new code + updates and bug fixes
This commit is contained in:
parent
06ba89b6d2
commit
d89c90943e
31 changed files with 938 additions and 35 deletions
|
@ -327,7 +327,7 @@
|
|||
unset($oldid);
|
||||
$id = 8;
|
||||
$addy = array();
|
||||
$adds = explode("\n", trim(`whois $newdom|grep \@`));
|
||||
$adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
|
||||
if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
|
||||
{
|
||||
if(is_array($adds))
|
||||
|
@ -428,14 +428,9 @@
|
|||
$row = mysql_fetch_assoc($res);
|
||||
echo $row['domain']."<br>\n";
|
||||
mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
|
||||
$dres = mysql_query("select * from `domaincerts` where `domid`='$id' and `expire`=0");
|
||||
$dres = mysql_query("select * from `domlink` where `domid`='$id'");
|
||||
while($drow = mysql_fetch_assoc($dres))
|
||||
{
|
||||
@unlink($row['csr_name']);
|
||||
@unlink($row['crt_name']);
|
||||
mysql_query("delete from `domaincerts` where `id`='".$drow['id']."'");
|
||||
}
|
||||
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `domid`='$id' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
|
||||
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
|
||||
}
|
||||
}
|
||||
showfooter();
|
||||
|
@ -1211,7 +1206,7 @@
|
|||
if($org['C'])
|
||||
$csrsubject .= "/countryName=".$org['C'];
|
||||
if($org['contact'])
|
||||
$csrsubject .= "/emailAddress=".$org['contact'];
|
||||
$csrsubject .= "/emailAddress=".trim($org['contact']);
|
||||
|
||||
if(is_array($_SESSION['_config']['rows']))
|
||||
foreach($_SESSION['_config']['rows'] as $row)
|
||||
|
@ -1823,6 +1818,15 @@
|
|||
}
|
||||
}
|
||||
|
||||
if($id == 43 && $_GET['tverify'] > 0)
|
||||
{
|
||||
$memid = $_GET['userid'] = intval($_GET['tverify']);
|
||||
$query = "select * from `users` where `id`='$memid'";
|
||||
$row = mysql_fetch_assoc(mysql_query($query));
|
||||
$ver = !$row['tverify'];
|
||||
mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
|
||||
}
|
||||
|
||||
if($id == 50)
|
||||
{
|
||||
if($_GET['userid'] != "")
|
||||
|
|
|
@ -32,6 +32,8 @@
|
|||
$tmpid = $id + 500;
|
||||
if($PHP_SELF == "/gpg.php")
|
||||
$tmpid = $id + 1000;
|
||||
if($PHP_SELF == "/disputes.php")
|
||||
$tmpid = $id + 1500;
|
||||
|
||||
switch($tmpid)
|
||||
{
|
||||
|
@ -101,6 +103,17 @@
|
|||
case 1008:
|
||||
case 1009:
|
||||
case 1010: $expand = " explode('gpg');"; break;
|
||||
case 1500:
|
||||
case 1501:
|
||||
case 1502:
|
||||
case 1503:
|
||||
case 1504:
|
||||
case 1505:
|
||||
case 1506:
|
||||
case 1507:
|
||||
case 1508:
|
||||
case 1509:
|
||||
case 1510: $expand = " explode('disputes');"; break;
|
||||
}
|
||||
|
||||
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||
|
@ -108,7 +121,7 @@
|
|||
<head>
|
||||
<title><?=$title?></title>
|
||||
<? if($_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
|
||||
<link rel="stylesheet" href="styles/default.css" type="text/css">
|
||||
<link rel="stylesheet" href="/styles/default.css" type="text/css">
|
||||
<script language="JavaScript" type="text/javascript">
|
||||
function explode(e) {
|
||||
if (document.getElementById(e).style.display == 'none') {
|
||||
|
@ -193,6 +206,10 @@ function hideall() {
|
|||
<ul class="menu" id="sysadmin"><li><a href="account.php?id=42"><?=_("Find User")?></a></li><li><a href="account.php?id=48"><?=_("Find Domain")?></a></li></ul>
|
||||
</div>
|
||||
<? } ?>
|
||||
<div class="relatedLinks">
|
||||
<h3 onclick="explode('disputes')">+ <?=_("Disputes/Abuses")?></h3>
|
||||
<ul class="menu" id="disputes"><li><a href="disputes.php?id=0"><?=_("More Information")?></a></li><li><a href="disputes.php?id=1"><?=_("Email Dispute")?></a></li><li><a href="disputes.php?id=2"><?=_("Domain Dispute")?></a></li><li><a href="disputes.php?id=3"><?=_("Abuses")?></a></li></ul>
|
||||
</div>
|
||||
</div>
|
||||
<div id="content">
|
||||
<div class="story">
|
||||
|
|
|
@ -24,7 +24,9 @@
|
|||
|
||||
require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
|
||||
|
||||
if($_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] && $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'])
|
||||
if($_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] &&
|
||||
$_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'] &&
|
||||
$_SERVER['HTTP_HOST'] != $_SESSION['_config']['tverify'])
|
||||
{
|
||||
if($_SERVER['HTTPS'] == "on")
|
||||
header("location: https://".$_SESSION['_config']['normalhostname']);
|
||||
|
@ -33,6 +35,14 @@
|
|||
exit;
|
||||
}
|
||||
|
||||
if(($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] ||
|
||||
$_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify']) &&
|
||||
$_SERVER['HTTPS'] != "on")
|
||||
{
|
||||
header("location: https://".$_SERVER['HTTP_HOST']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$lang = mysql_escape_string(substr(trim($lang), 0, 5));
|
||||
if($lang != "")
|
||||
$_SESSION['_config']['language'] = $lang;
|
||||
|
@ -126,7 +136,7 @@
|
|||
|
||||
function loadem($section = "index")
|
||||
{
|
||||
if($section != "index" && $section != "account")
|
||||
if($section != "index" && $section != "account" && $section != "tverify")
|
||||
{
|
||||
$section = "index";
|
||||
}
|
||||
|
@ -136,17 +146,22 @@
|
|||
|
||||
if($section == "index")
|
||||
include_once($_SESSION['_config']['filepath']."/includes/general_stuff.php");
|
||||
|
||||
if($section == "tverify")
|
||||
include_once($_SESSION['_config']['filepath']."/includes/tverify_stuff.php");
|
||||
}
|
||||
|
||||
function includeit($id = "0", $section = "index")
|
||||
{
|
||||
$id = intval($id);
|
||||
if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg")
|
||||
if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg" && $section != "disputes" && $section != "tverify")
|
||||
{
|
||||
$section = "index";
|
||||
}
|
||||
|
||||
if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
|
||||
if($section == "tverify" && file_exists($_SESSION['_config']['filepath']."/tverify/index/$id.php"))
|
||||
include_once($_SESSION['_config']['filepath']."/tverify/index/$id.php");
|
||||
