Added some comments and improved the Name handling of TVerify
This commit is contained in:
root
parent
b77d860024
commit
0f76ef5996
1 changed files with 33 additions and 6 deletions
|
|
@ -1,11 +1,13 @@
|
|||
<?
|
||||
$continue = 1;
|
||||
//Checking for Thawte Freemail members, who aren´t notaries
|
||||
if($_SERVER['SSL_CLIENT_S_DN_CN'] == 'Thawte Freemail Member')
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("I wasn't able to locate your name on your certificate, as such you can't continue with this process.");
|
||||
}
|
||||
|
||||
//Extracting the Email address from the certificate that is presented, looking up the email in the database to find the user that has registered it.
|
||||
if($continue == 1)
|
||||
{
|
||||
$addy = array();
|
||||
|
|
@ -23,26 +25,51 @@
|
|||
}
|
||||
}
|
||||
|
||||
//Verifying that we found a record with that email address
|
||||
if(count($addy) <= 0 && $continue == 1)
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("I wasn't able to match any email accounts on your certificate to any accounts in our database, as such I can't continue with this process.");
|
||||
}
|
||||
|
||||
//If we found one, we extract the member-id from the sql result of the query we did above, and fetch the name of that user
|
||||
if($continue == 1)
|
||||
{
|
||||
$row = mysql_fetch_assoc($account);
|
||||
$memid = $row['memid'];
|
||||
|
||||
$bits = explode(" ", trim($_SERVER['SSL_CLIENT_S_DN_G']), 2);
|
||||
$firstname = trim($bits['0']);
|
||||
$lastname = trim($_SERVER['SSL_CLIENT_S_DN_S']);
|
||||
$tverifybits = explode(" ", trim(strtr($_SERVER['SSL_CLIENT_S_DN_G'],",.","")), 2);
|
||||
|
||||
$query = "select * from `users` where `fname`='$firstname' and `lname`='$lastname' and `id`='$memid'";
|
||||
if(mysql_num_rows(mysql_query($query)) <= 0)
|
||||
//Fetching the name of the user we have in the database:
|
||||
$query = "select `fname`, `mname`, `lname`, `suffix` from `users` where `id`='$memid' and `deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
$row = mysql_fetch_assoc($res);
|
||||
|
||||
//Building the user´s name, and ignoring punctuation
|
||||
$cacert_name=$row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
|
||||
$cacert_name=strtr($cacert_name,",.","");
|
||||
$cacert_name=trim(str_replace(" ", " ", $cacert_name));
|
||||
|
||||
//Generate a short name form without the middle name
|
||||
$cacert_short_name=$row['fname']." ".$row['lname']." ".$row['suffix'];
|
||||
$cacert_short_name=strtr($cacert_short_name,",.","");
|
||||
$cacert_short_name=trim(str_replace(" ", " ", $cacert_short_name));
|
||||
|
||||
$firstname = trim($tverifybits['0']);
|
||||
$lastname = trim($_SERVER['SSL_CLIENT_S_DN_S']);
|
||||
$tverify_name=strtr("$firstname $lastname",",.","");
|
||||
|
||||
if(($cacert_name != $tverify_name) and ($cacert_short_name == $tverify_name))
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("The name and email address on your certificate could not be exactly matched to any stored in our database, as such I'm not able to contiue with this process.");
|
||||
printf(_("Your CAcert account contains a middle name (%s), but we cannot verify this middle name with the certificate."),$row['mname']);
|
||||
|
||||
}
|
||||
|
||||
if($cacert_name != $tverify_name)
|
||||
{
|
||||
$continue = 0;
|
||||
printf(_("The name and email address on your certificate (%s) could not be exactly matched to any stored in our database (%s), as such I'm not able to continue with this process."),$tverify_name,$cacert_name);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue