You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1883 lines
65 KiB
PHP
1883 lines
65 KiB
PHP
<? /*
|
|
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
|
|
|
This file is part of CAcert.
|
|
|
|
CAcert has been released under a CAcert Source license
|
|
which can be found included with these source files or can
|
|
be downloaded from the internet from the following address:
|
|
http://www.cacert.org/src-lic.php
|
|
|
|
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
|
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
PARTICULAR PURPOSE. See the License for more details.
|
|
*/
|
|
require_once("../includes/loggedin.php");
|
|
|
|
loadem("account");
|
|
|
|
if($process != "" && $oldid == 1)
|
|
{
|
|
$id = 1;
|
|
if(strstr($newemail, "xn--") && $_SESSION['profile']['codesign'] <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
if(trim(mysql_escape_string(stripslashes($newemail))) == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("Not a valid email address. Can't continue."), $email);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
unset($oldid);
|
|
$email = trim(mysql_escape_string(stripslashes($newemail)));
|
|
$query = "select * from `email` where `email`='$email' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("The email address '%s' is already in the system. Can't continue."), $email);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$rnd = fopen("/dev/urandom", "r");
|
|
$hash = md5(fgets($rnd, 64));
|
|
fclose($rnd);
|
|
$query = "insert into `email` set `email`='$email',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
|
|
mysql_query($query);
|
|
$emailid = mysql_insert_id();
|
|
|
|
$body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
|
|
$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
|
|
$body .= _("Best regards")."\n"._("CAcert.org Support!");
|
|
|
|
sendmail($email, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "returns@cacert.org", "", "CAcert Support");
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $email);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($makedefault != "" && $oldid == 2)
|
|
{
|
|
$id = 2;
|
|
$emailid = intval($emailid);
|
|
$query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
showheader(_("Error!"));
|
|
echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
$_SESSION['profile']['email'] = $row['email'];
|
|
$query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
|
|
mysql_query($query);
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("Your default email address has been updated to '%s'."), $row['email']);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 2)
|
|
{
|
|
$id = 2;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("The following accounts have been removed:")."<br>\n";
|
|
if(is_array($delid))
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select * from `email` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."' and
|
|
`email`!='".$_SESSION['profile']['email']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$row = mysql_fetch_assoc($res);
|
|
echo $row['email']."<br>\n";
|
|
$query = "select `emailcerts`.`id`
|
|
from `emaillink`,`emailcerts` where
|
|
`emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
|
|
`revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
|
|
group by `emailcerts`.`id`";
|
|
$dres = mysql_query($query);
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
|
|
|
|
$query = "update `email` set `deleted`=NOW() where `id`='$id'";
|
|
mysql_query($query);
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 3)
|
|
{
|
|
if(!is_array($addid))
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$_SESSION['_config']['addid'] = $addid;
|
|
if($_SESSION['profile']['points'] >= 50)
|
|
$_SESSION['_config']['incname'] = intval($incname);
|
|
if($_POST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
|
|
{
|
|
$_POST['codesign'] = 0;
|
|
}
|
|
if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && $_POST['codesign'] == 1)
|
|
{
|
|
if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
|
|
$_SESSION['_config']['incname'] = 1;
|
|
}
|
|
if($_POST['codesign'] == 1)
|
|
$_SESSION['_config']['codesign'] = 1;
|
|
else
|
|
$_SESSION['_config']['codesign'] = 0;
|
|
$id = 4;
|
|
}
|
|
|
|
if($oldid == 4)
|
|
{
|
|
if($_POST['keytype'] == "NS")
|
|
{
|
|
if($_POST['SPKAC'] == "" || $_POST['SPKAC'] == "deadbeef")
|
|
{
|
|
$id = 4;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$emailcount = 0;
|
|
$emails = "";
|
|
$addys = array();
|
|
if(is_array($_SESSION['_config']['addid']))
|
|
foreach($_SESSION['_config']['addid'] as $id)
|
|
{
|
|
$res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'");
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$row = mysql_fetch_assoc($res);
|
|
if(!$emails)
|
|
$defaultemail = $row['email'];
|
|
$emails .= "$emailcount.emailAddress = ".$row['email']."\n";
|
|
$emailcount++;
|
|
$addys[] = $row['id'];
|
|
}
|
|
}
|
|
if($emailcount <= 0)
|
|
{
|
|
$id = 4;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
|
|
$emails .= "commonName = CAcert WoT User\n";
|
|
if($_SESSION['_config']['incname'] == 1)
|
|
$emails .= "commonName = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']."\n";
|
|
if($_SESSION['_config']['incname'] == 2)
|
|
$emails .= "commonName = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']."\n";
|
|
if($_SESSION['_config']['incname'] == 3)
|
|
$emails .= "commonName = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']."\n";
|
|
if($_SESSION['_config']['incname'] == 4)
|
|
$emails .= "commonName = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']."\n";
|
|
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_POST['SPKAC']));
|
|
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='NS',
|
|
`memid`='".$_SESSION['profile']['id']."',
|
|
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
|
|
`codesign`='".$_SESSION['_config']['codesign']."'";
|
|
mysql_query($query);
|
|
$emailid = mysql_insert_id();
|
|
if(is_array($addys))
|
|
foreach($addys as $addy)
|
|
mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/client-$emailid.csr";
|
|
$fp = fopen($CSRname, "w");
|
|
fputs($fp, $emails);
|
|
fclose($fp);
|
|
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
|
|
} else if($_POST['keytype'] == "MS") {
|
|
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."-----END CERTIFICATE REQUEST-----\n";
|
|
$tmpfname = tempnam("/tmp", "CSR");
|
|
$fp = fopen($tmpfname, "w");
|
|
fputs($fp, $csr);
|
|
fclose($fp);
|
|
|
|
$addys = array();
|
|
$defaultemail = "";
|
|
|
|
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
|
|
$csrsubject = "/CN=CAcert WoT User";
|
|
if($_SESSION['_config']['incname'] == 1)
|
|
$csrsubject = "/CN=".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'];
|
|
if($_SESSION['_config']['incname'] == 2)
|
|
$csrsubject = "/CN = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']."\n";
|
|
if($_SESSION['_config']['incname'] == 3)
|
|
$csrsubject = "/CN = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']."\n";
