View Issue Details

IDProjectCategoryView StatusLast Update
0001112Main CAcert Websitewebsite contentpublic2013-07-23 22:00
ReporterINOPIAE Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version2012 Q4 
Target Version2013 Q1Fixed in Version2013 Q2 
Summary0001112: Exchange the text on the TTP page according to the new TTP programm
DescriptionOnce the bug 1111 has been applied as intermediate version this bug should be implemented.

It shows depending on the assurance points granted the possibility to send a mail to support requesting for TTP assurance or TTP TOPUP assurances.

TagsNo tags attached.
Reviewed byNEOatNHNG, BenBE
Test Instructions

Relationships

related to 0001111 closedNEOatNHNG Change the text on the TTP page according to the new TTP programm 
related to 0001032 closedINOPIAE Enter Assurance as TTP admin does not differ between F2F anf TTP assurances 
related to 0000671 solved?Uli60 cms pages in online website need review for deprecation 
related to 0000988 needs review & testingEva TTP CAP form deployment 
related to 0000888 closedNEOatNHNG to add new assurance method TTP 
related to 0000863 needs workEva limitation to 2 ttp assurances 
related to 0000864 needs workBenBE enable TOPUP assurance type into the system (regarding TTP) 
related to 0001134 closedNEOatNHNG Delete the board flag thourougly in all parts of our software 
related to 0000740 closed How to become an assurer is missleading 
child of 0001023 needs workEva Consolidate changes into the Assure Someone page 

Activities

INOPIAE

2012-11-11 11:48

updater  

wot.incmodified.php (19,132 bytes)   
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2011  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/ 

	function query_init ($query)
	{
		return mysql_query($query);
	}

	function query_getnextrow ($res)
	{
		$row1 = mysql_fetch_assoc($res);
		return $row1;
	}

	function query_get_number_of_rows ($resultset)
	{
		return intval(mysql_num_rows($resultset));
	}

	function get_number_of_assurances ($userid)
	{
		$res = query_init ("SELECT count(*) AS `list` FROM `notary`
		     	WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' ");
		$row = query_getnextrow($res);

		return intval($row['list']);
	}
	
	function get_number_of_ttpassurances ($userid)
	{
		$res = query_init ("SELECT count(*) AS `list` FROM `notary`
		     	WHERE `method`='Trusted Third Parties' AND `from`='".intval($userid)."' ");
		$row = query_getnextrow($res);
                                                   
		return intval($row['list']);
	}

	function get_number_of_assurees ($userid)
	{
		$res = query_init ("SELECT count(*) AS `list` FROM `notary`
			WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' ");
		$row = query_getnextrow($res);

		return intval($row['list']);
	}

	function get_top_assurer_position ($no_of_assurances)
	{
		$res = query_init ("SELECT count(*) AS `list` FROM `notary` 
			WHERE `method` = 'Face to Face Meeting' 
			GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'");
		return intval(query_get_number_of_rows($res)+1);
	}

	function get_top_assuree_position ($no_of_assurees)
	{
		$res = query_init ("SELECT count(*) AS `list` FROM `notary`
			WHERE `method` = 'Face to Face Meeting'
			GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'");
		return intval(query_get_number_of_rows($res)+1);
	}

	function get_given_assurances ($userid)
	{
		$res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc");
		return $res;
	}

	function get_received_assurances ($userid)
	{
		$res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc ");
		return $res;
	}

	function get_given_assurances_summary ($userid)
	{
		$res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method");
		return $res;
	}
	
	function get_received_assurances_summary ($userid)
	{
		$res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method");
		return $res;
	}

	function get_user ($userid)
	{
		$res = query_init ("select * from `users` where `id`='".intval($userid)."'");
		return mysql_fetch_assoc($res);
	}

	function get_cats_state ($userid)
	{

		$res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
			WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
		return mysql_num_rows($res);
	}

	function calc_experience ($row,&$points,&$experience,&$sum_experience)
	{
		$apoints = max($row['points'], $row['awarded']);

		$points += $apoints;

		$experience = "&nbsp;";
		if ($row['method'] == "Face to Face Meeting")
		{
			$sum_experience = $sum_experience +2;
			$experience = "2";
		}
		return $apoints;
	}

	function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded)
	{
		$awarded = calc_points($row);

		if ($awarded > 100)
		{
			$experience = $awarded - 100;		// needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100)
			$awarded = 100;
		}
		else
			$experience = 0;	

		switch ($row['method'])
		{
			case 'Thawte Points Transfer':
			case 'CT Magazine - Germany':
			case 'Temporary Increase':	      // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented
				$awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked"));
				$experience=0;
				break;
			default:
				$points += $awarded;
		}
		$sumexperience = $sumexperience + $experience;
	}


	function show_user_link ($name,$userid)
	{
		$name = trim($name);
		if($name == "")
		{
			if ($userid == 0)
				$name = _("System");
			else
				$name = _("Deleted account");
		}
		else
			$name = "<a href='wot.php?id=9&amp;userid=".intval($userid)."'>$name</a>";
		return $name;
	}

	function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer)
	{
		$num_of_assurances = get_number_of_assurances (intval($userid));
		$rank_of_assurer = get_top_assurer_position($num_of_assurances);
	}

	function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree)
	{
		$num_of_assurees = get_number_of_assurees (intval($userid));
		$rank_of_assuree = get_top_assuree_position($num_of_assurees);
	}


// ************* html table definitions ******************

	function output_ranking($userid)
	{
		get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer);
		get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree);

?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
    	<td class="title"><?=_("Assurer Ranking")?></td>
    </tr>
    <tr>
	<td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
    </tr>
    <tr>
	<td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
    </tr>
</table>
<br/>
<?
	}

	function output_assurances_header($title)
	{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
    	<td colspan="7" class="title"><?=$title?></td>
    </tr>
    <tr>
    	<td class="DataTD"><strong><?=_("ID")?></strong></td>
    	<td class="DataTD"><strong><?=_("Date")?></strong></td>
    	<td class="DataTD"><strong><?=_("Who")?></strong></td>
    	<td class="DataTD"><strong><?=_("Points")?></strong></td>
    	<td class="DataTD"><strong><?=_("Location")?></strong></td>
    	<td class="DataTD"><strong><?=_("Method")?></strong></td>
    	<td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
    </tr>
<?
	}

	function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience)
	{
?>
    <tr>
    	<td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td>
    	<td class="DataTD"><?=$points?></td>
    	<td class="DataTD">&nbsp;</td>
    	<td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
    	<td class="DataTD"><?=$sumexperience?></td>
    </tr>
</table>
<br/>
<?
	}

	function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience)
	{

	$tdstyle="";
	$emopen="";
	$emclose="";

	if ($awarded == $points)
	{
		if ($awarded == "0")
		{
			if ($when < "2006-09-01")
			{
				$tdstyle="style='background-color: #ffff80'";
				$emopen="<em>";
				$emclose="</em>";
			}
		}
	}

