cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 4 Projects Releases 2 Wiki Activity

Fixed parameter handling

Browse Source 
Improved register_globals
pull/1/head
root 16 years ago
parent a63ec4d767
commit 051258953c
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File

10
includes/account.php
Unescape Escape View File

@ -310,6 +310,7 @@
$addys = array(); $addys = array();
$defaultemail = ""; $defaultemail = "";
$csrsubject="";
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'")); $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if(strlen($user['mname']) == 1) if(strlen($user['mname']) == 1)
@ -390,6 +391,7 @@
} else { } else {
$id = 6; $id = 6;
$cert = $emailid; $cert = $emailid;
$_REQUEST['cert']=$emailid;
} }
} }
@ -688,6 +690,7 @@
exit; exit;
} }
rename($_SESSION['_config']['tmpfname'], $CSRname); rename($_SESSION['_config']['tmpfname'], $CSRname);
chmod($CSRname,0644);
mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'"); mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
waitForResult("domaincerts", $CSRid, 11); waitForResult("domaincerts", $CSRid, 11);
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''"; $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
@ -702,6 +705,7 @@
} else { } else {
$id = 15; $id = 15;
$cert = $CSRid; $cert = $CSRid;
$_REQUEST['cert']=$CSRid;
} }
} }
@ -1341,6 +1345,7 @@
$addys = array(); $addys = array();
$defaultemail = ""; $defaultemail = "";
$csrsubject="";
if($_SESSION['_config']['name'] != "") if($_SESSION['_config']['name'] != "")
$csrsubject = "/CN=".$_SESSION['_config']['name']; $csrsubject = "/CN=".$_SESSION['_config']['name'];
@ -1411,6 +1416,7 @@
} else { } else {
$id = 19; $id = 19;
$cert = $emailid; $cert = $emailid;
$_REQUEST['cert']=$emailid;
} }
} }
@ -1633,6 +1639,7 @@
if(is_array($_SESSION['_config']['rows'])) if(is_array($_SESSION['_config']['rows']))
foreach($_SESSION['_config']['rows'] as $row) foreach($_SESSION['_config']['rows'] as $row)
$csrsubject .= "/commonName=$row"; $csrsubject .= "/commonName=$row";
$SAN="";
if(is_array($_SESSION['_config']['altrows'])) if(is_array($_SESSION['_config']['altrows']))
foreach($_SESSION['_config']['altrows'] as $subalt) foreach($_SESSION['_config']['altrows'] as $subalt)
{ {
@ -1670,6 +1677,7 @@
$CSRname = $_SESSION['_config']['filepath']."/csr/orgserver-$CSRid.csr"; $CSRname = $_SESSION['_config']['filepath']."/csr/orgserver-$CSRid.csr";
rename($_SESSION['_config']['tmpfname'], $CSRname); rename($_SESSION['_config']['tmpfname'], $CSRname);
chmod($CSRname,0644);
mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'"); mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
if(is_array($_SESSION['_config']['rowid'])) if(is_array($_SESSION['_config']['rowid']))
foreach($_SESSION['_config']['rowid'] as $id) foreach($_SESSION['_config']['rowid'] as $id)
@ -1689,6 +1697,7 @@
} else { } else {
$id = 23; $id = 23;
$cert = $CSRid; $cert = $CSRid;
$_REQUEST['cert']=$CSRid;
} }
} }
@ -2431,6 +2440,7 @@
} else { } else {
$id = 47; $id = 47;
$cert = $CSRid; $cert = $CSRid;
$_REQUEST['cert']=$CSRid;
} }
} }

Write Preview
Loading…
Cancel
Save