summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/account.php135
-rw-r--r--includes/notary.inc.php277
-rw-r--r--pages/account/10.php4
-rw-r--r--pages/account/3.php28
-rw-r--r--pages/account/43.php17
-rw-r--r--pages/account/50.php6
-rw-r--r--pages/gpg/0.php2
-rw-r--r--www/disputes.php32
-rw-r--r--www/gpg.php11
9 files changed, 415 insertions, 97 deletions
diff --git a/includes/account.php b/includes/account.php
index 1a381b8..6a92669 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -18,6 +18,7 @@
require_once("../includes/loggedin.php");
require_once("../includes/lib/l10n.php");
require_once("../includes/lib/check_weak_key.php");
+ require_once("../includes/notary.inc.php");
loadem("account");
@@ -70,9 +71,7 @@
}
$oldid=0;
$_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
- $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ if(check_email_exists($_REQUEST['email'])==true)
{
showheader(_("My CAcert.org Account!"));
printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
@@ -163,17 +162,7 @@
{
$row = mysql_fetch_assoc($res);
echo $row['email']."<br>\n";
- $query = "select `emailcerts`.`id`
- from `emaillink`,`emailcerts` where
- `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
- `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
- group by `emailcerts`.`id`";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
-
- $query = "update `email` set `deleted`=NOW() where `id`='$id'";
- mysql_query($query);
+ account_email_delete($row['id']);
$delcount++;
}
}
@@ -193,6 +182,14 @@
if($process != "" && $oldid == 3)
{
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
+
if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
{
showheader(_("My CAcert.org Account!"));
@@ -322,6 +319,8 @@
exit;
}
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
$query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='NS',
@@ -630,32 +629,9 @@
{
$row = mysql_fetch_assoc($res);
echo $row['domain']."<br>\n";
-
- $dres = mysql_query(
- "select `domaincerts`.`id`
- from `domaincerts`
- where `domaincerts`.`domid` = '$id'
- union distinct
- select `domaincerts`.`id`
- from `domaincerts`, `domlink`
- where `domaincerts`.`id` = `domlink`.`certid`
- and `domlink`.`domid` = '$id'");
- while($drow = mysql_fetch_assoc($dres))
- {
- mysql_query(
- "update `domaincerts`
- set `revoked`='1970-01-01 10:00:01'
- where `id` = '".$drow['id']."'
- and `revoked` = 0
- and UNIX_TIMESTAMP(`expire`) -
- UNIX_TIMESTAMP() > 0");
- }
-
- mysql_query(
- "update `domains`
- set `deleted`=NOW()
- where `id` = '$id'");
+ account_domain_delete($row['id']);
}
+
}
}
else
@@ -669,6 +645,14 @@
if($process != "" && $oldid == 10)
{
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
+
$CSR = clean_csr($_REQUEST['CSR']);
if(strpos($CSR,"---BEGIN")===FALSE)
{
@@ -785,6 +769,8 @@
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
{
$query = "insert into `domaincerts` set
@@ -1206,17 +1192,17 @@
$description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
}else{
$description= "";
- }
+ }
- if(trim($_REQUEST['disablelogin']) == "1"){
- $disablelogin = 1;
- }else{
- $disablelogin = 0;
- }
+ if(trim($_REQUEST['disablelogin']) == "1"){
+ $disablelogin = 1;
+ }else{
+ $disablelogin = 0;
+ }
- mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
+ mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
+ }
- }
if($oldid == 13 && $process != "")
{
csrf_check("perschange");
@@ -2699,6 +2685,13 @@
mysql_query($query);
}
+ if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+ {
+ $userid = intval($_REQUEST['userid']);
+ revoke_all_private_cert($userid);
+ $id=43;
+ }
+
if($oldid == 48 && $_REQUEST['domain'] == "")
{
$id = $oldid;
@@ -2995,23 +2988,39 @@
if($oldid == 50 && $process != "")
{
$_REQUEST['userid'] = intval($_REQUEST['userid']);
- $res = mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'");
- if(mysql_num_rows($res) > 0)
- {
- $query = "update `domaincerts`,`domains` SET `domaincerts`.`revoked`='1970-01-01 10:00:01'
- WHERE `domaincerts`.`domid` = `domains`.`id` AND `domains`.`memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `domains` SET `deleted`=NOW() WHERE `domains`.`memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `emailcerts` SET `revoked`='1970-01-01 10:00:01' WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `email` SET `deleted`=NOW() WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "delete from `org` WHERE `memid`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