?>
    <tr>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
	<td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td>
    </tr>
<?
	}

	function output_summary_header()
	{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
	<td colspan="4" class="title"><?=_("Summary of your Points")?></td>
    </tr>
    <tr>
	<td class="DataTD"><strong><?=_("Description")?></strong></td>
	<td class="DataTD"><strong><?=_("Points")?></strong></td>
	<td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
	<td class="DataTD"><strong><?=_("Remark")?></strong></td>
    </tr>
<?
	}

	function output_summary_footer()
	{
?>
</table>
<br/>
<?
	}

	function output_summary_row($title,$points,$points_countable,$remark)
	{
?>
    <tr>
	<td class="DataTD"><strong><?=$title?></strong></td>
	<td class="DataTD"><?=$points?></td>
	<td class="DataTD"><?=$points_countable?></td>
	<td class="DataTD"><?=$remark?></td>
    </tr>
<?
	}


// ************* output given assurances ******************

	function output_given_assurances_content($userid,&$points,&$sum_experience)
	{
		$points = 0;
		$sumexperience = 0;
		$res = get_given_assurances(intval($userid));
		while($row = mysql_fetch_assoc($res))
		{
			$fromuser = get_user (intval($row['to'])); 
			$apoints = calc_experience ($row,$points,$experience,$sum_experience);
			$name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to']));
			output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
		}
	}

// ************* output received assurances ******************

	function output_received_assurances_content($userid,&$points,&$sum_experience)
	{
		$points = 0;
		$sumexperience = 0;
		$res = get_received_assurances(intval($userid));
		while($row = mysql_fetch_assoc($res))
		{
			$fromuser = get_user (intval($row['from']));
			calc_assurances ($row,$points,$experience,$sum_experience,$awarded);
			$name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from']));
			output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience);
		}
	}

// ************* output summary table ******************

	function check_date_limit ($userid,$age)
	{
		$dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age));
		$res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'");
		return intval(query_get_number_of_rows($res));
	}

	function calc_points($row)
	{
		$awarded = intval($row['awarded']);
		if ($awarded == "")
			$awarded = 0;
		if (intval($row['points']) < $awarded)
			$points = $awarded;      // if 'sum of added points' > 100, awarded shows correct value
		else
			$points = intval($row['points']);       // on very old assurances, awarded is '0' instead of correct value
		switch ($row['method'])
		{
			case 'Thawte Points Transfer':	  // revoke all Thawte-points     (as per arbitration)
			case 'CT Magazine - Germany':	   // revoke c't		   (only one test-entry)
			case 'Temporary Increase':	      // revoke 'temporary increase'  (Current usage breaks audit aspects, needs to be reimplemented)
				$points = 0;
				break;
			case 'Administrative Increase':	 // ignore AI with 2 points or less (historical for experiance points, now other calculation)
				if ($points <= 2)	       // maybe limit to 35/50 pts in the future?
					$points = 0;
				break;
			case 'Unknown':			 // to be revoked in the future? limit to max 50 pts?
			case 'Trusted Third Parties':	     // to be revoked in the future? limit to max 35 pts?
			case '':				// to be revoked in the future? limit to max 50 pts?
			case 'Face to Face Meeting':	    // normal assurances, limit to 35/50 pts in the future?
				break;
			default:				// should never happen ... ;-)
				$points = 0;
		}
		if ($points < 0)				// ignore negative points (bug needs to be fixed)
			$points = 0;
		return $points;
	}

	function max_points($userid)
	{
		return output_summary_content ($userid,0);
	}

	function output_summary_content($userid,$display_output)
	{
		$sum_points = 0;
		$sum_experience = 0;
		$sum_experience_other = 0;
		$max_points = 100;
		$max_experience = 50;

		$experience_limit_reached_txt = _("Limit reached");

		if (check_date_limit($userid,18) != 1)
		{
			$max_experience = 10;
			$experience_limit_reached_txt = _("Limit given by PoJAM reached");
		}
		if (check_date_limit($userid,14) != 1)
		{
			$max_experience = 0;
			$experience_limit_reached_txt = _("Limit given by PoJAM reached");
		}

		$res = get_received_assurances_summary($userid);
		while($row = mysql_fetch_assoc($res))
		{
			$points = calc_points ($row);

			if ($points > $max_points)			// limit to 100 points, above is experience (needs to be fixed)
			{
				$sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']);
				$points = $max_points;
			}
			$sum_points += $points*intval($row['number']);
		}

		$res = get_given_assurances_summary($userid);
		while($row = mysql_fetch_assoc($res))
		{
			switch ($row['method'])
			{
				case 'Face to Face Meeting':	 		// count Face to Face only
					$sum_experience += 2*intval($row['number']);
					break;
			}

		}

		if ($sum_points > $max_points)
			{
			$sum_points_countable = $max_points;
			$remark_points = _("Limit reached");
			}
		else
			{
			$sum_points_countable = $sum_points;
			$remark_points = "&nbsp;";
			}
		if ($sum_experience > $max_experience)
			{
			$sum_experience_countable = $max_experience;
			$remark_experience = $experience_limit_reached_txt;
			}
		else
			{
			$sum_experience_countable = $sum_experience;
			$remark_experience = "&nbsp;";
			}

		if ($sum_experience_countable + $sum_experience_other > $max_experience)
			{
			$sum_experience_other_countable = $max_experience-$sum_experience_countable;
			$remark_experience_other = $experience_limit_reached_txt;
			}
		else
			{
			$sum_experience_other_countable = $sum_experience_other;
			$remark_experience_other = "&nbsp;";
			}

		if ($sum_points_countable < $max_points)
			{
			if ($sum_experience_countable != 0)
				$remark_experience = _("Points on hold due to less assurance points");
			$sum_experience_countable = 0;
			if ($sum_experience_other_countable != 0)
				$remark_experience_other = _("Points on hold due to less assurance points");
			$sum_experience_other_countable = 0;
			}

		$issue_points = 0;
		$cats_test_passed = get_cats_state ($userid);
		if ($cats_test_passed == 0)
		{
			$issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>";
			if ($sum_points_countable < $max_points)
			{
				$issue_points_txt = "<strong style='color: red'>";
				$issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points));
				$issue_points_txt .= "</strong>";
			}
		}
		else
		{
			$experience_total = $sum_experience_countable+$sum_experience_other_countable;
			$issue_points_txt = "";
			if ($sum_points_countable == $max_points)
				$issue_points = 10;
			if ($experience_total >= 10)
				$issue_points = 15;
			if ($experience_total >= 20)
				$issue_points = 20;
			if ($experience_total >= 30)
				$issue_points = 25;
			if ($experience_total >= 40)
				$issue_points = 30;
			if ($experience_total >= 50)
				$issue_points = 35;
			if ($issue_points != 0)
				$issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points);
		}
		if ($display_output)
		{
			output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points);
			output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience);
			output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other);
			output_summary_row (_("Total Points"),"&nbsp;",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt);
		}
		return $issue_points;
	}

	function output_given_assurances($userid)
	{
		output_assurances_header(_("Assurance Points You Issued"));
		output_given_assurances_content($userid,$points,$sum_experience);
		output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience);
	}

	function output_received_assurances($userid)
	{
		output_assurances_header(_("Your Assurance Points"));
		output_received_assurances_content($userid,$points,$sum_experience);
		output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience);
	}

	function output_summary($userid)
	{
		output_summary_header();
		output_summary_content($userid,1);
		output_summary_footer();
	}

	function output_end_of_page()
	{
?>
	<p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
<?
	}

