From 4185f363edd28d89bfa8f91f4bf593aab166cf49 Mon Sep 17 00:00:00 2001
From: Bruce Allen <bruce.allen@aei.mpg.de>
Date: Sun, 11 Sep 2005 07:31:42 +0000
Subject: [PATCH] Web pages.  To control the posting of offsensive pictures, do
 not display any user profile pictures until they have been verified by
 project admin.  When user enters or modifies picture, only they can see if. 
 If not yet verified, they will see a message saying that other users can't
 see it until it has been verified by the project. If admins have rejected it,
 user will see a message saying that they must replace their picture or no one
 but themselves can see it.

The only known side effect of this is that selection of UOTD is now
includes users with no credit.  I will try to fix this.

svn path=/trunk/boinc/; revision=7967
---
 checkin_notes                    | 33 ++++++++++++++++++++++++
 html/inc/profile.inc             | 43 +++++++++++++++++++++++++++++---
 html/ops/profile_screen_form.php |  2 +-
 3 files changed, 74 insertions(+), 4 deletions(-)

diff --git a/checkin_notes b/checkin_notes
index 7531173956..acff1d14c2 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -11592,6 +11592,21 @@ David  9 Sept 2005
         but do NOT trigger the transitioner; doing so creates a race condition.
         (from Bruce Allen)
 
+        Example race condition (time ordered):
+        transitioner [reads wu.assimilate_state==READY]                                                                     
+                     ...(swapped out by process scheduler)
+        assimilator  [reads wu.assimilate_state==READY]
+                     does assimilation
+                     [write wu.transition_time=NOW]
+                     [write wu.assimilate_state=DONE]
+        transitioner ...(swapped back in by process scheduler)
+                     [writes wu.transition_time=MAX_INT]
+        Final effect is wu.assimilate_state==DONE
+                        wu.file_delete_state==INIT
+                        wu.transition_time=MAX_INT
+        This is wrong: one should have wu.transition_time=NOW
+        else the WU will never change to file_delete_state=READY.
+                                                                          
     sched/
         validator.C
 
@@ -11610,3 +11625,21 @@ David  10 Sept 2005
 
     sched/
         sched_shmem.C
+
+Bruce 10 Sept 2005
+    - Web pages.  To control the posting of offsensive pictures, do not
+      display any user profile pictures until they have been verified by
+      project admin.  When user enters or modifies picture, only they can
+      see if.  If not yet verified, they will see a message saying that
+      other users can't see it until it has been verified by the project.
+      If admins have rejected it, user will see a message saying that they
+      must replace their picture or no one but themselves can see it.
+    - The only known side effect of this is that selection of UOTD is now
+      includes users with no credit.  I will try to fix this.
+
+    html/
+        inc/
+            profile.inc
+        ops/
+            profile_screen_form.php
+
diff --git a/html/inc/profile.inc b/html/inc/profile.inc
index 644d18e967..7930e023aa 100644
--- a/html/inc/profile.inc
+++ b/html/inc/profile.inc
@@ -112,6 +112,27 @@ function show_textarea($name, $text) {
     rowify("<textarea name=\"$name\" cols=80 rows=20>" . $text . "</textarea>");
 }
 
+// When passed profile->verification, this function is used to tell the
+// user the verification status of their profile.
+//
+function offensive_profile_warning($verify_flag) {
+    if ($verify_flag == 0) {
+        return "
+            <font size='+2' color='33cc33'>
+            Your profile will be made visible to other people<br>
+            as soon as it has been approved by the project.<br>
+            This may take up to a few days.<br>
+            </font>";
+    } else if ($verify_flag == -1) {
+        return "
+            <font size='+2' color='ff3333'>
+            Your profile has been marked as unacceptable.<br>
+            It is not visible to other people. Please change it.<br>
+            </font>";
+    }
+    return "";
+}
+
 function show_picture_option($profile) {
 
