cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

Improved register_globals

Browse Source
pull/1/head
root 16 years ago
parent 70cc6a8aef
commit d6310c2016
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

2
www/analyse.php
Unescape Escape View File

@ -24,7 +24,7 @@
if($_POST['csr'] == "")
{ ?>
<form method="post" action="<?=$PHP_SELF?>">
<form method="post">
<p>Please paste the PEM encoded certificate signing request you would like to analyze in the text area below:</p>
<p><textarea name="csr" cols="64" rows="12"></textarea></p>
<p><input type="submit" name="process" value="<?=_("Analyse")?>"></p>

2
www/cap.php
Unescape Escape View File

@ -33,7 +33,7 @@
{
function Header()
{
$this->Image($_REQUEST[bw]?'images/CAcert-logo-mono-1000.png':'images/CAcert-logo-colour-1000.png',8,8,100);
$this->Image($_REQUEST['bw']?'images/CAcert-logo-mono-1000.png':'images/CAcert-logo-colour-1000.png',8,8,100);
$this->SetFont('Arial','B',14);
if($_SESSION['_config']['language'] == "ja_JP")
$this->SetFont('SJIS','',14);

8
www/disputes.php
Unescape Escape View File

@ -40,7 +40,7 @@
if($action == "reject")
{
mysql_query("update `disputeemail` set hash='',action='reject' where `id`='$emailid'");
mysql_query("update `disputeemail` set hash='',action='reject' where `id`='".intval($emailid)."'");
showheader(_("Email Dispute"));
echo _("You have opted to reject this dispute and the request will be removed from the database");
showfooter();
@ -51,7 +51,7 @@
showheader(_("Email Dispute"));
echo "<p>"._("You have opted to accept this dispute and the request will now remove this email address from the existing account, and revoke any current certificates.")."</p>";
echo "<p>"._("The following accounts have been removed:")."<br>\n";
$query = "select * from `email` where `id`='$emailid' and deleted=0";
$query = "select * from `email` where `id`='".intval($emailid)."' and deleted=0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@ -64,10 +64,10 @@
group by `emailcerts`.`id`";
$dres = mysql_query($query);
while($drow = mysql_fetch_assoc($dres))
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'");
$do = `../scripts/runclient`;
$query = "update `email` set `deleted`=NOW() where `id`='$emailid'";
$query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'";
mysql_query($query);
}
mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");

Write Preview
Loading…
Cancel
Save