507 lines
14 KiB
PHP
507 lines
14 KiB
PHP
<? /*
|
|
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
|
|
|
This file is part of CAcert.
|
|
|
|
CAcert has been released under a CAcert license
|
|
which can be found included with these source files or can
|
|
be downloaded from the internet from the following address:
|
|
http://www.cacert.org/src-lic.php
|
|
|
|
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
|
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
PARTICULAR PURPOSE. See the License for more details.
|
|
*/
|
|
session_name("cacert");
|
|
session_start();
|
|
|
|
session_register("_config");
|
|
session_register("profile");
|
|
session_register("signup");
|
|
session_register("lostpw");
|
|
|
|
$_SESSION['_config']['filepath'] = "/home/cacert";
|
|
|
|
require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
|
|
|
|
if($_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] && $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'])
|
|
{
|
|
if($_SERVER['HTTPS'] == "on")
|
|
header("location: https://".$_SESSION['_config']['normalhostname']);
|
|
else
|
|
header("location: http://".$_SESSION['_config']['normalhostname']);
|
|
exit;
|
|
}
|
|
|
|
$lang = mysql_escape_string(substr(trim($lang), 0, 5));
|
|
if($lang != "")
|
|
$_SESSION['_config']['language'] = $lang;
|
|
|
|
$_SESSION['_config']['translations'] = array("da_DK" => "Dansk", "de_DE" => "Deutsch", "en_AU" => "English",
|
|
"es_ES" => "Español", "fr_FR" => "Français", "it_IT" => "Italiano",
|
|
"hu_HU" => "Magyar", "nl_NL" => "Nederlands", "pt_PT" => "Português",
|
|
"pt_BR" => "Português Brasileiro", "ru_RU" => "Русский",
|
|
"sv_SE" => "Svenska", "tr_TR" => "Türkçe",
|
|
"zh_CN" => "中文(简体)");
|
|
|
|
if($_SESSION['_config']['language'] == "")
|
|
{
|
|
$bits = explode(",", strtolower(str_replace(" ", "", $_SERVER[HTTP_ACCEPT_LANGUAGE])));
|
|
foreach($bits as $lang)
|
|
{
|
|
$b = explode(";", $lang);
|
|
if(substr($b[1], 0, 2) == "q=")
|
|
$c = floatval(substr($b[1], 2));
|
|
else
|
|
$c = 1;
|
|
$value["$c"] = trim($b[0]);
|
|
}
|
|
|
|
krsort($value);
|
|
|
|
reset($value);
|
|
|
|
foreach($value as $key => $val)
|
|
{
|
|
$short = substr($val, 0, 2);
|
|
if($val == "en" || $short == "en")
|
|
{
|
|
$_SESSION['_config']['language'] = "en";
|
|
break;
|
|
}
|
|
if(file_exists($_SESSION['_config']['filepath']."/locale/$val/LC_MESSAGES/messages.mo"))
|
|
{
|
|
$_SESSION['_config']['language'] = $val;
|
|
break;
|
|
}
|
|
if(file_exists($_SESSION['_config']['filepath']."/locale/$short/LC_MESSAGES/messages.mo"))
|
|
{
|
|
$_SESSION['_config']['language'] = $short;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if(strlen($_SESSION['_config']['language']) != 5)
|
|
{
|
|
$lang = $_SESSION['_config']['language'];
|
|
$_SESSION['_config']['language'] = "en_AU";
|
|
foreach($_SESSION['_config']['translations'] as $key => $val)
|
|
{
|
|
if(substr($lang, 0, 2) == substr($key, 0, 2))
|
|
{
|
|
$_SESSION['_config']['language'] = $val;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['language'] == "zh_CN")
|
|
{
|
|
header("Content-Type: text/html; charset=gb2312");
|
|
$_SESSION['_config']['header'] = "<META HTTP-EQUIV=\"content-type\" CONTENT=\"text/html;charset=gb2312\">\n";
|
|
// header("Content-Transfer-Encoding: 8bit");
|
|
