diff options
author | INOPIAE <inopiae@cacert.org> | 2013-01-16 09:00:33 +0100 |
---|---|---|
committer | INOPIAE <inopiae@cacert.org> | 2013-01-16 09:00:33 +0100 |
commit | 2a10ade8665af5ed4444dd7ec09a304fa6d0a1c6 (patch) | |
tree | 0b27229943a745981fe21cb5243f711cb944b3c9 | |
parent | 5cc7d23b2c06864b452283d359f1262c34d532c8 (diff) | |
download | cacert-devel-2a10ade8665af5ed4444dd7ec09a304fa6d0a1c6.tar.gz cacert-devel-2a10ade8665af5ed4444dd7ec09a304fa6d0a1c6.tar.xz cacert-devel-2a10ade8665af5ed4444dd7ec09a304fa6d0a1c6.zip |
bug 893: Added some checks prior to the deletion of an account
-rw-r--r-- | includes/account.php | 14 | ||||
-rw-r--r-- | includes/temp_functions.php | 96 |
2 files changed, 110 insertions, 0 deletions
diff --git a/includes/account.php b/includes/account.php index 037ab91..97125ac 100644 --- a/includes/account.php +++ b/includes/account.php @@ -2853,6 +2853,20 @@ showfooter(); exit; } + if (check_client_cert_running($_REQUEST['userid'],1)==true || + check_server_cert_running($_REQUEST['userid'],1)==true || + check_gpg_cert_running($_REQUEST['userid'],1)==true) { + showheader(_("My CAcert.org Account!")); + printf(_("The CCA retention time for at least one certificate is not over. Can't continue.")); + showfooter(); + exit; + } + if (check_is_orgadmin($_REQUEST['userid'],1)==true) { + showheader(_("My CAcert.org Account!")); + printf(_("The user is listed as Organisation Administrator. Can't continue.")); + showfooter(); + exit; + } account_delete($_REQUEST['userid'], $_REQUEST['arbitrationno'], $_SESSION['profile']['id']); } diff --git a/includes/temp_functions.php b/includes/temp_functions.php index 01e4770..d7b4757 100644 --- a/includes/temp_functions.php +++ b/includes/temp_functions.php @@ -168,4 +168,100 @@ function check_email_exists($email){ } } + +function check_gpg_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + if (0==$cca) { + $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()"; + }else{ + $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()"; + } + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + return true; + }else{ + return false; + } + +} + +function check_client_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + if (0==$cca) { + $query = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()"; + $query1 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()"; + }else{ + $query = "select from `emailcerts` where `memid`='$uid' and `expire`>NOW()"; + $query1 = "select from `emailcerts` where `memid`='$uid' and `revoked`>NOW()"; + } + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + $r1=true; + }else{ + $r1=false; + } + $res = mysql_query($query1); + if(mysql_num_rows($res) > 0) + { + $r2=true; + }else{ + $r2=false; + } + if(true==$r1 || true==$r2) + { + return true; + }else{ + return false; + } + +} + +function check_server_cert_running($uid,$cca=0){ + //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed + // called from includes/account.php if($oldid == 50 && $process != "") + if (0==$cca) { + $query = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()"; + $query1 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()"; + }else{ + $query = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()"; + $query1 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()"; + } + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + $r1=true; + }else{ + $r1=true; + } + $res = mysql_query($query1); + if(mysql_num_rows($res) > 0) + { + $r2=true; + }else{ + $r2=false; + } + if(true==$r1 || true==$r2) + { + return true; + }else{ + return false; + } +} +function check_is_orgadmin($uid){ + // called from includes/account.php if($oldid == 50 && $process != "") + $query = "select * from `org` where `memid`='$uid' and `deleted`=0"; + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + return true; + }else{ + return false; + } + +} + ?> |