This file is part of CAcert. CAcert has been released under the CAcert Source License which can be found included with these source files or can be downloaded from the internet from the following address: http://www.cacert.org/src-lic.php CAcert is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License for more details. */ ?> 0) $id = intval($_POST['id']); if($id == 1) { $nofile = 1; $photoid = $_FILES['photoid']; if($photoid['error'] == 0) { $type = strtolower($photoid['type']); switch($type) { case 'image/gif': $ext = "gif"; $nofile = 0; break; case 'image/jpeg': $ext = "jpg"; $nofile = 0; break; case 'image/jpg': $ext = "jpg"; $nofile = 0; break; case 'image/png': $ext = "png"; $nofile = 0; break; default: $id = 0; $_SESSION['_config']['errmsg'] = _("On jpg, gif and png file types are acceptable"); } } } if($id == 1) { $memid = mysql_escape_string($_SESSION['_config']['uid']); $email = mysql_escape_string($_POST["email"]); $password = mysql_escape_string($_POST["pword"]); $URL = mysql_escape_string($_POST["notaryURL"]); $CN = mysql_escape_string($_SESSION['_config']['CN']); $query = "select * from `users` where `id`='$memid' and `email`='$email' and `password`=password('$password')"; if(mysql_num_rows(mysql_query($query)) <= 0) { $_SESSION['_config']['errmsg'] = _("I'm sorry, I couldn't match your login details to your certificate to an account on this system."); $id = 0; } else { $query = "insert into `tverify` set `memid`='$memid', `URL`='$URL', `CN`='$CN', `created`=NOW()"; mysql_query($query); $tverify = mysql_insert_id(); if($nofile == 0) { $filename = $photoid['tmp_name']; $newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext); move_uploaded_file($filename, $newfile); $query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'"; mysql_query($query); } } } if($id == 1) { $body = "There is a new valid request for thawte points tranfer, details as follows:\n\n"; $body .= "Primary email address: $email ($memid)\n"; $body .= "Certificate Subject: $CN\n"; if($URL != "") $body .= "Notary URL: $URL\n"; if($URL != "" && $nofile == 0) $body .= "PhotoID URL: https://www.cacert.org/account.php?id=51&photoid=$tverify\n"; $query = "SELECT sum(`points`) as `points` FROM `notary` WHERE `to`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); $body .= "\nCurrent Points: ".$row['points']."\n\n"; $body .= "\nTo vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n"; $body .= "Best regards"."\n"; $body .= "CAcert Support Team"; // sendmail("cacert-tverify@lists.cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); sendmail("duane@cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); } showheader(_("Thawte Points Transfer")); includeit($id, "tverify"); showfooter(); ?>