2004-10-16 00:28:17 +00:00
< ? /*
2008-04-06 19:45:09 +00:00
LibreSSL - CAcert web application
Copyright ( C ) 2004 - 2008 CAcert Inc .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; version 2 of the License .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2004-10-16 00:28:17 +00:00
2008-04-06 19:45:09 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 51 Franklin Street , Fifth Floor , Boston , MA 02110 - 1301 USA
2004-10-16 00:28:17 +00:00
*/
2013-01-17 15:09:38 +00:00
require_once ( dirname ( __FILE__ ) . " /lib/general.php " );
2004-10-16 00:28:17 +00:00
session_name ( " cacert " );
session_start ();
2013-07-15 08:32:06 +00:00
// session_register("_config");
// session_register("profile");
// session_register("signup");
// session_register("lostpw");
2006-08-13 16:44:05 +00:00
// if($_SESSION['profile']['id'] > 0)
// session_regenerate_id();
2006-04-30 08:30:54 +00:00
2009-11-25 22:33:43 +00:00
$pageLoadTime_Start = microtime ( true );
2005-07-01 13:12:14 +00:00
$junk = array ( _ ( " Face to Face Meeting " ), _ ( " Trusted Third Parties " ), _ ( " Thawte Points Transfer " ), _ ( " Administrative Increase " ),
_ ( " CT Magazine - Germany " ), _ ( " Temporary Increase " ), _ ( " Unknown " ));
2008-08-17 20:44:48 +00:00
$_SESSION [ '_config' ][ 'errmsg' ] = " " ;
2008-08-17 20:41:07 +00:00
$id = 0 ; if ( array_key_exists ( " id " , $_REQUEST )) $id = intval ( $_REQUEST [ 'id' ]);
$oldid = 0 ; if ( array_key_exists ( " oldid " , $_REQUEST )) $oldid = intval ( $_REQUEST [ 'oldid' ]);
2006-02-03 18:45:23 +00:00
2004-12-09 01:48:16 +00:00
$_SESSION [ '_config' ][ 'filepath' ] = " /www " ;
2004-12-06 21:53:35 +00:00
require_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /includes/mysql.php " );
2011-08-03 10:04:41 +00:00
require_once ( $_SESSION [ '_config' ][ 'filepath' ] . '/includes/lib/account.php' );
2012-01-24 14:26:05 +00:00
require_once ( $_SESSION [ '_config' ][ 'filepath' ] . '/includes/lib/l10n.php' );
2004-12-06 21:53:35 +00:00
2008-08-25 20:47:49 +00:00
if ( array_key_exists ( 'HTTP_HOST' , $_SERVER ) &&
$_SERVER [ 'HTTP_HOST' ] != $_SESSION [ '_config' ][ 'normalhostname' ] &&
2005-03-12 19:40:24 +00:00
$_SERVER [ 'HTTP_HOST' ] != $_SESSION [ '_config' ][ 'securehostname' ] &&
2006-11-27 00:52:11 +00:00
$_SERVER [ 'HTTP_HOST' ] != $_SESSION [ '_config' ][ 'tverify' ] &&
$_SERVER [ 'HTTP_HOST' ] != " stamp.cacert.org " )
2004-12-06 21:53:35 +00:00
{
2008-08-25 20:47:49 +00:00
if ( array_key_exists ( 'HTTPS' , $_SERVER ) && $_SERVER [ 'HTTPS' ] == " on " )
2004-12-06 21:53:35 +00:00
header ( " location: https:// " . $_SESSION [ '_config' ][ 'normalhostname' ]);
else
header ( " location: http:// " . $_SESSION [ '_config' ][ 'normalhostname' ]);
exit ;
}
2014-06-07 09:16:26 +00:00
if ( array_key_exists ( 'HTTP_HOST' , $_SERVER ) &&
2008-08-25 20:47:49 +00:00
( $_SERVER [ 'HTTP_HOST' ] == $_SESSION [ '_config' ][ 'securehostname' ] ||
$_SERVER [ 'HTTP_HOST' ] == $_SESSION [ '_config' ][ 'tverify' ]))
2005-03-12 19:40:24 +00:00
{
2008-08-25 20:47:49 +00:00
if ( array_key_exists ( 'HTTPS' , $_SERVER ) && $_SERVER [ 'HTTPS' ] == " on " )
{
}
else
{
2008-11-23 04:21:50 +00:00
if ( $_SERVER [ 'HTTP_HOST' ] == $_SESSION [ '_config' ][ 'securehostname' ])
header ( " location: https:// " . $_SESSION [ '_config' ][ 'securehostname' ]);
if ( $_SERVER [ 'HTTP_HOST' ] == $_SESSION [ '_config' ][ 'tverify' ])
header ( " location: https:// " . $_SESSION [ '_config' ][ 'tverify' ]);
2008-08-25 20:47:49 +00:00
exit ;
}
2005-03-12 19:40:24 +00:00
}
2012-01-24 14:26:05 +00:00
L10n :: detect_language ();
L10n :: init_gettext ();
2008-08-31 22:15:21 +00:00
2014-06-07 09:16:26 +00:00
if ( array_key_exists ( 'profile' , $_SESSION ) && is_array ( $_SESSION [ 'profile' ]) && array_key_exists ( 'id' , $_SESSION [ 'profile' ]) && $_SESSION [ 'profile' ][ 'id' ] > 0 )
2004-10-16 00:28:17 +00:00
{
2014-06-07 09:16:26 +00:00
$locked = mysql_fetch_assoc ( mysql_query ( " select `locked` from `users` where `id`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' " ));
2006-08-16 06:08:12 +00:00
if ( $locked [ 'locked' ] == 0 )
{
2014-06-07 09:16:26 +00:00
$query = " select sum(`points`) as `total` from `notary` where `to`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' and `deleted` = 0 group by `to` " ;
