<?php // this should go into the php lib directory
/**
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

    Version: $Id: form_fies.php,v 1.13 2009/05/01 18:13:54 teus Exp $

PHP CAcert CAP/COAP form handing routines.
Routines will deliver:
    CAP/COAP form header
    build applicant, assurer, assurance, registry data structure for fiel values

**  First created: 12 March 2009
**  Last change: see Revision date
**  Reviews:
**     printed text by Ian Grigg and Teus Hagen (July 2008)
**     layout/design by Teus Hagen and Johan Vromans (July 2008)
**     coding by Teus Hagen and ...
**
**  Installation:
**     std PHP lib:
**         recode_string() only used if present
**     UTF8 package for unicode (utf8/native/core.php):
**         utf8_substr() only when package is found and needs to be used
**     transliteration (and abbreviation):
**         if full name has non-ascii char(s) try to use: utf8_to_ascii()
**         First from transtab.php package which is Markus Kuhn compliant
**           transtab.php is CAcert php package.
**           Transtab depends on on its turn on UTF8 package.
**         Secondly if not found utf8ascii lib tried (artistic license)
**           http://sourceforge.net/projects/phputf8
**           .../utf8_to_ascii-0.3.tar.gz
**           see UTF8_ASCII definition for location requirements
**         Thirdly: if not found transliteration feature is disabled.
**
**  policy documents for pdf inclusion:	define CCA file (default policy)
**  LOGO: CAcert logo logos directory is LOGO
**
**  Functionality:
**    Test: use environment variable settings as parameters for
** COAP:
**     Organisation: name(s), dba's, director, sign date, trade license ID
**           address, country/state jurisdiction, domain(s)
**           o-admins: name, email, phone
**     Registry: name, region
**     Assurer: name, email, sign date
** CAP:
**     Assuree: names, dob, sign date, id types, email
**       if name gets too long font size is increased to get it on one line
**     Assurer: name, email, dob (mutual ass), sign date
**     Assurance: location, date of assurance
**
** Form fields: javascript form fields with fields for printout and change
**     Printout: printed, and completed for final signatures
**     On transliteration and abbreviation of a name:
**        if shoes a std way show accepted conversion as pdf comment
**     Orientation: on landscape (dflt) pdf print 2-up
**     URL links are used to web, wiki, and faq for more info search 
**     Only on non-ascii chars in a name the utf8 routines are loaded
**     Displayed page has wiki info url's and easy email feedback
**
**  For other re-use of some routines:
**     abbreviate() abbreviate a name on std way
**     transliterate() provide name in translated format in std way
**
**  For tests:
**      environment settings (FORM, FORMAT, CCA, ...) define used test data
**      Set for operation modus TEST on false (or comment code out)
**
**  Future:
**      digitally sign form and process it via network
**
**  unicode and UTF-8 support:
**  php4/5 recode() is alias of recode_string() of PHP library
**         If not provided: should check every string is transcoded?
**         recode(), recode_string(0 is said to have too many (japanese) defeats
**         recode_string() is only used on GET[] input (html->utf-8),
**  UTF-8  use routines from http://www.sourceforge.net/projects/phputf8
**         which replaces php recode() package. 
**         on many places own utf-8 handling code exists and is loaded (tcpdf problem)
**  _() translation routine. The returned HTML string is translated to utf-8 string.
**  the GET() routines expects utf-8 code (see test defs) but might be changed
**         to use html entity conversion routine of PHP (5.2 has a problem...).
**
**  TO DO, to CHECK and KNOWN PROBLEMS:
**     Japanse package (maybe not needed with TCPDF?)
**     CCA informal should be on one page (no CCA printed yet)
**     form field checks, print button (Java script)
**     data structs in Java script and globalize property settings
**     XML
**     timestamping, signatures and certificate usage
**     list of recipients, encrypt the document and send it off
**     On Acrobat 7.0: first form field call error (have work around)
**     eps problem with logo (no eps logo yet)
**     multi selection of ID types in form fields (value editable now)
**     ugly capital char use in intro to bold or italic lowercase
**     tables over page boundaries do not fully work yet
**
**  DEPENDENCIES:
**  The TRANSLITERATE code tables db (utf8ascii) is not compliant (!?) with
**     Markus Kuhn <http://www.cl.cam.ac.uk/~mgk25/> -- 2001-09-02
**     First is tried to use Markus his tables
**     For a test file with all chars see there (it is also in tcpdf package).
**  Both transliteration packages rely on UTF-8 code, only loaded when available and
**     when really needed.
**
**  SECURITY:
**  PHP libs: packages seems to download files on the fly into local filesystem!!!
**
**  Parameters (API):
**     Applicant: assuree or organisation
**     $_GET['date'] date of assurance and signature applicant
**     $_GET['name'] full name applicant; default empty for upward compatibility
**     $_GET['name<1-9>'] full name(s) applicant; default empty for upward compatibility
**     $_GET['name<%d>Pnts'] assurance points for names assuree (new)
**     $_GET['dob'] date of birth assuree default empty
**
//**     $_GET['document1'] ID type assuree default empty (deprecated)
//**     $_GET['document2'] second ID type assuree default empty (deprecated)
**     $_GET['dba<1-9>'] etc. %d = 1-9 organisation trade names
**     $_GET['address'] postal address department, office, street, zip, city
**     $_GET['state'] jurisdiction organisation and trade offce
**     $_GET['country'] jurisdiction address organisation trade office
**     $_GET['type'] type of organisation legal entity: e.g. foundation, Lmtd
**
**     $_GET['domain<0..n>'] domain names of organisation
**
**     $_GET['director'] can sign for the organisation; future: more as one to sign
**     $_GET['email'] email address for applicant contact
**     $_GET['phone'] organisation phone number for contact
**
**     $_GET['admin'] o-admin name
**     $_GET['adminemail'] o-admin emailo address
**     $_GET['adminphone'] o-admin phone number
**     $_GET['admin<1-9>'] o-admin name
**     $_GET['admin<1-9>email'] o-admin emailo address
**     $_GET['admin<1-9>phone'] o-admin phone number
**
**     $_GET['identity'] trade office license Identification number
**     $_GET['tor'] trade office name
**     $_GET['tordate'] trade office extract date
**     $_GET['torregion'] trade office region (depreciated eg EU?)
**
**     $_GET['assurer'] full name assurer default empty
**     $_GET['assureremail'] email address assurer default empty (new)
**     $_GET['assurerdate'] date of signature assurer (new)
**     $_GET['assurerphone'] contact phone number of assurer (new)
**     $_GET['assurerdob'] date of birth assurer, reciprocal ass. default empty (new)
**     $_GET['maxpoints'] max points allocated depends on assurer default 35 for CAP
**
**     $_GET['assurancedate'] date of assurance (new)
**     $_GET['location'] location of assurance CAP only
**
**     $_GET['nocca'] do not print CCA on back side (dflt: false)
**     $_GET['policy<%d>'] to include COAP policy document(s) in pdf file %d = 1-9 (new)
**
**     $_GET['noform'] do not print form (dflt: true) (new)
**     $_GET['format'] paper format required A0-A6,Letter, Folio, B0-B6 (dflt A4)
**     $_GET['orientation'] paper orientation default "landscape" default 2-up (new)
**     $_GET['watermark'] watermark on the page
**
**     $_SESSION['_config']['language'] for "ja_JP" japanese default != ja_JP
**     $_SESSION['_config']['recode'] = "format" recode() uses it: needed ?
**     recode() is aliased to php lib function recode_string()
**     $_REQUEST['bw'] if exists use black/white, default use colour (depreciated)
**
**  Variables naming:
**     Form Revision string is generated from RCS revision string.
**  Variables naming:
**     on non empty _GET strings, the package generates prefilled form fields.
**     Assuree CAP, organisation COAP: applicant
**        $applicant['names'][0-9]['name'] full name applicant
**        $applicant['names'][0-9]['typeid'] language dependant ID type only CAP
**        $applicant['names'][0-9]['points'] points:empty, (dflt max 35) only CAP
**        $applicant['email'] primar email contact applicant
**        $applicant['dob'] date of birth assuree only CAP
**        $applicant['date'] date of signature applicant
**        $applicant['dbas'][] trade names only COAP
**        $applicant['director'] full name CEO; future: more as one only COAP
**        $applicant['phone'] contact phone number organisation only COAP
**        $applicant['email'] contact email address organisation only COAP
**        $applicant['tor'] trade office name only COAP
**        $applicant['state'] state of jurisprudiction of tor and org only COAP
**        $applicant['country'] country of organisation/tor only COAP
**        $applicant['identification'] identitication number with TOR only COAP
**        $applicant['domains'][] whois domain names only COAP
**        $applicant['admins'][0-9]['name'] full name system admin/assurer only COAP
**        $applicant['admins'][0-9]['email'] emaill address system admin/assurer only COAP
**        $applicant['admins'][0-9]['phone'] contact phone system admin/assurer only COAP
**     Assurer CAP/COAP
**        assurer['name'] string may have Assurer email address
**        assurer['email'] contact email address applicant
**        assurer['dob'] for reciprocal assurance
**        assurer['date']     date of signature assurer statement
**     Assurance only CAP
**        Assurance['location'] string may have date of meeting
**        Assurance['date']   date of assurance
**     
*/

