summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xCommModule/client.pl4
-rwxr-xr-xcgi-bin/siteseal.cgi45
-rw-r--r--crt/DIR1
-rw-r--r--csr/DIR1
-rw-r--r--includes/about_menu.php28
-rw-r--r--includes/account.php772
-rw-r--r--includes/account_stuff.php136
-rw-r--r--includes/general.php101
-rw-r--r--includes/general_stuff.php86
-rw-r--r--includes/keygen.php58
-rw-r--r--includes/lib/account.php4
-rw-r--r--includes/lib/general.php24
-rw-r--r--includes/lib/l10n.php8
-rw-r--r--includes/loggedin.php12
-rw-r--r--includes/mysql.php.sample17
-rw-r--r--includes/notary.inc.php719
-rw-r--r--includes/shutdown.php7
-rw-r--r--includes/sponsorinfo.php2
-rw-r--r--includes/tverify_stuff.php46
-rw-r--r--pages/account/0.php32
-rw-r--r--pages/account/1.php16
-rw-r--r--pages/account/10.php52
-rw-r--r--pages/account/11.php27
-rw-r--r--pages/account/12.php79
-rw-r--r--pages/account/13.php111
-rw-r--r--pages/account/14.php27
-rw-r--r--pages/account/15.php15
-rw-r--r--pages/account/16.php64
-rw-r--r--pages/account/17.php6
-rw-r--r--pages/account/18.php126
-rw-r--r--pages/account/19.php32
-rw-r--r--pages/account/2.php49
-rw-r--r--pages/account/20.php40
-rw-r--r--pages/account/21.php19
-rw-r--r--pages/account/22.php110
-rw-r--r--pages/account/23.php15
-rw-r--r--pages/account/24.php23
-rw-r--r--pages/account/25.php55
-rw-r--r--pages/account/26.php30
-rw-r--r--pages/account/27.php40
-rw-r--r--pages/account/28.php19
-rw-r--r--pages/account/29.php29
-rw-r--r--pages/account/3.php114
-rw-r--r--pages/account/30.php29
-rw-r--r--pages/account/31.php19
-rw-r--r--pages/account/32.php46
-rw-r--r--pages/account/33.php29
-rw-r--r--pages/account/34.php25
-rw-r--r--pages/account/35.php74
-rw-r--r--pages/account/36.php18
-rw-r--r--pages/account/37.php5
-rw-r--r--pages/account/38.php2
-rw-r--r--pages/account/39.php5
-rw-r--r--pages/account/4.php2
-rw-r--r--pages/account/40.php50
-rw-r--r--pages/account/41.php49
-rw-r--r--pages/account/42.php14
-rw-r--r--pages/account/43.php663
-rw-r--r--pages/account/44.php25
-rw-r--r--pages/account/45.php8
-rw-r--r--pages/account/48.php14
-rw-r--r--pages/account/49.php73
-rw-r--r--pages/account/5.php95
-rw-r--r--pages/account/50.php20
-rw-r--r--pages/account/51.php19
-rw-r--r--pages/account/52.php57
-rw-r--r--pages/account/53.php26
-rw-r--r--pages/account/54.php119
-rw-r--r--pages/account/55.php68
-rw-r--r--pages/account/56.php26
-rw-r--r--pages/account/57.php64
-rw-r--r--pages/account/58.php30
-rw-r--r--pages/account/59.php202
-rw-r--r--pages/account/6.php44
-rw-r--r--pages/account/7.php18
-rw-r--r--pages/account/8.php18
-rw-r--r--pages/account/9.php37
-rw-r--r--pages/advertising/0.php32
-rw-r--r--pages/advertising/1.php15
-rw-r--r--pages/disputes/0.php14
-rw-r--r--pages/disputes/1.php16
-rw-r--r--pages/disputes/2.php16
-rw-r--r--pages/disputes/4.php20
-rw-r--r--pages/disputes/5.php16
-rw-r--r--pages/disputes/6.php20
-rw-r--r--pages/gpg/0.php16
-rw-r--r--pages/gpg/2.php65
-rw-r--r--pages/gpg/3.php15
-rw-r--r--pages/help/0.php5
-rw-r--r--pages/help/2.php5
-rw-r--r--pages/help/3.php5
-rw-r--r--pages/help/4.php5
-rw-r--r--pages/help/5.php5
-rw-r--r--pages/help/6.php5
-rw-r--r--pages/help/7.php5
-rw-r--r--pages/help/8.php5
-rw-r--r--pages/help/9.php5
-rw-r--r--pages/index/0.php47
-rw-r--r--pages/index/1.php110
-rw-r--r--pages/index/10.php2
-rw-r--r--pages/index/11.php50
-rw-r--r--pages/index/12.php5
-rw-r--r--pages/index/13.php21
-rw-r--r--pages/index/16.php42
-rw-r--r--pages/index/17.php12
-rw-r--r--pages/index/18.php7
-rw-r--r--pages/index/19.php5
-rw-r--r--pages/index/2.php4
-rw-r--r--pages/index/21.php14
-rw-r--r--pages/index/3.php38
-rw-r--r--pages/index/4.php37
-rw-r--r--pages/index/47.php42
-rw-r--r--pages/index/5.php24
-rw-r--r--pages/index/51.php30
-rw-r--r--pages/index/52.php18
-rw-r--r--pages/index/6.php33
-rw-r--r--pages/index/7.php22
-rw-r--r--pages/index/8.php5
-rw-r--r--pages/index/feed.rss21
-rw-r--r--pages/wot/0.php6
-rw-r--r--pages/wot/1.php53
-rw-r--r--pages/wot/10.php107
-rw-r--r--pages/wot/12.php65
-rw-r--r--pages/wot/13.php50
-rw-r--r--pages/wot/15.php2
-rw-r--r--pages/wot/2.php16
-rw-r--r--pages/wot/3.php40
-rw-r--r--pages/wot/4.php49
-rw-r--r--pages/wot/5.php48
-rw-r--r--pages/wot/6.php5
-rw-r--r--pages/wot/8.php24
-rw-r--r--pages/wot/9.php63
-rw-r--r--scripts/49de-lt2013-berlin-mail.php.txt10
-rw-r--r--scripts/50de-ate-luebeck-mail.php.txt10
-rw-r--r--scripts/51at-ate-graz-mail.php.txt10
-rw-r--r--scripts/52at-ate-wien-mail.php.txt10
-rw-r--r--scripts/53de-ate-amberg-mail.php.txt10
-rw-r--r--scripts/54at-ate-linz-mail.php.txt10
-rw-r--r--scripts/55de-ate-wiesbaden-mail.php.txt10
-rw-r--r--scripts/56at-ate-oberwart-mail.php.txt10
-rw-r--r--scripts/57at-ate-graz-mail.php.txt10
-rw-r--r--scripts/58at-ate-wien-mail.php.txt10
-rw-r--r--scripts/59de-ate-freiburg-mail.php.txt10
-rw-r--r--scripts/60de-ate-bremen-mail.php.txt10
-rw-r--r--scripts/61de-ate-dresden-mail.php.txt10
-rw-r--r--scripts/62de-froscon2015-mail.php.txt10
-rw-r--r--scripts/63dk-ate-nykobing-mail.php.txt10
-rw-r--r--[-rwxr-xr-x]scripts/addpoints.php14
-rw-r--r--scripts/assurer.php8
-rwxr-xr-xscripts/clientcerts.php2
-rw-r--r--[-rwxr-xr-x]scripts/consistence.php46
-rw-r--r--[-rwxr-xr-x]scripts/country.php6
-rw-r--r--[-rwxr-xr-x]scripts/cron/permissionreview.php6
-rw-r--r--[-rwxr-xr-x]scripts/cron/refresh_stats.php12
-rw-r--r--[-rwxr-xr-x]scripts/cron/removedead.php32
-rw-r--r--[-rwxr-xr-x]scripts/cron/updatesort.php26
-rw-r--r--[-rwxr-xr-x]scripts/cron/warning.php12
-rwxr-xr-xscripts/gpgcerts.php2
-rw-r--r--scripts/gpgcheck3.php34
-rw-r--r--scripts/gpgfillmissingemail.php10
-rw-r--r--scripts/gpgfillmissingkeyid.php10
-rw-r--r--scripts/mailing archive/45au-ate-melbourne-mail.php.txt10
-rw-r--r--scripts/mailing archive/46us-ate-raleigh-mail.php.txt10
-rw-r--r--scripts/mailing archive/47us-fudcon-lawrence-mail.php.txt10
-rw-r--r--scripts/mailing archive/48de-ate-kiel-mail.php.txt10
-rw-r--r--scripts/mailing archive/oa01-allowance.php.txt8
-rw-r--r--scripts/mailing archive/oa02-orgainformation.php.txt8
-rw-r--r--scripts/mass-revoke.php18
-rw-r--r--[-rwxr-xr-x]scripts/newsletter.php8
-rw-r--r--[-rwxr-xr-x]scripts/newslettercebit.php8
-rw-r--r--[-rwxr-xr-x]scripts/notify.php8
-rw-r--r--scripts/oa03-csr_org_client_cert.php.txt8
-rw-r--r--scripts/resetpermissions.php12
-rw-r--r--[-rwxr-xr-x]scripts/scanforexponents.php26
-rw-r--r--scripts/send_heartbleed.php4
-rw-r--r--scripts/send_policy_cca_20140916.php4
-rw-r--r--scripts/send_policy_cca_correct_20150221_1.php4
-rw-r--r--scripts/send_policy_cca_correct_20150221_2.php4
-rw-r--r--scripts/send_thawte.php.txt6
-rwxr-xr-xscripts/servercerts.php2
-rw-r--r--stamp/certdet.php34
-rw-r--r--stamp/common.php40
-rw-r--r--stamp/displogo.php6
-rw-r--r--stamp/index.php12
-rw-r--r--stamp/report.php50
-rw-r--r--tverify/index.php31
-rw-r--r--tverify/index/0.php37
-rw-r--r--tverify/index/1.php2
-rw-r--r--www/.htaccess3
-rw-r--r--www/ac.php16
-rw-r--r--www/account.php11
-rw-r--r--www/advertising.php11
-rw-r--r--www/alert_hash_collision.php8
-rw-r--r--www/analyse.php7
-rw-r--r--www/api/ccsr.php42
-rw-r--r--www/api/cemails.php18
-rw-r--r--www/api/edu.php10
-rw-r--r--www/api/index.php3
l---------www/cacert1-class3-revoke.crl1
l---------www/cacert1-revoke.crl1
-rw-r--r--www/cap.php2
-rw-r--r--www/cats/cats_import.php40
-rw-r--r--www/certs/cacert.asc55
-rw-r--r--www/certs/class3.crt81
-rw-r--r--www/certs/class3.derbin1885 -> 1926 bytes
-rw-r--r--www/certs/class3.txt227
-rw-r--r--www/certs/root.crt80
-rw-r--r--www/certs/root.derbin1857 -> 1963 bytes
-rw-r--r--www/certs/root.txt241
-rw-r--r--www/coap.html.php2
-rw-r--r--www/disputes.php143
-rw-r--r--www/error403.php3
-rw-r--r--www/error404.php11
-rw-r--r--www/gpg.php33
-rw-r--r--www/help.php5
-rw-r--r--www/images/cacert4.pngbin6421 -> 17565 bytes
-rw-r--r--www/index.php113
-rw-r--r--www/logos.php22
-rw-r--r--www/news.php11
-rw-r--r--www/policy/index.php2
-rw-r--r--www/rss.php29
-rw-r--r--www/sealgen.php2
-rw-r--r--www/sqldump.php12
-rw-r--r--www/src-lic.php6
-rw-r--r--www/stats.php123
-rw-r--r--www/styles/default.css18
-rw-r--r--www/ttp.php2
-rw-r--r--www/tverify/seclayer.php6
-rw-r--r--www/verify.php45
-rw-r--r--www/wot.php70
230 files changed, 4312 insertions, 4554 deletions
diff --git a/CommModule/client.pl b/CommModule/client.pl
index 0874477..69f2e7f 100755
--- a/CommModule/client.pl
+++ b/CommModule/client.pl
@@ -40,8 +40,8 @@ my $paranoid=1;
my $debug=0;
-#my $serialport="/dev/ttyS0";
-my $serialport="/dev/ttyUSB0";
+my $serialport="/dev/ttyS0";
+#my $serialport="/dev/ttyUSB0";
my $gpgbin="/usr/bin/gpg";
diff --git a/cgi-bin/siteseal.cgi b/cgi-bin/siteseal.cgi
index ac28697..b15f310 100755
--- a/cgi-bin/siteseal.cgi
+++ b/cgi-bin/siteseal.cgi
@@ -1,6 +1,5 @@
#!/usr/bin/php -q
-<?
-/**
+<?php /**
* check site seal
*
* @package org.cacert.framework
@@ -34,59 +33,59 @@ header("Content-Disposition: inline; filename=\"siteseal.js\"");
?>
-var <?=$var1?> = window.location.href;
-<? // var <?=$var2?> = '<?=$http?>://www.cacert.org/certdetails.php?referer=' + <?=$var1?>; ?>
-var <?=$var2?> = '<?=$http?>://www.cacert.org';
-var <?=$var3?> = (new Date()).getTimezoneOffset();
+var <?php echo $var1?> = window.location.href;
+<?php // var <?php echo $var2?> = '<?php echo $http?>://www.cacert.org/certdetails.php?referer=' + <?php echo $var1?>; ?>
+var <?php echo $var2?> = '<?php echo $http?>://www.cacert.org';
+var <?php echo $var3?> = (new Date()).getTimezoneOffset();
-var <?=$var4?> = navigator.userAgent.toLowerCase();
-var <?=$var5?> = false;
-if (<?=$var4?>.indexOf("msid") != 1) {
- <?=$var5?> = (<?=$var4?>.indexOf("msie 5") == -1 && <?=$var4?>.indexOf("msie 6") == -1);
+var <?php echo $var4?> = navigator.userAgent.toLowerCase();
+var <?php echo $var5?> = false;
+if (<?php echo $var4?>.indexOf("msid") != 1) {
+ <?php echo $var5?> = (<?php echo $var4?>.indexOf("msie 5") == -1 && <?php echo $var4?>.indexOf("msie 6") == -1);
}
-function <?=$var6?>(e) {
+function <?php echo $var6?>(e) {
if (document.addEventListener) {
- if (e.target.name == '<?=$var7?>') {
- <?=$var8?>();
+ if (e.target.name == '<?php echo $var7?>') {
+ <?php echo $var8?>();
return false;
}
} else if (document.captureEvents) {
if (e.target.toString().indexOf('certdetails') != -1) {
- <?=$var8?>();
+ <?php echo $var8?>();
return false;
}
}
return true;
}
-function <?=$var9?>() {
+function <?php echo $var9?>() {
if (event.button == 1) {
- if (<?=$var5?>) {
+ if (<?php echo $var5?>) {
return true;
} else {
- <?=$var8?>();
+ <?php echo $var8?>();
return false;
}
} else if (event.button == 2) {
- <?=$var8?>();
+ <?php echo $var8?>();
return false;
}
}
-function <?=$var8?>() {
- cacertWindow = window.open(<?=$var2?>, '<?=$var10?>', config='height=420,width=523,toolbar=no,menubar=no,scrollbars=no,resizable=no,location=no,directories=no,status=yes');
+function <?php echo $var8?>() {
+ cacertWindow = window.open(<?php echo $var2?>, '<?php echo $var10?>', config='height=420,width=523,toolbar=no,menubar=no,scrollbars=no,resizable=no,location=no,directories=no,status=yes');
cacertWindow.focus();
}
if (document.addEventListener) {
- document.addEventListener('mouseup', <?=$var6?>, true);
+ document.addEventListener('mouseup', <?php echo $var6?>, true);
} else {
if (document.layers) {
document.captureEvents(Event.MOUSEDOWN);
- document.onmousedown=<?=$var6?>;
+ document.onmousedown=<?php echo $var6?>;
}
}
-document.write("<a href='" + <?=$var2?> + "' target='<?=$var10?>' tabindex='-1' onmousedown='<?=$var9?>(); return false;'><img name='<?=$var7?>' border='0' src='<?=$http?>://www.cacert.org/sealgen.php?cert=<?=$cert?>&referer=" + <?=$var1?> + "' alt='Click to verify' oncontextmenu='return false;' /></a>"); ?>
+document.write("<a href='" + <?php echo $var2?> + "' target='<?php echo $var10?>' tabindex='-1' onmousedown='<?php echo $var9?>(); return false;'><img name='<?php echo $var7?>' border='0' src='<?php echo $http?>://www.cacert.org/sealgen.php?cert=<?php echo $cert?>&referer=" + <?php echo $var1?> + "' alt='Click to verify' oncontextmenu='return false;' /></a>"); ?>
diff --git a/crt/DIR b/crt/DIR
new file mode 100644
index 0000000..87975fb
--- /dev/null
+++ b/crt/DIR
@@ -0,0 +1 @@
+# This directory has to be writeable by the web server
diff --git a/csr/DIR b/csr/DIR
new file mode 100644
index 0000000..87975fb
--- /dev/null
+++ b/csr/DIR
@@ -0,0 +1 @@
+# This directory has to be writeable by the web server
diff --git a/includes/about_menu.php b/includes/about_menu.php
index f34a274..23e4cb4 100644
--- a/includes/about_menu.php
+++ b/includes/about_menu.php
@@ -1,19 +1,19 @@
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('misc')">+ <?=_("About CAcert.org")?></h3>
+ <h3 class="pointer" onclick="explode('misc')">+ <?php echo _("About CAcert.org")?></h3>
<ul class="menu" id="misc">
- <li><a href="http://blog.cacert.org/"><?=_("CAcert News")?></a></li>
- <li><a href="http://wiki.CAcert.org/"><?=_("Wiki Documentation")?></a></li>
- <li><a href="/policy/"><?=_("Policies")?></a></li>
- <li><a href="//wiki.cacert.org/FAQ/Privileges"><?=_("Point System")?></a></li>
- <li><a href="http://bugs.CAcert.org/"><?=_("Bug Database")?></a></li>
-<? // <li><a href="/index.php?id=47">< = _ ("PR Materials" ) > </a></li> ?>
-<? // <li><a href="/logos.php">< ? = _ ( " CAcert Logos " ) ? > </a></li> ?>
-<? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?> <li><a href="/stats.php"><?=_("CAcert Statistics")?></a></li> <? } ?>
- <li><a href="http://blog.CAcert.org/feed/"><?=_("RSS News Feed")?></a></li>
-<? //- <li><a href="/index.php?id=7"> < ? = _ ( " Credits " ) ? > </a></li> ?>
- <li><a href="//wiki.cacert.org/Board"><?=_("CAcert Board")?></a></li>
- <li><a href="https://lists.cacert.org/wws"><?=_("Mailing Lists")?></a></li>
- <li><a href="/src-lic.php"><?=_("Sourcecode")?></a></li>
+ <li><a href="http://blog.cacert.org/"><?php echo _("CAcert News")?></a></li>
+ <li><a href="http://wiki.CAcert.org/"><?php echo _("Wiki Documentation")?></a></li>
+ <li><a href="/policy/"><?php echo _("Policies")?></a></li>
+ <li><a href="//wiki.cacert.org/FAQ/Privileges"><?php echo _("Point System")?></a></li>
+ <li><a href="http://bugs.CAcert.org/"><?php echo _("Bug Database")?></a></li>
+<?php // <li><a href="/index.php?id=47">< = _ ("PR Materials" ) > </a></li> ?>
+<?php // <li><a href="/logos.php">< ? = _ ( " CAcert Logos " ) ? > </a></li> ?>
+<?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?> <li><a href="/stats.php"><?php echo _("CAcert Statistics")?></a></li> <?php } ?>
+ <li><a href="http://blog.CAcert.org/feed/"><?php echo _("RSS News Feed")?></a></li>
+<?php //- <li><a href="/index.php?id=7"> < ? = _ ( " Credits " ) ? > </a></li> ?>
+ <li><a href="//wiki.cacert.org/Board"><?php echo _("CAcert Board")?></a></li>
+ <li><a href="https://lists.cacert.org/wws"><?php echo _("Mailing Lists")?></a></li>
+ <li><a href="/src-lic.php"><?php echo _("Sourcecode")?></a></li>
</ul>
</div>
diff --git a/includes/account.php b/includes/account.php
index 6dacf2d..6c844d7 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -120,7 +120,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
+ if(trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['newemail']))) == "")
{
showheader(_("My CAcert.org Account!"));
printf(_("Not a valid email address. Can't continue."));
@@ -128,7 +128,7 @@ function buildSubjectFromSession() {
exit;
}
$oldid=0;
- $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
+ $_REQUEST['email'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['newemail'])));
if(check_email_exists($_REQUEST['email'])==true)
{
showheader(_("My CAcert.org Account!"));
@@ -136,7 +136,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- $checkemail = checkEmail($_REQUEST['newemail']);
+ $checkemail = checkEmailDummy($_REQUEST['newemail']);
if($checkemail != "OK")
{
showheader(_("My CAcert.org Account!"));
@@ -152,8 +152,8 @@ function buildSubjectFromSession() {
}
$hash = make_hash();
$query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'],$query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
$body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
@@ -172,15 +172,15 @@ function buildSubjectFromSession() {
$id = 2;
$emailid = intval($_REQUEST['emailid']);
$query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
showheader(_("Error!"));
echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
showfooter();
exit;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
$body .= _("You are receiving this email because you or someone else ".