|
|
if($_SESSION['_config']['incname'] == 4)
|
|
$csrsubject = "/CN = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']."\n";
|
|
if(is_array($_SESSION['_config']['addid']))
|
|
foreach($_SESSION['_config']['addid'] as $id)
|
|
{
|
|
$res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'");
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$row = mysql_fetch_assoc($res);
|
|
if($defaultemail == "")
|
|
$defaultemail = $row['email'];
|
|
$csrsubject .= "/emailAddress=".$row['email'];
|
|
$addys[] = $row['id'];
|
|
}
|
|
}
|
|
|
|
$tmpname = tempnam("/tmp", "CSR");
|
|
$do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
|
|
@unlink($tmpfname);
|
|
$csr = "";
|
|
$fp = fopen($tmpname, "r");
|
|
while($data = fgets($fp, 4096))
|
|
$csr .= $data;
|
|
fclose($fp);
|
|
@unlink($tmpname);
|
|
|
|
if($csr == "")
|
|
{
|
|
$id = 4;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='MS',
|
|
`memid`='".$_SESSION['profile']['id']."',
|
|
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
|
|
`subject`='$csrsubject',
|
|
`codesign`='".$_SESSION['_config']['codesign']."'";
|
|
mysql_query($query);
|
|
$emailid = mysql_insert_id();
|
|
if(is_array($addys))
|
|
foreach($addys as $addy)
|
|
mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/client-$emailid.csr";
|
|
$fp = fopen($CSRname, "w");
|
|
fputs($fp, $csr);
|
|
fclose($fp);
|
|
mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
|
|
}
|
|
$do = `../scripts/runclient`;
|
|
$query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
$id = 4;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
showfooter();
|
|
exit;
|
|
} else {
|
|
$id = 6;
|
|
$cert = $emailid;
|
|
}
|
|
}
|
|
|
|
if($oldid == 7)
|
|
{
|
|
if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$newdom = trim(escapeshellarg($newdomain));
|
|
$newdomain = mysql_escape_string(trim($newdomain));
|
|
|
|
$res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
|
|
$query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
|
|
$res2 = mysql_query($query);
|
|
if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$id = 7;
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $newdomain);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($oldid == 7)
|
|
{
|
|
unset($oldid);
|
|
$id = 8;
|
|
$addy = array();
|
|
$adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
|
|
if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
|
|
{
|
|
if(is_array($adds))
|
|
foreach($adds as $line)
|
|
{
|
|
$bits = explode(":", $line, 2);
|
|
$line = trim($bits[1]);
|
|
if(!in_array($line, $addy) && $line != "")
|
|
$addy[] = trim(mysql_escape_string(stripslashes($line)));
|
|
}
|
|
} else {
|
|
if(is_array($adds))
|
|
foreach($adds as $line)
|
|
{
|
|
$line = trim(str_replace("\t", " ", $line));
|
|
$line = trim(str_replace("(", "", $line));
|
|
$line = trim(str_replace(")", " ", $line));
|
|
|
|
$bits = explode(" ", $line);
|
|
foreach($bits as $bit)
|
|
{
|
|
if(strstr($bit, "@"))
|
|
$line = $bit;
|
|
}
|
|
if(!in_array($line, $addy) && $line != "")
|
|
$addy[] = trim(mysql_escape_string(stripslashes($line)));
|
|
}
|
|
}
|
|
|
|
$rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
|
|
foreach($rfc as $sub)
|
|
if(!in_array($sub, $addy))
|
|
$addy[] = $sub;
|
|
$_SESSION['_config']['addy'] = $addy;
|
|
$_SESSION['_config']['domain'] = mysql_escape_string($newdomain);
|
|
}
|
|
|
|
if($process != "" && $oldid == 8)
|
|
{
|
|
unset($oldid);
|
|
$id = 8;
|
|
|
|
$authaddy = trim(mysql_escape_string(stripslashes($_POST['authaddy'])));
|
|
|
|
if(!in_array($authaddy, $_SESSION['_config']['addy']) || $authaddy == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("The address you submitted isn't a valid authority address for the domain.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$query = "select * from `domains` where `domain`='".$_SESSION['_config']['domain']."' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $_SESSION['_config']['domain']);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$rnd = fopen("/dev/urandom", "r");
|
|
$hash = md5(fgets($rnd, 64));
|
|
fclose($rnd);
|
|
|
|
$query = "insert into `domains` set `domain`='".$_SESSION['_config']['domain']."',
|
|
`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
|
|
mysql_query($query);
|
|
$domainid = mysql_insert_id();
|
|
|
|
$body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
|
|
$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
|
|
$body .= _("Best regards")."\n"._("CAcert.org Support!");
|
|
|
|
sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "returns@cacert.org", "", "CAcert Support");
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 9)
|
|
{
|
|
$id = 9;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("The following domains have been removed:")."<br>
|
|
("._("Any valid certificates will be revoked as well").")<br>\n";
|
|
if(is_array($delid))
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$row = mysql_fetch_assoc($res);
|
|
echo $row['domain']."<br>\n";
|
|
mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
|
|
$dres = mysql_query("select * from `domlink` where `domid`='$id'");
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 10)
|
|
{
|
|
$CSR = trim($CSR);
|
|
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "FOO");
|
|
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
|
|
fputs($fp, $CSR);
|
|
fclose($fp);
|
|
$CSR = $_SESSION['_config']['tmpfname'];
|
|
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|grep Subject:`);
|
|
$id = 11;
|
|
|
|
extractit();
|
|
getcn();
|
|
getalt();
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($process != "" && $oldid == 11)
|
|
{
|
|
$id = 11;
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$subject = "";
|
|
foreach($_SESSION['_config']['rows'] as $row)
|
|
$subject .= "/CN=$row";
|
|
|
|
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']['rows']['0']."',
|
|
`domid`='".$_SESSION['_config']['rowid']['0']."',
|
|
`created`=NOW(),`subject`='$subject'";
|
|
mysql_query($query);
|
|
$CSRid = mysql_insert_id();
|
|
|
|
foreach($_SESSION['_config']['rowid'] as $dom)
|
|
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
|
|
if(is_array($_SESSION['_config']['altid']))
|
|
foreach($_SESSION['_config']['altid'] as $dom)
|
|
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
|
|
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/server-$CSRid.csr";
|
|
rename($_SESSION['_config']['tmpfname'], $CSRname);
|
|
mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
|
|
$do = `../scripts/runserver`;
|
|
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
showfooter();
|
|
exit;
|
|
} else {
|
|
$id = 15;
|
|
$cert = $CSRid;
|
|
}
|
|
}
|
|
|
|
if($oldid == 12 && $renew != "")
|
|
{
|
|
$id = 12;
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now renewing the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
|
|
where `domaincerts`.`id`='$id' and
|
|
`domaincerts`.`domid`=`domains`.`id` and
|
|
