From 47d3b2b0a27c63b8c28a7c0effcb32b0caa7121e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 17 Jul 2013 08:19:05 +0000 Subject: [PATCH] Fix for http://bugs.cacert.org/view.php?id=782 Add "notes" field to certificate information. --- includes/account.php | 380 ++++++++++++++++++++++++++++--------------- pages/account/10.php | 10 +- pages/account/12.php | 36 ++-- pages/account/16.php | 20 ++- pages/account/18.php | 20 ++- pages/account/20.php | 14 +- pages/account/22.php | 27 ++- pages/account/3.php | 44 ++--- pages/account/5.php | 39 +++-- pages/account/6.php | 90 +++++++++- pages/account/8.php | 4 +- pages/gpg/0.php | 8 +- pages/gpg/2.php | 24 ++- www/gpg.php | 178 +++++++++++--------- 14 files changed, 588 insertions(+), 306 deletions(-) diff --git a/includes/account.php b/includes/account.php index cc2c581..af41cbe 100644 --- a/includes/account.php +++ b/includes/account.php @@ -17,7 +17,7 @@ */ require_once("../includes/loggedin.php"); require_once("../includes/lib/l10n.php"); - require_once('lib/check_weak_key.php'); + require_once("../includes/lib/check_weak_key.php"); loadem("account"); @@ -240,6 +240,11 @@ $_REQUEST['keytype'] = "MS"; $csr = clean_csr($_REQUEST['optionalCSR']); } + if(trim($_REQUEST['description']) != ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } } if($oldid == 4) @@ -323,7 +328,8 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `codesign`='".intval($_SESSION['_config']['codesign'])."', `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."', - `rootcert`='".intval($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".intval($_SESSION['_config']['rootcert'])."', + `description`='".$_SESSION['_config']['description']."'"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) @@ -334,15 +340,15 @@ fputs($fp, $emails); fclose($fp); $challenge=$_SESSION['spkac_hash']; - $res=`openssl spkac -verify -in $CSRname`; - if(!strstr($res,"Challenge String: ".$challenge)) - { - $id = $oldid; - showheader(_("My CAcert.org Account!")); - echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest."); - showfooter(); - exit; - } + $res=`openssl spkac -verify -in $CSRname`; + if(!strstr($res,"Challenge String: ".$challenge)) + { + $id = $oldid; + showheader(_("My CAcert.org Account!")); + echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest."); + showfooter(); + exit; + } mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'"); } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") { if($csr == "") @@ -367,8 +373,8 @@ $csrsubject=""; $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'")); - if(strlen($user['mname']) == 1) - $user['mname'] .= '.'; + if(strlen($user['mname']) == 1) + $user['mname'] .= '.'; if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4) $csrsubject = "/CN=CAcert WoT User"; if($_SESSION['_config']['incname'] == 1) @@ -423,7 +429,8 @@ `subject`='".mysql_real_escape_string($csrsubject)."', `codesign`='".$_SESSION['_config']['codesign']."', `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".$_SESSION['_config']['description']."'"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) @@ -457,10 +464,10 @@ csrf_check("adddomain"); if(strstr($_REQUEST['newdomain'],"\x00")) { - showheader(_("My CAcert.org Account!")); - echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes."); - showfooter(); - exit; + showheader(_("My CAcert.org Account!")); + echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes."); + showfooter(); + exit; } list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest @@ -664,8 +671,8 @@ $CSR = clean_csr($_REQUEST['CSR']); if(strpos($CSR,"---BEGIN")===FALSE) { - // In case the CSR is missing the ---BEGIN lines, add them automatically: - $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n"; + // In case the CSR is missing the ---BEGIN lines, add them automatically: + $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n"; } if (($weakKey = checkWeakKeyCSR($CSR)) !== "") @@ -676,6 +683,12 @@ exit; } + if(trim($_REQUEST['description']) != ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR"); $fp = fopen($_SESSION['_config']['tmpfname'], "w"); fputs($fp, $CSR); @@ -742,7 +755,7 @@ $subject = ""; $count = 0; $supressSAN=0; - if($_SESSION["profile"]["id"] == 104074) $supressSAN=1; + if($_SESSION["profile"]["id"] == 104074) $supressSAN=1; if(is_array($_SESSION['_config']['rows'])) foreach($_SESSION['_config']['rows'] as $row) @@ -777,13 +790,15 @@ `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', - `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."', + `description`='".$_SESSION['_config']['description']."'"; } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) { $query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', - `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."', + `description`='".$_SESSION['_config']['description']."'"; } else { showheader(_("My CAcert.org Account!")); echo _("Domain not verified."); @@ -865,7 +880,8 @@ `modified`=NOW(), `rootcert`='".$row['rootcert']."', `type`='".$row['type']."', - `pkhash`='".$row['pkhash']."'"; + `pkhash`='".$row['pkhash']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","server",$newid); @@ -1003,6 +1019,24 @@ exit; } + if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "") + { + showheader(_("My CAcert.org Account!")); + foreach($_REQUEST as $id => $val) + { + if(substr($id,0,14)=="check_comment_") + { + $cid = intval(substr($id,14)); + $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid]))); + mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'"); + } + } + echo(_("Certificate settings have been changed.")."