"has changed the default email on your account.")."\n\n";
@@ -191,8 +191,8 @@ function buildSubjectFromSession() {
"support@cacert.org", "", "", "CAcert Support");
$_SESSION['profile']['email'] = $row['email'];
- $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
- mysql_query($query);
+ $query = "update `users` set `email`='".mysqli_real_escape_string($_SESSION['mconn'], $row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
showheader(_("My CAcert.org Account!"));
printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
showfooter();
@@ -216,11 +216,11 @@ function buildSubjectFromSession() {
}
$id = intval($id);
$query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
- `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ `email`!='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['profile']['email'])."'";
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
echo $row['email']."<br>\n";
account_email_delete($row['id']);
$delcount++;
@@ -326,10 +326,10 @@ function buildSubjectFromSession() {
if(is_array($_SESSION['_config']['addid']))
foreach($_SESSION['_config']['addid'] as $id)
{
- $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'],"select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if(!$emails)
$defaultemail = $row['email'];
$emails .= "$count.emailAddress = ".$row['email']."\n";
@@ -345,7 +345,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if($_SESSION['_config']['SSO'] == 1)
$emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
@@ -389,13 +389,13 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
if(is_array($addys))
foreach($addys as $addy)
- mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
+ mysqli_query($_SESSION['mconn'],"insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
$CSRname=generatecertpath("csr","client",$emailid);
$fp = fopen($CSRname, "w");
fputs($fp, $emails);
@@ -411,7 +411,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
if($csr == "")
$csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
@@ -434,7 +434,7 @@ function buildSubjectFromSession() {
$defaultemail = "";
$csrsubject="";
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if(strlen($user['mname']) == 1)
$user['mname'] .= '.';
if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
@@ -450,10 +450,10 @@ function buildSubjectFromSession() {
if(is_array($_SESSION['_config']['addid']))
foreach($_SESSION['_config']['addid'] as $id)
{
- $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'],"select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($defaultemail == "")
$defaultemail = $row['email'];
$csrsubject .= "/emailAddress=".$row['email'];
@@ -490,27 +490,27 @@ function buildSubjectFromSession() {
`keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
`memid`='".intval($_SESSION['profile']['id'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
- `subject`='".mysql_real_escape_string($csrsubject)."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $csrsubject)."',
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
if(is_array($addys))
foreach($addys as $addy)
- mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
+ mysqli_query($_SESSION['mconn'],"insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysqli_real_escape_string($_SESSION['mconn'], $addy)."'");
$CSRname=generatecertpath("csr","client",$emailid);
$fp = fopen($CSRname, "w");
fputs($fp, $csr);
fclose($fp);
- mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
}
waitForResult("emailcerts", $emailid, 4);
$query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
$id = 4;
showheader(_("My CAcert.org Account!"));
@@ -547,12 +547,12 @@ function buildSubjectFromSession() {
}
$newdom = trim(escapeshellarg($newdomain));
- $newdomain = mysql_real_escape_string(trim($newdomain));
+ $newdomain = mysqli_real_escape_string($_SESSION['mconn'], trim($newdomain));
- $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
+ $res1 = mysqli_query($_SESSION['mconn'],"select * from `orgdomains` where `domain`='$newdomain'");
$query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
- $res2 = mysql_query($query);
- if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
+ $res2 = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res1) > 0 || mysqli_num_rows($res2))
{
$oldid=0;
$id = 7;
@@ -579,7 +579,7 @@ function buildSubjectFromSession() {
$bits = explode(":", $line, 2);
$line = trim($bits[1]);
if(!in_array($line, $addy) && $line != "")
- $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
+ $addy[] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($line)));
}
} else {
if(is_array($adds))
@@ -597,7 +597,7 @@ function buildSubjectFromSession() {
$line = $bit;
}
if(!in_array($line, $addy) && $line != "")
- $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
+ $addy[] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($line)));
}
}
@@ -606,7 +606,7 @@ function buildSubjectFromSession() {
if(!in_array($sub, $addy))
$addy[] = $sub;
$_SESSION['_config']['addy'] = $addy;
- $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
+ $_SESSION['_config']['domain'] = mysqli_real_escape_string($_SESSION['mconn'], $newdomain);
}
if($process != "" && $oldid == 8)
@@ -615,7 +615,7 @@ function buildSubjectFromSession() {
$oldid=0;
$id = 8;
- $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
+ $authaddy = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['authaddy'])));
if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
{
@@ -633,16 +633,16 @@ function buildSubjectFromSession() {
exit;
}
- $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $query = "select * from `domains` where `domain`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['domain'])."' and `deleted`=0";
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) > 0)
{
showheader(_("My CAcert.org Account!"));
printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
showfooter();
exit;
}
- $checkemail = checkEmail($authaddy);
+ $checkemail = checkEmailDummy($authaddy);
if($checkemail != "OK")
{
showheader(_("My CAcert.org Account!"));
@@ -659,10 +659,10 @@ function buildSubjectFromSession() {
}
$hash = make_hash();
- $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
+ $query = "insert into `domains` set `domain`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['domain'])."',
`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
- mysql_query($query);
- $domainid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'],$query);
+ $domainid = mysqli_insert_id($_SESSION['mconn']);
$body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
@@ -689,10 +689,10 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
echo $row['domain']."<br>\n";
account_domain_delete($row['id']);
}
@@ -810,20 +810,20 @@ function buildSubjectFromSession() {
if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
{
$query = "insert into `domaincerts` set
- `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
- `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
- `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
- `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['rows']['0'])."',
+ `domid`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['rowid']['0'])."',
+ `created`=NOW(),`subject`='".mysqli_real_escape_string($_SESSION['mconn'], $subject)."',
+ `rootcert`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['rootcert'])."',
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
$query = "insert into `domaincerts` set
- `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
- `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
- `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
- `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['altrows']['0'])."',
+ `domid`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['altid']['0'])."',
+ `created`=NOW(),`subject`='".mysqli_real_escape_string($_SESSION['mconn'], $subject)."',
+ `rootcert`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['rootcert'])."',
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
} else {
showheader(_("My CAcert.org Account!"));
echo _("Domain not verified.");
@@ -831,24 +831,24 @@ function buildSubjectFromSession() {
exit;
}
- mysql_query($query);
- $CSRid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'],$query);
+ $CSRid = mysqli_insert_id($_SESSION['mconn']);
if(is_array($_SESSION['_config']['rowid']))
foreach($_SESSION['_config']['rowid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
+ mysqli_query($_SESSION['mconn'],"insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
+ mysqli_query($_SESSION['mconn'],"insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
$CSRname=generatecertpath("csr","server",$CSRid);
rename($_SESSION['_config']['tmpfname'], $CSRname);
chmod($CSRname,0644);
- mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
waitForResult("domaincerts", $CSRid, 11);
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
$id = 11;
showheader(_("My CAcert.org Account!"));
@@ -878,14 +878,14 @@ function buildSubjectFromSession() {
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
`domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
@@ -894,20 +894,20 @@ function buildSubjectFromSession() {
continue;
}
- mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `renewed`='1' where `id`='$id'");
$query = "insert into `domaincerts` set
`domid`='".intval($row['domid'])."',
- `CN`='".mysql_real_escape_string($row['CN'])."',
- `subject`='".mysql_real_escape_string($row['subject'])."',".
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $row['CN'])."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $row['subject'])."',".
//`csr_name`='".$row['csr_name']."', // RACE CONDITION
- "`created`='".mysql_real_escape_string($row['created'])."',
+ "`created`='".mysqli_real_escape_string($_SESSION['mconn'], $row['created'])."',
`modified`=NOW(),
`rootcert`='".intval($row['rootcert'])."',
`type`='".intval($row['type'])."',
- `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
- `description`='".mysql_real_escape_string($row['description'])."'";
- mysql_query($query);
- $newid = mysql_insert_id();
+ `pkhash`='".mysqli_real_escape_string($_SESSION['mconn'], $row['pkhash'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $row['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $newid = mysqli_insert_id($_SESSION['mconn']);
$newfile=generatecertpath("csr","server",$newid);
copy($row['csr_name'], $newfile);
$newfile_esc = escapeshellarg($newfile);
@@ -929,18 +929,18 @@ function buildSubjectFromSession() {
}
$subject = buildSubjectFromSession();
- $subject = mysql_real_escape_string($subject);
- mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
+ $subject = mysqli_real_escape_string($_SESSION['mconn'], $subject);
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
waitForResult("domaincerts", $newid,$oldid,0);
$query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
} else {
- $drow = mysql_fetch_assoc($res);
+ $drow = mysqli_fetch_assoc($res);
$crt_name = escapeshellarg($drow['crt_name']);
$cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
echo "<pre>\n$cert\n</pre>\n";
@@ -971,19 +971,19 @@ function buildSubjectFromSession() {
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
`domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
@@ -1006,19 +1006,19 @@ function buildSubjectFromSession() {
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
`domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['expired'] > 0)
{
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("delete from `domaincerts` where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"delete from `domaincerts` where `id`='$id'");
@unlink($row['csr_name']);
@unlink($row['crt_name']);
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
@@ -1036,8 +1036,8 @@ function buildSubjectFromSession() {
if(substr($id,0,14)=="check_comment_")
{
$cid = intval(substr($id,14));
- $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
- mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
+ $comment=trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comment_'.$cid])));
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `description`='$comment' where `id`='$cid'");
}
}
echo(_("Certificate settings have been changed.")."<br/>\n");
@@ -1057,14 +1057,14 @@ function buildSubjectFromSession() {
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
@@ -1073,34 +1073,34 @@ function buildSubjectFromSession() {
continue;
}
- mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `renewed`='1' where `id`='$id'");
$query = "insert into emailcerts set
`memid`='".intval($row['memid'])."',
- `CN`='".mysql_real_escape_string($row['CN'])."',
- `subject`='".mysql_real_escape_string($row['subject'])."',
- `keytype`='".mysql_real_escape_string($row['keytype'])."',
- `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
- `created`='".mysql_real_escape_string($row['created'])."',
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $row['CN'])."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $row['subject'])."',
+ `keytype`='".mysqli_real_escape_string($_SESSION['mconn'], $row['keytype'])."',
+ `csr_name`='".mysqli_real_escape_string($_SESSION['mconn'], $row['csr_name'])."',
+ `created`='".mysqli_real_escape_string($_SESSION['mconn'], $row['created'])."',
`modified`=NOW(),
`disablelogin`='".intval($row['disablelogin'])."',
`codesign`='".intval($row['codesign'])."',
`rootcert`='".intval($row['rootcert'])."',
- `description`='".mysql_real_escape_string($row['description'])."'";
- mysql_query($query);
- $newid = mysql_insert_id();
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $row['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $newid = mysqli_insert_id($_SESSION['mconn']);
$newfile=generatecertpath("csr","client",$newid);
copy($row['csr_name'], $newfile);
- mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
- $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
- while($r2 = mysql_fetch_assoc($res))
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
+ $res = mysqli_query($_SESSION['mconn'],"select * from `emaillink` where `emailcertsid`='".$row['id']."'");
+ while($r2 = mysqli_fetch_assoc($res))
{
- mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
+ mysqli_query($_SESSION['mconn'],"insert into `emaillink` set `emailid`='".$r2['emailid']."',
`emailcertsid`='$newid'");
}
waitForResult("emailcerts", $newid,$oldid,0);
$query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
} else {
@@ -1131,19 +1131,19 @@ function buildSubjectFromSession() {
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
@@ -1163,19 +1163,19 @@ function buildSubjectFromSession() {
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['expired'] > 0)
{
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("delete from `emailcerts` where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"delete from `emailcerts` where `id`='$id'");
@unlink($row['csr_name']);
@unlink($row['crt_name']);
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
@@ -1194,14 +1194,14 @@ function buildSubjectFromSession() {
{
$cid = intval(substr($id,5));
$dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
- mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
}
if(substr($id,0,14)=="check_comment_")
{
$cid = intval(substr($id,14));
if(!empty($_REQUEST['check_comment_'.$cid])) {
- $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
- mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
+ $comment=trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comment_'.$cid])));
+ mysqli_query($_SESSION['mconn'],"update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
}
}
}
@@ -1215,16 +1215,16 @@ function buildSubjectFromSession() {
csrf_check("perschange");
$_SESSION['_config']['user'] = $_SESSION['profile'];
- $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
- $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
- $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
- $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
- $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
- $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
- $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
- $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
- $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
- $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
+ $_SESSION['_config']['user']['Q1'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['Q1']))));
+ $_SESSION['_config']['user']['Q2'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['Q2']))));
+ $_SESSION['_config']['user']['Q3'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['Q3']))));
+ $_SESSION['_config']['user']['Q4'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['Q4']))));
+ $_SESSION['_config']['user']['Q5'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['Q5']))));
+ $_SESSION['_config']['user']['A1'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['A1']))));
+ $_SESSION['_config']['user']['A2'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['A2']))));
+ $_SESSION['_config']['user']['A3'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['A3']))));
+ $_SESSION['_config']['user']['A4'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['A4']))));
+ $_SESSION['_config']['user']['A5'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['A5']))));
if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
$_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
@@ -1276,16 +1276,16 @@ function buildSubjectFromSession() {
if($oldid == 13 && $process != "")
{
$ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
- $ddres = mysql_query($ddquery);
- $ddrow = mysql_fetch_assoc($ddres);
+ $ddres = mysqli_query($_SESSION['mconn'],$ddquery);
+ $ddrow = mysqli_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total'];
if($_SESSION['profile']['points'] == 0)
{
- $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
- $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
- $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
- $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
+ $_SESSION['_config']['user']['fname'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['fname']))));
+ $_SESSION['_config']['user']['mname'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['mname']))));
+ $_SESSION['_config']['user']['lname'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['lname']))));
+ $_SESSION['_config']['user']['suffix'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes(strip_tags($_REQUEST['suffix']))));
$_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
$_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
$_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
@@ -1316,7 +1316,7 @@ function buildSubjectFromSession() {
`suffix`='".$_SESSION['_config']['user']['suffix']."',
`dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
where `id`='".intval($_SESSION['profile']['id'])."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
}
if ($showdetails!="") {
$query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
@@ -1330,16 +1330,16 @@ function buildSubjectFromSession() {
`A4`='".$_SESSION['_config']['user']['A4']."',
`A5`='".$_SESSION['_config']['user']['A5']."'