else if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
|
||||
include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
|
||||
else {
|
||||
$id = "0";
|
||||
|
|
|
@ -24,7 +24,7 @@ if(!function_exists("showheader"))
|
|||
<head>
|
||||
<title><?=$title?></title>
|
||||
<? if($_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
|
||||
<link rel="stylesheet" href="styles/default.css" type="text/css">
|
||||
<link rel="stylesheet" href="/styles/default.css" type="text/css">
|
||||
<link href="http://my.rsscache.com/www.cacert.org/rss.php" rel="alternate" type="application/rss+xml" title="rss">
|
||||
</head>
|
||||
<body>
|
||||
|
|
|
@ -82,6 +82,7 @@
|
|||
if($id == "logout")
|
||||
{
|
||||
$_SESSION['profile']['loggedin'] = 0;
|
||||
|
||||
header("location: https://".$_SERVER['HTTP_HOST']."/index.php");
|
||||
exit;
|
||||
}
|
||||
|
|
|
@ -94,6 +94,10 @@
|
|||
<td class="DataTD"><?=_("Date of Birth")?>:</td>
|
||||
<td class="DataTD"><?=$row['dob']?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Tverify Account")?>:</td>
|
||||
<td class="DataTD"><a href="account.php?id=43&tverify=<?=$row['id']?>"><?=$row['tverify']?></a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Change Password")?>:</td>
|
||||
<td class="DataTD"><a href="account.php?id=44&userid=<?=$row['id']?>"><?=_("Change Password")?></a></td>
|
||||
|
|
|
@ -18,8 +18,8 @@
|
|||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Please choose an authority email address")?></td>
|
||||
</tr>
|
||||
<? if(is_array($_SESSION[_config][addy]))
|
||||
foreach($_SESSION[_config][addy] as $add) { ?>
|
||||
<? if(is_array($_SESSION['_config']['addy']))
|
||||
foreach($_SESSION['_config']['addy'] as $add) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked"; $tagged = 1; } ?>></td>
|
||||
<td class="DataTD" width="175"><?=$add?></td>
|
||||
|
|
21
pages/disputes/0.php
Normal file
21
pages/disputes/0.php
Normal file
|
@ -0,0 +1,21 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<H3><?=_("Disputes and Abuse Reporting")?></H3>
|
||||
<p><?=_("Please select the most appropriate section to report your problem.")?></p>
|
||||
<H4><?=_("Disputes")?></H4>
|
||||
<p><?=_("If you want to dispute who has control of your email address or domain, select 'Dispute Email' or 'Dispute Domain' on the right hand side.")?></p>
|
||||
<H4><?=_("Abuses")?></H4>
|
||||
<p><?=_("If you would like to report an abuse of our certificates that breaches our policies please select the Abuse menu on the right.")?></p>
|
||||
|
31
pages/disputes/1.php
Normal file
31
pages/disputes/1.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<H3><?=_("Email Dispute")?></H3>
|
||||
<p><?=_("If your dispute is sucessful you will have the email address removed from the system, you will need add the email address as per usual afterwards. The email will be removed from the current account and any certificates will be revoked.")?></p>
|
||||
<form method="post" action="disputes.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Which Email?")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Email Address")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="dispute" value=""></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("File Dispute")?>"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
32
pages/disputes/2.php
Normal file
32
pages/disputes/2.php
Normal file
|
@ -0,0 +1,32 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<H3><?=_("Domain Dispute")?></H3>
|
||||
<p><?=_("If your dispute is sucessful the domain will be removed from the current account and any certificates will be revoked.")?></p>
|
||||
<form method="post" action="disputes.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Dispute Domain")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Domain")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="dispute"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("File Dispute")?>"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
36
pages/disputes/4.php
Normal file
36
pages/disputes/4.php
Normal file
|
@ -0,0 +1,36 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<H3><?=_("Email Dispute")?></H3>
|
||||
<p><? printf(_("Currently the email '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), $_SESSION['_config']['email']); ?></p>
|
||||
<form method="post" action="disputes.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Email Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?=_("Reject Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?=_("Accept Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?=_("Report Dispute as Abuse")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="type" value="reallyemail">
|
||||
</form>
|
34
pages/disputes/5.php
Normal file
34
pages/disputes/5.php
Normal file
|
@ -0,0 +1,34 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<form method="post" action="disputes.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Please choose an authority email address")?></td>
|
||||
</tr>
|
||||
<? if(is_array($_SESSION['_config']['addy']))
|
||||
foreach($_SESSION['_config']['addy'] as $add) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked"; $tagged = 1; } ?>></td>
|
||||
<td class="DataTD" width="175"><?=$add?></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
|
36
pages/disputes/6.php
Normal file
36
pages/disputes/6.php
Normal file
|
@ -0,0 +1,36 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<H3><?=_("Domain Dispute")?></H3>
|
||||
<p><? printf(_("Currently the domain '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), $_SESSION['_config']['domain']); ?></p>
|
||||
<form method="post" action="disputes.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Domain Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?=_("Reject Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?=_("Accept Dispute")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?=_("Report Dispute as Abuse")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="type" value="reallydomain">
|
||||
</form>
|
|
@ -28,7 +28,7 @@
|
|||
<h3><?=_("Latest News")?></h3>
|
||||
|
||||
<?