if( !isset($revision) ) $revision = array();
if( is_array($revision) ) $revision[] = '$RCSfile: form_fies.php,v $ $Revision: 1.20 $';

function Version() {
    strtok(REV, ' ');
    return(strtok(' '));
}

// INSTALLATION DIRS OF PACKAGES ==============================
// make sure packages are installed here
if( ! defined('RT') )
define('RT','./');
define('UTF8',RT.'/utf8/native/core.php');
if( file_exists(RT.'/transtab.php') ) // wherever it is
    define('UTF8_ASCII', RT.'/transtab.php');
else
    define('UTF8_ASCII', RT.'/utf8_to_ascii/utf8_to_ascii.php'); // optional
// end operational special code defs

// include some url parameter test cases
if( defined( 'TEST' ) && ( TEST == 'COAP' || TEST == 'CAP'))
    include_once(RT.'/form_test.php');

// CAcert logo path/file name is extended with eg color, mono and format type
define( 'LOGO','logos/CAcert-logo-');
// eps should give better quality, LOGO_TYPE ->  .eps
// eps does not work with CAcert logo, set to .eps when ok
define( 'LOGO_DPI', '1000');
define( 'LOGO_TYPE','-'.LOGO_DPI.'.png');
// logo colors RGB hex
//define('RBLUE', 'rgb(17,86,140)'); // #11568C CAcert blue
define('BLUE', '#11568C');
//define('RLBLUE', 'rgb(112,154,186)'); // #ADC5D7 light blue
define('LBLUE', '#ADC5D7');
//define('RLLBLUE','rgb(173,197,215)'); // #D6E2EB lighhter light blue
define('LLBLUE','#ADC5D7');
//define('RLLLBLUE', 'rgb(211,229,242)'); lighter lighter light blue
define('LLLBLUE', '#D3E5F2');
define('LIME', '#C7FF00');  // RGB 199 255 0 CAcert lime
define('GREEN', '#00BE00'); // 0 190 0 CAcert green