// functions for 6.php (assure somebody)

function AssureHead($confirmation,$checkname)
{
?>
<form method="post" action="wot.php">
	<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
	<tr>
		<td colspan="2" class="title"><?=$confirmation?></td>
	</tr>
	<tr>
		<td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
	</tr>
<?
 } 

function AssureTextLine($field1,$field2)
{
?>
	<tr>
		<td class="DataTD"><?=$field1?>:</td>
		<td class="DataTD"><?=$field2?></td>
	</tr>
<?
}

function AssureCCABoxLine($type,$text)
{
	return;
	AssureBoxLine($type,$text);
}

function AssureBoxLine($type,$text,$checked)
{
?>
	<tr>
		<td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
		<td class="DataTD"><?=$text?></td>
	</tr>
<?
}

function AssureMethodLine($text,$methods,$remark)
{
	if (count($methods) != 1)
	{
?>
	<tr>
		<td class="DataTD"><?=$text?></td>
		<td class="DataTD">
			<select name="method">
<?
			foreach($methods as $val) { ?>
				<option value="<?=$val?>"> <?=$val?></option>

<? } ?>
			</select>
			</br><?=$remark?>
		</td>
	</tr>
<?
	} else {
?>
	<input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>">
<?
	}
}

function AssureInboxLine($type,$field,$value,$description)
{
?>
	<tr>
		<td class="DataTD"><?=$field?>:</td>
		<td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
	</tr>
<?
}

function AssureFoot($oldid,$confirm)
{?>
	<tr>
		<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
  	</tr>
	</table>
	<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>">
	<input type="hidden" name="oldid" value="<?=$oldid?>">
</form>
<?
}

wot.incmodified.php (19,132 bytes)   

INOPIAE

2012-11-11 16:44

updater   ~0003322

Last edited: 2012-11-11 16:51

View 2 revisions

Changes in /pages/wot/4.php
Exchange everything from line 34

Changes in www/wot.php
Added lines 131 to 182

Changes in includes/wot.ic.php
Added Lines 44 to 51

INOPIAE

2012-11-11 16:51

updater  

wotmodified.php (21,432 bytes)   
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/ ?>
<?
require_once("../includes/loggedin.php");
require_once("../includes/lib/l10n.php");


function show_page($target,$message,$error)
{
	showheader(_("My CAcert.org Account!"));
	if ($error != "")
		$message=_("ERROR").": ".$error;
	if ($message != "")
		echo "<p><font color='orange' size='+1'>".$message."</font></p>";

	switch ($target)
	{
		case '0':
		case 'InfoPage':	includeit(0, "wot");
					break;
		case '1':
		case 'ListByCity':	includeit(1, "wot");
					break;
		case '2':
		case 'BecomeAssurer':	includeit(2, "wot");
					break;
		case '3':
		case 'TrustRules':	includeit(3, "wot");
					break;
		case '4':
		case 'ShowTTPInfo':	includeit(4, "wot");
					break;
		case '5';
		case 'EnterEmail':	includeit(5, "wot");
					break;
		case '6':
		case 'VerifyData':	includeit(6, "wot");
					break;
//		case '7':
//		case '???':		includeit(7, "wot");
//					break;
		case '8':
		case 'EnterMyInfo':	includeit(8, "wot");
					break;
		case '9':
		case 'ContactAssurer':	includeit(9, "wot");
					break;
		case '10':
		case 'MyPointsOld':	includeit(10, "wot");
					break;
//		case '11':
//		case 'OAInfo':		includeit(11, "wot");
//					break;
		case '12':
		case 'SearchAssurer':	includeit(12, "wot");
					break;
		case '13':
		case 'EnterMyCity':	includeit(13, "wot");
					break;
//		case '14':
//		case 'EnterEmail':	includeit(14, "wot");
//					break;
		case '15':
		case 'MyPointsNew':	includeit(15, "wot");
					break;
	}

	showfooter();
}

function send_reminder()
{
	$body = "";
	$my_translation = L10n::get_translation();
	
	$_SESSION['_config']['reminder-lang'] = $_POST['reminder-lang'];
	
	$reminder_translations[] = $_POST['reminder-lang'];
	if ( !in_array("en", $reminder_translations, $strict=true) ) {
		$reminder_translations[] = "en";
	}
	
	foreach ($reminder_translations as $translation) {
		L10n::set_translation($translation);
		
		$body .= L10n::$translations[$translation].":\n\n";
		$body .= sprintf(_("This is a short reminder that you filled out forms to become trusted with CAcert.org, and %s has attempted to issue you points. Please create your account at %s as soon as possible and then notify %s so that the points can be issued."), $_SESSION['profile']['fname']." (".$_SESSION['profile']['email'].")", "http://www.cacert.org", $_SESSION['profile']['fname'])."\n\n";
		$body .= _("Best regards")."\n";
		$body .= _("CAcert Support Team")."\n\n";
	}
	
	L10n::set_translation($reminder_translations[0]); // for the subject
	sendmail($_POST['email'], "[CAcert.org] "._("Reminder Notice"), $body, $_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']);
	
	L10n::set_translation($my_translation);
	
	$_SESSION['_config']['remindersent'] = 1;
	$_SESSION['_config']['error'] = _("A reminder notice has been sent.");
}




	loadem("account");
	if(array_key_exists('date',$_POST) && $_POST['date'] != "")
		$_SESSION['_config']['date'] = $_POST['date'];

	if(array_key_exists('location',$_POST) && $_POST['location'] != "")
		$_SESSION['_config']['location'] = $_POST['location'];

	$oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0;	

	if($oldid == 12)
		$id = $oldid;
		
	if($oldid == 4)
	{
	   $my_translation = L10n::get_translation();
		 L10n::set_translation($_SESSION['_config']['notarise']['language']);	 
	  if ($_POST['ttp']!='') {
 		 //This mail does not need to be transalted
		 $body = "Hi TTP adminstrators \n\n ";
     $body .= $_SESSION['profile']['fname']." ". $_SESSION['profile']['lname'].", ".$_SESSION['profile']['email']." is requesting a TTP assurances for ".mysql_escape_string(stripslashes($_POST['country'])).".";
		 if ($_POST['ttptopup']=='1') {
		  $body .= "The user is requesting also the TTP TOPUP.\n\n";
  	 }else{
      $body .= "The user is NOT requesting the TTP TOPUP.\n\n";
     }
     $body .= "The user received ".$_SESSION['profile']['points']." assurance points up today.\n\n";
		 $body .= "Please start the TTP assurance process.";
	   sendmail("support@cacert.org", "[CAcert.org] "._("TTP request."), $body, "support@cacert.org", "", "", "CAcert Website");

