cacert-webdb/includes/loggedin.php

<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/

	include_once("../includes/lib/general.php");
	require_once("../includes/lib/l10n.php");
	include_once("../includes/mysql.php");

	if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
		$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
	}
	if(!isset($_SESSION['profile']['id']) || !isset($_SESSION['profile']['loggedin'])) {
		$_SESSION['profile']['id'] = 0;
		$_SESSION['profile']['loggedin'] = 0;
	}

	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
	{
		$uid = $_SESSION['profile']['id'];
		$_SESSION['profile']['loggedin'] = 0;
		$_SESSION['profile'] = "";
		foreach($_SESSION as $key => $value)
		{
			if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
				continue;
			if(is_int($key) || is_string($key))
				unset($_SESSION[$key]);
			unset($$key);
			//session_unregister($key);
		}

		$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($uid)."'"));
		if($_SESSION['profile']['locked'] == 0)
			$_SESSION['profile']['loggedin'] = 1;
		else
			unset($_SESSION['profile']);
	}

	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
	{
		$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
				$_SERVER['SSL_CLIENT_I_DN_CN']);

		if($user_id >= 0)
		{
			$_SESSION['profile']['loggedin'] = 0;
			$_SESSION['profile'] = "";
			foreach($_SESSION as $key => $value)
			{
				if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
					continue;
				if(is_int($key) || is_string($key))
					unset($_SESSION[$key]);
				unset($$key);
				//session_unregister($key);
			}

			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
					"select * from `users` where `id`='".intval($user_id)."'"));
			if($_SESSION['profile']['locked'] == 0)
				$_SESSION['profile']['loggedin'] = 1;
			else
				unset($_SESSION['profile']);
		} else {
			$_SESSION['profile']['loggedin'] = 0;
			$_SESSION['profile'] = "";
			foreach($_SESSION as $key => $value)
			{
				if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
					continue;
				unset($_SESSION[$key]);
				unset($$key);
				//session_unregister($key);
			}

			$_SESSION['_config']['oldlocation'] = '';

			foreach($_GET as $key => $val)
			{
				if($_SESSION['_config']['oldlocation'])
					$_SESSION['_config']['oldlocation'] .= "&";

				$key = str_replace(array("\n", "\r"), '', $key);
				$val = str_replace(array("\n", "\r"), '', $val);
				$_SESSION['_config']['oldlocation'] .= "$key=$val";
 			}
			$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];

			header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
			exit;
		}
	}

	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
	{
		header("location: https://".$_SESSION['_config']['normalhostname']);
		exit;
	}

	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)
	{
		$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
		$res = mysql_query($query);
		$row = mysql_fetch_assoc($res);
		$_SESSION['profile']['points'] = $row['total'];

		if($_SESSION['profile']['language'] == "")
		{
			$query = "update `users` set `language`='".L10n::get_translation()."'
							where `id`='".intval($_SESSION['profile']['id'])."'";
			mysql_query($query);
		} else {
			L10n::set_translation($_SESSION['profile']['language']);
			L10n::init_gettext();
		}
	}

	if(array_key_exists("id",$_REQUEST) && $_REQUEST['id'] == "logout")
	{
		$normalhost=$_SESSION['_config']['normalhostname'];
		$_SESSION['profile']['loggedin'] = 0;
		$_SESSION['profile'] = "";
		foreach($_SESSION as $key => $value)
		{
			unset($_SESSION[$key]);
			unset($$key);
			//session_unregister($key);
		}

		header("location: https://".$normalhost."/index.php");
		exit;
	}

	if($_SESSION['profile']['loggedin'] < 1)
	{
		$_SESSION['_config']['oldlocation'] = '';

		foreach($_REQUEST as $key => $val)
		{
			if('' != $_SESSION['_config']['oldlocation'])
				$_SESSION['_config']['oldlocation'] .= "&";

			$key = str_replace(array("\n", "\r"), '', $key);
			$val = str_replace(array("\n", "\r"), '', $val);
			$_SESSION['_config']['oldlocation'] .= "$key=$val";
		}
		$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
		$hostname=$_SERVER['HTTP_HOST'];
		$hostname = str_replace(array("\n", "\r"), '', $hostname);
		header("location: https://".$hostname."/index.php?id=4");
		exit;
	}
?>
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`<? /*`
Changed license to GPLv2 2008-04-06 19:45:09 +00:00			`LibreSSL - CAcert web application`
			`Copyright (C) 2004-2008 CAcert Inc.`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
Changed license to GPLv2 2008-04-06 19:45:09 +00:00			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; version 2 of the License.`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
Changed license to GPLv2 2008-04-06 19:45:09 +00:00			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
Changed license to GPLv2 2008-04-06 19:45:09 +00:00			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`*/`