define('POBOX','CAcert Inc. - P.O. Box 4107 - Denistone East NSW 2112 - Australia');
define('WEB', 'http://www.cacert.org');
define('WIKI','http://wiki.cacert.org');
define('ROOTKEYS','http://www.cacert.org/index.php?id=3');
define('ASSCAP', WIKI.'/FAQ/AssuranceByCAP');
define('ASSCOAP', WIKI.'/FAQ/AssuranceByCAP');
define('ASSHBK', WIKI.'/AssuranceHandbook');
define('ASSINFO', WIKI.'/FAQ/AssuranceInformationForCAP');
define('ASSINTRO', WIKI.'/FAQ/AssuranceIntroduction');
define('ASSORG', WIKI.'/OrganisationAssurance');
define('ARBIT', WIKI.'/ArbitrationForum');
// CAcert Community Agreement
define('CCA', 'CAcert Community Agreement'); // default policy to print
define('POLICY','policy/'); // default policy doc directory
define('EXT','.php'); // default policy doc extention, should be html
// CAcert svn tree for policies
define('SVN','http://svn.cacert.org/CAcert/Policies/');
define('SVN_OA',SVN.'OrganisationAssurancePolicy/');
$OA_Policies =
        array(
            'Organisation Assurance Policy' =>
                array(SVN_OA.'OrganisationAssurancePolicy.html',false),
            'Organisation Assurance Subpolicy for Australia' =>
                array(SVN_OA.'OrganisationAssuranceSubPolicyAustralia.html',false),
            'Organisation Assurance Subpolicy for Europe' =>
                array(SVN_OA.'OrganisationAssuranceSubPolicyEurope.html',false),
            'Organisation Assurance Subpolicy for the United States' =>
                array(SVN_OA.'OrganizationAssuranceSubPolicyUnitedStates.html',false),
        );
/* finger print CAcert Root Key */ // should obtain this automatically
define('CLASS1_SHA1','135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33');
define('CLASS3_SHA1','AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE');
// next two are not used on the form
define('CLASS1_MD5','A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B');
define('CLASS3_MD5','F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42');
// if on draft provide std message
if(!defined('WATERMARK') )
define('WATERMARK',"");

define('DFL_FORMAT', 'html..utf-8');

// enviroment dependent constants
// Japanese is not supported?
if( array_key_exists('_config', $_SESSION) ) {
    if( isset($_SESSION['_config']['language']) ) {
	if($_SESSION['_config']['language'] == 'ja_JP')
	    define('FONT','SJIS');
	else define( 'FONT', 'free-sans, vera-sans, arial, verdana');
    }
    else define( 'FONT', 'free-sans, vera-sans, arial, verdana');
}
else
    //define( 'FONT', 'dejavusans');
    define( 'FONT', 'free-sans, vera-sans, arial, verdana');

// generate black/white?
if(array_key_exists('bw',$_REQUEST))
    define('BW', true);
else
    define('BW', false);

// function is left in tact, but to new tcpdf code UFT-8 is fully supported now.
function my_recode($strg = NULL ) {
    static $format = NULL;
    if( $strg == NULL OR !$strg ) return ( '' );
    if( $format == NULL ) {
	 if( array_key_exists('_config', $_SESSION) ) {
	     if( isset( $_SESSION['_config']['recode'])  )
	         $format = $_SESSION['_config']['recode'];
	     else $format = DFL_FORMAT;
	 }
	 else $format = DFL_FORMAT;
    }
    // newer tcpdf package is full UTF-8 Voided by this package?
    if( function_exists('recode_string' ) )
	return ( urldecode(recode_string($format, $strg)) );
    else return( urldecode($strg) );
}

// return TRUE if string is ascii and not device control chars specialized for
// personal names (no device controls)
function utf8_is_ascii_ctrl($str) {
    if ( strlen($str) > 0 ) {
	// Search for any bytes which are outside the ASCII range,
	// or are device control codes
	//return (preg_match('/[^\x09\x0A\x0D\x20-\x7E]/',$str) !== 1); deleted \r and \n
	return (preg_match('/[^\x09\x20-\x7E]/',$str) !== 1);
    }
    return FALSE;
}