where `id`='".intval($_SESSION['profile']['id'])."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
}
$_SESSION['_config']['user']['set'] = 0;
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
+ $_SESSION['profile'] = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
$_SESSION['profile']['loggedin'] = 1;
$ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
- $ddres = mysql_query($ddquery);
- $ddrow = mysql_fetch_assoc($ddres);
+ $ddres = mysqli_query($_SESSION['mconn'],$ddquery);
+ $ddrow = mysqli_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total'];
@@ -1352,9 +1352,9 @@ function buildSubjectFromSession() {
if($oldid == 14 && $process != "")
{
- $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
- $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
- $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
+ $_SESSION['_config']['user']['oldpass'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['oldpassword'])));
+ $_SESSION['_config']['user']['pword1'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['pword1'])));
+ $_SESSION['_config']['user']['pword2'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['pword2'])));
$id = 14;
csrf_check("pwchange");
@@ -1371,10 +1371,10 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
{
- $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
+ $match = mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
(`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
`password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
- $rc = mysql_num_rows($match);
+ $rc = mysqli_num_rows($match);
} else {
$rc = 1;
}
@@ -1392,7 +1392,7 @@ function buildSubjectFromSession() {
_("Failure: Pass Phrase not Changed"), '</h3>', "\n";
echo _("You failed to correctly enter your current Pass Phrase.");
} else {
- mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
+ mysqli_query($_SESSION['mconn'],"update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
where `id`='".intval($_SESSION['profile']['id'])."'");
echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
@@ -1417,7 +1417,7 @@ function buildSubjectFromSession() {
foreach($_REQUEST['emails'] as $val)
{
- $val = mysql_real_escape_string(stripslashes(trim($val)));
+ $val = mysqli_real_escape_string($_SESSION['mconn'], stripslashes(trim($val)));
$bits = explode("@", $val);
$count = count($bits);
if($count != 2)
@@ -1434,7 +1434,7 @@ function buildSubjectFromSession() {
if($val != "")
$_SESSION['_config']['emails'][] = $val;
}
- $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
+ $_SESSION['_config']['name'] = mysqli_real_escape_string($_SESSION['mconn'], stripslashes(trim($_REQUEST['name'])));
$_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
$_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
@@ -1504,7 +1504,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['name'] != "")
$emails .= "commonName = ".$_SESSION['_config']['name']."\n";
if($_SESSION['_config']['OU'])
- $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
+ $emails .= "organizationalUnitName = ".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['OU'])."\n";
if($org['O'])
$emails .= "organizationName = ".$org['O']."\n";
if($org['L'])
@@ -1529,19 +1529,19 @@ function buildSubjectFromSession() {
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
- `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
+ `ou`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['OU'])."',
`keytype`='NS',
`orgid`='".intval($org['orgid'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
foreach($_SESSION['_config']['domids'] as $addy)
- mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
+ mysqli_query($_SESSION['mconn'],"insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
$CSRname=generatecertpath("csr","orgclient",$emailid);
$fp = fopen($CSRname, "w");
@@ -1558,7 +1558,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
$csr = clean_csr($_REQUEST['CSR']);
if(strpos($csr,"---BEGIN") === FALSE)
@@ -1629,31 +1629,31 @@ function buildSubjectFromSession() {
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
- `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
+ `ou`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['OU'])."',
`keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
`orgid`='".intval($org['orgid'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
- `subject`='".mysql_real_escape_string($csrsubject)."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $csrsubject)."',
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
foreach($_SESSION['_config']['domids'] as $addy)
- mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
+ mysqli_query($_SESSION['mconn'],"insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
$CSRname=generatecertpath("csr","orgclient",$emailid);
$fp = fopen($CSRname, "w");
fputs($fp, $csr);
fclose($fp);
- mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
}
waitForResult("orgemailcerts", $emailid,$oldid);
$query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
@@ -1681,14 +1681,14 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
@@ -1697,7 +1697,7 @@ function buildSubjectFromSession() {
continue;
}
- mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
@@ -1705,25 +1705,25 @@ function buildSubjectFromSession() {
}
$query = "insert into `orgemailcerts` set
`orgid`='".intval($row['orgid'])."',
- `CN`='".mysql_real_escape_string($row['CN'])."',
- `ou`='".mysql_real_escape_string($row['ou'])."',
- `subject`='".mysql_real_escape_string($row['subject'])."',
- `keytype`='".mysql_real_escape_string($row['keytype'])."',
- `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
- `created`='".mysql_real_escape_string($row['created'])."',
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $row['CN'])."',
+ `ou`='".mysqli_real_escape_string($_SESSION['mconn'], $row['ou'])."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $row['subject'])."',
+ `keytype`='".mysqli_real_escape_string($_SESSION['mconn'], $row['keytype'])."',
+ `csr_name`='".mysqli_real_escape_string($_SESSION['mconn'], $row['csr_name'])."',
+ `created`='".mysqli_real_escape_string($_SESSION['mconn'], $row['created'])."',
`modified`=NOW(),
`codesign`='".intval($row['codesign'])."',
`rootcert`='".intval($row['rootcert'])."',
- `description`='".mysql_real_escape_string($row['description'])."'";
- mysql_query($query);
- $newid = mysql_insert_id();
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $row['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $newid = mysqli_insert_id($_SESSION['mconn']);
$newfile=generatecertpath("csr","orgclient",$newid);
copy($row['csr_name'], $newfile);
- mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
waitForResult("orgemailcerts", $newid,$oldid,0);
$query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) > 0)
{
printf(_("Certificate for '%s' has been renewed."), $row['CN']);
echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
@@ -1754,19 +1754,19 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
@@ -1787,19 +1787,19 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['expired'] > 0)
{
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("delete from `orgemailcerts` where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgemailcerts` where `id`='$id'");
@unlink($row['csr_name']);
@unlink($row['crt_name']);
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
@@ -1817,8 +1817,8 @@ function buildSubjectFromSession() {
if(substr($id,0,14)=="check_comment_")
{
$cid = intval(substr($id,14));
- $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
- mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
+ $comment=trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comment_'.$cid])));
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
}
}
echo(_("Certificate settings have been changed.")."<br/>\n");
@@ -1879,14 +1879,14 @@ function buildSubjectFromSession() {
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`org`.`orgid`=`orgdomains`.`orgid` and
- `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
- $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
+ `orgdomains`.`domain`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['0.CN'])."'";
+ $_SESSION['_config']['CNorg'] = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$query = "select * from `orginfo`,`org`,`orgdomains` where
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`org`.`orgid`=`orgdomains`.`orgid` and
- `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
- $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
+ `orgdomains`.`domain`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['0.subjectAltName'])."'";
+ $_SESSION['_config']['SANorg'] = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
//echo "<pre>"; print_r($_SESSION['_config']); die;
if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
@@ -1946,7 +1946,7 @@ function buildSubjectFromSession() {
`orginfo`.`id`=`org`.`orgid` and
`org`.`memid`='".intval($_SESSION['profile']['id'])."'";
}
- $org = mysql_fetch_assoc(mysql_query($query));
+ $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$csrsubject = "";
if($_SESSION['_config']['OU'])
@@ -1972,42 +1972,42 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rowid']['0'] > 0)
{
$query = "insert into `orgdomaincerts` set
- `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['rows']['0'])."',
`orgid`='".intval($org['id'])."',
`created`=NOW(),
- `subject`='".mysql_real_escape_string($csrsubject)."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
} else {
$query = "insert into `orgdomaincerts` set
- `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['altrows']['0'])."',
`orgid`='".intval($org['id'])."',
`created`=NOW(),
- `subject`='".mysql_real_escape_string($csrsubject)."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `md`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['hash_alg'])."',
`type`='".$type."',
- `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['description'])."'";
}
- mysql_query($query);
- $CSRid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'],$query);
+ $CSRid = mysqli_insert_id($_SESSION['mconn']);
$CSRname=generatecertpath("csr","orgserver",$CSRid);
rename($_SESSION['_config']['tmpfname'], $CSRname);
chmod($CSRname,0644);
- mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
if(is_array($_SESSION['_config']['rowid']))
foreach($_SESSION['_config']['rowid'] as $id)
- mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
+ mysqli_query($_SESSION['mconn'],"insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $id)
- mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
+ mysqli_query($_SESSION['mconn'],"insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
waitForResult("orgdomaincerts", $CSRid,$oldid);
$query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
@@ -2035,14 +2035,14 @@ function buildSubjectFromSession() {
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
`org`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if (($weakKey = checkWeakKeyX509(file_get_contents(
$row['crt_name']))) !== "")
@@ -2051,7 +2051,7 @@ function buildSubjectFromSession() {
continue;
}
- mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
@@ -2059,32 +2059,32 @@ function buildSubjectFromSession() {
}
$query = "insert into `orgdomaincerts` set
`orgid`='".intval($row['orgid'])."',
- `CN`='".mysql_real_escape_string($row['CN'])."',
- `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
- `created`='".mysql_real_escape_string($row['created'])."',
+ `CN`='".mysqli_real_escape_string($_SESSION['mconn'], $row['CN'])."',
+ `csr_name`='".mysqli_real_escape_string($_SESSION['mconn'], $row['csr_name'])."',
+ `created`='".mysqli_real_escape_string($_SESSION['mconn'], $row['created'])."',
`modified`=NOW(),
- `subject`='".mysql_real_escape_string($row['subject'])."',
+ `subject`='".mysqli_real_escape_string($_SESSION['mconn'], $row['subject'])."',
`type`='".intval($row['type'])."',
`rootcert`='".intval($row['rootcert'])."',
- `description`='".mysql_real_escape_string($row['description'])."'";
- mysql_query($query);
- $newid = mysql_insert_id();
+ `description`='".mysqli_real_escape_string($_SESSION['mconn'], $row['description'])."'";
+ mysqli_query($_SESSION['mconn'],$query);
+ $newid = mysqli_insert_id($_SESSION['mconn']);
//echo "NewID: $newid<br/>\n";
$newfile=generatecertpath("csr","orgserver",$newid);
copy($row['csr_name'], $newfile);
- mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
echo _("Renewing").": ".$row['CN']."<br>\n";
- $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
- while($r2 = mysql_fetch_assoc($res))
- mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
+ $res = mysqli_query($_SESSION['mconn'],"select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
+ while($r2 = mysqli_fetch_assoc($res))
+ mysqli_query($_SESSION['mconn'],"insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
waitForResult("orgdomaincerts", $newid,$oldid,0);
$query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
} else {
- $drow = mysql_fetch_assoc($res);
+ $drow = mysqli_fetch_assoc($res);
$crtname = escapeshellarg($drow['crt_name']);
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
echo "<pre>\n$cert\n</pre>\n";
@@ -2114,19 +2114,19 @@ function buildSubjectFromSession() {
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
`org`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['revoke'] > 0)
{
printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
@@ -2149,19 +2149,19 @@ function buildSubjectFromSession() {
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
`org`.`memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
continue;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if($row['expired'] > 0)
{
printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
continue;
}
- mysql_query("delete from `orgdomaincerts` where `id`='$id'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgdomaincerts` where `id`='$id'");
@unlink($row['csr_name']);
@unlink($row['crt_name']);
printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
@@ -2179,8 +2179,8 @@ function buildSubjectFromSession() {
if(substr($id,0,14)=="check_comment_")
{
$cid = intval(substr($id,14));
- $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
- mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
+ $comment=trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comment_'.$cid])));
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
}
}
echo(_("Certificate settings have been changed.")."<br/>\n");
@@ -2219,18 +2219,18 @@ function buildSubjectFromSession() {
if($oldid == 24 && $process != "")
{
$id = intval($oldid);
- $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
- $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
- $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
- $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
- $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
- $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
+ $_SESSION['_config']['O'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['O'])));
+ $_SESSION['_config']['contact'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['contact'])));
+ $_SESSION['_config']['L'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['L'])));
+ $_SESSION['_config']['ST'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['ST'])));
+ $_SESSION['_config']['C'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['C'])));
+ $_SESSION['_config']['comments'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comments'])));
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
{
$_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
} else {
- mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
+ mysqli_query($_SESSION['mconn'],"insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
`contact`='".$_SESSION['_config']['contact']."',
`L`='".$_SESSION['_config']['L']."',
`ST`='".$_SESSION['_config']['ST']."',
@@ -2247,18 +2247,18 @@ function buildSubjectFromSession() {
{
csrf_check('orgdetchange');
$id = intval($oldid);
- $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
- $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
- $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
- $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
- $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
- $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
+ $_SESSION['_config']['O'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['O'])));
+ $_SESSION['_config']['contact'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['contact'])));
+ $_SESSION['_config']['L'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['L'])));
+ $_SESSION['_config']['ST'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['ST'])));
+ $_SESSION['_config']['C'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['C'])));
+ $_SESSION['_config']['comments'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['comments'])));
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
{
$_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
} else {
- mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
+ mysqli_query($_SESSION['mconn'],"update `orginfo` set `O`='".$_SESSION['_config']['O']."',
`contact`='".$_SESSION['_config']['contact']."',
`L`='".$_SESSION['_config']['L']."',
`ST`='".$_SESSION['_config']['ST']."',
@@ -2274,9 +2274,9 @@ function buildSubjectFromSession() {
if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
{
- $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
- $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
- if(mysql_num_rows($res1) > 0)
+ $domain = $_SESSION['_config']['domain'] = trim(mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['domainname'])));
+ $res1 = mysqli_query($_SESSION['mconn'],"select * from `orgdomains` where `domain`='$domain'");
+ if(mysqli_num_rows($res1) > 0)
{
$_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
$id = $oldid;
@@ -2292,7 +2292,7 @@ function buildSubjectFromSession() {
if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
{
- mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
+ mysqli_query($_SESSION['mconn'],"insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
@@ -2302,11 +2302,11 @@ function buildSubjectFromSession() {
if($oldid == 29 && $process != "")
{
- $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
+ $domain = mysqli_real_escape_string($_SESSION['mconn'], stripslashes(trim($_REQUEST['domainname'])));
- $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
- $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
- if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
+ $res1 = mysqli_query($_SESSION['mconn'],"select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
+ $res2 = mysqli_query($_SESSION['mconn'],"select * from `domains` where `domain` like '$domain' and `deleted`=0");
+ if(mysqli_num_rows($res1) > 0 || mysqli_num_rows($res2) > 0)
{
$_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
$id = $oldid;
@@ -2320,23 +2320,23 @@ function buildSubjectFromSession() {
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
`orgdomains`.`id`='".intval($domid)."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ while($row = mysqli_fetch_assoc($res))
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
`orgemaillink`.`domid`=`orgdomains`.`id` and
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
`orgdomains`.`id`='".intval($domid)."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
- mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ while($row = mysqli_fetch_assoc($res))
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
}
if($oldid == 29 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
- mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `orgdomains` where `id`='".intval($domid)."'"));
+ mysqli_query($_SESSION['mconn'],"update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
@@ -2346,9 +2346,9 @@ function buildSubjectFromSession() {
if($oldid == 30 && $process != "")
{
- $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `orgdomains` where `id`='".intval($domid)."'"));
$domain = $row['domain'];
- mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgdomains` where `id`='".intval($domid)."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
@@ -2365,36 +2365,36 @@ function buildSubjectFromSession() {
if($oldid == 31 && $process != "")
{
$query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
+ $dres = mysqli_query($_SESSION['mconn'],$query);
+ while($drow = mysqli_fetch_assoc($dres))
{
$query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
`orgdomlink`.`orgdomid`=`orgdomains`.`id` and
`orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
`orgdomains`.`id`='".intval($drow['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ while($row = mysqli_fetch_assoc($res))
{
- mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
- mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
- mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
}
$query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
`orgemaillink`.`domid`=`orgdomains`.`id` and
`orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
`orgdomains`.`id`='".intval($drow['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ while($row = mysqli_fetch_assoc($res))
{
- mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
- mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
- mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
}
}
- mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
- mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
- mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
+ mysqli_query($_SESSION['mconn'],"delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
}
if($oldid == 31)
@@ -2406,7 +2406,7 @@ function buildSubjectFromSession() {
if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
{
$query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
- $_macc = mysql_num_rows(mysql_query($query));
+ $_macc = mysqli_num_rows(mysqli_query($_SESSION['mconn'],$query));
if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
{
showheader(_("My CAcert.org Account!"));
@@ -2419,7 +2419,7 @@ function buildSubjectFromSession() {
if($id == 35 || $oldid == 35)
{
$query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
- $is_orguser = mysql_num_rows(mysql_query($query));
+ $is_orguser = mysqli_num_rows(mysqli_query($_SESSION['mconn'],$query));
if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
{
showheader(_("My CAcert.org Account!"));
@@ -2433,8 +2433,8 @@ function buildSubjectFromSession() {
{
$orgid = intval($_SESSION['_config']['orgid']);
$query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
$id = 35;
}
@@ -2447,17 +2447,17 @@ function buildSubjectFromSession() {
$masteracc = $_SESSION['_config']['masteracc'] = intval($_REQUEST['masteracc']);
else
$masteracc = $_SESSION['_config']['masteracc'] = 0;
- $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
+ $_REQUEST['email'] = $_SESSION['_config']['email'] = mysqli_real_escape_string($_SESSION['mconn'], stripslashes(trim($_REQUEST['email'])));
$_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
- $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
- $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
- if(mysql_num_rows($res) <= 0)
+ $comments = $_SESSION['_config']['comments'] = mysqli_real_escape_string($_SESSION['mconn'], stripslashes(trim($_REQUEST['comments'])));
+ $res = mysqli_query($_SESSION['mconn'],"select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
+ if(mysqli_num_rows($res) <= 0)
{
$id = $oldid;
$oldid=0;
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
} else {
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
if ( !is_assurer(intval($row['id'])) )
{
$id = $oldid;
@@ -2465,12 +2465,12 @@ function buildSubjectFromSession() {
$_SESSION['_config']['errmsg'] =
_("The user is not an Assurer yet");
} else {
- mysql_query(
+ mysqli_query($_SESSION['mconn'],
"insert into `org`
set `memid`='".intval($row['id'])."',
`orgid`='".intval($_SESSION['_config']['orgid'])."',
`masteracc`='$masteracc',
- `OU`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
+ `OU`='".mysqli_real_escape_string($_SESSION['mconn'], $_SESSION['_config']['OU'])."',
`comments`='$comments'");
}
}
@@ -2479,8 +2479,8 @@ function buildSubjectFromSession() {
if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
{
$orgid = intval($_SESSION['_config']['orgid']);
- $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'");
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],"select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'");
+ if(mysqli_num_rows($res) <= 0)
$id = 32;
}
@@ -2489,7 +2489,7 @@ function buildSubjectFromSession() {
$orgid = intval($_SESSION['_config']['orgid']);
$memid = intval($_REQUEST['memid']);
$query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
}
if($oldid == 34 || $oldid == 33)
@@ -2501,7 +2501,7 @@ function buildSubjectFromSession() {
if($id == 36)
{
- $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
$_REQUEST['general'] = $row['general'];
$_REQUEST['country'] = $row['country'];
$_REQUEST['regional'] = $row['regional'];
@@ -2510,7 +2510,7 @@ function buildSubjectFromSession() {
if($oldid == 36)
{
- $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
+ $rc = mysqli_num_rows(mysqli_query($_SESSION['mconn'],"select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
if($rc > 0)
{
$query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
@@ -2525,7 +2525,7 @@ function buildSubjectFromSession() {
`radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
`memid`='".intval($_SESSION['profile']['id'])."'";
}
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
$id = $oldid;
$oldid=0;
}
@@ -2533,12 +2533,12 @@ function buildSubjectFromSession() {
if($oldid == 41 && $_REQUEST['action'] == 'default')
{
csrf_check("mainlang");
- $lang = mysql_real_escape_string($_REQUEST['lang']);
+ $lang = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['lang']);
foreach(L10n::$translations as $key => $val)
{
if($key == $lang)
{
- mysql_query("update `users` set `language`='$lang' where `id`='".intval($_SESSION['profile']['id'])."'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `language`='$lang' where `id`='".intval($_SESSION['profile']['id'])."'");
$_SESSION['profile']['language'] = $lang;
showheader(_("My CAcert.org Account!"));
echo _("Your language setting has been updated.");
@@ -2556,9 +2556,9 @@ function buildSubjectFromSession() {
if($oldid == 41 && $_REQUEST['action'] == 'addsec')
{
csrf_check("seclang");
- $addlang = mysql_real_escape_string($_REQUEST['addlang']);
+ $addlang = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['addlang']);
// Does the language exist?
- mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
+ mysqli_query($_SESSION['mconn'],"insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
showheader(_("My CAcert.org Account!"));
echo _("Your language setting has been updated.");
showfooter();
@@ -2568,8 +2568,8 @@ function buildSubjectFromSession() {
if($oldid == 41 && $_REQUEST['action'] == 'dellang')
{
csrf_check("seclang");
- $remove = mysql_real_escape_string($_REQUEST['remove']);
- mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
+ $remove = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['remove']);
+ mysqli_query($_SESSION['mconn'],"delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
showheader(_("My CAcert.org Account!"));
echo _("Your language setting has been updated.");
showfooter();
@@ -2604,7 +2604,7 @@ function buildSubjectFromSession() {
$regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
$newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
$locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
- $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
+ $name = array_key_exists('name',$_REQUEST)?mysqli_real_escape_string($_SESSION['mconn'], strip_tags($_REQUEST['name'])):"";
$long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
$lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
$action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
@@ -2612,58 +2612,58 @@ function buildSubjectFromSession() {
if($locid > 0 && $action == "edit")
{
$query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
- mysql_query($query);
- $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
+ mysqli_query($_SESSION['mconn'],$query);
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `locations` where `id`='$locid'"));
$_REQUEST['regid'] = $row['regid'];
unset($_REQUEST['ccid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($regid > 0 && $action == "edit") {
$query = "update `regions` set `name`='$name' where `id`='$regid'";
- mysql_query($query);
- $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
+ mysqli_query($_SESSION['mconn'],$query);
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `regions` where `id`='$regid'"));
$_REQUEST['ccid'] = $row['ccid'];
unset($_REQUEST['regid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($regid > 0 && $action == "add") {
- $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select `ccid` from `regions` where `id`='$regid'"));
$ccid = $row['ccid'];
$query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
unset($_REQUEST['ccid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($ccid > 0 && $action == "add" && $name != "") {
$query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
- mysql_query($query);
- $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
+ mysqli_query($_SESSION['mconn'],$query);