\n"); + showfooter(); + exit; + } + + if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "") { showheader(_("My CAcert.org Account!")); @@ -1041,7 +1075,8 @@ `modified`=NOW(), `disablelogin`='".$row['disablelogin']."', `codesign`='".$row['codesign']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","client",$newid); @@ -1140,26 +1175,47 @@ if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "") { - showheader(_("My CAcert.org Account!")); - //echo _("Now changing the settings for the following certificates:")."
\n"; - foreach($_REQUEST as $id => $val) - { - //echo $id."
"; - if(substr($id,0,5)=="cert_") - { - $id = intval(substr($id,5)); - $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1"; - //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."
\n"; - mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'"); - //$row = mysql_fetch_assoc($res); - } - } - echo(_("Certificate settings have been changed.")."
\n"); - showfooter(); - exit; + showheader(_("My CAcert.org Account!")); + foreach($_REQUEST as $id => $val) + { + if(substr($id,0,5)=="cert_") + { + $cid = intval(substr($id,5)); + $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1"; + mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'"); + } + if(substr($id,0,14)=="check_comment_") + { + $cid = intval(substr($id,14)); + if(!empty($_REQUEST['check_comment_'.$cid])) { + $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid]))); + mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'"); + } + } + } + echo(_("Certificate settings have been changed.")."
\n"); + showfooter(); + exit; + } + + + if($oldid == 6 && $_REQUEST['certid'] != "") + { + if(trim($_REQUEST['description']) != ""){ + $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $description= ""; + } + + if(trim($_REQUEST['disablelogin']) == "1"){ + $disablelogin = 1; + }else{ + $disablelogin = 0; } + mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'"); + } if($oldid == 13 && $process != "") { csrf_check("perschange"); @@ -1176,42 +1232,42 @@ $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); - if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] || - $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] || - $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] || - $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] || - $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] || - $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] || - $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] || - $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] || - $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] || - $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5']) - { - $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."
\n"; - $id = $oldid; + if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5']) + { + $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."
\n"; + $id = $oldid; $oldid=0; - } + } if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" || $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" || @@ -1394,6 +1450,13 @@ } $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name']))); $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU']))); + + + if(trim($_REQUEST['description']) != ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } } if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0) @@ -1423,6 +1486,12 @@ if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; + if(trim($_REQUEST['description']) != ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + if(@count($_SESSION['_config']['emails']) > 0) $id = 17; } @@ -1469,6 +1538,7 @@ if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; + $emails .= "SPKAC = $spkac"; if (($weakKey = checkWeakKeySPKAC($emails)) !== "") { @@ -1485,7 +1555,8 @@ `orgid`='".$org['orgid']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `codesign`='".$_SESSION['_config']['codesign']."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".$_SESSION['_config']['description']."'"; mysql_query($query); $emailid = mysql_insert_id(); @@ -1497,15 +1568,15 @@ fputs($fp, $emails); fclose($fp); $challenge=$_SESSION['spkac_hash']; - $res=`openssl spkac -verify -in $CSRname`; - if(!strstr($res,"Challenge String: ".$challenge)) - { - $id = $oldid; - showheader(_("My CAcert.org Account!")); - echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest."); - showfooter(); - exit; - } + $res=`openssl spkac -verify -in $CSRname`; + if(!strstr($res,"Challenge String: ".$challenge)) + { + $id = $oldid; + showheader(_("My CAcert.org Account!")); + echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest."); + showfooter(); + exit; + } mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'"); } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") { $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n"; @@ -1575,7 +1646,8 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='$csrsubject', `codesign`='".$_SESSION['_config']['codesign']."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".$_SESSION['_config']['description']."'"; mysql_query($query); $emailid = mysql_insert_id(); @@ -1650,7 +1722,8 @@ `created`='".$row['created']."', `modified`=NOW(), `codesign`='".$row['codesign']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","orgclient",$newid); @@ -1742,6 +1815,24 @@ exit; } + if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "") + { + showheader(_("My CAcert.org Account!")); + foreach($_REQUEST as $id => $val) + { + if(substr($id,0,14)=="check_comment_") + { + $cid = intval(substr($id,14)); + $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid]))); + mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'"); + } + } + echo(_("Certificate settings have been changed.")."
