cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

Enhanced readability.

Browse Source 
Added the missing "subject" fields for certificate renewal.
pull/1/head
root 17 years ago
parent 74e4b951b9
commit 57c0dceebe
1 changed files with 63 additions and 25 deletions
Show Stats Download Patch File Download Diff File

88
includes/account.php
Unescape Escape View File

@ -218,7 +218,7 @@
{ {
$id = 4; $id = 4;
showheader(_("My CAcert.org Account!")); showheader(_("My CAcert.org Account!"));
echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); echo _("I didn't receive a valid Certificate Request, please try a different browser.");
showfooter(); showfooter();
exit; exit;
} }
@ -264,7 +264,9 @@
if($_SESSION['_config']['incname'] == 4) if($_SESSION['_config']['incname'] == 4)
$emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n"; $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC'])); $emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC']));
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='NS', $query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='NS',
`memid`='".$_SESSION['profile']['id']."', `memid`='".$_SESSION['profile']['id']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".$_SESSION['_config']['codesign']."', `codesign`='".$_SESSION['_config']['codesign']."',
@ -337,7 +339,9 @@
showfooter(); showfooter();
exit; exit;
} }
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='".sanitizeHTML($_REQUEST['keytype'])."', $query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
`memid`='".$_SESSION['profile']['id']."', `memid`='".$_SESSION['profile']['id']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."', `subject`='".mysql_real_escape_string($csrsubject)."',
@ -633,12 +637,14 @@
if($_SESSION['_config']['rowid']['0'] > 0) if($_SESSION['_config']['rowid']['0'] > 0)
{ {
$query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."', $query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
} else { } else {
$query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."', $query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
@ -702,9 +708,14 @@
} }
mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'"); mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
$row = mysql_fetch_assoc($res); $row = mysql_fetch_assoc($res);
$query = "insert into `domaincerts` set `domid`='".$row['domid']."', `CN`='".mysql_real_escape_string($row['CN'])."', $query = "insert into `domaincerts` set
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `domid`='".$row['domid']."',
`modified`=NOW(), `rootcert`='".$row['rootcert']."'"; `CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',
`csr_name`='".$row['csr_name']."',
`created`='".$row['created']."',
`modified`=NOW(),
`rootcert`='".$row['rootcert']."'";
mysql_query($query); mysql_query($query);
$newid = mysql_insert_id(); $newid = mysql_insert_id();
$newfile = $_SESSION['_config']['filepath']."/csr/server-$newid.csr"; $newfile = $_SESSION['_config']['filepath']."/csr/server-$newid.csr";
@ -860,9 +871,15 @@
} }
mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'"); mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
$row = mysql_fetch_assoc($res); $row = mysql_fetch_assoc($res);
$query = "insert into `emailcerts` set `memid`='".$row['memid']."', `CN`='".mysql_real_escape_string($row['CN'])."', $query = "insert into emailcerts set
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."', `memid`='".$row['memid']."',
`created`='".$row['created']."', `modified`=NOW(), `CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',
`keytype`='".$row['keytype']."',
`csr_name`='".$row['csr_name']."',
`created`='".$row['created']."',
`modified`=NOW(),
`disablelogin`='".$row['disablelogin']."',
`rootcert`='".$row['rootcert']."'"; `rootcert`='".$row['rootcert']."'";
mysql_query($query); mysql_query($query);
$newid = mysql_insert_id(); $newid = mysql_insert_id();
@ -1250,7 +1267,9 @@
$emails .= "countryName = ".$org['C']."\n"; $emails .= "countryName = ".$org['C']."\n";
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC'])); $emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC']));