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `locations` where `id`='$locid'"));
unset($_REQUEST['regid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($locid > 0 && $action == "delete") {
- $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `locations` where `id`='$locid'"));
$_REQUEST['regid'] = $row['regid'];
- mysql_query("delete from `localias` where `locid`='$locid'");
- mysql_query("delete from `locations` where `id`='$locid'");
+ mysqli_query($_SESSION['mconn'],"delete from `localias` where `locid`='$locid'");
+ mysqli_query($_SESSION['mconn'],"delete from `locations` where `id`='$locid'");
unset($_REQUEST['ccid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($locid > 0 && $action == "move") {
- $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `locations` where `id`='$locid'"));
$oldregid = $row['regid'];
- mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
- mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
- $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
+ mysqli_query($_SESSION['mconn'],"update `locations` set `regid`='$newreg' where `id`='$locid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `regid`='$newreg' where `regid`='$oldregid'");
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `locations` where `id`='$locid'"));
$_REQUEST['regid'] = $row['regid'];
unset($_REQUEST['ccid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
} else if($regid > 0 && $action == "delete") {
- $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `regions` where `id`='$regid'"));
$_REQUEST['ccid'] = $row['ccid'];
- mysql_query("delete from `locations` where `regid`='$regid'");
- mysql_query("delete from `regions` where `id`='$regid'");
+ mysqli_query($_SESSION['mconn'],"delete from `locations` where `regid`='$regid'");
+ mysqli_query($_SESSION['mconn'],"delete from `regions` where `id`='$regid'");
unset($_REQUEST['regid']);
unset($_REQUEST['locid']);
unset($_REQUEST['action']);
@@ -2672,12 +2672,12 @@ function buildSubjectFromSession() {
$_REQUEST['action'] = "aliases";
$_REQUEST['locid'] = $locid;
$name = htmlentities($name);
- $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
+ $row = mysqli_query($_SESSION['mconn'],"insert into `localias` set `locid`='$locid',`name`='$name'");
} else if($locid > 0 && $action == "delalias") {
$id = 54;
$_REQUEST['action'] = "aliases";
$_REQUEST['locid'] = $locid;
- $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
+ $row = mysqli_query($_SESSION['mconn'],"delete from `localias` where `locid`='$locid' and `name`='$name'");
}
}
@@ -2714,15 +2714,15 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- $fname = mysql_real_escape_string($_REQUEST['fname']);
- $mname = mysql_real_escape_string($_REQUEST['mname']);
- $lname = mysql_real_escape_string($_REQUEST['lname']);
- $suffix = mysql_real_escape_string($_REQUEST['suffix']);
+ $fname = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['fname']);
+ $mname = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['mname']);
+ $lname = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['lname']);
+ $suffix = mysqli_real_escape_string($_SESSION['mconn'], $_REQUEST['suffix']);
$day = intval($_REQUEST['day']);
$month = intval($_REQUEST['month']);
$year = intval($_REQUEST['year']);
$query = "update `users` set `fname`='$fname',`mname`='$mname',`lname`='$lname',`suffix`='$suffix',`dob`='$year-$month-$day' where `id`='$userid'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
}elseif($oldid == 43 && $actionrequest == "updatedob" && $ticketvalidation == FALSE){
$id = 43;
$oldid=0;
@@ -2761,7 +2761,7 @@ function buildSubjectFromSession() {
if($id == 44)
{
$_REQUEST['userid'] = intval($_REQUEST['userid']);
- $row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
if($row['email'] == "")
$id = 42;
else
@@ -2781,8 +2781,8 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- mysql_query("update `users` set `password`=sha1('".mysql_real_escape_string(stripslashes($_REQUEST['newpass']))."') where `id`='".intval($_REQUEST['userid'])."'");
- $row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
+ mysqli_query($_SESSION['mconn'],"update `users` set `password`=sha1('".mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['newpass']))."') where `id`='".intval($_REQUEST['userid'])."'");
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email']));
$my_translation = L10n::get_translation();
@@ -2872,24 +2872,24 @@ function buildSubjectFromSession() {
`CN`='".$_SESSION['_config']['0.CN']."',
`domid`='".$_SESSION['_config']['row']['id']."',
`created`=NOW()";
- mysql_query($query);
- $CSRid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'],$query);
+ $CSRid = mysqli_insert_id($_SESSION['mconn']);
foreach($_SESSION['_config']['rowid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
+ mysqli_query($_SESSION['mconn'],"insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
+ mysqli_query($_SESSION['mconn'],"insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
$CSRname=generatecertpath("csr","server",$CSRid);
$fp = fopen($CSRname, "w");
fputs($fp, $_SESSION['_config']['CSR']);
fclose($fp);
- mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
+ mysqli_query($_SESSION['mconn'],"update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
waitForResult("domaincerts", $CSRid,$oldid);
$query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'],$query);
+ if(mysqli_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
@@ -2913,9 +2913,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['tverify'];
- mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `tverify`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0 && $ticketvalidation==FALSE){
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
@@ -2932,9 +2932,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['assurer'];
- mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `assurer`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['assurer']);
$_SESSION['ticketmsg']='No action (Change assurer status) taken. Ticket number is missing!';
@@ -2950,9 +2950,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['assurer_blocked'];
- mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -2969,9 +2969,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['locked'];
- mysql_query("update `users` set `locked`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `locked`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['locked']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -2988,9 +2988,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['codesign'];
- mysql_query("update `users` set `codesign`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `codesign`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['codesign']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3007,9 +3007,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['orgadmin'];
- mysql_query("update `users` set `orgadmin`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `orgadmin`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('orgadmin',$_REQUEST) && $_REQUEST['orgadmin'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['orgadmin']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3026,9 +3026,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['ttpadmin'];
- mysql_query("update `users` set `ttpadmin`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `ttpadmin`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('ttpadmin',$_REQUEST) && $_REQUEST['ttpadmin'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['ttpadmin']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3044,11 +3044,11 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = $row['adadmin'] + 1;
if($ver > 2)
$ver = 0;
- mysql_query("update `users` set `adadmin`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `adadmin`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('adadmin',$_REQUEST) && $_REQUEST['adadmin'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['adadmin']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3064,9 +3064,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['locadmin'];
- mysql_query("update `users` set `locadmin`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `locadmin`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('locadmin',$_REQUEST) && $_REQUEST['locadmin'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['locadmin']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3083,9 +3083,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `users` where `id`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['admin'];
- mysql_query("update `users` set `admin`='$ver' where `id`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `users` set `admin`='$ver' where `id`='$memid'");
}elseif($id == 43 && array_key_exists('admin',$_REQUEST) && $_REQUEST['admin'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['admin']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3101,9 +3101,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `alerts` where `memid`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['general'];
- mysql_query("update `alerts` set `general`='$ver' where `memid`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `alerts` set `general`='$ver' where `memid`='$memid'");
}elseif($id == 43 && array_key_exists('general',$_REQUEST) && $_REQUEST['general'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['general']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3119,9 +3119,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `alerts` where `memid`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['country'];
- mysql_query("update `alerts` set `country`='$ver' where `memid`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `alerts` set `country`='$ver' where `memid`='$memid'");
}elseif($id == 43 && array_key_exists('country',$_REQUEST) && $_REQUEST['country'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['country']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3137,9 +3137,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `alerts` where `memid`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['regional'];
- mysql_query("update `alerts` set `regional`='$ver' where `memid`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `alerts` set `regional`='$ver' where `memid`='$memid'");
}elseif($id == 43 && array_key_exists('regional',$_REQUEST) && $_REQUEST['regional'] > 0 && $ticketvalidation == FALSE){
$_REQUEST['userid'] = intval($_REQUEST['regional']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3155,9 +3155,9 @@ function buildSubjectFromSession() {
exit;
}
$query = "select * from `alerts` where `memid`='$memid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],$query));
$ver = !$row['radius'];
- mysql_query("update `alerts` set `radius`='$ver' where `memid`='$memid'");
+ mysqli_query($_SESSION['mconn'],"update `alerts` set `radius`='$ver' where `memid`='$memid'");
}elseif($id == 43 && array_key_exists('radius',$_REQUEST) && $_REQUEST['radius'] > 0 && $ticketvalidation == false){
$_REQUEST['userid'] = intval($_REQUEST['radius']);
$_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
@@ -3169,7 +3169,7 @@ function buildSubjectFromSession() {
$_REQUEST['userid'] = intval($_REQUEST['userid']);
}
- $row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],"select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
if($row['email'] == "") {
$id = 42;
} else {
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index 0fda2f1..c67c658 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -139,8 +139,8 @@
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
-<title><?=$title?></title>
-<? if(array_key_exists('header',$_SESSION) && $_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
+<title><?php echo $title?></title>
+<?php if(array_key_exists('header',$_SESSION) && $_SESSION['_config']['header'] != "") { ?><?php echo $_SESSION['_config']['header']?><?php } ?>
<link rel="stylesheet" href="/styles/default.css" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script language="JavaScript" type="text/javascript">
@@ -164,71 +164,69 @@ function hideall() {
}
</script>
</head>
-<body onload="hideall(); explode('home');<?=$expand?>">
+<body onload="hideall(); explode('home');<?php echo $expand?>">
<div id="pagecell1">
<div id="pageName"><br>
- <div id="pageLogo"><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="/images/cacert4.png" border="0" alt="CAcert.org logo"></a></div>
- <div id="googlead"><h2><?=_("Free digital certificates!")?></h2></div>
+ <div id="pageLogo"><a href="http://<?php echo $_SESSION['_config']['normalhostname']?>"><img src="/images/cacert4.png" border="0" alt="CAcert.org logo"></a></div>
+ <div id="googlead"><h2><?php echo _("Free digital certificates!")?></h2></div>
</div>
<div id="pageNav">
<div class="relatedLinks">
<h3>CAcert.org</h3>
- <ul class="menu" id="home"><li><a href="/index.php"><?=_("Go Home")?></a></li><li><a href="account.php?id=logout"><?=_("Logout")?></a></li></ul>
+ <ul class="menu" id="home"><li><a href="/index.php"><?php echo _("Go Home")?></a></li><li><a href="account.php?id=logout"><?php echo _("Logout")?></a></li></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3>
- <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("View/Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="account.php?id=55"><?=_("My Trainings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
-/* to delete
+ <h3 class="pointer" onclick="explode('mydetails')">+ <?php echo _("My Details")?></h3>
+ <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?php echo _("View/Edit")?></a></li><li><a href="account.php?id=14"><?php echo _("Change Password")?></a></li><li><a href="account.php?id=41"><?php echo _("Default Language")?></a></li><li><a href="wot.php?id=8"><?php echo _("My Listing")?></a></li><li><a href="wot.php?id=13"><?php echo _("My Location")?></a></li><li><a href="account.php?id=36"><?php echo _("My Alert Settings")?></a></li><li><a href="account.php?id=55"><?php echo _("My Trainings")?></a></li><li><a href="wot.php?id=10"><?php echo _("My Points")?></a></li><?php /* to delete
if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897)
echo "<li><a href='sqldump.php'>SQL Dump</a></li>";
*/
?></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3>
- <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?=_("Add")?></a></li><li><a href="account.php?id=2"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('emailacc')">+ <?php echo _("Email Accounts")?></h3>
+ <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?php echo _("Add")?></a></li><li><a href="account.php?id=2"><?php echo _("View")?></a></li></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('clicerts')">+ <?=_("Client Certificates")?></h3>
- <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?=_("New")?></a></li><li><a href="account.php?id=5"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('clicerts')">+ <?php echo _("Client Certificates")?></h3>
+ <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?php echo _("New")?></a></li><li><a href="account.php?id=5"><?php echo _("View")?></a></li></ul>
</div>
-<? if($_SESSION['profile']['points'] >= 50) { ?>
+<?php if($_SESSION['profile']['points'] >= 50) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>
- <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('gpg')">+ <?php echo _("GPG/PGP Keys")?></h3>
+ <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?php echo _("New")?></a></li><li><a href="gpg.php?id=2"><?php echo _("View")?></a></li></ul>
</div>
-<? } ?>
+<?php } ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('domains')">+ <?=_("Domains")?></h3>
- <ul class="menu" id="domains"><li><a href="account.php?id=7"><?=_("Add")?></a></li><li><a href="account.php?id=9"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('domains')">+ <?php echo _("Domains")?></h3>
+ <ul class="menu" id="domains"><li><a href="account.php?id=7"><?php echo _("Add")?></a></li><li><a href="account.php?id=9"><?php echo _("View")?></a></li></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('servercert')">+ <?=_("Server Certificates")?></h3>
- <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?=_("New")?></a></li><li><a href="account.php?id=12"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('servercert')">+ <?php echo _("Server Certificates")?></h3>
+ <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?php echo _("New")?></a></li><li><a href="account.php?id=12"><?php echo _("View")?></a></li></ul>
</div>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<?php if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('clientorg')">+ <?=_("Org Client Certs")?></h3>
- <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?=_("New")?></a></li><li><a href="account.php?id=18"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('clientorg')">+ <?php echo _("Org Client Certs")?></h3>
+ <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?php echo _("New")?></a></li><li><a href="account.php?id=18"><?php echo _("View")?></a></li></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('serverorg')">+ <?=_("Org Server Certs")?></h3>
- <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('serverorg')">+ <?php echo _("Org Server Certs")?></h3>
+ <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?php echo _("New")?></a></li><li><a href="account.php?id=22"><?php echo _("View")?></a></li></ul>
</div>
-<? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<?php } ?>
+<?php if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
- <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('orgadmin')">+ <?php echo _("Org Admin")?></h3>
+ <ul class="menu" id="orgadmin"><?php if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?php echo _("New Organisation")?></a></li><li><a href="account.php?id=25"><?php echo _("View Organisations")?></a></li><?php } ?><li><a href="account.php?id=35"><?php echo _("View")?></a></li></ul>
</div>
-<? } ?>
+<?php } ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
- <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?></ul>
+ <h3 class="pointer" onclick="explode('WoT')">+ <?php echo _("CAcert Web of Trust")?></h3>
+ <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?php echo _("About")?></a></li><li><a href="wot.php?id=12"><?php echo _("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?php echo _("Rules")?></a></li><li><?php if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?php echo _("Becoming an Assurer")?></a><?php } else { ?><a href="wot.php?id=5"><?php echo _("Assure Someone")?></a><?php } ?></li><li><a href="wot.php?id=4"><?php echo _("Trusted ThirdParties")?></a></li><?php if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?php echo _("Organisation Assurance")?></div></a></li><?php } ?></ul>
</div>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><?
- $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
+ <h3 class="pointer" onclick="explode('WoTForms')">+ <?php echo _("CAP Forms")?></h3><?php $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
while(strstr($name, " "))
$name = str_replace(" ", " ", $name);
$extra = "?name=".urlencode($name);
@@ -238,57 +236,55 @@ function hideall() {
$extra2 = "?assurer=".urlencode($name)."&amp;date=now&amp;maxpoints=".maxpoints();
?>
<ul class="menu" id="WoTForms">
- <li><a href="/cap.php<?=$extra?>">A4 - <?=_("WoT Form")?></a></li>
- <li><a href="/cap.php<?=$extra?>&amp;format=letter">US - <?=_("WoT Form")?></a></li>
- <? /* <li><div style="white-space:nowrap"><a href="/ttp.php<?=$extra?>">A4 - <?=_("TTP Form")?></a></div></li>
- <li><div style="white-space:nowrap"><a href="/ttp.php<?=$extra?>&amp;format=letter">US - <?=_("TTP Form")?></a></div></li> */
+ <li><a href="/cap.php<?php echo $extra?>">A4 - <?php echo _("WoT Form")?></a></li>
+ <li><a href="/cap.php<?php echo $extra?>&amp;format=letter">US - <?php echo _("WoT Form")?></a></li>
+ <?php /* <li><div style="white-space:nowrap"><a href="/ttp.php<?php echo $extra?>">A4 - <?php echo _("TTP Form")?></a></div></li>
+ <li><div style="white-space:nowrap"><a href="/ttp.php<?php echo $extra?>&amp;format=letter">US - <?php echo _("TTP Form")?></a></div></li> */
?>
- <? if($_SESSION['profile']['points'] > 100) { ?><li><div style="white-space:nowrap"><a href="/cap.php<?=$extra2?>">A4 - <?=_("Assurance Form")?></a></div></li>
- <li><div style="white-space:nowrap"><a href="/cap.php<?=$extra2?>&amp;format=letter">US - <?=_("Assurance Form")?></a></div></li>
- <? } ?>
- <? /*
- <li><div style="white-space:nowrap"><a href="/ttp.php">A4 - <?=_("Blank TTP Form")?></a></div></li>
- <li><div style="white-space:nowrap"><a href="/ttp.php?&amp;format=letter">US - <?=_("Blank TTP Form")?></a></div></li>
+ <?php if($_SESSION['profile']['points'] > 100) { ?><li><div style="white-space:nowrap"><a href="/cap.php<?php echo $extra2?>">A4 - <?php echo _("Assurance Form")?></a></div></li>
+ <li><div style="white-space:nowrap"><a href="/cap.php<?php echo $extra2?>&amp;format=letter">US - <?php echo _("Assurance Form")?></a></div></li>
+ <?php } ?>
+ <?php /*
+ <li><div style="white-space:nowrap"><a href="/ttp.php">A4 - <?php echo _("Blank TTP Form")?></a></div></li>
+ <li><div style="white-space:nowrap"><a href="/ttp.php?&amp;format=letter">US - <?php echo _("Blank TTP Form")?></a></div></li>
*/ ?>
- <li><div style="white-space:nowrap"><a href="/cap.php">A4 - <?=_("Blank CAP Form")?></a></div></li>
- <li><div style="white-space:nowrap"><a href="/cap.php?&amp;format=letter">US - <?=_("Blank CAP Form")?></a></div></li></ul>
+ <li><div style="white-space:nowrap"><a href="/cap.php">A4 - <?php echo _("Blank CAP Form")?></a></div></li>
+ <li><div style="white-space:nowrap"><a href="/cap.php?&amp;format=letter">US - <?php echo _("Blank CAP Form")?></a></div></li></ul>
</div>
-<? if($_SESSION['profile']['admin'] == 1 || $_SESSION['profile']['locadmin'] == 1) { ?>
+<?php if($_SESSION['profile']['admin'] == 1 || $_SESSION['profile']['locadmin'] == 1) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3>
- <ul class="menu" id="sysadmin"><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="account.php?id=42"><?=_("Find User")?></a></li><li><a href="account.php?id=48"><?=_("Find Domain")?></a></li><? } if($_SESSION['profile']['locadmin'] == 1) { ?><li><a href="account.php?id=53"><?=_("Location DB")?></a></li><? } ?></ul>
+ <h3 class="pointer" onclick="explode('sysadmin')">+ <?php echo _("System Admin")?></h3>
+ <ul class="menu" id="sysadmin"><?php if($_SESSION['profile']['admin'] == 1) { ?><li><a href="account.php?id=42"><?php echo _("Find User")?></a></li><li><a href="account.php?id=48"><?php echo _("Find Domain")?></a></li><?php } if($_SESSION['profile']['locadmin'] == 1) { ?><li><a href="account.php?id=53"><?php echo _("Location DB")?></a></li><?php } ?></ul>
</div>
-<? } ?>
+<?php } ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('disputes')">+ <?=_("Disputes/Abuses")?></h3>
- <ul class="menu" id="disputes"><li><a href="disputes.php?id=0"><?=_("More Information")?></a></li><li><a href="disputes.php?id=1"><?=_("Email Dispute")?></a></li><li><a href="disputes.php?id=2"><?=_("Domain Dispute")?></a></li><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="disputes.php?id=3"><?=_("Abuses")?></a></li><? } ?></ul>
+ <h3 class="pointer" onclick="explode('disputes')">+ <?php echo _("Disputes/Abuses")?></h3>
+ <ul class="menu" id="disputes"><li><a href="disputes.php?id=0"><?php echo _("More Information")?></a></li><li><a href="disputes.php?id=1"><?php echo _("Email Dispute")?></a></li><li><a href="disputes.php?id=2"><?php echo _("Domain Dispute")?></a></li><?php if($_SESSION['profile']['admin'] == 1) { ?><li><a href="disputes.php?id=3"><?php echo _("Abuses")?></a></li><?php } ?></ul>
</div>
-<? if($_SESSION['profile']['adadmin'] >= 1) { ?>
+<?php if($_SESSION['profile']['adadmin'] >= 1) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('advertising')">+ <?=_("Advertising")?></h3>
- <ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?=_("New Ad")?></a></li><li><a href="advertising.php?id=0"><?=_("View Ads")?></a></li></ul>
+ <h3 class="pointer" onclick="explode('advertising')">+ <?php echo _("Advertising")?></h3>
+ <ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?php echo _("New Ad")?></a></li><li><a href="advertising.php?id=0"><?php echo _("View Ads")?></a></li></ul>
</div>
-<? } ?>
- <? include("about_menu.php"); ?>
+<?php } ?>
+ <?php include("about_menu.php"); ?>
</div>
<div id="content">
<div class="story">
- <h3><?=$title2?></h3>
-<? if($_SESSION['_config']['errmsg'] != "") { ?>
-<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
-<? } ?>
-<?
- }
+ <h3><?php echo $title2?></h3>
+<?php if($_SESSION['_config']['errmsg'] != "") { ?>
+<p><font color="#ff0000" size="+2"><?php echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
+<?php } ?>
+<?php }
function showfooter()
{
?>
</div>
</div>
- <div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
- <a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> | <a href="account.php?id=40"><?=_("Contact Us")?></a>
- | &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
+ <div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?php echo _("About Us")?></a> | <a href="account.php?id=38"><?php echo _("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?php echo _("Association Membership")?></a> |
+ <a href="/policy/PrivacyPolicy.html"><?php echo _("Privacy Policy")?></a> | <a href="account.php?id=40"><?php echo _("Contact Us")?></a>
+ | &copy;2002-<?php echo date("Y")?> <?php echo _("by CAcert")?></div>
</div>
</body>
-</html><?
- }
+</html><?php }
diff --git a/includes/general.php b/includes/general.php
index 2eef65e..c5c96db 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -79,12 +79,12 @@
if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0)
{
- $locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
+ $locked = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select `locked` from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if($locked['locked'] == 0)
{
$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
- $res = mysql_query($query);
- $row = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ $row = mysqli_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
} else {
$_SESSION['profile'] = "";
@@ -286,13 +286,13 @@
else
$dom = $bits[$i];
$_SESSION['_config']['row'] = "";
- $dom = mysql_real_escape_string($dom);
+ $dom = mysqli_real_escape_string($_SESSION['mconn'], $dom);
$query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
$cnok = 1;
- $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
+ $_SESSION['_config']['row'] = mysqli_fetch_assoc($res);
$rowid[] = $_SESSION['_config']['row']['id'];
break;
}
@@ -344,13 +344,13 @@
else
$dom = $bits[$i];
$_SESSION['_config']['altrow'] = "";
- $dom = mysql_real_escape_string($dom);
+ $dom = mysqli_real_escape_string($_SESSION['mconn'], $dom);
$query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
$altok = 1;
- $_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
+ $_SESSION['_config']['altrow'] = mysqli_fetch_assoc($res);
$altid[] = $_SESSION['_config']['altrow']['id'];
break;
}
@@ -388,16 +388,16 @@
else
$dom = $bits[$i];
$_SESSION['_config']['row'] = "";
- $dom = mysql_real_escape_string($dom);
+ $dom = mysqli_real_escape_string($_SESSION['mconn'], $dom);
$query = "select *, `orginfo`.`id` as `id` from `orginfo`,`orgdomains`,`org` where
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`orgdomains`.`orgid`=`orginfo`.`id` and
`orgdomains`.`domain`='$dom'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
+ $_SESSION['_config']['row'] = mysqli_fetch_assoc($res);
$rowid[] = $_SESSION['_config']['row']['id'];
break;
}
@@ -440,16 +440,16 @@
else
$dom = $bits[$i];
$_SESSION['_config']['altrow'] = "";
- $dom = mysql_real_escape_string($dom);
+ $dom = mysqli_real_escape_string($_SESSION['mconn'], $dom);
$query = "select * from `orginfo`,`orgdomains`,`org` where
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`orgdomains`.`orgid`=`orginfo`.`id` and
`orgdomains`.`domain`='$dom'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
+ $_SESSION['_config']['altrow'] = mysqli_fetch_assoc($res);
$altid[] = $_SESSION['_config']['altrow']['id'];
break;
}
@@ -476,16 +476,16 @@
$dom = $bits[$i].".".$dom;
else
$dom = $bits[$i];
- $dom = mysql_real_escape_string($dom);
+ $dom = mysqli_real_escape_string($_SESSION['mconn'], $dom);
$query = "select * from `org`,`orgdomains`,`orginfo`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."'
and `orgdomains`.`orgid`=`org`.`orgid`
and `orginfo`.`id`=`org`.`orgid`
and `orgdomains`.`domain`='$dom'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
+ $_SESSION['_config']['row'] = mysqli_fetch_assoc($res);
return(true);
}
}
@@ -498,12 +498,12 @@
$id = $_SESSION['profile']['id'];
$query = "select sum(`points`) as `points` from `notary` where `to`='$id' and `deleted` = 0 group by `to`";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$points = $row['points'];
$dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-18));
$query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `dob` < '$dob'";
- if(mysql_num_rows(mysql_query($query)) < 1)
+ if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], $query)) < 1)
{
if($points >= 100)
return(10);
@@ -552,11 +552,32 @@
@unlink($tmpfname);
}
- function checkEmail($email)
+ /* This function is used on testservers to replace the email address check, so you can create accounts
+ for arbitraty mail addresses. It only roughly checks the syntax of the address.
