stamp attack fix
This commit is contained in:
parent
bb089a0e5e
commit
ac5d02a307
5 changed files with 65 additions and 35 deletions
|
@ -7,6 +7,18 @@
|
|||
$arr = explode("/", $arr['1'], 2);
|
||||
$ref = $arr['0'];
|
||||
|
||||
$arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2);
|
||||
$arr = explode("/", $arr['1'], 2);
|
||||
$siteref = $arr['0'];
|
||||
|
||||
if($ref == "" || ($ref != $siteref && $siteref != ""))
|
||||
{
|
||||
if($siteref != "")
|
||||
$siterefer = $_SERVER['HTTP_REFERER'];
|
||||
else
|
||||
$siterefer = $_REQUEST['refer'];
|
||||
$invalid = 2;
|
||||
} else {
|
||||
$query = "select *,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts`
|
||||
where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and
|
||||
`domaincerts`.`subject` like '%subjectAltName=DNS:$ref/%' order by `domaincerts`.`id`";
|
||||
|
@ -40,7 +52,10 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($invalid == 0)
|
||||
{
|
||||
$cert = mysql_fetch_assoc($res);
|
||||
if($org == 0)
|
||||
{
|
||||
|
@ -51,6 +66,7 @@
|
|||
$query = "select * from `orginfo` where `id`='$cert[orgid]'";
|
||||
$orgi = mysql_fetch_assoc(mysql_query($query));
|
||||
}
|
||||
}
|
||||
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
<head>
|
||||
|
@ -90,7 +106,7 @@ google_ad_channel = "";
|
|||
<? } else { ?>
|
||||
<p style="color:red">This site has potentially abused CAcert logos and Copyrights, please report it so we may further investigate.</p>
|
||||
<? } ?>
|
||||
<p><a href="report.php?refer=<?=$_REQUEST['refer']?>">Problem with this site? Please report it</a></p>
|
||||
<p><a href="report.php?refer=<?=$siterefer?>">Problem with this site? Please report it</a></p>
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
|
|
@ -4,9 +4,23 @@
|
|||
$arr = explode("/", $arr['1'], 2);
|
||||
$ref = $arr['0'];
|
||||
|
||||
$arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2);
|
||||
$arr = explode("/", $arr['1'], 2);
|
||||
$siteref = $arr['0'];
|
||||
|
||||
|
||||
header('Content-type: image/png');
|
||||
$im = imagecreatefrompng($img);
|
||||
|
||||
if($ref == "" || ($ref != $siteref && $siteref != ""))
|
||||
{
|
||||
$tc = imagecolorallocate ($im, 255, 0, 0);
|
||||
imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc);
|
||||
imagestring ($im, 2, 1, 45, "Click to Report", $tc);
|
||||
imagepng($im);
|
||||
exit;
|
||||
}
|
||||
|
||||
$query = "select * from `domlink`,`domains`,`domaincerts`
|
||||
where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and
|
||||
`domaincerts`.`subject` like '%subjectAltName=DNS:$ref/%' order by `domaincerts`.`id`";
|
||||
|
|
|
@ -41,7 +41,7 @@
|
|||
$body .= "Reason: $reason\n";
|
||||
$body .= "Comment: $comment\n";
|
||||
|
||||
sendmail("cacert-abuse@lists.cacert.org,$email", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website");
|
||||
sendmail("cacert-abuse@lists.cacert.org", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website");
|
||||
}
|
||||
|
||||
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||
|
@ -87,7 +87,7 @@ google_ad_channel = "";
|
|||
<label for="sub"> </label><input type="submit" name="process" value="Report Site"><br />
|
||||
</form>
|
||||
<? } else { ?>
|
||||
<p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible. You will receive a confirmation of your report by email.</p>
|
||||
<p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.</p>
|
||||
<? } ?>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -607,7 +607,7 @@ label {
|
|||
|
||||
label,input,select {
|
||||
display: block;
|
||||
width: 150px;
|
||||
width: 250px;
|
||||
float: left;
|
||||
margin-bottom: 10px;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?
|
||||
if($process == "Confirm, I agree to these terms and conditions" && $iagree == "yes")
|
||||
{
|
||||
$output_file = $fname = "cacert-20060817.tar.bz2";
|
||||
$output_file = $fname = "cacert-20061128.tar.bz2";
|
||||
|
||||
header('Pragma: public');
|
||||
|
||||
|
|
Loading…
Reference in a new issue