summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-11-23 15:02:16 +0100
committerBenny Baumann <BenBE@geshi.org>2014-11-23 15:02:16 +0100
commit7d6bbbd7c52dab0393d2abe64839f00c69390c75 (patch)
tree3d58601a565e1a06f6e712e1eec98e42dd205545
parentce9b70c7ed7224185f467ac1bd955af7b9bb28cc (diff)
parent58d2ce2b4829bb3869f7fd9c361358596c2a709e (diff)
downloadcacert-devel-7d6bbbd7c52dab0393d2abe64839f00c69390c75.tar.gz
cacert-devel-7d6bbbd7c52dab0393d2abe64839f00c69390c75.tar.xz
cacert-devel-7d6bbbd7c52dab0393d2abe64839f00c69390c75.zip
Merge branch 'bug-1192' into release
-rw-r--r--includes/loggedin.php45
-rw-r--r--pages/index/52.php33
-rw-r--r--www/index.php47
3 files changed, 91 insertions, 34 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 70c9674..c14f8c2 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -19,6 +19,7 @@
include_once("../includes/lib/general.php");
require_once("../includes/lib/l10n.php");
include_once("../includes/mysql.php");
+ require_once('../includes/notary.inc.php');
if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
@@ -87,27 +88,15 @@
//session_unregister($key);
}
- $_SESSION['_config']['oldlocation'] = '';
-
- foreach($_GET as $key => $val)
- {
- if($_SESSION['_config']['oldlocation'])
- $_SESSION['_config']['oldlocation'] .= "&";
-
- $key = str_replace(array("\n", "\r"), '', $key);
- $val = str_replace(array("\n", "\r"), '', $val);
- $_SESSION['_config']['oldlocation'] .= "$key=$val";
- }
- $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
-
- header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
+ $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+ header("Location: https://{$_SESSION['_config']['securehostname']}/index.php?id=4");
exit;
}
}
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
{
- header("location: https://".$_SESSION['_config']['normalhostname']);
+ header("Location: https://{$_SESSION['_config']['normalhostname']}");
exit;
}
@@ -141,27 +130,23 @@
//session_unregister($key);
}
- header("location: https://".$normalhost."/index.php");
+ header("Location: https://{$normalhost}/index.php");
exit;
}
if($_SESSION['profile']['loggedin'] < 1)
{
- $_SESSION['_config']['oldlocation'] = '';
-
- foreach($_REQUEST as $key => $val)
- {
- if('' != $_SESSION['_config']['oldlocation'])
- $_SESSION['_config']['oldlocation'] .= "&";
+ $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+ header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+ exit;
+ }
- $key = str_replace(array("\n", "\r"), '', $key);
- $val = str_replace(array("\n", "\r"), '', $val);
- $_SESSION['_config']['oldlocation'] .= "$key=$val";
+ if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement']) {
+ $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+ if (!$_SESSION['profile']['ccaagreement']) {
+ $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+ header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=52");
+ exit;
}
- $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
- $hostname=$_SERVER['HTTP_HOST'];
- $hostname = str_replace(array("\n", "\r"), '', $hostname);
- header("location: https://".$hostname."/index.php?id=4");
- exit;
}
?>
diff --git a/pages/index/52.php b/pages/index/52.php
new file mode 100644
index 0000000..0926780
--- /dev/null
+++ b/pages/index/52.php
@@ -0,0 +1,33 @@
+<?/*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+?>
+
+<div style="text-align: center;">
+ <h1><?=_('CAcert Community Agreement Acceptance')?></h1>
+ <p><?=sprintf(_('To get access to your account your agreement to the %s CAcert Community Agreement %s (CCA) is required.'),'<a href="/policy/CAcertCommunityAgreement.php">', '</a>')?></p>
+ <p><?=_('Every member, who has agreed to the CCA, should be able to rely on the fact that every other user of CAcert has also agreed to the CCA and that the same rules apply to everybody. Moreover it is a basic requirement for the audit to be able to tell who has accepted our rules.')?></p>
+ <p><?=_('Originally the acceptance was not recorded. Up until now, we do not have your agreement on record. Once you have accepted the CCA (again) your agreement is recorded and you will not need to do this step again.')?></p>
+ <p><?=sprintf(_('If you do not wish to accept the CCA you should consider to ask for the closing of your account as you will not be able to access our system. In this case please send an email to support (%s).'),'<a href="mailto:support@cacert.org">support@cacert.org</a>')?></p>
+ <p><?=_('If you do not want to decide about the acceptance of the CCA now, you can come back at any time.')?></p>
+ <form method="post" action="index.php">
+ <input type="submit" name="agree" value="<?=_('I agree to the CCA')?>">
+ <input type="submit" name="disagree" value="<?=_('I do not want to accept the CCA')?>">
+ <input type="hidden" name="oldid" value="<?=$id?>">
+ </form>
+</div>
diff --git a/www/index.php b/www/index.php
index 5a744fc..e6fc06a 100644
--- a/www/index.php
+++ b/www/index.php
@@ -17,7 +17,7 @@
*/
require_once('../includes/lib/l10n.php');
-
+require_once('../includes/notary.inc.php');
$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
$oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
@@ -148,6 +148,7 @@ require_once('../includes/lib/l10n.php');
}
}
+ //client login
if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
{
include_once("../includes/lib/general.php");
@@ -171,6 +172,7 @@ require_once('../includes/lib/l10n.php');
}
}
+
if($id == 4 && array_key_exists('profile',$_SESSION) && array_key_exists('loggedin',array($_SESSION['profile'])) && $_SESSION['profile']['loggedin'] == 1)
{
header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
@@ -218,12 +220,16 @@ require_once('../includes/lib/l10n.php');
$_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
$_SESSION['_config']['oldlocation'] = "account.php?id=13";
}
+ if (!isset($_SESSION['_config']['oldlocation'])){
+ $_SESSION['_config']['oldlocation']='';
+ }
if (checkpwlight($pword) < 3)
$_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
- if($_SESSION['_config']['oldlocation'] != "")
+ if($_SESSION['_config']['oldlocation'] != ""){
header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
- else
+ }else{
header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
+ }
exit;
}
@@ -238,6 +244,40 @@ require_once('../includes/lib/l10n.php');
}
}
+// check for CCA acceptance prior to login
+if ($oldid == 52 )
+{
+ // Check if the user is already authenticated
+ if (!array_key_exists('profile',$_SESSION)
+ || !array_key_exists('loggedin',$_SESSION['profile'])
+ || $_SESSION['profile']['loggedin'] != 1)
+ {
+ header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+ exit;
+ }
+
+ if (array_key_exists('agree',$_REQUEST) && $_REQUEST['agree'] != "")
+ {
+ write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
+ $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+
+ if (array_key_exists("oldlocation",$_SESSION['_config'])
+ && $_SESSION['_config']['oldlocation']!="")
+ {
+ header("Location: https://{$_SERVER['HTTP_HOST']}/{$_SESSION['_config']['oldlocation']}");
+ exit;
+ } else {
+ header("Location: https://{$_SERVER['HTTP_HOST']}/account.php");
+ exit;
+ }
+ }
+
+ // User didn't agree
+ header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+ exit;
+}
+
+
if($process && $oldid == 1)
{
$id = 2;
@@ -432,7 +472,6 @@ require_once('../includes/lib/l10n.php');
`regional`='".$_SESSION['signup']['regional']."',
`radius`='".$_SESSION['signup']['radius']."'";
mysql_query($query);
- include_once("../includes/notary.inc.php");
write_user_agreement($memid, "CCA", "account creation", "", 1);
$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";