cacert-webdb/pages/account/43.php
2006-08-16 17:53:18 +00:00

360 lines
13 KiB
PHP

<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<?
if($_REQUEST['assurance'] > 0)
{
$assurance = mysql_escape_string($_REQUEST['assurance']);
mysql_query("delete from `notary` where `id`='$assurance'");
}
if(intval($_REQUEST['userid']) <= 0)
{
$emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
if(!strstr($email, "%"))
$emailsearch = "%$email%";
if(intval($email) > 0)
$emailsearch = "";
$query = "select `users`.`id` as `id`, `email`.`email` as `email` from `users`,`email`
where `users`.`id`=`email`.`memid` and
(`email`.`email` like '$emailsearch' or `email`.`id`='$email' or `users`.`id`='$email') and
`email`.`hash`='' and `email`.`deleted`=0 and `users`.`deleted`=0
group by `users`.`id` limit 100";
$res = mysql_query($query);
if(mysql_num_rows($res) > 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("User ID")?></td>
<td class="DataTD"><?=_("Email")?></td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
{ ?>
<tr>
<td class="DataTD"><a href="account.php?id=43&userid=<?=$row['id']?>"><?=$row['id']?></a></td>
<td class="DataTD"><a href="account.php?id=43&userid=<?=$row['id']?>"><?=$row['email']?></a></td>
</tr>
<? } if(mysql_num_rows($res) >= 100) { ?>
<tr>
<td class="DataTD" colspan="2"><?=_("Only the first 100 rows are displayed.")?></td>
</tr>
<? } else { ?>
<tr>
<td class="DataTD" colspan="2"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
</tr>
<? } ?>
</table><br><br>
<? } elseif(mysql_num_rows($res) == 1) {
$row = mysql_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
printf(_("No users found matching %s"), $email);
}
}
if(intval($_REQUEST['userid']) > 0)
{
$id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
} else {
$row = mysql_fetch_assoc($res);
$query = "select sum(`points`) as `points` from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$drow = mysql_fetch_assoc($dres);
$alerts = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'"));
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><? printf(_("%s's Account Details"), $row['email']); ?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
<td class="DataTD"><?=$row['email']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("First Name")?>:</td>
<td class="DataTD"><?=$row['fname']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Middle Name")?>:</td>
<td class="DataTD"><?=$row['mname']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Last Name")?>:</td>
<td class="DataTD"><form method="post" action="account.php" onSubmit="if(!confirm('Are you sure you want to modify this DOB and/or last name?')) return false;">
<input type="hidden" name="oldid" value="43">
<input type="hidden" name="action" value="updatedob">
<input type="hidden" name="userid" value="<?=$id?>">
<input type="text" name="lname" value="<?=$row['lname']?>"></td>
</tr>
<tr>
<td class="DataTD"><?=_("Suffix")?>:</td>
<td class="DataTD"><?=$row['suffix']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?>:</td>
<td class="DataTD">
<?
$year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?><nobr><select name="day">
<?
for($i = 1; $i <= 31; $i++)
{
echo "<option";
if($day == $i)
echo " selected";
echo ">$i</option>";
}
?>
</select>
<select name="month">
<?
for($i = 1; $i <= 12; $i++)
{
echo "<option value='$i'";
if($month == $i)
echo " selected";
echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))."</option>";
}
?>
</select>
<input type="text" name="year" value="<?=$year?>" size="4">
<input type="submit" value="Go"></form></nobr></td>
</tr>
<tr>
<td class="DataTD"><?=_("Account Locking")?>:</td>
<td class="DataTD"><a href="account.php?id=43&locked=<?=$row['id']?>"><?=$row['locked']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Code Signing")?>:</td>
<td class="DataTD"><a href="account.php?id=43&codesign=<?=$row['id']?>"><?=$row['codesign']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("TTP Admin")?>:</td>
<td class="DataTD"><a href="account.php?id=43&ttpadmin=<?=$row['id']?>"><?=$row['ttpadmin']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location Admin")?>:</td>
<td class="DataTD"><a href="account.php?id=43&locadmin=<?=$row['id']?>"><?=$row['locadmin']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Admin")?>:</td>
<td class="DataTD"><a href="account.php?id=43&admin=<?=$row['id']?>"><?=$row['admin']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Tverify Account")?>:</td>
<td class="DataTD"><a href="account.php?id=43&tverify=<?=$row['id']?>"><?=$row['tverify']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("General Announcements")?>:</td>
<td class="DataTD"><a href="account.php?id=43&general=<?=$row['id']?>"><?=$alerts['general']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Country Announcements")?>:</td>
<td class="DataTD"><a href="account.php?id=43&country=<?=$row['id']?>"><?=$alerts['country']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Regional Announcements")?>:</td>
<td class="DataTD"><a href="account.php?id=43&regional=<?=$row['id']?>"><?=$alerts['regional']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
<td class="DataTD"><a href="account.php?id=43&radius=<?=$row['id']?>"><?=$alerts['radius']?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Change Password")?>:</td>
<td class="DataTD"><a href="account.php?id=44&userid=<?=$row['id']?>"><?=_("Change Password")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Delete Account")?>:</td>
<td class="DataTD"><a href="account.php?id=50&userid=<?=$row['id']?>"><?=_("Delete Account")?></a></td>
</tr>
<?
