diff options
| author | Michael Tänzer <neo@nhng.de> | 2013-08-25 20:22:30 +0200 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2013-08-25 20:22:30 +0200 |
| commit | 2d6e2851a754bbd8d5f5afb0d02bc5caba7d6626 (patch) | |
| tree | 96cc8268ba19ee9418ab74c5fbbf7c29dc40cce0 /www/gpg.php | |
| parent | eac9744c793d06bc63269952e789a6a30de2e30d (diff) | |
| parent | a82f507306a9eba8a9f5dff82d2091dbd29edf71 (diff) | |
| download | cacert-devel-2d6e2851a754bbd8d5f5afb0d02bc5caba7d6626.tar.gz cacert-devel-2d6e2851a754bbd8d5f5afb0d02bc5caba7d6626.tar.xz cacert-devel-2d6e2851a754bbd8d5f5afb0d02bc5caba7d6626.zip | |
Merge branch 'release' into bug-1017bug-1017
Conflicts:
pages/account/6.php
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'www/gpg.php')
| -rw-r--r-- | www/gpg.php | 178 |
1 files changed, 98 insertions, 80 deletions
diff --git a/www/gpg.php b/www/gpg.php index 345b559..317072c 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -52,7 +52,7 @@ if(0) { showheader(_("Welcome to CAcert.org")); echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience."; - + exit(0); } } @@ -143,7 +143,7 @@ function verifyEmail($email) $uidformatwrong=0; if(sizeof($bits)<10) $uidformatwrong=1; - + if(preg_match("/\@.*\@/",$bits[9])) { showheader(_("Welcome to CAcert.org")); @@ -251,7 +251,6 @@ function verifyEmail($email) } $resulttable.="</table>"; - if($nok==0) { showheader(_("Welcome to CAcert.org")); @@ -275,12 +274,20 @@ function verifyEmail($email) if($oldid == "0" && $CSR != "") { + //set variable for comment + if(trim($_REQUEST['description']) == ""){ + $description= ""; + }else{ + $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + } + $query = "insert into `gpg` set `memid`='".intval($_SESSION['profile']['id'])."', `email`='".mysql_real_escape_string($lastvalidemail)."', `level`='1', `expires`='".mysql_real_escape_string($expires)."', `multiple`='".mysql_real_escape_string($multiple)."', - `keyid`='".mysql_real_escape_string($keyid)."'"; + `keyid`='".mysql_real_escape_string($keyid)."', + `description`='".mysql_real_escape_string($description)."'"; mysql_query($query); $id = mysql_insert_id(); @@ -334,7 +341,7 @@ function verifyEmail($email) } $mail=""; - if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) { + if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) { //echo "Found: ".$match[1]; $mail = trim(hex2bin($match[1])); } @@ -342,7 +349,7 @@ function verifyEmail($email) { //echo "Not found!\n"; } - + $emailok=verifyEmail($mail); $uidid=$bits[7]; @@ -384,95 +391,89 @@ function verifyEmail($email) } } + if(count($ToBeDeleted)>0) + { + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin is a pipe that the child will read from + 1 => array("pipe", "w"), // stdout is a pipe that the child will write to + 2 => array("pipe", "w") // stderr is a file to write to + ); + $stderr = fopen('php://stderr', 'w'); + //echo "Keyid: $keyid\n"; - if(count($ToBeDeleted)>0) - { + $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes); + //echo "Process: $process\n"; + //fputs($stderr,"Process: $process\n"); - $descriptorspec = array( - 0 => array("pipe", "r"), // stdin is a pipe that the child will read from - 1 => array("pipe", "w"), // stdout is a pipe that the child will write to - 2 => array("pipe", "w") // stderr is a file to write to - ); - - $stderr = fopen('php://stderr', 'w'); - - - //echo "Keyid: $keyid\n"; - - $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes); - - //echo "Process: $process\n"; - //fputs($stderr,"Process: $process\n"); - - if (is_resource($process)) { - //echo("it is a resource\n"); - // $pipes now looks like this: - // 0 => writeable handle connected to child stdin - // 1 => readable handle connected to child stdout - // Any error output will be appended to /tmp/error-output.txt - while (!feof($pipes[1])) - { - $buffer = fgets($pipes[1], 4096); - //echo $buffer; - - if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n") - { - fputs($pipes[0],"yes\n"); - } - elseif($buffer == "[GNUPG:] GOT_IT\n") - { - } - elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer)) - { - fputs($pipes[0],"yes\n"); - } - elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer)) - { - if(count($ToBeDeleted)>0) - { - $delthisuid=array_pop($ToBeDeleted); - //echo "Deleting an UID $delthisuid\n"; - fputs($pipes[0],"uid ".$delthisuid."\n"); - } - else - { - //echo "Saving\n"; - fputs($pipes[0],$state?"save\n":"deluid\n"); - $state++; - } - } - elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n") - { - } - elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer)) - { - echo "Key expired!\n"; - exit; - } - elseif($buffer == "") - { - //echo "Empty!\n"; - } - else - { - echo "ERROR: UNKNOWN $buffer\n"; - } + if (is_resource($process)) { + //echo("it is a resource\n"); + // $pipes now looks like this: + // 0 => writeable handle connected to child stdin + // 1 => readable handle connected to child stdout + // Any error output will be appended to /tmp/error-output.txt + while (!feof($pipes[1])) + { + $buffer = fgets($pipes[1], 4096); + //echo $buffer; + + if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n") + { + fputs($pipes[0],"yes\n"); + } + elseif($buffer == "[GNUPG:] GOT_IT\n") + { + } + elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer)) + { + fputs($pipes[0],"yes\n"); + } + elseif(ereg("^\[GNUPG:\] GET_LINE keyedit\.prompt\s*",$buffer)) + { + if(count($ToBeDeleted)>0) + { + $delthisuid=array_pop($ToBeDeleted); + //echo "Deleting an UID $delthisuid\n"; + fputs($pipes[0],"uid ".$delthisuid."\n"); + } + else + { + //echo "Saving\n"; + fputs($pipes[0],$state?"save\n":"deluid\n"); + $state++; + } + } + elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n") + { + } + elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer)) + { + echo "Key expired!\n"; + exit; + } + elseif($buffer == "") + { + //echo "Empty!\n"; + } + else + { + echo "ERROR: UNKNOWN $buffer\n"; + } } //echo "Fertig\n"; fclose($pipes[0]); - + //echo stream_get_contents($pipes[1]); fclose($pipes[1]); - + // It is important that you close any pipes before calling // proc_close in order to avoid a deadlock $return_value = proc_close($process); - + //echo "command returned $return_value\n"; } else @@ -508,6 +509,23 @@ function verifyEmail($email) exit; } + if($oldid == 2 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "") + { + showheader(_("My CAcert.org Account!")); + foreach($_REQUEST as $id => $val) + { + if(substr($id,0,14)=="check_comment_") + { + $cid = intval(substr($id,14)); + $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid]))); + mysql_query("update `gpg` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'"); + } + } + echo(_("Certificate settings have been changed.")."<br/>\n"); + showfooter(); + exit; + } + $id = intval($id); showheader(_("Welcome to CAcert.org")); |