This commit is contained in:
root 2004-11-18 23:21:15 +00:00
parent 1b87a13002
commit 9641afae8b
51 changed files with 3286 additions and 2592 deletions

View file

@ -16,7 +16,7 @@
loadem("account");
if($process == _("Add") && $oldid == 1)
if($process != "" && $oldid == 1)
{
$id = 1;
if(trim(mysql_escape_string(stripslashes($newemail))) == "")
@ -48,7 +48,7 @@
$body .= "http://$hostname/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
mail($email, "[CAcert.org] "._("Email Probe"), $body, "From: CAcacert-Support <duane@cacert.org>");
mail($email, "[CAcert.org] "._("Email Probe"), $body, "From: CAcacert-Support <support@cacert.org>");
showheader(_("My CAcert.org Account!"));
printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $email);
@ -56,7 +56,7 @@
exit;
}
if($process == _("Make Default") && $oldid == 2)
if($makedefault != "" && $oldid == 2)
{
$id = 2;
$emailid = intval($emailid);
@ -79,7 +79,7 @@
exit;
}
if($process == _("Delete") && $oldid == 2)
if($process != "" && $oldid == 2)
{
$id = 2;
showheader(_("My CAcert.org Account!"));
@ -112,7 +112,7 @@
exit;
}
if($process == _("Next") && $oldid == 3)
if($process != "" && $oldid == 3)
{
if(!is_array($addid))
{
@ -335,7 +335,7 @@
$_SESSION['_config']['domain'] = $newdomain;
}
if($process == _("Probe") && $oldid == 8)
if($process != "" && $oldid == 8)
{
unset($oldid);
$id = 8;
@ -373,7 +373,7 @@
$body .= "http://$hostname/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
mail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "From: CAcert-Support <duane@cacert.org>");
mail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "From: CAcert-Support <support@cacert.org>");
showheader(_("My CAcert.org Account!"));
printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
@ -381,7 +381,7 @@
exit;
}
if($process == _("Delete") && $oldid == 9)
if($process != "" && $oldid == 9)
{
$id = 9;
showheader(_("My CAcert.org Account!"));
@ -412,7 +412,7 @@
exit;
}
if($process == _("Submit") && $oldid == 10)
if($process != "" && $oldid == 10)
{
$CSR = trim($CSR);
$_SESSION['_config']['CSR'] = $CSR;
@ -432,7 +432,7 @@
}
}
if($process == _("Submit") && $oldid == 11)
if($process != "" && $oldid == 11)
{
$CSR = $_SESSION['_config']['CSR'];
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
@ -482,7 +482,7 @@
}
}
if($oldid == 12 && $process == _("Renew"))
if($oldid == 12 && $renew != "")
{
$id = 12;
showheader(_("My CAcert.org Account!"));
@ -534,7 +534,7 @@
exit;
}
if($oldid == 12 && $process == _("Revoke/Delete"))
if($oldid == 12 && $revoke != "")
{
$id = 12;
showheader(_("My CAcert.org Account!"));
@ -598,7 +598,7 @@
exit;
}
if($oldid == 5 && $process == _("Renew"))
if($oldid == 5 && $renew != "")
{
showheader(_("My CAcert.org Account!"));
if(is_array($revokeid))
@ -652,7 +652,7 @@
exit;
}
if($oldid == 5 && $process == _("Revoke/Delete"))
if($oldid == 5 && $revoke != "")
{
$id = 5;
showheader(_("My CAcert.org Account!"));
@ -718,7 +718,7 @@
$_SESSION['_config']['user']['set'] = 1;
}
if($oldid == 13 && $process == _("Update"))
if($oldid == 13 && $process != "")
{
$_SESSION['_config']['user']['fname'] = trim(mysql_escape_string(stripslashes($fname)));
$_SESSION['_config']['user']['mname'] = trim(mysql_escape_string(stripslashes($mname)));
@ -756,7 +756,7 @@
}
}
if($oldid == 13 && $process == _("Update"))
if($oldid == 13 && $process != "")
{
if($_SESSION['profile']['points'] < 100)
{
@ -792,7 +792,7 @@
exit;
}
if($oldid == 14 && $process == _("Update Pass Phrase"))
if($oldid == 14 && $process != "")
{
$_SESSION['_config']['user']['oldpass'] = trim(mysql_escape_string(stripslashes($oldpassword)));
$_SESSION['_config']['user']['pword1'] = trim(mysql_escape_string(stripslashes($pword1)));
@ -862,7 +862,7 @@
exit;
}
if($oldid == 16 && $process == _("Next"))
if($oldid == 16 && $process != "")
{
if(@count($_SESSION['_config']['emails']) > 0)
$id = 17;
@ -999,7 +999,7 @@
}
}
if($oldid == 18 && $process == _("Renew"))
if($oldid == 18 && $renew != "")
{
showheader(_("My CAcert.org Account!"));
if(is_array($revokeid))
@ -1049,7 +1049,7 @@
exit;
}
if($oldid == 18 && $process == _("Revoke/Delete"))
if($oldid == 18 && $revoke != "")
{
$id = 18;
showheader(_("My CAcert.org Account!"));
@ -1111,7 +1111,7 @@
exit;
}
if($process == _("Submit") && $oldid == 20)
if($process != "" && $oldid == 20)
