summaryrefslogtreecommitdiff
path: root/includes/account.php
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-06-13 09:20:43 +0200
committerBenny Baumann <BenBE@geshi.org>2014-06-13 09:20:43 +0200
commit6d0f414854b2c1aa1da9ec49889ac9bb3b69b966 (patch)
tree7162d1c77760fad5c53474d9bf0a0c7e122b2f66 /includes/account.php
parent2affa9c6e9a1f2a7f68ab5fa306374cd037d6227 (diff)
parentf25f8af03c96cfcd4dd83a9f3b6ee4181eb3e2c9 (diff)
downloadcacert-devel-6d0f414854b2c1aa1da9ec49889ac9bb3b69b966.tar.gz
cacert-devel-6d0f414854b2c1aa1da9ec49889ac9bb3b69b966.tar.xz
cacert-devel-6d0f414854b2c1aa1da9ec49889ac9bb3b69b966.zip
Merge branch 'bug-807' into release
Diffstat (limited to 'includes/account.php')
-rw-r--r--includes/account.php17
1 files changed, 17 insertions, 0 deletions
diff --git a/includes/account.php b/includes/account.php
index 99c65c5..b1ab984 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -289,6 +289,9 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
$csr = "";
if(trim($_REQUEST['optionalCSR']) == "")
{
@@ -386,6 +389,7 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -490,6 +494,7 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -763,6 +768,8 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 11)
@@ -807,6 +814,7 @@ function buildSubjectFromSession() {
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
$query = "insert into `domaincerts` set
@@ -814,6 +822,7 @@ function buildSubjectFromSession() {
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
showheader(_("My CAcert.org Account!"));
@@ -1467,6 +1476,8 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
$_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
if(@count($_SESSION['_config']['emails']) > 0)
@@ -1534,6 +1545,7 @@ function buildSubjectFromSession() {
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1629,6 +1641,7 @@ function buildSubjectFromSession() {
`subject`='".mysql_real_escape_string($csrsubject)."',
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1893,6 +1906,8 @@ function buildSubjectFromSession() {
$_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 21)
@@ -1967,6 +1982,7 @@ function buildSubjectFromSession() {
`created`=NOW(),
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
@@ -1976,6 +1992,7 @@ function buildSubjectFromSession() {
`created`=NOW(),
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
}