summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2012-12-11 22:53:58 +0100
committerMichael Tänzer <neo@nhng.de>2012-12-11 22:53:58 +0100
commit854cc8de4d518923dd855352fd6b06aa0cfc189f (patch)
tree42737c8ada45c82f1f5045d132ed5055a21dd6a1 /www
parentf7f8a436dc00dd1b57e295232f45027ecbfd18ee (diff)
parent46af74ccb903b92ac6de768934a3faf8d2da45ea (diff)
downloadcacert-devel-854cc8de4d518923dd855352fd6b06aa0cfc189f.tar.gz
cacert-devel-854cc8de4d518923dd855352fd6b06aa0cfc189f.tar.xz
cacert-devel-854cc8de4d518923dd855352fd6b06aa0cfc189f.zip
Merge branch 'release' into testserver-mods
Conflicts: www/cats/cats_import.php Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'www')
-rw-r--r--www/account.php2
-rw-r--r--www/advertising.php6
-rw-r--r--www/api/ccsr.php3
-rw-r--r--www/cap.php2
-rw-r--r--www/policy/CertificationPracticeStatement.php72
-rw-r--r--www/policy/PrivacyPolicy.html4
-rw-r--r--www/wot.php55
7 files changed, 91 insertions, 53 deletions
diff --git a/www/account.php b/www/account.php
index d1dd695..0b32c2c 100644
--- a/www/account.php
+++ b/www/account.php
@@ -47,7 +47,7 @@
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
- sendmail("cacert-support@lists.cacert.org, $email", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
showheader(_("Welcome to CAcert.org"));
echo _("Your message has been sent to the general support list.");
diff --git a/www/advertising.php b/www/advertising.php
index e987461..43e4f93 100644
--- a/www/advertising.php
+++ b/www/advertising.php
@@ -47,7 +47,7 @@
if($months < 1 || $months > 12)
{
$id = 1;
- $errmsg .= _("You can only place an advertisement for up to 12 months.<br />");
+ $errmsg .= _("You can only place an advertisement for up to 12 months.")."<br />";
$process="";
$oldid=0;
}
@@ -55,7 +55,7 @@
if(strlen($title) <= 5)
{
$id = 1;
- $errmsg .= _("Link title was too short.<br />");
+ $errmsg .= _("Link title was too short.")."<br />";
$process="";
$oldid=0;
}
@@ -63,7 +63,7 @@
if(strlen($link) <= 10)
{
$id = 1;
- $errmsg .= _("Link URI was too short.<br />");
+ $errmsg .= _("Link URI was too short.")."<br />";
$process="";
$oldid=0;
}
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index a4ec71e..7efdf8d 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -15,6 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+require_once '../../includes/lib/check_weak_key.php';
+
$username = mysql_real_escape_string($_REQUEST['username']);
$password = mysql_real_escape_string($_REQUEST['password']);
diff --git a/www/cap.php b/www/cap.php
index 73380e1..dc283fb 100644
--- a/www/cap.php
+++ b/www/cap.php
@@ -48,7 +48,7 @@
$this->SetFont('Arial','I',8);
if($_SESSION['_config']['language'] == "ja")
$this->SetFont('SJIS','I',8);
- $this->Cell(0,0,'CAcert Inc. - P.O. Box 4107 - Denistone East NSW 2112 - Australia - http://www.CAcert.org',0,0,'C');
+ $this->Cell(0,0,'CAcert Inc. - PO Box 66 - Oatley NSW 2223 - Australia - http://www.CAcert.org',0,0,'C');
$this->Ln(3);
$this->SetFont('Arial','',6);
if($_SESSION['_config']['language'] == "ja")
diff --git a/www/policy/CertificationPracticeStatement.php b/www/policy/CertificationPracticeStatement.php
index e17056b..b18273c 100644
--- a/www/policy/CertificationPracticeStatement.php
+++ b/www/policy/CertificationPracticeStatement.php
@@ -69,7 +69,7 @@ a:hover {
<a href="PolicyOnPolicy.html"><img src="cacert-draft.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
Creation date: 20060726<br />
Status: DRAFT p20091108<br />
-<!-- $Id: CertificationPracticeStatement.php,v 1.2 2011-07-27 10:41:01 wytze Exp $ -->
+<!-- $Id: CertificationPracticeStatement.php,v 1.3 2012-07-27 16:00:29 wytze Exp $ -->
<font size="-1">
@@ -3203,54 +3203,50 @@ The form of the PGP signatures depends on several factors, therefore no stipulat
<h4><a name="p7.1.2" id="p7.1.2">7.1.2. Certificate extensions</a></h4>
<p>
-Client certificates include the following extensions:.