|
||||
$query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 2";
|
||||
$query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 5";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
|
|
|
@ -12,8 +12,8 @@
|
|||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<? if($_SESSION[_config][hostname] == $_SESSION['_config']['securehostname']) { ?>
|
||||
<?=$_SERVER[SSL_CLIENT_M_SERIAL]?>
|
||||
<?=$_SERVER['SSL_CLIENT_M_SERIAL']?>
|
||||
<? if($_SESSION['_config']['hostname'] == $_SESSION['_config']['securehostname']) { ?>
|
||||
<p><?=_("Warning! You've attempted to log into the system with a client certificate, but the login failed due to the certificate being expired, revoked or simply not valid for this site. You can login using your Email/Pass Phrase to get a new certificate, by clicking on 'Normal Login' to the right of your screen.")?></p>
|
||||
<? } else { ?>
|
||||
<p><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
|
||||
|
@ -24,7 +24,7 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Email Address")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="email" value="<?=$_SESSION[profile][email]?>"></td>
|
||||
<td class="DataTD" width="125"><input type="text" name="email" value="<?=$_SESSION['profile']['email']?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Pass Phrase")?>: </td>
|
||||
|
|
|
@ -55,3 +55,13 @@
|
|||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
<p><?=_("Due to the increasing number of people that haven't been able to recover their passwords via the lost password form there is now 2 other options available to you. If you don't care about your account you can signup under a new account file dispute forms to recover your email accounts and domains. If you would like to recover your password via help from support staff this requires a small payment to cover time from a real person to verify your claims to ownership on an account, click the payment button below to continue.")?></p>
|
||||
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
|
||||
<input type="hidden" name="cmd" value="_s-xclick">
|
||||
<input type="image" src="http://www.cacert.org/images/payment.png" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
|
||||
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHVwYJKoZIhvcNAQcEoIIHSDCCB0QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCcj72vb6G4qSvGH9eYmqH4fhA57qxM1uusLfMk2UajMjBvSJQjhzoSpmkhcWXZTe+9/D/1jIETAetOz1b7+yQP/KqYG1F8N3rhaVOFXRNzFt7/k9jUdeHOyNHuLeAufGffJQV+Z9u3V8PBzser1p9b/pNaHqhcXN3IotJ9pHqefDELMAkGBSsOAwIaBQAwgdQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIzm59jrqaUZKAgbA+J7HoXUFrsr+MVo0MSDG1OcFhTBqJu9MUnBwn4Hrh9I/iavI8YIpsrk3iaWTABH5AlHs2NdC5vUIGN6bAmT5cHfYHD8/LLyeXpfkYpV2Efk7Akx+IF4HGkaR/w5eho2lSTwJWbCL2FMAwPUJT3UoR52thY1AVIXEgAo8mtDC92Ep411IlUYiUXfps/shdSTGB1S3SYgX+VoScEHEKwCgSX/rC39YPqKNT+aDTZirCSaCCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAeFw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc97CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAAE1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEAAaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSBszCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692Ag422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDIxOTEwNTkyOFowIwYJKoZIhvcNAQkEMRYEFGFPUKKwJ/SguqvVWbTPySsXCcydMA0GCSqGSIb3DQEBAQUABIGAE6WURQi4IHZHwiG30/Q/dy+jVz05kYJlhSEEBL0K9rx+C/sBSif1oPDw/7lF0QeJqWYEWDOdaVb32K34/4sqAmG/YBtMeN3060mNE+TNTCa2HmfqrQanXMXkY6D9/C2xnk5PzQZGEkUeFLu0268rlOHMsRsYbs8beRZDdTf58AA=-----END PKCS7-----">
|
||||
</form><form action="https://www.paypal.com/cgi-bin/webscr" method="post">
|
||||
<input type="hidden" name="cmd" value="_s-xclick">
|
||||
<input type="image" src="http://www.cacert.org/images/payment2.png" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
|
||||
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHVwYJKoZIhvcNAQcEoIIHSDCCB0QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAfInnrTkvyKudCzVWnHO7sTr6KT8/nyaTFsnpWcfn0utl1NfAiFg2VN9VjsI2WpdcfdOcweRPXVgjPN4h7OwSKIcckhtNIpA2LCT4f942wAq58F6j6O+hyrixNqXIM9w+B2ZbhhPWy4N+1iTAu3atEoMeNdnjssa+3NKhoE9vwfDELMAkGBSsOAwIaBQAwgdQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIW36wS5L25d+AgbD0OjgTJAsQghSpiIdvBO292FZ16SVcwrSNllQGrlC/V4s8iBeVuFH0uiINxDDYsGnfDJJYHehfTCDoyJkEeD6S8C8SAOWth0WF6Dm3e0cna7TkcsdxxvJiCQiWLdo+C5MVSEZE7ZTbju0BHbOpAnQbe/t8YG9kyYbG7kiNADH6wH586J5kNdRAVeirSaKciSoyfvKK5HulULIOpsXSjeh5myco/JiP9sa8wYqBCt0yF6CCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAeFw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc97CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAAE1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEAAaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSBszCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692Ag422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDIyMDA1MzcxMlowIwYJKoZIhvcNAQkEMRYEFK9eZq9Fa97Zlb8xn93M8maSF0nZMA0GCSqGSIb3DQEBAQUABIGAa0ZsL0/+p1ZvnNy1oQawEpItzBrIwr3Dd+kCIatH+aXKqTEcpfDB37N9AQEr2E6R+XKQC6Zv3TxPj6arr58XGLNSLJGzINcqS8dpdZ3ozMZYgDY/AN1DtsI4CS/tOTRe6h+9SNO6asbw9OnqtAJEqqR95AXSXG0YXF7J4KQaMT4=-----END PKCS7-----">
|
||||
</form>
|
||||
|
|
|
@ -25,15 +25,19 @@
|
|||
</tr>
|
||||
<? if($_SESSION['_config']['alreadydone'] == 1) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
|
||||
<td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
|
||||
</tr>
|
||||
<? } if($_SESSION['_config']['pointsalready'] > 0) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
|
||||
<td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
|
||||
</tr>
|
||||
<? } else if($_SESSION['_config']['pointsalready'] > 0) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left"><b><? printf(_("This person already has %s assurance points."), $_SESSION['_config']['pointsalready']); ?></b></td>
|
||||
<td class="DataTD" colspan="2" align="left" style="color: red;"><b><? printf(_("This person already has %s assurance points."), $_SESSION['_config']['pointsalready']); ?></b></td>