     //This mail needs to be translated
		L10n::set_translation($my_translation);

		$body  =_("You are receiving this email because you asked for TTP assurance.")."\n\n";
		if ($_POST['ttptopup']=='1') {
		  $body .=_("You are requesting the TTP TOPUP.")."\n\n";
  	 }else{
      $body .=_("You are NOT requesting the TTP TOPUP.")."\n\n";
     }
		$body .= _("Best regards")."\n";
		$body .= _("CAcert Support Team");

		sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You requested TTP assurances"), $body, "support@cacert.org", "", "", "CAcert Support");

    }
     
    if ($_POST['ttptopup']!='') {
 		 //This mail does not need to be transalted
		 $body = "Hi TTP adminstrators \n\n ";
     $body .= $_SESSION['profile']['fname']." ". $_SESSION['profile']['lname'].", ".$_SESSION['profile']['email']." is requesting a TTP TOPUP assurance.";
     $body .="The user received ".$_SESSION['profile']['points']." assurance points up today.\n\n";
		 $body .="Please start the TTP TOPUP assurance process.";
	   sendmail("support@cacert.org", "[CAcert.org] "._("TTP TOPUP request."), $body, "support@cacert.org", "", "", "CAcert Website");

     //This mail needs to be translated
		L10n::set_translation($my_translation);

		$body  = _("You are receiving this email because you asked for TTP TOPUP assurance")."\n\n";
		$body .= _("Best regards")."\n";
		$body .= _("CAcert Support Team");

		sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You requested a TTP TOPUP assurance"), $body, "support@cacert.org", "", "", "CAcert Support");
     
    }
	}

	if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6))
		if (!is_assurer($_SESSION['profile']['id'])) 
			{
				show_page ("Exit","",get_assurer_reason($_SESSION['profile']['id']));
				exit;
			}

	if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0)
	{
		show_page ("EnterEmail","",_("Something went wrong. Please enter the email address again"));
		exit;
	}
	if($oldid == 5 && array_key_exists('reminder',$_POST) && $_POST['reminder'] != "")
	{
		send_reminder();
		show_page ("EnterEmail",_("A reminder notice has been sent."),"");
		exit;
	}

	if($oldid == 5)
	{
		$query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `deleted`=0";
		$res = mysql_query($query);
		if(mysql_num_rows($res) != 1)
		{
			$_SESSION['_config']['noemailfound'] = 1;
			show_page("EnterEmail","",_("I'm sorry, there was no email matching what you entered in the system. Please double check your information."));
			exit;
		} else 
		{
			$_SESSION['_config']['noemailfound'] = 0;
			$_SESSION['_config']['notarise'] = mysql_fetch_assoc($res);
			if ($_SESSION['_config']['notarise']['verified'] == 0)
			{
				show_page("EnterEmail","",_("User is not yet verified. Please try again in 24 hours!"));
				exit;
			}
		}
	}

	if($oldid == 5 || $oldid == 6)
	{
		$id=6;
//		$oldid=0;
		if(array_key_exists('cancel',$_REQUEST) && $_REQUEST['cancel'] != "")
		{
			show_page("EnterEmail","","");
			exit;
		}
		if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id'])
		{
			show_page("EnterEmail","",_("You are never allowed to Assure yourself!"));
			exit;
		}

		$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and
							`to`='".$_SESSION['_config']['notarise']['id']."'";
		$res = mysql_query($query);
		if(mysql_num_rows($res) > 0)
		{
			show_page("EnterEmail","",_("You are only allowed to Assure someone once!"));
			exit;
		}
	}

	if($oldid == 6)
	{
$iecho= "c";
		if(!array_key_exists('assertion',$_POST) || $_POST['assertion'] != 1)
		{
			show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
			exit;
		}

/*		if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
		{
			show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
			exit;
		}
*/

		if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 )  && $_SESSION['profile']['ttpadmin'] != 1)
		{
			show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert"));
			exit;
		}

		if($_SESSION['profile']['ttpadmin'] != 1 && $_POST['location'] == "")
		{
			show_page("VerifyData","",_("You failed to enter a location of your meeting."));
			exit;
		}

		if($_REQUEST['points'] == "")
		{
			show_page("VerifyData","",_("You must enter the number of points you wish to allocate to this person."));
			exit;
		}

		$query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
		$res = mysql_query($query);
		$row = mysql_fetch_assoc($res);
		$name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
		if($_SESSION['_config']['wothash'] != md5($name."-".$row['dob']) || $_SESSION['_config']['wothash'] != $_REQUEST['pagehash'])
		{
			show_page("VerifyData","",_("Race condition discovered, user altered details during assurance procedure. PLEASE MAKE SURE THE NEW DETAILS BELOW MATCH THE ID DOCUMENTS."));
			exit;
		}
	}


	if($oldid == 6)
	{
		$max =  maxpoints();

		$awarded = $newpoints = intval($_POST['points']);
		if($newpoints > $max)
			$newpoints = $awarded = $max;
		if($newpoints < 0)
			$newpoints = $awarded = 0;
		
		$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
		$res = mysql_query($query);
		$drow = mysql_fetch_assoc($res);

		$_POST['expire'] = 0;

		if(($drow['total'] + $newpoints) > 100 && $max < 100)
			$newpoints = 100 - $drow['total'];
		if(($drow['total'] + $newpoints) > $max && $max >= 100)
			$newpoints = $max - $drow['total'];
		if($newpoints < 0)
			$newpoints = 0;
		
		if(mysql_escape_string(stripslashes($_POST['date'])) == "")
			$_POST['date'] = date("Y-m-d H:i:s");

		$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND
						`to`='".$_SESSION['_config']['notarise']['id']."' AND
						`awarded`='$awarded' AND 
						`location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND
						`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
		$res = mysql_query($query);
		if(mysql_num_rows($res) > 0)
		{
                        show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue."));
			exit;
		}
	}

	if($oldid == 6)
	{
		$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
						`to`='".$_SESSION['_config']['notarise']['id']."',
						`points`='$newpoints', `awarded`='$awarded',
						`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
						`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
						`when`=NOW()";
		if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
		{
			$query .= ",\n`method`='Temporary Increase'";
			$query .= ",\n`expire`=DATE_ADD(NOW(), INTERVAL '".intval($_POST['expire'])."' DAY)";
			$query .= ",\n`sponsor`='".intval($_POST['sponsor'])."'";
		} else if($_SESSION['profile']['board'] == 1) {
			$query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'";
		} else if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) {
			$query .= ",\n`method`='Trusted Third Parties'";
		}
		mysql_query($query);
		fix_assurer_flag($_SESSION['_config']['notarise']['id']);
		
		if($_SESSION['profile']['points'] < 150)
		{
			$addpoints = 0;
			if($_SESSION['profile']['points'] < 149 && $_SESSION['profile']['points'] >= 100)
				$addpoints = 2;
			else if($_SESSION['profile']['points'] == 149 && $_SESSION['profile']['points'] >= 100)
				$addpoints = 1;
			$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
							`to`='".$_SESSION['profile']['id']."',
							`points`='$addpoints', `awarded`='$addpoints',
							`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
							`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
							`method`='Administrative Increase',
							`when`=NOW()";
			mysql_query($query);
			// No need to fix_assurer_flag here, this should only happen for assurers...
			$_SESSION['profile']['points'] += $addpoints;
		}