2006-08-16 06:08:12 +00:00
$res = mysql_query ( $query );
$row = mysql_fetch_assoc ( $res );
$_SESSION [ 'profile' ][ 'points' ] = $row [ 'total' ];
} else {
$_SESSION [ 'profile' ] = " " ;
unset ( $_SESSION [ 'profile' ]);
}
2004-10-16 00:28:17 +00:00
}
function loadem ( $section = " index " )
{
2005-03-12 19:40:24 +00:00
if ( $section != " index " && $section != " account " && $section != " tverify " )
2004-10-16 00:28:17 +00:00
{
$section = " index " ;
}
if ( $section == " account " )
2004-12-06 21:53:35 +00:00
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /includes/account_stuff.php " );
2004-10-16 00:28:17 +00:00
if ( $section == " index " )
2004-12-06 21:53:35 +00:00
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /includes/general_stuff.php " );
2005-03-12 19:40:24 +00:00
if ( $section == " tverify " )
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /includes/tverify_stuff.php " );
2004-10-16 00:28:17 +00:00
}
function includeit ( $id = " 0 " , $section = " index " )
{
$id = intval ( $id );
2006-12-09 14:26:30 +00:00
if ( $section != " index " && $section != " account " && $section != " wot " && $section != " help " && $section != " gpg " && $section != " disputes " && $section != " tverify " && $section != " advertising " )
2004-10-16 00:28:17 +00:00
{
$section = " index " ;
}
2005-03-12 19:40:24 +00:00
if ( $section == " tverify " && file_exists ( $_SESSION [ '_config' ][ 'filepath' ] . " /tverify/index/ $id .php " ))
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /tverify/index/ $id .php " );
2006-04-20 20:08:31 +00:00
else if ( file_exists ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " ))
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " );
2004-10-16 00:28:17 +00:00
else {
$id = " 0 " ;
2006-04-20 20:08:31 +00:00
if ( file_exists ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " ))
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " );
2004-10-16 00:28:17 +00:00
else {
$section = " index " ;
$id = " 0 " ;
2006-04-20 20:08:31 +00:00
if ( file_exists ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " ))
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /pages/ $section / $id .php " );
2004-10-16 00:28:17 +00:00
else
2004-12-06 21:53:35 +00:00
include_once ( $_SESSION [ '_config' ][ 'filepath' ] . " /www/error404.php " );
2004-10-16 00:28:17 +00:00
}
}
}
2011-08-01 14:34:08 +00:00
function checkpwlight ( $pwd ) {
2004-10-16 00:28:17 +00:00
$points = 0 ;
2004-12-06 21:53:35 +00:00
if ( strlen ( $pwd ) > 15 )
$points ++ ;
2005-05-13 15:34:39 +00:00
if ( strlen ( $pwd ) > 20 )
$points ++ ;
if ( strlen ( $pwd ) > 25 )
$points ++ ;
2004-12-06 21:53:35 +00:00
if ( strlen ( $pwd ) > 30 )
$points ++ ;
2007-06-20 09:07:27 +00:00
//echo "Points due to length: $points<br/>";
2004-10-16 00:28:17 +00:00
if ( preg_match ( " / \ d/ " , $pwd ))
$points ++ ;
if ( preg_match ( " /[a-z]/ " , $pwd ))
$points ++ ;
if ( preg_match ( " /[A-Z]/ " , $pwd ))
$points ++ ;
if ( preg_match ( " / \ W/ " , $pwd ))
$points ++ ;
if ( preg_match ( " / \ s/ " , $pwd ))
$points ++ ;
2007-06-20 09:07:27 +00:00
//echo "Points due to length and charset: $points<br/>";
2014-06-07 09:16:26 +00:00
2011-08-01 14:34:08 +00:00
// check for historical password proposal
if ( $pwd === " Fr3d Sm|7h " ) {
return 0 ;
}
2014-06-07 09:16:26 +00:00
2011-08-01 14:34:08 +00:00
return $points ;
}
2007-06-20 09:07:27 +00:00
2011-08-01 14:34:08 +00:00
function checkpw ( $pwd , $email , $fname , $mname , $lname , $suffix )
{
$points = checkpwlight ( $pwd );
2014-06-07 09:16:26 +00:00
2004-10-16 00:28:17 +00:00
if ( @ strstr ( strtolower ( $pwd ), strtolower ( $email )))
$points -- ;
if ( @ strstr ( strtolower ( $email ), strtolower ( $pwd )))
$points -- ;
if ( @ strstr ( strtolower ( $pwd ), strtolower ( $fname )))
$points -- ;
if ( @ strstr ( strtolower ( $fname ), strtolower ( $pwd )))
$points -- ;
if ( $mname )
if ( @ strstr ( strtolower ( $pwd ), strtolower ( $mname )))
$points -- ;
if ( $mname )
if ( @ strstr ( strtolower ( $mname ), strtolower ( $pwd )))
$points -- ;
if ( @ strstr ( strtolower ( $pwd ), strtolower ( $lname )))
$points -- ;
if ( @ strstr ( strtolower ( $lname ), strtolower ( $pwd )))
$points -- ;
if ( $suffix )
if ( @ strstr ( strtolower ( $pwd ), strtolower ( $suffix )))
