diff options
| author | Michael Tänzer <neo@nhng.de> | 2013-09-24 23:57:26 +0200 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2013-09-24 23:57:26 +0200 |
| commit | f292c28b10a39e885171ef19413b7ef02c6f7725 (patch) | |
| tree | 07776cbf5767d81a0d73cf1e27f32a6a7feb77b1 /www | |
| parent | 496159138c76bc6546c0ba323c0ca85d6892855d (diff) | |
| parent | ed332a25dedba4b372d45e4bc4d5276d96d6ae38 (diff) | |
| download | cacert-devel-f292c28b10a39e885171ef19413b7ef02c6f7725.tar.gz cacert-devel-f292c28b10a39e885171ef19413b7ef02c6f7725.tar.xz cacert-devel-f292c28b10a39e885171ef19413b7ef02c6f7725.zip | |
Merge branch 'release' into bug-1137
Diffstat (limited to 'www')
| -rw-r--r-- | www/disputes.php | 32 | ||||
| -rw-r--r-- | www/gpg.php | 50 | ||||
| -rw-r--r-- | www/images/btn_paynowCC_LG.gif | bin | 2432 -> 2410 bytes | |||
| -rw-r--r-- | www/images/btn_subscribeCC_LG.gif | bin | 0 -> 2172 bytes | |||
| -rw-r--r-- | www/wot.php | 2 |
5 files changed, 50 insertions, 34 deletions
diff --git a/www/disputes.php b/www/disputes.php index 4944d8c..34a447a 100644 --- a/www/disputes.php +++ b/www/disputes.php @@ -17,6 +17,7 @@ */ ?> <? require_once("../includes/loggedin.php"); + require_once("../includes/notary.inc.php"); loadem("account"); @@ -58,24 +59,13 @@ { $row = mysql_fetch_assoc($res); echo $row['email']."<br>\n"; - $query = "select `emailcerts`.`id` - from `emaillink`,`emailcerts` where - `emailid`='$emailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and - `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0 - group by `emailcerts`.`id`"; - $dres = mysql_query($query); - while($drow = mysql_fetch_assoc($dres)) - mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'"); - - $do = `../scripts/runclient`; - $query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'"; - mysql_query($query); + account_email_delete($row['id']); } mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'"); - $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0")); - $rc = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'")); - $res = mysql_query("select * from `users` where `id`='$oldmemid'"); - $user = mysql_fetch_assoc($res); + $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0")); + $rc2 = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'")); + $res = mysql_query("select * from `users` where `id`='$oldmemid'"); + $user = mysql_fetch_assoc($res); if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email']) { mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'"); @@ -160,17 +150,13 @@ showheader(_("Domain Dispute")); echo "<p>"._("You have opted to accept this dispute and the request will now remove this domain from the existing account, and revoke any current certificates.")."</p>"; echo "<p>"._("The following accounts have been removed:")."<br>\n"; + //new account_domain_delete($domainid, $memberID) $query = "select * from `domains` where `id`='$domainid' and deleted=0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { - echo $_SESSION['_config']['domain']."<br>\n"; - mysql_query("update `domains` set `deleted`=NOW() where `id`='$domainid'"); - $query = "select * from `domlink` where `domid`='$domainid'"; - $res = mysql_query($query); - while($row = mysql_fetch_assoc($res)) - mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0"); - $do = `../scripts/runserver`; + echo $_SESSION['_config']['domain']."<br>\n"; + account_domain_delete($domainid); } mysql_query("update `disputedomain` set hash='',action='accept' where `id`='$domainid'"); showfooter(); diff --git a/www/gpg.php b/www/gpg.php index 317072c..f24d84c 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -17,6 +17,8 @@ */ ?> <? require_once("../includes/loggedin.php"); + require_once("../includes/lib/general.php"); + require_once('../includes/notary.inc.php'); $id = 0; if(array_key_exists('id',$_REQUEST)) $id=intval($_REQUEST['id']); $oldid = $_REQUEST['oldid'] = array_key_exists('oldid',$_REQUEST) ? intval($_REQUEST['oldid']) : 0; @@ -82,17 +84,44 @@ function verifyEmail($email) $state=0; if($oldid == "0" && $CSR != "") { - $debugkey = $gpgkey = clean_gpgcsr($CSR); + if(!array_key_exists('CCA',$_REQUEST)) + { + showheader(_("My CAcert.org Account!")); + echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again."); + showfooter(); + exit; + } - $tnam = tempnam('/tmp/', '__gpg'); - $fp = fopen($tnam, 'w'); - fwrite($fp, $gpgkey); - fclose($fp); - $debugpg = $gpg = trim(`gpg --with-colons --homedir /tmp 2>&1 < $tnam`); - unlink($tnam); + $err = runCommand('mktemp --directory /tmp/cacert_gpg.XXXXXXXXXX', + "", + $tmpdir); + if (!$tmpdir) + { + $err = true; + } + + if (!$err) + { + $err = runCommand("gpg --with-colons --homedir $tmpdir 2>&1", + clean_gpgcsr($CSR), + $gpg); + + `rm -r $tmpdir`; + } + + if ($err) + { + showheader(_("Welcome to CAcert.org")); + + echo "<p style='color:#ff0000'>"._("There was an error parsing your key.")."</p>"; + unset($_REQUEST['process']); + $id = $oldid; + unset($oldid); + exit(); + } $lines = ""; - $gpgarr = explode("\n", $gpg); + $gpgarr = explode("\n", trim($gpg)); foreach($gpgarr as $line) { #echo "Line[]: $line <br/>\n"; @@ -260,7 +289,6 @@ function verifyEmail($email) unset($_REQUEST['process']); $id = $oldid; unset($oldid); - $do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`; exit(); } elseif($nerr) @@ -274,6 +302,8 @@ function verifyEmail($email) if($oldid == "0" && $CSR != "") { + write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1); + //set variable for comment if(trim($_REQUEST['description']) == ""){ $description= ""; @@ -303,7 +333,7 @@ function verifyEmail($email) system("gpg --homedir $cwd --import $cwd/gpg.csr"); - $debugpg = $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`); + $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`); $lines = ""; $gpgarr = explode("\n", $gpg); foreach($gpgarr as $line) diff --git a/www/images/btn_paynowCC_LG.gif b/www/images/btn_paynowCC_LG.gif Binary files differindex f2edb8f..99fda23 100644 --- a/www/images/btn_paynowCC_LG.gif +++ b/www/images/btn_paynowCC_LG.gif diff --git a/www/images/btn_subscribeCC_LG.gif b/www/images/btn_subscribeCC_LG.gif Binary files differnew file mode 100644 index 0000000..a5cd278 --- /dev/null +++ b/www/images/btn_subscribeCC_LG.gif diff --git a/www/wot.php b/www/wot.php index a0af1f6..7200517 100644 --- a/www/wot.php +++ b/www/wot.php @@ -277,7 +277,7 @@ $iecho= "c"; exit; } - //met assuree in person, not appliciable fot TTP / TTP Topup assurances + //met assuree in person, not appliciable for TTP / TTP Topup assurances if((!array_key_exists('certify',$_POST) || $_POST['certify'] != 1 ) && $_REQUEST['method'] != "Trusted 3rd Parties") { show_page("VerifyData","",_("You failed to check all boxes to validate your adherence to the rules and policies of CAcert")); |