+ Do not use this on a production server! " */
+ function checkEmailDummy($email)
{
$myemail = mysql_real_escape_string($email);
if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email))
{
+ $line = "250 No address check on testserver.";
+ $query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'";
+ if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'";
+ mysql_query($query);
+
+ if(substr($line, 0, 3) != "250")
+ return $line;
+ else
+ return "OK";
+ }
+ return "Invalid mail address";
+ }
+
+ function checkEmail($email)
+ {
+ $myemail = mysqli_real_escape_string($_SESSION['mconn'], $email);
+ if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email))
+ {
list($username,$domain)=explode('@',$email,2);
$mxhostrr = array();
$mxweight = array();
@@ -664,10 +685,10 @@
fputs($fp, "QUIT\r\n");
fclose($fp);
- $line = mysql_real_escape_string(trim(strip_tags($line)));
+ $line = mysqli_real_escape_string($_SESSION['mconn'], trim(strip_tags($line)));
$query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'";
if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
if(substr($line, 0, 3) != "250")
return $line;
@@ -678,7 +699,7 @@
}
$query = "insert into `pinglog` set `when`=NOW(), `uid`='".intval($_SESSION['profile']['id'])."',
`email`='$myemail', `result`='Failed to make a connection to the mail server'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
return _("Failed to make a connection to the mail server");
}
@@ -699,8 +720,8 @@
$query = "select * from `$table` where `id`='".intval($certid)."' and `crt` != ''";
else
$query = "select * from `$table` where `id`='".intval($certid)."' and `crt_name` != ''";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
$found = 1;
break;
@@ -712,10 +733,10 @@
{
if($show) showheader(_("My CAcert.org Account!"));
$query = "select * from `$table` where `id`='".intval($certid)."' ";
- $res = mysql_query($query);
+ $res = mysqli_query($_SESSION['mconn'], $query);
$body="";
$subject="";
- if(mysql_num_rows($res) > 0)
+ if(mysqli_num_rows($res) > 0)
{
printf(_("Your certificate request is still queued and hasn't been processed yet. Please wait, and go to Certificates -> View to see it's status."));
$subject="[CAcert.org] Certificate TIMEOUT";
@@ -742,8 +763,8 @@
function generateTicket()
{
$query = "insert into tickets (timestamp) values (now()) ";
- mysql_query($query);
- $ticket = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'], $query);
+ $ticket = mysqli_insert_id($_SESSION['mconn']);
return $ticket;
}
@@ -871,17 +892,17 @@
/**
* Run the sql query given in $sql.
- * The resource returned by mysql_query is
+ * The resource returned by mysqli_query is
* returned by this function.
*
- * It should be safe to replace every mysql_query
- * call by a mysql_extended_query call.
+ * It should be safe to replace every mysqli_query
+ * call by a mysqli_extended_query call.
*/
function mysql_timed_query($sql)
{
global $sql_data_log;
$query_start = microtime(true);
- $res = mysql_query($sql);
+ $res = mysqli_query($_SESSION['mconn'], $sql);
$query_end = microtime(true);
$sql_data_log[] = array("sql" => $sql, "duration" => $query_end - $query_start);
return $res;
diff --git a/includes/general_stuff.php b/includes/general_stuff.php
index 10c4e0a..a9c462f 100644
--- a/includes/general_stuff.php
+++ b/includes/general_stuff.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -24,8 +24,8 @@ if(!function_exists("showheader"))
{
?> <div id="pagecell1">
<div id="pageName"><br>
- <div id="pageLogo"><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="/images/cacert4.png" border="0" alt="CAcert.org logo"></a></div>
-<div id="googlead"><? if(!array_key_exists('HTTPS',$_SERVER) || $_SERVER['HTTPS'] != "on") { ?><script type="text/javascript">
+ <div id="pageLogo"><a href="http://<?php echo $_SESSION['_config']['normalhostname']?>"><img src="/images/cacert4.png" border="0" alt="CAcert.org logo"></a></div>
+<div id="googlead"><?php if(!array_key_exists('HTTPS',$_SERVER) || $_SERVER['HTTPS'] != "on") { ?><script type="text/javascript">
<!--
google_ad_client = "pub-0959373285729680";
google_alternate_ad_url = "http://www.cacert.org/";
@@ -38,52 +38,50 @@ google_color_text = "000000";
google_color_border = "FFFFFF";
//-->
</script>
-<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><? } else {
-?><h2><?=_("Free digital certificates!")?></h2><? } ?></div>
+<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><?php } else {
+?><h2><?php echo _("Free digital certificates!")?></h2><?php } ?></div>
</div>
<div id="pageNav">
<div class="relatedLinks">
- <h3><?=_("Join CAcert.org")?></h3>
- <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=1"><?=_("Join")?></a>
- <? } ?>
- <a href="/policy/CAcertCommunityAgreement.html"><?=_("Community Agreement")?></a>
- <a href="/index.php?id=3"><?=_("Root Certificate")?></a>
+ <h3><?php echo _("Join CAcert.org")?></h3>
+ <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=1"><?php echo _("Join")?></a>
+ <?php } ?>
+ <a href="/policy/CAcertCommunityAgreement.html"><?php echo _("Community Agreement")?></a>
+ <a href="/index.php?id=3"><?php echo _("Root Certificate")?></a>
</div>
- <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+ <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
<div class="relatedLinks">
- <h3 class="pointer"><?=_("My Account")?></h3>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Password Login")?></a>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?=_("Net Cafe Login")?></a>
- <a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Certificate Login")?></a>
+ <h3 class="pointer"><?php echo _("My Account")?></h3>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=4"><?php echo _("Password Login")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=5"><?php echo _("Lost Password")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?php echo _("Net Cafe Login")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['securehostname']?>/index.php?id=4"><?php echo _("Certificate Login")?></a>
</div>
- <? } ?>
- <? include("about_menu.php"); ?>
+ <?php } ?>
+ <?php include("about_menu.php"); ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('trans')">+ <?=_("Translations")?></h3>
- <ul class="menu" id="trans"><? foreach(L10n::$translations as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?=$key?>"><?=$val?></a></li><? } ?></ul>
+ <h3 class="pointer" onclick="explode('trans')">+ <?php echo _("Translations")?></h3>
+ <ul class="menu" id="trans"><?php foreach(L10n::$translations as $key => $val) { ?><li><a href="<?php echo $_SERVER['SCRIPT_NAME']?>?id=<?php echo intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?php echo $key?>"><?php echo $val?></a></li><?php } ?></ul>
</div>
- <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+ <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
<div class="relatedLinks">
- <h3 class="pointer" onclick="explode('recom')"><?=_("Advertising")?></h3>
- <ul class="menu" id="recom"><?
- $query = "select * from `advertising` where `expires`>NOW() and `active`=1";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ <h3 class="pointer" onclick="explode('recom')"><?php echo _("Advertising")?></h3>
+ <ul class="menu" id="recom"><?php $query = "select * from `advertising` where `expires`>NOW() and `active`=1";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
echo "<li><a href='$row[link]' target='_blank'>$row[title]</a></li>";
?></ul>
</div>
- <? } ?>
+ <?php } ?>
</div>
<div id="content">
<div class="story">
-<? if($title2!="") echo "<h3>$title2</h3>"; ?>
-<? if($_SESSION['_config']['errmsg'] != "") { ?>
-<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
-<? } ?>
-<?
-
+<?php if($title2!="") echo "<h3>$title2</h3>"; ?>
+<?php if($_SESSION['_config']['errmsg'] != "") { ?>
+<p><font color="#ff0000" size="+2"><?php echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
+<?php } ?>
+<?php
}
function showheader($title = "CAcert.org", $title2 = "")
@@ -93,8 +91,8 @@ google_color_border = "FFFFFF";
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
-<title><?=$title?></title>
-<? if(array_key_exists("header",$_SESSION['_config']) && $_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
+<title><?php echo $title?></title>
+<?php if(array_key_exists("header",$_SESSION['_config']) && $_SESSION['_config']['header'] != "") { ?><?php echo $_SESSION['_config']['header']?><?php } ?>
<link rel="stylesheet" href="/styles/default.css" type="text/css">
<link href="http://blog.CAcert.org/feed/" rel="alternate" type="application/rss+xml" title="rss">
<script language="JavaScript" type="text/javascript">
@@ -119,8 +117,7 @@ function hideall() {
</script>
</head>
<body onload="hideall();">
-<?
- showbodycontent($title,$title2);
+<?php showbodycontent($title,$title2);
}
}
@@ -131,15 +128,14 @@ if(!function_exists("showfooter"))
?>
</div>
</div>
- <? include("sponsorinfo.php") ?>
+ <?php include("sponsorinfo.php") ?>
<div id="siteInfo">
- <a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
- <a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> |
- <a href="/index.php?id=51"><?=_("Mission Statement")?></a> | <a href="/index.php?id=11"><?=_("Contact Us")?></a> |
- &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
+ <a href="//wiki.cacert.org/FAQ/AboutUs"><?php echo _("About Us")?></a> | <a href="/index.php?id=13"><?php echo _("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?php echo _("Association Membership")?></a> |
+ <a href="/policy/PrivacyPolicy.html"><?php echo _("Privacy Policy")?></a> |
+ <a href="/index.php?id=51"><?php echo _("Mission Statement")?></a> | <a href="/index.php?id=11"><?php echo _("Contact Us")?></a> |
+ &copy;2002-<?php echo date("Y")?> <?php echo _("by CAcert")?></div>
</div>
</body>
-</html><?
- }
+</html><?php }
}
?>
diff --git a/includes/keygen.php b/includes/keygen.php
index 15dee8a..a7db1ea 100644
--- a/includes/keygen.php
+++ b/includes/keygen.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2011 CAcert Inc.
@@ -19,14 +19,14 @@
if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
<noscript>
- <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
- <p><?=_('If you don\'t want to do that for any reason, you can use '.
+ <p><?php echo _('You have to enable JavaScript to generate certificates in the browser.')?></p>
+ <p><?php echo _('If you don\'t want to do that for any reason, you can use '.
'manually created certificate requests instead.')?></p>
</noscript>
<div id="noActiveX" style="color:red">
- <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
- <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
+ <p><?php echo _('Could not initialize ActiveX object required for certificate generation.')?></p>
+ <p><?php echo _('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
'later versions you have to add this website to the list of trusted sites '.
'in the internet settings.')?></p>
<p><?php
@@ -43,29 +43,29 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A
<form method="post" style="display:none" action="account.php"
id="CertReqForm">
- <input type="hidden" name="oldid" value="<?=intval($id)?>" />
+ <input type="hidden" name="oldid" value="<?php echo intval($id)?>" />
<input type="hidden" id="CSR" name="CSR" />
<input type="hidden" name="keytype" value="MS" />
- <p><?=_('Security level')?>:
+ <p><?php echo _('Security level')?>:
<select id="SecurityLevel">
- <option value="high" selected="selected"><?=_('High')?></option>
- <option value="medium"><?=_('Medium')?></option>
- <option value="custom"><?=_('Custom')?>&hellip;</option>
+ <option value="high" selected="selected"><?php echo _('High')?></option>
+ <option value="medium"><?php echo _('Medium')?></option>
+ <option value="custom"><?php echo _('Custom')?>&hellip;</option>
</select>
</p>
<fieldset id="customSettings" style="display:none">
- <legend><?=_('Custom Parameters')?></legend>
+ <legend><?php echo _('Custom Parameters')?></legend>
- <p><?=_('Cryptography Provider')?>:
+ <p><?php echo _('Cryptography Provider')?>:
<select id="CspProvider"></select>
</p>
- <p><?=_('Algorithm')?>: <select id="algorithm"></select></p>
- <p><?=_('Keysize')?>:
+ <p><?php echo _('Algorithm')?>: <select id="algorithm"></select></p>
+ <p><?php echo _('Keysize')?>:
<input id="keySize" type="number" />
- <?=_('Minimum Size')?>: <span id="keySizeMin"></span>,
- <?=_('Maximum Size')?>: <span id="keySizeMax"></span>,
+ <?php echo _('Minimum Size')?>: <span id="keySizeMin"></span>,
+ <?php echo _('Maximum Size')?>: <span id="keySizeMax"></span>,
<?php
// TRANSLATORS: this specifies the step between two valid key
// sizes. E.g. if the step is 512 and the minimum is 1024 and
@@ -79,33 +79,33 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A
</p>
</fieldset>
- <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
+ <p><input type="submit" id="GenReq" name="GenReq" value="<?php echo _('Create Certificate')?>" /></p>
<p id="generatingKeyNotice" style="display:none">
- <?=_('Generating your key. Please wait')?>&hellip;</p>
+ <?php echo _('Generating your key. Please wait')?>&hellip;</p>
</form>
<!-- Error messages used in the JavaScript. Defined here so they can be
translated without passing the JavaScript code through PHP -->
<p id="createRequestErrorChooseAlgorithm" style="display:none">
- <?=_('Could not generate certificate request. Probably you need to '.
+ <?php echo _('Could not generate certificate request. Probably you need to '.
'choose a different algorithm.')?>
</p>
<p id="createRequestErrorConfirmDialogue" style="display:none">
- <?=_('Could not generate certificate request. Please confirm the '.
+ <?php echo _('Could not generate certificate request. Please confirm the '.
'dialogue if you are asked if you want to generate the key.')?>
</p>
<p id="createRequestErrorConnectDevice" style="display:none">
- <?=_('Could not generate certificate request. Please make sure the '.
+ <?php echo _('Could not generate certificate request. Please make sure the '.
'cryptography device (e.g. the smartcard) is connected.')?>
</p>
<p id="createRequestError" style="display:none">
- <?=_('Could not generate certificate request.')?>
+ <?php echo _('Could not generate certificate request.')?>
</p>
<p id="invalidKeySizeError" style="display:none">
- <?=_('You have specified an invalid key size')?>
+ <?php echo _('You have specified an invalid key size')?>
</p>
<p id="unsupportedPlatformError" style="display:none">
- <?=_('Could not initialize the cryptographic module for your '.
+ <?php echo _('Could not initialize the cryptographic module for your '.
'platform. Currently we support Microsoft Windows XP, Vista '.
'and 7. If you\'re using one of these platforms and see this '.
'error message anyway you might have to enable ActiveX as '.
@@ -115,14 +115,14 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A
<script type="text/javascript" src="keygenIE.js"></script>
-<? } else { ?>
+<?php } else { ?>
<p>
<form method="post" action="account.php">
<input type="hidden" name="keytype" value="NS">
- <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
+ <?php echo _("Keysize:")?> <keygen name="SPKAC" challenge="<?php $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
- <input type="submit" name="submit" value="<?=_("Generate key pair within browser")?>">
- <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="submit" name="submit" value="<?php echo _("Generate key pair within browser")?>">
+ <input type="hidden" name="oldid" value="<?php echo intval($id)?>">
</form>
</p>
-<? }
+<?php }
diff --git a/includes/lib/account.php b/includes/lib/account.php
index dd8afd3..26a29ce 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -55,7 +55,7 @@ function fix_assurer_flag($userID = NULL)
AND `n`.`deleted` = 0
) >= 100';
- $query = mysql_query($sql);
+ $query = mysqli_query($_SESSION['mconn'], $sql);
if (!$query) {
return false;
}
@@ -91,7 +91,7 @@ function fix_assurer_flag($userID = NULL)
) < 100
)';
- $query = mysql_query($sql);
+ $query = mysqli_query($_SESSION['mconn'], $sql);
if (!$query) {
return false;
}
diff --git a/includes/lib/general.php b/includes/lib/general.php
index 127c6b7..5468041 100644
--- a/includes/lib/general.php
+++ b/includes/lib/general.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2011 CAcert Inc.
@@ -32,15 +32,15 @@
function get_user_id_from_cert($serial, $issuer_cn)
{
$query = "select `memid` from `emailcerts` where
- `serial`='".mysql_escape_string($serial)."' and
+ `serial`='".mysqli_real_escape_string($_SESSION['mconn'], $serial)."' and
`rootcert`= (select `id` from `root_certs` where
- `Cert_Text`='".mysql_escape_string($issuer_cn)."') and
+ `Cert_Text`='".mysqli_real_escape_string($_SESSION['mconn'], $issuer_cn)."') and
`revoked`=0 and disablelogin=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
return intval($row['memid']);
}
@@ -139,21 +139,21 @@ function runCommand($command, $input = "", &$output = null, &$errors = true) {
function get_assurer_status($userID)
{
$Result = 0;
- $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
+ $query = mysqli_query($_SESSION['mconn'], 'SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
- if(mysql_num_rows($query) < 1)
+ if(mysqli_num_rows($query) < 1)
{
$Result |= 5;
}
- $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now() and `deleted` = 0');
- $row = mysql_fetch_assoc($query);
+ $query = mysqli_query($_SESSION['mconn'], 'SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now() and `deleted` = 0');
+ $row = mysqli_fetch_assoc($query);
if ($row['points'] < 100) {
$Result |= 3;
}
- $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
- $row = mysql_fetch_assoc($query);
+ $query = mysqli_query($_SESSION['mconn'], 'SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
+ $row = mysqli_fetch_assoc($query);
if ($row['assurer_blocked'] > 0) {
$Result |= 9;
}
diff --git a/includes/lib/l10n.php b/includes/lib/l10n.php
index 4859946..23b21b8 100644
--- a/includes/lib/l10n.php
+++ b/includes/lib/l10n.php
@@ -170,7 +170,7 @@ class L10n {
foreach($languages as $lang => $qvalue)
{
// ignore any non-conforming values (that's why we don't need to
- // mysql_real_escape() or escapeshellarg(), but take care of
+ // mysqli_real_escape_string($_SESSION['mconn'], ) or escapeshellarg(), but take care of
// the '*')
// spec: ( ( 1*8ALPHA *( "-" 1*8ALPHA ) ) | "*" )
if ( preg_match('/^(?:([a-zA-Z]{1,8})(?:-[a-zA-Z]{1,8})*|\*)$/',
@@ -360,9 +360,9 @@ class L10n {
//returns the language of a recipient to make sure that the language is correct
//use together with
$query = "select `language` from `users` where `id`='".intval($accountid)."'";
- $res = mysql_query($query);
- if (mysql_num_rows($res)>=0) {
- $row = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if (mysqli_num_rows($res)>=0) {
+ $row = mysqli_fetch_assoc($res);
if (NULL==$row['language'] || $row['language']=='') {
self::set_translation('en');
} else {
diff --git a/includes/loggedin.php b/includes/loggedin.php
index c14f8c2..d2c229a 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -44,7 +44,7 @@
//session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($uid)."'"));
+ $_SESSION['profile'] = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($uid)."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else
@@ -70,7 +70,7 @@
//session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ $_SESSION['profile'] = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'],
"select * from `users` where `id`='".intval($user_id)."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
@@ -103,15 +103,15 @@
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)
{
$query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
- $res = mysql_query($query);
- $row = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ $row = mysqli_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
if($_SESSION['profile']['language'] == "")
{
$query = "update `users` set `language`='".L10n::get_translation()."'
where `id`='".intval($_SESSION['profile']['id'])."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
} else {
L10n::set_translation($_SESSION['profile']['language']);
L10n::init_gettext();
diff --git a/includes/mysql.php.sample b/includes/mysql.php.sample
index 77be95f..927c17f 100644
--- a/includes/mysql.php.sample
+++ b/includes/mysql.php.sample
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,13 +16,14 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- $_SESSION['mconn'] = mysql_connect("127.0.0.1", "username", "password");
- if ($_SESSION['mconn'] != FALSE)
- {
- mysql_select_db("database");
- $_SESSION['mconn'] = TRUE;
- }
- $_SESSION['_config']['normalhostname'] = "www.cacert.org";
+ $_SESSION['mconn'] = mysqli_connect("127.0.0.1", "username", "password", "database");
+
+// if (!$_SESSION['mconn']) {
+// die('Connect Error (' . mysqli_connect_errno() . ') '
+// . mysqli_connect_error());
+// }
+
+ $_SESSION['_config']['normalhostname'] = "www.cacert.org";
$_SESSION['_config']['securehostname'] = "secure.cacert.org";
$_SESSION['_config']['tverify'] = "tverify.cacert.org";
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index 3b8e736..3c896bf 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2011 CAcert Inc.