$points -- ;
if ( $suffix )
if ( @ strstr ( strtolower ( $suffix ), strtolower ( $pwd )))
$points -- ;
2007-06-20 09:07:27 +00:00
//echo "Points due to name matches: $points<br/>";
2012-06-14 13:29:58 +00:00
$shellpwd = escapeshellarg ( $pwd );
2014-11-24 09:56:38 +00:00
$do = shell_exec ( " grep -F -- $shellpwd /usr/share/dict/american-english " );
2004-10-16 00:28:17 +00:00
if ( $do )
$points -- ;
2007-06-20 09:07:27 +00:00
//echo "Points due to wordlist: $points<br/>";
2004-10-16 00:28:17 +00:00
return ( $points );
}
function extractit ()
{
2005-05-13 15:34:39 +00:00
$bits = explode ( " : " , $_SESSION [ '_config' ][ 'subject' ], 2 );
2008-09-03 16:13:28 +00:00
$bits = str_replace ( " , " , " | " , str_replace ( " / " , " | " , array_key_exists ( '1' , $bits ) ? $bits [ '1' ] : " " ));
2014-06-07 09:16:26 +00:00
$bits = explode ( " | " , $bits );
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'cnc' ] = $_SESSION [ '_config' ][ 'subaltc' ] = 0 ;
2006-08-14 02:12:45 +00:00
$_SESSION [ '_config' ][ 'OU' ] = " " ;
2004-10-16 00:28:17 +00:00
if ( is_array ( $bits ))
foreach ( $bits as $val )
{
if ( ! strstr ( $val , " = " ))
continue ;
$split = explode ( " = " , $val );
$k = $split [ 0 ];
$split [ '1' ] = trim ( $split [ '1' ]);
if ( $k == " CN " && $split [ '1' ])
{
$k = $_SESSION [ '_config' ][ 'cnc' ] . " . " . $k ;
$_SESSION [ '_config' ][ 'cnc' ] ++ ;
$_SESSION [ '_config' ][ $k ] = $split [ '1' ];
}
2006-08-14 02:12:45 +00:00
if ( $k == " OU " && $split [ '1' ] && $_SESSION [ '_config' ][ 'OU' ] == " " )
{
$_SESSION [ '_config' ][ 'OU' ] = $split [ '1' ];
}
2004-10-16 00:28:17 +00:00
if ( $k == " subjectAltName " && $split [ '1' ])
{
$k = $_SESSION [ '_config' ][ 'subaltc' ] . " . " . $k ;
$_SESSION [ '_config' ][ 'subaltc' ] ++ ;
$_SESSION [ '_config' ][ $k ] = $split [ '1' ];
}
}
}
function getcn ()
{
2005-05-13 15:34:39 +00:00
unset ( $_SESSION [ '_config' ][ 'rows' ]);
unset ( $_SESSION [ '_config' ][ 'rowid' ]);
unset ( $_SESSION [ '_config' ][ 'rejected' ]);
2008-09-03 16:13:28 +00:00
$rows = array ();
$rowid = array ();
2004-10-16 00:28:17 +00:00
for ( $cnc = 0 ; $cnc < $_SESSION [ '_config' ][ 'cnc' ]; $cnc ++ )
{
$CN = $_SESSION [ '_config' ][ " $cnc .CN " ];
$bits = explode ( " . " , $CN );
$dom = " " ;
2005-05-13 15:34:39 +00:00
$cnok = 0 ;
2004-10-16 00:28:17 +00:00
for ( $i = count ( $bits ) - 1 ; $i >= 0 ; $i -- )
{
if ( $dom )
$dom = $bits [ $i ] . " . " . $dom ;
else
$dom = $bits [ $i ];
$_SESSION [ '_config' ][ 'row' ] = " " ;
2006-08-14 08:36:15 +00:00
$dom = mysql_real_escape_string ( $dom );
2014-06-07 09:16:26 +00:00
$query = " select * from domains where `memid`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' and `domain` like ' $dom ' and `deleted`=0 and `hash`='' " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
2005-05-13 15:34:39 +00:00
$cnok = 1 ;
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'row' ] = mysql_fetch_assoc ( $res );
$rowid [] = $_SESSION [ '_config' ][ 'row' ][ 'id' ];
break ;
}
}
2005-05-13 15:34:39 +00:00
if ( $cnok == 0 )
$_SESSION [ '_config' ][ 'rejected' ][] = $CN ;
2004-11-26 01:39:57 +00:00
if ( $_SESSION [ '_config' ][ 'row' ] != " " )
2004-10-16 00:28:17 +00:00
$rows [] = $CN ;
}
2005-05-13 15:34:39 +00:00
// if(count($rows) <= 0)
// {
// echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
// exit;
// }
2004-12-09 01:48:16 +00:00
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'rows' ] = $rows ;
$_SESSION [ '_config' ][ 'rowid' ] = $rowid ;
}
function getalt ()
{
2005-05-13 15:34:39 +00:00
unset ( $_SESSION [ '_config' ][ 'altrows' ]);
unset ( $_SESSION [ '_config' ][ 'altid' ]);
2008-09-03 16:13:28 +00:00
$altrows = array ();
$altid = array ();
2004-10-16 00:28:17 +00:00
for ( $altc = 0 ; $altc < $_SESSION [ '_config' ][ 'subaltc' ]; $altc ++ )
{
$subalt = $_SESSION [ '_config' ][ " $altc .subjectAltName " ];
2005-05-13 15:34:39 +00:00
if ( substr ( $subalt , 0 , 4 ) == " DNS: " )
$alt = substr ( $subalt , 4 );
else
2004-11-26 01:39:57 +00:00
continue ;
2004-10-16 00:28:17 +00:00
$bits = explode ( " . " , $alt );
$dom = " " ;
2005-05-13 15:34:39 +00:00
$altok = 0 ;
2004-10-16 00:28:17 +00:00
for ( $i = count ( $bits ) - 1 ; $i >= 0 ; $i -- )
{
if ( $dom )
$dom = $bits [ $i ] . " . " . $dom ;
else