$query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='NS', $query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
`keytype`='NS',
`orgid`='".$org['orgid']."', `orgid`='".$org['orgid']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".$_SESSION['_config']['codesign']."', `codesign`='".$_SESSION['_config']['codesign']."',
@ -1313,7 +1332,9 @@
showfooter(); showfooter();
exit; exit;
} }
$query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "', $query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
`keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
`orgid`='".$org['orgid']."', `orgid`='".$org['orgid']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='$csrsubject', `subject`='$csrsubject',
@ -1372,10 +1393,16 @@
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']); printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue; continue;
} }
$query = "insert into `orgemailcerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."', $query = "insert into `orgemailcerts` set
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."', `orgid`='".$row['orgid']."',
`created`='".$row['created']."', `modified`=NOW(), `CN`='".$row['CN']."',
`subject`='".$row['subject']."', `rootcert`='".$row['rootcert']."'"; `subject`='".$row['subject']."',
`keytype`='".$row['keytype']."',
`csr_name`='".$row['csr_name']."',
`created`='".$row['created']."',
`modified`=NOW(),
`subject`='".$row['subject']."',
`rootcert`='".$row['rootcert']."'";
mysql_query($query); mysql_query($query);
$newid = mysql_insert_id(); $newid = mysql_insert_id();
$newfile = $_SESSION['_config']['filepath']."/csr/orgclient-$newid.csr"; $newfile = $_SESSION['_config']['filepath']."/csr/orgclient-$newid.csr";
@ -1575,15 +1602,19 @@
if($_SESSION['_config']['rowid']['0'] > 0) if($_SESSION['_config']['rowid']['0'] > 0)
{ {
$query = "insert into `orgdomaincerts` set `CN`='".$_SESSION['_config']['rows']['0']."', $query = "insert into `orgdomaincerts` set
`CN`='".$_SESSION['_config']['rows']['0']."',
`orgid`='".$org['id']."', `orgid`='".$org['id']."',
`created`=NOW(),`subject`='$csrsubject', `created`=NOW(),
`subject`='$csrsubject',
`rootcert`='".$_SESSION['_config']['rootcert']."', `rootcert`='".$_SESSION['_config']['rootcert']."',
`type`='$type'"; `type`='$type'";
} else { } else {
$query = "insert into `orgdomaincerts` set `CN`='".$_SESSION['_config']['altrows']['0']."', $query = "insert into `orgdomaincerts` set
`CN`='".$_SESSION['_config']['altrows']['0']."',
`orgid`='".$org['id']."', `orgid`='".$org['id']."',
`created`=NOW(),`subject`='$csrsubject', `created`=NOW(),
`subject`='$csrsubject',
`rootcert`='".$_SESSION['_config']['rootcert']."', `rootcert`='".$_SESSION['_config']['rootcert']."',
`type`='$type'"; `type`='$type'";
} }
@ -1641,9 +1672,15 @@
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']); printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue; continue;
} }
$query = "insert into `orgdomaincerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."', $query = "insert into `orgdomaincerts` set
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `orgid`='".$row['orgid']."',
`modified`=NOW(), `subject`='".$row['subject']."', `rootcert`='".$row['rootcert']."'"; `CN`='".$row['CN']."',
`subject`='".$row['subject']."',
`csr_name`='".$row['csr_name']."',
`created`='".$row['created']."',
`modified`=NOW(),
`subject`='".$row['subject']."',
`rootcert`='".$row['rootcert']."'";
mysql_query($query); mysql_query($query);
$newid = mysql_insert_id(); $newid = mysql_insert_id();
$newfile = $_SESSION['_config']['filepath']."/csr/orgserver-$newid.csr"; $newfile = $_SESSION['_config']['filepath']."/csr/orgserver-$newid.csr";
@ -2303,7 +2340,8 @@
exit; exit;
} }
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']['0.CN']."', $query = "insert into `domaincerts` set
`CN`='".$_SESSION['_config']['0.CN']."',
`domid`='".$_SESSION['_config']['row']['id']."', `domid`='".$_SESSION['_config']['row']['id']."',
`created`=NOW()"; `created`=NOW()";
mysql_query($query); mysql_query($query);

Write Preview
Loading…
Cancel
Save