diff --git a/stamp/.htaccess b/stamp/.htaccess index bb5fe0e..3ad2abb 100644 --- a/stamp/.htaccess +++ b/stamp/.htaccess @@ -1,4 +1,4 @@ -php_value auto_prepend_file /www/includes/general.php +php_value auto_prepend_file /www/stamp/common.php php_value output_buffering 1 errordocument 404 /error404.php errordocument 403 /error403.php diff --git a/stamp/certdet.php b/stamp/certdet.php index fd74812..b664d2a 100644 --- a/stamp/certdet.php +++ b/stamp/certdet.php @@ -11,61 +11,18 @@ $arr = explode("/", $arr['1'], 2); $siteref = $arr['0']; + if($siteref != "") + $siterefer = $_SERVER['HTTP_REFERER']; + else + $siterefer = $_REQUEST['refer']; + if($ref == "" || ($ref != $siteref && $siteref != "")) { - if($siteref != "") - $siterefer = $_SERVER['HTTP_REFERER']; - else - $siterefer = $_REQUEST['refer']; $invalid = 2; } else { - $query = "select *,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and - `domaincerts`.`subject` like '%subjectAltName=DNS:$ref/%' order by `domaincerts`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $bits = explode(".", $ref); - for($i = 1; $i < count($bits); $i++) - { - if($ref2 != "") - $ref2 .= "."; - $ref2 .= $bits[$i]; - } - $query = "select *,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and - (`domaincerts`.`subject` like '%subjectAltName=DNS:$ref2/%' or `domaincerts`.`subject` like '%subjectAltName=DNS:*.$ref2/%') - order by `domaincerts`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $query = "select *,`orgdomaincerts`.`created` as `issued` from `orgdomaincerts`,`orgdomlink`,`orgdomains` where - (`orgdomaincerts`.`subject` like '%=$ref%' or `orgdomaincerts`.`subject` like '%=*.$ref2%') and - `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomlink`.`orgdomid`=`orgdomains`.`id` and - `orgdomaincerts`.`revoked`=0 order by `orgdomaincerts`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $invalid = 1; - } else { - $org = 1; - } - } - } - } - - if($invalid == 0) - { - $cert = mysql_fetch_assoc($res); - if($org == 0) - { - $query = "SELECT *, sum(`points`) AS `total` FROM `users`, `notary` WHERE `users`.`id` = '$cert[memid]' AND - `notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' GROUP BY `notary`.`to`"; - $user = mysql_fetch_assoc(mysql_query($query)); - } else { - $query = "select * from `orginfo` where `id`='$cert[orgid]'"; - $orgi = mysql_fetch_assoc(mysql_query($query)); - } + if($_SESSION['_stamp']['ref'] == "") + $_SESSION['_stamp']['ref'] = $siterefer; + list($invalid, $info) = checkhostname($ref); } ?> @@ -97,16 +54,16 @@ google_ad_channel = ""; if($invalid == 0) { ?>
Status: Valid
- Valid From: =$cert['issued']?> GMT
- Valid To: =$cert['expire']?> GMT
- Subject: =substr($cert['subject'],0,80)?>
- Organisation: if($org == 0) { ?>N/A } else { echo $orgi['O'].", ".$orgi['L']." ".$orgi['ST']." ".$orgi['C']; } ?>
- Verification: if($user['total'] >= 50) { echo "Person had been assured at time of issue with at least 50 points."; }
- else if($org == 1) { ?>This organisation was assured at the time the certificate was issued. } ?>
This site has potentially abused CAcert logos and Copyrights, please report it so we may further investigate.
} ?> -Problem with this site? Please report it
+Problem with this site? Please report it
diff --git a/stamp/displogo.php b/stamp/displogo.php index 4045d63..8578186 100644 --- a/stamp/displogo.php +++ b/stamp/displogo.php @@ -21,39 +21,15 @@ exit; } - $query = "select * from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and - `domaincerts`.`subject` like '%subjectAltName=DNS:$ref/%' order by `domaincerts`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) + list($invalid, $info) = checkhostname($ref); + + if($invalid > 0) { - $bits = explode(".", $ref); - for($i = 1; $i < count($bits); $i++) - { - if($ref2 != "") - $ref2 .= "."; - $ref2 .= $bits[$i]; - } - $query = "select * from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and - (`domaincerts`.`subject` like '%subjectAltName=DNS:$ref2/%' or `domaincerts`.`subject` like '%subjectAltName=DNS:*.$ref2/%') - order by `domaincerts`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $query = "select * from `orgdomaincerts`,`orgdomlink`,`orgdomains` where `orgdomaincerts`.`revoked`=0 and - (`orgdomaincerts`.`subject` like '%=$ref%' or `orgdomaincerts`.`subject` like '%=*.$ref2%') and - `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomlink`.`orgdomid`=`orgdomains`.`id`"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $tc = imagecolorallocate ($im, 255, 0, 0); - imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc); - imagestring ($im, 2, 1, 45, "Click to Report", $tc); - imagepng($im); - exit; - } - } + $tc = imagecolorallocate ($im, 255, 0, 0); + imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc); + imagestring ($im, 2, 1, 45, "Click to Report", $tc); + imagepng($im); + exit; } $tz = intval($_REQUEST['tz']); diff --git a/stamp/report.php b/stamp/report.php index 58ca22c..359a482 100644 --- a/stamp/report.php +++ b/stamp/report.php @@ -1,20 +1,27 @@ - function clean($key) - { - return(mysql_real_escape_string(strip_tags(trim($_REQUEST[$key])))); - } - - $arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2); + $arr = explode("//", mysql_real_escape_string(trim($_SESSION['_stamp']['ref'])), 2); $arr = explode("/", $arr['1'], 2); $ref = $arr['0']; - $refer = clean('refer'); + $refer = mysql_real_escape_string(strip_tags(trim($_SESSION['_stamp']['ref']))); $name = clean('name'); $email = clean('email'); $comment = clean('comment'); $reason = clean('reason'); $process = clean('process'); + if($process != "" && ($_POST['pagehash'] != $_SESSION['_stamp']['pagehash'] || $_SESSION['_stamp']['pagehash'] == "")) + { + $errmsg = "Your report seemed to be posted is a suspicious manner, please try to re-submit it, or contact support for further help."; + $process = ""; + } + + if($process != "" && ($name == "" || $email == "" || $comment == "" || $reason == "")) + { + $errmsg = "You must supply your name, a valid email address and comment."; + $process = ""; + } + if($process != "") { $checkemail = checkEmail($email); @@ -23,6 +30,8 @@ $errmsg = $checkemail; $process = ""; } + } else { + $_SESSION['_stamp']['pagehash'] = $pagehash = md5(date("U").$ref); } if($process != "") @@ -85,6 +94,7 @@ google_ad_channel = "";We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.