- $query = "update `users` SET `deleted`=NOW() WHERE `id`='".intval($_REQUEST['userid'])."'";
- mysql_query($query);
+ if (trim($_REQUEST['arbitrationno'])==""){
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not enter an arbitration number entry.");
+ showfooter();
+ exit;
+ }
+ if ( 1 !== preg_match('/^[a-z]\d{8}\.\d+\.\d+$/i',trim($_REQUEST['arbitrationno'])) ) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("'%s' is not a valid arbitration number entry."), sanitizeHTML(trim($_REQUEST['arbitrationno'])));
+ showfooter();
+ exit;
+ }
+ if (check_email_exists(trim($_REQUEST['arbitrationno']).'@cacert.org')) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['arbitrationno'].'@cacert.org'));
+ showfooter();
+ exit;
+ }
+ if (check_client_cert_running($_REQUEST['userid'],1) ||
+ check_server_cert_running($_REQUEST['userid'],1) ||
+ check_gpg_cert_running($_REQUEST['userid'],1)) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The CCA retention time for at least one certificate is not over. Can't continue."));
+ showfooter();
+ exit;
+ }
+ if (check_is_orgadmin($_REQUEST['userid'],1)) {
+ showheader(_("My CAcert.org Account!"));
+ printf(_("The user is listed as Organisation Administrator. Can't continue."));
+ showfooter();
+ exit;
}
+ account_delete($_REQUEST['userid'], trim($_REQUEST['arbitrationno']), $_SESSION['profile']['id']);
}
if(($id == 51 || $id == 52 || $oldid == 52) && $_SESSION['profile']['tverify'] <= 0)
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index 2b7ccb6..571d73b 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -796,6 +796,283 @@
<?
}
+ function account_email_delete($mailid){
+ //deletes an email entry from an acount
+ //revolkes all certifcates for that email address
+ //called from www/account.php if($process != "" && $oldid == 2)
+ //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
+ //called from account_delete
+ $mailid = intval($mailid);
+ revoke_all_client_cert($mailid);
+ $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
+ mysql_query($query);
+ }
+
+ function account_domain_delete($domainid){
+ //deletes an domain entry from an acount
+ //revolkes all certifcates for that domain address
+ //called from www/account.php if($process != "" && $oldid == 9)
+ //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
+ //called from account_delete
+ $domainid = intval($domainid);
+ revoke_all_server_cert($domainid);
+ mysql_query(
+ "update `domains`
+ set `deleted`=NOW()
+ where `id` = '$domainid'");
+ }
+
+ function account_delete($id, $arbno, $adminid){
+ //deletes an account following the deleted account routnie V3
+ // called from www/account.php if($oldid == 50 && $process != "")
+ //change password
+ $id = intval($id);
+ $arbno = mysql_real_escape_string($arbno);
+ $adminid = intval($adminid);
+ $pool = 'abcdefghijklmnopqrstuvwxyz';
+ $pool .= '0123456789!()ยง';
+ $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+ srand ((double)microtime()*1000000);
+ $password="";
+ for($index = 0; $index < 30; $index++)
+ {
+ $password .= substr($pool,(rand()%(strlen ($pool))), 1);
+ }
+ mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
+
+ //create new mail for arbitration number
+ $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
+ mysql_query($query);
+ $emailid = mysql_insert_id();
+
+ //set new mail as default
+ $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
+ mysql_query($query);
+
+ //delete all other email address
+ $query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ account_email_delete($row['id']);
+ }
+
+ //delete all domains
+ $query = "select `id` from `domains` where `memid`='".$id."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ account_domain_delete($row['id']);
+ }
+
+ //clear alert settings
+ mysql_query(
+ "update `alerts` set
+ `general`='0',
+ `country`='0',
+ `regional`='0',
+ `radius`='0'
+ where `memid`='$id'");
+
+ //set default location
+ $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
+ mysql_query($query);
+
+ //clear listings
+ $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
+ mysql_query($query);
+
+ //set lanuage to default
