From d8396a0147788afdce5c610044eee7295ad56b56 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Tue, 19 Feb 2008 23:10:38 +0000
Subject: [PATCH] Added a feature to disable certificate-login for selected
 client certificates

---
 www/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/www/index.php b/www/index.php
index 00d7636..795c8d3 100644
--- a/www/index.php
+++ b/www/index.php
@@ -143,7 +143,7 @@
 
 	if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
 	{
-		$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and
+		$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and disablelogin=0 and
 				UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
 		$res = mysql_query($query);
 		if(mysql_num_rows($res) > 0)