//setlocale(LC_ALL, 'de_DE');
// try to abbreviate a full name, returns name if abbreviation was/is done
// has pointers to sur name, first name, avoids titles and extentions
// is based that given names and family names starts with capital
// all names between first given name and surname are secondary names
// will use utf8 routines only when needed and available
function Abbreviate( $name = '') {
    // need to change this for utf8 uppercase detection
    // substr and strtoupper arte dependent of setlocale...
    $substr = 'substr';
    $strtoupper = 'strtoupper';
    $tokens = array();
    $cnt = preg_match_all('/([^\s\.]+\.|[^\s\.]+)/', $name, $tokens, PREG_SET_ORDER);
    if( $cnt <= 0 ) return ( $name );
    $fam = -1; $married = 0;  $i = 0; $success = FALSE; $first_name = -1;
    for( $j = 0; $j < $cnt ; $j++ ) {
	$tk = $tokens[$j];
	$nm = $tk[0]; if( $nm == '' ) continue;
	// not utf8
	$ltr = $substr( $nm, 0, 1 );
	if(preg_match('/[^\x09\x20-\x7E]/',$ltr) !== 1  AND // it is utf8
	  function_exists( 'utf8_substr') ) {
	    $substr='utf8_substr';
	    //$strtoupper = 'utf8_strtoupper'; // requires utf8/utils/unicode.php
	}
	if( $strtoupper($ltr) != $ltr ) continue; // lower case setlocale dependent
	elseif( preg_match('/\./', $nm ) ) {
	    if( $first_name < 0 ) $first_name = $j;
	    if( $first_name >= 0 ) $success = TRUE; // was abbreviated
	    continue; // title 
	}
	if( $first_name < 0 ) $first_name = $j;
	if( $married == 0 ) $fam = $j;
	if( preg_match('/[-_]/', $nm ) ) {
	    // find special markers
	    if( $married == 0 ) $fam = $j;
	    $married++;
	}
    }
    $name = '';
    for( $j = 0; $j < $cnt; $j++ ){
	$tk = $tokens[$j];
	if( !isset($tk[0]) ) continue;
	$nm = $tk[0]; if( $nm == '' ) continue;
	if( $name != '') $name .= ' ';
	$ltr = $substr( $nm, 0, 1 );
	if( $j == $fam ) $name .= $nm;
	elseif( $strtoupper($ltr) != $ltr )  $name .= $nm; // lower case
	elseif( preg_match('/\./', $nm ) ) $name .= $nm;
	elseif( $j < $fam ) { // need to abbreviate
	     // not utf8
	     // and abbreviate 
	    if( $j == $first_name )
	        $abr = '('. $substr( $nm, 1 ) . ')';
	    else $abr = '.';
	    $name .= $ltr . $abr; $success = TRUE; // is abbreviated
	} else $name .= $nm;
    }
    $ext = -1; for( $j = $cnt-1; $j >= 0 AND $j >= $fam; $j-- ) {
	// try to find family names and see if there is abbreviation
	$tk = $tokens[$j];
	if( !isset($tk[0]) ) continue;
	$nm = $tk[0];
	if( $ext < 0 AND preg_match('/(^[^A-Z]|\.)/', $nm ) ) continue;
	if( $ext < 0 ) $ext = $j+1;
	if( preg_match('/\./', $nm ) ) {  $success = TRUE; break; } 
    }
    return( $success? $name : '' ); // and return abbriviated name
}


// --------------------------------------------------------------------------------
// import environmental data -------------------------------------------------------
// get $form, $orientation, $applicant, $assurer, $assurance info
// FONT and BW are set already

// import info 
$utf8 = false;

function GET( $key = "" ) {
    global $utf8;
    $strg =   array_key_exists( $key, $_GET) ? $_GET[$key] : "";
    //echo "<!-- Get[", $key, "]=\"", $strg, "\" -->\n";
    if(!$utf8 AND $strg  != "" AND
	    !utf8_is_ascii_ctrl($strg) ) {
	        $utf8 = true;
    }
    return( $strg );
}

// to ease url parameter parsing
function Dstr( $first = "", $strg = "", $cnt = 0 ) {
    return( $cnt>0? sprintf("%s%d%s", $first, $cnt, $strg) : $first.$strg );
}

// put an set of parameters key%d with their value in an array index anarray['key']=>[values]
// as side effect a row may also be entered in a parameter as multiple values
// separated with a comma delimiter: value"a,b,c" -> array with a, b and c as elements
//function GetAll( $akey, &$anarray = NULL ) {
//    if( ! $akey ) return FALSE;
// return comma separated string list
function GetAll( $akey = NULL ) {
    $j = 0; $str = "";
    if( $akey == NULL OR $akey == '' ) return $str;
    for( $i = 0; $i <= 25 AND $j < 2; $i++ ) {
	$name = my_recode(GET(Dstr($akey, "", $i)));
        if( $akey == 'domain' ) $name = strtolower($name);
	if( $name ) { $j = 0;
	    if( $str != "" ) $str .= ",";
	    $str .= trim(ereg_replace(',[ \t]+',',',$name));
	} else $j++;
    }
    return $str;
}

//function GetNameArray( &$anarray, $elem1 = NULL, $elem2 = NULL, $elem3 = NULL) {
function GetNameArray( $elem1 = NULL, $elem2 = NULL, $elem3 = NULL) {
    global $Applicant; // php does not understand ref by name
    // name info
    //if( ! $anarray || ! $elem1 ) return FALSE;
    if( ! $elem1 ) return NULL;
    $j = 0; // after two successive empty names we stop
    for( $i = 0; $i <= 9 AND $j < 2; $i++) { // max 9 names we only print 4 max...
	$name = my_recode(GET(Dstr($elem1, "", $i)));
	if( $name ) { $j = 0;
	    if( !array_key_exists($elem1.'cnt',$Applicant) ) $Applicant[$elem1.'cnt'] = 0;
	    $cnt = $Applicant[ $elem1 .'cnt' ];
	    $Applicant[ $elem1. 's'] [$cnt] = array();
	    $Applicant[ $elem1 .'cnt' ]++;
	    $Applicant[ $elem1 .'s' ] [$cnt] ['name'] = $name;
	    if( $elem2 != NULL ) $Applicant[ $elem1 .'s' ][$cnt][$elem2] =
	        my_recode(GET(Dstr($elem1,$elem2,$i)));
	    if( $elem3 != NULL ) $Applicant[ $elem1 .'s' ][$cnt][$elem3] =
	        my_recode(GET(Dstr($elem1,$elem3,$i)));
	    if( !utf8_is_ascii_ctrl($name) AND !function_exists('UTF8toASCII') )
	            require_once ( UTF8_ASCII );
	} else  $j++;
    }
    return TRUE;
}