{
$CSR = trim($CSR);
$_SESSION['_config']['CSR'] = $CSR;
@ -1139,7 +1139,7 @@
}
}
if($process == _("Submit") && $oldid == 21)
if($process != "" && $oldid == 21)
{
$CSR = $_SESSION['_config']['CSR'];
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
@ -1212,7 +1212,7 @@
}
}
if($oldid == 22 && $process == _("Renew"))
if($oldid == 22 && $renew != "")
{
showheader(_("My CAcert.org Account!"));
if(is_array($revokeid))
@ -1267,7 +1267,7 @@
exit;
}
if($oldid == 22 && $process == _("Revoke/Delete"))
if($oldid == 22 && $revoke != "")
{
showheader(_("My CAcert.org Account!"));
if(is_array($revokeid))
@ -1343,7 +1343,7 @@
exit;
}
if($oldid == 24 && $process == _("Next"))
if($oldid == 24 && $process != "")
{
$id = intval($oldid);
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
@ -1370,7 +1370,7 @@
}
}
if($oldid == 27 && $process == _("Update"))
if($oldid == 27 && $process != "")
{
$id = intval($oldid);
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
@ -1398,12 +1398,11 @@
}
}
if($oldid == 28 && $process == _("Add"))
if($oldid == 28 && $process != "")
{
$domain = $_SESSION['_config']['domain'] = trim(mysql_escape_string(stripslashes($domainname)));
$res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
$res2 = mysql_query("select * from `domains` where `domain`='$domain' and `deleted`=0");
if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
if(mysql_num_rows($res1) > 0)
{
$_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $domain);
$id = $oldid;
@ -1417,7 +1416,7 @@
$id = 25;
}
if($oldid == 28 && $process == _("Add"))
if($oldid == 28 && $process != "")
{
mysql_query("insert into `orgdomains` set `orgid`='".$_SESSION['_config']['orgid']."', `domain`='$domain'");
showheader(_("My CAcert.org Account!"));
@ -1427,7 +1426,7 @@
exit;
}
if($oldid == 29 && $process == _("Update"))
if($oldid == 29 && $process != "")
{
$domain = mysql_escape_string(stripslashes(trim($domainname)));
@ -1463,7 +1462,7 @@
$do = `../scripts/runclient`;
}
if($oldid == 29 && $process == _("Update"))
if($oldid == 29 && $process != "")
{
$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'"));
mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".$_SESSION['_config']['domid']."'");
@ -1474,7 +1473,7 @@
exit;
}
if($oldid == 30 && $process == _("Delete"))
if($oldid == 30 && $process != "")
{
$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'"));
$domain = $row['domain'];
@ -1572,7 +1571,7 @@
}
}
if($oldid == 33 && $process == _("Add"))
if($oldid == 33 && $process != "")
{
if($_SESSION['profile']['admin'] == 1)
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
@ -1594,7 +1593,7 @@
}
}
if($oldid == 34 && $process == _("Delete"))
if($oldid == 34 && $process != "")
{
mysql_query("delete from `org` where `memid`='".$_SESSION['_config']['memid']."'");
}
@ -1704,6 +1703,76 @@
exit;
}
if($process != "" && $oldid == 45)
{
$CSR = trim($CSR);
$_SESSION['_config']['CSR'] = $CSR;
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
$id = 46;
extractit();
getcn();
getalt();
if($_SESSION['_config']["0.CN"] == "")
{
showheader(_("My CAcert.org Account!"));
echo _("CommonName field was blank. Can't continue.");
showfooter();
exit;
}
}
if($process != "" && $oldid == 46)
{
$CSR = $_SESSION['_config']['CSR'];
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
$id = 11;
extractit();
getcn();
getalt();
if($_SESSION['_config']["0.CN"] == "")
{
showheader(_("My CAcert.org Account!"));
echo _("CommonName field was blank. Can't continue.");
showfooter();
exit;
}
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']["0.CN"]."',
`domid`='".$_SESSION['_config']['row']['id']."',
`created`=NOW()";
mysql_query($query);
$CSRid = mysql_insert_id();
foreach($_SESSION['_config']['rowid'] as $dom)
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $dom)
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
$CSRname = $_SESSION['_config']['filepath']."/csr/server-$CSRid.csr";
$fp = fopen($CSRname, "w");
fputs($fp, $_SESSION['_config']['CSR']);
fclose($fp);
mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
$do = `../scripts/runserver`;
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
showfooter();
exit;
} else {
$id = 47;
$cert = $CSRid;
}
}
if(intval($cert) > 0)
$_SESSION['_config']['cert'] = intval($cert);
if(intval($orgid) > 0)

