cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 4 Projects Releases 2 Wiki Activity

removed hard path configs

Browse Source
pull/1/head
root 20 years ago
parent 494c82423a
commit 1f48e78e65
8 changed files with 52 additions and 46 deletions
Show Stats Download Patch File Download Diff File

4
includes/account_stuff.php
Unescape Escape View File

@ -127,7 +127,7 @@ function hideall() {
<body onload="hideall(); explode('home');<?=$expand?>"> <body onload="hideall(); explode('home');<?=$expand?>">
<div id="pagecell1"> <div id="pagecell1">
<div id="pageName"><br> <div id="pageName"><br>
<h2><a href="http://www.CAcert.org"><img src="/images/cacert2.png" border="0"></a></h2> <h2><a href="http://<?=$normalhostname?>"><img src="/images/cacert2.png" border="0"></a></h2>
<div id="googlead"><h2>¡Vive la Révolution!</h2></div> <div id="googlead"><h2>¡Vive la Révolution!</h2></div>
</div> </div>
<div id="pageNav"> <div id="pageNav">
@ -173,7 +173,7 @@ function hideall() {
<? } ?> <? } ?>
<div class="relatedLinks"> <div class="relatedLinks">
<h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> <h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
<ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=1"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['points'] < 100) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted Third Parties")?></a></li><li><a href="http://www.cacert.org/docs/CAP.pdf"><?=_("WoT Form")?></a></li><li><a href="http://www.cacert.org/docs/TTP.pdf"><?=_("TTP Form")?></a></li></ul> <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=1"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['points'] < 100) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted Third Parties")?></a></li><li><a href="/docs/CAP.pdf"><?=_("WoT Form")?></a></li><li><a href="/docs/TTP.pdf"><?=_("TTP Form")?></a></li></ul>
</div> </div>
<div class="relatedLinks"> <div class="relatedLinks">
<h3 onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3> <h3 onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>

57
includes/general.php
Unescape Escape View File

@ -12,15 +12,6 @@
the implied warranty of MERCHANTABILITY or FITNESS FOR A the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details. PARTICULAR PURPOSE. See the License for more details.
*/ */
if($_SERVER[HTTP_HOST] != "www.cacert.org" && $_SERVER[HTTP_HOST] != "secure.cacert.org" && $_SERVER[HTTP_HOST] != "202.87.16.201")
{
if($_SERVER[HTTPS] == "on")
header("location: https://www.cacert.org");
else
header("location: http://www.cacert.org");
exit;
}
session_name("cacert"); session_name("cacert");
session_start(); session_start();
@ -29,6 +20,19 @@
session_register("signup"); session_register("signup");
session_register("lostpw"); session_register("lostpw");
$_SESSION['_config']['filepath'] = "/home/cacert";
require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
if($_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] && $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'])
{
if($_SERVER['HTTPS'] == "on")
header("location: https://".$_SESSION['_config']['normalhostname']);
else
header("location: http://".$_SESSION['_config']['normalhostname']);
exit;
}
$lang = mysql_escape_string(substr(trim($lang), 0, 5)); $lang = mysql_escape_string(substr(trim($lang), 0, 5));
if($lang != "") if($lang != "")
$_SESSION['_config']['language'] = $lang; $_SESSION['_config']['language'] = $lang;
@ -65,12 +69,12 @@
$_SESSION['_config']['language'] = "en"; $_SESSION['_config']['language'] = "en";
break; break;
} }
if(file_exists("/home/cacert/locale/$val/LC_MESSAGES/messages.mo")) if(file_exists($_SESSION['_config']['filepath']."/locale/$val/LC_MESSAGES/messages.mo"))
{ {
$_SESSION['_config']['language'] = $val; $_SESSION['_config']['language'] = $val;
break; break;
} }
if(file_exists("/home/cacert/locale/$short/LC_MESSAGES/messages.mo")) if(file_exists($_SESSION['_config']['filepath']."/locale/$short/LC_MESSAGES/messages.mo"))
{ {
$_SESSION['_config']['language'] = $short; $_SESSION['_config']['language'] = $short;
break; break;
@ -109,13 +113,9 @@
setlocale(LC_ALL, $_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']);
$domain = 'messages'; $domain = 'messages';
bindtextdomain("$domain", "/home/cacert/locale"); bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
textdomain("$domain"); textdomain("$domain");
$_SESSION['_config'][filepath] = "/home/cacert";
require_once("/home/cacert/includes/mysql.php");
if($_SESSION['profile']['id'] > 0) if($_SESSION['profile']['id'] > 0)
{ {
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
@ -124,8 +124,6 @@
$_SESSION['profile']['points'] = $row['total']; $_SESSION['profile']['points'] = $row['total'];
} }
$hostname = "www.cacert.org";
function loadem($section = "index") function loadem($section = "index")
{ {
if($section != "index" && $section != "account") if($section != "index" && $section != "account")
@ -134,10 +132,10 @@
} }
if($section == "account") if($section == "account")
include_once("/home/cacert/includes/account_stuff.php"); include_once($_SESSION['_config']['filepath']."/includes/account_stuff.php");
if($section == "index") if($section == "index")
include_once("/home/cacert/includes/general_stuff.php"); include_once($_SESSION['_config']['filepath']."/includes/general_stuff.php");
} }
function includeit($id = "0", $section = "index") function includeit($id = "0", $section = "index")
@ -148,22 +146,22 @@
$section = "index"; $section = "index";
} }
if(file_exists("/home/cacert/www/$section/$id.php")) if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
include_once("/home/cacert/www/$section/$id.php"); include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
else { else {
$id = "0"; $id = "0";
if(file_exists("/home/cacert/www/$section/$id.php")) if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
include_once("/home/cacert/www/$section/$id.php"); include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
else { else {
$section = "index"; $section = "index";
$id = "0"; $id = "0";
if(file_exists("/home/cacert/www/$section/$id.php")) if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
include_once("/home/cacert/www/$section/$id.php"); include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
else else
include_once("/home/cacert/www/error404.php"); include_once($_SESSION['_config']['filepath']."/www/error404.php");
} }
} }
} }
@ -172,6 +170,11 @@
{ {
$points = 0; $points = 0;
if(strlen($pwd) > 15)
$points++;
if(strlen($pwd) > 30)
$points++;
if(preg_match("/\d/", $pwd)) if(preg_match("/\d/", $pwd))
$points++; $points++;

