From 9a672e9bf9aa6a5369d9474a0c7a7499aa4b7510 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Sun, 5 May 2024 17:56:36 +0200
Subject: [PATCH] Improve client certificate issuing

- add more comprehensive message when a user does not select an email address or the SSO flag
- fix missing value for coll_found in emailcerts INSERT query
- handle database errors when the emailcerts INSERT query fails
---
 includes/account.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/includes/account.php b/includes/account.php
index 4e60e57..3afbe64 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -253,7 +253,8 @@ function buildSubjectFromSession() {
 		if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
 		{
 			showheader(_("My CAcert.org Account!"));
-			echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
+			?><p><?= _("I didn't receive a valid Certificate Request, hit the back button and try again."); ?></p>
+			<p><?= _("You did not select any email address and did not check the SSO option."); ?></p><?
 			showfooter();
 			exit;
 		}
@@ -495,8 +496,13 @@ function buildSubjectFromSession() {
 						`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
 						`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
 						`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
-						`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
-			mysql_query($query);
+						`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."',
+						`coll_found`=0";
+
+			if (!mysql_query($query)) {
+				trigger_error("Query failed: " . mysql_errno() . ": " . mysql_error(), E_USER_ERROR);
+			}
+
 			$emailid = mysql_insert_id();
 			if(is_array($addys))
 			foreach($addys as $addy)
-- 
2.30.2