diff options
author | root <root@test.cacert.org> | 2019-02-27 19:36:45 +0000 |
---|---|---|
committer | root <root@test.cacert.org> | 2019-02-27 19:36:45 +0000 |
commit | 6fe012d9cff4c1110b74d956d7c768545284dc68 (patch) | |
tree | 4eb4eac9a0a1c0e11cad3bc9c11283aec564fbf3 | |
parent | ec38762c9cad0a1d9cfe17feba4853b6523cd0df (diff) | |
parent | 45aef2d553a191b94d04e95a8a91fec05c213049 (diff) | |
download | cacert-devel-6fe012d9cff4c1110b74d956d7c768545284dc68.tar.gz cacert-devel-6fe012d9cff4c1110b74d956d7c768545284dc68.tar.xz cacert-devel-6fe012d9cff4c1110b74d956d7c768545284dc68.zip |
Merge branch 'integration' of git://172.16.2.250/cacert-devel into integration
-rw-r--r-- | includes/account.php | 4 | ||||
-rw-r--r-- | includes/general.php | 23 | ||||
-rw-r--r-- | stamp/report.php | 2 | ||||
-rw-r--r-- | www/index.php | 2 |
4 files changed, 26 insertions, 5 deletions
diff --git a/includes/account.php b/includes/account.php index 6dacf2d..9a57daf 100644 --- a/includes/account.php +++ b/includes/account.php @@ -136,7 +136,7 @@ function buildSubjectFromSession() { showfooter(); exit; } - $checkemail = checkEmail($_REQUEST['newemail']); + $checkemail = checkEmailDummy($_REQUEST['newemail']); if($checkemail != "OK") { showheader(_("My CAcert.org Account!")); @@ -642,7 +642,7 @@ function buildSubjectFromSession() { showfooter(); exit; } - $checkemail = checkEmail($authaddy); + $checkemail = checkEmailDummy($authaddy); if($checkemail != "OK") { showheader(_("My CAcert.org Account!")); diff --git a/includes/general.php b/includes/general.php index 2eef65e..d6c193f 100644 --- a/includes/general.php +++ b/includes/general.php @@ -552,6 +552,27 @@ @unlink($tmpfname); } + /* This function is used on testservers to replace the email address check, so you can create accounts + for arbitraty mail addresses. It only roughly checks the syntax of the address. + Do not use this on a production server! " */ + function checkEmailDummy($email) + { + $myemail = mysql_real_escape_string($email); + if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) + { + $line = "250 No address check on testserver."; + $query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'"; + if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'"; + mysql_query($query); + + if(substr($line, 0, 3) != "250") + return $line; + else + return "OK"; + } + return "Invalid mail address"; + } + function checkEmail($email) { $myemail = mysql_real_escape_string($email); @@ -631,7 +652,7 @@ continue; } - stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT); + stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT); fputs($fp, "EHLO www.cacert.org\r\n"); do { diff --git a/stamp/report.php b/stamp/report.php index 519aa3a..5b11569 100644 --- a/stamp/report.php +++ b/stamp/report.php @@ -40,7 +40,7 @@ if($process != "") { - $checkemail = checkEmail($email); + $checkemail = checkEmailDummy($email); if($checkemail != "OK") { $errmsg = $checkemail; diff --git a/www/index.php b/www/index.php index 8c5560c..c2e7af0 100644 --- a/www/index.php +++ b/www/index.php @@ -426,7 +426,7 @@ if ($oldid == 52 ) if($id == 2) { - $checkemail = checkEmail($_SESSION['signup']['email']); + $checkemail = checkEmailDummy($_SESSION['signup']['email']); if($checkemail != "OK") { $id = 1; |