
{
return output_summary_content ($userid,0);
}
function output_summary_content($userid,$display_output)
{
$sum_points = 0;
$sum_experience = 0;
$sum_experience_other = 0;
$max_points = 100;
$max_experience = 50;
$experience_limit_reached_txt = _("Limit reached");
if (check_date_limit($userid,18) != 1)
{
$max_experience = 10;
$experience_limit_reached_txt = _("Limit given by PoJAM reached");
}
if (check_date_limit($userid,14) != 1)
{
$max_experience = 0;
$experience_limit_reached_txt = _("Limit given by PoJAM reached");
}
$res = get_received_assurances_summary($userid);
while($row = mysql_fetch_assoc($res))
{
$points = calc_points ($row);
if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed)
{
$sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
$points = $max_points;
}
$sum_points += $points*intval($row['number']);
}
$res = get_given_assurances_summary($userid);
while($row = mysql_fetch_assoc($res))
{
switch ($row['method'])
{
case 'Face to Face Meeting': // count Face to Face only
$sum_experience += 2*intval($row['number']);
break;
}
}
if ($sum_points > $max_points)
{
$sum_points_countable = $max_points;
$remark_points = _("Limit reached");
}
else
{
$sum_points_countable = $sum_points;
$remark_points = " ";
}
if ($sum_experience > $max_experience)
{
$sum_experience_countable = $max_experience;
$remark_experience = $experience_limit_reached_txt;
}
else
{
$sum_experience_countable = $sum_experience;
$remark_experience = " ";
}
if ($sum_experience_countable + $sum_experience_other > $max_experience)
{
$sum_experience_other_countable = $max_experience-$sum_experience_countable;
$remark_experience_other = $experience_limit_reached_txt;
}
else
{
$sum_experience_other_countable = $sum_experience_other;
$remark_experience_other = " ";
}
if ($sum_points_countable < $max_points)
{
if ($sum_experience_countable != 0)
$remark_experience = _("Points on hold due to less assurance points");
$sum_experience_countable = 0;
if ($sum_experience_other_countable != 0)
$remark_experience_other = _("Points on hold due to less assurance points");
$sum_experience_other_countable = 0;
}
$issue_points = 0;
$cats_test_passed = get_cats_state ($userid);
if ($cats_test_passed == 0)
{
$issue_points_txt = ""._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."";
if ($sum_points_countable < $max_points)
{
$issue_points_txt = "";
$issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
$issue_points_txt .= "";
}
}
else
{
$experience_total = $sum_experience_countable+$sum_experience_other_countable;
$issue_points_txt = "";
if ($sum_points_countable == $max_points)
$issue_points = 10;
if ($experience_total >= 10)
$issue_points = 15;
if ($experience_total >= 20)
$issue_points = 20;
if ($experience_total >= 30)
$issue_points = 25;
if ($experience_total >= 40)
$issue_points = 30;
if ($experience_total >= 50)
$issue_points = 35;
if ($issue_points != 0)
$issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
}
if ($display_output)
{
output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
output_summary_row (_("Total Points")," ",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
}
return $issue_points;
}
function output_given_assurances($userid,$support=0)
{
output_assurances_header(_("Assurance Points You Issued"),$support);
output_given_assurances_content($userid,$points,$sum_experience,$support);
output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience,$support);
}
function output_received_assurances($userid,$support=0)
{
output_assurances_header(_("Your Assurance Points"),$support);
output_received_assurances_content($userid,$points,$sum_experience,$support);
output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience,$support);
}
function output_summary($userid)
{
output_summary_header();
output_summary_content($userid,1);
output_summary_footer();
}
function output_end_of_page()
{
?>
[ ]
0){
$rec = mysql_fetch_assoc($res);
}else{
$rec=array();
}
return $rec;
}
/**
* get_last_user_agreement()
* returns the last user_agreement entry of a given type and of a given user
* @param mixed $memid
* @param string $type
* @return
*/
function get_last_user_agreement($memid, $type="CCA"){
//returns an array (`document`,`date`,`method`, `comment`,`active`)
$query="SELECT u.`document`, u.`date`, u.`method`, u.`comment`, u.`active` FROM user_agreements u WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND (u.`memid`=" . intval($memid) . " ) order by `date` desc limit 1 " ;
$res = mysql_query($query);
if(mysql_num_rows($res) >0){
$rec = mysql_fetch_assoc($res);
}else{
$rec=array();
}
return $rec;
}
/**
* delete_user_agreement()
* deletes all entries for a given type from user_agreement of a given user, if type is not given all
* @param mixed $memid
* @param string $type
* @return
*/
function delete_user_agreement($memid, $type=false){
//deletes all entries to an user for the given type of user agreements
if ($type === false) {
$filter = '';
