bug #14
This commit is contained in:
root
parent
53bc3b971d
commit
9c18d90676
2 changed files with 8 additions and 22 deletions
|
|
@ -18,15 +18,15 @@
|
|||
loadem("tverify");
|
||||
|
||||
$id = intval($_GET['id']);
|
||||
if(intval($_POST['id']) > 0)
|
||||
$id = intval($_POST['id']);
|
||||
if(intval($_REQUEST['id']) > 0)
|
||||
$id = intval($_REQUEST['id']);
|
||||
|
||||
if($id == 1)
|
||||
{
|
||||
$nofile = 1;
|
||||
$filename = "";
|
||||
$photoid = $_FILES['photoid'];
|
||||
if($photoid['error'] == 0 && $_POST["notaryURL"] != "")
|
||||
if($photoid['error'] == 0 && $_REQUEST["notaryURL"] != "")
|
||||
{
|
||||
$filename = $photoid['tmp_name'];
|
||||
$do = trim(`file -b -i $filename`);
|
||||
|
|
@ -46,9 +46,9 @@
|
|||
|
||||
if($id == 1)
|
||||
{
|
||||
$email = mysql_escape_string($_POST["email"]);
|
||||
$password = mysql_escape_string($_POST["pword"]);
|
||||
$URL = mysql_escape_string($_POST["notaryURL"]);
|
||||
$email = mysql_escape_string($_REQUEST["email"]);
|
||||
$password = mysql_escape_string($_REQUEST["pword"]);
|
||||
$URL = mysql_escape_string($_REQUEST["notaryURL"]);
|
||||
$CN = mysql_escape_string($_SESSION['_config']['CN']);
|
||||
$memid = mysql_escape_string($_SESSION['_config']['uid']);
|
||||
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'"));
|
||||
|
|
@ -136,15 +136,6 @@
|
|||
$body = "There is a new valid request for thawte points tranfer, details as follows:\n\n";
|
||||
$body .= "To vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n";
|
||||
|
||||
// $body .= "Primary email address: $email ($memid)\n";
|
||||
// $body .= "Certificate Subject: $CN\n";
|
||||
// if($URL != "")
|
||||
// $body .= "Notary URL: $URL\n";
|
||||
// if($URL != "" && $nofile == 0)
|
||||
// $body .= "PhotoID URL: https://www.cacert.org/account.php?id=51&photoid=$tverify\n";
|
||||
|
||||
// $body .= "\nCurrent Points: ".$tmp['points']."\n\n";
|
||||
|
||||
$body .= "We know that by signing into https://tverify.cacert.org that\n";
|
||||
$body .= "1. they have possession of a cert issued from Thawte\n";
|
||||
$body .= "2. the person named in the cert has been verified by Thawte's Web of Trust\n";
|
||||
|
|
|
|||
|
|
@ -34,13 +34,8 @@
|
|||
$row = mysql_fetch_assoc($account);
|
||||
$memid = $row['memid'];
|
||||
|
||||
$name = trim($_SERVER["SSL_CLIENT_S_DN_CN"]);
|
||||
while(strstr($name, " "))
|
||||
$name = str_replace(" ", " ", $name);
|
||||
$bits = explode(" ", $name);
|
||||
|
||||
$firstname = $bits["0"];
|
||||
$lastname = $bits[count($bits) - 1];
|
||||
$firstname = trim($_SERVER["SSL_CLIENT_S_DN_G"]);
|
||||
$lastname = trim($_SERVER["SSL_CLIENT_S_DN_S"])
|
||||
|
||||
$query = "select * from `users` where `fname`='$firstname' and `lname`='$lastname' and `id`='$memid'";
|
||||
if(mysql_num_rows(mysql_query($query)) <= 0)
|
||||
|
|
|
|||
Loading…
Reference in a new issue