$FormType = NULL;
// get all print info in an array; atype is CAP or COAP
//function GetPageInfo( &$apage ) {
function GetPageInfo( $atype = 'CAP' ) {
    global $Page;
    global $OA_Policies;
    global $FormType; $FormType = $atype;
    // form, CCA and page format info
    // array of:
    // $Page['format'] paper size
    // $Page['orientation'] paper orientation landscape is 2-up
    // $Page['form'] forms only, no form or with CCA policy attached
    // $Page['policies'] array of policies attached to the pdf print out
    $Page['format'] = strtolower(GET('format')); // A3, A4, A5, letter, legal, etc.
    if( !$Page['format'] ) $Page['format'] = 'a4'; // default
    // on landscape orientation we do two half pages
    $Page['orientation'] = strtolower(GET('orientation'));
    if( $Page['orientation'] == 'landscape' ) $Page['orientation'] = 'l';
    if( $Page['orientation'] != 'l' ) {
    // default portrait 1-up
	$Page['orientation'] = 'p'; // landscape implies 2-up
    }
    $Page['form'] = GET('noform') != '' ? false : true;

    if( defined('CCA') )
	$Page['policies'][CCA] = array(WEB.'/'.POLICY.str_replace(' ','',CCA).EXT,false);
    if( GET('nocca') == "" || strlower(GET('nocca')) == 'no'
	|| strlower(GET('nocca')) == 'false' ) {
        $Page['policies'][CCA][1] = true;
    }
    // try to get policy documents names to be printed off
    //GetAll('policy', $Page['policies'] );
    $arr = explode(',', GetAll('policy'));
    for( $i = 0; $i < count($arr); $i++) 
	$Page['policies'] [basename($arr[$i], '.html')] = array($arr[$i],true);
    // some policies should be there per default
    if( $atype == 'COAP' && is_array($OA_Policies) ) $Page['policies'] += $OA_Policies;
    
    // dft is now true it should go to true
    // set $Page['form'] on 'simplex' or 'duplex' to get CCA on pdf page
    return TRUE;
}

//function GetAssuranceInfo( $atype, &$anapplicant, &$anassurer, &$reg ) {
function GetAssuranceInfo( $atype ) {
    global $utf8;
    global $Applicant;	// next globals due to php4 it should be ref by name
    global $Assurer;	// next globals due to php4 it should be ref by name
    global $Registrar;	// next globals due to php4 it should be ref by name
    global $Assurance;	// next globals due to php4 it should be ref by name
    global $FormType; $FormType = $atype;

    $Applicant = array (
	 'names'      => array( ), // [0] full name...
	 'namecnt'    => 0,
	 'date'       => my_recode(GET('date')) == "now" ?
	                 date("Y-m-d") : my_recode(GET('date')),
	 'email'      => my_recode(GET('email')),
	   );
    // Assurer info
    $Assurer = array (
	 'name'       => my_recode(GET('assurer')),
	 'email'      => my_recode(GET('assureremail')),
	 'date'       => my_recode(GET('assurerdate')) ?
	                 my_recode(GET('assurerdate')) : my_recode(GET('date')),
	  );
    if( $Assurer['date']      == "now" ) $Assurer['date']   = date("Y-m-d");
    if( $Assurer['date'] == 'now' ) $Assurer['date'] = date('Y-m-d');

    // defeats due to history
    if( $Applicant['date'] == '' AND  $Assurer['date'] )
	$Applicant['date'] =  $Assurer['date'];
    
    if( $atype == 'CAP' ) { // assuree
	$Applicant += array(
	     'dob'     => my_recode(GET('dob')),
	    );
	//GetNameArray( $anapplicant, 'name', 'ID', 'Pnts');
	GetNameArray( 'name', 'ID', 'Pnts');
	// assurance info
	$Assurance = array (
	    'location' => my_recode(GET('location')),
	    'date'     => my_recode(GET('assurancedate'))?
	                  my_recode(GET('assurancedate')): my_recode(GET('date')),
	    'notes'    => '' // not yet used
	   );
	if( $Assurance['date'] == '' AND  $Applicant['date'] )
	    $Assurance['date'] =  $Applicant['date'];
	if( $Assurance['date'] == 'now' ) $Assurance['date'] = date('Y-m-d');
	//$andocument = my_recode(GET('document1'));
	//if( GET('document2') ) $andocument .= '/'. my_recode(GET('document2'));
	// for history sake do special, next can void other arguments...
	//if( GET('name') ) $_GET['name1'] = GET('name');
	//if( $andocument ) $_GET['name1ID'] = $andocument;
	$Assurer += array(
	   'dob'       => my_recode(GET('assurerdob')),
	   'maxpoints' => intval(my_recode(GET('maxpoints'))) < 0 ?
	                  35 : intval(my_recode(GET('maxpoints'))),
	);
    }
    if( $atype == 'COAP' ) { //applicant is organistion
	// trade office info
	$Registrar = array (
	    'identifier'=> my_recode(GET('identifier')),
	    'date'      => my_recode(GET('tordate')),
	    'region'    => my_recode(GET('torregion')),
	    'name'      => my_recode(GET('tor')),
	   );
	// Assuree info
	$Applicant += array (
	     'address'  => my_recode(GET('address')),
	     'state'    => my_recode(GET('state')),
	     'country'  => my_recode(GET('country')),
	     'type'     => my_recode(GET('type')),
	     'director' => my_recode(GET('director')),
	     'phone'    => my_recode(GET('phone')),
	     'domains'  => array(),      // dns names for server certs
	     'dbas'     => array(),      // dns names for server certs
	     'admins'   => array(), // name, email, phone
	     'admincnt' => 0,
	   );
	$Assurer += array(
	     'phone'    => my_recode(GET('assurerphone')),
	   );
	//if( $reg['date']     == "now" ) $reg['date']  = date("Y-m-d");
    