$dom = $bits [ $i ];
$_SESSION [ '_config' ][ 'altrow' ] = " " ;
2006-08-14 08:36:15 +00:00
$dom = mysql_real_escape_string ( $dom );
2014-06-07 09:16:26 +00:00
$query = " select * from domains where `memid`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' and `domain` like ' $dom ' and `deleted`=0 and `hash`='' " ;
2004-10-16 00:28:17 +00:00
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
2005-05-13 15:34:39 +00:00
$altok = 1 ;
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'altrow' ] = mysql_fetch_assoc ( $res );
$altid [] = $_SESSION [ '_config' ][ 'altrow' ][ 'id' ];
break ;
}
}
2005-05-13 15:34:39 +00:00
if ( $altok == 0 )
$_SESSION [ '_config' ][ 'rejected' ][] = $alt ;
2004-11-26 01:39:57 +00:00
if ( $_SESSION [ '_config' ][ 'altrow' ] != " " )
2004-10-16 00:28:17 +00:00
$altrows [] = $subalt ;
}
$_SESSION [ '_config' ][ 'altrows' ] = $altrows ;
$_SESSION [ '_config' ][ 'altid' ] = $altid ;
}
function getcn2 ()
{
2008-09-03 18:04:50 +00:00
$rows = array ();
$rowid = array ();
2004-10-16 00:28:17 +00:00
for ( $cnc = 0 ; $cnc < $_SESSION [ '_config' ][ 'cnc' ]; $cnc ++ )
{
$CN = $_SESSION [ '_config' ][ " $cnc .CN " ];
$bits = explode ( " . " , $CN );
$dom = " " ;
for ( $i = count ( $bits ) - 1 ; $i >= 0 ; $i -- )
{
if ( $dom )
$dom = $bits [ $i ] . " . " . $dom ;
else
$dom = $bits [ $i ];
$_SESSION [ '_config' ][ 'row' ] = " " ;
2006-08-14 08:36:15 +00:00
$dom = mysql_real_escape_string ( $dom );
2004-10-29 01:02:13 +00:00
$query = " select *, `orginfo`.`id` as `id` from `orginfo`,`orgdomains`,`org` where
2014-06-07 09:16:26 +00:00
`org` . `memid` = '".intval($_SESSION[' profile '][' id '])."' and
2004-10-16 00:28:17 +00:00
`org` . `orgid` = `orginfo` . `id` and
`orgdomains` . `orgid` = `orginfo` . `id` and
`orgdomains` . `domain` = '$dom' " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$_SESSION [ '_config' ][ 'row' ] = mysql_fetch_assoc ( $res );
$rowid [] = $_SESSION [ '_config' ][ 'row' ][ 'id' ];
break ;
}
}
2004-11-26 01:39:57 +00:00
if ( $_SESSION [ '_config' ][ 'row' ] != " " )
2004-10-16 00:28:17 +00:00
$rows [] = $CN ;
}
2005-05-13 15:34:39 +00:00
// if(count($rows) <= 0)
// {
// echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
// exit;
// }
2004-10-16 00:28:17 +00:00
$_SESSION [ '_config' ][ 'rows' ] = $rows ;
$_SESSION [ '_config' ][ 'rowid' ] = $rowid ;
}
function getalt2 ()
{
2008-09-03 18:04:50 +00:00
$altrows = array ();
$altid = array ();
2004-10-16 00:28:17 +00:00
for ( $altc = 0 ; $altc < $_SESSION [ '_config' ][ 'subaltc' ]; $altc ++ )
{
$subalt = $_SESSION [ '_config' ][ " $altc .subjectAltName " ];
2005-05-13 15:34:39 +00:00
if ( substr ( $subalt , 0 , 4 ) == " DNS: " )
$alt = substr ( $subalt , 4 );
else
2004-11-26 01:39:57 +00:00
continue ;
2004-10-16 00:28:17 +00:00
$bits = explode ( " . " , $alt );
$dom = " " ;
for ( $i = count ( $bits ) - 1 ; $i >= 0 ; $i -- )
{
if ( $dom )
$dom = $bits [ $i ] . " . " . $dom ;
else
$dom = $bits [ $i ];
$_SESSION [ '_config' ][ 'altrow' ] = " " ;
2006-08-14 08:36:15 +00:00
$dom = mysql_real_escape_string ( $dom );
2004-10-16 00:28:17 +00:00
$query = " select * from `orginfo`,`orgdomains`,`org` where
2014-06-07 09:16:26 +00:00
`org` . `memid` = '".intval($_SESSION[' profile '][' id '])."' and
2004-10-16 00:28:17 +00:00
`org` . `orgid` = `orginfo` . `id` and
`orgdomains` . `orgid` = `orginfo` . `id` and
`orgdomains` . `domain` = '$dom' " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$_SESSION [ '_config' ][ 'altrow' ] = mysql_fetch_assoc ( $res );
$altid [] = $_SESSION [ '_config' ][ 'altrow' ][ 'id' ];
break ;
}
}
2004-11-26 01:39:57 +00:00
if ( $_SESSION [ '_config' ][ 'altrow' ] != " " )
2004-10-16 00:28:17 +00:00
$altrows [] = $subalt ;
}
$_SESSION [ '_config' ][ 'altrows' ] = $altrows ;
$_SESSION [ '_config' ][ 'altid' ] = $altid ;
}
function checkownership ( $hostname )
{
$bits = explode ( " . " , $hostname );
$dom = " " ;
for ( $i = count ( $bits ) - 1 ; $i >= 0 ; $i -- )
{
if ( $dom )
$dom = $bits [ $i ] . " . " . $dom ;
else
$dom = $bits [ $i ];
2006-08-14 08:36:15 +00:00
$dom = mysql_real_escape_string ( $dom );
2004-10-16 00:28:17 +00:00
$query = " select * from `org`,`orgdomains`,`orginfo`
2014-06-07 09:16:26 +00:00
where `org` . `memid` = '".intval($_SESSION[' profile '][' id '])."'