|
||||
</tr>
|
||||
<? } if($_SESSION['_config']['verified'] <= 0) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left" style="color: red;"><b><?=_("You are about to assure a person that isn't currently verified. If you continue and they do not verify their account within 48 hours the account could automatically be removed by the system.")?></b></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
|
|
|
@ -25,6 +25,14 @@
|
|||
mysql_query("delete from `users` where `id`='".$row['id']."'");
|
||||
}
|
||||
|
||||
$query = "delete from `domains` where `hash`!='' and
|
||||
(UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 172800";
|
||||
mysql_query($query);
|
||||
|
||||
$query = "delete from `email` where `hash`!='' and
|
||||
(UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`created`)) >= 172800";
|
||||
mysql_query($query);
|
||||
|
||||
$query = "select * from `notary` where `expire`!=0 and `expire`<NOW()";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
|
|
|
@ -47,7 +47,10 @@
|
|||
$days = 730;
|
||||
}
|
||||
|
||||
|
||||
$row['crt_name'] = "../crt/server-".$row['id'].".crt";
|
||||
$row['csr_name'] = "../..".$row['csr_name'];
|
||||
|
||||
$do = `/usr/bin/openssl ca -config /etc/ssl/openssl-server.cnf -in $row[csr_name] -out $row[crt_name] -days $days -key test -batch -subj '$row[subject]' > /dev/null 2>&1`;
|
||||
$dom = mysql_fetch_assoc(mysql_query("select * from `domains` where `id`='$row[domid]'"));
|
||||
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$dom[memid]'"));
|
||||
|
@ -118,6 +121,7 @@
|
|||
{
|
||||
$row['crt_name'] = "../crt/orgserver-".$row['id'].".crt";
|
||||
$days = 730;
|
||||
$row[csr_name] = "../../".$row[csr_name];
|
||||
$do = `/usr/bin/openssl ca -config /etc/ssl/openssl-server-org.cnf -in $row[csr_name] -out $row[crt_name] -days $days -key test -batch -subj '$row[subject]' > /dev/null 2>&1`;
|
||||
if(filesize($row[crt_name]) > 0)
|
||||
{
|
||||
|
|
5
tverify/.htaccess
Normal file
5
tverify/.htaccess
Normal file
|
@ -0,0 +1,5 @@
|
|||
php_value auto_prepend_file /www/includes/general.php
|
||||
php_value output_buffering 1
|
||||
errordocument 404 /error404.php
|
||||
errordocument 403 /error403.php
|
||||
errordocument 401 /error401.php
|
BIN
tverify/favicon.ico
Normal file
BIN
tverify/favicon.ico
Normal file
Binary file not shown.
After Width: | Height: | Size: 3.6 KiB |
100
tverify/index.php
Normal file
100
tverify/index.php
Normal file
|
@ -0,0 +1,100 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
// phpinfo(); exit;
|
||||
include_once("../includes/general.php");
|
||||
loadem("tverify");
|
||||
|
||||
$id = intval($_GET['id']);
|
||||
if(intval($_POST['id']) > 0)
|
||||
$id = intval($_POST['id']);
|
||||
|
||||
if($id == 1)
|
||||
{
|
||||
$nofile = 1;
|
||||
$photoid = $_FILES['photoid'];
|
||||
if($photoid['error'] == 0)
|
||||
{
|
||||
$type = strtolower($photoid['type']);
|
||||
switch($type)
|
||||
{
|
||||
case 'image/gif': $ext = "gif"; $nofile = 0; break;
|
||||
case 'image/jpeg': $ext = "jpg"; $nofile = 0; break;
|
||||
case 'image/jpg': $ext = "jpg"; $nofile = 0; break;
|
||||
case 'image/png': $ext = "png"; $nofile = 0; break;
|
||||
default:
|
||||
$id = 0;
|
||||
$_SESSION['_config']['errmsg'] = _("On jpg, gif and png file types are acceptable");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($id == 1)
|
||||
{
|
||||
$memid = mysql_escape_string($_SESSION['_config']['uid']);
|
||||
$email = mysql_escape_string($_POST["email"]);
|
||||
$password = mysql_escape_string($_POST["pword"]);
|
||||
$URL = mysql_escape_string($_POST["notaryURL"]);
|
||||
$CN = mysql_escape_string($_SESSION['_config']['CN']);
|
||||
|
||||
$query = "select * from `users` where `id`='$memid' and `email`='$email' and `password`=password('$password')";
|
||||
if(mysql_num_rows(mysql_query($query)) <= 0)
|
||||
{
|
||||
$_SESSION['_config']['errmsg'] = _("I'm sorry, I couldn't match your login details to your certificate to an account on this system.");
|
||||
$id = 0;
|
||||
} else {
|
||||
$query = "insert into `tverify` set `memid`='$memid', `URL`='$URL', `CN`='$CN', `created`=NOW()";
|
||||
mysql_query($query);
|
||||
$tverify = mysql_insert_id();
|
||||
if($nofile == 0)
|
||||
{
|
||||
$filename = $photoid['tmp_name'];
|
||||
$newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext);
|
||||
move_uploaded_file($filename, $newfile);
|
||||
$query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'";
|
||||
mysql_query($query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($id == 1)
|
||||
{
|
||||
$body = "There is a new valid request for thawte points tranfer, details as follows:\n\n";
|
||||
$body .= "Primary email address: $email ($memid)\n";
|
||||
$body .= "Certificate Subject: $CN\n";
|
||||
if($URL != "")
|
||||
$body .= "Notary URL: $URL\n";
|
||||
if($URL != "" && $nofile == 0)
|
||||
$body .= "PhotoID URL: https://www.cacert.org/account.php?id=51&photoid=$tverify\n";
|
||||
|
||||
$query = "SELECT sum(`points`) as `points` FROM `notary` WHERE `to`='$memid'";
|
||||
$row = mysql_fetch_assoc(mysql_query($query));
|
||||
|
||||
$body .= "\nCurrent Points: ".$row['points']."\n\n";
|
||||
|
||||
$body .= "\nTo vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n";
|
||||
|
||||
$body .= "Best regards"."\n";
|
||||
$body .= "CAcert Support Team";
|
||||
|
||||
|
||||
// sendmail("cacert-tverify@lists.cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "@cacert.org", "returns@cacert.org", "", "CAcert Tverify");
|
||||
sendmail("duane@cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "@cacert.org", "returns@cacert.org", "", "CAcert Tverify");
|
||||
}
|
||||
|
||||
showheader(_("Thawte Points Transfer"));
|
||||
includeit($id, "tverify");
|
||||
showfooter();
|
||||
?>
|
97
tverify/index/0.php
Normal file
97
tverify/index/0.php
Normal file
|
@ -0,0 +1,97 @@
|
|||
<?
