2004-10-16 00:28:17 +00:00
< ? /*
Copyright ( C ) 2004 by Duane Groth < duane_at_CAcert_dot_org >
This file is part of CAcert .
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address :
http :// www . cacert . org / src - lic . php
CAcert is distributed WITHOUT ANY WARRANTY ; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE . See the License for more details .
*/ ?>
< ?
loadem ( " account " );
if ( $type == " email " )
{
$id = 1 ;
$emailid = intval ( $emailid );
2004-11-03 01:45:21 +00:00
$hash = mysql_escape_string ( stripslashes ( $hash ));
2004-10-16 00:28:17 +00:00
$query = " select * from `email` where `id`=' $emailid ' and hash!='' and deleted=0 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$row = mysql_fetch_assoc ( $res );
2005-03-12 19:40:24 +00:00
$row [ 'attempts' ] ++ ;
if ( $row [ 'attempts' ] == 4 )
2004-10-16 00:28:17 +00:00
{
mysql_query ( " update `email` set `hash`='', `attempts`=' $row[attempts] ', `deleted`=NOW() where `id`=' $emailid ' " );
showheader ( _ ( " Error! " ), _ ( " Error! " ));
2005-03-12 19:40:24 +00:00
echo _ ( " You've attempted to verify the same email address a fourth time with an invalid hash, subsequently this request has been deleted in the system " );
2004-10-16 00:28:17 +00:00
showfooter ();
exit ;
}
mysql_query ( " update `email` set `attempts`=' $row[attempts] ' where `id`=' $emailid ' " );
}
$query = " select * from `email` where `id`=' $emailid ' and `hash`=' $hash ' and hash!='' and deleted=0 and `attempts` <= 2 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) <= 0 )
{
showheader ( _ ( " Error! " ), _ ( " Error! " ));
echo _ ( " The ID or Hash has already been verified, or something weird happened. " );
showfooter ();
exit ;
}
$row = mysql_fetch_assoc ( $res );
$query = " update `email` set `hash`='',`modified`=NOW() where `id`=' $emailid ' " ;
mysql_query ( $query );
$query = " update `users` set `verified`='1' where `id`=' $row[memid] ' and `email`=' $row[email] ' and `verified`='0' " ;
mysql_query ( $query );
showheader ( _ ( " Updated " ), _ ( " Updated " ));
echo _ ( " Your account and/or email address has been verified. You can now start issuing certificates for this address. " );
showfooter ();
exit ;
}
if ( $type == " domain " )
{
$id = 7 ;
$domainid = intval ( $domainid );
2004-11-03 01:45:21 +00:00
$hash = mysql_escape_string ( stripslashes ( $hash ));
2004-10-16 00:28:17 +00:00
$query = " select * from `domains` where `id`=' $domainid ' and hash!='' and deleted=0 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$row = mysql_fetch_assoc ( $res );
$row [ attempts ] ++ ;
if ( $row [ attempts ] == 4 )
{
$query = " update `domains` set `hash`='', `attempts`=' $row[attempts] ', `deleted`=NOW() where `id`=' $domainid ' " ;
showheader ( _ ( " Error! " ), _ ( " Error! " ));
echo _ ( " You've attempted to verify the same domain a fourth time with an invalid hash, subsequantly this request has been deleted in the system " );
showfooter ();
exit ;
}
$query = " update `domains` set `attempts`=' $row[attempts] ' where `id`=' $domainid ' " ;
mysql_query ( $query );
}
$query = " select * from `domains` where `id`=' $domainid ' and `hash`=' $hash ' and hash!='' and deleted=0 " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) <= 0 )
{
showheader ( _ ( " Error! " ), _ ( " Error! " ));
echo _ ( " The ID or Hash has already been verified, the domain no longer exists in the system, or something weird happened. " );
showfooter ();
exit ;
}
$row = mysql_fetch_assoc ( $res );
$query = " update `domains` set `hash`='',`modified`=NOW() where `id`=' $domainid ' " ;
mysql_query ( $query );
showheader ( _ ( " Updated " ), _ ( " Updated " ));
echo _ ( " Your domain has been verified. You can now start issuing certificates for this domain. " );
showfooter ();
exit ;
}
?>