} else if($_SESSION['_config']['language'] == "ru_RU") {
|
|
header("Content-Type: text/html; charset=ISO-8859-5");
|
|
$_SESSION['_config']['header'] = "<META HTTP-EQUIV=\"content-type\" CONTENT=\"text/html;charset=ISO-8859-5\">\n";
|
|
// header("Content-Transfer-Encoding: 8bit");
|
|
} else {
|
|
unset($_SESSION['_config']['header']);
|
|
}
|
|
|
|
putenv("LANG=".$_SESSION['_config']['language']);
|
|
setlocale(LC_ALL, $_SESSION['_config']['language']);
|
|
|
|
$domain = 'messages';
|
|
bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
|
|
textdomain("$domain");
|
|
|
|
if($_SESSION['profile']['id'] > 0)
|
|
{
|
|
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
|
|
$res = mysql_query($query);
|
|
$row = mysql_fetch_assoc($res);
|
|
$_SESSION['profile']['points'] = $row['total'];
|
|
}
|
|
|
|
function loadem($section = "index")
|
|
{
|
|
if($section != "index" && $section != "account")
|
|
{
|
|
$section = "index";
|
|
}
|
|
|
|
if($section == "account")
|
|
include_once($_SESSION['_config']['filepath']."/includes/account_stuff.php");
|
|
|
|
if($section == "index")
|
|
include_once($_SESSION['_config']['filepath']."/includes/general_stuff.php");
|
|
}
|
|
|
|
function includeit($id = "0", $section = "index")
|
|
{
|
|
$id = intval($id);
|
|
if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg")
|
|
{
|
|
$section = "index";
|
|
}
|
|
|
|
if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
|
|
include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
|
|
else {
|
|
$id = "0";
|
|
|
|
if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
|
|
include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
|
|
else {
|
|
|
|
$section = "index";
|
|
$id = "0";
|
|
|
|
if(file_exists($_SESSION['_config']['filepath']."/www/$section/$id.php"))
|
|
include_once($_SESSION['_config']['filepath']."/www/$section/$id.php");
|
|
else
|
|
include_once($_SESSION['_config']['filepath']."/www/error404.php");
|
|
}
|
|
}
|
|
}
|
|
|
|
function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
|
|
{
|
|
$points = 0;
|
|
|
|
if(strlen($pwd) > 15)
|
|
$points++;
|
|
if(strlen($pwd) > 30)
|
|
$points++;
|
|
|
|
if(preg_match("/\d/", $pwd))
|
|
$points++;
|
|
|
|
if(preg_match("/[a-z]/", $pwd))
|
|
$points++;
|
|
|
|
if(preg_match("/[A-Z]/", $pwd))
|
|
$points++;
|
|
|
|
if(preg_match("/\W/", $pwd))
|
|
$points++;
|
|
|
|
if(preg_match("/\s/", $pwd))
|
|
$points++;
|
|
|
|
if(@strstr(strtolower($pwd), strtolower($email)))
|
|
$points--;
|
|
|
|
if(@strstr(strtolower($email), strtolower($pwd)))
|
|
$points--;
|
|
|
|
if(@strstr(strtolower($pwd), strtolower($fname)))
|
|
$points--;
|
|
|
|
if(@strstr(strtolower($fname), strtolower($pwd)))
|
|
$points--;
|
|
|
|
if($mname)
|
|
if(@strstr(strtolower($pwd), strtolower($mname)))
|
|
$points--;
|
|
|
|
if($mname)
|
|
if(@strstr(strtolower($mname), strtolower($pwd)))
|
|
$points--;
|
|
|
|
if(@strstr(strtolower($pwd), strtolower($lname)))
|
|
$points--;
|
|
|
|
if(@strstr(strtolower($lname), strtolower($pwd)))
|
|
$points--;
|
|
|
|
if($suffix)
|
|
if(@strstr(strtolower($pwd), strtolower($suffix)))
|
|
$points--;
|
|
|
|
if($suffix)
|
|
if(@strstr(strtolower($suffix), strtolower($pwd)))
|
|
$points--;
|
|
|
|
$do = `grep '$pwd' /usr/share/dict/american-english`;
|
|
if($do)
|
|
$points--;
|
|
|
|
return($points);