2004-10-16 00:28:17 +00:00
and `orgdomains` . `orgid` = `org` . `orgid`
and `orginfo` . `id` = `org` . `orgid`
and `orgdomains` . `domain` = '$dom' " ;
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$_SESSION [ '_config' ][ 'row' ] = mysql_fetch_assoc ( $res );
return ( true );
}
}
return ( false );
}
function maxpoints ( $id = 0 )
{
if ( $id <= 0 )
$id = $_SESSION [ 'profile' ][ 'id' ];
2014-06-07 09:16:26 +00:00
$query = " select sum(`points`) as `points` from `notary` where `to`=' $id ' and `deleted` = 0 group by `to` " ;
2004-10-16 00:28:17 +00:00
$row = mysql_fetch_assoc ( mysql_query ( $query ));
$points = $row [ 'points' ];
2005-05-13 15:34:39 +00:00
$dob = date ( " Y-m-d " , mktime ( 0 , 0 , 0 , date ( " m " ), date ( " d " ), date ( " Y " ) - 18 ));
2014-06-07 09:16:26 +00:00
$query = " select * from `users` where `id`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' and `dob` < ' $dob ' " ;
2005-05-13 15:34:39 +00:00
if ( mysql_num_rows ( mysql_query ( $query )) < 1 )
{
if ( $points >= 100 )
return ( 10 );
else
return ( 0 );
}
2004-10-16 00:28:17 +00:00
if ( $points >= 150 )
return ( 35 );
if ( $points >= 140 )
return ( 30 );
if ( $points >= 130 )
return ( 25 );
if ( $points >= 120 )
return ( 20 );
if ( $points >= 110 )
return ( 15 );
if ( $points >= 100 )
return ( 10 );
return ( 0 );
}
2004-11-10 06:12:43 +00:00
2014-04-18 08:10:17 +00:00
function gpg_hex2bin ( $data )
2004-11-10 06:12:43 +00:00
{
while ( strstr ( $data , " \\ x " ))
{
$pos = strlen ( $data ) - strlen ( strstr ( $data , " \\ x " ));
$before = substr ( $data , 0 , $pos );
$char = chr ( hexdec ( substr ( $data , $pos + 2 , 2 )));
$after = substr ( $data , $pos + 4 );
$data = $before . $char . $after ;
}
return ( utf8_decode ( $data ));
}
2004-12-02 11:34:07 +00:00
2004-12-06 14:02:02 +00:00
function signmail ( $to , $subject , $message , $from , $replyto = " " )
{
if ( $replyto == " " )
$replyto = $from ;
$tmpfname = tempnam ( " /tmp " , " CSR " );
$fp = fopen ( $tmpfname , " w " );
fputs ( $fp , $message );
fclose ( $fp );
2014-11-24 09:56:38 +00:00
$to_esc = escapeshellarg ( $to );
$do = shell_exec ( " /usr/bin/gpg --homedir /home/gpg --clearsign \" $tmpfname\ " |/ usr / sbin / sendmail " . $to_esc );
2004-12-06 14:02:02 +00:00
@ unlink ( $tmpfname );
}
2005-05-13 15:34:39 +00:00
function checkEmail ( $email )
{
2006-08-14 01:01:36 +00:00
$myemail = mysql_real_escape_string ( $email );
2005-07-01 13:12:14 +00:00
if ( preg_match ( " /^([a-zA-Z0-9])+([a-zA-Z0-9 \ + \ ._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9 \ ._-]+)+ $ / " , $email ))
2005-05-13 15:34:39 +00:00
{
2013-07-15 08:32:06 +00:00
list ( $username , $domain ) = explode ( '@' , $email , 2 );
2014-12-05 09:06:50 +00:00
$mxhostrr = array ();
$mxweight = array ();
if ( ! getmxrr ( $domain , $mxhostrr , $mxweight ) ) {
$mxhostrr = array ( $domain );
$mxweight = array ( 0 );
} else if ( empty ( $mxhostrr ) ) {
$mxhostrr = array ( $domain );
$mxweight = array ( 0 );
}
$mxhostprio = array ();
for ( $i = 0 ; $i < count ( $mxhostrr ); $i ++ ) {
$mx_host = trim ( $mxhostrr [ $i ], '.' );
$mx_prio = $mxweight [ $i ];
if ( empty ( $mxhostprio [ $mx_prio ])) {
$mxhostprio [ $mx_prio ] = array ();
}
$mxhostprio [ $mx_prio ][] = $mx_host ;
}
array_walk ( $mxhostprio , function ( & $mx ) { shuffle ( $mx ); } );
ksort ( $mxhostprio );
$mxhosts = array ();
foreach ( $mxhostprio as $mx_prio => $mxhostnames ) {
foreach ( $mxhostnames as $mx_host ) {
$mxhosts [] = $mx_host ;
2013-07-15 08:35:59 +00:00
}
}
2005-05-13 15:34:39 +00:00
foreach ( $mxhosts as $key => $domain )
{
2014-12-05 09:05:04 +00:00
$fp_opt = array (
'ssl' => array (
'verify_peer' => false , // Opportunistic Encryption
)
);
$fp_ctx = stream_context_create ( $fp_opt );
$fp = @ stream_socket_client ( " tcp:// $domain :25 " , $errno , $errstr , 5 , STREAM_CLIENT_CONNECT , $fp_ctx );
