View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001112 | Main CAcert Website | website content | public | 2012-11-11 11:47 | 2013-07-23 22:00 |
Reporter | INOPIAE | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 2012 Q4 | ||||
Target Version | 2013 Q1 | Fixed in Version | 2013 Q2 | ||
Summary | 0001112: Exchange the text on the TTP page according to the new TTP programm | ||||
Description | Once the bug 1111 has been applied as intermediate version this bug should be implemented. It shows depending on the assurance points granted the possibility to send a mail to support requesting for TTP assurance or TTP TOPUP assurances. | ||||
Tags | No tags attached. | ||||
Attached Files | wot.incmodified.php (19,132 bytes)
<? /* LibreSSL - CAcert web application Copyright (C) 2004-2011 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ function query_init ($query) { return mysql_query($query); } function query_getnextrow ($res) { $row1 = mysql_fetch_assoc($res); return $row1; } function query_get_number_of_rows ($resultset) { return intval(mysql_num_rows($resultset)); } function get_number_of_assurances ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' "); $row = query_getnextrow($res); return intval($row['list']); } function get_number_of_ttpassurances ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method`='Trusted Third Parties' AND `from`='".intval($userid)."' "); $row = query_getnextrow($res); return intval($row['list']); } function get_number_of_assurees ($userid) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' "); $row = query_getnextrow($res); return intval($row['list']); } function get_top_assurer_position ($no_of_assurances) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method` = 'Face to Face Meeting' GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'"); return intval(query_get_number_of_rows($res)+1); } function get_top_assuree_position ($no_of_assurees) { $res = query_init ("SELECT count(*) AS `list` FROM `notary` WHERE `method` = 'Face to Face Meeting' GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'"); return intval(query_get_number_of_rows($res)+1); } function get_given_assurances ($userid) { $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc"); return $res; } function get_received_assurances ($userid) { $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc "); return $res; } function get_given_assurances_summary ($userid) { $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method"); return $res; } function get_received_assurances_summary ($userid) { $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method"); return $res; } function get_user ($userid) { $res = query_init ("select * from `users` where `id`='".intval($userid)."'"); return mysql_fetch_assoc($res); } function get_cats_state ($userid) { $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1 WHERE `cats_passed`.`user_id` = '".intval($userid)."'"); return mysql_num_rows($res); } function calc_experience ($row,&$points,&$experience,&$sum_experience) { $apoints = max($row['points'], $row['awarded']); $points += $apoints; $experience = " "; if ($row['method'] == "Face to Face Meeting") { $sum_experience = $sum_experience +2; $experience = "2"; } return $apoints; } function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded) { $awarded = calc_points($row); if ($awarded > 100) { $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100) $awarded = 100; } else $experience = 0; switch ($row['method']) { case 'Thawte Points Transfer': case 'CT Magazine - Germany': case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked")); $experience=0; break; default: $points += $awarded; } $sumexperience = $sumexperience + $experience; } function show_user_link ($name,$userid) { $name = trim($name); if($name == "") { if ($userid == 0) $name = _("System"); else $name = _("Deleted account"); } else $name = "<a href='wot.php?id=9&userid=".intval($userid)."'>$name</a>"; return $name; } function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer) { $num_of_assurances = get_number_of_assurances (intval($userid)); $rank_of_assurer = get_top_assurer_position($num_of_assurances); } function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree) { $num_of_assurees = get_number_of_assurees (intval($userid)); $rank_of_assuree = get_top_assuree_position($num_of_assurees); } // ************* html table definitions ****************** function output_ranking($userid) { get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer); get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree); ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td class="title"><?=_("Assurer Ranking")?></td> </tr> <tr> <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> </tr> <tr> <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> </tr> </table> <br/> <? } function output_assurances_header($title) { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="7" class="title"><?=$title?></td> </tr> <tr> <td class="DataTD"><strong><?=_("ID")?></strong></td> <td class="DataTD"><strong><?=_("Date")?></strong></td> <td class="DataTD"><strong><?=_("Who")?></strong></td> <td class="DataTD"><strong><?=_("Points")?></strong></td> <td class="DataTD"><strong><?=_("Location")?></strong></td> <td class="DataTD"><strong><?=_("Method")?></strong></td> <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> </tr> <? } function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience) { ?> <tr> <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td> <td class="DataTD"><?=$points?></td> <td class="DataTD"> </td> <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> <td class="DataTD"><?=$sumexperience?></td> </tr> </table> <br/> <? } function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience) { $tdstyle=""; $emopen=""; $emclose=""; if ($awarded == $points) { if ($awarded == "0") { if ($when < "2006-09-01") { $tdstyle="style='background-color: #ffff80'"; $emopen="<em>"; $emclose="</em>"; } } } ?> <tr> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td> </tr> <? } function output_summary_header() { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="4" class="title"><?=_("Summary of your Points")?></td> </tr> <tr> <td class="DataTD"><strong><?=_("Description")?></strong></td> <td class="DataTD"><strong><?=_("Points")?></strong></td> <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> <td class="DataTD"><strong><?=_("Remark")?></strong></td> </tr> <? } function output_summary_footer() { ?> </table> <br/> <? } function output_summary_row($title,$points,$points_countable,$remark) { ?> <tr> <td class="DataTD"><strong><?=$title?></strong></td> <td class="DataTD"><?=$points?></td> <td class="DataTD"><?=$points_countable?></td> <td class="DataTD"><?=$remark?