cacert
/
cacert-webdb
9
0
Fork 0
Code Issues Pull Requests 5 Projects Releases 3 Wiki Activity

Improved input checking

Browse Source
pull/1/head
root 16 years ago
parent 86af1fce0c
commit b09426a18e
1 changed files with 24 additions and 19 deletions
Show Stats Download Patch File Download Diff File

43
includes/account.php
Unescape Escape View File

@ -125,12 +125,12 @@
$id = 2;
showheader(_("My CAcert.org Account!"));
$delcount = 0;
if(is_array($delid))
if(is_array($_REQUEST['delid']))
{
foreach($delid as $id)
foreach($_REQUEST['delid'] as $id)
{
$id = intval($id);
$query = "select * from `email` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."' and
$query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
`email`!='".$_SESSION['profile']['email']."'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
@ -169,7 +169,7 @@
if($process != "" && $oldid == 3)
{
if(!is_array($addid) && $_REQUEST['SSO'] != '1')
if(!is_array($_REQUEST['addid']) && $_REQUEST['SSO'] != '1')
{
showheader(_("My CAcert.org Account!"));
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
@ -179,7 +179,7 @@
$_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
$_SESSION['_config']['addid'] = $addid;
$_SESSION['_config']['addid'] = $_REQUEST['addid'];
if($_SESSION['profile']['points'] >= 50)
$_SESSION['_config']['incname'] = intval($incname);
if($_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
@ -223,7 +223,9 @@
{
if($_REQUEST['keytype'] == "NS")
{
if($_REQUEST['SPKAC'] == "" || $_REQUEST['SPKAC'] == "deadbeef")
$spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
if($spkac=="" || $spkac == "deadbeef")
{
$id = 4;
showheader(_("My CAcert.org Account!"));
@ -231,13 +233,14 @@
showfooter();
exit;
}
$emailcount = 0;
$count = 0;
$emails = "";
$addys = array();
$defaultemail="";
if(is_array($_SESSION['_config']['addid']))
foreach($_SESSION['_config']['addid'] as $id)
{
$res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'");
$res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
if(mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
@ -245,7 +248,7 @@
$defaultemail = $row['email'];
$emails .= "$count.emailAddress = ".$row['email']."\n";
$count++;
$addys[] = $row['id'];
$addys[] = intval($row['id']);
}
}
if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
@ -272,25 +275,25 @@
$emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
if($_SESSION['_config']['incname'] == 4)
$emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC']));
$emails .= "SPKAC = $spkac";
$query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='NS',
`memid`='".$_SESSION['profile']['id']."',
`memid`='".intval($_SESSION['profile']['id'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".$_SESSION['_config']['codesign']."',
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
`rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
if(is_array($addys))
foreach($addys as $addy)
mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
$CSRname = $_SESSION['_config']['filepath']."/csr/client-$emailid.csr";
$CSRname = $_SESSION['_config']['filepath']."/csr/client-".intval($emailid).".csr";
$fp = fopen($CSRname, "w");
fputs($fp, $emails);
fclose($fp);
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
if($csr == "")
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".trim($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
@ -302,7 +305,7 @@
$addys = array();
$defaultemail = "";
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if(strlen($user['mname']) == 1)
$user['mname'] .= '.';
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
@ -318,7 +321,7 @@
if(is_array($_SESSION['_config']['addid']))
foreach($_SESSION['_config']['addid'] as $id)
{
$res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'");
$res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
if(mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
@ -1267,7 +1270,9 @@
$org = $_SESSION['_config']['row'];
if($_REQUEST['keytype'] == "NS")
{
if($_REQUEST['SPKAC'] == "" || strlen($_REQUEST['SPKAC']) < 128)
$spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
if($spkac == "" || strlen($spkac) < 128)
{
$id = 17;
showheader(_("My CAcert.org Account!"));
@ -1300,7 +1305,7 @@
if($org['C'])
$emails .= "countryName = ".$org['C']."\n";
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_REQUEST['SPKAC']));
$emails .= "SPKAC = $spkac";
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
`keytype`='NS',

Write Preview
Loading…
Cancel
Save