|
|
@ -154,7 +154,7 @@
|
|
|
|
|
|
|
|
|
|
|
|
if($_REQUEST['process'] != "" && $oldid == 3)
|
|
|
|
if($_REQUEST['process'] != "" && $oldid == 3)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
if(!is_array($addid))
|
|
|
|
if(!is_array($addid) && $_REQUEST['SSO'] != '1')
|
|
|
|
{
|
|
|
|
{
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
|
@ -162,6 +162,8 @@
|
|
|
|
exit;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
|
|
|
|
|
|
|
|
|
|
|
|
$_SESSION['_config']['addid'] = $addid;
|
|
|
|
$_SESSION['_config']['addid'] = $addid;
|
|
|
|
if($_SESSION['profile']['points'] >= 50)
|
|
|
|
if($_SESSION['profile']['points'] >= 50)
|
|
|
|
$_SESSION['_config']['incname'] = intval($incname);
|
|
|
|
$_SESSION['_config']['incname'] = intval($incname);
|
|
|
@ -226,7 +228,7 @@
|
|
|
|
$addys[] = $row['id'];
|
|
|
|
$addys[] = $row['id'];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if($count <= 0)
|
|
|
|
if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
$id = 4;
|
|
|
|
$id = 4;
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
@ -235,6 +237,9 @@
|
|
|
|
exit;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
|
|
|
|
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
|
|
|
|
|
|
|
|
if($_SESSION['_config']['SSO'] == 1)
|
|
|
|
|
|
|
|
$emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
|
|
|
|
|
|
|
|
|
|
|
|
if(strlen($user['mname']) == 1)
|
|
|
|
if(strlen($user['mname']) == 1)
|
|
|
|
$user['mname'] .= '.';
|
|
|
|
$user['mname'] .= '.';
|
|
|
|
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
|
|
|
|
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
|
|
|
@ -300,6 +305,8 @@
|
|
|
|
$addys[] = $row['id'];
|
|
|
|
$addys[] = $row['id'];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if($_SESSION['_config']['SSO'] == 1)
|
|
|
|
|
|
|
|
$csrsubject .= "/emailAddress = ".$user['uniqueID'];
|
|
|
|
|
|
|
|
|
|
|
|
$tmpname = tempnam("/tmp", "CSR");
|
|
|
|
$tmpname = tempnam("/tmp", "CSR");
|
|
|
|
$do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
|
|
|
|
$do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
|
|
|
@ -916,6 +923,8 @@
|
|
|
|
$_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
|
|
|
|
$_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
|
|
|
|
$_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
|
|
|
|
$_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
|
|
|
|
$_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
|
|
|
|
$_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
|
|
|
|
|
|
|
|
$_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
|
|
|
|
|
|
|
|
$_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
|
|
|
|
$_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
|
|
|
|
$_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
|
|
|
|
$_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
|
|
|
|
$_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
|
|
|
|
$_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
|
|
|
|
$_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
|
|
|
@ -1023,6 +1032,13 @@
|
|
|
|
where `id`='".$_SESSION['profile']['id']."'";
|
|
|
|
where `id`='".$_SESSION['profile']['id']."'";
|
|
|
|
mysql_query($query);
|
|
|
|
mysql_query($query);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
$query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
|
|
|
|
|
|
|
|
`otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
|
|
|
|
|
|
|
|
mysql_query($query);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$_SESSION['_config']['user']['set'] = 0;
|
|
|
|
$_SESSION['_config']['user']['set'] = 0;
|
|
|
|
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
|
|
|
|
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
|
|
|
|
$_SESSION['profile']['loggedin'] = 1;
|
|
|
|
$_SESSION['profile']['loggedin'] = 1;
|
|
|
@ -1840,7 +1856,7 @@
|
|
|
|
{
|
|
|
|
{
|
|
|
|
$query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'";
|
|
|
|
$query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'";
|
|
|
|
$_macc = mysql_num_rows(mysql_query($query));
|
|
|
|
$_macc = mysql_num_rows(mysql_query($query));
|
|
|
|
if($_SESSION['profile']['admin'] != 1 && $_macc <= 0)
|
|
|
|
if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
|
|
echo _("You don't have access to this area.");
|
|
|
|
echo _("You don't have access to this area.");
|
|
|
@ -1862,7 +1878,7 @@
|
|
|
|
|
|
|
|
|
|
|
|
if($oldid == 33 && $_REQUEST['process'] != "")
|
|
|
|
if($oldid == 33 && $_REQUEST['process'] != "")
|
|
|
|
{
|
|
|
|
{
|
|
|
|
if($_SESSION['profile']['admin'] == 1)
|
|
|
|
if($_SESSION['profile']['orgadmin'] == 1)
|
|
|
|
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
|
|
|
|
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
|
|
|
|
else
|
|
|
|
else
|
|
|
|
$masteracc = $_SESSION['_config'][masteracc] = 0;
|
|
|
|
$masteracc = $_SESSION['_config'][masteracc] = 0;
|
|
|
@ -1882,7 +1898,7 @@
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(($oldid == 34 || $id == 34) && $_SESSION['profile']['admin'] != 1)
|
|
|
|
if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
$orgid = intval($_SESSION['_config']['orgid']);
|
|
|
|
$orgid = intval($_SESSION['_config']['orgid']);
|
|
|
|
$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
|
|
|
|
$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
|
|
|
|