diff options
| author | Markus Warg <mw@it-sls.de> | 2010-03-11 15:18:29 +0100 |
|---|---|---|
| committer | Markus Warg <mw@it-sls.de> | 2010-03-11 15:18:29 +0100 |
| commit | e3263b2e2c20aef2f955b9b665a162cad606fa9d (patch) | |
| tree | 9441c7d1da8947dca2426784db076bd8fca027a7 /cacert | |
| parent | 83b70a122092220d839d8a62c2b07913faa20fce (diff) | |
| download | cacert-devel-e3263b2e2c20aef2f955b9b665a162cad606fa9d.tar.gz cacert-devel-e3263b2e2c20aef2f955b9b665a162cad606fa9d.tar.xz cacert-devel-e3263b2e2c20aef2f955b9b665a162cad606fa9d.zip | |
source code taken from cacert-20090926.tar.bz2
Diffstat (limited to 'cacert')
| -rw-r--r-- | cacert/CVS/Entries | 3 | ||||
| -rw-r--r-- | cacert/CommModule/CVS/Entries | 4 | ||||
| -rwxr-xr-x | cacert/CommModule/client.pl | 4 | ||||
| -rwxr-xr-x | cacert/CommModule/serial.conf | 8 | ||||
| -rw-r--r-- | cacert/README | 1 | ||||
| -rw-r--r-- | cacert/includes/CVS/Entries | 10 | ||||
| -rw-r--r-- | cacert/includes/about_menu.php | 2 | ||||
| -rw-r--r-- | cacert/includes/account.php | 26 | ||||
| -rw-r--r-- | cacert/includes/account_stuff.php | 28 | ||||
| -rw-r--r-- | cacert/includes/general.php | 8 | ||||
| -rw-r--r-- | cacert/includes/general_stuff.php | 6 | ||||
| -rw-r--r-- | cacert/pages/account/14.php | 2 | ||||
| -rw-r--r-- | cacert/pages/account/CVS/Entries | 3 | ||||
| -rw-r--r-- | cacert/pages/index/0.php | 2 | ||||
| -rw-r--r-- | cacert/pages/index/1.php | 3 | ||||
| -rw-r--r-- | cacert/pages/index/21.php | 2 | ||||
| -rw-r--r-- | cacert/pages/index/4.php | 6 | ||||
| -rw-r--r-- | cacert/pages/index/5.php | 2 | ||||
| -rw-r--r-- | cacert/pages/index/8.php | 15 | ||||
| -rw-r--r-- | cacert/pages/index/CVS/Entries | 12 | ||||
| -rw-r--r-- | cacert/scripts/CVS/Entries | 5 | ||||
| -rw-r--r-- | cacert/www/CVS/Entries | 2 | ||||
| -rw-r--r-- | cacert/www/disputes.php | 2 | ||||
| -rw-r--r-- | cacert/www/styles/CVS/Entries | 2 | ||||
| -rw-r--r-- | cacert/www/styles/default.css | 10 |
25 files changed, 107 insertions, 61 deletions
diff --git a/cacert/CVS/Entries b/cacert/CVS/Entries index 034ba4b..00ce1ea 100644 --- a/cacert/CVS/Entries +++ b/cacert/CVS/Entries @@ -9,6 +9,7 @@ D/stamp//// D/CommModule//// /Makefile/1.2/Sun Apr 22 17:42:25 2007// /LICENSE/1.2/Sun Apr 6 19:45:24 2008// -/README/1.2/Sun Apr 6 12:16:10 2008// /cacertupload.pl/1.4/Sun Sep 7 22:20:28 2008// /messages.po/1.80/Thu Jun 25 20:09:26 2009// +/README/1.3/Mon Sep 7 22:36:29 2009// +D/tmp//// diff --git a/cacert/CommModule/CVS/Entries b/cacert/CommModule/CVS/Entries index c493e28..b156d1e 100644 --- a/cacert/CommModule/CVS/Entries +++ b/cacert/CommModule/CVS/Entries @@ -2,7 +2,7 @@ /error.txt/1.1/Sun Jan 13 00:05:44 2008// /readme.txt/1.1/Sun Jan 13 00:05:44 2008// /usbclient.pl/1.3/Fri Jul 18 16:37:02 2008// -/serial.conf/1.2/Mon Oct 6 21:29:19 2008// -/client.pl/1.11/Fri May 22 05:12:05 2009// /logclean.sh/1.2/Sun May 24 18:08:23 2009// +/client.pl/1.12/Sat Sep 19 23:32:57 2009// +/serial.conf/1.3/Sat Sep 19 23:32:57 2009// D diff --git a/cacert/CommModule/client.pl b/cacert/CommModule/client.pl index 0cab835..1073ccc 100755 --- a/cacert/CommModule/client.pl +++ b/cacert/CommModule/client.pl @@ -40,8 +40,8 @@ my $paranoid=1; my $debug=0; -my $serialport="/dev/ttyS0"; -#my $serialport="/dev/ttyUSB0"; +#my $serialport="/dev/ttyS0"; +my $serialport="/dev/ttyUSB0"; my $gpgbin="/usr/bin/gpg"; diff --git a/cacert/CommModule/serial.conf b/cacert/CommModule/serial.conf index 918dedd..bd9980c 100755 --- a/cacert/CommModule/serial.conf +++ b/cacert/CommModule/serial.conf @@ -1,8 +1,8 @@ Device::SerialPort_Configuration_File -- DO NOT EDIT -- -/dev/ttyS0 +/dev/ttyUSB0 -C_CFLAG,6322 -C_IFLAG,1 +C_CFLAG,7346 +C_IFLAG,0 C_ISPEED,4098 C_LFLAG,2608 C_OFLAG,4 @@ -22,7 +22,7 @@ CFG_1,none RCONST,0 CFG_2,none HNAME,localhost -ALIAS,/dev/ttyS0 +ALIAS,/dev/ttyUSB0 CFG_3,none U_MSG,0 DATYPE,raw diff --git a/cacert/README b/cacert/README index 02b2937..6e07b04 100644 --- a/cacert/README +++ b/cacert/README @@ -6,6 +6,7 @@ License: GNU-GPLv2 System Requirements: Linux/POSIX PHP +GetText UFPDF - PDF generation library from http://acko.net/node/56 OpenSSL - X.509 toolkit from http://www.openssl.org/ GnuPG - OpenPGP toolkit from http://www.gnupg.org/ diff --git a/cacert/includes/CVS/Entries b/cacert/includes/CVS/Entries index cb3aa42..b077642 100644 --- a/cacert/includes/CVS/Entries +++ b/cacert/includes/CVS/Entries @@ -2,11 +2,11 @@ /shutdown.php/1.2/Sun Apr 6 19:45:25 2008// /.cvsignore/1.2/Thu Sep 4 13:54:37 2008// /loggedin.php/1.17/Sun Nov 23 05:09:08 2008// -/about_menu.php/1.9/Sun Apr 19 23:37:56 2009// -/account.php/1.141/Sun May 31 16:50:55 2009// -/account_stuff.php/1.52/Sun May 31 16:50:55 2009// /sponsorinfo.php/1.4/Sun May 31 16:50:55 2009// /tverify_stuff.php/1.6/Sun May 31 16:50:55 2009// -/general.php/1.79/Thu Jun 25 20:09:26 2009// -/general_stuff.php/1.45/Thu Jun 25 20:09:26 2009// +/account.php/1.144/Sun Sep 20 17:38:19 2009// +/about_menu.php/1.10/Mon Sep 21 18:27:01 2009// +/account_stuff.php/1.53/Mon Sep 21 18:27:01 2009// +/general.php/1.82/Mon Sep 21 18:27:01 2009// +/general_stuff.php/1.46/Sat Sep 26 14:07:26 2009// D diff --git a/cacert/includes/about_menu.php b/cacert/includes/about_menu.php index 66ec38f..ff1e265 100644 --- a/cacert/includes/about_menu.php +++ b/cacert/includes/about_menu.php @@ -1,5 +1,5 @@ <div class="relatedLinks"> - <h3 onclick="explode('misc')">+ <?=_("About CAcert.org")?></h3> + <h3 class="pointer" onclick="explode('misc')">+ <?=_("About CAcert.org")?></h3> <ul class="menu" id="misc"> <li><a href="http://blog.cacert.org/"><?=_("CAcert News")?></a></li> <li><a href="/help.php"><?=_("Howto Information")?></a></li> diff --git a/cacert/includes/account.php b/cacert/includes/account.php index bee04ee..6488574 100644 --- a/cacert/includes/account.php +++ b/cacert/includes/account.php @@ -421,6 +421,15 @@ if($oldid == 7) { + csrf_check("adddomain"); + if(strstr($_REQUEST['newdomain'],"\x00")) + { + showheader(_("My CAcert.org Account!")); + echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes."); + showfooter(); + exit; + } + list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest while($newdomain['0'] == '-') $newdomain = substr($newdomain, 1); @@ -496,6 +505,7 @@ if($process != "" && $oldid == 8) { + csrf_check('ctcinfo'); $oldid=0; $id = 8; @@ -742,6 +752,7 @@ if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "") { + csrf_check('srvcerchange'); $id = 12; showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) @@ -844,6 +855,7 @@ if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "") { + csrf_check('srvcerchange'); $id = 12; showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) @@ -976,7 +988,7 @@ { $id = 5; showheader(_("My CAcert.org Account!")); - if(is_array($_REQUEST['revokeid'])) + if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid'])) { echo _("Now revoking the following certificates:")."