@@ -21,18 +21,18 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function query_init ($query)
{
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
function query_getnextrow ($res)
{
- $row1 = mysql_fetch_assoc($res);
+ $row1 = mysqli_fetch_assoc($res);
return $row1;
}
function query_get_number_of_rows ($resultset)
{
- return intval(mysql_num_rows($resultset));
+ return intval(mysqli_num_rows($resultset));
}
function get_number_of_assurances ($userid)
@@ -125,7 +125,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function get_user ($userid)
{
$res = query_init ("select * from `users` where `id`='".intval($userid)."'");
- return mysql_fetch_assoc($res);
+ return mysqli_fetch_assoc($res);
}
function get_cats_state ($userid)
@@ -133,7 +133,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
$res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1
WHERE `cats_passed`.`user_id` = '".intval($userid)."'");
- return mysql_num_rows($res);
+ return mysqli_num_rows($res);
}
@@ -333,18 +333,17 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td class="title"><?=_("Assurer Ranking")?></td>
+ <td class="title"><?php echo _("Assurer Ranking")?></td>
</tr>
<tr>
- <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
+ <td class="DataTD"><?php echo sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td>
</tr>
<tr>
- <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
+ <td class="DataTD"><?php echo sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td>
</tr>
</table>
<br/>
-<?
- }
+<?php }
/**
* Render header for the assurance table (same for given/received)
@@ -368,36 +367,31 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="<?=$colspan?>" class="title"><?=$title?></td>
+ <td colspan="<?php echo $colspan?>" class="title"><?php echo $title?></td>
</tr>
<tr>
- <td class="DataTD"><strong><?=_("ID")?></strong></td>
- <td class="DataTD"><strong><?=_("Date")?></strong></td>
-<?
- if ($support == 1)
+ <td class="DataTD"><strong><?php echo _("ID")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Date")?></strong></td>
+<?php if ($support == 1)
{
?>
- <td class="DataTD"><strong><?=_("When")?></strong></td>
- <td class="DataTD"><strong><?=_("Email")?></strong></td>
-<?
- }
+ <td class="DataTD"><strong><?php echo _("When")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Email")?></strong></td>
+<?php }
?>
- <td class="DataTD"><strong><?=_("Who")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Location")?></strong></td>
- <td class="DataTD"><strong><?=_("Method")?></strong></td>
- <td class="DataTD"><strong><?=_("Experience Points")?></strong></td>
-<?
- if ($log == 1)
+ <td class="DataTD"><strong><?php echo _("Who")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Points")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Location")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Method")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Experience Points")?></strong></td>
+<?php if ($log == 1)
{
?>
- <td class="DataTD"><strong><?=_("Revoked")?></strong></td>
-<?
- }
+ <td class="DataTD"><strong><?php echo _("Revoked")?></strong></td>
+<?php }
?>
</tr>
-<?
- }
+<?php }
/**
* Render footer for the assurance table (same for given/received)
@@ -418,24 +412,21 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
{
?>
<tr>
- <td colspan="<?=($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?=$points_txt?>:</strong></td>
- <td class="DataTD"><?=intval($sumpoints)?></td>
+ <td colspan="<?php echo ($support == 1) ? 5 : 3 ?>" class="DataTD"><strong><?php echo $points_txt?>:</strong></td>
+ <td class="DataTD"><?php echo intval($sumpoints)?></td>
<td class="DataTD">&nbsp;</td>
- <td class="DataTD"><strong><?=$experience_txt?>:</strong></td>
- <td class="DataTD"><?=intval($sumexperience)?></td>
-<?
- if ($log == 1)
+ <td class="DataTD"><strong><?php echo $experience_txt?>:</strong></td>
+ <td class="DataTD"><?php echo intval($sumexperience)?></td>
+<?php if ($log == 1)
{
?>
<td class="DataTD">&nbsp;</td>
-<?
- }
+<?php }
?>
</tr>
</table>
<br/>
-<?
- }
+<?php }
/**
* Render an assurance for a view
@@ -489,80 +480,70 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
}
?>
<tr>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td>
-<?
- if ($support == 1)
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $assuranceid?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $date?><?php echo $emclose?></td>
+<?php if ($support == 1)
{
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$when?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$email?><?=$emclose?></td>
-<?
- }
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $when?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $email?><?php echo $emclose?></td>
+<?php }
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=sanitizeHTML($location)?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?$experience:'&nbsp;'?><?=$emclose?></td>
-<?
- if ($log == 1)
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $name?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $revoked ? sprintf("<strong style='color: red'>%s</strong>",_("Revoked")) : $awarded?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo sanitizeHTML($location)?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $method?><?php echo $emclose?></td>
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><?php echo $experience?$experience:'&nbsp;'?><?php echo $emclose?></td>
+<?php if ($log == 1)
{
if ($revoked == true)
{
?>
- <td class="DataTD" <?=$tdstyle?>><?=$assurance['deleted']?></td>
-<?
- } elseif ($support == 1) {
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $assurance['deleted']?></td>
+<?php } elseif ($support == 1) {
?>
- <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&amp;userid=<?=intval($userid)?>&amp;assurance=<?=intval($assuranceid)?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?=_("Revoke")?></a><?=$emclose?></td>
-<?
- } else {
+ <td class="DataTD" <?php echo $tdstyle?>><?php echo $emopen?><a href="account.php?id=43&amp;userid=<?php echo intval($userid)?>&amp;assurance=<?php echo intval($assuranceid)?>&amp;csrf=<?php echo make_csrf('admdelassurance')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>" onclick="return confirm('<?php echo sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),$assuranceid)?>');"><?php echo _("Revoke")?></a><?php echo $emclose?></td>
+<?php } else {
?>
- <td class="DataTD" <?=$tdstyle?>>&nbsp;</td>
-<?
- }
+ <td class="DataTD" <?php echo $tdstyle?>>&nbsp;</td>
+<?php }
}
?>
</tr>
-<?
- }
+<?php }
function output_summary_header()
{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="4" class="title"><?=_("Summary of your Points")?></td>
+ <td colspan="4" class="title"><?php echo _("Summary of your Points")?></td>
</tr>
<tr>
- <td class="DataTD"><strong><?=_("Description")?></strong></td>
- <td class="DataTD"><strong><?=_("Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Countable Points")?></strong></td>
- <td class="DataTD"><strong><?=_("Remark")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Description")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Points")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Countable Points")?></strong></td>
+ <td class="DataTD"><strong><?php echo _("Remark")?></strong></td>
</tr>
-<?
- }
+<?php }
function output_summary_footer()
{
?>
</table>
<br/>
-<?
- }
+<?php }
function output_summary_row($title,$points,$points_countable,$remark)
{
?>
<tr>
- <td class="DataTD"><strong><?=$title?></strong></td>
- <td class="DataTD"><?=$points?></td>
- <td class="DataTD"><?=$points_countable?></td>
- <td class="DataTD"><?=$remark?></td>
+ <td class="DataTD"><strong><?php echo $title?></strong></td>
+ <td class="DataTD"><?php echo $points?></td>
+ <td class="DataTD"><?php echo $points_countable?></td>
+ <td class="DataTD"><?php echo $remark?></td>
</tr>
-<?
- }
+<?php }
// ************* output given assurances ******************
@@ -587,7 +568,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
$sum_points = 0;
$sumexperience = 0;
$res = get_given_assurances(intval($userid), $log);
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
$assuree = get_user(intval($row['to']));
calc_experience($row, $sum_points, $sum_experience);
@@ -617,7 +598,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
$sum_points = 0;
$sumexperience = 0;
$res = get_received_assurances(intval($userid), $log);
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
$fromuser = get_user(intval($row['from']));
calc_assurances($row, $sum_points, $sum_experience);
@@ -661,7 +642,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
}
$res = get_received_assurances_summary($userid);
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
$points = calc_awarded($row);
@@ -674,7 +655,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
}
$res = get_given_assurances_summary($userid);
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
switch ($row['method'])
{
@@ -840,9 +821,8 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function output_end_of_page()
{
?>
- <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
-<?
- }
+ <p>[ <a href='javascript:history.go(-1)'><?php echo _("Go Back")?></a> ]</p>
+<?php }
//functions to do with recording user agreements
/**
@@ -860,8 +840,8 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
// write a new record to the table user_agreement
$query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
- ",`document`='".mysql_real_escape_string($document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysql_real_escape_string($method)."',`comment`='".mysql_real_escape_string($comment)."'" ;
- $res = mysql_query($query);
+ ",`document`='".mysqli_real_escape_string($_SESSION['mconn'], $document)."',`date`=NOW(), `active`=".intval($active).",`method`='".mysqli_real_escape_string($_SESSION['mconn'], $method)."',`comment`='".mysqli_real_escape_string($_SESSION['mconn'], $comment)."'" ;
+ $res = mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -873,9 +853,9 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
*/
function get_user_agreement_status($memid, $type="CCA"){
$query="SELECT u.`document` FROM `user_agreements` u
- WHERE u.`document` = '" . mysql_real_escape_string($type) . "' AND u.`memid`=" . intval($memid) ;
- $res = mysql_query($query);
- if(mysql_num_rows($res) <=0){
+ WHERE u.`document` = '" . mysqli_real_escape_string($_SESSION['mconn'], $type) . "' AND u.`memid`=" . intval($memid) ;
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <=0){
return 0;
}else{
return 1;
@@ -897,7 +877,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function get_first_user_agreement($memid, $type=null, $active=null){
$filter = '';
if (!is_null($type)) {
- $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+ $filter .= " AND u.`document` = '".mysqli_real_escape_string($_SESSION['mconn'], $type)."'";
}
if (!is_null($active)) {
@@ -908,9 +888,9 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
WHERE u.`memid`=".intval($memid)."
$filter
ORDER BY u.`date` LIMIT 1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) >0){
- $rec = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) >0){
+ $rec = mysqli_fetch_assoc($res);
}else{
$rec=array();
}
@@ -932,7 +912,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function get_last_user_agreement($memid, $type=null, $active=null){
$filter = '';
if (!is_null($type)) {
- $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+ $filter .= " AND u.`document` = '".mysqli_real_escape_string($_SESSION['mconn'], $type)."'";
}
if (!is_null($active)) {
@@ -943,9 +923,9 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
WHERE u.`memid`=".intval($memid)."
$filter
ORDER BY u.`date` DESC LIMIT 1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) >0){
- $rec = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) >0){
+ $rec = mysqli_fetch_assoc($res);
}else{
$rec=array();
}
@@ -966,7 +946,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00');
function get_user_agreements($memid, $type=null, $active=null){
$filter = '';
if (!is_null($type)) {
- $filter .= " AND u.`document` = '".mysql_real_escape_string($type)."'";
+ $filter .= " AND u.`document` = '".mysqli_real_escape_string($_SESSION['mconn'], $type)."'";
}
if (!is_null($active)) {
@@ -977,7 +957,7 @@ function get_user_agreements($memid, $type=null, $active=null){
WHERE u.`memid`=".intval($memid)."
$filter
ORDER BY u.`date`";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -991,9 +971,9 @@ function get_user_agreements($memid, $type=null, $active=null){
if ($type === false) {
$filter = '';
} else {
- $filter = " and `document` = '" . mysql_real_escape_string($type) . "'";
+ $filter = " and `document` = '" . mysqli_real_escape_string($_SESSION['mconn'], $type) . "'";
}
- mysql_query("delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
+ mysqli_query($_SESSION['mconn'], "delete from `user_agreements` where `memid`=" . intval($memid) . $filter );
}
// functions for 6.php (assure somebody)
@@ -1004,87 +984,78 @@ function get_user_agreements($memid, $type=null, $active=null){
<form method="post" action="wot.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600">
<tr>
- <td colspan="2" class="title"><?=$confirmation?></td>
+ <td colspan="2" class="title"><?php echo $confirmation?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2" align="left"><?=$checkname?></td>
+ <td class="DataTD" colspan="2" align="left"><?php echo $checkname?></td>
</tr>
-<?
- }
+<?php }
function AssureTextLine($field1,$field2)
{
?>
<tr>
- <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
- <td class="DataTD"><?=$field2?></td>
+ <td class="DataTD"><?php echo $field1.(empty($field1)?'':':')?></td>
+ <td class="DataTD"><?php echo $field2?></td>
</tr>
-<?
- }
+<?php }
function AssureBoxLine($type,$text,$checked)
{
?>
<tr>
- <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td>
- <td class="DataTD"><?=$text?></td>
+ <td class="DataTD"><input type="checkbox" name="<?php echo $type?>" value="1" <?php echo $checked?"checked":""?>></td>
+ <td class="DataTD"><?php echo $text?></td>
</tr>
-<?
- }
+<?php }
function AssureMethodLine($text,$methods,$remark)
{
if (count($methods) != 1) {
?>
<tr>
- <td class="DataTD"><?=$text.(empty($text)?'':':')?></td>
+ <td class="DataTD"><?php echo $text.(empty($text)?'':':')?></td>
<td class="DataTD">
<select name="method">
-<?
- foreach($methods as $val) {
+<?php foreach($methods as $val) {
?>
- <option value="<?=$val?>"><?=$val?></option>
-<?
- }
+ <option value="<?php echo $val?>"><?php echo $val?></option>
+<?php }
?>
</select>
<br />
- <?=$remark?>
+ <?php echo $remark?>
</td>
</tr>
-<?
- } else {
+<?php } else {
?>
- <input type="hidden" name="method" value="<?=$methods[0]?>" />
-<?
- }
+ <input type="hidden" name="method" value="<?php echo $methods[0]?>" />
+<?php }
}
function AssureInboxLine($type,$field,$value,$description)
{
?>
<tr>
- <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
- <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
+ <td class="DataTD"><?php echo $field.(empty($field)?'':':')?></td>
+ <td class="DataTD"><input type="text" name="<?php echo $type?>" value="<?php echo $value?>"><?php echo $description?></td>
</tr>
-<?
- }
+<?php }
function AssureFoot($oldid,$confirm)
{
?>
<tr>
<td class="DataTD" colspan="2">
- <input type="submit" name="process" value="<?=$confirm?>" />
- <input type="submit" name="cancel" value="<?=_("Cancel")?>" />
+ <input type="submit" name="process" value="<?php echo $confirm?>" />
+ <input type="submit" name="cancel" value="<?php echo _("Cancel")?>" />
</td>
</tr>
</table>
-<input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>" />
-<input type="hidden" name="oldid" value="<?=$oldid?>" />
+<input type="hidden" name="pagehash" value="<?php echo $_SESSION['_config']['wothash']?>" />
+<input type="hidden" name="oldid" value="<?php echo $oldid?>" />
</form>
-<?
- }
+<?php }
function account_email_delete($mailid){
//deletes an email entry from an acount
@@ -1095,7 +1066,7 @@ function get_user_agreements($memid, $type=null, $active=null){
$mailid = intval($mailid);
revoke_all_client_cert($mailid);
$query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
}
function account_domain_delete($domainid){
@@ -1106,7 +1077,7 @@ function get_user_agreements($memid, $type=null, $active=null){
//called from account_delete
$domainid = intval($domainid);
revoke_all_server_cert($domainid);
- mysql_query(
+ mysqli_query($_SESSION['mconn'],
"update `domains`
set `deleted`=NOW()
where `id` = '$domainid'");
@@ -1117,7 +1088,7 @@ function get_user_agreements($memid, $type=null, $active=null){
// called from www/account.php if($oldid == 50 && $process != "")
//change password
$id = intval($id);
- $arbno = mysql_real_escape_string($arbno);
+ $arbno = mysqli_real_escape_string($_SESSION['mconn'], $arbno);
$adminid = intval($adminid);
$pool = 'abcdefghijklmnopqrstuvwxyz';
$pool .= '0123456789!()ยง';
@@ -1128,33 +1099,33 @@ function get_user_agreements($memid, $type=null, $active=null){
{
$password .= substr($pool,(rand()%(strlen ($pool))), 1);
}
- mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
+ mysqli_query($_SESSION['mconn'], "update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
//create new mail for arbitration number
$query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
- mysql_query($query);
- $emailid = mysql_insert_id();
+ mysqli_query($_SESSION['mconn'], $query);
+ $emailid = mysqli_insert_id($_SESSION['mconn']);
//set new mail as default
$query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
//delete all other email address
$query = "select `id` from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
- $res=mysql_query($query);
- while($row = mysql_fetch_assoc($res)){
+ $res=mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res)){
account_email_delete($row['id']);
}
//delete all domains
$query = "select `id` from `domains` where `memid`='".$id."'";
- $res=mysql_query($query);
- while($row = mysql_fetch_assoc($res)){
+ $res=mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res)){
account_domain_delete($row['id']);
}
//clear alert settings
- mysql_query(
+ mysqli_query($_SESSION['mconn'],
"update `alerts` set
`general`='0',
`country`='0',
@@ -1164,17 +1135,17 @@ function get_user_agreements($memid, $type=null, $active=null){
//set default location
$query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
//clear listings
$query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
//set lanuage to default
//set default language
- mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
+ mysqli_query($_SESSION['mconn'], "update `users` set `language`='en_AU' where `id`='".$id."'");
//delete secondary langugaes
- mysql_query("delete from `addlang` where `userid`='".$id."'");
+ mysqli_query($_SESSION['mconn'], "delete from `addlang` where `userid`='".$id."'");
//change secret questions
for($i=1;$i<=5;$i++){
@@ -1186,7 +1157,7 @@ function get_user_agreements($memid, $type=null, $active=null){
$a .= substr($pool,(rand()%(strlen ($pool))), 1);
}
$query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
}
//change personal information to arbitration number and DOB=1900-01-01
@@ -1196,10 +1167,10 @@ function get_user_agreements($memid, $type=null, $active=null){
`suffix`='".$arbno."',
`dob`='1900-01-01'
where `id`='".$id."'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
//clear all admin and board flags
- mysql_query(
+ mysqli_query($_SESSION['mconn'],
"update `users` set
`assurer`='0',
`assurer_blocked`='0',
@@ -1214,17 +1185,17 @@ function get_user_agreements($memid, $type=null, $active=null){
where `id`='$id'");
//block account
- mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
+ mysqli_query($_SESSION['mconn'], "update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
}
function check_email_exists($email){
// called from includes/account.php if($process != "" && $oldid == 1)
// called from includes/account.php if($oldid == 50 && $process != "")
- $email = mysql_real_escape_string($email);
+ $email = mysqli_real_escape_string($_SESSION['mconn'], $email);
$query = "select 1 from `email` where `email`='$email' and `deleted`=0";
- $res = mysql_query($query);
- return mysql_num_rows($res) > 0;
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ return mysqli_num_rows($res) > 0;
}
function check_gpg_cert_running($uid,$cca=0){
@@ -1236,8 +1207,8 @@ function get_user_agreements($memid, $type=null, $active=null){
}else{
$query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
}
- $res = mysql_query($query);
- return mysql_num_rows($res) > 0;
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ return mysqli_num_rows($res) > 0;
}
function check_client_cert_running($uid,$cca=0){
@@ -1251,10 +1222,10 @@ function get_user_agreements($memid, $type=null, $active=null){
$query1 = "select 1 from `emailcerts` where `memid`='$uid' and `expire`>(NOW()-90*86400) and `revoked`<`created`";
$query2 = "select 1 from `emailcerts` where `memid`='$uid' and `revoked`>(NOW()-90*86400)";
}
- $res = mysql_query($query1);
- $r1 = mysql_num_rows($res)>0;
- $res = mysql_query($query2);
- $r2 = mysql_num_rows($res)>0;
+ $res = mysqli_query($_SESSION['mconn'], $query1);
+ $r1 = mysqli_num_rows($res)>0;
+ $res = mysqli_query($_SESSION['mconn'], $query2);
+ $r2 = mysqli_num_rows($res)>0;
return !!($r1 || $r2);
}
@@ -1287,10 +1258,10 @@ function get_user_agreements($memid, $type=null, $active=null){
where `domains`.`memid` = '$uid'
and `revoked`>(NOW()-90*86400)";
}
- $res = mysql_query($query1);
- $r1 = mysql_num_rows($res)>0;
- $res = mysql_query($query2);
- $r2 = mysql_num_rows($res)>0;
+ $res = mysqli_query($_SESSION['mconn'], $query1);
+ $r1 = mysqli_num_rows($res)>0;
+ $res = mysqli_query($_SESSION['mconn'], $query2);
+ $r2 = mysqli_num_rows($res)>0;
return !!($r1 || $r2);
}
@@ -1298,8 +1269,8 @@ function get_user_agreements($memid, $type=null, $active=null){
// called from includes/account.php if($oldid == 50 && $process != "")
$uid = intval($uid);
$query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
- $res = mysql_query($query);
- return mysql_num_rows($res) > 0;
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ return mysqli_num_rows($res) > 0;
}
@@ -1311,9 +1282,9 @@ function get_user_agreements($memid, $type=null, $active=null){
from `emaillink`,`emailcerts` where
`emaillink`.`emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `emailcerts`.`revoked`=0
group by `emailcerts`.`id`";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres)){
- mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ while($drow = mysqli_fetch_assoc($dres)){
+ mysqli_query($_SESSION['mconn'], "update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
}
}
@@ -1329,10 +1300,10 @@ function get_user_agreements($memid, $type=null, $active=null){
from `domaincerts`, `domlink`
where `domaincerts`.`id` = `domlink`.`certid`
and `domlink`.`domid` = '$domainid'";
- $dres = mysql_query($query);
- while($drow = mysql_fetch_assoc($dres))
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ while($drow = mysqli_fetch_assoc($dres))
{
- mysql_query(
+ mysqli_query($_SESSION['mconn'],
"update `domaincerts`
set `revoked`='1970-01-01 10:00:01'
where `id` = '".$drow['id']."'