View file

@ -175,12 +175,10 @@ function hideall() {
<h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
<ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=1"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['points'] < 100) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted Third Parties")?></a></li><li><a href="http://www.cacert.org/docs/CAP.pdf"><?=_("WoT Form")?></a></li><li><a href="http://www.cacert.org/docs/TTP.pdf"><?=_("TTP Form")?></a></li></ul>
</div>
<? if($_SESSION['profile']['id'] == 1) { ?>
<div class="relatedLinks">
<h3 onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>
<ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul>
</div>
<? } ?>
<? if($_SESSION['profile']['admin'] == 1) { ?>
<div class="relatedLinks">
<h3 onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3>
@ -192,7 +190,7 @@ function hideall() {
<div class="story">
<h3><?=$title2?></h3>
<? if($_SESSION['_config']['errmsg'] != "") { ?>
<p><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </p>
<p class="errmsg"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </p>
<? } ?>
<?
}

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -68,8 +68,8 @@
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="5"><input type="submit" name="process" value="<?=_("Renew")?>">
<input type="submit" name="process" value="<?=_("Revoke/Delete")?>"></td>
<td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
</table>

View file

@ -72,8 +72,8 @@
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="5"><input type="submit" name="process" value="<?=_("Renew")?>">
<input type="submit" name="process" value="<?=_("Revoke/Delete")?>"></td>
<td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
</table>

View file

@ -46,7 +46,7 @@
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Make Default")?>"></td>
<td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?=_("Make Default")?>"></td>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
</tr>
</table>

View file

@ -68,8 +68,8 @@
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="5"><input type="submit" name="process" value="<?=_("Renew")?>">
<input type="submit" name="process" value="<?=_("Revoke/Delete")?>"></td>
<td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
</table>

20
pages/account/45.php Normal file
View file

@ -0,0 +1,20 @@
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<p><?=_("Paste your CSR below...")?></p>
<form method="post" action="account.php">
<textarea name="CSR" cols="80" rows="15"></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
</form>

View file

@ -76,8 +76,8 @@
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="5"><input type="submit" name="process" value="<?=_("Renew")?>">
<input type="submit" name="process" value="<?=_("Revoke/Delete")?>"></td>
<td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
</tr>
<? } ?>
</table>