></td> </tr> <? } // ************* output given assurances ****************** function output_given_assurances_content($userid,&$points,&$sum_experience) { $points = 0; $sumexperience = 0; $res = get_given_assurances(intval($userid)); while($row = mysql_fetch_assoc($res)) { $fromuser = get_user (intval($row['to'])); $apoints = calc_experience ($row,$points,$experience,$sum_experience); $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to'])); output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience); } } // ************* output received assurances ****************** function output_received_assurances_content($userid,&$points,&$sum_experience) { $points = 0; $sumexperience = 0; $res = get_received_assurances(intval($userid)); while($row = mysql_fetch_assoc($res)) { $fromuser = get_user (intval($row['from'])); calc_assurances ($row,$points,$experience,$sum_experience,$awarded); $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from'])); output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience); } } // ************* output summary table ****************** function check_date_limit ($userid,$age) { $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age)); $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'"); return intval(query_get_number_of_rows($res)); } function calc_points($row) { $awarded = intval($row['awarded']); if ($awarded == "") $awarded = 0; if (intval($row['points']) < $awarded) $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value else $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value switch ($row['method']) { case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration) case 'CT Magazine - Germany': // revoke c't (only one test-entry) case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented) $points = 0; break; case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation) if ($points <= 2) // maybe limit to 35/50 pts in the future? $points = 0; break; case 'Unknown': // to be revoked in the future? limit to max 50 pts? case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? case '': // to be revoked in the future? limit to max 50 pts? case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? break; default: // should never happen ... ;-) $points = 0; } if ($points < 0) // ignore negative points (bug needs to be fixed) $points = 0; return $points; } function max_points($userid) { return output_summary_content ($userid,0); } function output_summary_content($userid,$display_output) { $sum_points = 0; $sum_experience = 0; $sum_experience_other = 0; $max_points = 100; $max_experience = 50; $experience_limit_reached_txt = _("Limit reached"); if (check_date_limit($userid,18) != 1) { $max_experience = 10; $experience_limit_reached_txt = _("Limit given by PoJAM reached"); } if (check_date_limit($userid,14) != 1) { $max_experience = 0; $experience_limit_reached_txt = _("Limit given by PoJAM reached"); } $res = get_received_assurances_summary($userid); while($row = mysql_fetch_assoc($res)) { $points = calc_points ($row); if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed) { $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']); $points = $max_points; } $sum_points += $points*intval($row['number']); } $res = get_given_assurances_summary($userid); while($row = mysql_fetch_assoc($res)) { switch ($row['method']) { case 'Face to Face Meeting': // count Face to Face only $sum_experience += 2*intval($row['number']); break; } } if ($sum_points > $max_points) { $sum_points_countable = $max_points; $remark_points = _("Limit reached"); } else { $sum_points_countable = $sum_points; $remark_points = " "; } if ($sum_experience > $max_experience) { $sum_experience_countable = $max_experience; $remark_experience = $experience_limit_reached_txt; } else { $sum_experience_countable = $sum_experience; $remark_experience = " "; } if ($sum_experience_countable + $sum_experience_other > $max_experience) { $sum_experience_other_countable = $max_experience-$sum_experience_countable; $remark_experience_other = $experience_limit_reached_txt; } else { $sum_experience_other_countable = $sum_experience_other; $remark_experience_other = " "; } if ($sum_points_countable < $max_points) { if ($sum_experience_countable != 0) $remark_experience = _("Points on hold due to less assurance points"); $sum_experience_countable = 0; if ($sum_experience_other_countable != 0) $remark_experience_other = _("Points on hold due to less assurance points"); $sum_experience_other_countable = 0; } $issue_points = 0; $cats_test_passed = get_cats_state ($userid); if ($cats_test_passed == 0) { $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>"; if ($sum_points_countable < $max_points) { $issue_points_txt = "<strong style='color: red'>"; $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points)); $issue_points_txt .= "</strong>"; } } else { $experience_total = $sum_experience_countable+$sum_experience_other_countable; $issue_points_txt = ""; if ($sum_points_countable == $max_points) $issue_points = 10; if ($experience_total >= 10) $issue_points = 15; if ($experience_total >= 20) $issue_points = 20; if ($experience_total >= 30) $issue_points = 25; if ($experience_total >= 40) $issue_points = 30; if ($experience_total >= 50) $issue_points = 35; if ($issue_points != 0) $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points); } if ($display_output) { output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points); output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience); output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other); output_summary_row (_("Total Points")," ",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt); } return $issue_points; } function output_given_assurances($userid) { output_assurances_header(_("Assurance Points You Issued")); output_given_assurances_content($userid,$points,$sum_experience); output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience); } function output_received_assurances($userid) { output_assurances_header(_("Your Assurance Points")); output_received_assurances_content($userid,$points,$sum_experience); output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience); } function output_summary($userid) { output_summary_header(); output_summary_content($userid,1); output_summary_footer(); } function output_end_of_page() { ?> <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p> <? } // functions for 6.php (assure somebody) function AssureHead($confirmation,$checkname) { ?> <form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600"> <tr> <td colspan="2" class="title"><?=$confirmation?></td> </tr> <tr> <td class="DataTD" colspan="2" align="left"><?=$checkname?></td> </tr> <? } function AssureTextLine($field1,$field2) { ?> <tr> <td class="DataTD"><?=$field1?>:</td> <td class="DataTD"><?=$field2?></td> </tr> <? } function AssureCCABoxLine($type,$text) { return; AssureBoxLine($type,$text); } function AssureBoxLine($type,$text,$checked) { ?> <tr> <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td> <td class="DataTD"><?=$text?></td> </tr> <? } function AssureMethodLine($text,$methods,$remark) { if (count($methods) != 1) { ?> <tr> <td class="DataTD"><?=$text?></td> <td class="DataTD"> <select name="method"> <? foreach($methods as $val) { ?> <option value="<?=$val?>"> <?=$val?></option> <? } ?> </select> </br><?=$remark?> </td> </tr> <? } else { ?> <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>"> <? } } function AssureInboxLine($type,$field,$value,$description) { ?> <tr> <td class="DataTD"><?=$field?>:</td> <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td> </tr> <? } function AssureFoot($oldid,$confirm) {?> <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td> </tr> </table> <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>"> <input type="hidden" name="oldid" value="<?=$oldid?>"> </form> <? } wotmodified.php (21,432 bytes)
