360 lines
13 KiB
PHP
360 lines
13 KiB
PHP
<? /*
|
|
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
|
|
|
This file is part of CAcert.
|
|
|
|
CAcert has been released under the CAcert Source License
|
|
which can be found included with these source files or can
|
|
be downloaded from the internet from the following address:
|
|
http://www.cacert.org/src-lic.php
|
|
|
|
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
|
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
PARTICULAR PURPOSE. See the License for more details.
|
|
*/ ?>
|
|
<?
|
|
if($_REQUEST['assurance'] > 0)
|
|
{
|
|
$assurance = mysql_escape_string($_REQUEST['assurance']);
|
|
mysql_query("delete from `notary` where `id`='$assurance'");
|
|
}
|
|
|
|
if(intval($_REQUEST['userid']) <= 0)
|
|
{
|
|
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
|
|
if(!strstr($email, "%"))
|
|
$emailsearch = "%$email%";
|
|
if(intval($email) > 0)
|
|
$emailsearch = "";
|
|
|
|
$query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
|
|
where `users`.`id`=`email`.`memid` and
|
|
(`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
|
|
`email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
|
|
group by `users`.`id` limit 100";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 1) { ?>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("User ID")?></td>
|
|
<td class="DataTD"><?=_("Email")?></td>
|
|
</tr>
|
|
<?
|
|
while($row = mysql_fetch_assoc($res))
|
|
{ ?>
|
|
<tr>
|
|
<td class="DataTD"><a href="account.php?id=43&userid=<?=$row['id']?>"><?=$row['id']?></a></td>
|
|
<td class="DataTD"><a href="account.php?id=43&userid=<?=$row['id']?>"><?=$row['email']?></a></td>
|
|
</tr>
|
|
<? } if(mysql_num_rows($res) >= 100) { ?>
|
|
<tr>
|
|
<td class="DataTD" colspan="2"><?=_("Only the first 100 rows are displayed.")?></td>
|
|
</tr>
|
|
<? } else { ?>
|
|
<tr>
|
|
<td class="DataTD" colspan="2"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
|
|
</tr>
|
|
<? } ?>
|
|
</table><br><br>
|
|
<? } elseif(mysql_num_rows($res) == 1) {
|
|
$row = mysql_fetch_assoc($res);
|
|
$_REQUEST['userid'] = $row['id'];
|
|
} else {
|
|
printf(_("No users found matching %s"), $email);
|
|
}
|
|
}
|
|
|
|
if(intval($_REQUEST['userid']) > 0)
|
|
{
|
|
$id = intval($_REQUEST['userid']);
|
|
$query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
|
|
} else {
|
|
$row = mysql_fetch_assoc($res);
|
|
$query = "select sum(`points`) as `points` from `notary` where `to`='".$row['id']."'";
|
|
$dres = mysql_query($query);
|
|
$drow = mysql_fetch_assoc($dres);
|
|
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'"));
|
|
?>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="5" class="title"><? printf(_("%s's Account Details"), $row['email']); ?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Email")?>:</td>
|
|
<td class="DataTD"><?=$row['email']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("First Name")?>:</td>
|
|
<td class="DataTD"><?=$row['fname']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Middle Name")?>:</td>
|
|
<td class="DataTD"><?=$row['mname']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Last Name")?>:</td>
|
|
<td class="DataTD"><form method="post" action="account.php" onSubmit="if(!confirm('Are you sure you want to modify this DOB and/or last name?')) return false;">
|
|
<input type="hidden" name="oldid" value="43">
|
|
<input type="hidden" name="action" value="updatedob">
|
|
<input type="hidden" name="userid" value="<?=$id?>">
|
|
<input type="text" name="lname" value="<?=$row['lname']?>"></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Suffix")?>:</td>
|
|
<td class="DataTD"><?=$row['suffix']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Date of Birth")?>:</td>
|
|
<td class="DataTD">
|
|
<?
|
|
$year = intval(substr($row['dob'], 0, 4));
|
|
$month = intval(substr($row['dob'], 5, 2));
|
|
$day = intval(substr($row['dob'], 8, 2));
|
|
?><nobr><select name="day">
|
|
<?
|
|
for($i = 1; $i <= 31; $i++)
|
|
{
|
|
echo "<option";
|
|
if($day == $i)
|
|
echo " selected";
|
|
echo ">$i</option>";
|
|
}
|
|
?>
|
|
</select>
|
|
<select name="month">
|
|
<?
|
|
for($i = 1; $i <= 12; $i++)
|
|
{
|
|
echo "<option value='$i'";
|
|
if($month == $i)
|
|
echo " selected";
|
|
echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))."</option>";
|
|
}
|
|
?>
|
|
</select>
|
|
<input type="text" name="year" value="<?=$year?>" size="4">
|
|
<input type="submit" value="Go"></form></nobr></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Account Locking")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&locked=<?=$row['id']?>"><?=$row['locked']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Code Signing")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&codesign=<?=$row['id']?>"><?=$row['codesign']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("TTP Admin")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&ttpadmin=<?=$row['id']?>"><?=$row['ttpadmin']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Location Admin")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&locadmin=<?=$row['id']?>"><?=$row['locadmin']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Admin")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&admin=<?=$row['id']?>"><?=$row['admin']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Tverify Account")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&tverify=<?=$row['id']?>"><?=$row['tverify']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("General Announcements")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&general=<?=$row['id']?>"><?=$alerts['general']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Country Announcements")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&country=<?=$row['id']?>"><?=$alerts['country']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Regional Announcements")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43®ional=<?=$row['id']?>"><?=$alerts['regional']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=43&radius=<?=$row['id']?>"><?=$alerts['radius']?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Change Password")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=44&userid=<?=$row['id']?>"><?=_("Change Password")?></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Delete Account")?>:</td>
|
|
<td class="DataTD"><a href="account.php?id=50&userid=<?=$row['id']?>"><?=_("Delete Account")?></a></td>
|
|
</tr>
|
|
<?
