From cbaa0f9978165381b5fe43fb6fbb40b23f07c890 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 7 Feb 2007 15:33:46 +0000 Subject: [PATCH] Added OTP/SSO support Fixed Org-Admin issue --- includes/account.php | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/includes/account.php b/includes/account.php index 65aeed2..bc941df 100644 --- a/includes/account.php +++ b/includes/account.php @@ -154,7 +154,7 @@ if($_REQUEST['process'] != "" && $oldid == 3) { - if(!is_array($addid)) + if(!is_array($addid) && $_REQUEST['SSO'] != '1') { showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); @@ -162,6 +162,8 @@ exit; } + $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']); + $_SESSION['_config']['addid'] = $addid; if($_SESSION['profile']['points'] >= 50) $_SESSION['_config']['incname'] = intval($incname); @@ -226,7 +228,7 @@ $addys[] = $row['id']; } } - if($count <= 0) + if($count <= 0 && $_SESSION['_config']['SSO'] != 1) { $id = 4; showheader(_("My CAcert.org Account!")); @@ -235,6 +237,9 @@ exit; } $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); + if($_SESSION['_config']['SSO'] == 1) + $emails .= "$count.emailAddress = ".$user['uniqueID']."\n"; + if(strlen($user['mname']) == 1) $user['mname'] .= '.'; if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4) @@ -300,6 +305,8 @@ $addys[] = $row['id']; } } + if($_SESSION['_config']['SSO'] == 1) + $csrsubject .= "/emailAddress = ".$user['uniqueID']; $tmpname = tempnam("/tmp", "CSR"); $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`; @@ -916,6 +923,8 @@ $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']); $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']); $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']); + $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash'])))); + $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin'])))); $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1'])))); $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2'])))); $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3'])))); @@ -1023,6 +1032,13 @@ where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); + if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "") + { + $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."', + `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'"; + mysql_query($query); + } + $_SESSION['_config']['user']['set'] = 0; $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); $_SESSION['profile']['loggedin'] = 1; @@ -1840,7 +1856,7 @@ { $query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'"; $_macc = mysql_num_rows(mysql_query($query)); - if($_SESSION['profile']['admin'] != 1 && $_macc <= 0) + if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0) { showheader(_("My CAcert.org Account!")); echo _("You don't have access to this area."); @@ -1862,7 +1878,7 @@ if($oldid == 33 && $_REQUEST['process'] != "") { - if($_SESSION['profile']['admin'] == 1) + if($_SESSION['profile']['orgadmin'] == 1) $masteracc = $_SESSION['_config'][masteracc] = intval($masteracc); else $masteracc = $_SESSION['_config'][masteracc] = 0; @@ -1882,7 +1898,7 @@ } } - if(($oldid == 34 || $id == 34) && $_SESSION['profile']['admin'] != 1) + if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1) { $orgid = intval($_SESSION['_config']['orgid']); $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");