<? /* LibreSSL - CAcert web application Copyright (C) 2004-2008 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> <? require_once("../includes/loggedin.php"); require_once("../includes/lib/l10n.php"); function show_page($target,$message,$error) { showheader(_("My CAcert.org Account!")); if ($error != "") $message=_("ERROR").": ".$error; if ($message != "") echo "<p><font color='orange' size='+1'>".$message."</font></p>"; switch ($target) { case '0': case 'InfoPage': includeit(0, "wot"); break; case '1': case 'ListByCity': includeit(1, "wot"); break; case '2': case 'BecomeAssurer': includeit(2, "wot"); break; case '3': case 'TrustRules': includeit(3, "wot"); break; case '4': case 'ShowTTPInfo': includeit(4, "wot"); break; case '5'; case 'EnterEmail': includeit(5, "wot"); break; case '6': case 'VerifyData': includeit(6, "wot"); break; // case '7': // case '???': includeit(7, "wot"); // break; case '8': case 'EnterMyInfo': includeit(8, "wot"); break; case '9': case 'ContactAssurer': includeit(9, "wot"); break; case '10': case 'MyPointsOld': includeit(10, "wot"); break; // case '11': // case 'OAInfo': includeit(11, "wot"); // break; case '12': case 'SearchAssurer': includeit(12, "wot"); break; case '13': case 'EnterMyCity': includeit(13, "wot"); break; // case '14': // case 'EnterEmail': includeit(14, "wot"); // break; case '15': case 'MyPointsNew': includeit(15, "wot"); break; } showfooter(); } function send_reminder() { $body = ""; $my_translation = L10n::get_translation(); $_SESSION['_config']['reminder-lang'] = $_POST['reminder-lang']; $reminder_translations[] = $_POST['reminder-lang']; if ( !in_array("en", $reminder_translations, $strict=true) ) { $reminder_translations[] = "en"; } foreach ($reminder_translations as $translation) { L10n::set_translation($translation); $body .= L10n::$translations[$translation].":\n\n"; $body .= sprintf(_("This is a short reminder that you filled out forms to become trusted with CAcert.org, and %s has attempted to issue you points. Please create your account at %s as soon as possible and then notify %s so that the points can be issued."), $_SESSION['profile']['fname']." (".$_SESSION['profile']['email'].")", "http://www.cacert.org", $_SESSION['profile']['fname'])."\n\n"; $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team")."\n\n"; } L10n::set_translation($reminder_translations[0]); // for the subject sendmail($_POST['email'], "[CAcert.org] "._("Reminder Notice"), $body, $_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']); L10n::set_translation($my_translation); $_SESSION['_config']['remindersent'] = 1; $_SESSION['_config']['error'] = _("A reminder notice has been sent."); } loadem("account"); if(array_key_exists('date',$_POST) && $_POST['date'] != "") $_SESSION['_config']['date'] = $_POST['date']; if(array_key_exists('location',$_POST) && $_POST['location'] != "") $_SESSION['_config']['location'] = $_POST['location']; $oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0; if($oldid == 12) $id = $oldid; if($oldid == 4) { $my_translation = L10n::get_translation(); L10n::set_translation($_SESSION['_config']['notarise']['language']); if ($_POST['ttp']!='') { //This mail does not need to be transalted $body = "Hi TTP adminstrators \n\n "; $body .= $_SESSION['profile']['fname']." ". $_SESSION['profile']['lname'].", ".$_SESSION['profile']['email']." is requesting a TTP assurances for ".mysql_escape_string(stripslashes($_POST['country']))."."; if ($_POST['ttptopup']=='1') { $body .= "The user is requesting also the TTP TOPUP.\n\n"; }else{ $body .= "The user is NOT requesting the TTP TOPUP.\n\n"; } $body .= "The user received ".$_SESSION['profile']['points']." assurance points up today.\n\n"; $body .= "Please start the TTP assurance process."; sendmail("support@cacert.org", "[CAcert.org] "._("TTP request."), $body, "support@cacert.org", "", "", "CAcert Website"); //This mail needs to be translated L10n::set_translation($my_translation); $body =_("You are receiving this email because you asked for TTP assurance.")."\n\n"; if ($_POST['ttptopup']=='1') { $body .=_("You are requesting the TTP TOPUP.")."\n\n"; }else{ $body .=_("You are NOT requesting the TTP TOPUP.")."\n\n"; } $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team"); sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You requested TTP assurances"), $body, "support@cacert.org", "", "", "CAcert Support"); } if ($_POST['ttptopup']!='') { //This mail does not need to be transalted $body = "Hi TTP adminstrators \n\n "; $body .= $_SESSION['profile']['fname']." ". $_SESSION['profile']['lname'].", ".$_SESSION['profile']['email']." is requesting a TTP TOPUP assurance."; $body .="The user received ".$_SESSION['profile']['points']." assurance points up today.\n\n"; $body .="Please start the TTP TOPUP assurance process."; sendmail("support@cacert.org", "[CAcert.org] "._("TTP TOPUP request."), $body, "support@cacert.org", "", "", "CAcert Website"); //This mail needs to be translated L10n::set_translation($my_translation); $body = _("You are receiving this email because you asked for TTP TOPUP assurance")."\n\n"; $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team"); sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You requested a TTP TOPUP assurance"), $body, "support@cacert.org", "", "", "CAcert Support"); } } if(($id == 5 || $oldid == 5 || $id == 6 || $oldid == 6)) if (!is_assurer($_SESSION['profile']['id'])) { show_page ("Exit","",get_assurer_reason($_SESSION['profile']['id'])); exit; } if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0) { show_page ("EnterEmail","",_("Something went wrong. Please enter the email address again")); exit; } if($oldid == 5 && array_key_exists('reminder',$_POST) && $_POST['reminder'] != "") { send_reminder(); show_page ("EnterEmail",_("A reminder notice has been sent."),""); exit; } if($oldid == 5) { $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `deleted`=0"; $res = mysql_query($query); if(mysql_num_rows($res) != 1) { $_SESSION['_config']['noemailfound'] = 1; show_page("EnterEmail","",_("I'm sorry, there was no email matching what you entered in the system. Please double check your information.")); exit; } else { $_SESSION['_config']['noemailfound'] = 0; $_SESSION['_config']['notarise'] = mysql_fetch_assoc($res); if ($_SESSION['_config']['notarise']['verified'] == 0) { show_page("EnterEmail","",_("User is not yet verified. Please try again in 24 hours!")); exit; } } } if($oldid == 5 || $oldid == 6) { $id=6; // $oldid=0; if(array_key_exists('cancel',$_REQUEST) && $_REQUEST['cancel'] != "") { show_page("EnterEmail","",""); exit; } if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id']) { show_page("EnterEmail","",_("You are never allowed to Assure yourself!")); exit; } $query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and `to`='".