@@ -1345,15 +1316,15 @@ function get_user_agreements($memid, $type=null, $active=null){
//gpg revokation needs to be added to a later point
$uid=intval($uid);
$query = "select `id` from `email` where `memid`='".$uid."'";
- $res=mysql_query($query);
- while($row = mysql_fetch_assoc($res)){
+ $res=mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res)){
revoke_all_client_cert($row['id']);
}
$query = "select `id` from `domains` where `memid`='".$uid."'";
- $res=mysql_query($query);
- while($row = mysql_fetch_assoc($res)){
+ $res=mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res)){
revoke_all_server_cert($row['id']);
}
}
@@ -1415,11 +1386,11 @@ function write_se_log($uid, $adminid, $type, $info){
//records all support engineer actions changing a user account
$uid = intval($uid);
$adminid = intval($adminid);
- $type = mysql_real_escape_string($type);
- $info = mysql_real_escape_string($info);
+ $type = mysqli_real_escape_string($_SESSION['mconn'], $type);
+ $info = mysqli_real_escape_string($_SESSION['mconn'], g($info));
$query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values
(Now(), $uid, $adminid, '$type', '$info')";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1453,7 +1424,7 @@ function get_user_data($userid, $deleted=0){
$filter .=' and `users`.`deleted`=0';
}
$query = "select * from `users` where `users`.`id`='$userid' ".$filter;
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1462,7 +1433,7 @@ function get_user_data($userid, $deleted=0){
* @return array - associative array
*/
function get_alerts($userid){
- return mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($userid)."'"));
+ return mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `alerts` where `memid`='".intval($userid)."'"));
}
/**
@@ -1480,10 +1451,10 @@ function get_email_addresses($userid, $exclude, $deleted=0){
$filter .= ' and `deleted`=0';
}
if ($exclude) {
- $filter .= " and `email`!='".mysql_real_escape_string($exclude)."'";
+ $filter .= " and `email`!='".mysqli_real_escape_string($_SESSION['mconn'], $exclude)."'";
}
$query = "select * from `email` where `memid`='".$userid."' and `hash`='' ".$filter." order by `created`";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1500,7 +1471,7 @@ function get_domains($userid, $deleted=0){
$filter .= ' and `deleted`=0';
}
$query = "select * from `domains` where `memid`='".$userid."' and `hash`=''".$filter." order by `created`";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1515,7 +1486,7 @@ function get_training_results($userid){
" FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
" WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".$userid."'".
" ORDER BY `CP`.`pass_date`";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1529,7 +1500,7 @@ function get_se_log($userid){
FROM `adminlog`, `users`
WHERE `adminlog`.`adminid` = `users`.`id` and `adminlog`.`uid`=".$userid."
ORDER BY `adminlog`.`when`";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1560,7 +1531,7 @@ function get_client_certs($userid, $viewall=0){
$query .= " HAVING `timeleft` > 0";
}
$query .= " ORDER BY `emailcerts`.`modified` desc";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1590,7 +1561,7 @@ function get_server_certs($userid, $viewall=0){
$query .= " HAVING `timeleft` > 0";
}
$query .= " ORDER BY `domaincerts`.`modified` desc";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
/**
@@ -1611,7 +1582,7 @@ function get_gpg_certs($userid, $viewall=0){
$query .= " HAVING `timeleft` > 0";
}
$query .= " ORDER BY `issued` desc";
- return mysql_query($query);
+ return mysqli_query($_SESSION['mconn'], $query);
}
@@ -1622,13 +1593,12 @@ function get_gpg_certs($userid, $viewall=0){
function output_log_email_header(){
?>
<tr>
- <td class="DataTD bold"><?= _("Email, primary bold") ?></td>
- <td class="DataTD bold"><?= _("Created") ?></td>
- <td class="DataTD bold"><?= _("Deleted") ?></td>
+ <td class="DataTD bold"><?php echo _("Email, primary bold") ?></td>
+ <td class="DataTD bold"><?php echo _("Created") ?></td>
+ <td class="DataTD bold"><?php echo _("Deleted") ?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show all email data for the admin log
* @param array $row - associative array containing the column data
@@ -1643,12 +1613,11 @@ function output_log_email($row, $primary){
}
?>
<tr>
- <td class="DataTD<?=$style?>"><?=$row['email']?></td>
- <td class="DataTD<?=$style?>"><?=$row['created']?></td>
- <td class="DataTD<?=$style?>"><?=$row['deleted']?></td>
+ <td class="DataTD<?php echo $style?>"><?php echo $row['email']?></td>
+ <td class="DataTD<?php echo $style?>"><?php echo $row['created']?></td>
+ <td class="DataTD<?php echo $style?>"><?php echo $row['deleted']?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the domains table for the admin log
@@ -1656,13 +1625,12 @@ function output_log_email($row, $primary){
function output_log_domains_header(){
?>
<tr>
- <td class="DataTD bold"><?= _("Domain") ?></td>
- <td class="DataTD bold"><?= _("Created") ?></td>
- <td class="DataTD bold"><?= _("Deleted") ?></td>
+ <td class="DataTD bold"><?php echo _("Domain") ?></td>
+ <td class="DataTD bold"><?php echo _("Created") ?></td>
+ <td class="DataTD bold"><?php echo _("Deleted") ?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the domain data for the admin log
@@ -1675,12 +1643,11 @@ function output_log_domains($row){
}
?>
<tr>
- <td class="DataTD<?=$italic?>"><?=$row['domain']?></td>
- <td class="DataTD<?=$italic?>"><?=$row['created']?></td>
- <td class="DataTD<?=$italic?>"><?=$row['deleted']?></td>
+ <td class="DataTD<?php echo $italic?>"><?php echo $row['domain']?></td>
+ <td class="DataTD<?php echo $italic?>"><?php echo $row['created']?></td>
+ <td class="DataTD<?php echo $italic?>"><?php echo $row['deleted']?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the user agreement table for the admin log
@@ -1688,13 +1655,12 @@ function output_log_domains($row){
function output_log_agreement_header(){
?>
<tr>
- <td class="DataTD bold"><?= _("Agreement") ?></td>
- <td class="DataTD bold"><?= _("Date") ?></td>
- <td class="DataTD bold"><?= _("Method") ?></td>
- <td class="DataTD bold"><?= _("Active ") ?></td>
+ <td class="DataTD bold"><?php echo _("Agreement") ?></td>
+ <td class="DataTD bold"><?php echo _("Date") ?></td>
+ <td class="DataTD bold"><?php echo _("Method") ?></td>
+ <td class="DataTD bold"><?php echo _("Active ") ?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the agreement data for the admin log
@@ -1703,13 +1669,12 @@ function output_log_agreement_header(){
function output_log_agreement($row){
?>
<tr>
- <td class="DataTD" ><?=$row['document']?></td>
- <td class="DataTD" ><?=$row['date']?></td>
- <td class="DataTD" ><?=$row['method']?></td>
- <td class="DataTD"><?= ($row['active']==0)? _('passive'):_('active')?></td>
+ <td class="DataTD" ><?php echo $row['document']?></td>
+ <td class="DataTD" ><?php echo $row['date']?></td>
+ <td class="DataTD" ><?php echo $row['method']?></td>
+ <td class="DataTD"><?php echo ($row['active']==0)? _('passive'):_('active')?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the training table
@@ -1718,12 +1683,11 @@ function output_log_training_header(){
//should be entered in account/55.php
?>
<tr>
- <td class="DataTD bold"><?= _("Agreement") ?></td>
- <td class="DataTD bold"><?= _("Test") ?></td>
- <td class="DataTD bold"><?= _("Variant") ?></td>
+ <td class="DataTD bold"><?php echo _("Agreement") ?></td>
+ <td class="DataTD bold"><?php echo _("Test") ?></td>
+ <td class="DataTD bold"><?php echo _("Variant") ?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the training data
@@ -1733,12 +1697,11 @@ function output_log_training($row){
//should be entered in account/55.php
?>
<tr>
- <td class="DataTD"><?=$row['pass_date']?></td>
- <td class="DataTD"><?=$row['type_text']?></td>
- <td class="DataTD"><?=$row['test_text']?></td>
+ <td class="DataTD"><?php echo $row['pass_date']?></td>
+ <td class="DataTD"><?php echo $row['type_text']?></td>
+ <td class="DataTD"><?php echo $row['test_text']?></td>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the SE log table for the admin log
@@ -1747,19 +1710,16 @@ function output_log_training($row){
function output_log_se_header($support=0){
?>
<tr>
- <td class="DataTD bold"><?= _("Date") ?></td>
- <td class="DataTD bold"><?= _("Type") ?></td>
- <?
- if (1 == $support) {
+ <td class="DataTD bold"><?php echo _("Date") ?></td>
+ <td class="DataTD bold"><?php echo _("Type") ?></td>
+ <?php if (1 == $support) {
?>
- <td class="DataTD bold"><?= _("Information") ?></td>
- <td class="DataTD bold"><?= _("Admin") ?></td>
- <?
- }
+ <td class="DataTD bold"><?php echo _("Information") ?></td>
+ <td class="DataTD bold"><?php echo _("Admin") ?></td>
+ <?php }
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the SE log data for the admin log
@@ -1770,19 +1730,16 @@ function output_log_se($row, $support=0){
//should be entered in account/55.php
?>
<tr>
- <td class="DataTD"><?=$row['when']?></td>
- <td class="DataTD"><?=$row['type']?></td>
- <?
- if (1 == $support) {
+ <td class="DataTD"><?php echo $row['when']?></td>
+ <td class="DataTD"><?php echo $row['type']?></td>
+ <?php if (1 == $support) {
?>
- <td class="DataTD"><?=$row['information']?></td>
- <td class="DataTD"><?=$row['fname'].' '.$row['lname']?></td>
- <?
- }
+ <td class="DataTD"><?php echo $row['information']?></td>
+ <td class="DataTD"><?php echo $row['fname'].' '.$row['lname']?></td>
+ <?php }
?>
</tr>
- <?
-}
+ <?php }
/**
* Shows the table header to the client cert table
@@ -1793,29 +1750,24 @@ function output_client_cert_header($support=0, $readonly=true){
//should be added to account/5.php
?>
<tr>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
?>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <?
- }
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <?php }
?>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td class="DataTD"><?=_("Login")?></td>
- <?
- if (1 != $support) {
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Email Address")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td class="DataTD"><?php echo _("Login")?></td>
+ <?php if (1 != $support) {
?>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
- <?
- }
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
+ <?php }
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the client cert data
@@ -1844,76 +1796,65 @@ function output_client_cert($row, $support=0, $readonly=true){
?>
<tr>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
if ($verified === _("Pending")) {
?>
<td class="DataTD">
- <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>">
+ <input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>">
</td>
- <?
-
+ <?php
} elseif ($verified === _("Revoked")) {
?>
<td class="DataTD">&nbsp;</td>
- <?
-
+ <?php
} else {
?>
<td class="DataTD">
- <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>">
+ <input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>">
</td>
- <?
- }
+ <?php }
}
?>
- <td class="DataTD"><?=$verified?></td>
- <?
-
+ <td class="DataTD"><?php echo $verified?></td>
+ <?php
if ($verified === _("Pending")) {
?>
- <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
- <?
- } else {
+ <td class="DataTD"><?php echo (trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td>
+ <?php } else {
?>
<td class="DataTD">
- <a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>">
- <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
+ <a href="account.php?id=6&amp;cert=<?php echo intval($row['id'])?>">
+ <?php echo (trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?>
</a>
</td>
- <?
- }
+ <?php }
?>
- <td class="DataTD"><?=$row['serial']?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expire']?></td>
+ <td class="DataTD"><?php echo $row['serial']?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
+ <td class="DataTD"><?php echo $row['expire']?></td>
<td class="DataTD">
- <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/>
- <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
+ <input type="checkbox" name="disablelogin_<?php echo intval($row['id'])?>" value="1" <?php echo $row['disablelogin']?"":"checked='checked'"?> <?php echo $readonly?'disabled="disabled"':''?>/>
+ <input type="hidden" name="cert_<?php echo intval($row['id'])?>" value="1" />
</td>
- <?
-
+ <?php
if (1 != $support) {
?>
<td class="DataTD">
- <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+ <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
</td>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
?>
<td class="DataTD">
- <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+ <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
</td>
- <?
- }
+ <?php }
}
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the server cert table
@@ -1924,28 +1865,23 @@ function output_server_certs_header($support=0, $readonly=true){
//should be entered in account/12.php
?>
<tr>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
?>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <?
- }
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <?php }
?>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <?
- if (1 != $support) {
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("CommonName")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <?php if (1 != $support) {
?>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
- <?
- }
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
+ <?php }
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the server cert data
@@ -1974,70 +1910,59 @@ function output_server_certs($row, $support=0, $readonly=true){
?>
<tr>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
if ($verified === _("Pending")) {
?>
<td class="DataTD">
- <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/>
+ <input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>"/>
</td>
- <?
- } elseif($verified === _("Revoked")) {
+ <?php } elseif($verified === _("Revoked")) {
?>
<td class="DataTD">&nbsp;</td>
- <?
- } else {
+ <?php } else {
?>
<td class="DataTD">
- <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/>
+ <input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>"/>
</td>
- <?
- }
+ <?php }
}
?>
- <td class="DataTD"><?=$verified?></td>
- <?
-
+ <td class="DataTD"><?php echo $verified?></td>
+ <?php
if ($verified === _("Pending")) {
?>
- <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td>
- <?
- } else {
+ <td class="DataTD"><?php echo htmlspecialchars($row['CN'])?></td>
+ <?php } else {
?>
<td class="DataTD">
- <a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>">
- <?=htmlspecialchars($row['CN'])?>
+ <a href="account.php?id=15&amp;cert=<?php echo intval($row['id'])?>">
+ <?php echo htmlspecialchars($row['CN'])?>
</a>
</td>
- <?
- }
+ <?php }
?>
- <td class="DataTD"><?=$row['serial']?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expire']?></td>
- <?
-
+ <td class="DataTD"><?php echo $row['serial']?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
+ <td class="DataTD"><?php echo $row['expire']?></td>
+ <?php
if (1 != $support) {
?>
<td class="DataTD">
- <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+ <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
</td>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
?>
<td class="DataTD">
- <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+ <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
</td>
- <?
- }
+ <?php }
}
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the table header to the gpg cert table
@@ -2048,20 +1973,17 @@ function output_gpg_certs_header($support=0, $readonly=true){
// $readonly is currently ignored but kept for consistency
?>
<tr>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td class="DataTD"><?=_("Key ID")?></td>
- <?
- if (1 != $support) {
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Email Address")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td class="DataTD"><?php echo _("Key ID")?></td>
+ <?php if (1 != $support) {
?>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
- <?
- }
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
+ <?php }
?>
</tr>
- <?
-}
+ <?php }
/**
* Show the gpg cert data
@@ -2084,57 +2006,48 @@ function output_gpg_certs($row, $support=0, $readonly=true){
?>
<tr>
- <td class="DataTD"><?=$verified?></td>
- <?
-
+ <td class="DataTD"><?php echo $verified?></td>
+ <?php
if($verified == _("Pending")) {
?>
- <td class="DataTD"><?=htmlspecialchars($row['email'])?></td>
- <?
- } else {
+ <td class="DataTD"><?php echo htmlspecialchars($row['email'])?></td>
+ <?php } else {
?>
<td class="DataTD">
- <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
- <?=htmlspecialchars($row['email'])?>
+ <a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>">
+ <?php echo htmlspecialchars($row['email'])?>
</a>
</td>
- <?
- }
+ <?php }
?>
- <td class="DataTD"><?=$row['expire']?></td>
- <?
-
+ <td class="DataTD"><?php echo $row['expire']?></td>
+ <?php
if($verified == _("Pending")) {
?>
- <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td>
- <?
- } else {
+ <td class="DataTD"><?php echo htmlspecialchars($row['keyid'])?></td>
+ <?php } else {
?>
<td class="DataTD">
- <a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>">
- <?=htmlspecialchars($row['keyid'])?>
+ <a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>">
+ <?php echo htmlspecialchars($row['keyid'])?>
</a>
</td>
- <?
- }
+ <?php }
if (1 != $support) {
?>
<td class="DataTD">
- <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" />
+ <input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" />
</td>
- <?
- if (!$readonly) {
+ <?php if (!$readonly) {
?>
<td class="DataTD">
- <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" />
+ <input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" />
</td>
- <?
- }
+ <?php }
}
?>
</tr>
- <?
-}
+ <?php }
diff --git a/includes/shutdown.php b/includes/shutdown.php
index 4ceaf25..6d2d175 100644
--- a/includes/shutdown.php
+++ b/includes/shutdown.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -21,9 +21,8 @@
if(0)
{ ?>
- <font color="#ff0000"><? printf(_("This function is currently disabled. Please visit %s for more information."),
+ <font color="#ff0000"><?php printf(_("This function is currently disabled. Please visit %s for more information."),
"<a target='_blank' href='http://wiki.cacert.org/wiki/ClientSecurity'>http://wiki.cacert.org/wiki/ClientSecurity</a>")?></font>
-<?
- exit;
+<?php exit;
}
?>
diff --git a/includes/sponsorinfo.php b/includes/sponsorinfo.php
index 3ed216a..59edfaf 100644
--- a/includes/sponsorinfo.php
+++ b/includes/sponsorinfo.php
@@ -1,5 +1,5 @@
<div class="sponsorinfo">
- <?=_("CAcert operations are sponsored by")?>
+ <?php echo _("CAcert operations are sponsored by")?>
<a href="http://www.bit.nl/" target="_blank"><img class="sponsorlogo" src="/images/bit.png" alt="[BIT logo]" border="0"></a>
<a href="http://www.tunix.nl/" target="_blank"><img class="sponsorlogo" src="/images/tunix.png" alt="[TUNIX logo]" border="0"></a>
<a href="http://www.nlnet.nl/" target="_blank"><img class="sponsorlogo" src="/images/nlnet.png" alt="[NLnet logo]" border="0"></a>
diff --git a/includes/tverify_stuff.php b/includes/tverify_stuff.php
index 93f7c32..bfdb27f 100644
--- a/includes/tverify_stuff.php
+++ b/includes/tverify_stuff.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -24,38 +24,37 @@ if(!function_exists("showheader"))
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
-<title><?=$title?></title>
-<? if($_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
+<title><?php echo $title?></title>
+<?php if($_SESSION['_config']['header'] != "") { ?><?php echo $_SESSION['_config']['header']?><?php } ?>
<link rel="stylesheet" href="/styles/default.css" type="text/css">
<link href="http://my.rsscache.com/www.cacert.org/rss.php" rel="alternate" type="application/rss+xml" title="rss">
</head>
<body>
<div id="pagecell1">
<div id="pageName"><br>
- <h2><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="https://www.CAcert.org/images/cacert4.png" border="0" alt="CAcert.org logo"></a></h2>
-<div id="googlead"><h2><?=_("Free digital certificates!")?></h2></div>
+ <h2><a href="http://<?php echo $_SESSION['_config']['normalhostname']?>"><img src="https://www.CAcert.org/images/cacert4.png" border="0" alt="CAcert.org logo"></a></h2>
+<div id="googlead"><h2><?php echo _("Free digital certificates!")?></h2></div>
</div>
<div id="pageNav">
<div class="relatedLinks">
- <h3><?=_("Join CAcert.org")?></h3>
- <a href="http://<?=$_SESSION['_config']['normalhostname']?>/"><?=_("Main Website")?></a>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=1"><?=_("Join")?></a>
+ <h3><?php echo _("Join CAcert.org")?></h3>
+ <a href="http://<?php echo $_SESSION['_config']['normalhostname']?>/"><?php echo _("Main Website")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=1"><?php echo _("Join")?></a>
</div>
<div class="relatedLinks">
- <h3><?=_("My Account")?></h3>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Normal Login")?></a>
- <a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Cert Login")?></a>
- <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a>
+ <h3><?php echo _("My Account")?></h3>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=4"><?php echo _("Normal Login")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['securehostname']?>/index.php?id=4"><?php echo _("Cert Login")?></a>
+ <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=5"><?php echo _("Lost Password")?></a>
</div>
</div>
<div id="content">
<div class="story">
- <h3><?=$title2?></h3>
-<? if($_SESSION['_config']['errmsg'] != "") { ?>
-<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
-<? } ?>
-<?