|
|
}
|
|
|
|
function extractit()
|
|
{
|
|
$bits = explode(": ", $_SESSION['_config'][subject], 2);
|
|
$bits = str_replace(", ", "|", str_replace("/", "|", $bits['1']));
|
|
$bits = explode("|", $bits);
|
|
|
|
$_SESSION['_config']['cnc'] = $_SESSION['_config']['subaltc'] = 0;
|
|
|
|
if(is_array($bits))
|
|
foreach($bits as $val)
|
|
{
|
|
if(!strstr($val, "="))
|
|
continue;
|
|
|
|
$split = explode("=", $val);
|
|
|
|
$k = $split[0];
|
|
$split['1'] = trim($split['1']);
|
|
if($k == "CN" && $split['1'])
|
|
{
|
|
$k = $_SESSION['_config']['cnc'].".".$k;
|
|
$_SESSION['_config']['cnc']++;
|
|
$_SESSION['_config'][$k] = $split['1'];
|
|
}
|
|
if($k == "subjectAltName" && $split['1'])
|
|
{
|
|
$k = $_SESSION['_config']['subaltc'].".".$k;
|
|
$_SESSION['_config']['subaltc']++;
|
|
$_SESSION['_config'][$k] = $split['1'];
|
|
}
|
|
}
|
|
}
|
|
|
|
function getcn()
|
|
{
|
|
for($cnc = 0; $cnc < $_SESSION['_config']['cnc']; $cnc++)
|
|
{
|
|
$CN = $_SESSION['_config']["$cnc.CN"];
|
|
$bits = explode(".", $CN);
|
|
$dom = "";
|
|
for($i = count($bits) - 1; $i >= 0; $i--)
|
|
{
|
|
if($dom)
|
|
$dom = $bits[$i].".".$dom;
|
|
else
|
|
$dom = $bits[$i];
|
|
$_SESSION['_config']['row'] = "";
|
|
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$_SESSION['_config']['row'] = mysql_fetch_assoc($res);
|
|
$rowid[] = $_SESSION['_config']['row']['id'];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['row'] != "")
|
|
$rows[] = $CN;
|
|
}
|
|
if(count($rows) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$_SESSION['_config']['rows'] = $rows;
|
|
$_SESSION['_config']['rowid'] = $rowid;
|
|
}
|
|
|
|
function getalt()
|
|
{
|
|
for($altc = 0; $altc < $_SESSION['_config']['subaltc']; $altc++)
|
|
{
|
|
$subalt = $_SESSION['_config']["$altc.subjectAltName"];
|
|
if(substr($subalt, 0, 4) != "DNS:")
|
|
continue;
|
|
|
|
$alt = substr($subalt, 4);
|
|
$bits = explode(".", $alt);
|
|
$dom = "";
|
|
for($i = count($bits) - 1; $i >= 0; $i--)
|
|
{
|
|
if($dom)
|
|
$dom = $bits[$i].".".$dom;
|
|
else
|
|
$dom = $bits[$i];
|
|
$_SESSION['_config']['altrow'] = "";
|
|
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
|
|
$altid[] = $_SESSION['_config']['altrow']['id'];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['altrow'] != "")
|
|
$altrows[] = $subalt;
|
|
}
|
|
$_SESSION['_config']['altrows'] = $altrows;
|
|
$_SESSION['_config']['altid'] = $altid;
|
|
}
|
|
|
|
function getcn2()
|
|
{
|
|
for($cnc = 0; $cnc < $_SESSION['_config']['cnc']; $cnc++)
|
|
{
|
|
$CN = $_SESSION['_config']["$cnc.CN"];
|
|
$bits = explode(".", $CN);
|
|
$dom = "";
|
|
for($i = count($bits) - 1; $i >= 0; $i--)
|
|
{
|
|
if($dom)
|
|
$dom = $bits[$i].".".$dom;
|
|
else
|
|
$dom = $bits[$i];
|
|
$_SESSION['_config']['row'] = "";
|
|
$query = "select *, `orginfo`.`id` as `id` from `orginfo`,`orgdomains`,`org` where
|
|
`org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orginfo`.`id` and
|
|
`orgdomains`.`orgid`=`orginfo`.`id` and
|
|
`orgdomains`.`domain`='$dom'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$_SESSION['_config']['row'] = mysql_fetch_assoc($res);
|
|
$rowid[] = $_SESSION['_config']['row']['id'];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['row'] != "")
|
|
$rows[] = $CN;
|
|
}
|
|