$_SESSION['_config']['notarise']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { show_page("EnterEmail","",_("You are only allowed to Assure someone once!")); exit; } } if($oldid == 6) { $iecho= "c"; if(!array_key_exists('assertion',$_POST) || $_POST['assertion'] != 1) { show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert")); exit; } /* if(!array_key_exists('rules',$_POST) || $_POST['rules'] != 1) { show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert")); exit; } */ if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 ) && $_SESSION['profile']['ttpadmin'] != 1) { show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert")); exit; } if($_SESSION['profile']['ttpadmin'] != 1 && $_POST['location'] == "") { show_page("VerifyData","",_("You failed to enter a location of your meeting.")); exit; } if($_REQUEST['points'] == "") { show_page("VerifyData","",_("You must enter the number of points you wish to allocate to this person.")); exit; } $query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); $name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix']; if($_SESSION['_config']['wothash'] != md5($name."-".$row['dob']) || $_SESSION['_config']['wothash'] != $_REQUEST['pagehash']) { show_page("VerifyData","",_("Race condition discovered, user altered details during assurance procedure. PLEASE MAKE SURE THE NEW DETAILS BELOW MATCH THE ID DOCUMENTS.")); exit; } } if($oldid == 6) { $max = maxpoints(); $awarded = $newpoints = intval($_POST['points']); if($newpoints > $max) $newpoints = $awarded = $max; if($newpoints < 0) $newpoints = $awarded = 0; $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`"; $res = mysql_query($query); $drow = mysql_fetch_assoc($res); $_POST['expire'] = 0; if(($drow['total'] + $newpoints) > 100 && $max < 100) $newpoints = 100 - $drow['total']; if(($drow['total'] + $newpoints) > $max && $max >= 100) $newpoints = $max - $drow['total']; if($newpoints < 0) $newpoints = 0; if(mysql_escape_string(stripslashes($_POST['date'])) == "") $_POST['date'] = date("Y-m-d H:i:s"); $query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND `to`='".$_SESSION['_config']['notarise']['id']."' AND `awarded`='$awarded' AND `location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND `date`='".mysql_escape_string(stripslashes($_POST['date']))."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { show_page("VerifyEmail","",_("Identical Assurance attempted, will not continue.")); exit; } } if($oldid == 6) { $query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."', `to`='".$_SESSION['_config']['notarise']['id']."', `points`='$newpoints', `awarded`='$awarded', `location`='".mysql_escape_string(stripslashes($_POST['location']))."', `date`='".mysql_escape_string(stripslashes($_POST['date']))."', `when`=NOW()"; if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0) { $query .= ",\n`method`='Temporary Increase'"; $query .= ",\n`expire`=DATE_ADD(NOW(), INTERVAL '".intval($_POST['expire'])."' DAY)"; $query .= ",\n`sponsor`='".intval($_POST['sponsor'])."'"; } else if($_SESSION['profile']['board'] == 1) { $query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'"; } else if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) { $query .= ",\n`method`='Trusted Third Parties'"; } mysql_query($query); fix_assurer_flag($_SESSION['_config']['notarise']['id']); if($_SESSION['profile']['points'] < 150) { $addpoints = 0; if($_SESSION['profile']['points'] < 149 && $_SESSION['profile']['points'] >= 100) $addpoints = 2; else if($_SESSION['profile']['points'] == 149 && $_SESSION['profile']['points'] >= 100) $addpoints = 1; $query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."', `to`='".$_SESSION['profile']['id']."', `points`='$addpoints', `awarded`='$addpoints', `location`='".mysql_escape_string(stripslashes($_POST['location']))."', `date`='".mysql_escape_string(stripslashes($_POST['date']))."', `method`='Administrative Increase', `when`=NOW()"; mysql_query($query); // No need to fix_assurer_flag here, this should only happen for assurers... $_SESSION['profile']['points'] += $addpoints; } $my_translation = L10n::get_translation(); L10n::set_translation($_SESSION['_config']['notarise']['language']); $body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n"; if($_POST['points'] != $newpoints) $body .= sprintf(_("You were issued %s points however the system has rounded this down to %s and you now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n"; else $body .= sprintf(_("You were issued %s points and you now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n"; if(($drow['total'] + $newpoints) < 100 && ($drow['total'] + $newpoints) >= 50) { $body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n"; } if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0) { // $body .= _("You now have over 100 points and can start assuring others.")."\n\n"; $body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the")." "; $body .= _("Assurer Challenge")." ( https://cats.cacert.org )\n\n"; $body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n\n"; $body .= "https://www.cacert.org/wot.php?id=8\n\n"; $body .= _("You can list your location by going to:")."\n\n"; $body .= "https://www.cacert.org/wot.php?id=13\n\n"; } if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0) $body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time your points will be reduced to 150 points."), intval($_POST['expire']))."\n\n"; $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team"); sendmail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "support@cacert.org", "", "", "CAcert Website"); L10n::set_translation($my_translation); $body = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n"; if($_POST['points'] != $newpoints) $body .= sprintf(_("You issued %s points however the system has rounded this down to %s and they now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n"; else $body .= sprintf(_("You issued %s points and they now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n"; if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0) $body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time their points will be reduced to 150 points."), intval($_POST['expire']))."