Added a filter against multiple email addresses per UID

www/gpg.php

@@ -144,6 +144,16 @@ function verifyEmail($email)
 				$pos = strpos($bits[9], "<") + 1;
 			}
 			$mail="";
+			if(preg_match("/\@.*\@/",$bits[9]))
+			{
+				showheader(_("Welcome to CAcert.org"));
+
+				echo "<font color='#ff0000'>"._("Multiple Email Adresses per UID are not allowed.")."</font>";
+				unset($_REQUEST['process']);
+				$id = $oldid;
+				unset($oldid);
+				exit();
+			}
                         if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
 				//echo "Found: ".$match[1];
 				$mail = trim(hex2bin($match[1]));
@@ -240,10 +250,11 @@ function verifyEmail($email)
 	if($oldid == "0" && $_REQUEST['CSR'] != "")
 	{
 		$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."',
-						`email`='".mysql_real_escape_string($emailaddies['0'])."',
+						`email`='".mysql_real_escape_string($mail)."',
 						`level`='1',
 						`expires`='".mysql_real_escape_string($expires)."',
-						`multiple`='".mysql_real_escape_string($multiple)."'";
+						`multiple`='".mysql_real_escape_string($multiple)."',
+						`keyid`='".mysql_real_escape_string($keyid)."'";
 		mysql_query($query);
 		$id = mysql_insert_id();