`domains`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
$query = "insert into `domaincerts` set `domid`='".$row['domid']."', `CN`='".$row['CN']."',
|
|
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."',
|
|
`modified`=NOW()";
|
|
mysql_query($query);
|
|
$newid = mysql_insert_id();
|
|
$newfile = $_SESSION['_config']['filepath']."/csr/server-$newid.csr";
|
|
copy($row['csr_name'], $newfile);
|
|
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|grep Subject:`);
|
|
|
|
extractit();
|
|
getcn();
|
|
getalt();
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$subject = "";
|
|
foreach($_SESSION['_config']['rows'] as $row)
|
|
$subject .= "/CN=$row";
|
|
|
|
mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
|
|
|
|
echo _("Renewing").": ".$_SESSION['_config']['0.CN']."<br>\n";
|
|
$do = `../scripts/runserver`;
|
|
$query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
} else {
|
|
$drow = mysql_fetch_assoc($res);
|
|
$cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
|
|
echo "<pre>\n$cert\n</pre>\n";
|
|
}
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 12 && $revoke != "")
|
|
{
|
|
$id = 12;
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now revoking the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
|
|
where `domaincerts`.`id`='$id' and
|
|
`domaincerts`.`domid`=`domains`.`id` and
|
|
`domains`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
|
|
$do = `../scripts/runserver`;
|
|
printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
|
|
if(is_array($delid))
|
|
{
|
|
echo _("Now deleting the following pending requests:")."<br>\n";
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
|
|
where `domaincerts`.`id`='$id' and
|
|
`domaincerts`.`domid`=`domains`.`id` and
|
|
`domains`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row['expired'] > 0)
|
|
{
|
|
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("delete from `domaincerts` where `id`='$id'");
|
|
@unlink($row['csr_name']);
|
|
@unlink($row['crt_name']);
|
|
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 5 && $renew != "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now renewing the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
|
|
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
$query = "insert into `emailcerts` set `memid`='".$row['memid']."', `CN`='".$row['CN']."',
|
|
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."',
|
|
`created`='".$row['created']."', `modified`=NOW()";
|
|
mysql_query($query);
|
|
$newid = mysql_insert_id();
|
|
$newfile = $_SESSION['_config']['filepath']."/csr/client-$newid.csr";
|
|
copy($row['csr_name'], $newfile);
|
|
mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
|
|
$res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
|
|
while($r2 = mysql_fetch_assoc($res))
|
|
{
|
|
mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
|
|
`emailcertsid`='$newid'");
|
|
}
|
|
$do = `../scripts/runclient`;
|
|
$query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
} else {
|
|
printf(_("Certificate for '%s' has been renewed."), $row['CN']);
|
|
echo "<a href='account.php?id=6&cert=$newid' target='_new'>".
|
|
_("Click here")."</a> "._("to install your certificate.");
|
|
}
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 5 && $revoke != "")
|
|
{
|
|
$id = 5;
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now revoking the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
|
|
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
|
|
$do = `../scripts/runclient`;
|
|
printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
|
|
if(is_array($delid))
|
|
{
|
|
echo _("Now deleting the following pending requests:")."<br>\n";
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
|
|
where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row['expired'] > 0)
|
|
{
|
|
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("delete from `emailcerts` where `id`='$id'");
|
|
@unlink($row['csr_name']);
|
|
@unlink($row['crt_name']);
|
|
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($id == 13 && $_SESSION['_config']['user']['set'] != 1)
|
|
{
|
|
$_SESSION['_config']['user'] = $_SESSION['profile'];
|
|
$_SESSION['_config']['user']['set'] = 1;
|
|
}
|
|
|
|
if($oldid == 13 && $process != "")
|
|
{
|
|
$_SESSION['_config']['user']['fname'] = trim(mysql_escape_string(stripslashes($fname)));
|
|
$_SESSION['_config']['user']['mname'] = trim(mysql_escape_string(stripslashes($mname)));
|
|
$_SESSION['_config']['user']['lname'] = trim(mysql_escape_string(stripslashes($lname)));
|
|
$_SESSION['_config']['user']['suffix'] = trim(mysql_escape_string(stripslashes($suffix)));
|
|
$_SESSION['_config']['user']['day'] = intval($day);
|
|
$_SESSION['_config']['user']['month'] = intval($month);
|
|
$_SESSION['_config']['user']['year'] = intval($year);
|
|
$_SESSION['_config']['user']['Q1'] = trim(mysql_escape_string(stripslashes($Q1)));
|
|
$_SESSION['_config']['user']['Q2'] = trim(mysql_escape_string(stripslashes($Q2)));
|
|
$_SESSION['_config']['user']['Q3'] = trim(mysql_escape_string(stripslashes($Q3)));
|
|
$_SESSION['_config']['user']['Q4'] = trim(mysql_escape_string(stripslashes($Q4)));
|
|
$_SESSION['_config']['user']['Q5'] = trim(mysql_escape_string(stripslashes($Q5)));
|
|
$_SESSION['_config']['user']['A1'] = trim(mysql_escape_string(stripslashes($A1)));
|
|
$_SESSION['_config']['user']['A2'] = trim(mysql_escape_string(stripslashes($A2)));
|
|
$_SESSION['_config']['user']['A3'] = trim(mysql_escape_string(stripslashes($A3)));
|
|
$_SESSION['_config']['user']['A4'] = trim(mysql_escape_string(stripslashes($A4)));
|
|
$_SESSION['_config']['user']['A5'] = trim(mysql_escape_string(stripslashes($A5)));
|
|
|
|
if($_SESSION['profile']['points'] < 100)
|
|
{
|
|
if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
|
|
{
|
|
$_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
|
|
$_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
|
|
{
|
|
$_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
}
|
|
}
|
|
|
|
if($oldid == 13 && $process != "")
|
|
{
|
|
if($_SESSION['profile']['points'] < 100)
|
|
{
|
|
$query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
|
|
`mname`='".$_SESSION['_config']['user']['mname']."',
|
|
`lname`='".$_SESSION['_config']['user']['lname']."',
|
|
`suffix`='".$_SESSION['_config']['user']['suffix']."',
|
|
`dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
|
|
where `id`='".$_SESSION['profile']['id']."'";
|
|
mysql_query($query);
|
|
}
|
|
$query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
|
|
`Q2`='".$_SESSION['_config']['user']['Q2']."',
|
|
`Q3`='".$_SESSION['_config']['user']['Q3']."',
|
|
`Q4`='".$_SESSION['_config']['user']['Q4']."',
|
|
`Q5`='".$_SESSION['_config']['user']['Q5']."',
|
|
`A1`='".$_SESSION['_config']['user']['A1']."',
|
|
`A2`='".$_SESSION['_config']['user']['A2']."',
|
|
`A3`='".$_SESSION['_config']['user']['A3']."',
|
|
`A4`='".$_SESSION['_config']['user']['A4']."',
|
|
`A5`='".$_SESSION['_config']['user']['A5']."'