		$my_translation = L10n::get_translation();
		L10n::set_translation($_SESSION['_config']['notarise']['language']);
		
		$body  = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n";
		if($_POST['points'] != $newpoints)
			$body .= sprintf(_("You were issued %s points however the system has rounded this down to %s and you now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n";
		else
			$body .= sprintf(_("You were issued %s points and you now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n";

		if(($drow['total'] + $newpoints) < 100 && ($drow['total'] + $newpoints) >= 50)
		{
			$body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n";
		}

		if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0)
		{
//			$body .= _("You now have over 100 points and can start assuring others.")."\n\n";
			$body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the")." ";
			$body .= _("Assurer Challenge")." ( https://cats.cacert.org )\n\n";
			$body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n\n";
			$body .= "https://www.cacert.org/wot.php?id=8\n\n";
			$body .= _("You can list your location by going to:")."\n\n";
			$body .= "https://www.cacert.org/wot.php?id=13\n\n";
		}

		if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
			$body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time your points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";

		$body .= _("Best regards")."\n";
		$body .= _("CAcert Support Team");

		sendmail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "support@cacert.org", "", "", "CAcert Website");

		L10n::set_translation($my_translation);

		$body  = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n";
		if($_POST['points'] != $newpoints)
			$body .= sprintf(_("You issued %s points however the system has rounded this down to %s and they now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n";
		else
			$body .= sprintf(_("You issued %s points and they now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n";

		if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
			$body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time their points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";
		$body .= _("Best regards")."\n";
		$body .= _("CAcert Support Team");

		sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "support@cacert.org", "", "", "CAcert Support");

		if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
		{
			$body  = sprintf("%s %s (%s) has issued a temporary increase to 200 points for %s %s (%s) for %s days. This action was sponsored by %s %s (%s).", $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'], $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'], intval($_POST['expire']), $sponsor['fname'], $sponsor['lname'], $sponsor['email'])."\n\n";

			sendmail("cacert-board@lists.cacert.org", "[CAcert.org] Temporary Increase Issued.", $body, "website@cacert.org", "", "", "CAcert Website");
		}

		showheader(_("My CAcert.org Account!"));
		echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";
?><form method="post" action="wot.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
  <tr>
    <td colspan="2" class="title"><?=_("Assure Someone")?></td>
  </tr>
  <tr>
    <td class="DataTD"><?=_("Email")?>:</td>
    <td class="DataTD"><input type="text" name="email" id="email" value=""></td>
  </tr>
  <tr>
    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
  </tr>
</table>
<input type="hidden" name="oldid" value="5">
</form>
<SCRIPT LANGUAGE="JavaScript">
//<![CDATA[
	function my_init()
	{
		document.getElementById("email").focus();
	}

	window.onload = my_init();
//]]>
</script>
<?
		showfooter();
		exit;
	}

	if($oldid == 8)
	{
		csrf_check("chgcontact");

		$info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
		$listme = intval($_POST['listme']);
		if($listme < 0 || $listme > 1)
			$listme = 0;

		$_SESSION['profile']['listme'] = $listme;
		$_SESSION['profile']['contactinfo'] = $info;

		$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'";
		mysql_query($query);

		showheader(_("My CAcert.org Account!"));
		echo "<p>"._("Your account information has been updated.")."</p>";
		showfooter();
		exit;
	}

	if($oldid == 9 && $_REQUEST['userid'] > 0 && $_SESSION['profile']['id'] > 0)
	{
		if($_SESSION['_config']['pagehash'] != $_REQUEST['pageid'])
		{
			$oldid=0;
			$id = 9;
			show_page("ContactAssurer","",_("It looks like you were trying to contact multiple people, this isn't allowed due to data security reasons."));
			exit;
		} else {
			$body = $_REQUEST['message'];
			$subject = $_REQUEST['subject'];
			$userid = intval($_REQUEST['userid']);
			$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
	                $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
						where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
			if($points > 0)
			{
				$my_translation = L10n::get_translation();
				L10n::set_translation($user['language']);
				
				$subject = "[CAcert.org] ".sprintf(_("Message from %s"),
						$_SESSION['profile']['fname']);
				
				$body  = sprintf(_("Hi %s,"), $user['fname'])."\n\n";
				$body .= sprintf(_("%s %s has sent you a message via the ".
						"contact an Assurer form on CAcert.org."),
						$_SESSION['profile']['fname'],
						$_SESSION['profile']['lname'])."\n\n";
				$body .= sprintf(_("Subject: %s"), $_REQUEST['subject'])."\n";
				$body .= _("Message:")."\n";
				$body .= $_REQUEST['message']."\n\n";
				$body .= "------------------------------------------------\n\n";
				$body .= _("Please note, that this is NOT a message on behalf ".
						"of CAcert but another CAcert community member. If ".
						"you suspect that the contact form might have been ".
						"abused, please write to support@cacert.org")."\n\n";
				$body .= _("Best regards")."\n";
				$body .= _("Your CAcert Community");
				
				sendmail($user['email'], $subject, $body,
						$_SESSION['profile']['email'], //from
						"", //replyto
						"", //toname
						$_SESSION['profile']['fname']." ".
							$_SESSION['profile']['lname']); //fromname
				
				L10n::set_translation($my_translation);
				
				showheader(_("My CAcert.org Account!"));?>
				<p>
					<? printf(_("Your email has been sent to %s."), $user['fname']); ?>
				</p>
				<p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p>
				<?
				showfooter();
				exit;
			} else {
				show_page(0,"",_("Sorry, I was unable to locate that user."));
				exit;
			}
		
		}
	} 
	if($oldid == 9) 
	{
		$oldid=0;
		$id = 9;
		show_page("ContactAssurer","",_("There was an error and I couldn't proceed"));
		exit;
	}

//	showheader(_("My CAcert.org Account!"));
//	echo "ID now = ".$id."/".$oldid.">>".$iecho;
//	includeit($id, "wot");
//	showfooter();
show_page ($id,"","");
?>
wotmodified.php (21,432 bytes)   

INOPIAE

2012-11-11 16:52

updater  

4.modified1.php (4,578 bytes)   
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/ ?>

<h3><?_("Trusted Third Parties")?></h3>

<? _("The Trusted Third Party (TTP) programme is intended to be used in areas without many CAcert Assurers.")."\n\n" ?>

<? _("A Trusted Third Party (TTP) is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on..")."\n\n" ?>

<? _("With the TTP programme you can potentially gain assurance up to a maximum of 100 assurance points.")."\n\n" ?>

<? _("Currently CAcert has only developed the TTP programme to the level that you can gain 70 assurance points by TTP assurances.")."\n\n" ?>. 

