cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

Added a filter against multiple email addresses per UID

Browse Source
pull/1/head
root 17 years ago
parent 3ac0f6dcc9
commit 8ec3d9eeb5
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File

15
www/gpg.php
Unescape Escape View File

@ -144,6 +144,16 @@ function verifyEmail($email)
$pos = strpos($bits[9], "<") + 1; $pos = strpos($bits[9], "<") + 1;
} }
$mail=""; $mail="";
if(preg_match("/\@.*\@/",$bits[9]))
{
showheader(_("Welcome to CAcert.org"));
echo "<font color='#ff0000'>"._("Multiple Email Adresses per UID are not allowed.")."</font>";
unset($_REQUEST['process']);
$id = $oldid;
unset($oldid);
exit();
}
if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) { if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
//echo "Found: ".$match[1]; //echo "Found: ".$match[1];
$mail = trim(hex2bin($match[1])); $mail = trim(hex2bin($match[1]));
@ -240,10 +250,11 @@ function verifyEmail($email)
if($oldid == "0" && $_REQUEST['CSR'] != "") if($oldid == "0" && $_REQUEST['CSR'] != "")
{ {
$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."', $query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."',
`email`='".mysql_real_escape_string($emailaddies['0'])."', `email`='".mysql_real_escape_string($mail)."',
`level`='1', `level`='1',
`expires`='".mysql_real_escape_string($expires)."', `expires`='".mysql_real_escape_string($expires)."',
`multiple`='".mysql_real_escape_string($multiple)."'"; `multiple`='".mysql_real_escape_string($multiple)."',
`keyid`='".mysql_real_escape_string($keyid)."'";
mysql_query($query); mysql_query($query);
$id = mysql_insert_id(); $id = mysql_insert_id();

Write Preview
Loading…
Cancel
Save