This file is part of CAcert. CAcert has been released under the CAcert Source License which can be found included with these source files or can be downloaded from the internet from the following address: http://www.cacert.org/src-lic.php CAcert is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License for more details. */ ?> 0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]'")); $_SESSION['profile']['loggedin'] = 1; } else { $_SESSION['profile']['loggedin'] = 0; unset($_SESSION['_config']['oldlocation']); foreach($_GET as $key => $val) { if($_SESSION['_config']['oldlocation']) $_SESSION['_config']['oldlocation'] .= "&"; $_SESSION['_config']['oldlocation'] .= "$key=$val"; } $_SESSION['_config']['oldlocation'] = "wot.php?".$_SESSION['_config']['oldlocation']; header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4"); exit; } } else if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) { $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); } if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0)) { header("location: https://www.cacert.org"); exit; } if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) { $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); $_SESSION['profile']['points'] = $row['total']; if($_SESSION['profile']['language'] == "") { $query = "update `users` set `language`='".$_SESSION['_config']['language']."' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); } else { $_SESSION['_config']['language'] = $_SESSION['profile']['language']; putenv("LANG=".$_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']); $domain = 'messages'; bindtextdomain("$domain", "/home/cacert/locale"); textdomain("$domain"); } } if($id == "logout") { $_SESSION['profile']['loggedin'] = 0; header("location: https://".$_SERVER['HTTP_HOST']."/index.php"); exit; } if($_SESSION['profile']['loggedin'] < 1) { unset($_SESSION['_config']['oldlocation']); foreach($_GET as $key => $val) { if($_SESSION['_config']['oldlocation']) $_SESSION['_config']['oldlocation'] .= "&"; $_SESSION['_config']['oldlocation'] .= "$key=$val"; } $_SESSION['_config']['oldlocation'] = "wot.php?".$_SESSION['_config']['oldlocation']; header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4"); exit; } loadem("account"); if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6) && $_SESSION['profile']['points'] < 100) { showheader(_("My CAcert.org Account!")); echo "

"._("You don't have access to view these pages.")."

"; showfooter(); exit; } if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0) { unset($oldid); $id = 5; } if($oldid == 5) { $query = "select * from `users` where `email`='".mysql_escape_string($_POST['email'])."'"; $res = mysql_query($query); if(mysql_num_rows($res) != 1) { $id = $oldid; unset($oldid); $_SESSION['_config']['error'] = _("I'm sorry, there was no email matching what you entered in the system. Please double check your information."); } else { $_SESSION['_config']['notarise'] = mysql_fetch_assoc($res); } } if($oldid == 5 || $oldid == 6) { if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id']) { $id = 5; unset($oldid); $_SESSION['_config']['error'] = _("You are never allowed to Notarise yourself!"); } } if($oldid == 5 || $oldid == 6) { $query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and `to`='".$_SESSION['_config']['notarise']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $id = 5; unset($oldid); $_SESSION['_config']['error'] = _("You are only allowed to Notarise someone once!"); } elseif($oldid == 5) { $id = 6; } } if($oldid == 6) { if($_POST['assertion'] != 1 || $_POST['rules'] != 1) { $id = $oldid; unset($oldid); $_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"); } if($_POST['certify'] != 1 && $_SESSION['profile']['admin'] != 1) { $id = $oldid; unset($oldid); $_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"); } } if($oldid == 6 && $_SESSION['profile']['admin'] != 1) { if($_POST['location'] == "" || $_POST['date'] == "") { $id = $oldid; unset($oldid); $_SESSION['_config']['error'] = _("You failed to enter a location and date of your meeting."); } } if($oldid == 6) { $max = maxpoints(); if($_POST['points'] > $max) $_POST['points'] = $max; $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`"; $res = mysql_query($query); $drow = mysql_fetch_assoc($res); if(($drow['total'] + $_POST['points']) > 100 && $max < 100) $_POST['points'] = 100 - $drow['total']; if(($drow['total'] + $_POST['points']) > $max && $max >= 100) $_POST['points'] = $max - $drow['total']; if($_POST['points'] < 0) $_POST['points'] = 0; $query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."', `to`='".$_SESSION['_config']['notarise']['id']."', `points`='".intval($_POST['points'])."', `location`='".mysql_escape_string($_POST['location'])."', `date`='".mysql_escape_string($_POST['date'])."'"; if($_SESSION['profile']['admin'] == 1) $query .= ",\n`method`='".mysql_escape_string($_POST['method'])."'"; mysql_query($query); if($_SESSION['_config']['notarise']['language'] != "") { $userlang = $_SESSION['_config']['notarise']['language']; putenv("LANG=".$_SESSION['_config']['translations'][$userlang]); setlocale(LC_ALL, $_SESSION['_config']['translations'][$userlang]); } $body = _("You are receiving this email because you have been notarised by another member of the CAcert community.")."\n\n"; $body .= _(sprintf("You were issued %s points and you now have %s points in total.", $_POST['points'], ($_POST['points'] + $drow['total'])))."\n\n"; if(($drow['total'] + $_POST['points']) < 100 && ($drow['total'] + $_POST['points']) >= 50) { $body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n"; } if(($drow['total'] + $_POST['points']) >= 100 && $_POST['points'] > 0) { $body .= _("You now have over 100 points and can start notarising others.")."\n\n"; } $body .= _("Best Regards")."\n"; $body .= _("CAcert Support Team"); mail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Notarised."), $body, "From: CAcert-Support "); putenv("LANG=".$_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']); $body = _("You are receiving this email because you have notarised another member of the CAcert community.")."\n\n"; $body .= _(sprintf("You issued them %s points and they now have %s points in total.", $_POST['points'], ($_POST['points'] + $drow['total'])))."\n\n"; $body .= _("Best Regards")."\n"; $body .= _("CAcert Support Team"); mail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Notarised Another Member."), $body, "From: CAcert-Support "); showheader(_("My CAcert.org Account!")); echo "

"._("Shortly you and the person you were notarising will receive and email confirmation, there is no action on your behalf required to complete this.")."

"; showfooter(); exit; } if($oldid == 8) { $info = mysql_escape_string(strip_tags($_POST['contactinfo'])); $listme = intval($_POST['listme']); if($listme < 0 || $listme > 1) $listme = 0; $_SESSION['profile']['listme'] = $listme; $_SESSION['profile']['contactinfo'] = $info; $query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); showheader(_("My CAcert.org Account!")); echo "

"._("Your account information has been updated.")."

"; showfooter(); exit; } if($oldid == 9 && $_SESSION['_config']['user']['id'] > 0 && $_SESSION['profile']['id'] > 0) { $body = $_POST['message']; $subject = $_POST['subject']; mail($_SESSION['_config']['user']['email'], "[CAcert.org] ".$_POST['subject'], $_POST['message'], "From: '".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']."' <". $_SESSION['profile']['email'].">"); showheader(_("My CAcert.org Account!")); echo "

"._("Your email has been sent to ").$_SESSION['_config']['user']['fname'].".

"; echo "

[ Go Back ]

\n"; showfooter(); exit; } elseif($oldid == 9) { unset($oldid); $error = _("There was an error and I couldn't proceed"); $id = 9; } showheader(_("My CAcert.org Account!")); includeit($id, "wot"); showfooter(); ?>