<br>\n"; foreach($_REQUEST['revokeid'] as $id) @@ -1470,6 +1482,7 @@ if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "") { + csrf_check('clicerchange'); showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) { @@ -1532,6 +1545,7 @@ if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "") { + csrf_check('clicerchange'); $id = 18; showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) @@ -1751,6 +1765,7 @@ if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "") { + csrf_check('orgsrvcerchange'); showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) { @@ -1818,6 +1833,7 @@ if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "") { + csrf_check('orgsrvcerchange'); showheader(_("My CAcert.org Account!")); if(is_array($_REQUEST['revokeid'])) { @@ -1924,6 +1940,7 @@ if($oldid == 27 && $process != "") { + csrf_check('orgdetchange'); $id = intval($oldid); $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O']))); $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact']))); @@ -2108,6 +2125,7 @@ if($oldid == 33 && $process != "") { + csrf_check('orgadmadd'); if($_SESSION['profile']['orgadmin'] == 1) $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']); else @@ -2510,6 +2528,7 @@ if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0) { + csrf_check('admsetassuret'); $memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); @@ -2528,6 +2547,7 @@ if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0) { + csrf_check('admactlock'); $memid = $_REQUEST['userid'] = intval($_REQUEST['locked']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); @@ -2537,6 +2557,7 @@ if($id == 43 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] > 0) { + csrf_check('admcodesign'); $memid = $_REQUEST['userid'] = intval($_REQUEST['codesign']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); @@ -2546,6 +2567,7 @@ if($id == 43 && array_key_exists('orgadmin',$_REQUEST) && $_REQUEST['orgadmin'] > 0) { + csrf_check('admorgadmin'); $memid = $_REQUEST['userid'] = intval($_REQUEST['orgadmin']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); @@ -2555,6 +2577,7 @@ if($id == 43 && array_key_exists('ttpadmin',$_REQUEST) && $_REQUEST['ttpadmin'] > 0) { + csrf_check('admttpadmin'); $memid = $_REQUEST['userid'] = intval($_REQUEST['ttpadmin']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); @@ -2584,6 +2607,7 @@ if($id == 43 && array_key_exists('admin',$_REQUEST) && $_REQUEST['admin'] > 0) { + csrf_check('admsetadmin'); $memid = $_REQUEST['userid'] = intval($_REQUEST['admin']); $query = "select * from `users` where `id`='$memid'"; $row = mysql_fetch_assoc(mysql_query($query)); diff --git a/cacert/includes/account_stuff.php b/cacert/includes/account_stuff.php index dd7e4e8..832fe54 100644 --- a/cacert/includes/account_stuff.php +++ b/cacert/includes/account_stuff.php @@ -171,56 +171,56 @@ function hideall() { <ul class="menu" id="home"><li><a href="index.php"><?=_("Go Home")?></a></li><li><a href="account.php?id=logout"><?=_("Logout")?></a></li></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('mydetails')">+ <?=_("My Details")?