8
includes/general_stuff.php
Unescape Escape View File

@ -29,7 +29,7 @@ if(!function_exists("showheader"))
<body> <body>
<div id="pagecell1"> <div id="pagecell1">
<div id="pageName"><br> <div id="pageName"><br>
<h2><a href="http://www.cacert.org"><img src="/images/cacert2.png" border="0"></a></h3> <h2><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="/images/cacert2.png" border="0"></a></h3>
<div id="googlead"><? if($_SERVER['HTTPS'] != "on") { ?><script type="text/javascript"> <div id="googlead"><? if($_SERVER['HTTPS'] != "on") { ?><script type="text/javascript">
<!-- <!--
google_ad_client = "pub-0959373285729680"; google_ad_client = "pub-0959373285729680";
@ -53,9 +53,9 @@ google_color_border = "FFFFFF";
</div> </div>
<div class="relatedLinks"> <div class="relatedLinks">
<h3><?=_("My Account")?></h3> <h3><?=_("My Account")?></h3>
<a href="https://www.cacert.org/index.php?id=4"><?=_("Normal Login")?></a> <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Normal Login")?></a>
<a href="https://secure.cacert.org/index.php?id=4"><?=_("Cert Login")?></a> <a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Cert Login")?></a>
<a href="https://www.cacert.org/index.php?id=5"><?=_("Lost Password")?></a> <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a>
</div> </div>
<div class="relatedLinks"> <div class="relatedLinks">
<h3><?=_("Miscellaneous")?></h3> <h3><?=_("Miscellaneous")?></h3>

12
includes/loggedin.php
Unescape Escape View File

@ -13,13 +13,13 @@
PARTICULAR PURPOSE. See the License for more details. PARTICULAR PURPOSE. See the License for more details.
*/ */
if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0)
{ {
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
$_SESSION['profile']['loggedin'] = 1; $_SESSION['profile']['loggedin'] = 1;
} }
if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] == 0) if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] == 0)
{ {
$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and $query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
@ -49,13 +49,13 @@
} }
} }
if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0)) if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
{ {
header("location: https://www.cacert.org"); header("location: https://".$_SESSION['_config']['normalhostname']);
exit; exit;
} }
if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0)
{ {
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$res = mysql_query($query); $res = mysql_query($query);
@ -74,7 +74,7 @@
setlocale(LC_ALL, $_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']);
$domain = 'messages'; $domain = 'messages';
bindtextdomain("$domain", "/home/cacert/locale"); bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
textdomain("$domain"); textdomain("$domain");
} }
} }

