From be5fbc34ffa56cc3825dc1aecb526edc3839fd8b Mon Sep 17 00:00:00 2001 From: root Date: Sun, 18 Nov 2007 01:16:36 +0000 Subject: [PATCH] Fixed a few bugs --- www/gpg.php | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/www/gpg.php b/www/gpg.php index 28ef2aa..48a7a78 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -47,7 +47,7 @@ //if($_SESSION["profile"]["id"] != 5897) //{ // showheader(_("Welcome to CAcert.org")); -// echo "The OpenPGP signing system is currently shutdown due to a security problem. We hope to get it fixed within the next few weeks. We are very sorry for the inconvenience. If you want to help us to fix the problem, please contact our software developers."; +// echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience."; // // exit(0); //} @@ -56,7 +56,7 @@ function verifyName($name) { - if($name == "") return 1; + if($name == "") return 0; if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']) return 1; if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']) return 1; if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']) return 1; @@ -67,7 +67,7 @@ function verifyName($name) function verifyEmail($email) { - if($email == "") return 1; + if($email == "") return 0; if(mysql_num_rows(mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `email`='".mysql_real_escape_string($email)."' and `deleted`=0 and `hash`=''")) > 0) return 1; return 0; } @@ -111,7 +111,9 @@ function verifyEmail($email) if($bits[6] != "") $expires = 1; } - if(!strstr($line, "@")) continue; + //if(!strstr($line, "@")) continue; + + $pos = strpos($bits[9], "(") - 1; $nocomment = 0; @@ -120,10 +122,16 @@ function verifyEmail($email) $nocomment = 1; $pos = strpos($bits[9], "<") - 1; } + if($pos < 0) + { + $pos = strlen($bits[9]); + } $name = trim(hex2bin(trim(substr($bits[9], 0, $pos)))); $nameok=verifyName($name); $resulttable.="$name"; - if($nocomment == 0) + + + if($nocomment == 0 && (strpos($bits[9],")")>$pos)) { $pos += 2; $pos2 = strpos($bits[9], ")"); @@ -134,9 +142,18 @@ function verifyEmail($email) } else { $pos = strpos($bits[9], "<") + 1; } - $pos2 = strpos($bits[9], ">", $pos); - $mail = trim(hex2bin(trim(substr($bits[9], $pos, $pos2 - $pos)))); + $mail=""; + if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) { + //echo "Found: ".$match[1]; + $mail = trim(hex2bin($match[1])); + } + else + { + //echo "Not found!\n"; + } + $emailok=verifyEmail($mail); + $resulttable.="$mail"; $uidok=0; if($mail=="" and $name=="") @@ -155,12 +172,12 @@ function verifyEmail($email) elseif($emailok and $name=="") { $uidok=1; - $rmessage=_("Email OK. Name empty."); + $rmessage=_("The email is OK. The name is empty."); } - elseif($nameok and $mail="") + elseif($nameok and $mail=="") { $uidok=1; - $rmessage=_("Email OK. Name empty."); + $rmessage=_("The name is OK. The email is empty."); } elseif(!$emailok) { @@ -196,11 +213,15 @@ function verifyEmail($email) if($nok==0) { - $_SESSION['_config']['errmsg'] = _("No valid UIDs found on your key"); + showheader(_("Welcome to CAcert.org")); + echo $resulttable; + + echo ""._("No valid UIDs found on your key").""; unset($_REQUEST['process']); $id = $oldid; unset($oldid); $do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`; + exit(); } elseif($nerr) {