></h3> + <h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3> <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><? if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897) echo "<li><a href='sqldump.php'>SQL Dump</a></li>"; ?></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3> + <h3 class="pointer" onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3> <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?=_("Add")?></a></li><li><a href="account.php?id=2"><?=_("View")?></a></li></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('clicerts')">+ <?=_("Client Certificates")?></h3> + <h3 class="pointer" onclick="explode('clicerts')">+ <?=_("Client Certificates")?></h3> <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?=_("New")?></a></li><li><a href="account.php?id=5"><?=_("View")?></a></li></ul> </div> <? if($_SESSION['profile']['points'] >= 50) { ?> <div class="relatedLinks"> - <h3 onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3> + <h3 class="pointer" onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3> <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul> </div> <? } ?> <div class="relatedLinks"> - <h3 onclick="explode('domains')">+ <?=_("Domains")?></h3> + <h3 class="pointer" onclick="explode('domains')">+ <?=_("Domains")?></h3> <ul class="menu" id="domains"><li><a href="account.php?id=7"><?=_("Add")?></a></li><li><a href="account.php?id=9"><?=_("View")?></a></li></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('servercert')">+ <?=_("Server Certificates")?></h3> + <h3 class="pointer" onclick="explode('servercert')">+ <?=_("Server Certificates")?></h3> <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?=_("New")?></a></li><li><a href="account.php?id=12"><?=_("View")?></a></li></ul> </div> <? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?> <div class="relatedLinks"> - <h3 onclick="explode('clientorg')">+ <?=_("Org Client Certs")?></h3> + <h3 class="pointer" onclick="explode('clientorg')">+ <?=_("Org Client Certs")?></h3> <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?=_("New")?></a></li><li><a href="account.php?id=18"><?=_("View")?></a></li></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('serverorg')">+ <?=_("Org Server Certs")?></h3> + <h3 class="pointer" onclick="explode('serverorg')">+ <?=_("Org Server Certs")?></h3> <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul> </div> <? } ?> <? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?> <div class="relatedLinks"> - <h3 onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3> + <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3> <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul> </div> <? } ?> <div class="relatedLinks"> - <h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> + <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul> </div> <div class="relatedLinks"> - <h3 onclick="explode('WoTForms')">+ <?=_("CAP/TTP Forms")?></h3><? + <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP/TTP Forms")?></h3><? $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix']; while(strstr($name, " ")) $name = str_replace(" ", " ", $name); @@ -234,17 +234,17 @@ function hideall() { </div> <? if($_SESSION['profile']['admin'] == 1 || $_SESSION['profile']['locadmin'] == 1) { ?> <div class="relatedLinks"> - <h3 onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3> + <h3 class="pointer" onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3> <ul class="menu" id="sysadmin"><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="account.php?id=42"><?