29
pages/gpg/0.php Normal file
View file

@ -0,0 +1,29 @@
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<?
$_POST['level'] = intval($_POST['level']);
if($_POST['level'] < 0 || $_POST['level'] > 1)
$_POST['level'] = 0;
?>
<p><?=_("Paste your GPG key below...")?></p>
<form method="post" action="gpg.php">
<textarea name="CSR" cols="80" rows="15"><?=$_POST['CSR']?></textarea><br>
<input type="radio" name="level" value="0"<? if($_POST['level'] == 0) echo " checked"; ?>> Low Trust GPG Key<br>
<? if($_SESSION['profile']['points'] >= 100) { ?>
<input type="radio" name="level" value="1"<? if($_POST['level'] == 1) echo " checked"; ?>> High Trust GPG Key<br>
<? } ?>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
</form>

75
pages/gpg/2.php Normal file
View file

@ -0,0 +1,75 @@
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?=_("Client Certificates")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Trust Level")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<?
$query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`expire`) as `expired`,
`expire` as `expires`, `id`, `level`, `email`
`email` from `gpg` where `memid`='".$_SESSION[profile][id]."'
ORDER BY `issued` desc";
//echo $query."<br>\n";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
?>
<tr>
<td colspan="5" class="DataTD"><?=_("No PGP/GPG certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
{
if($row['timeleft'] > 0)
$verified = _("Valid");
if($row['timeleft'] < 0)
$verified = _("Expired");
if($row['expired'] == 0)
$verified = _("Pending");
$trust = _("High Trust");
if($row['level'] != 1)
$trust = _("Low Trust");
?>
<tr>
<? if($verified == _("Valid")) { ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=$trust?></td>
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row[id]?>"><?=$row['email']?></a></td>
<? } else if($verified == _("Pending")) { ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=$trust?></td>
<td class="DataTD"><?=$row[CN]?></td>
<? } else { ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=$trust?></td>
<td class="DataTD"><a href="account.php?id=6&cert=<?=$row[id]?>"><?=$row[CN]?></a></td>
<? } ?>
<td class="DataTD"><?=$row[expires]?></td>
</tr>
<? } ?>
<? } ?>
</table>
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>

31
pages/gpg/3.php Normal file
View file

@ -0,0 +1,31 @@
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under the CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/ ?>
<?
$certid = $_SESSION['_config']['cert'];
$query = "select * from `gpg` where `id`='$certid' and `memid`='".$_SESSION[profile][id]."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
echo _("No such PGP/GPG certificates attached to your account.");
showfooter();
exit;
}
$row = mysql_fetch_assoc($res);
?>
<h3><?=_("Below is your PGP/GPG Certificate")?></h3>
<pre>
<? readfile($row[crt]); ?>
</pre>

View file

@ -6,7 +6,8 @@
<li><a href='help.php?id=2'><?=_("Digital Signing (a guide for normal people)")?></a></li>
<li><a href='help.php?id=3'><?=_("Generating a New Key Pair and CSR for IIS 5.0")?></a></li>
<li><a href='help.php?id=4'><?=_("How do I generate a private key and CSR using OpenSSL?")?></a></li>
<li><a href='help.php?id=5'><?=_("How do I get a secured by CAcert emblem on my site?")?></a></li>
<li><a href='logos.php'><?=_("How do I get a secured by CAcert emblem on my site?")?></a></li>
<li><a href='help.php?id=6'><?=_("How do I get a Server certificate from CAcert?")?></a></li>
<li><a href='help.php?id=7'><?=_("How does CAcert Protect it's root private key?")?></a></li>
<li><a href='http://202.87.16.200/wiki/'><?=_("Unofficial FAQ/Wiki")?></a></li>
</ul>