} else {
$filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
}
mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
}
// functions for 6.php (assure somebody)
function AssureHead($confirmation,$checkname)
{
?>
0;
}
function check_gpg_cert_running($uid,$cca=0){
//if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
// called from includes/account.php if($oldid == 50 && $process != "")
$uid = intval($uid);
if (0==$cca) {
$query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
}else{
$query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
}
$res = mysql_query($query);
return mysql_num_rows($res) > 0;
}
function check_client_cert_running($uid,$cca=0){
//if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
// called from includes/account.php if($oldid == 50 && $process != "")
$uid = intval($uid);
if (0==$cca) {
$query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
$query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
}else{
$query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
$query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
}
$res = mysql_query($query1);
$r1 = mysql_num_rows($res)>0;
$res = mysql_query($query2);
$r2 = mysql_num_rows($res)>0;
return !!($r1 || $r2);
}
function check_server_cert_running($uid,$cca=0){
//if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
// called from includes/account.php if($oldid == 50 && $process != "")
$uid = intval($uid);
if (0==$cca) {
$query1 = "
select 1 from `domaincerts` join `domains`
on `domaincerts`.`domid` = `domains`.`id`
where `domains`.`memid` = '$uid'
and `domaincerts`.`expire` > NOW()
and `domaincerts`.`revoked` < `domaincerts`.`created`";
$query2 = "
select 1 from `domaincerts` join `domains`
on `domaincerts`.`domid` = `domains`.`id`
where `domains`.`memid` = '$uid'
and `revoked`>NOW()";
}else{
$query1 = "
select 1 from `domaincerts` join `domains`
on `domaincerts`.`domid` = `domains`.`id`
where `domains`.`memid` = '$uid'
and `expire`>(NOW()-90*86400)
and `revoked`<`created`";
$query2 = "
select 1 from `domaincerts` join `domains`
on `domaincerts`.`domid` = `domains`.`id`
where `domains`.`memid` = '$uid'
and `revoked`>(NOW()-90*86400)";
}
$res = mysql_query($query1);
$r1 = mysql_num_rows($res)>0;
$res = mysql_query($query2);
$r2 = mysql_num_rows($res)>0;
return !!($r1 || $r2);
}
function check_is_orgadmin($uid){
// called from includes/account.php if($oldid == 50 && $process != "")
$uid = intval($uid);
$query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
$res = mysql_query($query);
return mysql_num_rows($res) > 0;
}
// revokation of certificates
function revoke_all_client_cert($mailid){
//revokes all client certificates for an email address
$mailid = intval($mailid);
$query = "select `emailcerts`.`id`
from `emaillink`,`emailcerts` where
`emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
group by `emailcerts`.`id`";
$dres = mysql_query($query);
while($drow = mysql_fetch_assoc($dres)){
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
}
}
function revoke_all_server_cert($domainid){
//revokes all server certs for an domain
$domainid = intval($domainid);
$query =
"select `domaincerts`.`id`
from `domaincerts`
where `domaincerts`.`domid` = '$domainid'
union distinct
select `domaincerts`.`id`
from `domaincerts`, `domlink`
where `domaincerts`.`id` = `domlink`.`certid`
and `domlink`.`domid` = '$domainid'";
$dres = mysql_query($query);
while($drow = mysql_fetch_assoc($dres))
{
mysql_query(
"update `domaincerts`
set `revoked`='1970-01-01 10:00:01'
where `id` = '".$drow['id']."'
and `revoked` = 0");
}
}
function revoke_all_private_cert($uid){
//revokes all certificates linked to a personal accounts
//gpg revokation needs to be added to a later point
$uid=intval($uid);
$query = "select `id` from `email` where `memid`='".$uid."'";
$res=mysql_query($query);
while($row = mysql_fetch_assoc($res)){
revoke_all_client_cert($row['id']);
}
$query = "select `id` from `domains` where `memid`='".$uid."'";
$res=mysql_query($query);
while($row = mysql_fetch_assoc($res)){
revoke_all_server_cert($row['id']);
}
}
/**
* check_date_format()
* checks if the date is entered in the right date format YYYY-MM-DD and
* if the date is after the 1st January of the given year
*
* @param mixed $date
* @param integer $year
* @return
*/
function check_date_format($date, $year=2000){
if (!strpos($date,'-')) {
return FALSE;
}
$arr=explode('-',$date);
if ((count($arr)!=3)) {
return FALSE;
}
if (intval($arr[0])<=$year) {
return FALSE;
}
if (intval($arr[1])>12 or intval($arr[1])<=0) {
return FALSE;
}
if (intval($arr[2])>31 or intval($arr[2])<=0) {
return FALSE;
}
return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
}
/**
* check_date_difference()
* returns false if the date is larger then today + time diffrence
*
* @param mixed $date
* @param integer $diff
* @return
*/
function check_date_difference($date, $diff=1){
return (strtotime($date)<=time()+$diff*86400);
}