cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 2 Projects Releases Wiki Activity

Combined fixes for

Browse Source 
- https://bugs.cacert.org/view.php?id=413
  "Add a web page indicating the certificate request is still pending"
- https://bugs.cacert.org/view.php?id=1138
  "Implement to log the SE activity"
- https://bugs.cacert.org/view.php?id=1221
  "Inconsistency in Assurance Management"
pull/1/head
Wytze van der Raay 10 years ago
parent 42f16aab95
commit 81932bfd0a
7 changed files with 81 additions and 62 deletions
Show Stats Download Patch File Download Diff File

6
stamp/common.php
Unescape Escape View File

@ -41,9 +41,9 @@
if($row['certid'] > 0)
{
if($row['org'] == 0)
$query = "select * from `domaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0";
$query = "select * from `domaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0";
else
$query = "select * from `orgdomaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0";
$query = "select * from `orgdomaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0";
if($_REQUEST['debug'] == 1)
echo $query."<br>\n";
$res = mysql_query($query);
@ -117,7 +117,7 @@
if($org == 0)
{
$query = "SELECT *, sum(`points`) AS `total` FROM `users`, `notary` WHERE `users`.`id` = '$cert[memid]' AND
`notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' GROUP BY `notary`.`to`";
`notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' and `notary`.`deleted`=0 GROUP BY `notary`.`to`";
$user = mysql_fetch_assoc(mysql_query($query));
} else {
$query = "select * from `orginfo` where `id`='$cert[orgid]'";

18
www/api/ccsr.php
Unescape Escape View File

@ -31,7 +31,7 @@ require_once '../../includes/lib/check_weak_key.php';
foreach($_REQUEST['email'] as $email)
{
$email = mysql_real_escape_string(trim($email));
$query = "select * from `email` where `memid`='$memid' and `hash`='' and `deleted`=0 and `email`='$email'";
$query = "select * from `email` where `memid`='".intval($memid)."' and `hash`='' and `deleted`=0 and `email`='$email'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -42,7 +42,7 @@ require_once '../../includes/lib/check_weak_key.php';
}
if(count($emails) <= 0)
die("404,Wasn't able to match any emails sent against your account");
$query = "select sum(`points`) as `points` from `notary` where `to`='$memid' group by `to`";
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `notary`.`deleted`=0 group by `to`";
$row = mysql_fetch_assoc(mysql_query($query));
$points = $row['points'];
@ -62,12 +62,12 @@ require_once '../../includes/lib/check_weak_key.php';
$codesign = 1;
$CSR = trim($_REQUEST['optionalCSR']);
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
die("403, $weakKey");
}
$incsr = tempnam("/tmp", "ccsrIn");
$checkedcsr = tempnam("/tmp", "ccsrOut");
$fp = fopen($incsr, "w");
@ -84,9 +84,9 @@ require_once '../../includes/lib/check_weak_key.php';
foreach($emails as $id => $email)
$csrsubject .= "/emailAddress=".$email;
$query = "insert into `emailcerts` set `CN`='".$user['email']."', `keytype`='MS',
`memid`='".$user['id']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='$csrsubject', `codesign`='$codesign'";
$query = "insert into `emailcerts` set `CN`='".mysql_real_escape_string($user['email'])."', `keytype`='MS',
`memid`='".intval($user['id'])."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."', `codesign`='".intval($codesign)."'";
mysql_query($query);
$certid = mysql_insert_id();
$CSRname = generatecertpath("csr","client",$certid);
@ -95,14 +95,14 @@ require_once '../../includes/lib/check_weak_key.php';
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$certid'");
foreach($emails as $emailid => $email)
mysql_query("insert into `emaillink` set `emailcertsid`='$certid', `emailid`='$emailid'");
mysql_query("insert into `emaillink` set `emailcertsid`='$certid', `emailid`='".intval($emailid)."'");
$do = `../../scripts/runclient`;
sleep(10); // THIS IS BROKEN AND SHOULD BE FIXED
$query = "select * from `emailcerts` where `id`='$certid' and `crt_name` != ''";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
die("404,Your certificate request has failed. ID: $certid");
die("404,Your certificate request has failed. ID: ".intval($certid));
$cert = mysql_fetch_assoc($res);
echo "200,Authentication Ok\n";
readfile("../".$cert['crt_name']);

9
www/api/cemails.php
Unescape Escape View File

@ -25,7 +25,7 @@
echo "200,Authentication Ok\n";
$user = mysql_fetch_assoc($res);
$memid = $user['id'];
$query = "select sum(`points`) as `points` from `notary` where `to`='$memid' group by `to`";
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `notary`.`deleted`=0 group by `to`";
$row = mysql_fetch_assoc(mysql_query($query));
$points = $row['points'];
echo "CS=".intval($user['codesign'])."\n";
@ -40,8 +40,9 @@
if($user['mname'] != "" && $user['suffix'] != "")
echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n";
}
$query = "select * from `email` where `memid`='$memid' and `hash`='' and `deleted`=0";
$query = "select * from `email` where `memid`='".intval($memid)."' and `hash`='' and `deleted`=0";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
echo "EMAIL=".$row['email']."\n";
while($row = mysql_fetch_assoc($res)) {
echo "EMAIL=".sanitizeHTML($row['email'])."\n";
}
?>