3
includes/mysql.php.sample
Unescape Escape View File

@ -15,4 +15,7 @@
mysql_connect("localhost", "username", "password"); mysql_connect("localhost", "username", "password");
mysql_select_db("database"); mysql_select_db("database");
$_SESSION['_config']['securehostname'] = "secure.cacert.org";
$_SESSION['_config']['normalhostname'] = "www.cacert.org";
?> ?>

6
www/index.php
Unescape Escape View File

@ -92,7 +92,7 @@
} else if($_SESSION['lostpw']['pw1'] != $_SESSION['lostpw']['pw2'] || $_SESSION['lostpw']['pw1'] == "") { } else if($_SESSION['lostpw']['pw1'] != $_SESSION['lostpw']['pw2'] || $_SESSION['lostpw']['pw1'] == "") {
$_SESSION['_config']['errmsg'] = _("New Pass Phrases specified don't match or were blank."); $_SESSION['_config']['errmsg'] = _("New Pass Phrases specified don't match or were blank.");
} else if(strlen($_SESSION['lostpw']['pw1']) < 6) { } else if(strlen($_SESSION['lostpw']['pw1']) < 6) {
$_SESSION['_config']['errmsg'] = _("The Pass Phrase you submitted was too short."); $_SESSION['_config']['errmsg'] = _("The Pass Phrase you submitted was too short. It must be at least 6 characters.");
} else { } else {
$score = checkpw($_SESSION['lostpw']['pw1'], $_SESSION['lostpw']['user']['email'], $_SESSION['lostpw']['user']['fname'], $score = checkpw($_SESSION['lostpw']['pw1'], $_SESSION['lostpw']['user']['email'], $_SESSION['lostpw']['user']['fname'],
$_SESSION['lostpw']['user']['mname'], $_SESSION['lostpw']['user']['lname'], $_SESSION['lostpw']['user']['suffix']); $_SESSION['lostpw']['user']['mname'], $_SESSION['lostpw']['user']['lname'], $_SESSION['lostpw']['user']['suffix']);
@ -131,7 +131,7 @@
} }
} }
if($id == 4 && $_SERVER['HTTP_HOST'] == "secure.cacert.org") if($id == 4 && $_SERVER['HTTP_HOST'] == $securehostname)
{ {
$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and $query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
@ -178,7 +178,7 @@
setlocale(LC_ALL, $_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']);
$domain = 'messages'; $domain = 'messages';
bindtextdomain("$domain", "/home/cacert/locale"); bindtextdomain("$domain", $_SESSION['_config'][filepath]."/locale");
textdomain("$domain"); textdomain("$domain");
} }
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";

2
www/sealgen.php
Unescape Escape View File

@ -6,7 +6,7 @@
$font = 1; $font = 1;
$x = 25; $x = 25;
$y = 4; $y = 4;
$im = imagecreatefrompng("/home/cacert/www/images/secured.png"); $im = imagecreatefrompng($_SESSION['_config'][filepath]."/www/images/secured.png");
$tc = imagecolorallocate ($im, $r, $g, $b); $tc = imagecolorallocate ($im, $r, $g, $b);
imagestring ($im, $font, $x, $y, "CAcert.org", $tc); imagestring ($im, $font, $x, $y, "CAcert.org", $tc);
imagepng($im); imagepng($im);

6
www/src-lic.php
Unescape Escape View File

@ -1,7 +1,7 @@
<? <?
if($process == "Confirm, I agree to these terms and conditions" && $iagree == "yes") if($process == "Confirm, I agree to these terms and conditions" && $iagree == "yes")
{ {
$output_file = $fname = "cacert-20041204.tar.bz2"; $output_file = $fname = "cacert-20041207.tar.bz2";
header('Pragma: public'); header('Pragma: public');
@ -12,8 +12,8 @@
header('Content-Type: application/octetstream; name="' . $output_file . '"'); //This should work for IE & Opera header('Content-Type: application/octetstream; name="' . $output_file . '"'); //This should work for IE & Opera
header('Content-Type: application/octet-stream; name="' . $output_file . '"'); //This should work for the rest header('Content-Type: application/octet-stream; name="' . $output_file . '"'); //This should work for the rest
header('Content-Disposition: inline; filename="' . $output_file . '"'); header('Content-Disposition: inline; filename="' . $output_file . '"');
header("Content-length: ".intval(filesize("/home/cacert/tarballs/$fname"))); header("Content-length: ".intval(filesize($_SESSION['_config'][filepath]."/tarballs/$fname")));
readfile("/home/cacert/tarballs/$fname"); readfile($_SESSION['_config'][filepath]."/tarballs/$fname");
exit; exit;
} }
?> ?>

Write Preview
Loading…
Cancel
Save