=_("Find User")?></a></li><li><a href="account.php?id=48"><?=_("Find Domain")?></a></li><? } if($_SESSION['profile']['locadmin'] == 1) { ?><li><a href="account.php?id=53"><?=_("Location DB")?></a></li><? } ?></ul> </div> <? } ?> <div class="relatedLinks"> - <h3 onclick="explode('disputes')">+ <?=_("Disputes/Abuses")?></h3> + <h3 class="pointer" onclick="explode('disputes')">+ <?=_("Disputes/Abuses")?></h3> <ul class="menu" id="disputes"><li><a href="disputes.php?id=0"><?=_("More Information")?></a></li><li><a href="disputes.php?id=1"><?=_("Email Dispute")?></a></li><li><a href="disputes.php?id=2"><?=_("Domain Dispute")?></a></li><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="disputes.php?id=3"><?=_("Abuses")?></a></li><? } ?></ul> </div> <? if($_SESSION['profile']['adadmin'] >= 1) { ?> <div class="relatedLinks"> - <h3 onclick="explode('advertising')">+ <?=_("Advertising")?></h3> + <h3 class="pointer" onclick="explode('advertising')">+ <?=_("Advertising")?></h3> <ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?=_("New Ad")?></a></li><li><a href="advertising.php?id=0"><?=_("View Ads")?></a></li></ul> </div> <? } ?> diff --git a/cacert/includes/general.php b/cacert/includes/general.php index fcb3d90..f2be4a2 100644 --- a/cacert/includes/general.php +++ b/cacert/includes/general.php @@ -661,6 +661,8 @@ { $line = fgets($fp, 4096); + while(substr($line, 0, 4) == "220-") + $line = fgets($fp, 4096); if(substr($line, 0, 3) != "220") continue; fputs($fp, "HELO hlin.cacert.org\r\n"); @@ -720,7 +722,7 @@ $found = 1; break; } - sleep(2); + sleep(3); } if(!$found) @@ -881,9 +883,9 @@ } elseif ($Status == 3) { $Result = _("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!"); } elseif ($Status == 5) { - $Result = _("You have at least 100 Assurance Points, if you want to become an assurer try the").' <a href="https://cats.cacert.org/"><?=_("Assurer Challenge")?></a>!'; + $Result = _("You have at least 100 Assurance Points, if you want to become an assurer try the").' <a href="https://cats.cacert.org/">'._("Assurer Challenge").'</a>!'; } elseif ($Status == 7) { - $Result = _("To become an Assurer you have to collect 100 Assurance Points and pass the").' <a href="https://cats.cacert.org/"><?=_("Assurer Challenge")?></a>!'; + $Result = _("To become an Assurer you have to collect 100 Assurance Points and pass the").' <a href="https://cats.cacert.org/">'._("Assurer Challenge").'</a>!'; } elseif ($Status & 8 > 0) { $Result = _("Sorry, you are not allowed to be an Assurer. Please contact").' <a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>'._(" if you feel that this is not corect."); } else { diff --git a/cacert/includes/general_stuff.php b/cacert/includes/general_stuff.php index 744cc98..48d469d 100644 --- a/cacert/includes/general_stuff.php +++ b/cacert/includes/general_stuff.php @@ -50,7 +50,7 @@ google_color_border = "FFFFFF"; </div> <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?> <div class="relatedLinks"> - <h3><?=_("My Account")?></h3> + <h3 class="pointer"><?=_("My Account")?></h3> <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Password Login")?></a> <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a> <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&noauto=1"><?