diff --git a/pages/account/6.php b/pages/account/6.php index ae72730..0054b7a 100644 --- a/pages/account/6.php +++ b/pages/account/6.php @@ -14,12 +14,15 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> - - $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']); +*/ + +// Get certificate information +$certid = 0; +if(array_key_exists('cert',$_REQUEST)) { + $certid = intval($_REQUEST['cert']); +} -// $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`, +$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`, UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`, `emailcerts`.`expire` as `expires`, @@ -32,123 +35,90 @@ `emailcerts`.`crt_name`, `emailcerts`.`keytype`, `emailcerts`.`description` - from `emailcerts` - where `emailcerts`.`id`='$certid' and `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'"; + from `emailcerts` + where `emailcerts`.`id`='$certid' and + `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'"; + +$res = mysql_query($query); +if(mysql_num_rows($res) <= 0) { + showheader(_("My CAcert.org Account!")); + echo _("No such certificate attached to your account."); + showfooter(); + exit; +} +$row = mysql_fetch_assoc($res); - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - showheader(_("My CAcert.org Account!")); - echo _("No such certificate attached to your account."); - showfooter(); - exit; +if (array_key_exists('format', $_REQUEST)) { + // Which output format? + if ($_REQUEST['format'] === 'der') { + $outform = '-outform DER'; + $extension = 'cer'; + } else { + $outform = '-outform PEM'; + $extension = 'crt'; } - $row = mysql_fetch_assoc($res); $crtname=escapeshellarg($row['crt_name']); - $cert = `/usr/bin/openssl x509 -in $crtname`; - - if($row['keytype'] == "NS") - { - if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1) - { - header("Content-Type: application/x-x509-user-cert"); - header("Content-Length: ".strlen($cert)); - $fname=sanitizeFilename($row['CN']); - if($fname=="") $fname="certificate"; - header('Content-Disposition: inline; filename="'.$fname.'.crt"'); - echo $cert; - exit; - } else { - showheader(_("My CAcert.org Account!")); - echo "
"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."
\n"; - echo ""._("Click here")." "._("to install your certificate.")."
\n"; - showfooter(); - exit; - } - } else { - showheader(_("My CAcert.org Account!")); -?> -=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?> + header("Content-Type: application/pkix-cert"); + header("Content-Length: ".strlen($cert)); - -
+ $fname = sanitizeFilename($row['CN']); + if ($fname=="") $fname="certificate"; + header("Content-Disposition: attachment; filename=\"${fname}.${extension}\""); - + echo $cert; + exit; - - -=_("Your certificate:")?>
-=$cert?>+} else { + showheader(_("My CAcert.org Account!"), _("Install your certificate")); + echo '
$cert"; + ?>