|
||||
$continue = 1;;
|
||||
if($_SERVER["SSL_CLIENT_S_DN_CN"] == "Thawte Freemail Member")
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("I wasn't able to locate your name on your certificate, as such you can't continue with this process.");
|
||||
}
|
||||
|
||||
if($continue == 1)
|
||||
{
|
||||
$addy = array();
|
||||
$emails = explode("/", trim($_SERVER["SSL_CLIENT_S_DN"]));
|
||||
foreach($emails as $email)
|
||||
{
|
||||
$bits = explode("=", $email);
|
||||
if($bits["0"] == "emailAddress")
|
||||
{
|
||||
$query = "select * from `email` where `email`='".$bits["1"]."' and `deleted`=0 and hash=''";
|
||||
$account = mysql_query($query);
|
||||
if(mysql_num_rows($account))
|
||||
$addy[] = $bits["1"];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if(count($addy) <= 0 && $continue == 1)
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("I wasn't able to match any email accounts on your certificate to any accounts in our database, as such I can't continue with this process.");
|
||||
}
|
||||
|
||||
if($continue == 1)
|
||||
{
|
||||
$row = mysql_fetch_assoc($account);
|
||||
$memid = $row['memid'];
|
||||
|
||||
$name = trim($_SERVER["SSL_CLIENT_S_DN_CN"]);
|
||||
while(strstr($name, " "))
|
||||
$name = str_replace(" ", " ", $name);
|
||||
$bits = explode(" ", $name);
|
||||
|
||||
$firstname = $bits["0"];
|
||||
$lastname = $bits[count($bits) - 1];
|
||||
|
||||
$query = "select * from `users` where `fname`='$firstname' and `lname`='$lastname' and `id`='$memid'";
|
||||
if(mysql_num_rows(mysql_query($query)) <= 0)
|
||||
{
|
||||
$continue = 0;
|
||||
echo _("The name and email address on your certificate could not be exactly matched to any stored in our database, as such I'm not able to contiue with this process.");
|
||||
}
|
||||
}
|
||||
|
||||
if($_SERVER["SSL_CLIENT_VERIFY"] == "SUCCESS" && $continue == 1)
|
||||
{
|
||||
$_SESSION['_config']['uid'] = $row['memid'];
|
||||
$_SESSION['_config']['CN'] = trim($_SERVER["SSL_CLIENT_S_DN"]);
|
||||
?>
|
||||
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
|
||||
<?=_("By just submitting your Thawte certificate you can be issued 50 points automatically to any matching account in the system that you operate.")?><br>
|
||||
<?=_("To receive an additional 40 points you must also include a valid link to your notary listing on the Thawte website.")?><br>
|
||||
<?=_("If you meet the above criteria you are also elligible to receive an additional 60 points by submitting a legible government issued copy of your photo ID. If details on your photo ID aren't legible you may be excluded from receiving these points.")?></p>
|
||||
<? if($_SESSION['_config']['errmsg'] != "") { ?><p> </p><p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><?
|
||||
echo $_SESSION['_config']['errmsg']."</p>";
|
||||
unset($_SESSION['_config']['errmsg']);
|
||||
} ?>
|
||||
<form method="post" action="index.php" enctype="multipart/form-data">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("Points Transfer and Verification")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Email Address")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="email" value="<?=$row['email']?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Notary URL")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="text" name="notaryURL"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" width="125"><?=_("Photo ID")?>: </td>
|
||||
<td class="DataTD" width="125"><input type="file" name="photoid"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Pass Phrase")?>: </td>
|
||||
<td class="DataTD"><input type="password" name="pword"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Submit Application for Points Transfer")?>"></td>
|
||||
</tr>
|
||||
|
||||
</table>
|
||||
<input type="hidden" name="id" value="1">
|
||||
</form>
|
||||
<? } else if($continue == 1) {
|
||||
echo _("1I'm sorry, I couldn't verify your certificate");
|
||||
}
|
||||
?>
|
1
tverify/index/1.php
Normal file
1
tverify/index/1.php
Normal file
|
@ -0,0 +1 @@
|
|||
<p><?=_("Your request is now queued for processing, you will be notified by an automated email when your request has been verified by the points transfer team.");?></p>
|
|
@ -37,6 +37,10 @@
|
|||
echo _("Your message has been sent to the general support list.");
|
||||
showfooter();
|
||||
exit;
|
||||
} else if($id == 51 && $_GET['img'] == "show") {
|
||||
$query = "select * from `tverify` where `id`='".$_GET['photoid']."'";
|
||||
$row = mysql_fetch_assoc(mysql_query($query));
|
||||
readfile($row['photoid']);
|
||||
} else {
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
includeit($id, "account");
|
||||
|
|
431
www/disputes.php
Normal file
431
www/disputes.php
Normal file
|
@ -0,0 +1,431 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
require_once("../includes/loggedin.php");
|
||||
|
||||
loadem("account");
|
||||
|
||||
if($type == "reallyemail")
|
||||
{
|
||||
$emailid = intval($_SESSION['_config']['emailid']);
|
||||
$hash = mysql_escape_string(trim($_SESSION['_config']['hash']));
|
||||
|
||||
$res = mysql_query("select * from `disputeemail` where `id`='$emailid' and `hash`='$hash'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("This dispute no longer seems to be in the database, can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$oldmemid = $row['oldmemid'];
|
||||
|
||||
if($action == "reject")
|
||||
{
|
||||
mysql_query("update `disputeemail` set hash='',action='reject' where `id`='$emailid'");
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("You have opted to reject this dispute and the request will be removed from the database");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
if($action == "accept")
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo "<p>"._("You have opted to accept this dispute and the request will now remove this email address from the existing account, and revoke any current certificates.")."</p>";
|
||||
echo "<p>"._("The following accounts have been removed:")."<br>\n";
|
||||
$query = "select * from `email` where `id`='$emailid' and deleted=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
$row = mysql_fetch_assoc($res);
|
||||
echo $row['email']."<br>\n";
|
||||
$query = "select `emailcerts`.`id`
|
||||
from `emaillink`,`emailcerts` where
|
||||
`emailid`='$emailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
|
||||
`revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