=_("Net Cafe Login")?></a> @@ -59,12 +59,12 @@ google_color_border = "FFFFFF"; <? } ?> <? include("about_menu.php"); ?> <div class="relatedLinks"> - <h3 onclick="explode('trans')">+ <?=_("Translations")?></h3> + <h3 class="pointer" onclick="explode('trans')">+ <?=_("Translations")?></h3> <ul class="menu" id="trans"><? foreach($_SESSION['_config']['translations'] as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&lang=<?=$key?>"><?=$val?></a></li><? } ?></ul> </div> <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?> <div class="relatedLinks"> - <h3 onclick="explode('recom')"><?=_("Advertising")?></h3> + <h3 class="pointer" onclick="explode('recom')"><?=_("Advertising")?></h3> <ul class="menu" id="recom"><? $query = "select * from `advertising` where `expires`>NOW() and `active`=1"; $res = mysql_query($query); diff --git a/cacert/pages/account/14.php b/cacert/pages/account/14.php index 948d5f7..342ab46 100644 --- a/cacert/pages/account/14.php +++ b/cacert/pages/account/14.php @@ -35,7 +35,7 @@ <td class="DataTD"><input type="password" name="pword2"></td> </tr> <tr> - <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td> + <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol (all white spaces at the beginning and end are removed).")?></td> </tr> <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Pass Phrase")?>"></td> diff --git a/cacert/pages/account/CVS/Entries b/cacert/pages/account/CVS/Entries index 2975af1..9ebbf4d 100644 --- a/cacert/pages/account/CVS/Entries +++ b/cacert/pages/account/CVS/Entries @@ -20,7 +20,6 @@ /31.php/1.6/Thu Sep 4 13:54:37 2008// /44.php/1.5/Fri Sep 5 15:50:04 2008// /13.php/1.12/Sun Sep 7 22:20:30 2008// -/14.php/1.4/Sun Sep 7 22:20:30 2008// /2.php/1.7/Sun Sep 7 22:20:30 2008// /27.php/1.7/Sun Sep 7 22:20:30 2008// /33.php/1.12/Sun Sep 7 22:20:30 2008// @@ -52,4 +51,6 @@ /50.php/1.5/Sun May 31 16:50:59 2009// /3.php/1.16/Thu Jun 25 20:09:31 2009// /55.php/1.8/Thu Jun 25 20:09:31 2009// +/14.php/1.5/Mon Sep 7 22:36:31 2009// +/56.php/1.2/Sun Sep 6 18:46:20 2009// D diff --git a/cacert/pages/index/0.php b/cacert/pages/index/0.php index 18d6d92..0a1d11e 100644 --- a/cacert/pages/index/0.php +++ b/cacert/pages/index/0.php @@ -46,7 +46,7 @@ $fp = @fopen("/www/pages/index/feed.rss", "r"); if($fp) { - echo '<p><u>'._('Latest News').'</u></p>'; + echo '<p id="lnews">'._('Latest News').'</p>'; while(!feof($fp)) diff --git a/cacert/pages/index/1.php b/cacert/pages/index/1.php index 9c1a0b9..c5b181e 100644 --- a/cacert/pages/index/1.php +++ b/cacert/pages/index/1.php @@ -20,7 +20,8 @@ <p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"> <b><?=_("In light of the number of people having issues with making up a password we have the following suggestions:")?></b><br><br> <?=_("To get a password that will work, we suggest the following example")?>: Fr3d Sm|7h<br><br> -<?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?> +<?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br> +<b><?=_("Note: White spaces at the beginning and end of a password will be removed.")?></b> </p> <form method="post" action="index.php" autocomplete="off"> diff --git a/cacert/pages/index/21.php b/cacert/pages/index/21.php index 66e3610..ae55e9c 100644 --- a/cacert/pages/index/21.php +++ b/cacert/pages/index/21.php @@ -36,7 +36,7 @@ <p><?