66
scripts/gpgcerts.php Executable file
View file

@ -0,0 +1,66 @@
#!/usr/bin/php -q
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under a CAcert Source License
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/
include_once("../includes/mysql.php");
$query = "select * from `gpg` where `crt`=''";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
$row['crt'] = "../crt/gpg-".$row['id'].".crt";
$do = `gpg --homedir /root/.gnupg --import $row[csr] 2>&1`;
$extra = "";
if(intval($row['level']) != 1)
$extra = " --default-key lowgpg@cacert.org";
$extras = "";
if($row['multiple'] == 1)
$extras .= " echo \"y\";";
if($row['expires'] == 1)
$extras .= " echo \"n\";";
$do = `( $extras echo "365"; echo "y"; echo "3"; echo "y")|gpg$extra --homedir /root/.gnupg --batch --no-tty --command-fd 0 \
--status-fd 1 --cert-policy-url http://www.cacert.org/index.php?id=10 \
--ask-cert-expire --sign-key $row[email] 2>&1`;
$do = `gpg --homedir /root/.gnupg --export --armor $row[email] > $row[crt]`;
$do = `gpg --homedir /root/.gnupg --batch --yes --delete-key $row[email] 2>&1`;
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]'"));
if($user['language'] != "")
{
$userlang = $user['language'];
putenv("LANG=".$_SESSION['_config']['translations'][$userlang]);
setlocale(LC_ALL, $_SESSION['_config']['translations'][$userlang]);
} else {
putenv("LANG=en_AU");
setlocale(LC_ALL, "en_AU");
}
if(filesize($row[crt]) > 0)
{
$query = "update `gpg` set `crt`='$row[crt]', `issued`=NOW(), `expire`=FROM_UNIXTIME(UNIX_TIMESTAMP(NOW()) + 31536000) where `id`='".$row['id']."'";
mysql_query($query);
$body = _("Hi")." $user[fname],\n\n";
$body .= sprintf(_("You can collect your certificate for %s by going to the following location:")."\n\n", $row['email']);
$body .= "https://www.cacert.org/gpg.php?id=3&cert=$row[id]\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
mail($user[email], "[CAcert.org] Your GPG/PGP Key", $body, "From: CAcert-Support <duane@cacert.org>");
} else {
$query = "delete from `gpg` where `id`='".$row['id']."'";
mysql_query($query);
}
}
?>

View file

@ -23,7 +23,7 @@
} else if($oldid == 40 && $process == _("Send")) {
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
mail("duane@cacert.org", "[CAcert.org] ".$subject, $message, "From: $email");
mail("support@cacert.org", "[CAcert.org] ".$subject, $message, "From: $email");
showheader(_("Welcome to CAcert.org"));
echo _("Your message has been sent.");
showfooter();

BIN
www/docs/CAP.pdf Normal file

Binary file not shown.

Binary file not shown.

BIN
www/docs/TTP.pdf Normal file

Binary file not shown.

BIN
www/docs/keys.pdf Normal file

Binary file not shown.

94
www/docs/keys.ps Normal file
View file

@ -0,0 +1,94 @@
%!PS-Adobe-3.0
%%BoundingBox: 0 0 596 842
%%Title:
%%Creator: gpg-key2ps 0.1
%%CreationDate: Mon Sep 27 01:14:05 EST 2004
%%Pages: 1
%%EndComments
%%Page: 1 1
/w 596 def
/h 842 def
/Times-Roman findfont 9 scalefont setfont
/newline {
/y y 10 sub def
} def
/hline {
30 y 3 add moveto
w 2 div 30 sub y 3 add lineto stroke
newline
} def
/needhline {
/condhline { hline } def
} def
/noneedhline {
/condhline { } def
} def
/pub {
condhline
20 y moveto (pub) show
40 y moveto show show (/) show show
120 y moveto show
170 y moveto show
newline
needhline
} def
/fpr {
40 y moveto (Key fingerprint = ) show show
newline
} def
/uid {
20 y moveto (uid) show
170 y moveto show
newline
} def
/revuid {} def
/sbk {
20 y moveto (sub) show
40 y moveto show show (/) show show
120 y moveto show
newline
} def
/key {
noneedhline
(CA Cert Signing Authority (Root CA) <gpg@cacert.org>) (2003-07-11) (65D0FD58) (D) (1024) pub
(A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58) fpr
(2003-07-11) (113ED0F2) (g) (2048) sbk
} def
/numlines 3 def
/num w 16 sub 10 div numlines div def
/column {
/y w 10 sub def
1 1 num {
/upper y 10 add def
key
newline
/lower y 10 add def
0 upper h 2 div upper h 2 div lower 0 lower 0 upper moveto lineto lineto lineto lineto stroke
} for
} def
w 0 translate
90 rotate
column
h 2 div 0 translate
column
showpage
%%Trailer
%%EOF

