diff --git a/tverify/index/0.php b/tverify/index/0.php index deb3596..c380d37 100644 --- a/tverify/index/0.php +++ b/tverify/index/0.php @@ -38,7 +38,6 @@ $row = mysql_fetch_assoc($account); $memid = $row['memid']; - $tverifybits = explode(" ", trim(strtr($_SERVER['SSL_CLIENT_S_DN_G'],",.","")), 2); //Fetching the name of the user we have in the database: $query = "select `fname`, `mname`, `lname`, `suffix` from `users` where `id`='$memid' and `deleted`=0"; @@ -55,9 +54,13 @@ $cacert_short_name=strtr($cacert_short_name,",.",""); $cacert_short_name=trim(str_replace(" ", " ", $cacert_short_name)); + + $tverifybits = explode(" ", trim($_SERVER['SSL_CLIENT_S_DN_G']), 2); $firstname = trim($tverifybits['0']); + $givenname = trim($_SERVER['SSL_CLIENT_S_DN_G']); $lastname = trim($_SERVER['SSL_CLIENT_S_DN_S']); - $tverify_name=strtr("$firstname $lastname",",.",""); + $tverify_name=strtr("$givenname $lastname",",.",""); + $tverify_short_name=strtr("$firstname $lastname",",.",""); if(($cacert_name != $tverify_name) and ($cacert_short_name == $tverify_name)) { @@ -66,7 +69,17 @@ } - if($cacert_name != $tverify_name) + if($continue and ($cacert_name != $tverify_name) and ($cacert_name == $tverify_short_name)) + { + printf(_("Your certificate containes a middle name (%s) which isn´t listed in your CAcert account. In case you might want to get certificates with your middle name included in the future, you should add the middle name to your CAcert account before continueing.")); + } + + if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name) and ($cacert_short_name == $tverify_short_name)) + { + printf(_("There is a problem with your middle name. You could remove the middle name in your CAcert account, which should help to continue with the TVerify process, but then you can´t use it in your certificates.")); + } + + if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name)) { $continue = 0; printf(_("The name and email address on your certificate (%s) could not be exactly matched to any stored in our database (%s), as such I'm not able to continue with this process."),$tverify_name,$cacert_name); @@ -75,7 +88,7 @@ if($_SERVER['SSL_CLIENT_VERIFY'] == "SUCCESS" && $continue == 1) { - $_SESSION['_config']['uid'] = $row['memid']; + $_SESSION['_config']['uid'] = $memid; $_SESSION['_config']['CN'] = trim($_SERVER['SSL_CLIENT_S_DN']); ?>