Improve client certificate issuing

- add more comprehensive message when a user does not select an email address or the SSO flag
- fix missing value for coll_found in emailcerts INSERT query
- handle database errors when the emailcerts INSERT query fails
This commit is contained in:
Jan Dittberner 2024-05-05 17:56:36 +02:00
parent e2f9138035
commit 9a672e9bf9

View file

@ -253,7 +253,8 @@ function buildSubjectFromSession() {
if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
{
showheader(_("My CAcert.org Account!"));
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
?><p><?= _("I didn't receive a valid Certificate Request, hit the back button and try again."); ?></p>
<p><?= _("You did not select any email address and did not check the SSO option."); ?></p><?
showfooter();
exit;
}
@ -495,8 +496,13 @@ function buildSubjectFromSession() {
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."',
`coll_found`=0";
if (!mysql_query($query)) {
trigger_error("Query failed: " . mysql_errno() . ": " . mysql_error(), E_USER_ERROR);
}
$emailid = mysql_insert_id();
if(is_array($addys))
foreach($addys as $addy)