<? _("We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points.")."\n\n" ?> 

<? _("In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only traveling to populated countries, but also remember that assurers may occasionally visit your country or area.")."\n\n" ?>

<? sprintf(_("If you are interested in the TTP programme, read the pages %s for the basic way how the TTP programme works for you, and %s whether the TTP programme affects the country where you are located."),"<a href='http://wiki.cacert.org/TTP/TTPuser'>http://wiki.cacert.org/TTP/TTPuser</a>","<a href='http://wiki.cacert.org/TTP/TTPAL'>http://wiki.cacert.org/TTP/TTPAL</a>")."\n\n" ?>

                              
// test for points <100
if ($_SESSION['profile']['points']<100){
  // test for TTP assurances
  if (get_number_of_ttpassurances($userid)<2){
    <p><?=_("If you want to ask for TTP assurances fill out the missing data and send the request to support@cacert.org to start the process. CAcert will inform you then about the next steps.)?></p>
    <form method="post" action="wot.php">
    <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
        <td class="DataTD"><?=_("Country you whant to visit the TTP")?></td>
        <td class="DataTD"><input type="text" name="country" size="30"></td>
        //shall the input be replaced by a select, where should the country information be maintained
      </tr>
      <tr>
        <td class="DataTD"><?=_("I want to take part in the TTP Topup Programme")?></td>
        <td class="DataTD"><input type="checkbox" name="ttptopup" value="1"></td>
      </tr>
      <tr>
        <td colspan="2" >
          <input type="hidden" name="oldid" value="4">
          <input type="submit" name="ttp" value="<?=_("I need a TTP assurance")?>">
        </td>
      </tr>
    </table>
   </form>
  }else{
  /* As soon as the TPP TOPUP Programme is established this routine should be used
    <p><?=_("As you got already 2 TTP assurances you only can take part in the TTP TOPUP programme.\n\n If you want you ask for the TTP TOPUP programme use the submit button to send the request to support@cacert.org to start the process. CAcert will inform you then about the next steps.")?></p>
    <form method="post" action="wot.php">
          <input type="hidden" name="oldid" value="<?=$id?>">
          <input type="submit" name="ttptopup" value="<?=_("I need a TTP TOPUP")?>">
   </form>
  */
    <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. In the meanwhile you have to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p>  
  }

}
Else{
<p><?=_("You reached the maximum points that can be granted by the TTP programme and therefore you cannot takte part in the TTP programme any more.")?></p>
}
4.modified1.php (4,578 bytes)   

Uli60

2012-12-19 01:37

updater   ~0003475

round 1:
user1 0 pts
exec CAcert Web Of Trust - Trusted ThirdParties
https://cacert1.it-sls.de/wot.php?id=4
displays lot of text + form at end of page
country selection (current 3)
request TOPUP checkbox (checked)
submit button
=> ok

ca-mgr1, mail received
requesting TTP including TOPUP
=> ok

ttpadmin, assure someone method TTP, 35 pts
user now has 35 pts
=> ok

round 2:
user1 35 pts, 1 ttp-assisted (assurance)
exec CAcert Web Of Trust - Trusted ThirdParties
https://cacert1.it-sls.de/wot.php?id=4
displays lot of text + form at end of page
country selection (current 3)
request TOPUP checkbox (checked)
submit button
=> ok

ca-mgr1, mail received
requesting TTP including TOPUP
=> ok

another ttpadmin, assure someone method TTP, 35 pts
user now has 70 pts
=> ok

ca-mgr1, mail received
you now have over 50 pts, allowed certs for 2 years, and name in cert
=> ok

round 3:
user1 70 pts, 2 ttp-assisted (assurance)
exec CAcert Web Of Trust - Trusted ThirdParties
https://cacert1.it-sls.de/wot.php?id=4
displays lot of text, no form at end of page

probably addtl. 1 or 2 text blocks ?!?
We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points.

In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but also remember that assurers may occasionally visit your country or area.
=> ok

My Details - My Points (10.php)
(another ttp assurer added 3rd TTP assurance) (but this is out of scope of this patch)
266172 2012-12-18 Gerhard von Reith 35 test ttp TTP-Assisted
266173 2012-12-19 Ulrich Schroeter 35 2nd ttp assurance TTP-Assisted
266174 2012-12-19 Marcus Mängel 30 ttp account TTP-Assisted
=> ok per 1112 patch

My Details - My Points (15.php)
summary:
Assurance Points you received 105 100 Limit reached
=> ok

Your Assurance Points
ID Date Who Points Location Method Experience Points
266172 2012-12-18 Gerhard von Reith 35 test ttp TTP-Assisted 0
266173 2012-12-19 Ulrich Schroeter 35 2nd ttp assurance TTP-Assisted 0
266174 2012-12-19 Marcus Mängel 35 ttp account TTP-Assisted 0
Total Assurance Points: 105 Total Experience Points: 0
=> ok

Werner Dworak

2012-12-22 00:44

updater   ~0003545

Last edited: 2012-12-22 09:08

View 2 revisions

I hat great trouble testing the TTP assurances. But I assume the culprit comes from another area.

I already hat on the test server the account werner.dworak@cacert.org with about the maximum of sensible access rights including SE.

Then I created the account dworak@wombaz.de with the password QlqhLz3ZqE629tHgMSOa with minimum capabilities as a member looking for TTP assurances.

This account got a TTP assurance from werner.dworak@cacert.org and if I remember right, everything was in best order. But I cannot swear on it.

Then I created the account werner.dworak2@cacert.org with password ERarNp2cPEA9RUaVexeQ and frivolously gave it the flags Code Signing, TTP Admin, Board Member, Location Admin and TVerify. Then I gave it a full assurance by the test manager.

With that account I gave a TTP assurance to dworak@wombaz.de with strange results. In the account dworak@wombaz.de at "my points" with old calculation the correct points but at "Methode" I got the entry "Project-Id-Version: CAcert Production Report-Msgid-Bugs-To: translations-admin@cacert.org POT-Creation-Date: 2012-12-16 17:44+0100 PO-Revision-Date: 2012-12-15 18:02+0200 Last-Translator: L10N Language-Team: LANGUAGE Language: de MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Plural-Forms: nplurals=2; plural=(n != 1); X-Generator: Pootle 2.1.6". With "new calculation" the "Methode" field was empty. From the SE console the old calculation shows the "Methode" field empty as well. The rest is correct. But with the new calculation an other surprise: the number of points given by dworak@wombaz.de are here zero.

Then I created the account werner.dworak3@cacert.org with password lmSUpYODID36VJS7KAvj and frivolously gave it the flags TTP Admin, Board Member and TVerify. Then I gave it a full assurance by the test manager and gave a TTP assurance to dworak@wombaz.de. The results were just the same as with werner.dworak2@cacert.org. I assume the culprits are the flags Board or Tverify.

As the next step I created the account werner.dworak4@cacert.org and gave it just the flag TTP Admin. Then I gave it a full assurance by the test manager and gave a TTP assurance to dworak@wombaz.de. Here everything worked correctly again. Only from the SE console with nrw calculation the givdn points were zero instead of 35 und the sum was 55 points instead of 125.