View file

@ -17,20 +17,17 @@
loadem("account");
$oldid = intval($_POST['oldid']);
$id = intval($id);
if($oldid == "1")
if($oldid == "0")
{
if($_POST['process'] != _("Submit") || $_POST['level'] == "" || $_POST['CSR'] == "" || intval($_POST['level']) < 0 || intval($_POST['level']) > 1)
{
$_SESSON['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key.");
$_SESSION['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key.");
$id = $oldid;
unset($oldid);
}
}
if($oldid == "1")
if($oldid == "0")
{
$gpgkey = $_POST['CSR'];
$gpg = `echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`;
@ -45,6 +42,7 @@
}
}
$gpg = $lines;
$expires = 0;
foreach(explode("\n", $gpg) as $line)
{
@ -54,6 +52,8 @@
{
$keyid = $bits[4];
$when = $bits[5];
if($bits[6] != "")
$expires = 1;
}
if(!strstr($line, "@")) continue;
@ -84,14 +84,20 @@
$emailaddies[] = $mail;
}
$multiple = 0;
if(count($emailaddies) > 1)
$multiple = 1;
if($_SESSION['profile']['points'] < 50 && $_POST['level'] == 1)
{
$_SESSON['_config']['errmsg'] = _("You don't have enough assurance points to be issued a high level trust gpg signature.");
$_SESSION['_config']['errmsg'] = _("You don't have enough assurance points to be issued a high level trust gpg signature.");
unset($_POST['process']);
$id = $oldid;
unset($oldid);
}
if(is_array($names))
{
foreach($names as $name)
{
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'])
@ -102,41 +108,54 @@
continue;
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])
continue;
$_SESSON['_config']['errmsg'] = _("No suitable name combination could be matched from your PGP/GPG keys to what we have in the database");
$_SESSION['_config']['errmsg'] = _("No suitable name combination could be matched from your PGP/GPG keys to what we have in the database ('$name')");
unset($_POST['process']);
$id = $oldid;
unset($oldid);
}
}
if(is_array($emailaddies) && count($emailaddies) >= 1)
{
foreach($emailaddies as $email)
{
if(mysql_num_rows(mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and
`email`='$email' and `deleted`=0 and `hash`=''")) > 0)
continue;
$_SESSON['_config']['errmsg'] = _("No suitable emails could be matched from your PGP/GPG keys to what we have in the database");
$_SESSION['_config']['errmsg'] = _("No suitable emails could be matched from your PGP/GPG keys to what we have in the database. ('$email')");
unset($_POST['process']);
$id = $oldid;
unset($oldid);
}
} else {
$_SESSION['_config']['errmsg'] = _("No emails found on your key");
unset($_POST['process']);
$id = $oldid;
unset($oldid);
}
}
if($oldid == "1")
if($oldid == "0")
{
$_POST['level'] = intval($_POST['level']);
if($_POST['level'] < 0 || $_POST['level'] > 1)
$_POST['level'] = 0;
$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."', `email`='".$emailaddies['0']."',`level`='".$_POST['level']."'";
$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."',
`email`='".$emailaddies['0']."',
`level`='".$_POST['level']."',
`expires`='$expires',
`multiple`='$multiple'";
mysql_query($query);
$id = mysql_insert_id();
$fp = fopen("../csr/gpg-$id.csr", "w");
fputs($fp, $csr);
fputs($fp, $_POST['CSR']);
fclose($fp);
mysql_query("update `gpg` set `csr`='../csr/gpg-$id.csr' where `id`='$id'");
$do = `../scripts/rungpg`;
$do = `../scripts/rungpg 2>&1`;
showheader(_("Welcome to CAcert.org"));
$query = "select * from `gpg` where `id`='$id' and `crt`!=''";
@ -154,6 +173,9 @@
exit;
}
$id = intval($id);
$_SESSION['_config']['cert'] = intval($cert);
showheader(_("Welcome to CAcert.org"));
includeit($id, "gpg");
showfooter();

Binary file not shown.

