cacert-webdb/tverify/index/0.php

<?
	$continue = 1;;
	if($_SERVER["SSL_CLIENT_S_DN_CN"] == "Thawte Freemail Member")
	{
		$continue = 0;
		echo _("I wasn't able to locate your name on your certificate, as such you can't continue with this process.");
	}

	if($continue == 1)
	{
		$addy = array();
		$emails = explode("/", trim($_SERVER["SSL_CLIENT_S_DN"]));
		foreach($emails as $email)
		{
			$bits = explode("=", $email);
			if($bits["0"] == "emailAddress")
			{
				$query = "select * from `email` where `email`='".$bits["1"]."' and `deleted`=0 and hash=''";
				$account = mysql_query($query);
				if(mysql_num_rows($account))
					$addy[] = $bits["1"];
			}
		}
	}

	if(count($addy) <= 0 && $continue == 1)
	{
		$continue = 0;
		echo _("I wasn't able to match any email accounts on your certificate to any accounts in our database, as such I can't continue with this process.");
	}

	if($continue == 1)
	{
		$row = mysql_fetch_assoc($account);
		$memid = $row['memid'];

		$name = trim($_SERVER["SSL_CLIENT_S_DN_CN"]);
		while(strstr($name, "  "))
			$name = str_replace("  ", " ", $name);
		$bits = explode(" ", $name);

		$firstname = $bits["0"];
		$lastname = $bits[count($bits) - 1];

		$query = "select * from `users` where `fname`='$firstname' and `lname`='$lastname' and `id`='$memid'";
		if(mysql_num_rows(mysql_query($query)) <= 0)
		{
			$continue = 0;
			echo _("The name and email address on your certificate could not be exactly matched to any stored in our database, as such I'm not able to contiue with this process.");
		}
	}

	if($_SERVER["SSL_CLIENT_VERIFY"] == "SUCCESS" && $continue == 1)
	{
		$_SESSION['_config']['uid'] = $row['memid'];
		$_SESSION['_config']['CN'] = trim($_SERVER["SSL_CLIENT_S_DN"]);
?>
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
<?=_("By just submitting your Thawte certificate you can be issued 50 points automatically to any matching account in the system that you operate.")?><br>
<?=_("To receive an additional 40 points you must also include a valid link to your notary listing on the Thawte website.")?><br>
<?=_("If you meet the above criteria you are also elligible to receive an additional 60 points by submitting a legible government issued copy of your photo ID. If details on your photo ID aren't legible you may be excluded from receiving these points.")?></p>
<? if($_SESSION['_config']['errmsg'] != "") { ?><p>&nbsp;</p><p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><?
	echo $_SESSION['_config']['errmsg']."</p>";
	unset($_SESSION['_config']['errmsg']);
} ?>
<form method="post" action="index.php" enctype="multipart/form-data">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
  <tr>
    <td colspan="2" class="title"><?=_("Points Transfer and Verification")?></td>
  </tr>
  <tr>
    <td class="DataTD" width="125"><?=_("Email Address")?>: </td>
    <td class="DataTD" width="125"><input type="text" name="email" value="<?=$row['email']?>"></td>
  </tr>
  <tr>
    <td class="DataTD" width="125"><?=_("Notary URL")?>: </td>
    <td class="DataTD" width="125"><input type="text" name="notaryURL" value="<?=$_POST['notaryURL']?>"></td>
  </tr>
  <tr>
    <td class="DataTD" width="125"><?=_("Photo ID")?>: </td>
    <td class="DataTD" width="125"><input type="file" name="photoid"></td>
  </tr>
  <tr> 
    <td class="DataTD"><?=_("Pass Phrase")?>: </td>
    <td class="DataTD"><input type="password" name="pword"></td>
  </tr> 
  <tr>
    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Submit Application for Points Transfer")?>"></td>
  </tr>

</table>     
<input type="hidden" name="id" value="1">
</form> 
<?	} else if($continue == 1) {
		echo _("1I'm sorry, I couldn't verify your certificate");
	}
?>