=_("If you are located in Australia, you can use bank transfer instead and pay the equivalent of US$10 in AU$.")?></p> -<p><?=_("Please also include Your name in the transaction so we know who it came from or send an email to robert at cacert dot org with the details:")?></p> +<p><?=_("Please also include your name in the transaction so we know who it came from and send an email to ernestine at cacert dot org with the details:")?></p> <ul> <li>Account Name: CAcert Inc</li> diff --git a/cacert/pages/index/4.php b/cacert/pages/index/4.php index fa58279..ffbfe26 100644 --- a/cacert/pages/index/4.php +++ b/cacert/pages/index/4.php @@ -45,9 +45,9 @@ h1 {font-size:1.9em;text-align:center;} <label for="email"><?=_("Email Address")?>:</label><input type='text' name="email" value="<?=sanitizeHTML(array_key_exists("email",$_REQUEST)?$_REQUEST['email']:"")?>" <? if(array_key_exists('notauto',$_REQUEST) && $_REQUEST['noauto'] == 1) echo " autocomplete='off'"; ?>/><br /> <label for="pword"><?=_("Pass Phrase")?>:</label><input type='password' name='pword' autocomplete="off"/><br /> <input type='submit' name="process" value="<?=_("Login")?>" /><br /><br /> -<a href='https://www.cacert.org/index.php?id=4'><?=_("Password Login")?></a> - -<a href='https://www.cacert.org/index.php?id=5'><?=_("Lost Password")?></a> - -<a href='https://www.cacert.org/index.php?id=4&noauto=1'><?=_("Net Cafe Login")?></a><br /> +<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4'><?=_("Password Login")?></a> - +<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5'><?=_("Lost Password")?></a> - +<a href='https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&noauto=1'><?=_("Net Cafe Login")?></a><br /> <p class='smalltext'><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p> <input type="hidden" name="oldid" value="<?=$id?>"> </form> diff --git a/cacert/pages/index/5.php b/cacert/pages/index/5.php index b8234d8..20e868f 100644 --- a/cacert/pages/index/5.php +++ b/cacert/pages/index/5.php @@ -21,7 +21,7 @@ <td colspan="2" class="title"><?=_("Lost Pass Phrase")?></td> </tr> <tr> - <td class="DataTD" width="125"><?=_("Email Address")?>: </td> + <td class="DataTD" width="125"><?=_("Email Address (primary)")?>: </td> <td class="DataTD" width="125"><input type="text" name="email" autocomplete="off"></td> </tr> <tr> diff --git a/cacert/pages/index/8.php b/cacert/pages/index/8.php index 370e6d1..368760b 100644 --- a/cacert/pages/index/8.php +++ b/cacert/pages/index/8.php @@ -17,11 +17,12 @@ */ ?> <p><b><? printf(_("The current %s board, and roles."), "CAcert Inc."); ?></b></p> <p> -Teus Hagen - <?=_("President")?><br/> -Evaldo Gardenali - <?=_("Vice-President")?><br/> -Robert Cruikshank - <?=_("Treasurer")?>, <?=_("Public Officer")?><br/> -Guillaume Romagny - <?=_("Secretary")?><br/> -Philipp Dunkel - <?=_("member")?><br/> -Greg Stark - <?=_("member")?><br/> -Alejandro Mery Pellegrini - <?=_("member")?><br/> +Nick Bebout - <?=_("President")?><br/> +Mark Lipscombe - <?=_("Vice-President")?><br/> +Philipp Dunkel - <?=_("Secretary")?><br/> +Ernestine Schwob - <?=_("Treasurer")?><br/> +Andreas Bürki - <?=_("member")?><br/> +Guillaume Romagny - <?=_("member")?><br/> +Ian Grigg - <?=_("member")?><br/> +Robert Cruikshank - <?=_("Public Officer")?