cacert-webdb/stamp/certdet.php
2006-11-27 00:52:11 +00:00

97 lines
4 KiB
PHP

<?
$org = $invalid = 0;
$tz = intval($_REQUEST['tz']);
$now = date("Y-m-d", gmmktime("U") + ($tz * 3600));
$arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2);
$arr = explode("/", $arr['1'], 2);
$ref = $arr['0'];
$query = "select *,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts`
where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and
`domaincerts`.`subject` like '%subjectAltName=DNS:$ref/%' order by `domaincerts`.`id`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
$bits = explode(".", $ref);
for($i = 1; $i < count($bits); $i++)
{
if($ref2 != "")
$ref2 .= ".";
$ref2 .= $bits[$i];
}
$query = "select *,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts`
where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and `domaincerts`.`revoked`=0 and
(`domaincerts`.`subject` like '%subjectAltName=DNS:$ref2/%' or `domaincerts`.`subject` like '%subjectAltName=DNS:*.$ref2/%')
order by `domaincerts`.`id`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
$query = "select *,`orgdomaincerts`.`created` as `issued` from `orgdomaincerts`,`orgdomlink`,`orgdomains` where
(`orgdomaincerts`.`subject` like '%=$ref%' or `orgdomaincerts`.`subject` like '%=*.$ref2%') and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`revoked`=0 order by `orgdomaincerts`.`id`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
$invalid = 1;
} else {
$org = 1;
}
}
}
$cert = mysql_fetch_assoc($res);
if($org == 0)
{
$query = "SELECT *, sum(`points`) AS `total` FROM `users`, `notary` WHERE `users`.`id` = '$cert[memid]' AND
`notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' GROUP BY `notary`.`to`";
$user = mysql_fetch_assoc(mysql_query($query));
} else {
$query = "select * from `orginfo` where `id`='$cert[orgid]'";
$orgi = mysql_fetch_assoc(mysql_query($query));
}
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>CAcert.org Certificate Details!</title>
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body>
<div id="pagecell1">
<div id="pageName"><br>
<h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
<img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
<? if($_SERVER['HTTPS']!="on") { ?>
<div id="googlead"><br><script type="text/javascript"><!--
google_ad_client = "pub-0959373285729680";
google_alternate_color = "ffffff";
google_ad_width = 234;
google_ad_height = 60;
google_ad_format = "234x60_as";
google_ad_type = "text";
google_ad_channel = "";
//--></script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
<? } ?>
</div>
<div id="content">
<div class="story">
<h3>SSL Certificate Details for <?=$ref?></h3>
<? if($invalid == 0) { ?>
<p>
Status: Valid<br />
Valid From: <?=$cert['issued']?> GMT<br />
Valid To: <?=$cert['expire']?> GMT<br />
Subject: <a href="#" title="<?=$cert['subject']?>" onClick="return false;"><?=substr($cert['subject'],0,80)?></a><br />
Organisation: <? if($org == 0) { ?>N/A<? } else { echo $orgi['O'].", ".$orgi['L']." ".$orgi['ST']." ".$orgi['C']; } ?><br />
Verification: <? if($user['total'] >= 50) { echo "Person had been assured at time of issue with at least 50 points."; }
else if($org == 1) { ?>This organisation was assured at the time the certificate was issued.<? } ?></p>
<? } else { ?>
<p style="color:red">This site has potentially abused CAcert logos and Copyrights, please report it so we may further investigate.</p>
<? } ?>
<p><a href="report.php?refer=<?=$_REQUEST['refer']?>">Problem with this site? Please report it</a></p>
</div>
</div>
</body>
</html>