I now will leave alone the accounts dworak@wombaz.de, werner.dworak2@cacert.org and werner.dworak3@cacert.org and you can play with them as you like and change them.

Please don't change the accounts werner.dworak@cacert.org and werner.dworak4@cacert.org if not really needed, at least nothing essential. I will keep on using them for more tests.

So, I did additional tests with knut@wombaz.de and werner.dworak10@cacert.org. The Tverify seems to be innocent. The culprit is definitively the Board flag. Since both flags have no real meaning anymore, they should be completely without any impact in our software to avoid such surprises in the future. Best to wipe them out completely.

Werner Dworak

2012-12-22 02:49

updater   ~0003546

Last edited: 2012-12-22 08:05

View 2 revisions

Even if all TTP assurers have a standard account, the TTP assurances do not work as they should.

If all TTP assurers grant only few points, it looks like there is no limit how many TTP-Assurances a member can request. There is only a limit when the member has reached 100 points, then he can no longer request a TTP assurance.

On the other side, the TTP assurers can give an unlimited number of assurances and grant an unlimited number of points. Both in "my points" of the member and in the SE console with the old point calculation, the points are counted correctly. The same holds true for "my points" with new calculation. But in the SE console with new calculation all TTP assurances are counted with zero points.

The account requesting TTP assurances was wolfgang@wombaz.de with password hCFbDGAfxKladPZGDlBH.

The TTP assurers have been werner.dworak@cacert.org and all werner.dworak4@cacert.org till werner.dworak9@cacert.org.

I will leave wolfgang@wombaz.de completely alone for the next time and do no essential changes to werner.dworak4@cacert.org till werner.dworak9@cacert.org.

By the way, I verified that Junior Assurers can grant only 10 points. Marcus told me that generally a TTP assurer shall give 35 points or zero. But it cannot harm to test other variants too. :-)

Uli60

2013-01-15 08:07

updater   ~0003656

webdb text pages are depricated according to bug 0000671
https://cacert1.it-sls.de/wot.php?id=4 should link to a wiki page

INOPIAE

2013-01-16 08:23

updater   ~0003680

@Werner:
The problem to enter more than 2 TTP assurance will be fixed in a seperate bug fix.
Junior Assurer will never be TTP Administrator so this case is not releated to the TTP problem
The problem of the 0 Points is due to diffent patch levels on the test server. See https://bugs.cacert.org/view.php?id=888

@Uli60:
The wot.php?id=4 displays different texts to the user according to his points status. So it needs to be placed in the WebDB and cannot be moved to the wiki.

INOPIAE

2013-02-19 22:45

updater   ~0003760

Please review as testing is done

NEOatNHNG

2013-02-20 15:03

administrator   ~0003766

I have fixed some issues and wording. Please test and review again.

INOPIAE

2013-02-26 22:53

updater   ~0003769

retested:
1. account 0 AP
wot 4 shows request form =>ok
send mail to support =>ok
=>ok

2. account >100 AP
wot 4 shows: no TTP available as 100 points reached =>ok
=>ok

3. account 35 AP over 1 TTP assurances
wot 4 shows request form =>ok
=>ok

4. account 75 AP one TTP
wot 4 shows request form =>ok
=>ok

5. account 105 AP 1 TTP
wot 4 shows: no TTP available as 100 points reached =>ok
=>ok

=>ok

NEOatNHNG

2013-02-26 22:55

administrator   ~0003770

A major bug just appeared in testing. Fixed it. Needs a second review and some more testing.

BenBE

2013-02-26 23:26

updater   ~0003773

Last change regarding SQL query change okay.

Werner Dworak

2013-03-01 21:04

updater   ~0003782

I started with an account without assurances.

He could request a TTP assurance. --> ok
Mails to member and Support --> ok
He got a first TTP assurance with 10 points.
There the location name "Ulm" was regarded too short --> Error
Entry in "My points" of assurer old calculation --> ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation --> ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation --> ok
Entry in Support console new calculation, zero points received --> ERROR

He could request a TTP assurance a second time --> ok
He got a second TTP assurance with 10 points.
Entry in "My points" of assurer old calculation --> ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation --> ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation --> ok
Entry in Support console new calculation, zero points received --> ERROR

He could _NOT_ request a third TTP assurance --> ok
He could get anyway a third TTP assurance with 10 points. --> ERROR (fix is deferred to later)
Entry in "My points" of assurer old calculation formally ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation formally ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation formally ok
Entry in Support console new calculation, zero points received --> ERROR

He could get anyway a forth TTP assurance with 35 points. --> ERROR (fix is deferred to later)
Entry in "My points" of assurer old calculation formally ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation formally ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation formally ok
Entry in Support console new calculation, zero points received --> ERROR

He could get anyway a fifth TTP assurance with 35 points. --> ERROR (fix is deferred to later)
Entry in "My points" of assurer old calculation formally ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation formally ok, 100 points reached
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation formally ok
Entry in Support console new calculation, zero points received --> ERROR

He could get anyway a sixth TTP assurance with 35 points. --> ERROR (fix is deferred to later)
Entry in "My points" of assurer old calculation formally ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation formally ok, 100 points reached
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
      and shows a total of 135 points --> Error
Entry in Support console old calculation formally ok
Entry in Support console new calculation, zero points received --> ERROR


I started with a second account without assurances.

He could request a TTP assurance. --> ok
He got a first TTP assurance with 35 points.
Entry in "My points" of assurer old calculation --> ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation --> ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation --> ok
Entry in Support console new calculation, zero points received --> ERROR

He could request a TTP assurance a second time --> ok
He got a second TTP assurance with 35 points.
Entry in "My points" of assurer old calculation --> ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation --> ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation --> ok
Entry in Support console new calculation, zero points received --> ERROR

He could _NOT_ request a third TTP assurance --> ok
He could get anyway a third TTP assurance with 35 points. --> ERROR (fix is deferred to later)
Entry in "My points" of assurer old calculation formally ok, reached 100 points
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
      and shows a total of 105 points --> Error
Entry in "My points" of member old calculation formally ok
Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR
Entry in Support console old calculation formally ok
Entry in Support console new calculation, zero points received --> ERROR

Werner Dworak

2013-03-01 22:03

updater   ~0003783

Last edited: 2013-03-01 22:51

View 2 revisions

I started with a third account with 70 assurance points from 2 standard assurances.