|
|
where `id`='".$_SESSION['profile']['id']."'";
|
|
mysql_query($query);
|
|
|
|
$_SESSION['_config']['user']['set'] = 0;
|
|
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
|
|
$_SESSION['profile']['loggedin'] = 1;
|
|
|
|
$id = 13;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your details have been updated with the database.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 14 && $process != "")
|
|
{
|
|
$_SESSION['_config']['user']['oldpass'] = trim(mysql_escape_string(stripslashes($oldpassword)));
|
|
$_SESSION['_config']['user']['pword1'] = trim(mysql_escape_string(stripslashes($pword1)));
|
|
$_SESSION['_config']['user']['pword2'] = trim(mysql_escape_string(stripslashes($pword2)));
|
|
|
|
$id = 14;
|
|
showheader(_("My CAcert.org Account!"));
|
|
if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
|
|
{
|
|
echo _("New Pass Phrases specified don't match or were blank.");
|
|
} else {
|
|
$score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
|
|
$_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
|
|
|
|
$match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
|
|
`password`=password('".$_SESSION['_config']['user']['oldpass']."')");
|
|
|
|
if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
|
|
echo _("The Pass Phrase you submitted was too short.");
|
|
} else if($score < 3) {
|
|
printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
|
|
} else if(mysql_num_rows($match) <= 0) {
|
|
echo _("You failed to correctly enter your current Pass Phrase.");
|
|
} else {
|
|
mysql_query("update `users` set `password`=password('".$_SESSION['_config']['user']['pword1']."')
|
|
where `id`='".$_SESSION['profile']['id']."'");
|
|
echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 16)
|
|
{
|
|
$id = 16;
|
|
$_SESSION['_config']['emails'] = array();
|
|
|
|
foreach($_POST['emails'] as $val)
|
|
{
|
|
$val = mysql_escape_string(stripslashes(trim($val)));
|
|
$bits = explode("@", $val);
|
|
$count = count($bits);
|
|
if($count != 2)
|
|
continue;
|
|
|
|
if(checkownership($bits[1]) == false)
|
|
continue;
|
|
|
|
if(!is_array($_SESSION['_config']['row']))
|
|
continue;
|
|
else if($_SESSION['_config']['row']['id'] > 0)
|
|
$_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
|
|
|
|
if($val != "")
|
|
$_SESSION['_config']['emails'][] = $val;
|
|
}
|
|
$_SESSION['_config']['name'] = mysql_escape_string(stripslashes(trim($name)));
|
|
}
|
|
|
|
if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
|
|
{
|
|
$id = 16;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I couldn't match any emails against your organisational account.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 16 && $process != "")
|
|
{
|
|
if(@count($_SESSION['_config']['emails']) > 0)
|
|
$id = 17;
|
|
}
|
|
|
|
if($oldid == 17)
|
|
{
|
|
$org = $_SESSION['_config']['row'];
|
|
if($_POST['keytype'] == "NS")
|
|
{
|
|
if($_POST['SPKAC'] == "" || strlen($_POST['SPKAC']) < 128)
|
|
{
|
|
$id = 17;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$emailcount = 0;
|
|
$emails = "";
|
|
$addys = array();
|
|
if(is_array($_SESSION['_config']['emails']))
|
|
foreach($_SESSION['_config']['emails'] as $email)
|
|
{
|
|
if(!$emails)
|
|
$defaultemail = $email;
|
|
$emails .= "$emailcount.emailAddress = $email\n";
|
|
$emailcount++;
|
|
}
|
|
if($_SESSION['_config']['name'] != "")
|
|
$emails .= "commonName = ".$_SESSION['_config']['name']."\n";
|
|
if($org['OU'])
|
|
$emails .= "organizationalUnitName = ".$org['OU']."\n";
|
|
if($org['O'])
|
|
$emails .= "organizationName = ".$org['O']."\n";
|
|
if($org['L'])
|
|
$emails .= "localityName = ".$org['L']."\n";
|
|
if($org['ST'])
|
|
$emails .= "stateOrProvinceName = ".$org['ST']."\n";
|
|
if($org['C'])
|
|
$emails .= "countryName = ".$org['C']."\n";
|
|
|
|
$emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_POST['SPKAC']));
|
|
$query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='NS',
|
|
`orgid`='".$org['orgid']."',
|
|
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP())";
|
|
mysql_query($query);
|
|
$emailid = mysql_insert_id();
|
|
|
|
foreach($_SESSION['_config']['domids'] as $addy)
|
|
mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
|
|
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/orgclient-$emailid.csr";
|
|
$fp = fopen($CSRname, "w");
|
|
fputs($fp, $emails);
|
|
fclose($fp);
|
|
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
|
|
} else if($_POST['keytype'] == "MS") {
|
|
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."-----END CERTIFICATE REQUEST-----\n";
|
|
$tmpfname = tempnam("/tmp", "CSR");
|
|
$fp = fopen($tmpfname, "w");
|
|
fputs($fp, $csr);
|
|
fclose($fp);
|
|
|
|
$addys = array();
|
|
$defaultemail = "";
|
|
|
|
if($_SESSION['_config']['name'] != "")
|
|
$csrsubject = "/CN=".$_SESSION['_config']['name'];
|
|
if(is_array($_SESSION['_config']['emails']))
|
|
foreach($_SESSION['_config']['emails'] as $email)
|
|
{
|
|
if($defaultemail == "")
|
|
$defaultemail = $email;
|
|
$csrsubject .= "/emailAddress=$email";
|
|
}
|
|
if($org['OU'])
|
|
$csrsubject .= "/organizationalUnitName=".$org['OU'];
|
|
if($org['O'])
|
|
$csrsubject .= "/organizationName=".$org['O'];
|
|
if($org['L'])
|
|
$csrsubject .= "/localityName=".$org['L'];
|
|
if($org['ST'])
|
|
$csrsubject .= "/stateOrProvinceName=".$org['ST'];
|
|
if($org['C'])
|
|
$csrsubject .= "/countryName=".$org['C'];
|
|
|
|
$tmpname = tempnam("/tmp", "CSR");
|
|
$do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
