cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

http://bugs.cacert.org/view.php?id=517

Browse Source
pull/1/head
root 15 years ago
parent ab926495bd
commit 6969166ae8
1 changed files with 42 additions and 42 deletions
Show Stats Download Patch File Download Diff File

84
www/gpg.php
Unescape Escape View File

@ -40,7 +40,7 @@
{
$_SESSION['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key.");
$id = $oldid;
unset($oldid);
$oldid=0;
}
}
@ -79,7 +79,7 @@ function verifyEmail($email)
$ToBeDeleted=array();
$state=0;
if($oldid == "0" && $CSR != "")
{
$debugkey = $gpgkey = clean_csr($CSR);
@ -106,9 +106,9 @@ function verifyEmail($email)
$lastvalidemail="";
foreach(explode("\n", $gpg) as $line)
{
$bits = explode(":", $line);
$resulttable.="<tr><td>".++$i."</td>";
$name = $comment = "";
$bits = explode(":", $line);
if($bits[0] == "pub" && (!$keyid || !$when))
{
$keyid = $bits[4];
@ -116,38 +116,13 @@ function verifyEmail($email)
if($bits[6] != "")
$expires = 1;
}
//if(!strstr($line, "@")) continue;
$pos = strpos($bits[9], "(") - 1;
$nocomment = 0;
if($pos < 0)
{
$nocomment = 1;
$pos = strpos($bits[9], "<") - 1;
}
if($pos < 0)
{
$pos = strlen($bits[9]);
}
$name = trim(hex2bin(trim(substr($bits[9], 0, $pos))));
$nameok=verifyName($name);
$resulttable.="<td bgcolor='#".($nameok?"c0ffc0":"ffc0c0")."'>$name</td>";
if($nocomment == 0 && (strpos($bits[9],")")>$pos))
{
$pos += 2;
$pos2 = strpos($bits[9], ")");
$comm = trim(hex2bin(trim(substr($bits[9], $pos, $pos2 - $pos))));
if($comm != "")
$comment[] = $comm;
$pos = $pos2 + 3;
} else {
$pos = strpos($bits[9], "<") + 1;
}
$name="";
$comm="";
$mail="";
$uidformatwrong=0;
if(sizeof($bits)<10) $uidformatwrong=1;
if(preg_match("/\@.*\@/",$bits[9]))
{
showheader(_("Welcome to CAcert.org"));
@ -158,23 +133,48 @@ function verifyEmail($email)
unset($oldid);
exit();
}
if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
//echo "Found: ".$match[1];
$mail = trim(hex2bin($match[1]));
// Name (Comment) <Email>
if(preg_match("/^([^\(\)\[@<>]+) \(([^\(\)@<>]*)\) <([\w=\/%.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches))
{
$name=trim(hex2bin($matches[1]));
$nocomment=0;
$comm=trim(hex2bin($matches[2]));
$mail=trim(hex2bin($matches[3]));
}
// Name <EMail>
elseif(preg_match("/^([^\(\)\[@<>]+) <([\w=\/%.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches))
{
$name=trim(hex2bin($matches[1]));
$nocomment=1;
$comm="";
$mail=trim(hex2bin($matches[2]));
}
// Unrecognized format
else
{
//echo "Not found!\n";
$nocomment=1;
$uidformatwrong=1;
}
$nameok=verifyName($name);
$emailok=verifyEmail($mail);
$resulttable.="<td bgcolor='#".($emailok?"c0ffc0":"ffc0c0")."'>$mail</td>";
if($comm != "")
$comment[] = $comm;
$resulttable.="<td bgcolor='#".($nameok?"c0ffc0":"ffc0c0")."'>".sanitizeHTML($name)."</td>";
$resulttable.="<td bgcolor='#".($emailok?"c0ffc0":"ffc0c0")."'>".sanitizeHTML($mail)."</td>";
$uidok=0;
if($bits[1]=="r")
{
$rmessage=_("Error: UID is revoked");
}
elseif($uidformatwrong==1)
{
$rmessage=_("The format of the UID was not recognized. Please use 'Name (comment) &lt;email@domain>' ");
}
elseif($mail=="" and $name=="")
{
$rmessage=_("Error: Both Name and Email address are empty");
@ -222,7 +222,7 @@ function verifyEmail($email)
$nerr++;
//$ToBeDeleted[]=$i;
//echo "Adding UID $i\n";
$resulttable.="<td bgcolor='#ffc0c0'>$rmessage</td>";
$resulttable.="<td bgcolor='#ffc0c0'>".sanitizeHTML($rmessage)."</td>";
}
$resulttable.="</tr>\n";
@ -368,7 +368,7 @@ function verifyEmail($email)
if(count($ToBeDeleted)>0)
{
$state=0;
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from

Write Preview
Loading…
Cancel
Save