\n"); + showfooter(); + exit; + } + + if($process != "" && $oldid == 20) { $CSR = clean_csr($_REQUEST['CSR']); @@ -1755,6 +1846,12 @@ exit; } + if(trim($_REQUEST['description']) != ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR"); $fp = fopen($_SESSION['_config']['tmpfname'], "w"); fputs($fp, $CSR); @@ -1830,8 +1927,8 @@ exit; } - if($_SESSION['_config']['rowid']['0'] > 0) - { + if($_SESSION['_config']['rowid']['0'] > 0) + { $query = "select * from `org`,`orginfo` where `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and `orginfo`.`id`=`org`.`orgid` and @@ -1878,25 +1975,27 @@ if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; - if($_SESSION['_config']['rowid']['0'] > 0) - { - $query = "insert into `orgdomaincerts` set - `CN`='".$_SESSION['_config']['rows']['0']."', - `orgid`='".$org['id']."', - `created`=NOW(), - `subject`='$csrsubject', - `rootcert`='".$_SESSION['_config']['rootcert']."', - `type`='$type'"; - } else { - $query = "insert into `orgdomaincerts` set - `CN`='".$_SESSION['_config']['altrows']['0']."', - `orgid`='".$org['id']."', - `created`=NOW(), - `subject`='$csrsubject', - `rootcert`='".$_SESSION['_config']['rootcert']."', - `type`='$type'"; - } - mysql_query($query); + if($_SESSION['_config']['rowid']['0'] > 0) + { + $query = "insert into `orgdomaincerts` set + `CN`='".$_SESSION['_config']['rows']['0']."', + `orgid`='".$org['id']."', + `created`=NOW(), + `subject`='$csrsubject', + `rootcert`='".$_SESSION['_config']['rootcert']."', + `type`='$type', + `description`='".$_SESSION['_config']['description']."'"; + } else { + $query = "insert into `orgdomaincerts` set + `CN`='".$_SESSION['_config']['altrows']['0']."', + `orgid`='".$org['id']."', + `created`=NOW(), + `subject`='$csrsubject', + `rootcert`='".$_SESSION['_config']['rootcert']."', + `type`='$type', + `description`='".$_SESSION['_config']['description']."'"; + } + mysql_query($query); $CSRid = mysql_insert_id(); $CSRname=generatecertpath("csr","orgserver",$CSRid); @@ -1970,7 +2069,8 @@ `modified`=NOW(), `subject`='".$row['subject']."', `type`='".$row['type']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); //echo "NewID: $newid
\n"; @@ -2071,6 +2171,24 @@ exit; } + if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "") + { + showheader(_("My CAcert.org Account!")); + foreach($_REQUEST as $id => $val) + { + if(substr($id,0,14)=="check_comment_") + { + $cid = intval(substr($id,14)); + $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid]))); + mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'"); + } + } + echo(_("Certificate settings have been changed.")."
\n"); + showfooter(); + exit; + } + + if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 || $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 || $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) && @@ -2462,7 +2580,7 @@ } if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") || - ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" && + ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" && $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add")) { $id = 53; @@ -2472,7 +2590,7 @@ $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0); $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):""; $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):""; - $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):""; + $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):""; $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:""; if($locid > 0 && $action == "edit") @@ -2730,24 +2848,24 @@ mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'"); } - if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0) - { - csrf_check('admsetassuret'); - $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']); - $query = "select * from `users` where `id`='$memid'"; - $row = mysql_fetch_assoc(mysql_query($query)); - $ver = !$row['assurer']; - mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'"); - } - - if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0) - { - $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']); - $query = "select * from `users` where `id`='$memid'"; - $row = mysql_fetch_assoc(mysql_query($query)); - $ver = !$row['assurer_blocked']; - mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'"); - } + if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0) + { + csrf_check('admsetassuret'); + $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']); + $query = "select * from `users` where `id`='$memid'"; + $row = mysql_fetch_assoc(mysql_query($query)); + $ver = !$row['assurer']; + mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'"); + } + + if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0) + { + $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']); + $query = "select * from `users` where `id`='$memid'"; + $row = mysql_fetch_assoc(mysql_query($query)); + $ver = !$row['assurer_blocked']; + mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'"); + } if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0) { diff --git a/pages/account/10.php b/pages/account/10.php index a394695..f83e0d8 100644 --- a/pages/account/10.php +++ b/pages/account/10.php @@ -31,12 +31,14 @@
= 50) { ?> -
-
+
+