2005-05-14 11:01:27 +00:00
if ( $fp )
2005-05-13 15:34:39 +00:00
{
2014-12-05 09:05:04 +00:00
stream_set_blocking ( $fp , true );
2014-06-07 09:16:26 +00:00
2014-12-05 09:05:04 +00:00
$has_starttls = false ;
do {
$line = fgets ( $fp , 4096 );
} while ( substr ( $line , 0 , 4 ) == " 220- " );
if ( substr ( $line , 0 , 3 ) != " 220 " ) {
fclose ( $fp );
2005-05-13 15:34:39 +00:00
continue ;
2014-12-05 09:05:04 +00:00
}
fputs ( $fp , " EHLO www.cacert.org \r \n " );
do {
2006-11-23 22:22:31 +00:00
$line = fgets ( $fp , 4096 );
2014-12-05 09:05:04 +00:00
$has_starttls |= substr ( trim ( $line ), 4 ) == " STARTTLS " ;
} while ( substr ( $line , 0 , 4 ) == " 250- " );
if ( substr ( $line , 0 , 3 ) != " 250 " ) {
fclose ( $fp );
2005-05-13 15:34:39 +00:00
continue ;
2014-12-05 09:05:04 +00:00
}
if ( $has_starttls ) {
fputs ( $fp , " STARTTLS \r \n " );
do {
$line = fgets ( $fp , 4096 );
} while ( substr ( $line , 0 , 4 ) == " 220- " );
if ( substr ( $line , 0 , 3 ) != " 220 " ) {
fclose ( $fp );
continue ;
}
stream_socket_enable_crypto ( $fp , true , STREAM_CRYPTO_METHOD_TLS_CLIENT );
fputs ( $fp , " EHLO www.cacert.org \r \n " );
do {
$line = fgets ( $fp , 4096 );
} while ( substr ( $line , 0 , 4 ) == " 250- " );
if ( substr ( $line , 0 , 3 ) != " 250 " ) {
fclose ( $fp );
continue ;
}
}
2006-11-23 22:22:31 +00:00
2014-12-05 09:05:04 +00:00
fputs ( $fp , " MAIL FROM:<returns@cacert.org> \r \n " );
do {
$line = fgets ( $fp , 4096 );
} while ( substr ( $line , 0 , 4 ) == " 250- " );
if ( substr ( $line , 0 , 3 ) != " 250 " ) {
fclose ( $fp );
2005-05-13 15:34:39 +00:00
continue ;
2014-12-05 09:05:04 +00:00
}
2011-07-22 14:11:14 +00:00
fputs ( $fp , " RCPT TO:< $email > \r \n " );
2014-12-05 09:05:04 +00:00
do {
$line = fgets ( $fp , 4096 );
} while ( substr ( $line , 0 , 4 ) == " 250- " );
if ( substr ( $line , 0 , 3 ) != " 250 " ) {
fclose ( $fp );
continue ;
}
2005-05-23 01:53:59 +00:00
fputs ( $fp , " QUIT \r \n " );
2005-05-13 15:34:39 +00:00
fclose ( $fp );
2006-08-14 01:01:36 +00:00
$line = mysql_real_escape_string ( trim ( strip_tags ( $line )));
2008-09-28 20:11:19 +00:00
$query = " insert into `pinglog` set `when`=NOW(), `email`=' $myemail ', `result`=' $line ' " ;
2014-06-07 09:16:26 +00:00
if ( is_array ( $_SESSION [ 'profile' ])) $query .= " , `uid`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ' " ;
2006-08-14 01:01:36 +00:00
mysql_query ( $query );
2005-05-13 15:34:39 +00:00
if ( substr ( $line , 0 , 3 ) != " 250 " )
2006-08-14 01:01:36 +00:00
return $line ;
2005-05-13 15:34:39 +00:00
else
2006-08-14 01:01:36 +00:00
return " OK " ;
2005-05-13 15:34:39 +00:00
}
}
}
2014-06-07 09:16:26 +00:00
$query = " insert into `pinglog` set `when`=NOW(), `uid`=' " . intval ( $_SESSION [ 'profile' ][ 'id' ]) . " ',
2006-08-14 01:01:36 +00:00
`email` = '$myemail' , `result` = 'Failed to make a connection to the mail server' " ;
mysql_query ( $query );
2005-07-01 13:12:14 +00:00
return _ ( " Failed to make a connection to the mail server " );
2005-05-13 15:34:39 +00:00
}
2007-01-28 18:54:50 +00:00
2008-01-16 00:59:03 +00:00
function waitForResult ( $table , $certid , $id = 0 , $show = 1 )
2007-01-28 18:54:50 +00:00
{
$found = $trycount = 0 ;
2009-01-22 20:36:34 +00:00
if ( $certid <= 0 )
{
if ( $show ) showheader ( _ ( " My CAcert.org Account! " ));
2009-05-31 16:48:03 +00:00
echo _ ( " ERROR: The new Certificate ID is wrong. Please contact support. \n " );
2009-01-22 20:36:34 +00:00
if ( $show ) showfooter ();
if ( $show ) exit ;
return ;
}
2009-01-16 17:36:57 +00:00
while ( $trycount ++ <= 40 )
2007-01-28 18:54:50 +00:00
{
if ( $table == " gpg " )
2008-08-17 15:14:48 +00:00
$query = " select * from ` $table ` where `id`=' " . intval ( $certid ) . " ' and `crt` != '' " ;
2007-01-28 18:54:50 +00:00
else
2008-08-17 15:14:48 +00:00
