"Check on log into the account if user aggreed to CCA, if not prompt him an acception form"
This commit is contained in:
Wytze van der Raay
parent
8be54e45e9
commit
ca2fe0bc16
3 changed files with 92 additions and 35 deletions
|
|
@ -19,6 +19,7 @@
|
|||
include_once("../includes/lib/general.php");
|
||||
require_once("../includes/lib/l10n.php");
|
||||
include_once("../includes/mysql.php");
|
||||
require_once('../includes/notary.inc.php');
|
||||
|
||||
if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
|
||||
$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
|
||||
|
|
@ -87,27 +88,15 @@
|
|||
//session_unregister($key);
|
||||
}
|
||||
|
||||
$_SESSION['_config']['oldlocation'] = '';
|
||||
|
||||
foreach($_GET as $key => $val)
|
||||
{
|
||||
if($_SESSION['_config']['oldlocation'])
|
||||
$_SESSION['_config']['oldlocation'] .= "&";
|
||||
|
||||
$key = str_replace(array("\n", "\r"), '', $key);
|
||||
$val = str_replace(array("\n", "\r"), '', $val);
|
||||
$_SESSION['_config']['oldlocation'] .= "$key=$val";
|
||||
}
|
||||
$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
|
||||
|
||||
header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
|
||||
$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
|
||||
header("Location: https://{$_SESSION['_config']['securehostname']}/index.php?id=4");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
|
||||
{
|
||||
header("location: https://".$_SESSION['_config']['normalhostname']);
|
||||
header("Location: https://{$_SESSION['_config']['normalhostname']}");
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
@ -141,27 +130,23 @@
|
|||
//session_unregister($key);
|
||||
}
|
||||
|
||||
header("location: https://".$normalhost."/index.php");
|
||||
header("Location: https://{$normalhost}/index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
if($_SESSION['profile']['loggedin'] < 1)
|
||||
{
|
||||
$_SESSION['_config']['oldlocation'] = '';
|
||||
|
||||
foreach($_REQUEST as $key => $val)
|
||||
{
|
||||
if('' != $_SESSION['_config']['oldlocation'])
|
||||
$_SESSION['_config']['oldlocation'] .= "&";
|
||||
|
||||
$key = str_replace(array("\n", "\r"), '', $key);
|
||||
$val = str_replace(array("\n", "\r"), '', $val);
|
||||
$_SESSION['_config']['oldlocation'] .= "$key=$val";
|
||||
}
|
||||
$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
|
||||
$hostname=$_SERVER['HTTP_HOST'];
|
||||
$hostname = str_replace(array("\n", "\r"), '', $hostname);
|
||||
header("location: https://".$hostname."/index.php?id=4");
|
||||
$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement']) {
|
||||
$_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
|
||||
if (!$_SESSION['profile']['ccaagreement']) {
|
||||
$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=52");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
33
pages/index/52.php
Normal file
33
pages/index/52.php
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
<?/*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 of the License.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
|
||||
?>
|
||||
|
||||
<div style="text-align: center;">
|
||||
<h1><?=_('CAcert Community Agreement Acceptance')?></h1>
|
||||
<p><?=sprintf(_('To get access to your account your agreement to the %s CAcert Community Agreement %s (CCA) is required.'),'<a href="/policy/CAcertCommunityAgreement.php">', '</a>')?></p>
|
||||
<p><?=_('Every member, who has agreed to the CCA, should be able to rely on the fact that every other user of CAcert has also agreed to the CCA and that the same rules apply to everybody. Moreover it is a basic requirement for the audit to be able to tell who has accepted our rules.')?></p>
|
||||
<p><?=_('Originally the acceptance was not recorded. Up until now, we do not have your agreement on record. Once you have accepted the CCA (again) your agreement is recorded and you will not need to do this step again.')?></p>
|
||||
<p><?=sprintf(_('If you do not wish to accept the CCA you should consider to ask for the closing of your account as you will not be able to access our system. In this case please send an email to support (%s).'),'<a href="mailto:support@cacert.org">support@cacert.org</a>')?></p>
|
||||
<p><?=_('If you do not want to decide about the acceptance of the CCA now, you can come back at any time.')?></p>
|
||||
<form method="post" action="index.php">
|
||||
<input type="submit" name="agree" value="<?=_('I agree to the CCA')?>">
|
||||
<input type="submit" name="disagree" value="<?=_('I do not want to accept the CCA')?>">
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
</div>
|
||||
|
|
@ -17,7 +17,7 @@
|
|||
*/
|
||||
|
||||
require_once('../includes/lib/l10n.php');
|
||||
|
||||
require_once('../includes/notary.inc.php');
|
||||
|
||||
$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
|
||||
$oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
|
||||
|
|
@ -148,6 +148,7 @@ require_once('../includes/lib/l10n.php');
|
|||
}
|
||||
}
|
||||
|
||||
//client login
|
||||
if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
|
||||
{
|
||||
include_once("../includes/lib/general.php");
|
||||
|
|
@ -171,6 +172,7 @@ require_once('../includes/lib/l10n.php');
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if($id == 4 && array_key_exists('profile',$_SESSION) && array_key_exists('loggedin',array($_SESSION['profile'])) && $_SESSION['profile']['loggedin'] == 1)
|
||||
{
|
||||
header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
|
||||
|
|
@ -218,12 +220,16 @@ require_once('../includes/lib/l10n.php');
|
|||
$_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
|
||||
$_SESSION['_config']['oldlocation'] = "account.php?id=13";
|
||||
}
|
||||
if (!isset($_SESSION['_config']['oldlocation'])){
|
||||
$_SESSION['_config']['oldlocation']='';
|
||||
}
|
||||
if (checkpwlight($pword) < 3)
|
||||
$_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
|
||||
if($_SESSION['_config']['oldlocation'] != "")
|
||||
if($_SESSION['_config']['oldlocation'] != ""){
|
||||
header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
|
||||
else
|
||||
}else{
|
||||
header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
@ -238,6 +244,40 @@ require_once('../includes/lib/l10n.php');
|
|||
}
|
||||
}
|
||||
|
||||
// check for CCA acceptance prior to login
|
||||
if ($oldid == 52 )
|
||||
{
|
||||
// Check if the user is already authenticated
|
||||
if (!array_key_exists('profile',$_SESSION)
|
||||
|| !array_key_exists('loggedin',$_SESSION['profile'])
|
||||
|| $_SESSION['profile']['loggedin'] != 1)
|
||||
{
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (array_key_exists('agree',$_REQUEST) && $_REQUEST['agree'] != "")
|
||||
{
|
||||
write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
|
||||
$_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
|
||||
|
||||
if (array_key_exists("oldlocation",$_SESSION['_config'])
|
||||
&& $_SESSION['_config']['oldlocation']!="")
|
||||
{
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/{$_SESSION['_config']['oldlocation']}");
|
||||
exit;
|
||||
} else {
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/account.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// User didn't agree
|
||||
header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
if($process && $oldid == 1)
|
||||
{
|
||||
$id = 2;
|
||||
|
|
@ -432,7 +472,6 @@ require_once('../includes/lib/l10n.php');
|
|||
`regional`='".$_SESSION['signup']['regional']."',
|
||||
`radius`='".$_SESSION['signup']['radius']."'";
|
||||
mysql_query($query);
|
||||
include_once("../includes/notary.inc.php");
|
||||
write_user_agreement($memid, "CCA", "account creation", "", 1);
|
||||
|
||||
$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
|
||||
|
|
|
|||
Loading…
Reference in a new issue