\n\n"; $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team"); sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "support@cacert.org", "", "", "CAcert Support"); if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0) { $body = sprintf("%s %s (%s) has issued a temporary increase to 200 points for %s %s (%s) for %s days. This action was sponsored by %s %s (%s).", $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'], $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'], intval($_POST['expire']), $sponsor['fname'], $sponsor['lname'], $sponsor['email'])."\n\n"; sendmail("cacert-board@lists.cacert.org", "[CAcert.org] Temporary Increase Issued.", $body, "website@cacert.org", "", "", "CAcert Website"); } showheader(_("My CAcert.org Account!")); echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>"; ?><form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="2" class="title"><?=_("Assure Someone")?></td> </tr> <tr> <td class="DataTD"><?=_("Email")?>:</td> <td class="DataTD"><input type="text" name="email" id="email" value=""></td> </tr> <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> </tr> </table> <input type="hidden" name="oldid" value="5"> </form> <SCRIPT LANGUAGE="JavaScript"> //<![CDATA[ function my_init() { document.getElementById("email").focus(); } window.onload = my_init(); //]]> </script> <? showfooter(); exit; } if($oldid == 8) { csrf_check("chgcontact"); $info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo']))); $listme = intval($_POST['listme']); if($listme < 0 || $listme > 1) $listme = 0; $_SESSION['profile']['listme'] = $listme; $_SESSION['profile']['contactinfo'] = $info; $query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); showheader(_("My CAcert.org Account!")); echo "<p>"._("Your account information has been updated.")."</p>"; showfooter(); exit; } if($oldid == 9 && $_REQUEST['userid'] > 0 && $_SESSION['profile']['id'] > 0) { if($_SESSION['_config']['pagehash'] != $_REQUEST['pageid']) { $oldid=0; $id = 9; show_page("ContactAssurer","",_("It looks like you were trying to contact multiple people, this isn't allowed due to data security reasons.")); exit; } else { $body = $_REQUEST['message']; $subject = $_REQUEST['subject']; $userid = intval($_REQUEST['userid']); $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1")); $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary` where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0")); if($points > 0) { $my_translation = L10n::get_translation(); L10n::set_translation($user['language']); $subject = "[CAcert.org] ".sprintf(_("Message from %s"), $_SESSION['profile']['fname']); $body = sprintf(_("Hi %s,"), $user['fname'])."\n\n"; $body .= sprintf(_("%s %s has sent you a message via the ". "contact an Assurer form on CAcert.org."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'])."\n\n"; $body .= sprintf(_("Subject: %s"), $_REQUEST['subject'])."\n"; $body .= _("Message:")."\n"; $body .= $_REQUEST['message']."\n\n"; $body .= "------------------------------------------------\n\n"; $body .= _("Please note, that this is NOT a message on behalf ". "of CAcert but another CAcert community member. If ". "you suspect that the contact form might have been ". "abused, please write to support@cacert.org")."\n\n"; $body .= _("Best regards")."\n"; $body .= _("Your CAcert Community"); sendmail($user['email'], $subject, $body, $_SESSION['profile']['email'], //from "", //replyto "", //toname $_SESSION['profile']['fname']." ". $_SESSION['profile']['lname']); //fromname L10n::set_translation($my_translation); showheader(_("My CAcert.org Account!"));?> <p> <? printf(_("Your email has been sent to %s."), $user['fname']); ?> </p> <p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p> <? showfooter(); exit; } else { show_page(0,"",_("Sorry, I was unable to locate that user.")); exit; } } } if($oldid == 9) { $oldid=0; $id = 9; show_page("ContactAssurer","",_("There was an error and I couldn't proceed")); exit; } // showheader(_("My CAcert.org Account!")); // echo "ID now = ".$id."/".$oldid.">>".$iecho; // includeit($id, "wot"); // showfooter(); show_page ($id,"",""); ?> 4.modified1.php (4,578 bytes)
<? /* LibreSSL - CAcert web application Copyright (C) 2004-2008 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> <h3><?_("Trusted Third Parties")?></h3> <? _("The Trusted Third Party (TTP) programme is intended to be used in areas without many CAcert Assurers.")."\n\n" ?> <? _("A Trusted Third Party (TTP) is simply someone in your country that is responsible for witnessing signatures and ID documents. This role is covered by many different titles such as public notary, justice of the peace and so on..")."\n\n" ?> <? _("With the TTP programme you can potentially gain assurance up to a maximum of 100 assurance points.")."\n\n" ?> <? _("Currently CAcert has only developed the TTP programme to the level that you can gain 70 assurance points by TTP assurances.")."\n\n" ?>. <? _("We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points.")."\n\n" ?> <? _("In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only traveling to populated countries, but also remember that assurers may occasionally visit your country or area.")."\n\n" ?> <? sprintf(_("If you are interested in the TTP programme, read the pages %s for the basic way how the TTP programme works for you, and %s whether the TTP programme affects the country where you are located."),"<a href='http://wiki.cacert.org/TTP/TTPuser'>http://wiki.cacert.org/TTP/TTPuser</a>","<a href='http://wiki.cacert.org/TTP/TTPAL'>http://wiki.cacert.org/TTP/TTPAL</a>")."\n\n" ?> // test for points <100 if ($_SESSION['profile']['points']<100){ // test for TTP assurances if (get_number_of_ttpassurances($userid)<2){ <p><?=_("If you want to ask for TTP assurances fill out the missing data and send the request to support@cacert.org to start the process. CAcert will inform you then about the next steps.)?></p> <form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td class="DataTD"><?=_("Country you whant to visit the TTP")?></td> <td class="DataTD"><input type="text" name="country" size="30"></td> //shall the input be replaced by a select, where should the country information be maintained </tr> <tr> <td class="DataTD"><?=_("I want to take part in the TTP Topup Programme")?></td> <td class="DataTD"><input type="checkbox" name="ttptopup" value="1"></td> </tr> <tr> <td colspan="2" > <input type="hidden" name="oldid" value="4"> <input type="submit" name="ttp" value="<?=_("I need a TTP assurance")?>"> </td> </tr> </table> </form> }else{ /* As soon as the TPP TOPUP Programme is established this routine should be used <p><?=_("As you got already 2 TTP assurances you only can take part in the TTP TOPUP programme.\n\n If you want you ask for the TTP TOPUP programme use the submit button to send the request to support@cacert.org to start the process. CAcert will inform you then about the next steps.")?></p> <form method="post" action="wot.php"> <input type="hidden" name="oldid" value="<?=$id?>"> <input type="submit" name="ttptopup" value="<?=_("I need a TTP TOPUP")?>"> </form> */ <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. In the meanwhile you have to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p> } } Else{ <p><?=_("You reached the maximum points that can be granted by the TTP programme and therefore you cannot takte part in the TTP programme any more.")?></p> } | ||||