|
|
@unlink($tmpfname);
|
|
$csr = "";
|
|
$fp = fopen($tmpname, "r");
|
|
while($data = fgets($fp, 4096))
|
|
$csr .= $data;
|
|
fclose($fp);
|
|
@unlink($tmpname);
|
|
|
|
if($csr == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
$query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='MS',
|
|
`orgid`='".$org['orgid']."',
|
|
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
|
|
`subject`='$csrsubject'";
|
|
mysql_query($query);
|
|
$emailid = mysql_insert_id();
|
|
|
|
foreach($_SESSION['_config']['domids'] as $addy)
|
|
mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
|
|
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/orgclient-$emailid.csr";
|
|
$fp = fopen($CSRname, "w");
|
|
fputs($fp, $csr);
|
|
fclose($fp);
|
|
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
|
|
}
|
|
$do = `../scripts/runclient`;
|
|
$query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
showfooter();
|
|
exit;
|
|
} else {
|
|
$id = 19;
|
|
$cert = $emailid;
|
|
}
|
|
}
|
|
|
|
if($oldid == 18 && $renew != "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
$id = 18;
|
|
echo _("Now renewing the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
|
|
where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orgemailcerts`.`orgid`";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
$query = "insert into `orgemailcerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."',
|
|
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."',
|
|
`created`='".$row['created']."', `modified`=NOW(), `subject`='".$row['subject']."'";
|
|
mysql_query($query);
|
|
$newid = mysql_insert_id();
|
|
$newfile = $_SESSION['_config']['filepath']."/csr/orgclient-$newid.csr";
|
|
copy($row['csr_name'], $newfile);
|
|
mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
|
|
$do = `../scripts/runclient`;
|
|
$query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
} else {
|
|
printf(_("Certificate for '%s' has been renewed."), $row['CN']);
|
|
echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
|
|
_("Click here")."</a> "._("to install your certificate.");
|
|
}
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 18 && $revoke != "")
|
|
{
|
|
$id = 18;
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now revoking the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
|
|
where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orgemailcerts`.`orgid`";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
|
|
$do = `../scripts/runclient`;
|
|
printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
|
|
if(is_array($delid))
|
|
{
|
|
echo _("Now deleting the following pending requests:")."<br>\n";
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
|
|
where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orgemailcerts`.`orgid`";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row['expired'] > 0)
|
|
{
|
|
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("delete from `orgemailcerts` where `id`='$id'");
|
|
@unlink($row['csr_name']);
|
|
@unlink($row['crt_name']);
|
|
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 20)
|
|
{
|
|
$CSR = trim($CSR);
|
|
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "FOO");
|
|
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
|
|
fputs($fp, $CSR);
|
|
fclose($fp);
|
|
$CSR = $_SESSION['_config']['tmpfname'];
|
|
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|grep Subject:`);
|
|
$id = 21;
|
|
|
|
extractit();
|
|
getcn2();
|
|
getalt2();
|
|
|
|
$query = "select * from `orginfo`,`org`,`orgdomains` where
|
|
`org`.`memid`='".$_SESSION['profile']['id']."' and
|
|
`org`.`orgid`=`orginfo`.`id` and
|
|
`org`.`orgid`=`orgdomains`.`orgid` and
|
|
`orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
|
|
$_SESSION['_config'][org] = mysql_fetch_assoc(mysql_query($query));
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
$id = 20;
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($process != "" && $oldid == 21)
|
|
{
|
|
$id = 21;
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$query = "select * from `org`,`orginfo` where
|
|
`orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
|
|
`orginfo`.`id`=`org`.`orgid` and
|
|
`org`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$org = mysql_fetch_assoc(mysql_query($query));
|
|
|
|
if($org['OU'])
|
|
$csrsubject .= "/organizationalUnitName=".$org['OU'];
|
|
if($org['O'])
|
|
$csrsubject .= "/organizationName=".$org['O'];
|
|
if($org['L'])
|
|
$csrsubject .= "/localityName=".$org['L'];
|
|
if($org['ST'])
|
|
$csrsubject .= "/stateOrProvinceName=".$org['ST'];
|
|
if($org['C'])
|
|
$csrsubject .= "/countryName=".$org['C'];
|
|
if($org['contact'])
|
|
$csrsubject .= "/emailAddress=".trim($org['contact']);
|
|
|
|
if(is_array($_SESSION['_config']['rows']))
|
|
foreach($_SESSION['_config']['rows'] as $row)
|
|
$csrsubject .= "/commonName=$row";
|
|
if(is_array($_SESSION['_config']['altrows']))
|
|
foreach($_SESSION['_config']['altrows'] as $subalt)
|
|
$csrsubject .= "/subjectAltName=$subalt";
|
|
|
|
$query = "insert into `orgdomaincerts` set `CN`='".$_SESSION['_config']['0.CN']."',
|
|
`orgid`='".$_SESSION['_config']['row']['id']."',
|
|
`created`=NOW(), `subject`='$csrsubject'";
|
|
mysql_query($query);
|
|
$CSRid = mysql_insert_id();
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/orgserver-$CSRid.csr";
|
|
rename($_SESSION['_config']['tmpfname'], $CSRname);
|
|
mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
|
|
foreach($_SESSION['_config']['rowid'] as $id)
|
|
mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
|
|
if(is_array($_SESSION['_config']['altid']))
|
|
foreach($_SESSION['_config']['altid'] as $id)
|
|
mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
|
|
$do = `../scripts/runserver`;
|
|
$query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
showfooter();
|
|
exit;
|
|
} else {
|
|
$id = 23;
|
|
$cert = $CSRid;
|
|
}
|
|
}
|
|
|
|
if($oldid == 22 && $renew != "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now renewing the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
|
|
`orgdomaincerts`,`org`
|
|
where `orgdomaincerts`.`id`='$id' and
|
|
`orgdomaincerts`.`orgid`=`org`.`orgid` and
|
|
`org`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
$query = "insert into `orgdomaincerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."',
|
|
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."',
|
|
`modified`=NOW(), `subject`='".$row['subject']."'";
|
|
mysql_query($query);
|
|
$newid = mysql_insert_id();
|
|
$newfile = $_SESSION['_config']['filepath']."/csr/orgserver-$newid.csr";
|
|
copy($row['csr_name'], $newfile);
|
|
mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
|
|
echo _("Renewing").": ".$row['CN']."<br>\n";
|
|
$res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
|
|
while($r2 = mysql_fetch_assoc($res))
|
|
mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
|
|
$do = `../scripts/runserver`;
|
|
$query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
} else {
|
|
$drow = mysql_fetch_assoc($res);
|
|
$cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
|
|
echo "<pre>\n$cert\n</pre>\n";
|
|
}
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 22 && $revoke != "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(is_array($revokeid))
|
|
{
|
|
echo _("Now revoking the following certificates:")."<br>\n";
|
|
foreach($revokeid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
|
|
`orgdomaincerts`,`org`
|
|
where `orgdomaincerts`.`id`='$id' and
|
|
`orgdomaincerts`.`orgid`=`org`.`orgid` and
|
|
`org`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row[revoke] > 0)
|
|
{
|
|
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
|
|
$do = `../scripts/runserver`;
|
|
printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
|
|
if(is_array($delid))
|
|
{
|
|
echo _("Now deleting the following pending requests:")."<br>\n";
|
|
foreach($delid as $id)
|
|
{
|
|
$id = intval($id);
|
|
$query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
|
|
`orgdomaincerts`,`org`
|
|
where `orgdomaincerts`.`id`='$id' and
|
|
`orgdomaincerts`.`orgid`=`org`.`orgid` and
|
|
`org`.`memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
|
|
continue;
|
|
}
|
|
$row = mysql_fetch_assoc($res);
|
|
if($row['expired'] > 0)
|
|
{
|
|
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
|
|
continue;
|
|
}
|
|
mysql_query("delete from `orgdomaincerts` where `id`='$id'");
|
|
@unlink($row['csr_name']);
|
|
@unlink($row['crt_name']);
|
|
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
|
|
}
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
|
|
$id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
|
|
$id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
|
|
$_SESSION['profile']['admin'] != 1)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("You don't have access to this area.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 24 && $process != "")
|
|
{
|
|
$id = intval($oldid);
|
|
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
|
|
$_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact)));
|
|
$_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L)));
|
|
$_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST)));
|
|
$_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C)));
|
|
$_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments)));
|
|
|
|
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
|
|
{
|
|
$_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
|
|
} else {
|
|
mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
|
|
`contact`='".$_SESSION['_config']['contact']."',
|
|
`L`='".$_SESSION['_config']['L']."',
|
|
`ST`='".$_SESSION['_config']['ST']."',
|
|
`C`='".$_SESSION['_config']['C']."',
|
|
`comments`='".$_SESSION['_config']['comments']."'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("'%s' has just been successfully added as an organisation to the database."), $_SESSION['_config']['O']);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($oldid == 27 && $process != "")
|
|
{
|
|
$id = intval($oldid);
|
|
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
|
|
$_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact)));
|
|
$_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L)));
|
|
$_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST)));
|
|
$_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C)));
|
|
$_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments)));
|
|
|
|
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
|
|
{
|
|
$_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
|
|
} else {
|
|
mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
|
|
`contact`='".$_SESSION['_config']['contact']."',
|
|
`L`='".$_SESSION['_config']['L']."',
|
|
`ST`='".$_SESSION['_config']['ST']."',
|
|
`C`='".$_SESSION['_config']['C']."',
|
|
`comments`='".$_SESSION['_config']['comments']."'