|
|
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
|
|
if($_GET['showlostpw'] != "yes") {
|
|
?>
|
|
<tr>
|
|
<td class="DataTD" colspan="2"><a href="account.php?id=43&userid=<?=$row['id']?>&showlostpw=yes"><?=_("Show Lost Password Details")?></a></td>
|
|
</tr>
|
|
<? } else { ?>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - Q1:</td>
|
|
<td class="DataTD"><?=$row['Q1']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - A1:</td>
|
|
<td class="DataTD"><?=$row['A1']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - Q2:</td>
|
|
<td class="DataTD"><?=$row['Q2']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - A2:</td>
|
|
<td class="DataTD"><?=$row['A2']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - Q3:</td>
|
|
<td class="DataTD"><?=$row['Q3']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - A3:</td>
|
|
<td class="DataTD"><?=$row['A3']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - Q4:</td>
|
|
<td class="DataTD"><?=$row['Q4']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - A4:</td>
|
|
<td class="DataTD"><?=$row['A4']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - Q5:</td>
|
|
<td class="DataTD"><?=$row['Q5']?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Lost Password")?> - A5:</td>
|
|
<td class="DataTD"><?=$row['A5']?></td>
|
|
</tr>
|
|
<? } ?>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Assurance Points")?>:</td>
|
|
<td class="DataTD"><?=$drow['points']?></td>
|
|
</tr>
|
|
</table>
|
|
<br><?
|
|
$query = "select * from `email` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''
|
|
and `email`!='".$row['email']."'";
|
|
$dres = mysql_query($query);
|
|
if(mysql_num_rows($dres) > 0) { ?>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="5" class="title"><?=_("Alternate Verified Email Addresses")?></td>
|
|
</tr><?
|
|
$rc = mysql_num_rows($dres);
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
{ ?>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Secondary Emails")?>:</td>
|
|
<td class="DataTD"><?=$drow['email']?></td>
|
|
</tr>
|
|
<? } ?>
|
|
</table>
|
|
<br><? } ?>
|
|
<?
|
|
$query = "select * from `domains` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''";
|
|
$dres = mysql_query($query);
|
|
if(mysql_num_rows($dres) > 0) { ?>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="5" class="title"><?=_("Verified Domains")?></td>
|
|
</tr><?
|
|
$rc = mysql_num_rows($dres);
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
{ ?>
|
|
<tr>
|
|
<td class="DataTD"><?=_("Domain")?>:</td>
|
|
<td class="DataTD"><?=$drow['domain']?></td>
|
|
</tr>
|
|
<? } ?>
|
|
</table>
|
|
<br>
|
|
<? } ?>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="6" class="title"><?=_("Your Assurance Points")?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><b><?=_("Date")?></b></td>
|
|
<td class="DataTD"><b><?=_("Who")?></b></td>
|
|
<td class="DataTD"><b><?=_("Points")?></b></td>
|
|
<td class="DataTD"><b><?=_("Location")?></b></td>
|
|
<td class="DataTD"><b><?=_("Method")?></b></td>
|
|
<td class="DataTD"><b><?=_("Revoke")?></b></td>
|
|
</tr>
|
|
<?
|
|
$query = "select * from `notary` where `to`='".$row['id']."'";
|
|
$dres = mysql_query($query);
|
|
$points = 0;
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
{
|
|
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['from']."'"));
|
|
$points += $drow['points'];
|
|
?>
|
|
<tr>
|
|
<td class="DataTD"><?=$drow['date']?></td>
|
|
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['from']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
|
|
<td class="DataTD"><?=$drow['points']?></td>
|
|
<td class="DataTD"><?=$drow['location']?></td>
|
|
<td class="DataTD"><?=$drow['method']?></td>
|
|
<td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['to']?>&assurance=<?=$drow['id']?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
|
|
</tr>
|
|
<? } ?>
|
|
<tr>
|
|
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
|
|
<td class="DataTD"><?=$points?></td>
|
|
<td class="DataTD" colspan="3"> </td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
|
<tr>
|
|
<td colspan="6" class="title"><?=_("Assurance Points You Issued")?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="DataTD"><b><?=_("Date")?></b></td>
|
|
<td class="DataTD"><b><?=_("Who")?></b></td>
|
|
<td class="DataTD"><b><?=_("Points")?></b></td>
|
|
<td class="DataTD"><b><?=_("Location")?></b></td>
|
|
<td class="DataTD"><b><?=_("Method")?></b></td>
|
|
<td class="DataTD"><b><?=_("Revoke")?></b></td>
|
|
</tr>
|
|
<?
|
|
$query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
|
|
$dres = mysql_query($query);
|
|
$points = 0;
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
{
|
|
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
|
|
$points += $drow['points'];
|
|
?>
|
|
<tr>
|
|
<td class="DataTD"><?=$drow['date']?></td>
|
|
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['to']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
|
|
<td class="DataTD"><?=$drow['points']?></td>
|
|
<td class="DataTD"><?=$drow['location']?></td>
|
|
<td class="DataTD"><?=$drow['method']?></td>
|
|
<td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
|
|
</tr>
|
|
<? } ?>
|
|
<tr>
|
|
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
|
|
<td class="DataTD"><?=$points?></td>
|
|
<td class="DataTD" colspan="3"> </td>
|
|
</tr>
|
|
</table>
|
|
<br><br>
|
|
<? } } ?>
|
|
|