	// organisation name info 
	//GetNameArray( $anapplicant, 'name');
	GetNameArray('name');
	// administrator info
	//GetNameArray( $anapplicant, 'admin', 'email', 'phone');
	GetNameArray( 'admin', 'email', 'phone');
	// organisation domain names convert to array of lowercased names
	//GetAll('domain', $anapplicant['domains']);
	$Applicant['domains'] = array_unique(explode(',', GetAll('domain')));
        sort($Applicant['domains']);
	// organisation domain names convert to array of lowercased names
	//GetAll('dba',$anapplicant['dbas']);
	$Applicant['dbas'] = array_unique(explode(',', GetAll('dba')));
	sort($Applicant['dbas']);
    }
    if( $utf8 ) { // have scanned arguments for non-ascii code now
	 //require_once(UTF8);
	 // only for to upper case require_once("../utf8/utils/unicode.php");
	 require_once ( UTF8_ASCII ); unset($utf8);
	 return 'Version transtab: '.UTF8toASCII("");
    }

    unset($utf8); return '';
    // end of arguments imports
}

// text for forms
$form_text = array(
	// type -> paragraph[] -> translated sentences[] -> html encoded string
        //                    or -> html encoded string
	'info' => array( ),
	'assuree' => array( ),
	'assurer' => array( ),
    );

function FormText( $atype = NULL, $par = 0, $sep = ' ' ) {
    global $form_text;
    global $Assurance;
    static $once = false; $rts = '';
    // try to guess what we are
    if( !$once ) $once = FormText_Init( ); $once = true;
    if( $atype == NULL OR $atype == '' OR !array_key_exists($atype, $form_text) )
	return $rts;
    if( !is_array($form_text[$atype][$par]) ) return $form_text[$atype][$par];
    return implode($sep, $form_text[$atype][$par]);
}

function FormText_Init( ) {
    global $form_text;
    global $FormType; // keeps track of type of form
    static $once = false;
    if( $once ) return $once; $once = true;
    // if CAP or COAP

    $form_text['info'][1] = _("For more information about the CAcert Assurance Programme, including detailed guides for CAcert Assurers, please visit:"). ' '. WEB;
    $form_text['info'][2][] = _("A CAcert Arbitrator can require the Assurer to deliver the completed form in the event of a dispute.");
    $form_text['assuree'][0] = _("Make sure you have read and agreed with the CAcert Community Agreement");
    $form_text['assuree'][2] = _("I agree to the CAcert Community Agreement.");
    $form_text['assuree'][3] = _("Applicant's signature");
    $form_text['assurer'][2] = _("Assurer's signature");

    switch( $FormType ) {
    case 'CAP': // the CAP form text in different parts
	$form_text['info'][0][] = _("The CAcert Assurance Programme (CAP) aims to verify the identities of Internet users through face to face witnessing of government-issued photo identity documents.");
	$form_text['info'][0][] = _("The Applicant asks the Assurer to verify to the CAcert Community that the Assurer has met and verified the Applicant's identity against original documents.");
	$form_text['info'][0][] = _("Assurer may leave a copy of the details with the Applicant, and may complete and sign her final form after the meeting.");
	$form_text['info'][0][] = _("If there are any doubts or concerns about the Applicant's identity, do not allocate points. You are encouraged to perform a mutual Assurance.");
	// 1s common, 2 first is common 
        $form_text['info'][2][] = _("After 7 years this form should be securely disposed of to prevent identity misuse, e.g. shred or burn the form.");
	$form_text['info'][2][] = _("The Assurer does not retain copies of ID at all.");
	$form_text['info'][3] = _("For the CAcert Organisation Assurance Programme there is a separate special COAP form.");

        // 0 is common
	$form_text['assuree'][1] = _("I hereby confirm that the information stating my Identity Information above is both true and correct, and request the CAcert Assurer (see below) to witness my identity in the CAcert Assurance Programme.");
	// 2 is common
	// 3 is common (signature)

	$form_text['assurer'][0] = _("I, the Assurer, hereby confirm that I have verified the Applicant's Identity Information, I will witness the Applicant's identity in the CAcert Assurance Programme, and allocate Assurance Points.");
	$form_text['assurer'][1] = _("I am a CAcert Community Member, have passed the Assurance Challenge, and have been assured with at least 100 Assurance Points.");
	// 2 is common (signature)
	$form_text['assurer'][3] = _("Location (and event name) of the face-to-face meeting");

    break;
    case 'COAP': // the COAP form text in different parts
	$form_text['info'][0][] = _("The CAcert Organisation Programme (COAP) aims to verify the identity of the organisation.");
	$form_text['info'][0][] = _("The Applicant asks the Organisation Assurer to verify to CAcert Community that the information provided by the Applicant is correct, and according to the official trade office registration bodies.");

	// 1 and 2 are common
	$form_text['info'][3] = _("For the CAcert Individual Assurance Programme there is a separate special CAP form.");

        // 0 is common
	$form_text['assuree'][1] = _("I hereby confirm that all information is complete and accurate and will notify CAcert of any updates or changes thereof.");
	// 2 is common
        $form_text['assuree'][4] = $form_text['assuree'][3];
	$form_text['assuree'][3] =  _("I am duly authorised to act on behalf of the organisation, I grant operational certificate administrative privileges to the specified Organisation Administrator and, I request the Organisation Assurer to verify the organisation information according to the Assurance Policies.");