|
|
where `id`='".$_SESSION['_config']['orgid']."'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("'%s' has just been successfully updated in the database."), $_SESSION['_config']['O']);
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($oldid == 28 && $process != "")
|
|
{
|
|
$domain = $_SESSION['_config']['domain'] = trim(mysql_escape_string(stripslashes($domainname)));
|
|
$res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
|
|
if(mysql_num_rows($res1) > 0)
|
|
{
|
|
$_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $domain);
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
}
|
|
|
|
if($_SESSION['_config']['orgid'] <= 0 && $oldid == 28)
|
|
{
|
|
unset($oldid);
|
|
$id = 25;
|
|
}
|
|
|
|
if($oldid == 28 && $process != "")
|
|
{
|
|
mysql_query("insert into `orgdomains` set `orgid`='".$_SESSION['_config']['orgid']."', `domain`='$domain'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("'%s' has just been successfully added to the database."), $domain);
|
|
echo "<br><br><a href='account.php?id=26&orgid=".$_SESSION['_config']['orgid']."'>"._("Click here")."</a> "._("to continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 29 && $process != "")
|
|
{
|
|
$domain = mysql_escape_string(stripslashes(trim($domainname)));
|
|
|
|
$res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".$_SESSION['_config']['domid']."'");
|
|
$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
|
|
if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
|
|
{
|
|
$_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $domain);
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
}
|
|
|
|
if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
|
|
{
|
|
$query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
|
|
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
|
|
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
|
|
`orgdomains`.`id`='".$_SESSION['_config']['domid']."'";
|
|
$res = mysql_query($query);
|
|
while($row = mysql_fetch_assoc($res))
|
|
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
|
|
|
|
$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
|
|
`orgemaillink`.`domid`=`orgdomains`.`id` and
|
|
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
|
|
`orgdomains`.`id`='".$_SESSION['_config']['domid']."'";
|
|
$res = mysql_query($query);
|
|
while($row = mysql_fetch_assoc($res))
|
|
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
|
|
|
|
$do = `../scripts/runserver`;
|
|
$do = `../scripts/runclient`;
|
|
}
|
|
|
|
if($oldid == 29 && $process != "")
|
|
{
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'"));
|
|
mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".$_SESSION['_config']['domid']."'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("'%s' has just been successfully updated in the database."), $domain);
|
|
echo "<br><br><a href='account.php?id=26&orgid=".$_SESSION['_config']['orgid']."'>"._("Click here")."</a> "._("to continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 30 && $process != "")
|
|
{
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'"));
|
|
$domain = $row['domain'];
|
|
mysql_query("delete from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
printf(_("'%s' has just been successfully deleted from the database."), $domain);
|
|
echo "<br><br><a href='account.php?id=26&orgid=".$_SESSION['_config']['orgid']."'>"._("Click here")."</a> "._("to continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 30)
|
|
{
|
|
$id = 26;
|
|
$orgid = 0;
|
|
}
|
|
|
|
if($oldid == 31 && $process != _("Cancel"))
|
|
{
|
|
$query = "select * from `orgdomains` where `orgid`='".$_SESSION['_config']['orgid']."'";
|
|
$dres = mysql_query($query);
|
|
while($drow = mysql_fetch_assoc($dres))
|
|
{
|
|
$query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
|
|
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
|
|
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
|
|
`orgdomains`.`id`='".$drow['id']."'";
|
|
$res = mysql_query($query);
|
|
while($row = mysql_fetch_assoc($res))
|
|
{
|
|
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
|
|
$do = `../scripts/runserver`;
|
|
mysql_query("delete from `orgdomaincerts` where `orgid`='".$row['id']."'");
|
|
mysql_query("delete from `orgdomlink` where `domid`='".$row['id']."'");
|
|
}
|
|
|
|
$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
|
|
`orgemaillink`.`domid`=`orgdomains`.`id` and
|
|
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
|
|
`orgdomains`.`id`='".$drow['id']."'";
|
|
$res = mysql_query($query);
|
|
while($row = mysql_fetch_assoc($res))
|
|
{
|
|
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
|
|
$do = `../scripts/runclient`;
|
|
mysql_query("delete from `orgemailcerts` where `id`='".$row['id']."'");
|
|
mysql_query("delete from `orgemaillink` where `domid`='".$row['id']."'");
|
|
}
|
|
}
|
|
mysql_query("delete from `org` where `orgid`='".$_SESSION['_config']['orgid']."'");
|
|
mysql_query("delete from `orgdomains` where `orgid`='".$_SESSION['_config']['orgid']."'");
|
|
mysql_query("delete from `orginfo` where `id`='".$_SESSION['_config']['orgid']."'");
|
|
}
|
|
|
|
if($oldid == 31)
|
|
{
|
|
$id = 25;
|
|
$orgid = 0;
|
|
}
|
|
|
|
if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
|
|
$id == 35 || $oldid == 35)
|
|
{
|
|
$query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'";
|
|
$_macc = mysql_num_rows(mysql_query($query));
|
|
if($_SESSION['profile']['admin'] != 1 && $_macc <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("You don't have access to this area.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($id == 33 && $_SESSION['profile']['admin'] != 1)
|
|
{
|
|
$orgid = $_SESSION['_config']['orgid'];
|
|
$query = "select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
$id = 35;
|
|
}
|
|
}
|
|
|
|
if($id == 34 && $_SESSION['profile']['admin'] != 1)
|
|
{
|
|
$orgid = intval($orgid);
|
|
$memid = intval($memid);
|
|
$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'");
|
|
$_macc2 = mysql_num_rows(mysql_query("select * from `org` where `memid`='$memid' and `masteracc`='1'"));
|
|
if(mysql_num_rows($res) <= 0 || $_macc2 > 0)
|
|
{
|
|
$id = 32;
|
|
}
|
|
}
|
|
|
|
if($oldid == 33 && $process != "")
|
|
{
|
|
if($_SESSION['profile']['admin'] == 1)
|
|
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
|
|
else
|
|
$masteracc = $_SESSION['_config'][masteracc] = 0;
|
|
$email = $_SESSION['_config']['email'] = mysql_escape_string(stripslashes(trim($email)));
|
|
$OU = $_SESSION['_config']['OU'] = mysql_escape_string(stripslashes(trim($OU)));
|
|
$comments = $_SESSION['_config']['comments'] = mysql_escape_string(stripslashes(trim($comments)));
|
|
$res = mysql_query("select * from `users` where `email`='$email'");
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), $email);
|
|
} else {
|
|
$row = mysql_fetch_assoc($res);
|
|
mysql_query("insert into `org` set `memid`='".$row['id']."', `orgid`='".$_SESSION['_config']['orgid']."',
|
|
`masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
|
|
}
|
|
}
|
|
|
|
if($oldid == 34 && $process != "")
|
|
{
|
|
mysql_query("delete from `org` where `memid`='".$_SESSION['_config']['memid']."'");
|
|
}
|
|
|
|
if($oldid == 34 || $oldid == 33)
|
|
{
|
|
unset($oldid);
|
|
$id = 32;
|
|
$orgid = 0;
|
|
}
|
|
|
|
if($oldid == 36)
|
|
{
|
|
$rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'"));
|
|
if($rc > 0)
|
|
{
|
|
$query = "update `alerts` set `general`='".intval($_POST['general'])."',
|
|
`country`='".intval($_POST['country'])."',
|
|
`regional`='".intval($_POST['regional'])."',
|
|
`radius`='".intval($_POST['radius'])."'