|
||||
group by `emailcerts`.`id`";
|
||||
$dres = mysql_query($query);
|
||||
while($drow = mysql_fetch_assoc($dres))
|
||||
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
|
||||
|
||||
$do = `../scripts/runclient`;
|
||||
$query = "update `email` set `deleted`=NOW() where `id`='$emailid'";
|
||||
mysql_query($query);
|
||||
}
|
||||
mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");
|
||||
$rc = mysql_num_rows("select * from `domains` where `memid`='$oldmemid' and `deleted`=0");
|
||||
$rc = mysql_num_rows("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'");
|
||||
$res = mysql_query("select * from `users` where `id`='$oldmemid'");
|
||||
$user = mysql_fetch_assoc($res);
|
||||
if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email'])
|
||||
{
|
||||
mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'");
|
||||
echo _("This was the primary email on the account, and no emails or domains were left linked so the account has also been removed from the system.");
|
||||
}
|
||||
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if($type == "email")
|
||||
{
|
||||
$emailid = intval($emailid);
|
||||
$hash = trim(mysql_escape_string(stripslashes($hash)));
|
||||
if($emailid <= 0 || $hash == "")
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("Invalid request. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$res = mysql_query("select * from `disputeemail` where `id`='$emailid' and `hash`='$hash'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
$res = mysql_query("select * from `disputeemail` where `id`='$emailid' and hash!=''");
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
$row = mysql_fetch_assoc($res);
|
||||
mysql_query("update `disputeemail` set `attempts`='".intval($row['attempts'] + 1)."' where `id`='".$row['id']."'");
|
||||
showheader(_("Email Dispute"));
|
||||
if($row['attempts'] >= 3)
|
||||
{
|
||||
echo _("Your attempt to accept or reject a disputed email is invalid due to the hash string not matching with the email ID. Your attempt has been logged and the request will be removed from the system as a result.");
|
||||
mysql_query("update `disputeemail` set hash='',action='failed' where `id`='$emailid'");
|
||||
} else
|
||||
echo _("Your attempt to accept or reject a disputed email is invalid due to the hash string not matching with the email ID.");
|
||||
showfooter();
|
||||
exit;
|
||||
} else {
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("Invalid request. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
$_SESSION['_config']['emailid'] = $emailid;
|
||||
$_SESSION['_config']['hash'] = $hash;
|
||||
$row = mysql_fetch_assoc(mysql_query("select * from `disputeemail` where `id`='$emailid'"));
|
||||
$_SESSION['_config']['email'] = $row['email'];
|
||||
showheader(_("Email Dispute"));
|
||||
includeit("4", "disputes");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if($type == "reallydomain")
|
||||
{
|
||||
$domainid = intval($_SESSION['_config']['domainid']);
|
||||
$hash = mysql_escape_string(trim($_SESSION['_config']['hash']));
|
||||
|
||||
$res = mysql_query("select * from `disputedomain` where `id`='$domainid' and `hash`='$hash'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("This dispute no longer seems to be in the database, can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if($action == "reject")
|
||||
{
|
||||
mysql_query("update `disputedomain` set hash='',action='reject' where `id`='$domainid'");
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("You have opted to reject this dispute and the request will be removed from the database");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
if($action == "accept")
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
echo "<p>"._("You have opted to accept this dispute and the request will now remove this domain from the existing account, and revoke any current certificates.")."</p>";
|
||||
echo "<p>"._("The following accounts have been removed:")."<br>\n";
|
||||
$query = "select * from `domains` where `id`='$domainid' and deleted=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
echo $_SESSION['_config']['domain']."<br>\n";
|
||||
mysql_query("update `domains` set `deleted`=NOW() where `id`='$domainid'");
|
||||
$query = "select * from `domlink` where `domid`='$domainid'";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
|
||||
$do = `../scripts/runserver`;
|
||||
}
|
||||
mysql_query("update `disputedomain` set hash='',action='accept' where `id`='$domainid'");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if($type == "domain")
|
||||
{
|
||||
$domainid = intval($domainid);
|
||||
$hash = trim(mysql_escape_string(stripslashes($hash)));
|
||||
if($domainid <= 0 || $hash == "")
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("Invalid request. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$res = mysql_query("select * from `disputedomain` where `id`='$domainid' and `hash`='$hash'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
$res = mysql_query("select * from `disputedomain` where `id`='$domainid' and hash!=''");
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
$row = mysql_fetch_assoc($res);
|
||||
mysql_query("update `disputedomain` set `attempts`='".intval($row['attempts'] + 1)."' where `id`='".$row['id']."'");
|
||||
showheader(_("Domain Dispute"));
|
||||
if($row['attempts'] >= 3)
|
||||
{
|
||||
echo _("Your attempt to accept or reject a disputed domain is invalid due to the hash string not matching with the domain ID. Your attempt has been logged and the request will be removed from the system as a result.");
|
||||
mysql_query("update `disputedomain` set hash='',action='failed' where `id`='$domainid'");
|
||||
} else
|
||||
echo _("Your attempt to accept or reject a disputed domain is invalid due to the hash string not matching with the domain ID.");
|
||||
showfooter();
|
||||
exit;
|
||||
} else {
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("Invalid request. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
$_SESSION['_config']['domainid'] = $domainid;
|
||||
$_SESSION['_config']['hash'] = $hash;
|
||||
$row = mysql_fetch_assoc(mysql_query("select * from `disputedomain` where `id`='$domainid'"));
|
||||
$_SESSION['_config']['domain'] = $row['domain'];
|
||||
showheader(_("Domain Dispute"));
|
||||
includeit("6", "disputes");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if($oldid == "1")
