From c5e7a94b758674a25cfa2dab8b49517771c123e8 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Mon, 19 Nov 2007 16:31:50 +0000
Subject: [PATCH] Fixed a few minor bugs, improved revoked UID handling, but
 still needs some work

---
 www/gpg.php | 61 ++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 42 insertions(+), 19 deletions(-)

diff --git a/www/gpg.php b/www/gpg.php
index 48a7a78..72e4465 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -43,15 +43,16 @@
 
 	$keyid="";
 
-
-//if($_SESSION["profile"]["id"] != 5897)
-//{
-//  showheader(_("Welcome to CAcert.org"));
-//  echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience.";
-//
-//  exit(0);
-//}
-
+if(0)
+{
+  if($_SESSION["profile"]["id"] != 5897)
+  {
+    showheader(_("Welcome to CAcert.org"));
+    echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience.";
+  
+    exit(0);
+  }
+}
 
 
 function verifyName($name)
@@ -156,7 +157,11 @@ function verifyEmail($email)
 
                         $resulttable.="<td bgcolor='#".($emailok?"c0ffc0":"ffc0c0")."'>$mail</td>";
 			$uidok=0;
-			if($mail=="" and $name=="")
+			if($bits[1]=="r")
+			{
+				$rmessage=_("Error: UID is revoked");
+			}
+			elseif($mail=="" and $name=="")
 			{
 				$rmessage=_("Error: Both Name and Email address are empty");
 			}
@@ -272,6 +277,11 @@ function verifyEmail($email)
 					$nocomment = 1;
 					$pos = strpos($bits[9], "<") - 1;
 				}
+				if($pos < 0)
+				{
+					$pos = strlen($bits[9]);
+				}
+
 				$name = trim(hex2bin(trim(substr($bits[9], 0, $pos))));
 				$nameok=verifyName($name);
 				if($nocomment == 0)
@@ -285,13 +295,26 @@ function verifyEmail($email)
 				} else {
 					$pos = strpos($bits[9], "<") + 1;
 				}
-				$pos2 = strpos($bits[9], ">", $pos);
-				$mail = trim(hex2bin(trim(substr($bits[9], $pos, $pos2 - $pos))));
+
+				$mail="";
+	                        if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) {
+					//echo "Found: ".$match[1];
+					$mail = trim(hex2bin($match[1]));
+				}
+				else
+				{
+					//echo "Not found!\n";
+				}
+	
 				$emailok=verifyEmail($mail);
 
 				$uidid=$bits[7];
 
-			if($mail=="" and $name=="")
+			if($bits[1]=="r")
+			{
+				$ToBeDeleted[]=$uidid;
+			}
+			elseif($mail=="" and $name=="")
 			{
 				//echo "$uidid will be deleted\n";
 				$ToBeDeleted[]=$uidid;
@@ -299,17 +322,17 @@ function verifyEmail($email)
 			elseif($emailok and $nameok)
 			{
 			}
+			elseif($emailok and $name=="")
+			{
+			}
+			elseif($nameok and $mail=="")
+			{
+			}
 			elseif(!$emailok and !$nameok)
 			{
 				//echo "$uidid will be deleted\n";
 				$ToBeDeleted[]=$uidid;
 			}
-			elseif($emailok and $name=="")
-			{
-			}
-			elseif($nameok and $mail="")
-			{
-			}
 			elseif(!$emailok)
 			{
 				//echo "$uidid will be deleted\n";