Reviewed by | NEOatNHNG, BenBE | ||||
Test Instructions | |||||
related to | 0001111 | closed | NEOatNHNG | Change the text on the TTP page according to the new TTP programm |
related to | 0001032 | closed | INOPIAE | Enter Assurance as TTP admin does not differ between F2F anf TTP assurances |
related to | 0000671 | solved? | Uli60 | cms pages in online website need review for deprecation |
related to | 0000988 | needs review & testing | Eva | TTP CAP form deployment |
related to | 0000888 | closed | NEOatNHNG | to add new assurance method TTP |
related to | 0000863 | needs work | Eva | limitation to 2 ttp assurances |
related to | 0000864 | needs work | BenBE | enable TOPUP assurance type into the system (regarding TTP) |
related to | 0001134 | closed | NEOatNHNG | Delete the board flag thourougly in all parts of our software |
related to | 0000740 | closed | How to become an assurer is missleading | |
child of | 0001023 | needs work | Eva | Consolidate changes into the Assure Someone page |
|
Changes in /pages/wot/4.php Exchange everything from line 34 Changes in www/wot.php Added lines 131 to 182 Changes in includes/wot.ic.php Added Lines 44 to 51 |
|
round 1: user1 0 pts exec CAcert Web Of Trust - Trusted ThirdParties https://cacert1.it-sls.de/wot.php?id=4 displays lot of text + form at end of page country selection (current 3) request TOPUP checkbox (checked) submit button => ok ca-mgr1, mail received requesting TTP including TOPUP => ok ttpadmin, assure someone method TTP, 35 pts user now has 35 pts => ok round 2: user1 35 pts, 1 ttp-assisted (assurance) exec CAcert Web Of Trust - Trusted ThirdParties https://cacert1.it-sls.de/wot.php?id=4 displays lot of text + form at end of page country selection (current 3) request TOPUP checkbox (checked) submit button => ok ca-mgr1, mail received requesting TTP including TOPUP => ok another ttpadmin, assure someone method TTP, 35 pts user now has 70 pts => ok ca-mgr1, mail received you now have over 50 pts, allowed certs for 2 years, and name in cert => ok round 3: user1 70 pts, 2 ttp-assisted (assurance) exec CAcert Web Of Trust - Trusted ThirdParties https://cacert1.it-sls.de/wot.php?id=4 displays lot of text, no form at end of page probably addtl. 1 or 2 text blocks ?!? We are working to develop a process that will fill the gap of the missing 30 assurance points to allow you to get the maximum 100 assurance points. In the meanwhile you would need to close this gap with face to face assurances with CAcert Assurers. Think not only travelling to populated countries, but also remember that assurers may occasionally visit your country or area. => ok My Details - My Points (10.php) (another ttp assurer added 3rd TTP assurance) (but this is out of scope of this patch) 266172 2012-12-18 Gerhard von Reith 35 test ttp TTP-Assisted 266173 2012-12-19 Ulrich Schroeter 35 2nd ttp assurance TTP-Assisted 266174 2012-12-19 Marcus Mängel 30 ttp account TTP-Assisted => ok per 1112 patch My Details - My Points (15.php) summary: Assurance Points you received 105 100 Limit reached => ok Your Assurance Points ID Date Who Points Location Method Experience Points 266172 2012-12-18 Gerhard von Reith 35 test ttp TTP-Assisted 0 266173 2012-12-19 Ulrich Schroeter 35 2nd ttp assurance TTP-Assisted 0 266174 2012-12-19 Marcus Mängel 35 ttp account TTP-Assisted 0 Total Assurance Points: 105 Total Experience Points: 0 => ok |
|
I hat great trouble testing the TTP assurances. But I assume the culprit comes from another area. I already hat on the test server the account werner.dworak@cacert.org with about the maximum of sensible access rights including SE. Then I created the account dworak@wombaz.de with the password QlqhLz3ZqE629tHgMSOa with minimum capabilities as a member looking for TTP assurances. This account got a TTP assurance from werner.dworak@cacert.org and if I remember right, everything was in best order. But I cannot swear on it. Then I created the account werner.dworak2@cacert.org with password ERarNp2cPEA9RUaVexeQ and frivolously gave it the flags Code Signing, TTP Admin, Board Member, Location Admin and TVerify. Then I gave it a full assurance by the test manager. With that account I gave a TTP assurance to dworak@wombaz.de with strange results. In the account dworak@wombaz.de at "my points" with old calculation the correct points but at "Methode" I got the entry "Project-Id-Version: CAcert Production Report-Msgid-Bugs-To: translations-admin@cacert.org POT-Creation-Date: 2012-12-16 17:44+0100 PO-Revision-Date: 2012-12-15 18:02+0200 Last-Translator: L10N Language-Team: LANGUAGE Language: de MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Plural-Forms: nplurals=2; plural=(n != 1); X-Generator: Pootle 2.1.6". With "new calculation" the "Methode" field was empty. From the SE console the old calculation shows the "Methode" field empty as well. The rest is correct. But with the new calculation an other surprise: the number of points given by dworak@wombaz.de are here zero. Then I created the account werner.dworak3@cacert.org with password lmSUpYODID36VJS7KAvj and frivolously gave it the flags TTP Admin, Board Member and TVerify. Then I gave it a full assurance by the test manager and gave a TTP assurance to dworak@wombaz.de. The results were just the same as with werner.dworak2@cacert.org. I assume the culprits are the flags Board or Tverify. As the next step I created the account werner.dworak4@cacert.org and gave it just the flag TTP Admin. Then I gave it a full assurance by the test manager and gave a TTP assurance to dworak@wombaz.de. Here everything worked correctly again. Only from the SE console with nrw calculation the givdn points were zero instead of 35 und the sum was 55 points instead of 125. I now will leave alone the accounts dworak@wombaz.de, werner.dworak2@cacert.org and werner.dworak3@cacert.org and you can play with them as you like and change them. Please don't change the accounts werner.dworak@cacert.org and werner.dworak4@cacert.org if not really needed, at least nothing essential. I will keep on using them for more tests. So, I did additional tests with knut@wombaz.de and werner.dworak10@cacert.org. The Tverify seems to be innocent. The culprit is definitively the Board flag. Since both flags have no real meaning anymore, they should be completely without any impact in our software to avoid such surprises in the future. Best to wipe them out completely. |
|