|
||||
{
|
||||
$email = trim(mysql_escape_string(stripslashes($dispute)));
|
||||
if($email == "")
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("Not a valid email address. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$res = mysql_query("select * from `disputeemail` where `email`='$email' and hash!=''");
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
printf(_("The email address '%s' already exists in the dispute system. Can't continue."), $email);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
unset($oldid);
|
||||
$query = "select * from `email` where `email`='$email' and `deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
printf(_("The email address '%s' doesn't already in the system. Can't continue."), $email);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$oldmemid = $row['memid'];
|
||||
$emailid = $row['id'];
|
||||
if($_SESSION['profile']['id'] == $oldmemid)
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("You aren't allowed to dispute your own email addresses. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$res = mysql_query("select * from `users` where `id`='$oldmemid'");
|
||||
$user = mysql_fetch_assoc($res);
|
||||
$rc = mysql_num_rows("select * from `domains` where `memid`='$oldmemid' and `deleted`=0");
|
||||
$rc = mysql_num_rows("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'");
|
||||
if($user['email'] == $email && ($rc > 0 || $rc2 > 0))
|
||||
{
|
||||
showheader(_("Email Dispute"));
|
||||
echo _("You only dispute the primary email address of an account if there is no longer any email addresses or domains linked to it.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$rnd = fopen("/dev/urandom", "r");
|
||||
$hash = md5(fgets($rnd, 64));
|
||||
fclose($rnd);
|
||||
$query = "insert into `disputeemail` set `email`='$email',`memid`='".$_SESSION['profile']['id']."',
|
||||
`oldmemid`='$oldmemid',`created`=NOW(),`hash`='$hash',`id`='$emailid',
|
||||
`IP`='".$_SERVER['REMOTE_ADDR']."'";
|
||||
mysql_query($query);
|
||||
|
||||
$body = sprintf(_("You have been sent this email as the email address '%s' is being disputed. You have the option to accept or reject this request, after 2 days the request will automatically be discarded. Click the following link to accept or reject the dispute:"), $email)."\n\n";
|
||||
$body .= "https://".$_SESSION['_config']['normalhostname']."/disputes.php?type=email&emailid=$emailid&hash=$hash\n\n";
|
||||
$body .= _("Best regards")."\n"._("CAcert.org Support!");
|
||||
|
||||
sendmail($email, "[CAcert.org] "._("Dispute Probe"), $body, "support@cacert.org", "returns@cacert.org", "", "CAcert Support");
|
||||
|
||||
showheader(_("Email Dispute"));
|
||||
printf(_("The email address '%s' has been entered into the dispute system, the email address will now be sent an email which will give the recipent the option of accepting or rejecting the request, if after 2 days we haven't received a valid response for or against we will discard the request."), $email);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if($oldid == "2")
|
||||
{
|
||||
$domain = trim(mysql_escape_string(stripslashes($dispute)));
|
||||
if($domain == "")
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("Not a valid Domain. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$query = "select * from `disputedomain` where `domain`='$domain' and hash!=''";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
printf(_("The domain '%s' already exists in the dispute system. Can't continue."), $domain);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
unset($oldid);
|
||||
$query = "select * from `domains` where `domain`='$domain' and `deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
printf(_("The domain '%s' doesn't already in the system. Can't continue."), $email);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$oldmemid = $row['memid'];
|
||||
if($_SESSION['profile']['id'] == $oldmemid)
|
||||
{
|
||||
showheader(_("Domain Dispute"));
|
||||
echo _("You aren't allowed to dispute your own email addresses. Can't continue.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$domainid = $row['id'];
|
||||
$_SESSION['_config']['domainid'] = $domainid;
|
||||
$_SESSION['_config']['memid'] = $memid;
|
||||
$_SESSION['_config']['domain'] = $domain;
|
||||
$_SESSION['_config']['oldmemid'] = $oldmemid;
|
||||
|
||||
$addy = array();
|
||||
$domtmp = escapeshellarg($domain);
|
||||
$adds = explode("\n", trim(`whois $domtmp|grep \@`));
|
||||
if(substr($domain, -4) == ".org" || substr($domain, -5) == ".info")
|
||||
{
|
||||
if(is_array($adds))
|
||||
foreach($adds as $line)
|
||||
{
|
||||
$bits = explode(":", $line, 2);
|
||||
$line = trim($bits[1]);
|
||||
if(!in_array($line, $addy) && $line != "")
|
||||
$addy[] = trim(mysql_escape_string(stripslashes($line)));
|
||||
}
|
||||
} else {
|
||||
if(is_array($adds))
|
||||
foreach($adds as $line)
|
||||
{
|
||||
$line = trim(str_replace("\t", " ", $line));
|
||||
$line = trim(str_replace("(", "", $line));
|
||||
$line = trim(str_replace(")", " ", $line));
|
||||
|
||||
$bits = explode(" ", $line);
|
||||
foreach($bits as $bit)
|
||||
{
|
||||
if(strstr($bit, "@"))
|
||||
$line = $bit;
|
||||
}
|
||||
if(!in_array($line, $addy) && $line != "")
|
||||
$addy[] = trim(mysql_escape_string(stripslashes($line)));
|
||||
}
|
||||
}
|
||||
|
||||
$rfc = array("root@$domain", "hostmaster@$domain", "postmaster@$domain", "admin@$domain", "webmaster@$domain");
|
||||
foreach($rfc as $sub)
|
||||
if(!in_array($sub, $addy))
|
||||
$addy[] = $sub;
|
||||
$_SESSION['_config']['addy'] = $addy;
|
||||
showheader(_("Domain Dispute"));
|
||||
includeit("5", "disputes");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
if($oldid == "5")
|
||||
{
|
||||
$authaddy = trim(mysql_escape_string(stripslashes($_POST['authaddy'])));
|
||||
|
||||
if(!in_array($authaddy, $_SESSION['_config']['addy']) || $authaddy == "")
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo _("The address you submitted isn't a valid authority address for the domain.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$query = "select * from `domains` where `domain`='".$_SESSION['_config']['domain']."' and `deleted`=0";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
showheader(_("Domain Dispute!"));
|
||||
printf(_("The domain '%s' isn't in the system. Can't continue."), $_SESSION['_config']['domain']);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$domainid = intval($_SESSION['_config']['domainid']);