Fix for https://bugs.cacert.org/view.php?id=841 (Problems on cert login with "duplicate" serial numbers) 2011-09-07 10:30:32 +00:00			`include_once("../includes/lib/general.php");`
Fix for https://bugs.cacert.org/view.php?id=985 "Move from translingo to pootle" 2012-01-24 14:26:05 +00:00			`require_once("../includes/lib/l10n.php");`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`include_once("../includes/mysql.php");`

			`if(!isset($_SESSION['profile']) \|\| !is_array($_SESSION['profile'])) {`
			`$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );`
			`}`
			`if(!isset($_SESSION['profile']['id']) \|\| !isset($_SESSION['profile']['loggedin'])) {`
			`$_SESSION['profile']['id'] = 0;`
			`$_SESSION['profile']['loggedin'] = 0;`
			`}`
Added the feature to disable certificate-login for certain client certificates 2008-02-19 23:09:11 +00:00
updates 2005-07-14 19:56:28 +00:00			`if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)`
added sql schema + bug fixes 2004-12-06 14:02:02 +00:00			`{`
bug fixes 2006-08-03 13:20:55 +00:00			`$uid = $_SESSION['profile']['id'];`
			`$_SESSION['profile']['loggedin'] = 0;`
			`$_SESSION['profile'] = "";`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`foreach($_SESSION as $key => $value)`
bug fixes 2006-08-03 13:20:55 +00:00			`{`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`if($key == '_config' \|\| $key == 'mconn' \|\| 'csrf_' == substr($key, 0, 5))`
bug fixes 2006-08-04 22:05:11 +00:00			`continue;`
			`if(is_int($key) \|\| is_string($key))`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			`unset($_SESSION[$key]);`
			`unset($$key);`
			`//session_unregister($key);`
bug fixes 2006-08-03 13:20:55 +00:00			`}`

Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($uid)."'"));
bug #80 2006-08-16 05:56:39 +00:00			`if($_SESSION['profile']['locked'] == 0)`
			`$_SESSION['profile']['loggedin'] = 1;`
			`else`
			`unset($_SESSION['profile']);`
added sql schema + bug fixes 2004-12-06 14:02:02 +00:00			`}`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00
updates 2005-07-14 19:56:28 +00:00			`if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 \|\| $_SESSION['profile']['loggedin'] == 0))`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
Fix for https://bugs.cacert.org/view.php?id=841 (Problems on cert login with "duplicate" serial numbers) 2011-09-07 10:30:32 +00:00			`$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],`
			`$_SERVER['SSL_CLIENT_I_DN_CN']);`
Added the feature to disable certificate-login for certain client certificates 2008-02-19 23:09:11 +00:00
Fix for https://bugs.cacert.org/view.php?id=841 (Problems on cert login with "duplicate" serial numbers) 2011-09-07 10:30:32 +00:00			`if($user_id >= 0)`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
bug fixes 2006-08-03 13:20:55 +00:00			`$_SESSION['profile']['loggedin'] = 0;`
			`$_SESSION['profile'] = "";`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`foreach($_SESSION as $key => $value)`
bug fixes 2006-08-03 13:20:55 +00:00			`{`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`if($key == '_config' \|\| $key == 'mconn' \|\| 'csrf_' == substr($key, 0, 5))`
bug fixes 2006-08-04 22:05:11 +00:00			`continue;`
			`if(is_int($key) \|\| is_string($key))`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			`unset($_SESSION[$key]);`
			`unset($$key);`
			`//session_unregister($key);`
bug fixes 2006-08-03 13:20:55 +00:00			`}`

Fix for https://bugs.cacert.org/view.php?id=841 (Problems on cert login with "duplicate" serial numbers) 2011-09-07 10:30:32 +00:00			`$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			"select * from `users` where `id`='".intval($user_id)."'"));
bug #80 2006-08-16 05:56:39 +00:00			`if($_SESSION['profile']['locked'] == 0)`
			`$_SESSION['profile']['loggedin'] = 1;`
			`else`
			`unset($_SESSION['profile']);`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`} else {`
			`$_SESSION['profile']['loggedin'] = 0;`
bug fixes 2006-08-03 13:20:55 +00:00			`$_SESSION['profile'] = "";`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`foreach($_SESSION as $key => $value)`
bug fixes 2006-08-03 13:20:55 +00:00			`{`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`if($key == '_config' \|\| $key == 'mconn' \|\| 'csrf_' == substr($key, 0, 5))`
bug fixes 2006-08-04 22:05:11 +00:00			`continue;`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			`unset($_SESSION[$key]);`
			`unset($$key);`
			`//session_unregister($key);`
bug fixes 2006-08-03 13:20:55 +00:00			`}`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`$_SESSION['_config']['oldlocation'] = '';`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
			`foreach($_GET as $key => $val)`
			`{`
			`if($_SESSION['_config']['oldlocation'])`
			`$_SESSION['_config']['oldlocation'] .= "&";`