After

Width:  |  Height:  |  Size: 76 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 39 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 10 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 122 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 14 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 18 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 26 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 12 KiB

View file

@ -85,9 +85,9 @@
"IP/Hostname: ".$_SERVER['REMOTE_ADDR']."/".$_SERVER['REMOTE_HOST']."\n".
"---------------------------------------------------------------------\n".$body.
"---------------------------------------------------------------------\n";
mail("duane@cacert.org", "[CAcert.org] Requested Pass Phrase Change", $body,
mail("support@cacert.org", "[CAcert.org] Requested Pass Phrase Change", $body,
"From: '".$_SESSION['lostpw']['user']['fname']."' <".$_SESSION['lostpw']['user']['email'].">\n".
"From: CAcert-Support <duane@cacert.org>");
"From: CAcert-Support <support@cacert.org>");
$_SESSION['_config']['errmsg'] = _("You failed to get all answers correct, system admins have been notified.");
} else if($_SESSION['lostpw']['pw1'] != $_SESSION['lostpw']['pw2'] || $_SESSION['lostpw']['pw1'] == "") {
$_SESSION['_config']['errmsg'] = _("New Pass Phrases specified don't match or were blank.");
@ -306,7 +306,7 @@
$body .= "http://$hostname/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
$body .= _("Best regards")."\n"._("CAcert.org Support!");
mail($_SESSION['signup']['email'], "[CAcert.org] "._("Mail Probe"), $body, "From: CAcert-Support <duane@cacert.org>");
mail($_SESSION['signup']['email'], "[CAcert.org] "._("Mail Probe"), $body, "From: CAcert-Support <support@cacert.org>");
}
}
@ -329,7 +329,7 @@
{
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
mail("duane@cacert.org", "[CAcert.org] ".$subject, $message, "From: $email");
mail("support@cacert.org", "[CAcert.org] ".$subject, $message, "From: $email");
showheader(_("Welcome to CAcert.org"));
echo _("Your message has been sent.");
showfooter();

32
www/logos.php Normal file
View file

@ -0,0 +1,32 @@
<?
loadem("index");
showheader(_("Welcome to CAcert.org"));
?>
<h1>CAcert Logos</h1>
<p>Feel free to copy, use, change, ... the following logos. I created them
using the <a href="http://www.cacert.org">CAcert.org</a> site logo and some gimp
magic. Send comments or suggestions to <a href="/kontakt/">Chris</a>. Licence: Whatever. I don't care.</p>
<img src="logos/cacert1.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/cacert-free-certificates2.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-free-certificates3.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-free-certificates4.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/cacert-secured3.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-secured4.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-secured5.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/cacert-secured7.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/cacert-secure-site.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-secure-site2.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/cacert-grey.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/cacert-grey2.png" alt="www.cacert.org" border="0" /><br /><br />
<img src="logos/small-ssl-secured-site.png" alt="www.cacert.org" border="0" />&nbsp;&nbsp;
<img src="logos/small-ssl-security.png" alt="www.cacert.org" border="0" /><br /><br />
</td></tr></table>
<?
showfooter();
?>

View file

@ -509,3 +509,8 @@ td.greytxt {
border-top: 1px solid #656565;
text-align: center;
}
.errmsg {
font-weight: BOLD;
color: #FF0000;
}

View file

@ -158,7 +158,7 @@
$body .= _("Best Regards")."\n";
$body .= _("CAcert Support Team");
mail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "From: CAcert-Support <duane@cacert.org>");
mail($_SESSION['_config']['notarise']['email'], "[CAcert.org] "._("You've been Assured."), $body, "From: CAcert-Support <support@cacert.org>");
putenv("LANG=".$_SESSION['_config']['language']);
setlocale(LC_ALL, $_SESSION['_config']['language']);
@ -168,7 +168,7 @@
$body .= _("Best Regards")."\n";
$body .= _("CAcert Support Team");
mail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "From: CAcert-Support <duane@cacert.org>");
mail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "From: CAcert-Support <support@cacert.org>");
showheader(_("My CAcert.org Account!"));
echo "<p>"._("Shortly you and the person you were assuring will receive an email confirmation. There is no action on your behalf required to complete this.")."</p>";