24
www/index.php
Unescape Escape View File

@ -125,7 +125,7 @@ require_once('../includes/lib/l10n.php');
showfooter();
exit;
}
}
}
}
if($oldid == 5 && $process != "")
@ -153,13 +153,13 @@ require_once('../includes/lib/l10n.php');
include_once("../includes/lib/general.php");
$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
$_SERVER['SSL_CLIENT_I_DN_CN']);
if($user_id >= 0)
{
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
"select * from `users` where
"select * from `users` where
`id`='$user_id' and `deleted`=0 and `locked`=0"));
if($_SESSION['profile']['id'] != 0)
{
$_SESSION['profile']['loggedin'] = 1;
@ -307,19 +307,19 @@ require_once('../includes/lib/l10n.php');
$_SESSION['profile'] = "";
unset($_SESSION['profile']);
$_SESSION['profile'] = mysql_fetch_assoc($res);
$query = "update `users` set `modified`=NOW(), `password`=sha1('$pword') where `id`='".$_SESSION['profile']['id']."'";
$query = "update `users` set `modified`=NOW(), `password`=sha1('$pword') where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
if($_SESSION['profile']['language'] == "")
{
$query = "update `users` set `language`='".L10n::get_translation()."'
where `id`='".$_SESSION['profile']['id']."'";
where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
} else {
L10n::set_translation($_SESSION['profile']['language']);
L10n::init_gettext();
}
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 group by `to`";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
@ -499,7 +499,7 @@ require_once('../includes/lib/l10n.php');
if($checkemail != "OK")
{
$id = 1;
if (substr($checkemail, 0, 1) == "4")
if (substr($checkemail, 0, 1) == "4")
{
$_SESSION['_config']['errmsg'] .= _("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.");
} else {
@ -566,9 +566,9 @@ require_once('../includes/lib/l10n.php');
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
$secrethash = $_REQUEST['secrethash2'];
//check for spam via honeypot
if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
echo _("Form could not be sent.");
showfooter();
exit;
@ -641,7 +641,7 @@ require_once('../includes/lib/l10n.php');
$newUrl = $protocol . '://wiki.cacert.org/FAQ/AboutUs';
header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
}
if ($id == 19)
{
$protocol = $_SERVER['HTTPS'] ? 'https' : 'http';
@ -655,7 +655,7 @@ require_once('../includes/lib/l10n.php');
$newUrl = $protocol . '://wiki.cacert.org/Board';
header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
}
showheader(_("Welcome to CAcert.org"));
includeit($id);
showfooter();

5
www/stats.php
Unescape Escape View File

@ -32,7 +32,7 @@
$stats['timestamp'] = $ar['timestamp'];
return $stats;
}
return null;
}
@ -40,7 +40,7 @@
if ($stats === null) {
echo '<p>', _("Error while retrieving the statistics!"), '</p>';
showfooter();
die();
die();
}
?>
<h1>CAcert.org <?=_("Statistics")?></h1>
@ -157,4 +157,3 @@
</div>
<? showfooter(); ?>

24
www/styles/default.css
Unescape Escape View File

@ -14,7 +14,7 @@ body {
margin: 0px;
padding: 0px;
background: #cccccc;
/* url("/siteimages/bg_grad.jpg") fixed; */
/* url("/siteimages/bg_grad.jpg") fixed; */
}
@ -219,7 +219,7 @@ ul.no_indent {
}
#globalNav img {
margin-bottom: -4px;
margin-bottom: -4px;
}
#gnl {
@ -558,6 +558,19 @@ td.storyLeft {
border-right: 1px #cfcfcf solid;
}
.DataTDError {
border-style: inset;
border-width: 1px;
font-size: 8pt;
color: #ff0000;
font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
background: #ffffff;
padding: 1px 5px 1px 5px;
border: 1px #cfcfcf solid;
border-left: 1px #cfcfcf dotted;
border-right: 1px #cfcfcf dotted;
}
.wrapper {
border-collapse: collapse;
font-family: verdana, sans-serif;
@ -571,7 +584,12 @@ td.greytxt {
text-align: right;
vertical-align: bottom;
}
.bold, .primaryemailaddress {
font-weight:bold;
}
.italic, .deletedemailaddress {
font-style:italic;
}
.title {
background: #e2e2e2;
font-weight: bold;