+ //set default language
+ mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
+ //delete secondary langugaes
+ mysql_query("delete from `addlang` where `userid`='".$id."'");
+
+ //change secret questions
+ for($i=1;$i<=5;$i++){
+ $q="";
+ $a="";
+ for($index = 0; $index < 30; $index++)
+ {
+ $q .= substr($pool,(rand()%(strlen ($pool))), 1);
+ $a .= substr($pool,(rand()%(strlen ($pool))), 1);
+ }
+ $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
+ mysql_query($query);
+ }
+
+ //change personal information to arbitration number and DOB=1900-01-01
+ $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
+ $details = mysql_fetch_assoc(mysql_query($query));
+ $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
+ `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'";
+ mysql_query($query);
+ $query = "update `users` set `fname`='".$arbno."',
+ `mname`='".$arbno."',
+ `lname`='".$arbno."',
+ `suffix`='".$arbno."',
+ `dob`='1900-01-01'
+ where `id`='".$id."'";
+ mysql_query($query);
+
+ //clear all admin and board flags
+ mysql_query(
+ "update `users` set
+ `assurer`='0',
+ `assurer_blocked`='0',
+ `codesign`='0',
+ `orgadmin`='0',
+ `ttpadmin`='0',
+ `locadmin`='0',
+ `admin`='0',
+ `adadmin`='0',
+ `tverify`='0',
+ `board`='0'
+ where `id`='$id'");
+
+ //block account
+ mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
+ }
+
+
+ function check_email_exists($email){
+ // called from includes/account.php if($process != "" && $oldid == 1)
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $email = mysql_real_escape_string($email);
+ $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+ function check_gpg_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
+ }else{
+ $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+ function check_client_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>NOW() and `revoked`<`created`";
+ $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>NOW()";
+ }else{
+ $query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
+ $query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query1);
+ $r1 = mysql_num_rows($res)>0;
+ $res = mysql_query($query2);
+ $r2 = mysql_num_rows($res)>0;
+ return !!($r1 || $r2);
+ }
+
+ function check_server_cert_running($uid,$cca=0){
+ //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ if (0==$cca) {
+ $query1 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `domaincerts`.`expire` > NOW()
+ and `domaincerts`.`revoked` < `domaincerts`.`created`";
+ $query2 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `revoked`>NOW()";
+ }else{
+ $query1 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `expire`>(NOW()-90*86400)
+ and `revoked`<`created`";
+ $query2 = "
+ select 1 from `domaincerts` join `domains`
+ on `domaincerts`.`domid` = `domains`.`id`
+ where `domains`.`memid` = '$uid'
+ and `revoked`>(NOW()-90*86400)";
+ }
+ $res = mysql_query($query1);
+ $r1 = mysql_num_rows($res)>0;
+ $res = mysql_query($query2);
+ $r2 = mysql_num_rows($res)>0;
+ return !!($r1 || $r2);
+ }
+
+ function check_is_orgadmin($uid){
+ // called from includes/account.php if($oldid == 50 && $process != "")
+ $uid = intval($uid);
+ $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
+ $res = mysql_query($query);
+ return mysql_num_rows($res) > 0;
+ }
+
+
+ // revokation of certificates
+ function revoke_all_client_cert($mailid){
+ //revokes all client certificates for an email address
+ $mailid = intval($mailid);
+ $query = "select `emailcerts`.`id`
+ from `emaillink`,`emailcerts` where
+ `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `revoked`=0
+ group by `emailcerts`.`id`";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres)){
+ mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+ }
+ }
+
+ function revoke_all_server_cert($domainid){
+ //revokes all server certs for an domain
+ $domainid = intval($domainid);
+ $query =
+ "select `domaincerts`.`id`
+ from `domaincerts`
+ where `domaincerts`.`domid` = '$domainid'
+ union distinct
+ select `domaincerts`.`id`
+ from `domaincerts`, `domlink`
+ where `domaincerts`.`id` = `domlink`.`certid`
+ and `domlink`.`domid` = '$domainid'";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres))
+ {
+ mysql_query(
+ "update `domaincerts`
+ set `revoked`='1970-01-01 10:00:01'
+ where `id` = '".$drow['id']."'