><br/> </p> diff --git a/cacert/pages/index/CVS/Entries b/cacert/pages/index/CVS/Entries index 31f6b75..e71cfda 100644 --- a/cacert/pages/index/CVS/Entries +++ b/cacert/pages/index/CVS/Entries @@ -10,12 +10,12 @@ /17.php/1.10/Mon Aug 25 21:04:26 2008// /18.php/1.6/Mon Aug 25 21:04:26 2008// /19.php/1.6/Sun Sep 7 22:20:30 2008// -/5.php/1.14/Tue Oct 7 16:49:50 2008// /6.php/1.12/Tue Oct 7 16:49:50 2008// -/21.php/1.2/Wed Oct 22 11:07:56 2008// -/8.php/1.11/Wed Mar 4 22:36:27 2009// -/1.php/1.17/Sun Mar 22 00:39:32 2009// /11.php/1.24/Fri Apr 10 23:09:07 2009// -/0.php/1.30/Sun May 31 16:50:59 2009// -/4.php/1.21/Sun May 31 16:50:59 2009// +/1.php/1.18/Mon Sep 7 22:36:32 2009// +/21.php/1.3/Mon Sep 7 22:36:32 2009// +/5.php/1.15/Mon Sep 7 22:36:32 2009// +/8.php/1.13/Tue Sep 8 20:29:25 2009// +/4.php/1.22/Sat Sep 19 23:32:57 2009// +/0.php/1.31/Mon Sep 21 18:28:22 2009// D diff --git a/cacert/scripts/CVS/Entries b/cacert/scripts/CVS/Entries index 14902b4..f106e2e 100644 --- a/cacert/scripts/CVS/Entries +++ b/cacert/scripts/CVS/Entries @@ -45,4 +45,9 @@ /ate-nl01-mail.php.txt/1.1/Thu Jun 11 15:10:27 2009// /ate-us02-email.txt/1.1/Mon Jun 15 09:33:47 2009// /ate-us02-mail.php.txt/1.1/Mon Jun 15 09:33:47 2009// +/ate-de11-email.txt/1.1/Tue Jun 30 07:52:41 2009// +/ate-de11-mail.php.txt/1.1/Tue Jun 30 07:52:42 2009// +/findnull.pl/1.1/Fri Jul 31 21:24:37 2009// +/sfd-de12-email.txt/1.1/Sat Sep 12 19:10:32 2009// +/sfd-de12-mail.php.txt/1.1/Sat Sep 12 19:10:33 2009// D diff --git a/cacert/www/CVS/Entries b/cacert/www/CVS/Entries index 81172fe..3eff87a 100644 --- a/cacert/www/CVS/Entries +++ b/cacert/www/CVS/Entries @@ -27,7 +27,6 @@ D/cats//// /logos.php/1.14/Fri Nov 14 23:40:28 2008// /ac.php/1.6/Mon Nov 24 12:43:46 2008// /alert_hash_collision.php/1.2/Mon Jan 5 10:34:38 2009// -/disputes.php/1.19/Thu Jan 22 20:43:20 2009// /cap.html.php/1.1/Mon Mar 2 23:09:05 2009// /capnew.php/1.2/Mon Mar 2 23:12:37 2009// /coap.html.php/1.1/Mon Mar 2 23:09:05 2009// @@ -38,3 +37,4 @@ D/cats//// /cap.php/1.17/Thu Jun 25 20:09:35 2009// /gpg.php/1.26/Thu Jun 25 20:09:35 2009// /wot.php/1.54/Thu Jun 25 20:09:35 2009// +/disputes.php/1.20/Sun Sep 20 17:38:19 2009// diff --git a/cacert/www/disputes.php b/cacert/www/disputes.php index e87e5e6..5b78c1e 100644 --- a/cacert/www/disputes.php +++ b/cacert/www/disputes.php @@ -226,6 +226,7 @@ if($oldid == "1") { + csrf_check('emaildispute'); $email = trim(mysql_escape_string(stripslashes($_REQUEST['dispute']))); if($email == "") { @@ -297,6 +298,7 @@ if($oldid == "2") { + csrf_check('domaindispute'); $domain = trim(mysql_escape_string(stripslashes($_REQUEST['dispute']))); if($domain == "") { diff --git a/cacert/www/styles/CVS/Entries b/cacert/www/styles/CVS/Entries index 0a6e4b4..2bc4ded 100644 --- a/cacert/www/styles/CVS/Entries +++ b/cacert/www/styles/CVS/Entries @@ -1,2 +1,2 @@ -/default.css/1.9/Fri Mar 14 18:28:21 2008// +/default.css/1.10/Mon Sep 21 18:27:49 2009// D diff --git a/cacert/www/styles/default.css b/cacert/www/styles/default.css index 4b4936d..8ea7c5d 100644 --- a/cacert/www/styles/default.css +++ b/cacert/www/styles/default.css @@ -48,8 +48,11 @@ h3{ color: #334d55; margin: 0px; padding: 0px; +} + +h3.pointer{ cursor: pointer; -/* cursor: hand; */ + /* cursor: hand; */ } h4{ @@ -627,6 +630,11 @@ img.sponsorlogo { /************ Newsbox *************/ +#lnews { /* class for the text "Latest News" */ + font-size: small; + font-variant: small-caps; +} + div.newsbox { border-top: 1px solid #cccccc; color: #101010; |