From bdb30f8898e31a26cb1a3c2b961676eee10f6674 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Fri, 14 Jul 2023 18:06:10 +0200
Subject: [PATCH] Use integer values for type when inserting into ordomaincerts

MySQL tolerated INSERTs of an empty string in the type column of the
ordomaincerts table. This commit uses an integer value of 0 as default
instead to ensure that MariaDB with strict settings accepts the INSERT
too.
---
 includes/account.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/includes/account.php b/includes/account.php
index 6dacf2d..4e60e57 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -1964,8 +1964,8 @@ function buildSubjectFromSession() {
 
 		$csrsubject .= buildSubjectFromSession();
 
-		$type="";
-		if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
+		$type=0;
+		if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type=8;
 		if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
 			$_SESSION['_config']['rootcert'] = 1;
 
@@ -1978,7 +1978,7 @@ function buildSubjectFromSession() {
 					`subject`='".mysql_real_escape_string($csrsubject)."',
 					`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
 					`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
-					`type`='".$type."',
+					`type`=$type,
 					`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
 		} else {
 			$query = "insert into `orgdomaincerts` set
@@ -1988,7 +1988,7 @@ function buildSubjectFromSession() {
 					`subject`='".mysql_real_escape_string($csrsubject)."',
 					`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
 					`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
-					`type`='".$type."',
+					`type`=$type,
 					`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
 		}
 		mysql_query($query);