|
||||
$memid = intval($_SESSION['_config']['memid']);
|
||||
$oldmemid = intval($_SESSION['_config']['oldmemid']);
|
||||
$domain = mysql_escape_string($_SESSION['_config']['domain']);
|
||||
$rnd = fopen("/dev/urandom", "r");
|
||||
$hash = md5(fgets($rnd, 64));
|
||||
fclose($rnd);
|
||||
$query = "insert into `disputedomain` set `domain`='$domain',`memid`='".$_SESSION['profile']['id']."',
|
||||
`oldmemid`='$oldmemid',`created`=NOW(),`hash`='$hash',`id`='$domainid'";
|
||||
mysql_query($query);
|
||||
|
||||
$body = sprintf(_("You have been sent this email as the domain '%s' is being disputed. You have the option to accept or reject this request, after 2 days the request will automatically be discarded. Click the following link to accept or reject the dispute:"), $domain)."\n\n";
|
||||
$body .= "https://".$_SESSION['_config']['normalhostname']."/disputes.php?type=domain&domainid=$domainid&hash=$hash\n\n";
|
||||
$body .= _("Best regards")."\n"._("CAcert.org Support!");
|
||||
|
||||
sendmail($authaddy, "[CAcert.org] "._("Dispute Probe"), $body, "support@cacert.org", "returns@cacert.org", "", "CAcert Support");
|
||||
|
||||
showheader(_("Domain Dispute"));
|
||||
printf(_("The domain '%s' has been entered into the dispute system, the email address you choose will now be sent an email which will give the recipent the option of accepting or rejecting the request, if after 2 days we haven't received a valid response for or against we will discard the request."), $domain);
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
showheader(_("Domain and Email Disputes"));
|
||||
includeit($id, "disputes");
|
||||
showfooter();
|
||||
?>
|
|
@ -45,7 +45,7 @@
|
|||
|
||||
if(strtolower($_SESSION['lostpw']['A1']) == strtolower($_SESSION['lostpw']['user']['A1']))
|
||||
$answers++;
|
||||
$body .= "System: ".$_SESSION['lostpw']['A1']."\nEntered: ".$_SESSION['lostpw']['user']['A1']."\n";
|
||||
$body .= "System: ".$_SESSION['lostpw']['user']['A1']."\nEntered: ".$_SESSION['lostpw']['A1']."\n";
|
||||
}
|
||||
if($Q2)
|
||||
{
|
||||
|
@ -53,7 +53,7 @@
|
|||
|
||||
if(strtolower($_SESSION['lostpw']['A2']) == strtolower($_SESSION['lostpw']['user']['A2']))
|
||||
$answers++;
|
||||
$body .= "System: ".$_SESSION['lostpw']['A2']."\nEntered: ".$_SESSION['lostpw']['user']['A2']."\n";
|
||||
$body .= "System: ".$_SESSION['lostpw']['user']['A2']."\nEntered: ".$_SESSION['lostpw']['A2']."\n";
|
||||
}
|
||||
if($Q3)
|
||||
{
|
||||
|
@ -61,7 +61,7 @@
|
|||
|
||||
if(strtolower($_SESSION['lostpw']['A3']) == strtolower($_SESSION['lostpw']['user']['A3']))
|
||||
$answers++;
|
||||
$body .= "System: ".$_SESSION['lostpw']['A3']."\nEntered: ".$_SESSION['lostpw']['user']['A3']."\n";
|
||||
$body .= "System: ".$_SESSION['lostpw']['user']['A3']."\nEntered: ".$_SESSION['lostpw']['A3']."\n";
|
||||
}
|
||||
if($Q4)
|
||||
{
|
||||
|
@ -69,7 +69,7 @@
|
|||
|
||||
if(strtolower($_SESSION['lostpw']['A4']) == strtolower($_SESSION['lostpw']['user']['A4']))
|
||||
$answers++;
|
||||
$body .= "System: ".$_SESSION['lostpw']['A4']."\nEntered: ".$_SESSION['lostpw']['user']['A4']."\n";
|
||||
$body .= "System: ".$_SESSION['lostpw']['user']['A4']."\nEntered: ".$_SESSION['lostpw']['A4']."\n";
|
||||
}
|
||||
if($Q5)
|
||||
{
|
||||
|
@ -77,7 +77,7 @@
|
|||
|
||||
if(strtolower($_SESSION['lostpw']['A5']) == strtolower($_SESSION['lostpw']['user']['A5']))
|
||||
$answers++;
|
||||
$body .= "System: ".$_SESSION['lostpw']['A5']."\nEntered: ".$_SESSION['lostpw']['user']['A5']."\n";
|
||||
$body .= "System: ".$_SESSION['lostpw']['user']['A5']."\nEntered: ".$_SESSION['lostpw']['A5']."\n";
|
||||
}
|
||||
|
||||
$_SESSION['lostpw']['pw1'] = trim(mysql_escape_string(stripslashes($newpass1)));
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
<p>Feel free to copy, use, change, ... the following logos. I created them
|
||||
using the <a href="http://www.cacert.org">CAcert.org</a> site logo and some gimp
|
||||
magic. Send comments or suggestions to <a href="/kontakt/">Chris</a>. Licence: Whatever. I don't care.</p>
|
||||
magic. Send comments or suggestions to <a href="http://www.christoph-probst.com/kontakt/">Chris</a>. Licence: Whatever. I don't care.</p>
|
||||
|
||||
<img src="logos/cacert1.png" alt="www.cacert.org" border="0">
|
||||
<img src="logos/cacert-free-certificates2.png" alt="www.cacert.org" border="0">
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?
|
||||
if($process == "Confirm, I agree to these terms and conditions" && $iagree == "yes")
|
||||
{
|
||||
$output_file = $fname = "cacert-20050104.tar.bz2";
|
||||
$output_file = $fname = "cacert-20050217.tar.bz2";
|
||||
|
||||
header('Pragma: public');
|
||||
|
||||
|
|
|
@ -26,12 +26,12 @@
|
|||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$row[attempts]++;
|
||||
if($row[attempts] == 4)
|
||||
$row['attempts']++;
|
||||
if($row['attempts'] == 4)
|
||||
{
|
||||
mysql_query("update `email` set `hash`='', `attempts`='$row[attempts]', `deleted`=NOW() where `id`='$emailid'");
|
||||
showheader(_("Error!"), _("Error!"));
|
||||
echo "You've attempted to verify the same email address a fourth time with an invalid hash, subsequently this request has been deleted in the system";
|
||||
echo _("You've attempted to verify the same email address a fourth time with an invalid hash, subsequently this request has been deleted in the system");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
|
10
www/wot.php
10
www/wot.php
|
@ -74,13 +74,21 @@
|
|||
$_SESSION['_config']['alreadydone'] = 1;
|
||||
}
|
||||
unset($_SESSION['_config']['pointsalready']);
|
||||
if($id == 6 && $_SESSION['profile']['points'] > 150)
|
||||
if($id == 6 && $_SESSION['profile']['points'] >= 100)
|
||||
{
|
||||
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
|
||||
$res = mysql_query($query);
|
||||
$drow = mysql_fetch_assoc($res);
|
||||
$_SESSION['_config']['pointsalready'] = $drow['total'];
|
||||
}
|
||||
unset($_SESSION['_config']['verified']);
|
||||
if($id == 6 && $_SESSION['profile']['points'] >= 100)
|
||||
{
|
||||
$query = "select `verified` from `users` where `id`='".$_SESSION['_config']['notarise']['id']."'";
|
||||
$res = mysql_query($query);
|
||||
$drow = mysql_fetch_assoc($res);
|
||||
$_SESSION['_config']['verified'] = $drow['verified'];
|
||||
}
|
||||
}
|
||||
|
||||
if($oldid == 6)
|
||||
|
|
Loading…
Reference in a new issue