He could request a TTP assurance. --> ok
He got a first TTP assurance with 35 points.
Entry in "My points" of assurer old calculation --> ok
Entry in "My points" of assurer new calculation, at the top
assurances given too small, the TTP assurances are not counted --> ERROR
Entry in "My points" of member old calculation --> ok
Entry in "My points" of member new calculation at the top "You received 2 assurances" instead of 3 --> ERROR
   total 105 points. Is that ok?
Entry in Support console old calculation --> ok
Entry in Support console new calculation, TTP points not counted --> ERROR

He could _NOT_ request a second TTP assurance --> ok

INOPIAE

2013-03-05 22:54

updater   ~0003793

@Werner:
The location character length is part of 1137
The new calculation is part of 1054

MartinGummi

2013-03-05 23:46

updater   ~0003794

ttpuser1112

wot.php?id=10 --> 0 Points
TTP via US
1st TTP Mail to TTP Admins --> OK (35pts)
TTP Assurances via a TTP Admin -->
TTP via US
2nd TTP Mail to TTP Admins --> OK (35pts)
wot.php?id=4 No TTP Request

INOPIAE

2013-03-06 05:08

updater   ~0003795

retested:
1. account 0 AP
wot 4 shows request form =>ok
send mail to support =>ok
=>ok

2. account >100 AP
wot 4 shows: no TTP available as 100 points reached =>ok
=>ok

3. account 35 AP over 1 TTP assurances
wot 4 shows request form =>ok
=>ok

4. account 75 AP one TTP
wot 4 shows request form =>ok
=>ok

5. account 105 AP 1 TTP
wot 4 shows: no TTP available as 100 points reached =>ok
=>ok

=>ok

NEOatNHNG

2013-04-16 17:11

administrator   ~0003886

Mail sent to critical admins

wytze

2013-04-24 13:17

developer   ~0003921

The fix has been installed on the production server on April 24, 2013. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2013-04/msg00007.html

Issue History

Date Modified Username Field Change
2012-11-11 11:47 INOPIAE New Issue
2012-11-11 11:47 INOPIAE Assigned To => INOPIAE
2012-11-11 11:47 INOPIAE File Added: 4.modified1.php
2012-11-11 11:47 INOPIAE Relationship added related to 0001111
2012-11-11 11:47 INOPIAE File Added: wotmodified.php
2012-11-11 11:48 INOPIAE File Added: wot.incmodified.php
2012-11-11 16:16 INOPIAE Description Updated View Revisions
2012-11-11 16:44 INOPIAE Note Added: 0003322
2012-11-11 16:51 INOPIAE Note Edited: 0003322 View Revisions
2012-11-11 16:51 INOPIAE File Deleted: wotmodified.php
2012-11-11 16:51 INOPIAE File Added: wotmodified.php
2012-11-11 16:51 INOPIAE File Deleted: 4.modified1.php
2012-11-11 16:52 INOPIAE File Added: 4.modified1.php
2012-11-29 19:25 INOPIAE Relationship added related to 0000988
2012-12-11 23:52 INOPIAE Assigned To INOPIAE => BenBE
2012-12-11 23:52 INOPIAE Status new => needs review & testing
2012-12-18 22:36 BenBE Reviewed by => BenBE
2012-12-19 01:37 Uli60 Note Added: 0003475
2012-12-22 00:44 Werner Dworak Note Added: 0003545
2012-12-22 02:49 Werner Dworak Note Added: 0003546
2012-12-22 08:05 Werner Dworak Note Edited: 0003546 View Revisions
2012-12-22 09:08 Werner Dworak Note Edited: 0003545 View Revisions
2012-12-23 09:23 Werner Dworak Relationship added related to 0000888
2012-12-23 09:24 Werner Dworak Relationship added related to 0000863
2012-12-23 09:27 Werner Dworak Relationship added related to 0000864
2012-12-27 05:07 Werner Dworak Relationship added related to 0001032
2013-01-09 04:03 Werner Dworak Relationship added related to 0001134
2013-01-15 08:02 Uli60 Relationship added related to 0000740
2013-01-15 08:07 Uli60 Relationship added related to 0000671
2013-01-15 08:07 Uli60 Note Added: 0003656
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 66c852c4
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 63738c4b
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable ed39380b
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable e6ca97e0
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 2c99fd84
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable a192e6f5
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable a76b65d7
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable c8f7c545
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable ff03ad5d
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 7c8564a8
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable b5159b83
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 2a406fc5
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable e6171669
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 0c3e0554
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 5464cbce
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 6a8fbe60
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 9a89a4a5
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable a4dbfd0f
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 78dc96ea
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 370b8676
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 9c63d58b
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable 87ee92f5
2013-01-16 08:23 INOPIAE Note Added: 0003680
2013-02-19 22:45 INOPIAE Note Added: 0003760
2013-02-19 22:45 INOPIAE Assigned To BenBE => NEOatNHNG
2013-02-19 22:45 INOPIAE Status needs review & testing => needs review
2013-02-20 14:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 0a8326db
2013-02-20 14:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 805f9a15
2013-02-20 15:03 NEOatNHNG Reviewed by BenBE => NEOatNHNG
2013-02-20 15:03 NEOatNHNG Note Added: 0003766
2013-02-20 15:03 NEOatNHNG Status needs review => needs review & testing
2013-02-26 22:16 BenBE Reviewed by NEOatNHNG => NEOatNHNG, BenBE
2013-02-26 22:16 BenBE Status needs review & testing => ready to deploy
2013-02-26 22:16 BenBE Product Version => 2012 Q4
2013-02-26 22:16 BenBE Fixed in Version => 2013 Q1
2013-02-26 22:16 BenBE Target Version => 2013 Q1
2013-02-26 22:45 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 7773b06b
2013-02-26 22:45 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 7b29aa39
2013-02-26 22:53 INOPIAE Note Added: 0003769
2013-02-26 22:55 NEOatNHNG Reviewed by NEOatNHNG, BenBE => NEOatNHNG
2013-02-26 22:55 NEOatNHNG Note Added: 0003770
2013-02-26 22:55 NEOatNHNG Status ready to deploy => needs review & testing
2013-02-26 23:26 BenBE Reviewed by NEOatNHNG => NEOatNHNG, BenBE
2013-02-26 23:26 BenBE Note Added: 0003773
2013-02-26 23:26 BenBE Status needs review & testing => ready to deploy
2013-02-26 23:57 NEOatNHNG Status ready to deploy => needs testing
2013-03-01 21:04 Werner Dworak Note Added: 0003782
2013-03-01 22:03 Werner Dworak Note Added: 0003783
2013-03-01 22:51 Werner Dworak Note Edited: 0003783 View Revisions
2013-03-05 22:54 INOPIAE Note Added: 0003793
2013-03-05 23:46 MartinGummi Note Added: 0003794
2013-03-06 05:08 INOPIAE Note Added: 0003795
2013-03-12 21:05 BenBE Status needs testing => ready to deploy
2013-03-12 22:38 Uli60 Relationship added child of 0001023
2013-04-16 17:11 NEOatNHNG Note Added: 0003886
2013-04-16 22:50 NEOatNHNG Source_changeset_attached => cacert-devel release 55a75d23
2013-04-24 13:17 wytze Note Added: 0003921
2013-04-24 13:17 wytze Status ready to deploy => solved?
2013-04-24 13:17 wytze Fixed in Version 2013 Q1 => 2013 Q2
2013-04-24 13:17 wytze Resolution open => fixed
2013-07-23 22:00 INOPIAE Status solved? => closed
2013-07-23 22:00 INOPIAE Assigned To NEOatNHNG =>