+ Client certificates include the following extensions:
</p>
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment,cRLSign
- </li><li>
- </li><li>
- extendedKeyUsage=emailProtection,clientAuth,serverAuth,msEFS,msSGC,nsSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
- </li><li>
- subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=emailProtection,clientAuth,msEFS,msSGC,nsSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<ul class="q">
<li> what about Client Certificates Adobe Signing extensions ?</li>
<li> SubjectAltName should become critical if DN is removed http://tools.ietf.org/html/rfc5280#section-4.2.1.6</li>
</ul>
-
<p>
-Server certificates include the following extensions:
+ Server certificates include the following extensions:
</p>
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment
- </li><li>
- extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
- </li><li>
- subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=clientAuth,serverAuth,nsSGC,msSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<p>
-Code-Signing certificates include the following extensions:
+ Code-Signing certificates include the following extensions:
</p>
-
-<ul><li>
- basicConstraints=CA:FALSE (critical)
- </li><li>
- keyUsage=digitalSignature,keyEncipherment
- </li><li>
- extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC
- </li><li>
- authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org
-</li></ul>
+<ul>
+ <li>basicConstraints=CA:FALSE (critical)</li>
+ <li>keyUsage=digitalSignature,keyEncipherment,keyAgreement (critical)</li>
+ <li>extendedKeyUsage=emailProtection,clientAuth,codeSigning,msCodeInd,msCodeCom,msEFS,msSGC,nsSGC</li>
+ <li>authorityInfoAccess = OCSP;URI:http://ocsp.cacert.org</li>
+ <li>crlDistributionPoints=URI:&lt;crlUri&gt; where &lt;crlUri&gt; is replaced
+ with the URI where the certificate revocation list relating to the
+ certificate is found</li>
+ <li>subjectAltName=(as per <a href="#p3.1.1">&sect;3.1.1.</a>).</li>
+</ul>
<ul class="q">
<li> what about subjectAltName for Code-signing</li>
</ul>
diff --git a/www/policy/PrivacyPolicy.html b/www/policy/PrivacyPolicy.html
index 6670e92..8aa0837 100644
--- a/www/policy/PrivacyPolicy.html
+++ b/www/policy/PrivacyPolicy.html
@@ -105,8 +105,8 @@ Governmental warrants and civil supoenas will be processed through the dispute r
<p>If you need to contact us in writing, address your mail to:</p>
<p>
CAcert Inc.<br>
-P.O. Box 4107<br>
-Denistone East NSW 2112<br>
+PO Box 66 <br>
+Oatley NSW 2223<br>
Australia
</p>
diff --git a/www/wot.php b/www/wot.php
index 66bf7cb..c6c0568 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -333,12 +333,16 @@ $iecho= "c";
if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0)
{
-// $body .= _("You now have over 100 points and can start assuring others.")."\n\n";
- $body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the")." ";
- $body .= _("Assurer Challenge")." ( https://cats.cacert.org )\n\n";
- $body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n\n";
+ $body .= _("You have at least 100 Assurance Points. If you want ".
+ "to become an assurer try the Assurer Challenge").
+ " ( https://cats.cacert.org ).\n\n";
+ $body .= _("To make it easier for others in your area to find ".
+ "you, it's helpful to list yourself as an assurer (this ".
+ "is voluntary), as well as a physical location where you ".
+ "live or work the most. You can flag your account to be ".
+ "listed, and add a comment to the display by going to:")."\n";
$body .= "https://www.cacert.org/wot.php?id=8\n\n";
- $body .= _("You can list your location by going to:")."\n\n";
+ $body .= _("You can list your location by going to:")."\n";
$body .= "https://www.cacert.org/wot.php?id=13\n\n";
}
@@ -442,9 +446,44 @@ $iecho= "c";
where `to`='".$user['id']."' group by `to` HAVING SUM(`points`) > 0"));
if($points > 0)
{
- sendmail($user['email'], "[CAcert.org] ".$_REQUEST['subject'], $_REQUEST['message'],
- $_SESSION['profile']['email'], "", "", $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']);
- show_page("ContactAssurer",_("Your email has been sent to")." ".$user['fname'].".<br />[ <a href='javascript:history.go(-2)'>"._("Go Back")."</a> ]","");
+ $my_translation = L10n::get_translation();
+ L10n::set_translation($user['language']);
+
+ $subject = "[CAcert.org] ".sprintf(_("Message from %s"),
+ $_SESSION['profile']['fname']);
+
+ $body = sprintf(_("Hi %s,"), $user['fname'])."\n\n";
+ $body .= sprintf(_("%s %s has sent you a message via the ".
+ "contact an Assurer form on CAcert.org."),
+ $_SESSION['profile']['fname'],
+ $_SESSION['profile']['lname'])."\n\n";
+ $body .= sprintf(_("Subject: %s"), $_REQUEST['subject'])."\n";
+ $body .= _("Message:")."\n";
+ $body .= $_REQUEST['message']."\n\n";
+ $body .= "------------------------------------------------\n\n";
+ $body .= _("Please note, that this is NOT a message on behalf ".
+ "of CAcert but another CAcert community member. If ".
+ "you suspect that the contact form might have been ".
+ "abused, please write to support@cacert.org")."\n\n";
+ $body .= _("Best regards")."\n";
+ $body .= _("Your CAcert Community");
+
+ sendmail($user['email'], $subject, $body,
+ $_SESSION['profile']['email'], //from
+ "", //replyto
+ "", //toname
+ $_SESSION['profile']['fname']." ".
+ $_SESSION['profile']['lname']); //fromname
+
+ L10n::set_translation($my_translation);
+
+ showheader(_("My CAcert.org Account!"));?>
+ <p>
+ <? printf(_("Your email has been sent to %s."), $user['fname']); ?>
+ </p>
+ <p>[ <a href='javascript:history.go(-2)'><?= _("Go Back") ?></a> ]</p>
+ <?
+ showfooter();
exit;
} else {
show_page(0,"",_("Sorry, I was unable to locate that user."));