Even if all TTP assurers have a standard account, the TTP assurances do not work as they should. If all TTP assurers grant only few points, it looks like there is no limit how many TTP-Assurances a member can request. There is only a limit when the member has reached 100 points, then he can no longer request a TTP assurance. On the other side, the TTP assurers can give an unlimited number of assurances and grant an unlimited number of points. Both in "my points" of the member and in the SE console with the old point calculation, the points are counted correctly. The same holds true for "my points" with new calculation. But in the SE console with new calculation all TTP assurances are counted with zero points. The account requesting TTP assurances was wolfgang@wombaz.de with password hCFbDGAfxKladPZGDlBH. The TTP assurers have been werner.dworak@cacert.org and all werner.dworak4@cacert.org till werner.dworak9@cacert.org. I will leave wolfgang@wombaz.de completely alone for the next time and do no essential changes to werner.dworak4@cacert.org till werner.dworak9@cacert.org. By the way, I verified that Junior Assurers can grant only 10 points. Marcus told me that generally a TTP assurer shall give 35 points or zero. But it cannot harm to test other variants too. :-) |
|
webdb text pages are depricated according to bug 0000671 https://cacert1.it-sls.de/wot.php?id=4 should link to a wiki page |
|
@Werner: The problem to enter more than 2 TTP assurance will be fixed in a seperate bug fix. Junior Assurer will never be TTP Administrator so this case is not releated to the TTP problem The problem of the 0 Points is due to diffent patch levels on the test server. See https://bugs.cacert.org/view.php?id=888 @Uli60: The wot.php?id=4 displays different texts to the user according to his points status. So it needs to be placed in the WebDB and cannot be moved to the wiki. |
|
Please review as testing is done |
|
I have fixed some issues and wording. Please test and review again. |
|
retested: 1. account 0 AP wot 4 shows request form =>ok send mail to support =>ok =>ok 2. account >100 AP wot 4 shows: no TTP available as 100 points reached =>ok =>ok 3. account 35 AP over 1 TTP assurances wot 4 shows request form =>ok =>ok 4. account 75 AP one TTP wot 4 shows request form =>ok =>ok 5. account 105 AP 1 TTP wot 4 shows: no TTP available as 100 points reached =>ok =>ok =>ok |
|
A major bug just appeared in testing. Fixed it. Needs a second review and some more testing. |
|
Last change regarding SQL query change okay. |
|
I started with an account without assurances. He could request a TTP assurance. --> ok Mails to member and Support --> ok He got a first TTP assurance with 10 points. There the location name "Ulm" was regarded too short --> Error Entry in "My points" of assurer old calculation --> ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation --> ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation --> ok Entry in Support console new calculation, zero points received --> ERROR He could request a TTP assurance a second time --> ok He got a second TTP assurance with 10 points. Entry in "My points" of assurer old calculation --> ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation --> ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation --> ok Entry in Support console new calculation, zero points received --> ERROR He could _NOT_ request a third TTP assurance --> ok He could get anyway a third TTP assurance with 10 points. --> ERROR (fix is deferred to later) Entry in "My points" of assurer old calculation formally ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation formally ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation formally ok Entry in Support console new calculation, zero points received --> ERROR He could get anyway a forth TTP assurance with 35 points. --> ERROR (fix is deferred to later) Entry in "My points" of assurer old calculation formally ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation formally ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation formally ok Entry in Support console new calculation, zero points received --> ERROR He could get anyway a fifth TTP assurance with 35 points. --> ERROR (fix is deferred to later) Entry in "My points" of assurer old calculation formally ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation formally ok, 100 points reached Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation formally ok Entry in Support console new calculation, zero points received --> ERROR He could get anyway a sixth TTP assurance with 35 points. --> ERROR (fix is deferred to later) Entry in "My points" of assurer old calculation formally ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation formally ok, 100 points reached Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR and shows a total of 135 points --> Error Entry in Support console old calculation formally ok Entry in Support console new calculation, zero points received --> ERROR I started with a second account without assurances. He could request a TTP assurance. --> ok He got a first TTP assurance with 35 points. Entry in "My points" of assurer old calculation --> ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation --> ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation --> ok Entry in Support console new calculation, zero points received --> ERROR He could request a TTP assurance a second time --> ok He got a second TTP assurance with 35 points. Entry in "My points" of assurer old calculation --> ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation --> ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation --> ok Entry in Support console new calculation, zero points received --> ERROR He could _NOT_ request a third TTP assurance --> ok He could get anyway a third TTP assurance with 35 points. --> ERROR (fix is deferred to later) Entry in "My points" of assurer old calculation formally ok, reached 100 points Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR and shows a total of 105 points --> Error Entry in "My points" of member old calculation formally ok Entry in "My points" of member new calculation at the top "You received 0 assurances" --> ERROR Entry in Support console old calculation formally ok Entry in Support console new calculation, zero points received --> ERROR |
|
I started with a third account with 70 assurance points from 2 standard assurances. He could request a TTP assurance. --> ok He got a first TTP assurance with 35 points. Entry in "My points" of assurer old calculation --> ok Entry in "My points" of assurer new calculation, at the top assurances given too small, the TTP assurances are not counted --> ERROR Entry in "My points" of member old calculation --> ok Entry in "My points" of member new calculation at the top "You received 2 assurances" instead of 3 --> ERROR total 105 points. Is that ok? Entry in Support console old calculation --> ok Entry in Support console new calculation, TTP points not counted --> ERROR He could _NOT_ request a second TTP assurance --> ok |