|
|
where `memid`='".$_SESSION['profile']['id']."'";
|
|
} else {
|
|
$query = "insert into `alerts` set `general`='".intval($_POST['general'])."',
|
|
`country`='".intval($_POST['country'])."',
|
|
`regional`='".intval($_POST['regional'])."',
|
|
`radius`='".intval($_POST['radius'])."',
|
|
`memid`='".$_SESSION['profile']['id']."'";
|
|
}
|
|
mysql_query($query);
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
|
|
if($id == 36)
|
|
{
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'"));
|
|
$_POST['general'] = $row['general'];
|
|
$_POST['country'] = $row['country'];
|
|
$_POST['regional'] = $row['regional'];
|
|
$_POST['radius'] = $row['radius'];
|
|
}
|
|
|
|
if($oldid == 41)
|
|
{
|
|
$lang = mysql_escape_string($_POST['lang']);
|
|
foreach($_SESSION['_config']['translations'] as $key => $val)
|
|
{
|
|
if($key == $lang)
|
|
{
|
|
mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your language setting has been updated.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("You tried to use an invalid language.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
|
|
$oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
|
|
$_SESSION['profile']['admin'] != 1)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("You don't have access to this area.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($oldid == 42 && $_POST['email'] == "")
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
|
|
if($oldid == 42)
|
|
{
|
|
$id = 43;
|
|
unset($oldid);
|
|
}
|
|
|
|
if($oldid == 48 && $_POST['domain'] == "")
|
|
{
|
|
$id = $oldid;
|
|
unset($oldid);
|
|
}
|
|
|
|
if($oldid == 48)
|
|
{
|
|
$id = 49;
|
|
unset($oldid);
|
|
}
|
|
|
|
if($id == 44)
|
|
{
|
|
if($_GET['userid'] != "")
|
|
$_POST['userid'] = intval($_GET['userid']);
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_POST['userid']."'"));
|
|
if($row['email'] == "")
|
|
$id = 42;
|
|
else
|
|
$_POST['email'] = $row['email'];
|
|
}
|
|
|
|
if($oldid == 44)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
if(intval($_POST['userid']) <= 0)
|
|
{
|
|
echo _("No such user found.");
|
|
} else {
|
|
mysql_query("update `users` set `password`=password('".mysql_escape_string(stripslashes($_POST['newpass']))."') where `id`='".intval($_POST['userid'])."'");
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_POST['userid']."'"));
|
|
printf(_("The password for %s has been updated sucessfully in the system."), $row['email']);
|
|
}
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
if($process != "" && $oldid == 45)
|
|
{
|
|
$CSR = trim($CSR);
|
|
$_SESSION['_config']['CSR'] = $CSR;
|
|
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
|
|
$id = 46;
|
|
|
|
extractit();
|
|
getcn();
|
|
getalt();
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
}
|
|
|
|
if($process != "" && $oldid == 46)
|
|
{
|
|
$CSR = $_SESSION['_config']['CSR'];
|
|
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`);
|
|
$id = 11;
|
|
|
|
extractit();
|
|
getcn();
|
|
getalt();
|
|
|
|
if($_SESSION['_config']['0.CN'] == "")
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("CommonName field was blank. Can't continue.");
|
|
showfooter();
|
|
exit;
|
|
}
|
|
|
|
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']['0.CN']."',
|
|
`domid`='".$_SESSION['_config']['row']['id']."',
|
|
`created`=NOW()";
|
|
mysql_query($query);
|
|
$CSRid = mysql_insert_id();
|
|
|
|
foreach($_SESSION['_config']['rowid'] as $dom)
|
|
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
|
|
if(is_array($_SESSION['_config']['altid']))
|
|
foreach($_SESSION['_config']['altid'] as $dom)
|
|
mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
|
|
|
|
$CSRname = $_SESSION['_config']['filepath']."/csr/server-$CSRid.csr";
|
|
$fp = fopen($CSRname, "w");
|
|
fputs($fp, $_SESSION['_config']['CSR']);
|
|
fclose($fp);
|
|
mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
|
|
$do = `../scripts/runserver`;
|
|
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) <= 0)
|
|
{
|
|
showheader(_("My CAcert.org Account!"));
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.");
|
|
showfooter();
|
|
exit;
|
|
} else {
|
|
$id = 47;
|
|
$cert = $CSRid;
|
|
}
|
|
}
|
|
|
|
if($id == 43 && $_GET['tverify'] > 0)
|
|
{
|
|
$memid = $_GET['userid'] = intval($_GET['tverify']);
|
|
$query = "select * from `users` where `id`='$memid'";
|
|
$row = mysql_fetch_assoc(mysql_query($query));
|
|
$ver = !$row['tverify'];
|
|
mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
|
|
}
|
|
|
|
if($id == 50)
|
|
{
|
|
if($_GET['userid'] != "")
|
|
$_POST['userid'] = intval($_GET['userid']);
|
|
else
|
|
$_POST['userid'] = intval($_POST['userid']);
|
|
|
|
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_POST['userid']."'"));
|
|
if($row['email'] == "")
|
|
$id = 42;
|
|
else
|
|
$_POST['email'] = $row['email'];
|
|
}
|
|
|
|
if($oldid == 50)
|
|
{
|
|
$id = 43;
|
|
$_GET['userid'] = intval($_POST['userid']);
|
|
}
|
|
|
|
if($oldid == 50 && $_POST['process'] != "")
|
|
{
|
|
$_POST['userid'] = intval($_POST['userid']);
|
|
$res = mysql_query("select * from `users` where `id`='".$_POST['userid']."'");
|
|
if(mysql_num_rows($res) > 0)
|
|
{
|
|
$query = "update `domaincerts`,`domains` SET `domaincerts`.`revoked`=NOW()
|
|
WHERE `domaincerts`.`domid` = `domains`.`id` AND `domains`.`memid`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
$query = "update `domains` SET `deleted`=NOW() WHERE `domains`.`memid`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
$query = "update `emailcerts` SET `revoked`=NOW() WHERE `memid`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
$query = "update `email` SET `deleted`=NOW() WHERE `memid`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
$query = "delete from `org` WHERE `memid`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
$query = "update `users` SET `deleted`=NOW() WHERE `id`='".$_POST['userid']."'";
|
|
mysql_query($query);
|
|
}
|
|
}
|
|
|
|
if(intval($cert) > 0)
|
|
$_SESSION['_config']['cert'] = intval($cert);
|
|
if(intval($orgid) > 0)
|
|
$_SESSION['_config']['orgid'] = intval($orgid);
|
|
if(intval($memid) > 0)
|
|
$_SESSION['_config']['memid'] = intval($memid);
|
|
if(intval($domid) > 0)
|
|
$_SESSION['_config']['domid'] = intval($domid);
|
|
|
|
$_SESSION['_config']['agent'] = $HTTP_USER_AGENT;
|
|
?>
|