$query = " select * from ` $table ` where `id`=' " . intval ( $certid ) . " ' and `crt_name` != '' " ;
2007-01-28 18:54:50 +00:00
$res = mysql_query ( $query );
if ( mysql_num_rows ( $res ) > 0 )
{
$found = 1 ;
break ;
}
2009-07-31 21:26:08 +00:00
sleep ( 3 );
2007-01-28 18:54:50 +00:00
}
if ( ! $found )
{
2008-01-16 00:59:03 +00:00
if ( $show ) showheader ( _ ( " My CAcert.org Account! " ));
2008-08-17 15:14:48 +00:00
$query = " select * from ` $table ` where `id`=' " . intval ( $certid ) . " ' " ;
2007-01-28 18:54:50 +00:00
$res = mysql_query ( $query );
2008-10-19 22:12:00 +00:00
$body = " " ;
2009-01-16 17:36:57 +00:00
$subject = " " ;
2007-01-28 18:54:50 +00:00
if ( mysql_num_rows ( $res ) > 0 )
2008-10-19 22:12:00 +00:00
{
2007-01-28 18:54:50 +00:00
printf ( _ ( " Your certificate request is still queued and hasn't been processed yet. Please wait, and go to Certificates -> View to see it's status. " ));
2009-01-16 17:36:57 +00:00
$subject = " [CAcert.org] Certificate TIMEOUT " ;
2008-10-19 22:12:00 +00:00
$body = " A certificate has timed out! \n \n " ;
}
2007-01-28 18:54:50 +00:00
else
2008-10-19 22:12:00 +00:00
{
2008-08-17 15:14:48 +00:00
printf ( _ ( " Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions. " ) . " certid: $table : " . intval ( $certid ), " <a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'> " , " </a> " );
2009-01-16 17:36:57 +00:00
$subject = " [CAcert.org] Certificate FAILURE " ;
$body = " A certificate has failed: $table $certid $id $show\n\n " ;
2008-10-19 22:12:00 +00:00
}
2008-10-04 00:01:30 +00:00
$body .= _ ( " Best regards " ) . " \n " . _ ( " CAcert.org Support! " );
2009-06-15 21:01:02 +00:00
sendmail ( " philipp@cacert.org " , $subject , $body , " returns@cacert.org " , " " , " " , " CAcert Support " );
2008-10-04 00:01:30 +00:00
2008-01-16 00:59:03 +00:00
if ( $show ) showfooter ();
if ( $show ) exit ;
2007-01-28 18:54:50 +00:00
}
}
2007-03-08 20:48:22 +00:00
function generateTicket ()
{
$query = " insert into tickets (timestamp) values (now()) " ;
mysql_query ( $query );
$ticket = mysql_insert_id ();
return $ticket ;
}
2007-07-13 16:55:05 +00:00
2014-06-07 09:16:26 +00:00
function sanitizeHTML ( $input )
2007-07-13 16:55:05 +00:00
{
2014-10-17 12:54:20 +00:00
return htmlentities ( strip_tags ( $input ), ENT_QUOTES , 'ISO-8859-1' );
2008-09-22 16:46:33 +00:00
//In case of problems, please use the following line again:
//return htmlentities(strip_tags(utf8_decode($input)), ENT_QUOTES);
2007-07-13 16:55:05 +00:00
//return htmlspecialchars(strip_tags($input));
}
2008-09-19 22:10:18 +00:00
2008-09-07 02:44:55 +00:00
function make_hash ()
{
if ( function_exists ( " dio_open " ))
{
$rnd = dio_open ( " /dev/urandom " , O_RDONLY );
$hash = md5 ( dio_read ( $rnd , 64 ));
dio_close ( $rnd );
} else {
$rnd = fopen ( " /dev/urandom " , " r " );
$hash = md5 ( fgets ( $rnd , 64 ));
fclose ( $rnd );
}
return ( $hash );
}
function csrf_check ( $nam , $show = 1 )
{
2008-09-07 19:20:40 +00:00
if ( ! array_key_exists ( 'csrf' , $_REQUEST ) || ! array_key_exists ( 'csrf_' . $nam , $_SESSION ))
{
showheader ( _ ( " My CAcert.org Account! " ));
echo _ ( " CSRF Hash is missing. Please try again. " ) . " \n " ;
showfooter ();
exit ();
}
if ( strlen ( $_REQUEST [ 'csrf' ]) != 32 )
{
showheader ( _ ( " My CAcert.org Account! " ));
echo _ ( " CSRF Hash is wrong. Please try again. " ) . " \n " ;
showfooter ();
exit ();
}
if ( ! array_key_exists ( $_REQUEST [ 'csrf' ], $_SESSION [ 'csrf_' . $nam ]))
{
showheader ( _ ( " My CAcert.org Account! " ));
echo _ ( " CSRF Hash is wrong. Please try again. " ) . " \n " ;
showfooter ();
exit ();
}
2008-09-07 02:44:55 +00:00
}
function make_csrf ( $nam )
{
2008-09-07 19:20:40 +00:00
$hash = make_hash ();
$_SESSION [ 'csrf_' . $nam ][ $hash ] = 1 ;
return ( $hash );
2008-09-07 02:44:55 +00:00
}
function clean_csr ( $CSR )
{
2009-04-13 22:56:56 +00:00
