cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 2 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
fix-email-address-maintenance-bug-1543
fix/bug-1550
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'afccfceb56'
${ noResults }
cacert-webdb/pages/account/54.php

210 lines
7.4 KiB
PHP
Raw Blame History

<? /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
$ccid = intval($_REQUEST['ccid']);
$regid = intval($_REQUEST['regid']);
$locid = intval($_REQUEST['locid']);
$name = mysql_escape_string($_REQUEST['name']);
if($ccid > 0 && $_REQUEST['action'] == "add") { ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Add Region")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Region")?>:</td>
<td class="DataTD"><input type="text" name="name" value="<?=$name?>"></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
<input type="hidden" name="ccid" value="<?=$ccid?>">
<input type="hidden" name="oldid" value="54">
</form>
<? } if($regid > 0 && $_REQUEST['action'] == "edit") {
$query = "select * from `regions` where `id`='$regid' order by `name`";
$row = mysql_fetch_assoc(mysql_query($query));
$name = $row['name'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Edit Region")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Region")?>:</td>
<td class="DataTD"><input type="text" name="name" value="<?=$name?>"></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
<input type="hidden" name="regid" value="<?=$regid?>">
<input type="hidden" name="oldid" value="54">
</form>
<? } if($regid > 0 && $_REQUEST['action'] == "add") { ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Add Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
<td class="DataTD"><input type="text" name="name" value="<?=$name?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Longitude")?>:</td>
<td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Latitude")?>:</td>
<td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
<input type="hidden" name="regid" value="<?=$regid?>">
<input type="hidden" name="oldid" value="54">
</form>
<? } if($locid > 0 && $_REQUEST['action'] == "edit") {
$query = "select * from `locations` where `id`='$locid'";
$row = mysql_fetch_assoc(mysql_query($query));
if($name == "")
$name = $row['name'];
if($_REQUEST['longitude'] == "")
$_REQUEST['longitude'] = $row['long'];
if($_REQUEST['latitude'] == "")
$_REQUEST['latitude'] = $row['lat'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Edit Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
<td class="DataTD"><input type="text" name="name" value="<?=$name?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Longitude")?>:</td>
<td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Latitude")?>:</td>
<td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
<input type="hidden" name="locid" value="<?=$locid?>">
<input type="hidden" name="oldid" value="54">
</form>
<? } if($locid > 0 && $_REQUEST['action'] == "aliases") {
$query = "select * from `localias` where `locid`='$locid'";
$res = mysql_query($query);
$rc = mysql_num_rows($res);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Location Aliases")?> - <a href="javascript:Show_Stuff()"><?=_("Add")?></a></td>
</tr>
<tr ID="display1">
<td colspan="2" class="DataTD">
<form method="post" action="account.php" ACCEPTCHARSET="utf-8">
<?=_("Location Alias")?>: <input type="text" name="name"> <input type="submit" value="Add">
<input type="hidden" name="action" value="alias">
<input type="hidden" name="locid" value="<?=$locid?>">
<input type="hidden" name="oldid" value="54">
</form>
</td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
{
?>
<tr>
<td class="DataTD"><?=$row['name']?></td>
<td class="DataTD"><a href="account.php?id=54&locid=<?=$locid?>&name=<?=$row['name']?>&action=delalias" onclick="return confirm('Are you sure you want to delete this location alias?');"><?=_("Delete")?></td>
</tr>
<? } ?>
</table>
<script language="JavaScript" type="text/javascript">
<!--
function Show_Stuff()
{
if (document.getElementById("display1").style.display == "none")
{
document.getElementById("display1").style.display = "";
} else {
document.getElementById("display1").style.display = "none";
}
}
document.getElementById("display1").style.display = "none";
-->
</script>
<? } if($locid > 0 && $_REQUEST['action'] == "move") {
$query = "select * from `locations` where `id`='$locid'";
$row = mysql_fetch_assoc(mysql_query($query));
$newreg = $_REQUEST['newreg'] = $row['regid'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Move Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
<td class="DataTD"><?=$row['name']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Set Region")?>:</td>
<td class="DataTD"><select name="newreg">
<?
$query = "select * from `regions` where `ccid`='$row[ccid]' order by `name`";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
echo "<option value='$row[id]'";
if($_REQUEST['newreg'] == $row['id'])
echo " selected";
echo ">$row[name]</option>\n";
}
?>
</select></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="move">
<input type="hidden" name="locid" value="<?=$locid?>">
<input type="hidden" name="oldid" value="54">
</form>
<? } ?>
View Git Blame Copy Permalink