|
@Werner: The location character length is part of 1137 The new calculation is part of 1054 |
|
ttpuser1112 wot.php?id=10 --> 0 Points TTP via US 1st TTP Mail to TTP Admins --> OK (35pts) TTP Assurances via a TTP Admin --> TTP via US 2nd TTP Mail to TTP Admins --> OK (35pts) wot.php?id=4 No TTP Request |
|
retested: 1. account 0 AP wot 4 shows request form =>ok send mail to support =>ok =>ok 2. account >100 AP wot 4 shows: no TTP available as 100 points reached =>ok =>ok 3. account 35 AP over 1 TTP assurances wot 4 shows request form =>ok =>ok 4. account 75 AP one TTP wot 4 shows request form =>ok =>ok 5. account 105 AP 1 TTP wot 4 shows: no TTP available as 100 points reached =>ok =>ok =>ok |
|
Mail sent to critical admins |
|
The fix has been installed on the production server on April 24, 2013. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2013-04/msg00007.html |
Date Modified | Username | Field | Change |
---|---|---|---|
2012-11-11 11:47 | INOPIAE | New Issue | |
2012-11-11 11:47 | INOPIAE | Assigned To | => INOPIAE |
2012-11-11 11:47 | INOPIAE | File Added: 4.modified1.php | |
2012-11-11 11:47 | INOPIAE | Relationship added | related to 0001111 |
2012-11-11 11:47 | INOPIAE | File Added: wotmodified.php | |
2012-11-11 11:48 | INOPIAE | File Added: wot.incmodified.php | |
2012-11-11 16:16 | INOPIAE | Description Updated | |
2012-11-11 16:44 | INOPIAE | Note Added: 0003322 | |
2012-11-11 16:51 | INOPIAE | Note Edited: 0003322 | |
2012-11-11 16:51 | INOPIAE | File Deleted: wotmodified.php | |
2012-11-11 16:51 | INOPIAE | File Added: wotmodified.php | |
2012-11-11 16:51 | INOPIAE | File Deleted: 4.modified1.php | |
2012-11-11 16:52 | INOPIAE | File Added: 4.modified1.php | |
2012-11-29 19:25 | INOPIAE | Relationship added | related to 0000988 |
2012-12-11 23:52 | INOPIAE | Assigned To | INOPIAE => BenBE |
2012-12-11 23:52 | INOPIAE | Status | new => needs review & testing |
2012-12-18 22:36 | BenBE | Reviewed by | => BenBE |
2012-12-19 01:37 | Uli60 | Note Added: 0003475 | |
2012-12-22 00:44 | Werner Dworak | Note Added: 0003545 | |
2012-12-22 02:49 | Werner Dworak | Note Added: 0003546 | |
2012-12-22 08:05 | Werner Dworak | Note Edited: 0003546 | |
2012-12-22 09:08 | Werner Dworak | Note Edited: 0003545 | |
2012-12-23 09:23 | Werner Dworak | Relationship added | related to 0000888 |
2012-12-23 09:24 | Werner Dworak | Relationship added | related to 0000863 |
2012-12-23 09:27 | Werner Dworak | Relationship added | related to 0000864 |
2012-12-27 05:07 | Werner Dworak | Relationship added | related to 0001032 |
2013-01-09 04:03 | Werner Dworak | Relationship added | related to 0001134 |
2013-01-15 08:02 | Uli60 | Relationship added | related to 0000740 |
2013-01-15 08:07 | Uli60 | Relationship added | related to 0000671 |
2013-01-15 08:07 | Uli60 | Note Added: 0003656 | |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 66c852c4 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 63738c4b |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable ed39380b |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable e6ca97e0 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 2c99fd84 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable a192e6f5 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable a76b65d7 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable c8f7c545 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable ff03ad5d |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 7c8564a8 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable b5159b83 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 2a406fc5 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable e6171669 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 0c3e0554 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 5464cbce |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 6a8fbe60 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 9a89a4a5 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable a4dbfd0f |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 78dc96ea |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 370b8676 |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 9c63d58b |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 87ee92f5 |
2013-01-16 08:23 | INOPIAE | Note Added: 0003680 | |
2013-02-19 22:45 | INOPIAE | Note Added: 0003760 | |
2013-02-19 22:45 | INOPIAE | Assigned To | BenBE => NEOatNHNG |
2013-02-19 22:45 | INOPIAE | Status | needs review & testing => needs review |
2013-02-20 14:55 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 0a8326db |
2013-02-20 14:55 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 805f9a15 |
2013-02-20 15:03 | NEOatNHNG | Reviewed by | BenBE => NEOatNHNG |
2013-02-20 15:03 | NEOatNHNG | Note Added: 0003766 | |
2013-02-20 15:03 | NEOatNHNG | Status | needs review => needs review & testing |
2013-02-26 22:16 | BenBE | Reviewed by | NEOatNHNG => NEOatNHNG, BenBE |
2013-02-26 22:16 | BenBE | Status | needs review & testing => ready to deploy |
2013-02-26 22:16 | BenBE | Product Version | => 2012 Q4 |
2013-02-26 22:16 | BenBE | Fixed in Version | => 2013 Q1 |
2013-02-26 22:16 | BenBE | Target Version | => 2013 Q1 |
2013-02-26 22:45 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 7773b06b |
2013-02-26 22:45 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 7b29aa39 |
2013-02-26 22:53 | INOPIAE | Note Added: 0003769 | |
2013-02-26 22:55 | NEOatNHNG | Reviewed by | NEOatNHNG, BenBE => NEOatNHNG |
2013-02-26 22:55 | NEOatNHNG | Note Added: 0003770 | |
2013-02-26 22:55 | NEOatNHNG | Status | ready to deploy => needs review & testing |
2013-02-26 23:26 | BenBE | Reviewed by | NEOatNHNG => NEOatNHNG, BenBE |
2013-02-26 23:26 | BenBE | Note Added: 0003773 | |
2013-02-26 23:26 | BenBE | Status | needs review & testing => ready to deploy |
2013-02-26 23:57 | NEOatNHNG | Status | ready to deploy => needs testing |
2013-03-01 21:04 | Werner Dworak | Note Added: 0003782 | |
2013-03-01 22:03 | Werner Dworak | Note Added: 0003783 | |
2013-03-01 22:51 | Werner Dworak | Note Edited: 0003783 | |
2013-03-05 22:54 | INOPIAE | Note Added: 0003793 | |
2013-03-05 23:46 | MartinGummi | Note Added: 0003794 | |
2013-03-06 05:08 | INOPIAE | Note Added: 0003795 | |
2013-03-12 21:05 | BenBE | Status | needs testing => ready to deploy |
2013-03-12 22:38 | Uli60 | Relationship added | child of 0001023 |
2013-04-16 17:11 | NEOatNHNG | Note Added: 0003886 | |
2013-04-16 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel release 55a75d23 |
2013-04-24 13:17 | wytze | Note Added: 0003921 | |
2013-04-24 13:17 | wytze | Status | ready to deploy => solved? |
2013-04-24 13:17 | wytze | Fixed in Version | 2013 Q1 => 2013 Q2 |
2013-04-24 13:17 | wytze | Resolution | open => fixed |
2013-07-23 22:00 | INOPIAE | Status | solved? => closed |
2013-07-23 22:00 | INOPIAE | Assigned To | NEOatNHNG => |