+


+


-"> - +"/> +
diff --git a/pages/account/12.php b/pages/account/12.php index fa8b41a..6d85cdc 100644 --- a/pages/account/12.php +++ b/pages/account/12.php @@ -19,22 +19,24 @@
- + - + + - + 0) $verified = _("Revoked"); - if($row['revoked'] == 0) - $row['revoke'] = _("Not Revoked"); + if($row['revoked'] == 0) + $row['revoke'] = _("Not Revoked"); ?> - + - + - + + + - + + + + - +
- -
 
">     + + +
"/>     ">"/>
- - + +
diff --git a/pages/account/16.php b/pages/account/16.php index 514ecfd..6f055d7 100644 --- a/pages/account/16.php +++ b/pages/account/16.php @@ -29,25 +29,25 @@ foreach($_SESSION['_config']['emails'] as $val) { ?> : - + : - + : - + : - + -
-
+
+
\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 60))?> @@ -56,9 +56,15 @@ + + +
+ + + "> - "> + " /> diff --git a/pages/account/18.php b/pages/account/18.php index 13dcc30..2fbb8b4 100644 --- a/pages/account/18.php +++ b/pages/account/18.php @@ -19,13 +19,14 @@
- + - + + @@ -35,7 +36,8 @@ UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`, `oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`, UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`, - `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id` + `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`, + `oemail`.`description` from `orgemailcerts` as `oemail`, `org` where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `org`.`orgid`=`oemail`.`orgid` "; @@ -50,7 +52,7 @@ { ?> - + - + + + + + + +
- -
+ +
">     ">">
diff --git a/pages/account/20.php b/pages/account/20.php index 510b708..0187013 100644 --- a/pages/account/20.php +++ b/pages/account/20.php @@ -27,11 +27,13 @@

-
-
+
+
+


+

-
-"> - -
+
+" /> + + \ No newline at end of file diff --git a/pages/account/22.php b/pages/account/22.php index 9df8200..cb40cf2 100644 --- a/pages/account/22.php +++ b/pages/account/22.php @@ -19,16 +19,16 @@
- + - + - + - + - + + + - + + + + +
- -
">     - "> + +
" />     + " />" />
- +

diff --git a/pages/account/3.php b/pages/account/3.php index 5590488..c2165c2 100644 --- a/pages/account/3.php +++ b/pages/account/3.php @@ -44,7 +44,7 @@ -= 50) { $fname = $_SESSION['profile']['fname']; @@ -52,40 +52,44 @@ if($_SESSION['profile']['points'] >= 50) $lname = $_SESSION['profile']['lname']; $suffix = $_SESSION['profile']['suffix']; ?> - -
-
- \n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?> +
+
+ \n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?> -
- ''
- ''
- ''
- ''
+
+ ''
+ ''
+ ''
+ ''
- + = 100 && $_SESSION['profile']['codesign'] > 0) { ?> - + - + -
+

- + + +
+ + + @@ -95,12 +99,14 @@ if($_SESSION['profile']['points'] >= 50) -
-
+
+
\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?> + + @@ -108,10 +114,10 @@ if($_SESSION['profile']['points'] >= 50) - "> + " /> - +