if(count($rows) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$_SESSION['_config']['rows'] = $rows;
|
|
$_SESSION['_config']['rowid'] = $rowid;
|
|
}
|
|
|
|
function getalt2()
|
|
{
|
|
for($altc = 0; $altc < $_SESSION['_config']['subaltc']; $altc++)
|
|
{
|
|
$subalt = $_SESSION['_config']["$altc.subjectAltName"];
|
|
if(substr($subalt, 0, 4) != "DNS:")
|
|
continue;
|
|
|
|
$alt = substr($subalt, 4);
|
|
$bits = explode(".", $alt);
|
|
$dom = "";
|
|
for($i = count($bits) - 1; $i >= 0; $i--)
|
|
{
|
|
if($dom)
|
|
$dom = $bits[$i].".".$dom;
|
|
else
|
|
$dom = $bits[$i];
|
|
$_SESSION['_config']['altrow'] = "";
|
|
$query = "select * from `orginfo`,`orgdomains`,`org` where
|
|
`org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orginfo`.`id` and
|
|
`orgdomains`.`orgid`=`orginfo`.`id` and
|
|
`orgdomains`.`domain`='$dom'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
|
|
$altid[] = $_SESSION['_config']['altrow']['id'];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['altrow'] != "")
|
|
$altrows[] = $subalt;
|
|
}
|
|
$_SESSION['_config']['altrows'] = $altrows;
|
|
$_SESSION['_config']['altid'] = $altid;
|
|
}
|
|
|
|
function checkownership($hostname)
|
|
{
|
|
$bits = explode(".", $hostname);
|
|
$dom = "";
|
|
for($i = count($bits) - 1; $i >= 0; $i--)
|
|
{
|
|
if($dom)
|
|
$dom = $bits[$i].".".$dom;
|
|
else
|
|
$dom = $bits[$i];
|
|
$query = "select * from `org`,`orgdomains`,`orginfo`
|
|
where `org`.`memid`='".$_SESSION['profile']['id']."'
|
|
and `orgdomains`.`orgid`=`org`.`orgid`
|
|
and `orginfo`.`id`=`org`.`orgid`
|
|
and `orgdomains`.`domain`='$dom'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$_SESSION['_config']['row'] = mysql_fetch_assoc($res);
|
|
return(true);
|
|
}
|
|
}
|
|
return(false);
|
|
}
|
|
|
|
function maxpoints($id = 0)
|
|
{
|
|
if($id <= 0)
|
|
$id = $_SESSION['profile']['id'];
|
|
|
|
$query = "select sum(`points`) as `points` from `notary` where `to`='$id' group by `to`";
|
|
$row = mysql_fetch_assoc(mysql_query($query));
|
|
|
|
$points = $row['points'];
|
|
|
|
if($points >= 300)
|
|
return(200);
|
|
if($points >= 200)
|
|
return(150);
|
|
if($points >= 150)
|
|
return(35);
|
|
if($points >= 140)
|
|
return(30);
|
|
if($points >= 130)
|
|
return(25);
|
|
if($points >= 120)
|
|
return(20);
|
|
if($points >= 110)
|
|
return(15);
|
|
if($points >= 100)
|
|
return(10);
|
|
return(0);
|
|
}
|
|
|
|
function hex2bin($data)
|
|
{
|
|
while(strstr($data, "\\x"))
|
|
{
|
|
$pos = strlen($data) - strlen(strstr($data, "\\x"));
|
|
$before = substr($data, 0, $pos);
|
|
$char = chr(hexdec(substr($data, $pos + 2, 2)));
|
|
$after = substr($data, $pos + 4);
|
|
$data = $before.$char.$after;
|
|
}
|
|
return(utf8_decode($data));
|
|
}
|
|
|
|
function screenshot($img)
|
|
{
|
|
if(file_exists("../screenshots/".$_SESSION['_config']['language']."/$img"))
|
|
return("/screenshots/".$_SESSION['_config']['language']."/$img");
|
|
else
|
|
return("/screenshots/en/$img");
|
|
}
|
|
|
|
function signmail($to, $subject, $message, $from, $replyto = "")
|
|
{
|
|
if($replyto == "")
|
|
$replyto = $from;
|
|
$tmpfname = tempnam("/tmp", "CSR");
|
|
$fp = fopen($tmpfname, "w");
|
|
fputs($fp, $message);
|
|
fclose($fp);
|
|
$do = `/usr/bin/gpg --homedir /home/gpg --clearsign "$tmpfname"|/usr/sbin/sendmail "$to"`;
|
|
@unlink($tmpfname);
|
|
}
|
|
?>
|