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if($_GET['showlostpw'] != "yes") {
?>
<tr>
<td class="DataTD" colspan="2"><a href="account.php?id=43&userid=<?=$row['id']?>&showlostpw=yes"><?=_("Show Lost Password Details")?></a></td>
</tr>
<? } else { ?>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q1:</td>
<td class="DataTD"><?=$row['Q1']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A1:</td>
<td class="DataTD"><?=$row['A1']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q2:</td>
<td class="DataTD"><?=$row['Q2']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A2:</td>
<td class="DataTD"><?=$row['A2']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q3:</td>
<td class="DataTD"><?=$row['Q3']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A3:</td>
<td class="DataTD"><?=$row['A3']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q4:</td>
<td class="DataTD"><?=$row['Q4']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A4:</td>
<td class="DataTD"><?=$row['A4']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q5:</td>
<td class="DataTD"><?=$row['Q5']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - A5:</td>
<td class="DataTD"><?=$row['A5']?></td>
</tr>
<? } ?>
<tr>
<td class="DataTD"><?=_("Assurance Points")?>:</td>
<td class="DataTD"><?=$drow['points']?></td>
</tr>
</table>
<br><?
$query = "select * from `email` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''
and `email`!='".$row['email']."'";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Alternate Verified Email Addresses")?></td>
</tr><?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
<tr>
<td class="DataTD"><?=_("Secondary Emails")?>:</td>
<td class="DataTD"><?=$drow['email']?></td>
</tr>
<? } ?>
</table>
<br><? } ?>
<?
$query = "select * from `domains` where `memid`='".$row['id']."' and `deleted`=0 and `hash`=''";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Verified Domains")?></td>
</tr><?
$rc = mysql_num_rows($dres);
while($drow = mysql_fetch_assoc($dres))
{ ?>
<tr>
<td class="DataTD"><?=_("Domain")?>:</td>
<td class="DataTD"><?=$drow['domain']?></td>
</tr>
<? } ?>
</table>
<br>
<? } ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="6" class="title"><?=_("Your Assurance Points")?></td>
</tr>
<tr>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Points")?></b></td>
<td class="DataTD"><b><?=_("Location")?></b></td>
<td class="DataTD"><b><?=_("Method")?></b></td>
<td class="DataTD"><b><?=_("Revoke")?></b></td>
</tr>
<?
$query = "select * from `notary` where `to`='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['from']."'"));
$points += $drow['points'];
?>
<tr>
<td class="DataTD"><?=$drow['date']?></td>
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['from']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
<td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['to']?>&assurance=<?=$drow['id']?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="6" class="title"><?=_("Assurance Points You Issued")?></td>
</tr>
<tr>
<td class="DataTD"><b><?=_("Date")?></b></td>
<td class="DataTD"><b><?=_("Who")?></b></td>
<td class="DataTD"><b><?=_("Points")?></b></td>
<td class="DataTD"><b><?=_("Location")?></b></td>
<td class="DataTD"><b><?=_("Method")?></b></td>
<td class="DataTD"><b><?=_("Revoke")?></b></td>
</tr>
<?
$query = "select * from `notary` where `from`='".$row['id']."' and `to`!='".$row['id']."'";
$dres = mysql_query($query);
$points = 0;
while($drow = mysql_fetch_assoc($dres))
{
$fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$drow['to']."'"));
$points += $drow['points'];
?>
<tr>
<td class="DataTD"><?=$drow['date']?></td>
<td class="DataTD"><a href="wot.php?id=9&userid=<?=$drow['to']?>"><?=$fromuser['fname']." ".$fromuser['lname']?></td>
<td class="DataTD"><?=$drow['points']?></td>
<td class="DataTD"><?=$drow['location']?></td>
<td class="DataTD"><?=$drow['method']?></td>
<td class="DataTD"><a href="account.php?id=43&userid=<?=$drow['from']?>&assurance=<?=$drow['id']?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a></td>
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="2"><b><?=_("Total Points")?>:</b></td>
<td class="DataTD"><?=$points?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
<br><br>
<? } } ?>