+ and `revoked` = 0");
+ }
+ }
+
+ function revoke_all_private_cert($uid){
+ //revokes all certificates linked to a personal accounts
+ //gpg revokation needs to be added to a later point
+ $uid=intval($uid);
+ $query = "select `id` from `email` where `memid`='".$uid."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ revoke_all_client_cert($row['id']);
+ }
+
+
+ $query = "select `id` from `domains` where `memid`='".$uid."'";
+ $res=mysql_query($query);
+ while($row = mysql_fetch_assoc($res)){
+ revoke_all_server_cert($row['id']);
+ }
+ }
+
/**
* check_date_format()
* checks if the date is entered in the right date format YYYY-MM-DD and
diff --git a/pages/account/10.php b/pages/account/10.php
index f83e0d8..48bcb1f 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -38,7 +38,9 @@
<p><?=_("Optional comment, only used in the certifictate overview")?><br>
<input type="text" name="description" maxlength="80" size=80/></p>
<p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
+<textarea name="CSR" cols="80" rows="15"></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
<input type="submit" name="process" value="<?=_("Submit")?>"/>
<input type="hidden" name="oldid" value="<?=$id?>"/>
</form>
diff --git a/pages/account/3.php b/pages/account/3.php
index c2165c2..b760c11 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -70,17 +70,21 @@ if($_SESSION['profile']['points'] >= 50)
<? } ?>
<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
<tr>
+ <td class="DataTD">
+ <input type="checkbox" name="codesign" value="1" />
+ </td>
<td class="DataTD" align="left">
- <input type="checkbox" name="codesign" value="1" /> <?=_("Code Signing")?></td>
- <td class="DataTD" align="left">
+ <?=_("Code Signing")?><br />
<?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
</td>
</tr>
<? } ?>
<tr>
- <td class="DataTD" colspan="2" align="left">
- <input type="checkbox" name="login" value="1" checked="checked" /> <?=_("Enable certificate login with this certificate")?><br />
+ <td class="DataTD">
+ <input type="checkbox" name="login" value="1" checked="checked" />
+ </td>
+ <td class="DataTD"> <?=_("Enable certificate login with this certificate")?><br />
<?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?><br/>
</td>
</tr>
@@ -92,8 +96,11 @@ if($_SESSION['profile']['points'] >= 50)
</tr>
<tr name="expertoff" style="display:none">
- <td class="DataTD" colspan="2" align="left">
- <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)"/><?=_("Show advanced options")?>
+ <td class="DataTD">
+ <input type="checkbox" name="expertbox" onchange="showExpert(this.checked)" />
+ </td>
+ <td class="DataTD">
+ <?=_("Show advanced options")?>
</td>
</tr>
@@ -114,6 +121,15 @@ if($_SESSION['profile']['points'] >= 50)
<td class="DataTD" colspan="2"><textarea name="optionalCSR" cols="80" rows="5"></textarea></td>
</tr>
<tr>
+ <td class="DataTD">
+ <input type="checkbox" name="CCA" />
+ </td>
+ <td class="DataTD" align="left">
+ <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?>
+ </td>
+ </tr>
+ <tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>" /></td>
</tr>
</table>
diff --git a/pages/account/43.php b/pages/account/43.php
index 841189d..a942f18 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -100,8 +100,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
if(intval($_REQUEST['userid']) > 0)
{
- $id = intval($_REQUEST['userid']);
- $query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
+ $userid = intval($_REQUEST['userid']);
+ $query = "select * from `users` where `users`.`id`='$userid' and `users`.`deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -135,7 +135,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<td class="DataTD"><?=_("Last Name")?>:</td>
<td class="DataTD"> <input type="hidden" name="oldid" value="43">
<input type="hidden" name="action" value="updatedob">
- <input type="hidden" name="userid" value="<?=intval($id)?>">
+ <input type="hidden" name="userid" value="<?=intval($userid)?>">
<input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>"></td>
</tr>
<tr>
@@ -786,9 +786,20 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<?
