Skip to Content.
Sympa Menu

cacert-devel - Patch request: Bug #981

Subject: CAcert Code Development list.

List archive

Patch request: Bug #981


Chronological Thread 
  • From: Michael Tänzer <michael.taenzer AT cacert.org>
  • To: "critical-admin AT cacert.org" <critical-admin AT cacert.org>
  • Cc: cacert-devel AT lists.cacert.org, Ulrich Schröter CAce rt <ulrich AT cacert.org>, Dirk Astrath <dirk.astrath AT cacert.org>, Marcus Mängel <inopiae AT cacert.org>, Benedikt Heintel <benedikt AT cacert.org>
  • Subject: Patch request: Bug #981
  • Date: Thu, 09 Aug 2012 18:44:03 +0200
  • Openpgp: id=9940BEF1

Hi folks,

We have a fix for https://bugs.cacert.org/view.php?id=981
"New layout of view for Organisation Administraors in account/id35"

The fix was reviewed by Dirk Astrath (dastrath) and me (NEOatNHNG) and
tested by Marcus Mängel (Uli60) and Benedikt Heintel (Benedikt).

Diff is attached. Please also run the locale makefile so that our
translators see the new strings (if present) on
https://translations.cacert.org and new translations get imported into
the system.

Changed files:
includes/account.php
includes/account_stuff.php
pages/account/35.php


-- 
Have a nice day,
Michael Tänzer



diff --git a/includes/account.php b/includes/account.php
index 554713e..db30329 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2246,8 +2246,7 @@
 		$orgid = 0;
 	}
 
-	if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
-		$id == 35 || $oldid == 35)
+	if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
 	{
 		$query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
 		$_macc = mysql_num_rows(mysql_query($query));
@@ -2260,6 +2259,19 @@
 		}
 	}
 
+	if($id == 35 || $oldid == 35)
+	{
+		$query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
+		$is_orguser = mysql_num_rows(mysql_query($query));
+		if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
+		{
+			showheader(_("My CAcert.org Account!"));
+			echo _("You don't have access to this area.");
+			showfooter();
+			exit;
+		}
+	}
+
 	if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
 	{
 		$orgid = intval($_SESSION['_config']['orgid']);
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index 108bd57..794266a 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -209,7 +209,7 @@ function hideall() {
       <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
     </div>
 <? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
     <div class="relatedLinks">
       <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
       <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
diff --git a/pages/account/35.php b/pages/account/35.php
index 3a4714f..05c7f2b 100644
--- a/pages/account/35.php
+++ b/pages/account/35.php
@@ -15,44 +15,89 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
-  <tr>
-    <td colspan="3" class="title"><?=_("Organisations")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD">#</td>
-    <td class="DataTD"><?=_("Organisation")?></td>
-    <td class="DataTD"><?=_("Admins")?></td>
-  </tr>
-<?
-	$query = "select * from `orginfo`,`org` where `orginfo`.`id`=`org`.`orgid` and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
-	$res = mysql_query($query);
-	while($row = mysql_fetch_assoc($res))
-	{
-		//number of admins for the org
-		$r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
-		$admincount = mysql_num_rows($r2);
 
-		// number of domains for the org
-		$r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
-		$domcount = mysql_num_rows($r2);
-?>
-  <tr>
-    <td class="DataTD"><?=intval($row['id'])?></td>
-    <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=sanitizeHTML($row['C'])?></td>
-    <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
-  </tr>
 <?
-	// display the domains of each organisation
-	$query3 = "select * from `orgdomains` where `orgid`='".intval($row['id'])."'";
-	$res3 = mysql_query($query3);
-	while($detailorg = mysql_fetch_assoc($res3))
+$query = "select *
+			from `orginfo`,`org`
+			where `orginfo`.`id`=`org`.`orgid`
+			and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+while($row = mysql_fetch_assoc($res))
+{
+	?>
+	<tr>
+		<td colspan="3" class="title"><?=_("Organisation")?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Organisation Name")?>:</td>
+		<td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Contact Email")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Town/Suburb")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['L'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("State/Province")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+	</tr>
+	<tr>
+		<td class="DataTD"><?=_("Country")?>:</td>
+		<td colspan="2" class="DataTD"><?=($row['C'])?></td>
+	</tr>
+	<?
+	
+	//domain info
+	$query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
+	$res1 = mysql_query($query);
+	while($domain = mysql_fetch_assoc($res1))
+	{
+		?>
+		<tr>
+			<td class="DataTD"><?=_("Domain")?></td>
+			<td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+		</tr>
+		<?
+	}
+	
+	?>
+	<tr>
+		<td class="DataTD"><?=_("Administrator")?></td>
+		<td class="DataTD"><?=_("Master Account")?></td>
+		<td class="DataTD"><?=_("Department")?></td>
+	</tr>
+	<?
+	
+	//org admins
+	$query = "select * from `org` where `orgid`='".intval($row['id'])."'";
+	$res2 = mysql_query($query);
+	while($org = mysql_fetch_assoc($res2))
 	{
-?>
-  <tr>
-    <td class="DataTD"><?=intval($detailorg['id'])?></td>
-    <td class="DataTD"><?=_("Domain available")?></td>
-    <td class="DataTD"><?=sanitizeHTML($detailorg['domain'])?></td>
-  </tr>		
-<? } } ?>
+		$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+		?> 
+		<tr>
+			<td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+			<td class="DataTD"><?=($org['masteracc'])?></td>
+			<td class="DataTD"><?=($org['OU'])?></td>
+		</tr>
+		<?
+		
+		if(intval($org['masteracc']) === 1 &&
+				 intval($org['memid']) === intval($_SESSION['profile']['id']))
+		{ 
+			$master="account.php?id=32&amp;orgid=".intval($row['id']);
+			?>
+			<tr>
+				<td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+			</tr>
+			<?
+		}
+	} 
+} ?>
 </table>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature




Archive powered by MHonArc 2.6.16.

Top of Page