57
www/wot.php
Unescape Escape View File

@ -133,9 +133,9 @@ function send_reminder()
//This mail does not need to be translated
$body = "Hi TTP adminstrators,\n\n";
$body .= "User ".$_SESSION['profile']['fname']." ".
$_SESSION['profile']['lname']." with email address '".
$_SESSION['profile']['email']."' is requesting a TTP assurances for ".
mysql_escape_string(stripslashes($_POST['country'])).".\n\n";
$_SESSION['profile']['lname']." with email address '".
$_SESSION['profile']['email']."' is requesting a TTP assurances for ".
mysql_escape_string(stripslashes($_POST['country'])).".\n\n";
if ($_POST['ttptopup']=='1') {
$body .= "The user is also requesting TTP TOPUP.\n\n";
}else{
@ -224,8 +224,8 @@ function send_reminder()
exit;
}
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' and
`to`='".$_SESSION['_config']['notarise']['id']."'";
$query = "select * from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and
`to`='".intval($_SESSION['_config']['notarise']['id'])."' and `deleted` = 0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -310,7 +310,7 @@ $iecho= "c";
exit;
}
$query = "select * from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
$query = "select * from `users` where `id`='".intval($_SESSION['_config']['notarise']['id'])."'";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$name = $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'];
@ -332,7 +332,7 @@ $iecho= "c";
if($newpoints < 0)
$newpoints = $awarded = 0;
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['_config']['notarise']['id'])."' and `deleted` = 0 group by `to`";
$res = mysql_query($query);
$drow = mysql_fetch_assoc($res);
@ -345,14 +345,15 @@ $iecho= "c";
if($newpoints < 0)
$newpoints = 0;
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
if(mysql_real_escape_string(stripslashes($_POST['date'])) == "")
$_POST['date'] = date("Y-m-d H:i:s");
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND
`to`='".$_SESSION['_config']['notarise']['id']."' AND
`awarded`='$awarded' AND
`location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND
`date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
$query = "select * from `notary` where `from`='".intval($_SESSION['profile']['id'])."' AND
`to`='".intval($_SESSION['_config']['notarise']['id'])."' AND
`awarded`='".intval($awarded)."' AND
`location`='".mysql_real_escape_string(stripslashes($_POST['location']))."' AND
`date`='".mysql_real_escape_string(stripslashes($_POST['date']))."' AND
`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -363,11 +364,11 @@ $iecho= "c";
if($oldid == 6)
{
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['_config']['notarise']['id']."',
`points`='$newpoints', `awarded`='$awarded',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
$query = "insert into `notary` set `from`='".intval($_SESSION['profile']['id'])."',
`to`='".intval($_SESSION['_config']['notarise']['id'])."',
`points`='".intval($newpoints)."', `awarded`='".intval($awarded)."',
`location`='".mysql_real_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_real_escape_string(stripslashes($_POST['date']))."',
`when`=NOW()";
//record active acceptance by Assurer
if (check_date_format(trim($_REQUEST['date']),2010)) {
@ -388,11 +389,11 @@ $iecho= "c";
$addpoints = 2;
else if($_SESSION['profile']['points'] == 149 && $_SESSION['profile']['points'] >= 100)
$addpoints = 1;
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['profile']['id']."',
`points`='$addpoints', `awarded`='$addpoints',
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
$query = "insert into `notary` set `from`='".intval($_SESSION['profile']['id'])."',
`to`='".intval($_SESSION['profile']['id'])."',
`points`='".intval($addpoints)."', `awarded`='".intval($addpoints)."',
`location`='".mysql_real_escape_string(stripslashes($_POST['location']))."',
`date`='".mysql_real_escape_string(stripslashes($_POST['date']))."',
`method`='Administrative Increase',
`when`=NOW()";
mysql_query($query);
@ -478,7 +479,7 @@ $iecho= "c";
{
csrf_check("chgcontact");
$info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$info = mysql_real_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$listme = intval($_POST['listme']);
if($listme < 0 || $listme > 1)
$listme = 0;
@ -486,7 +487,7 @@ $iecho= "c";
$_SESSION['profile']['listme'] = $listme;
$_SESSION['profile']['contactinfo'] = $info;
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".$_SESSION['profile']['id']."'";
$query = "update `users` set `listme`='$listme',`contactinfo`='$info' where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
showheader(_("My CAcert.org Account!"));
@ -507,9 +508,9 @@ $iecho= "c";
$body = $_REQUEST['message'];
$subject = $_REQUEST['subject'];
$userid = intval($_REQUEST['userid']);
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$userid' and `listme`=1"));
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($userid)."' and `listme`=1"));
$points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary`
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
where `to`='".intval($user['id'])."' and `deleted` = 0 group by `to` HAVING SUM(`points`) > 0"));
if($points > 0)
{
$my_translation = L10n::get_translation();
@ -545,7 +546,7 @@ $iecho= "c";
showheader(_("My CAcert.org Account!"));?>
<p>
<? printf(_("Your email has been sent to %s."), $user['fname']); ?>
<? printf(_("Your email has been sent to %s."), sanitizeHTML($user['fname'])); ?>
</p>
<p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p>
<?

Write Preview
Loading…
Cancel
Save