Added OTP/SSO support

Fixed Org-Admin issue

includes/account.php

@@ -154,7 +154,7 @@
 
 	if($_REQUEST['process'] != "" && $oldid == 3)
 	{
-		if(!is_array($addid))
+		if(!is_array($addid) && $_REQUEST['SSO'] != '1')
 		{
 			showheader(_("My CAcert.org Account!"));
 			echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
@@ -162,6 +162,8 @@
 			exit;
 		}
 
+		$_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
+
 		$_SESSION['_config']['addid'] = $addid;
 		if($_SESSION['profile']['points'] >= 50)
 			$_SESSION['_config']['incname'] = intval($incname);
@@ -226,7 +228,7 @@
 					$addys[] = $row['id'];
 				}
 			}
-			if($count <= 0)
+			if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
 			{
 				$id = 4;
 				showheader(_("My CAcert.org Account!"));
@@ -235,6 +237,9 @@
 				exit;
 			}
 			$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
+			if($_SESSION['_config']['SSO'] == 1)
+				$emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
+
 			if(strlen($user['mname']) == 1)
 				$user['mname'] .= '.';
 			if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
@@ -300,6 +305,8 @@
 					$addys[] = $row['id'];
 				}
 			}
+			if($_SESSION['_config']['SSO'] == 1)
+				$csrsubject .= "/emailAddress = ".$user['uniqueID'];
 
 			$tmpname = tempnam("/tmp", "CSR");
 			$do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
@@ -916,6 +923,8 @@
 		$_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
 		$_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
 		$_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
+		$_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
+		$_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
 		$_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
 		$_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
 		$_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
@@ -1023,6 +1032,13 @@
 						where `id`='".$_SESSION['profile']['id']."'";
 		mysql_query($query);
 
+		if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
+		{
+			$query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
+						`otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
+			mysql_query($query);
+		}
+
 		$_SESSION['_config']['user']['set'] = 0;
 		$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
 		$_SESSION['profile']['loggedin'] = 1;
@@ -1840,7 +1856,7 @@
 	{
 		$query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'";
 		$_macc = mysql_num_rows(mysql_query($query));
-		if($_SESSION['profile']['admin'] != 1 && $_macc <= 0)
+		if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
 		{
 			showheader(_("My CAcert.org Account!"));
 			echo _("You don't have access to this area.");
@@ -1862,7 +1878,7 @@
 
 	if($oldid == 33 && $_REQUEST['process'] != "")
 	{
-		if($_SESSION['profile']['admin'] == 1)
+		if($_SESSION['profile']['orgadmin'] == 1)
 			$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
 		else
 			$masteracc = $_SESSION['_config'][masteracc] = 0;
@@ -1882,7 +1898,7 @@
 		}
 	}
 
-	if(($oldid == 34 || $id == 34) && $_SESSION['profile']['admin'] != 1)
+	if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
 	{
 		$orgid = intval($_SESSION['_config']['orgid']);
 		$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");