     row1("Picture");
@@ -123,7 +144,7 @@ function show_picture_option($profile) {
 <tr>
 <td valign=top><a href=\"" . IMAGE_URL . $profile->userid . '.jpg' . "\"><img src=\"" . IMAGE_URL . $profile->userid . '_sm.jpg' . "\"></a>
 </td>
-<td valign=top> Your profile picture is shown at left.
+<td valign=top>" . offensive_profile_warning($profile->verification) . "Your profile picture is shown at left.
 <p>
 To replace it,
 click the \"Browse\" button and select a JPEG or PNG file (50KB or less).
@@ -203,12 +224,14 @@ function process_create_results($user, $profile) {
     if ($delete_pic == "on") {
         delete_user_pictures($profile->userid);
         $profile->has_picture = false;
+        $profile->verification = 0;
     }
 
     $profile ? $hasPicture = $profile->has_picture: $hasPicture = false;
 
     if (is_uploaded_file($_FILES['picture']['tmp_name'])) {
         $hasPicture = true;
+        $profile->verification = 0;
 
         // echo "<br>Name: " . $_FILES['picture']['name'];
         // echo "<br>Type: " . $_FILES['picture']['type'];
@@ -230,6 +253,7 @@ function process_create_results($user, $profile) {
             ." response2 = '$response2',"
             ." language = '$language',"
             ." has_picture = '$hasPicture'"
+            ." verification = '$profile->verification'"
             ." WHERE userid = '$user->id'";
         $result = mysql_query($query);
         if (!$result) {
@@ -379,7 +403,7 @@ function show_user_table($members, $offset, $numToDisplay, $cols) {
                 echo "<td class=bordered width=7% height=64><center>";
 
                 // Only link an image if the user has uploaded one.;
-                if ($profile->has_picture) {
+                if ($profile->has_picture && $profile->verification==1) {
                     echo "<a href=\"", URL_BASE, "view_profile.php?userid={$members[$count]}\"><img src=\"", URL_BASE, IMAGE_URL, "{$members[$count]}_sm.jpg\"></a>";
 
                 } else {
@@ -456,7 +480,12 @@ function show_profile($userid, $verify_mode = FALSE) {
     }
     
 
-    if ($profile->has_picture) {
+    // Show picture only if there is a picture AND
+    // - sysadmin is verifying it
+    // - user is viewing/editing it
+    // - profile has been approved by sysadmin
+    //
+    if ($profile->has_picture && ($verify_mode || $can_edit || $profile->verification==1)) {
         echo "
             <tr><td colspan=2 align=center>
             <img vspace=6 hspace=9 src=\"" , URL_BASE, IMAGE_URL , $user->id , '.jpg' . "\">
@@ -464,6 +493,14 @@ function show_profile($userid, $verify_mode = FALSE) {
         ";
     }
 
+    // If the user is viewing their own picture, display it's status if it's not
+    // yet verified.  This will tell them if other users can't view it yet, or
+    // if there is a problem with it and they need to replace it.
+    //
+    if ($can_edit && $profile->verification!=1) {
+        row1(offensive_profile_warning($profile->verification));
+    }
+
     show_user_summary_public($user);
 
     //Setup text output options based on logged in user forum settings
diff --git a/html/ops/profile_screen_form.php b/html/ops/profile_screen_form.php
index 6870d911b8..dd62cfd832 100644
--- a/html/ops/profile_screen_form.php
+++ b/html/ops/profile_screen_form.php
@@ -16,7 +16,7 @@ function buttons($i) {
 
 admin_page_head("screen profiles");
 
-$result = mysql_query("select * from profile, user where profile.userid=user.id and (uotd_time is null) and (has_picture>0) and (verification=0) and (user.total_credit>0) order by recommend desc limit 20");
+$result = mysql_query("select * from profile, user where profile.userid=user.id and (has_picture>0) and (verification=0) order by recommend desc limit 20");
 
 $n = 0;
 echo "<form method=\"get\" action=\"profile_screen_action.php\">\n";