} ?>
</tr>
+ <tr>
+ <td colspan="6" class="title">
+ <form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to revoke all private certificates?")?>')) return false;">
+ <input type="hidden" name="action" value="revokecert">
+ <input type="hidden" name="oldid" value="43">
+ <input type="hidden" name="userid" value="<?=intval($userid)?>">
+ <input type="submit" value="<?=_('revoke certificates')?>">
+ </form>
+ </td>
+ </tr>
</table>
<br>
+
<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
(<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
<br />
diff --git a/pages/account/50.php b/pages/account/50.php
index 1604156..a4c2413 100644
--- a/pages/account/50.php
+++ b/pages/account/50.php
@@ -19,13 +19,17 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Change Password")?></td>
+ <td colspan="2" class="title"><?=_("Delete Account")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Email")?>:</td>
<td class="DataTD"><b><?=sanitizeHTML($_REQUEST['email'])?></b></td>
</tr>
<tr>
+ <td class="DataTD"><?=_("New Username from arbitration number + sequence number a20xxyyzz.a.b")?>:</td>
+ <td class="DataTD"><input type="text" name="arbitrationno"></td>
+ </tr>
+ <tr>
<td class="DataTD" colspan="2"><?=_("Are you sure you want to delete this user, while not actually deleting the account it will completely disable it and revoke any/all certificates currently issued.")?></td>
</tr>
<tr>
diff --git a/pages/gpg/0.php b/pages/gpg/0.php
index 7c7a37b..f490511 100644
--- a/pages/gpg/0.php
+++ b/pages/gpg/0.php
@@ -22,6 +22,8 @@
<p><?=_("Optional comment, only used in the certifictate overview")?><br />
<input type="text" name="description" maxlength="80" size=80 /></p>
<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
<input type="submit" name="process" value="<?=_("Submit")?>" />
<input type="hidden" name="oldid" value="<?=$id?>" />
</form>
diff --git a/www/disputes.php b/www/disputes.php
index 4944d8c..34a447a 100644
--- a/www/disputes.php
+++ b/www/disputes.php
@@ -17,6 +17,7 @@
*/ ?>
<?
require_once("../includes/loggedin.php");
+ require_once("../includes/notary.inc.php");
loadem("account");
@@ -58,24 +59,13 @@
{
$row = mysql_fetch_assoc($res);
echo $row['email']."<br>\n";
- $query = "select `emailcerts`.`id`
- from `emaillink`,`emailcerts` where
- `emailid`='$emailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
- `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
- group by `emailcerts`.`id`";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'");
-
- $do = `../scripts/runclient`;
- $query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'";
- mysql_query($query);
+ account_email_delete($row['id']);
}
mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");
- $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
- $rc = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
- $res = mysql_query("select * from `users` where `id`='$oldmemid'");
- $user = mysql_fetch_assoc($res);
+ $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0"));
+ $rc2 = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'"));
+ $res = mysql_query("select * from `users` where `id`='$oldmemid'");
+ $user = mysql_fetch_assoc($res);
if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email'])
{
mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'");
@@ -160,17 +150,13 @@
showheader(_("Domain Dispute"));
echo "<p>"._("You have opted to accept this dispute and the request will now remove this domain from the existing account, and revoke any current certificates.")."</p>";
echo "<p>"._("The following accounts have been removed:")."<br>\n";
+ //new account_domain_delete($domainid, $memberID)
$query = "select * from `domains` where `id`='$domainid' and deleted=0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
- echo $_SESSION['_config']['domain']."<br>\n";
- mysql_query("update `domains` set `deleted`=NOW() where `id`='$domainid'");
- $query = "select * from `domlink` where `domid`='$domainid'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
- $do = `../scripts/runserver`;
+ echo $_SESSION['_config']['domain']."<br>\n";
+ account_domain_delete($domainid);
}
mysql_query("update `disputedomain` set hash='',action='accept' where `id`='$domainid'");
showfooter();
diff --git a/www/gpg.php b/www/gpg.php
index 317072c..4133cd9 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -17,6 +17,7 @@
*/ ?>
<?
require_once("../includes/loggedin.php");
+ require_once('../includes/notary.inc.php');
$id = 0; if(array_key_exists('id',$_REQUEST)) $id=intval($_REQUEST['id']);
$oldid = $_REQUEST['oldid'] = array_key_exists('oldid',$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
@@ -82,6 +83,14 @@ function verifyEmail($email)
$state=0;
if($oldid == "0" && $CSR != "")
{
+ if(!array_key_exists('CCA',$_REQUEST))
+ {
+ showheader(_("My CAcert.org Account!"));
+ echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
+ showfooter();
+ exit;
+ }
+
$debugkey = $gpgkey = clean_gpgcsr($CSR);
$tnam = tempnam('/tmp/', '__gpg');
@@ -274,6 +283,8 @@ function verifyEmail($email)
if($oldid == "0" && $CSR != "")
{
+ write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
+
//set variable for comment
if(trim($_REQUEST['description']) == ""){
$description= "";