summaryrefslogtreecommitdiff
path: root/www/api/cemails.php
diff options
context:
space:
mode:
authorMarkus Warg <mw@it-sls.de>2010-03-29 09:54:06 +0200
committerMarkus Warg <mw@it-sls.de>2010-03-29 09:54:06 +0200
commit9dceece06fbdc98add6f76f0b1aec05891a394c4 (patch)
treef7227c28ca5f79f30c2ec81ba1a09a4fe3972436 /www/api/cemails.php
parent5b68967def224a00f54eb54946ff17301bbd3cdb (diff)
downloadcacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.tar.gz
cacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.tar.xz
cacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.zip
remove cacert/ prefix
Diffstat (limited to 'www/api/cemails.php')
-rw-r--r--www/api/cemails.php47
1 files changed, 47 insertions, 0 deletions
diff --git a/www/api/cemails.php b/www/api/cemails.php
new file mode 100644
index 0000000..0d067ea
--- /dev/null
+++ b/www/api/cemails.php
@@ -0,0 +1,47 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ $username = mysql_escape_string($_REQUEST['username']);
+ $password = mysql_escape_string($_REQUEST['password']);
+
+ $query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) != 1)
+ die("403,That username couldn't be found\n");
+ echo "200,Authentication Ok\n";
+ $user = mysql_fetch_assoc($res);
+ $memid = $user['id'];
+ $query = "select sum(`points`) as `points` from `notary` where `to`='$memid' group by `to`";
+ $row = mysql_fetch_assoc(mysql_query($query));
+ $points = $row['points'];
+ echo "CS=".intval($user['codesign'])."\n";
+ echo "NAME=CAcert WoT User\n";
+ if($points >= 50)
+ {
+ echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])."\n";
+ if($user['mname'] != "")
+ echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])."\n";
+ if($user['suffix'] != "")
+ echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n";
+ if($user['mname'] != "" && $user['suffix'] != "")
+ echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n";
+ }
+ $query = "select * from `email` where `memid`='$memid' and `hash`='' and `deleted`=0";
+ $res = mysql_query($query);
+ while($row = mysql_fetch_assoc($res))
+ echo "EMAIL=".$row['email']."\n";
+?>