219 lines
7.8 KiB
PHP
219 lines
7.8 KiB
PHP
<? /*
|
|
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
|
|
|
This file is part of CAcert.
|
|
|
|
CAcert has been released under the CAcert Source License
|
|
which can be found included with these source files or can
|
|
be downloaded from the internet from the following address:
|
|
http://www.cacert.org/src-lic.php
|
|
|
|
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
|
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
PARTICULAR PURPOSE. See the License for more details.
|
|
*/ ?>
|
|
<?
|
|
require_once("../includes/loggedin.php");
|
|
|
|
loadem("account");
|
|
|
|
if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6) && $_SESSION['profile']['points'] < 100)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo "<p>"._("You don't have access to view these pages.")."</p>";
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0)
|
|
{
|
|
unset($oldid);
|
|
$id = 5;
|
|
}
|
|
|
|
if($oldid == 5)
|
|
{
|
|
$query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) != 1)
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("I'm sorry, there was no email matching what you entered in the system. Please double check your information.");
|
|
} else {
|
|
$_SESSION['_config']['notarise'] = mysql_fetch_assoc($res);
|
|
}
|
|
}
|
|
|
|
if($oldid == 5 || $oldid == 6)
|
|
{
|
|
if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id'])
|
|
{
|
|
$id = 5;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("You are never allowed to Assure yourself!");
|
|
}
|
|
}
|
|
|
|
if($oldid == 5 || $oldid == 6)
|
|
{
|
|
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and
|
|
`to`='".$_SESSION['_config']['notarise']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0 && $_SESSION['profile']['points'] <= 150)
|
|
{
|
|
$id = 5;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("You are only allowed to Assure someone once!");
|
|
} elseif($oldid == 5) {
|
|
$id = 6;
|
|
}
|
|
}
|
|
|
|
if($oldid == 6)
|
|
{
|
|
if($_POST['assertion'] != 1 || $_POST['rules'] != 1)
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
|
|
}
|
|
|
|
if($_POST['certify'] != 1 && $_SESSION['profile']['admin'] != 1)
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
|
|
}
|
|
}
|
|
|
|
if($oldid == 6 && $_SESSION['profile']['admin'] != 1)
|
|
{
|
|
if($_POST['location'] == "" || $_POST['date'] == "")
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$_SESSION['_config']['error'] = _("You failed to enter a location and date of your meeting.");
|
|
}
|
|
}
|
|
|
|
if($oldid == 6)
|
|
{
|
|
$max = maxpoints();
|
|
if($_POST['points'] > $max)
|
|
$_POST['points'] = $max;
|
|
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
|
|
$res = mysql_query($query);
|
|
$drow = mysql_fetch_assoc($res);
|
|
if(($drow['total'] + $_POST['points']) > 100 && $max < 100)
|
|
$_POST['points'] = 100 - $drow['total'];
|
|
if(($drow['total'] + $_POST['points']) > $max && $max >= 100)
|
|
$_POST['points'] = $max - $drow['total'];
|
|
if($_POST['points'] < 0)
|
|
$_POST['points'] = 0;
|
|
|
|
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
|
|
$_POST['date'] = date("Y-m-d H:i:s");
|
|
|
|
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
|
|
`to`='".$_SESSION['_config']['notarise']['id']."',
|
|
`points`='".intval($_POST['points'])."',
|
|
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
|
|
`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
|
|
if($_SESSION['profile']['admin'] == 1)
|
|
$query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'";
|
|
mysql_query($query);
|
|
if($_SESSION['profile']['points'] < 150)
|
|
{
|
|
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
|
|
`to`='".$_SESSION['profile']['id']."',
|
|
`points`='2',
|
|
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
|
|
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
|
|
`method`='Administrative Increase'";
|
|
mysql_query($query);
|
|
$_SESSION['profile']['points'] += 2;
|
|
}
|
|
|
|
if($_SESSION['_config']['notarise']['language'] != "")
|
|
{
|
|
$userlang = $_SESSION['_config']['notarise']['language'];
|
|
putenv("LANG=".$_SESSION['_config']['translations'][$userlang]);
|
|
setlocale(LC_ALL, $_SESSION['_config']['translations'][$userlang]);
|
|
}
|
|
|
|
$body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n";
|
|
$body .= sprintf(_("You were issued %s points and you now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
|
|
|
|
if(($drow['total'] + $_POST['points']) < 100 && ($drow['total'] + $_POST['points']) >= 50)
|
|
{
|
|
$body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n";
|
|
}
|
|
|
|
if(($drow['total'] + $_POST['points']) >= 100 && $_POST['points'] > 0)
|
|
{
|
|
$body .= _("You now have over 100 points and can start assuring others.")."\n\n";
|
|
}
|
|
|
|
$body .= _("Best Regards")."\n";
|
|
$body .= _("CAcert Support Team");
|
|
|
|
mail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "From: CAcert-Support <duane@cacert.org>");
|
|
|
|
putenv("LANG=".$_SESSION['_config']['language']);
|
|
setlocale(LC_ALL, $_SESSION['_config']['language']);
|
|
|
|
$body = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n";
|
|
$body .= sprintf(_("You issued them %s points and they now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
|
|
$body .= _("Best Regards")."\n";
|
|
$body .= _("CAcert Support Team");
|
|
|
|
mail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "From: CAcert-Support <duane@cacert.org>");
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 8)
|
|
{
|
|
$info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
|
|
$listme = intval($_POST['listme']);
|
|
if($listme < 0 || $listme > 1)
|
|
$listme = 0;
|
|
|
|
$_SESSION['profile']['listme'] = $listme;
|
|
$_SESSION['profile']['contactinfo'] = $info;
|
|
|
|
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'";
|
|
mysql_query($query);
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo "<p>"._("Your account information has been updated.")."</p>";
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 9 && $_SESSION['_config']['user']['id'] > 0 && $_SESSION['profile']['id'] > 0)
|
|
{
|
|
$body = $_POST['message'];
|
|
$subject = $_POST['subject'];
|
|
mail($_SESSION['_config']['user']['email'], "[CAcert.org] ".$_POST['subject'], $_POST['message'],
|
|
"From: '".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']."' <".
|
|
$_SESSION['profile']['email'].">");
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo "<p>"._("Your email has been sent to ").$_SESSION['_config']['user']['fname'].".</p>";
|
|
echo "<p>[ <a href='javascript:history.go(-2)'>Go Back</a> ]</p>\n";
|
|
showfooter();
|
|
exit;
|
|
} elseif($oldid == 9) {
|
|
unset($oldid);
|
|
$error = _("There was an error and I couldn't proceed");
|
|
$id = 9;
|
|
}
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
includeit($id, "wot");
|
|
showfooter();
|
|
?>
|