$newcsr = str_replace ( " \r \n " , " \n " , trim ( $CSR ));
$newcsr = str_replace ( " \n \n " , " \n " , $newcsr );
return ( preg_replace ( " /[^A-Za-z0-9 \n \r \ - \ : \ = \ + \ / ]/ " , " " , $newcsr ));
2008-09-07 02:44:55 +00:00
}
2010-03-29 18:03:23 +00:00
function clean_gpgcsr ( $CSR )
{
return ( preg_replace ( " /[^A-Za-z0-9 \n \r \ - \ : \ = \ + \ / ]/ " , " " , trim ( $CSR )));
}
2008-09-07 02:44:55 +00:00
2008-11-23 04:21:50 +00:00
function sanitizeFilename ( $text )
{
$text = preg_replace ( " /[^ \ w-.@]/ " , " " , $text );
return ( $text );
}
2014-06-07 09:16:26 +00:00
2013-01-17 15:09:38 +00:00
2009-01-01 16:02:52 +00:00
// returns text message to be shown to the user given the result of is_no_assurer
function no_assurer_text ( $Status )
{
if ( $Status == 0 ) {
$Result = _ ( " You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer. " );
} elseif ( $Status == 3 ) {
$Result = _ ( " You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points! " );
} elseif ( $Status == 5 ) {
2009-07-01 11:37:11 +00:00
$Result = _ ( " You have at least 100 Assurance Points, if you want to become an assurer try the " ) . ' <a href="https://cats.cacert.org/">' . _ ( " Assurer Challenge " ) . '</a>!' ;
2009-01-01 16:02:52 +00:00
} elseif ( $Status == 7 ) {
2009-07-01 11:37:11 +00:00
$Result = _ ( " To become an Assurer you have to collect 100 Assurance Points and pass the " ) . ' <a href="https://cats.cacert.org/">' . _ ( " Assurer Challenge " ) . '</a>!' ;
2009-01-01 16:02:52 +00:00
} elseif ( $Status & 8 > 0 ) {
2009-06-08 21:16:40 +00:00
$Result = _ ( " Sorry, you are not allowed to be an Assurer. Please contact " ) . ' <a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>' . _ ( " if you feel that this is not corect. " );
2009-01-01 16:02:52 +00:00
} else {
2009-06-08 21:16:40 +00:00
$Result = _ ( " You are not an Assurer, but the reason is not stored in the database. Please contact " ) . ' <a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>.' ;
2009-01-01 16:02:52 +00:00
}
return $Result ;
}
2009-04-05 00:30:33 +00:00
function is_assurer ( $userID )
{
if ( get_assurer_status ( $userID ))
return 0 ;
else
return 1 ;
}
function get_assurer_reason ( $userID )
{
return no_assurer_text ( get_assurer_status ( $userID ));
}
2009-01-01 16:02:52 +00:00
2009-10-15 20:55:59 +00:00
function generatecertpath ( $type , $kind , $id )
{
$name = " ../ $type / $kind - " . intval ( $id ) . " . $type " ;
2009-10-16 00:16:00 +00:00
$newlayout = 1 ;
2009-10-15 20:55:59 +00:00
if ( $newlayout )
{
$name = " ../ $type / $kind / " . intval ( $id / 1000 ) . " / $kind - " . intval ( $id ) . " . $type " ;
2011-11-16 21:23:50 +00:00
if ( ! is_dir ( " ../csr " )) { mkdir ( " ../csr " , 0777 ); }
if ( ! is_dir ( " ../crt " )) { mkdir ( " ../crt " , 0777 ); }
2014-06-07 09:16:26 +00:00
2011-11-16 21:23:50 +00:00
if ( ! is_dir ( " ../csr/ $kind " )) { mkdir ( " ../csr/ $kind " , 0777 ); }
if ( ! is_dir ( " ../crt/ $kind " )) { mkdir ( " ../crt/ $kind " , 0777 ); }
if ( ! is_dir ( " ../csr/ $kind / " . intval ( $id / 1000 ))) { mkdir ( " ../csr/ $kind / " . intval ( $id / 1000 )); }
if ( ! is_dir ( " ../crt/ $kind / " . intval ( $id / 1000 ))) { mkdir ( " ../crt/ $kind / " . intval ( $id / 1000 )); }
2009-10-15 20:55:59 +00:00
}
return $name ;
}
2007-07-13 16:55:05 +00:00
2009-11-25 22:33:43 +00:00
/**
* Run the sql query given in $sql .
* The resource returned by mysql_query is
* returned by this function .
*
* It should be safe to replace every mysql_query
* call by a mysql_extended_query call .
*/
function mysql_timed_query ( $sql )
{
global $sql_data_log ;
$query_start = microtime ( true );
$res = mysql_query ( $sql );
$query_end = microtime ( true );
$sql_data_log [] = array ( " sql " => $sql , " duration " => $query_end - $query_start );
return $res ;
}
2013-05-15 09:39:39 +00:00
2004-10-16 00:28:17 +00:00
?>