	$form_text['assurer'][0] = _("I, the Assurer, hereby confirm that I have verified the official Information for the organisation, I will witness the organisation's identity in the CAcert Organisation Assurance Programme, and complete the Assurance.");
	$form_text['assurer'][1] = _("I am a CAcert Community Member, have passed the Organisation Assurance Challenge, and have been appointed for Organisation Assurances within the country where the organisation is registered.");
	// 2 is common (signature)

    break;
    default:
	return false;
    }
    return true;
}


// import from translingo the tooltip information (tooltips are shown with mouseover
// via javascript
$tooltip = array( 'nul' => "" );

function InitHelp() { // initialize tooltip information
    global $tooltip;
    static $once = false;
    if( $once ) return true; $once = true;

    //$tooltip['help']['title'] = _("About help");
    $tooltip['help']['content'][0] =
	_("In order to get more information on an item in this form move your mouse over the question mark.");
    $tooltip['name']['title'] = _("On full names");
    $tooltip['name']['content'][0] =
	_("The exact full name may have transliterated characters and/or some given names may be abbreviated.");
    $tooltip['name']['content'][] =
	_("CAcert should have the name in its database which has the most discrimination factor.");
    $tooltip['name']['content'][] =
	_("The decision if transliterated and/or abbreviated name is equal to the name in the CAcert database is evaluated on a standard way by the Assurer and support system.");
    $tooltip['translit']['title'] = _("About allowed transliterations");
    $tooltip['translit']['content'][0] =
	_("More than one transliteration of a character is possible. Accepted transliterations are done with a fully standardized table.");
    $tooltip['translit']['content'][] =
	_("E.g. a and y umlaut, and o/slash examples of accepted transliterations for the full name(s):");
    $tooltip['translit']['content'][] =
	"J&auml;hn&yuml; G&oslash;le McName =~ J(ae|a)hny G(oe|o)le McName";
    $tooltip['abbrev']['title'] = _("On abbreviation of given names");
    $tooltip['abbrev']['content'][0] =
	_("An example standard abbreviation on given names is provided here. If a given name is counted as first given name part of the name is denoted with parentheses around the name.");
    $tooltip['abbrev']['content'][] =
	_("Example(s) of accepted abbreviation for a full name");
    $tooltip['abbrev']['content'][] =
	"sir J(&auml;hn&yuml;) G. McName";
    $tooltip['address']['title'] = _("About an email address");
    $tooltip['address']['content'][0] =
	_("email address as e.g. john.family@gmail.com");
    $tooltip['email']['title'] = _("About the primar email address");
    $tooltip['email']['content'][0] =
	$tooltip['address']['content'][0];
    $tooltip['email']['content'][] =
	_("The email address should be similar as the CAcert account name.");
    $tooltip['assurer']['title'] = _("About reciprocal assurance");
    $tooltip['assurer']['content'][0] =
	_("One is advised for a mutual assurance. If done so the exact full name, email address and date of birth of the Assurer is also required on a form. In this case the Assuree assures the Assurer as well. Two copies are then needed of the CAP form.");
    $tooltip['assure']['content'][] =
	_("The full name may have characters which are transliterated and/or given names may be abbreviated.");
    $tooltip['adminemail']['title'] = _("The org. system admin contact");
    $tooltip['adminemail']['content'][0] =
	_("The email address, which matches the CAcert account email address, is handy for administrative and contact reasons. For organisation administrator the email address is required.");
    $tooltip['admin']['title'] = _("The organisation contact info");
    $tooltip['admin']['content'][0] =
	_("For organisation administrators and assurer: provide email address and optionally your phone number.");
    $tooltip['organisation']['title'] = _("Organisation representative");
    $tooltip['organisation']['content'][0] =
	_("The organisation name, director name and signature, and applicable company law is checked by the Organisation Assurer with the official Trade Office Registration (Extract) or by other means.");
    $tooltip['organisation']['content'][] =
	_("The organisation domain name(s) are checked of ownership against the internet domain DNS records.");
    $tooltip['orgname']['title'] = _("About the organisation name");
    $tooltip['orgname']['content'][0] =
	_("The official full name of the organisation equal to the name of the organisation registered e.g. at the trade office registration of the state.");
    $tooltip['orgaddress']['title'] = _("The organisation address");
    $tooltip['orgaddress']['content'][0] =
	_("The organisation address which should be equal to the address registered with the trade office.");
    $tooltip['orgtype']['title'] = _("About the organisation legal entity type");
    $tooltip['orgtype']['content'][0] =
	_("The legal organisation type: eg Ltd, EPS, society, foundation, association, etc.");
    $tooltip['orgtype']['content'][] =
	_("The state/country under which jurisdiction the organisation operates.");
    $tooltip['tradeoffice']['title'] = _("About the trade office info");
    $tooltip['tradeoffice']['content'][0] =
	_("Trade Office Registry information, such as organisation registration Identification number or license number, name of the trade office registry, trade office operating region, and optionally date of extract.");
    $tooltip['tradeoffice']['content'][] =
	_("The Trade Office Extract issue date may not be older as one month.");
    $tooltip['domain']['title'] = _("About the domain name");
    $tooltip['domain']['content'][0] =
	_("The internet domain name(s) the organisation controls and owns. The names will be checked with WHOIS with e.g. the DNS official top domain registrar e.g. the country ccTLD .[country code] registrar.");
    $tooltip['adminname']['title'] = _("About the organisation admin contact info");
    $tooltip['adminname']['content'][0] =
	_("The organisation administrator (CAcert Assurer) contact information. The administrator is appointed by the organisation director to administer the organisation domain certificates, secure the certificates and maintain them.");
    $tooltip['adminname']['content'] += $tooltip['name']['content'];
    $tooltip['director']['title'] = _("Organisation representative");
    $tooltip['director']['content'][0] =
	_("The Director indicated by the Trade Office Registry Extract, has to underwrite the correctness of the information for the organisation and allowance of certificate operations by the administrators.");
    $tooltip['director']['content'] += $tooltip['name']['content'];
    $tooltip['contact']['title'] = _("Organisation contact info");
    $tooltip['contact']['content'][0] =
	_("Name and contact details (organisation email address & optionally phone number), of the Director of the organisation as is referred to in the trade office extract.");
    $tooltip['oa']['title'] = _("About the Organisation Assurer");
    $tooltip['oa']['content'][0] =
	_("The organisation assurer will check the trade office registry for company information (name, location, country of jurisdiction, director names, trade office Identification number, domain name ownership, and system admin reference).");
    $tooltip['oa']['content'][] =
	_("Any associated costs for this research will be reimborsed by the assurer from the organisation.");
    $tooltip['oacontact']['title'] = _("Organisation Assurer contact info");
    $tooltip['oacontact']['content'][0] =
	_("The Organisation Assurer contact information. This assurer will verify the organisation identity and registration information.");
    $tooltip['print']['title'] = _("How to print the form");
    $tooltip['print']['content'][0] =
	_("Extra efforts have been made to print this form on one page.");
    $tooltip['print']['content'][] =
	_("The print setup options and the print options tab of the browser influence the printable area heavily and can be tuned. E.g. the use of a blank footer and header, and minimize the page margins.");
    $tooltip['points']['title'] = _("About assurance points");
    $tooltip['points']['content'][0] =
	_("Assurance Points will be allocated by the Assurer.");
    $tooltip['points']['content'][] =
	_("The amount of points is decided by the Assurer and is limited to a maximum of points the assurer is allowed to allocate.");
    $tooltip['points']['content'][] =
	_("The maximum of allocated points is related to the experience of the assurer.");
    $tooltip['dba']['title'] = _("About trade marks");
    $tooltip['dba']['content'][0] =
	_("The trade mark(s) should be registered with a trade mark registry.");
    $tooltip['dba']['content'][] =
	_("The organisation shall provide proof of ownership to the Organisation Assurer.");
    $tooltip['dba']['content'][] =
	_("This is not implemented yet in the OA policies as well into the system.");
    $tooltip['star']['title'] = _("About CAcert data base info and privacy");
    $tooltip['star']['content'][0] = (function_exists('Star') ? Star() : '') .
	_("The information of the form fields marked with a star will be present in the CAcert data base.");
    $tooltip['star']['content'][] =
	_("The other information taken from the form fields will only be present on the form as obtained by the CAcert Assurer and kept for 7 years.");