Fixed a Header attack 2007-08-21 16:32:23 +00:00			`$key = str_replace(array("\n", "\r"), '', $key);`
			`$val = str_replace(array("\n", "\r"), '', $val);`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`$_SESSION['_config']['oldlocation'] .= "$key=$val";`
			`}`
updates 2005-12-04 21:04:05 +00:00			`$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
Improved XSS prevention 2008-11-23 04:21:14 +00:00			`header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`exit;`
			`}`
			`}`

removed hard path configs 2004-12-06 21:53:35 +00:00			`if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 \|\| $_SESSION['profile']['loggedin'] == 0))`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
removed hard path configs 2004-12-06 21:53:35 +00:00			`header("location: https://".$_SESSION['_config']['normalhostname']);`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`exit;`
			`}`

updates 2005-07-14 19:56:28 +00:00			`if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`$res = mysql_query($query);`
			`$row = mysql_fetch_assoc($res);`
			`$_SESSION['profile']['points'] = $row['total'];`

			`if($_SESSION['profile']['language'] == "")`
			`{`
Fix for https://bugs.cacert.org/view.php?id=985 "Move from translingo to pootle" 2012-01-24 14:26:05 +00:00			$query = "update `users` set `language`='".L10n::get_translation()."'
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			where `id`='".intval($_SESSION['profile']['id'])."'";
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`mysql_query($query);`
			`} else {`
Fix for https://bugs.cacert.org/view.php?id=985 "Move from translingo to pootle" 2012-01-24 14:26:05 +00:00			`L10n::set_translation($_SESSION['profile']['language']);`
			`L10n::init_gettext();`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`}`
			`}`

Improved register_globals handling 2008-08-17 23:25:30 +00:00			`if(array_key_exists("id",$_REQUEST) && $_REQUEST['id'] == "logout")`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
Redirected logout to www.cacert.org 2008-06-09 09:48:51 +00:00			`$normalhost=$_SESSION['_config']['normalhostname'];`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`$_SESSION['profile']['loggedin'] = 0;`
update 2006-02-03 18:45:23 +00:00			`$_SESSION['profile'] = "";`
Fix for https://bugs.cacert.org/view.php?id=963 (Logout Session not completely reset) 2011-08-03 10:11:39 +00:00			`foreach($_SESSION as $key => $value)`
update 2006-02-03 18:45:23 +00:00			`{`
Combined fixes for - https://bugs.cacert.org/view.php?id=413 "Add a web page indicating the certificate request is still pending" - https://bugs.cacert.org/view.php?id=1138 "Implement to log the SE activity" - https://bugs.cacert.org/view.php?id=1221 "Inconsistency in Assurance Management" 2014-06-07 09:16:26 +00:00			`unset($_SESSION[$key]);`
			`unset($$key);`
			`//session_unregister($key);`
update 2006-02-03 18:45:23 +00:00			`}`
new code + updates and bug fixes 2005-03-12 19:40:24 +00:00
Redirected logout to www.cacert.org 2008-06-09 09:48:51 +00:00			`header("location: https://".$normalhost."/index.php");`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`exit;`
			`}`

			`if($_SESSION['profile']['loggedin'] < 1)`
			`{`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`$_SESSION['_config']['oldlocation'] = '';`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00
update 2006-02-03 18:45:23 +00:00			`foreach($_REQUEST as $key => $val)`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`{`
Fix for http://bugs.cacert.org/view.php?id=1176 fix deprecation messages due to PHP update. 2013-07-15 08:32:06 +00:00			`if('' != $_SESSION['_config']['oldlocation'])`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`$_SESSION['_config']['oldlocation'] .= "&";`

Fixed a Header attack 2007-08-21 16:32:23 +00:00			`$key = str_replace(array("\n", "\r"), '', $key);`
			`$val = str_replace(array("\n", "\r"), '', $val);`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`$_SESSION['_config']['oldlocation'] .= "$key=$val";`
			`}`
updates 2005-12-04 21:04:05 +00:00			`$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];`
Improved XSS prevention 2008-11-23 04:21:14 +00:00			`$hostname=$_SERVER['HTTP_HOST'];`
			`$hostname = str_replace(array("\n", "\r"), '', $hostname);`
			`header("location: https://".$hostname."/index.php?id=4");`
some gpg code added + bug fixes etc 2004-11-10 06:12:43 +00:00			`exit;`
			`}`
			`?>`