    return true;
}

// return title and message of a tooltip
function FormTip( $atype = NULL, $title = 'content', $sep = ' ' ) {
    global $tooltip;
    static $once = false;
    $rts = array('title' => 'index error', 'content' => ''.$atype);
    if( !$once ) $once =  InitHelp();
    if( $atype == NULL OR $atype == '' OR !array_key_exists($atype, $tooltip) )
        return $rts;
    if( array_key_exists('title', $tooltip[$atype]) )
	$rts['title'] = $tooltip[$atype]['title'];
    if( $title != NULL AND $title == 'title' )
	return $rts['title'];
    if( !is_array($tooltip[$atype]['content']) )
	$rts['content'] = $tooltip[$atype]['content'];
    else
	$rts['content'] = implode( $sep, $tooltip[$atype]['content']);

    if( $title != NULL ) return $rts['content'];
    else return $rts;
}


// this adds tooltip help from real live provided examples (abbreviation/transliteration)
//function SetNameHelp( &$anarray = NULL, $item = ' ', $tip1 = '', $tip2 = '') {
function SetNameHelp( $anarray = NULL, $item = ' ', $tip1 = '', $tip2 = '') {
    static $abbrevs = 0;
    static $translits = 0;
    global $tooltip;
    $rts = FALSE;
    // first clean up other help tool tips added on the fly
    while( $abbrevs > 0 )
	{ $abbrevs--; array_pop($tooltip['abbrev']['content']); }
    while( $translits > 0 )
	{ $translits--; array_pop($tooltip['translit']['content']); }
    for( $i = 0; $i < (is_array($anarray) ? count($anarray) : 1); $i++ ) {
        $name = '';
        if( !is_array($anarray) AND is_string($anarray) ) $name = $anarray;
	elseif( !array_key_exists($i,$anarray) ) $name = '';
	elseif( is_string($anarray[$i]) ) $name = $anarray[$i] ;
	elseif( array_key_exists($item, $anarray[$i])
	        AND is_string($anarray[$i][$item]) )
	    $name = $anarray[$i][$item];
        if( $name != ''
            AND ($tip1 == 'abbrev' || $tip2 == 'abbrev') ){
            $str = abbreviate($name);
            if( $str != '' && strcmp($name, $str) != 0 ) { $rts = TRUE;
                $tooltip['abbrev']['content'][] = $name.' ~= '. $str;
	        $abbrevs++;
            }
        }
        if( ($tip1 == 'translit' || $tip2 == 'translit' )
              AND $name != ''
              AND function_exists('UTF8toASCII')
              AND !utf8_is_ascii_ctrl( $name)
          ) {
            $str = UTF8toASCII($name);
            if( $str != '' && strcmp($name, $str) != 0 ) { $rts = TRUE;
                $tooltip['translit']['content'][] = $name . ' ~= '. $str;
		$translits++;
	    }
        }
    }
    return $rts;
}

?>