- }
+ <h3><?php echo $title2?></h3>
+<?php if($_SESSION['_config']['errmsg'] != "") { ?>
+<p><font color="#ff0000" size="+2"><?php echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
+<?php } ?>
+<?php }
}
if(!function_exists("showfooter"))
@@ -66,13 +65,12 @@ if(!function_exists("showfooter"))
</div>
</div>
<div id="siteInfo">
- <a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
- <a href="/index.php?id=10"><?=_("Privacy Policy")?></a> |
- <a href="/index.php?id=51"><?=_("Mission Statement")?></a> | <a href="/index.php?id=11"><?=_("Contact Us")?></a> |
- <a href="/index.php?id=19"><?=_("Further Information")?></a> | &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
+ <a href="//wiki.cacert.org/FAQ/AboutUs"><?php echo _("About Us")?></a> | <a href="/index.php?id=13"><?php echo _("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?php echo _("Association Membership")?></a> |
+ <a href="/index.php?id=10"><?php echo _("Privacy Policy")?></a> |
+ <a href="/index.php?id=51"><?php echo _("Mission Statement")?></a> | <a href="/index.php?id=11"><?php echo _("Contact Us")?></a> |
+ <a href="/index.php?id=19"><?php echo _("Further Information")?></a> | &copy;2002-<?php echo date("Y")?> <?php echo _("by CAcert")?></div>
</div>
</body>
-</html><?
- }
+</html><?php }
}
?>
diff --git a/pages/account/0.php b/pages/account/0.php
index b9b150c..d059e1a 100644
--- a/pages/account/0.php
+++ b/pages/account/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,18 +15,18 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("My Account")?></H3>
-<p><?=_("Welcome to your account section of the website. Below is a description of the different sections and what they're for.")?></p>
-<H4><?=_("CAcert.org")?></H4>
-<p><?=_("If you would like to view news items or change languages you can click the logout or go home links. Go home doesn't log you out of the system, just returns you to the front of the website. Logout logs you out of the system.")?></p>
-<H4><?=_("My Details")?></H4>
-<p><?=_("In this section you will be able to edit your personal information (if you haven't been assured), update your pass phrase, and lost pass phrase questions. You will also be able to set your location for the Web of Trust, it also effects the email announcement settings which among other things can be set to notify you if you're within 200km of a planned assurance event. You'll also be able to set additional contact information when you become fully trusted, so others can contact you to meet up outside official events.")?></p>
-<h4><?=_("Email Accounts and Client Certificates")?></h4>
-<p><?=_("The email account section is for adding/updating/removing email accounts which can be used to issue client certificates against. The client certificate section steps you through generating a certificate signing request for one or more emails you've registered in the email account section.")?></p>
-<h4><?=_("Domains and Server Certificates.")?></h4>
-<p><?=_("Before you can start issuing certificates for your website, irc server, smtp server, pop3, imap etc you will need to add domains to your account under the domain menu. You can also remove domains from here as well. Once you've added a domain you are free then to go into the Server Certificate section and start pasting CSR into the website and have the website return you a valid certificate for up to 2 years if you have 50 trust points, or 6 months for no trust points.")?></p>
-<h4><?=_("Org Client and Server Certificates")?></h4>
-<p><?=_("Once you have verified your company you will see these menu options. They allow you to issue as many certificates as you like without proving individual email accounts as you like, further more you are able to get your company details on the certificate.")?></p>
-<h4><?=_("CAcert Web of Trust")?></h4>
-<p><?=_("The Web of Trust system CAcert uses is similar to that many involved with GPG/PGP use, they hold face to face meetings to verify each others photo identities match their GPG/PGP key information. CAcert differs however in that we have modified things to work within the PKI framework, for you to gain trust in the system you must first locate someone already trusted. The trust person depending how many people they've trusted or meet before will determine how many points they can issue to you (the number of points they can issue is listed in the locate assurer section). Once you've met up you can show your ID and you will need to fill out a CAP form which the person assuring your details must retain for verification reasons.")?></p>
-<p><b><?=sprintf(_("For information about the TTP-assisted-assurance program please read %s"),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?></b></p>
+<H3><?php echo _("My Account")?></H3>
+<p><?php echo _("Welcome to your account section of the website. Below is a description of the different sections and what they're for.")?></p>
+<H4><?php echo _("CAcert.org")?></H4>
+<p><?php echo _("If you would like to view news items or change languages you can click the logout or go home links. Go home doesn't log you out of the system, just returns you to the front of the website. Logout logs you out of the system.")?></p>
+<H4><?php echo _("My Details")?></H4>
+<p><?php echo _("In this section you will be able to edit your personal information (if you haven't been assured), update your pass phrase, and lost pass phrase questions. You will also be able to set your location for the Web of Trust, it also effects the email announcement settings which among other things can be set to notify you if you're within 200km of a planned assurance event. You'll also be able to set additional contact information when you become fully trusted, so others can contact you to meet up outside official events.")?></p>
+<h4><?php echo _("Email Accounts and Client Certificates")?></h4>
+<p><?php echo _("The email account section is for adding/updating/removing email accounts which can be used to issue client certificates against. The client certificate section steps you through generating a certificate signing request for one or more emails you've registered in the email account section.")?></p>
+<h4><?php echo _("Domains and Server Certificates.")?></h4>
+<p><?php echo _("Before you can start issuing certificates for your website, irc server, smtp server, pop3, imap etc you will need to add domains to your account under the domain menu. You can also remove domains from here as well. Once you've added a domain you are free then to go into the Server Certificate section and start pasting CSR into the website and have the website return you a valid certificate for up to 2 years if you have 50 trust points, or 6 months for no trust points.")?></p>
+<h4><?php echo _("Org Client and Server Certificates")?></h4>
+<p><?php echo _("Once you have verified your company you will see these menu options. They allow you to issue as many certificates as you like without proving individual email accounts as you like, further more you are able to get your company details on the certificate.")?></p>
+<h4><?php echo _("CAcert Web of Trust")?></h4>
+<p><?php echo _("The Web of Trust system CAcert uses is similar to that many involved with GPG/PGP use, they hold face to face meetings to verify each others photo identities match their GPG/PGP key information. CAcert differs however in that we have modified things to work within the PKI framework, for you to gain trust in the system you must first locate someone already trusted. The trust person depending how many people they've trusted or meet before will determine how many points they can issue to you (the number of points they can issue is listed in the locate assurer section). Once you've met up you can show your ID and you will need to fill out a CAP form which the person assuring your details must retain for verification reasons.")?></p>
+<p><b><?php echo sprintf(_("For information about the TTP-assisted-assurance program please read %s"),"<a href='//wiki.cacert.org/TTP/TTPuser'>https://wiki.cacert.org/TTP/TTPuser</a>","<a href='//wiki.cacert.org/TTP/TTPAL'>https://wiki.cacert.org/TTP/TTPAL</a>")?></b></p>
diff --git a/pages/account/1.php b/pages/account/1.php
index f3cd1f2..b151e1c 100644
--- a/pages/account/1.php
+++ b/pages/account/1.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,18 +18,18 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Add Email")?></td>
+ <td colspan="2" class="title"><?php echo _("Add Email")?></td>
</tr>
<tr>
- <td class="DataTD" width="125"><?=_("Email Address")?>: </td>
- <td class="DataTD" width="125"><input type="text" name="newemail" value="<?=array_key_exists('newemail',$_SESSION['profile'])?sanitizeHTML($_SESSION['profile']['newemail']):''?>"></td>
+ <td class="DataTD" width="125"><?php echo _("Email Address")?>: </td>
+ <td class="DataTD" width="125"><input type="text" name="newemail" value="<?php echo array_key_exists('newemail',$_SESSION['profile'])?sanitizeHTML($_SESSION['profile']['newemail']):''?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I own or am authorised to control this email address")?>"/></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("I own or am authorised to control this email address")?>"/></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('addemail')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('addemail')?>" />
</form>
-<p><?=_("Currently we only issue certificates for Punycode domains if the person requesting them has code signing attributes attached to their account, as these have potentially slightly higher security risk.")?></p>
+<p><?php echo _("Currently we only issue certificates for Punycode domains if the person requesting them has code signing attributes attached to their account, as these have potentially slightly higher security risk.")?></p>
diff --git a/pages/account/10.php b/pages/account/10.php
index 17999a7..afa4f3c 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,68 +17,66 @@
*/
include_once("../includes/shutdown.php");
?>
-<h3><?=_("CAcert Certificate Acceptable Use Policy")?></h3>
-<p><?=_("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
+<h3><?php echo _("CAcert Certificate Acceptable Use Policy")?></h3>
+<p><?php echo _("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
-<p><?=_("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
+<p><?php echo _("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
-<p><?=_("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/policy/">http://www.cacert.org/policy/</a></p>
+<p><?php echo _("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/policy/">http://www.cacert.org/policy/</a></p>
-<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
+<p><?php echo _("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
-<p><b>*** <?=_("Please note: All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
-<p><?=_("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
+<p><b>*** <?php echo _("Please note: All information on your certificate will be removed except the CommonName and SubjectAltName field, this is because it's an automated service and cannot automatically verify other details on your certificates are valid or not.")?> ***</b></p>
+<p><?php echo _("If you are a valid organisation and would like the organisation name in the certificates you can apply for an organisation assurance. Contact us via support@cacert.org for more information.")?></p>
<form method="post" action="account.php">
-<p><label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+<p><label for="description"><?php echo _("Optional comment, only used in the certificate overview")?></label><br />
<input type="text" id="description" name="description" maxlength="80" size="80" />
</p>
-<p><label for="CSR"><?=_("Paste your CSR (Certificate Signing Request) below...")?></label><br />
+<p><label for="CSR"><?php echo _("Paste your CSR (Certificate Signing Request) below...")?></label><br />
<textarea id="CSR" name="CSR" cols="80" rows="15"></textarea>
</p>
<fieldset>
<legend>
<input type="checkbox" id="expertbox" onchange="showExpert(this.checked)" style="display:none" />
- <label for="expertbox"><?=_("Advanced Options")?></label>
+ <label for="expertbox"><?php echo _("Advanced Options")?></label>
</legend>
<div id="advanced_options">
-<? if($_SESSION['profile']['points'] >= 50) { ?>
+<?php if($_SESSION['profile']['points'] >= 50) { ?>
<ul class="no_indent">
<li>
<input type="radio" id="root1" name="rootcert" value="1" />
- <label for="root1"><?=_("Sign by class 1 root certificate")?></label>
+ <label for="root1"><?php echo _("Sign by class 1 root certificate")?></label>
</li>
<li>
<input type="radio" id="root2" name="rootcert" value="2" checked="checked" />
- <label for="root2"><?=_("Sign by class 3 root certificate")?></label>
+ <label for="root2"><?php echo _("Sign by class 3 root certificate")?></label>
</li>
</ul>
-<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
-<? } ?>
+<p><?php echo _("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
+<?php } ?>
-<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
+<p class="attach_ul"><?php echo _("Hash algorithm used when signing the certificate:")?></p>
<ul class="no_indent">
-<?
-foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+<?php foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
?>
<li>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
- <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
+ <input type="radio" id="hash_alg_<?php echo $algorithm?>" name="hash_alg" value="<?php echo $algorithm?>" <?php echo (HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?php echo $algorithm?>"><?php echo $display_info['name']?><?php echo $display_info['info']?' - '.$display_info['info']:''?></label>
</li>
-<?
-}
+<?php }
?>
</ul>
</div>
</fieldset>
-<p><input type="checkbox" id="CCA" name="CCA" /> <label for="CCA"><strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
- <?=_("Please note: You need to accept the CCA to proceed.")?></label></p>
-<input type="submit" name="process" value="<?=_("Submit")?>" />
-<input type="hidden" name="oldid" value="<?=$id?>" />
+<p><input type="checkbox" id="CCA" name="CCA" /> <label for="CCA"><strong><?php echo sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?php echo _("Please note: You need to accept the CCA to proceed.")?></label></p>
+<input type="submit" name="process" value="<?php echo _("Submit")?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
</form>
diff --git a/pages/account/11.php b/pages/account/11.php
index 5f94122..fbcc201 100644
--- a/pages/account/11.php
+++ b/pages/account/11.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,12 +17,11 @@
*/ ?>
<p>
-<?=_("Please make sure the following details are correct before proceeding ".
+<?php echo _("Please make sure the following details are correct before proceeding ".
"any further.")?>
</p>
-<p><?
-if (is_array($_SESSION['_config']['rows'])) {
+<p><?php if (is_array($_SESSION['_config']['rows'])) {
foreach ($_SESSION['_config']['rows'] as $row) {
echo _("CommonName"), ": $row<br>\n";
}
@@ -36,12 +35,11 @@ if (is_array($_SESSION['_config']['altrows'])) {
?></p>
<p>
-<?=_("No additional information will be included on certificates because it ".
+<?php echo _("No additional information will be included on certificates because it ".
"can not be automatically checked by the system.")?>
</p>
-<p><?
-if (array_key_exists('rejected',$_SESSION['_config']) &&
+<p><?php if (array_key_exists('rejected',$_SESSION['_config']) &&
is_array($_SESSION['_config']['rejected'])) {
echo _("The following hostnames were rejected because the system couldn't ".
"link them to your account, if they are valid please verify the ".
@@ -54,22 +52,19 @@ if (array_key_exists('rejected',$_SESSION['_config']) &&
}
?></p>
-<?
-if (is_array($_SESSION['_config']['rows']) ||
+<?php if (is_array($_SESSION['_config']['rows']) ||
is_array($_SESSION['_config']['altrows'])) {
?>
<form method="post" action="account.php">
<p>
- <input type="submit" name="process" value="<?=_("Submit")?>">
- <input type="hidden" name="oldid" value="<?=$id?>">
+ <input type="submit" name="process" value="<?php echo _("Submit")?>">
+ <input type="hidden" name="oldid" value="<?php echo $id?>">
</p>
</form>
- <?
-} else {
+ <?php } else {
?>
<p>
- <b><?=_("Unable to continue as no valid commonNames or ".
+ <b><?php echo _("Unable to continue as no valid commonNames or ".
"subjectAltNames were present on your certificate request.")?></b>
</p>
- <?
-}
+ <?php }
diff --git a/pages/account/12.php b/pages/account/12.php
index f4428aa..e137511 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,23 +15,22 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? $viewall=0; if(array_key_exists('viewall',$_REQUEST)) $viewall=intval($_REQUEST['viewall']); ?>
+<?php $viewall=0; if(array_key_exists('viewall',$_REQUEST)) $viewall=intval($_REQUEST['viewall']); ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
+ <td colspan="8" class="title"><?php echo _("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?php echo intval(!$viewall)?>"><?php echo $viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("CommonName")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
</tr>
-<?
- $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
+<?php $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
`domaincerts`.`expire`,
@@ -49,15 +48,15 @@
}
$query .= "ORDER BY `modified` desc";
//echo $query."<br>\n";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="8" class="DataTD"><?=_("No certificates are currently listed.")?></td>
+ <td colspan="8" class="DataTD"><?php echo _("No certificates are currently listed.")?></td>
</tr>
-<? } else {
- while($row = mysql_fetch_assoc($res))
+<?php } else {
+ while($row = mysqli_fetch_assoc($res))
{
if($row['timeleft'] > 0)
$verified = _("Valid");
@@ -71,42 +70,42 @@
$row['revoke'] = _("Not Revoked");
?>
<tr>
-<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/></td>
-<? } else if($verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/></td>
-<? } else { ?>
+<?php if($verified != _("Pending") && $verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>"/></td>
+<?php } else if($verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>"/></td>
+<?php } else { ?>
<td class="DataTD">&nbsp;</td>
-<? } ?>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>"><?=htmlspecialchars($row['CN'])?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expire']?></td>
- <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
+<?php } ?>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="account.php?id=15&amp;cert=<?php echo intval($row['id'])?>"><?php echo htmlspecialchars($row['CN'])?></a></td>
+ <td class="DataTD"><?php echo $row['serial']?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
+ <td class="DataTD"><?php echo $row['expire']?></td>
+ <td class="DataTD"><input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" /></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
<td class="DataTD" colspan="8">
- <a href="account.php?id=12&amp;viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
+ <a href="account.php?id=12&amp;viewall=<?php echo intval(!$viewall)?>"><b><?php echo $viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
</td>
</tr>
<tr>
<td class="DataTD" colspan="8">
- <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ <?php echo _('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>"/>&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
- <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"/> </td>
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?php echo _("Renew")?>"/>&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?php echo _("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?php echo _("Change settings")?>"/> </td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+ <td class="DataTD" colspan="8"><?php echo _("From here you can delete pending requests, or revoke valid certificates.")?></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>"/>
-<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/>
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>"/>
+<input type="hidden" name="csrf" value="<?php echo make_csrf('srvcerchange')?>"/>
</form>
diff --git a/pages/account/13.php b/pages/account/13.php
index ea28c0e..f238ef2 100644
--- a/pages/account/13.php
+++ b/pages/account/13.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,10 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
- $res = mysql_query($query);
- $user = mysql_fetch_assoc($res);
+<?php $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ $user = mysqli_fetch_assoc($res);
$year = intval(substr($user['dob'], 0, 4));
$month = intval(substr($user['dob'], 5, 2));
@@ -47,34 +46,33 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("My Details")?></td>
+ <td colspan="2" class="title"><?php echo _("My Details")?></td>
</tr>
-<? if($_SESSION['profile']['points'] == 0) { ?>
+<?php if($_SESSION['profile']['points'] == 0) { ?>
<tr>
- <td class="DataTD" width="125"><?=_("First Name")?>: </td>
- <td class="DataTD" width="125"><input type="text" name="fname" value="<?=sanitizeHTML($user['fname'])?>"></td>
+ <td class="DataTD" width="125"><?php echo _("First Name")?>: </td>
+ <td class="DataTD" width="125"><input type="text" name="fname" value="<?php echo sanitizeHTML($user['fname'])?>"></td>
</tr>
<tr>
- <td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
- (<?=_("optional")?>)
+ <td class="DataTD" valign="top"><?php echo _("Middle Name(s)")?><br>
+ (<?php echo _("optional")?>)
</td>
- <td class="DataTD"><input type="text" name="mname" value="<?=sanitizeHTML($user['mname'])?>"></td>
+ <td class="DataTD"><input type="text" name="mname" value="<?php echo sanitizeHTML($user['mname'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Last Name")?>: </td>
- <td class="DataTD"><input type="text" name="lname" value="<?=sanitizeHTML($user['lname'])?>"></td>
+ <td class="DataTD"><?php echo _("Last Name")?>: </td>
+ <td class="DataTD"><input type="text" name="lname" value="<?php echo sanitizeHTML($user['lname'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Suffix")?><br>
- (<?=_("optional")?>)</td>
- <td class="DataTD"><input type="text" name="suffix" value="<?=sanitizeHTML($user['suffix'])?>"></td>
+ <td class="DataTD"><?php echo _("Suffix")?><br>
+ (<?php echo _("optional")?>)</td>
+ <td class="DataTD"><input type="text" name="suffix" value="<?php echo sanitizeHTML($user['suffix'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Date of Birth")?><br>
- (<?=_("dd/mm/yyyy")?>)</td>
+ <td class="DataTD"><?php echo _("Date of Birth")?><br>
+ (<?php echo _("dd/mm/yyyy")?>)</td>
<td class="DataTD"><nobr><select name="day">
-<?
- for($i = 1; $i <= 31; $i++)
+<?php for($i = 1; $i <= 31; $i++)
{
echo "<option";
if($day == $i)
@@ -84,8 +82,7 @@
?>
</select>
<select name="month">
-<?
- for($i = 1; $i <= 12; $i++)
+<?php for($i = 1; $i <= 12; $i++)
{
echo "<option value='$i'";
if($month == $i)
@@ -94,71 +91,71 @@
}
?>
</select>
- <input type="text" name="year" value="<?=$year?>" size="4"></nobr>
+ <input type="text" name="year" value="<?php echo $year?>" size="4"></nobr>
</td>
</tr>
-<? } else { ?>
+<?php } else { ?>
<tr>
- <td class="DataTD" width="125"><?=_("First Name")?>: </td>
- <td class="DataTD" width="125"><?=sanitizeHTML($user['fname'])?></td>
+ <td class="DataTD" width="125"><?php echo _("First Name")?>: </td>
+ <td class="DataTD" width="125"><?php echo sanitizeHTML($user['fname'])?></td>
</tr>
<tr>
- <td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
- (<?=_("optional")?>)
+ <td class="DataTD" valign="top"><?php echo _("Middle Name(s)")?><br>
+ (<?php echo _("optional")?>)
</td>
- <td class="DataTD"><?=sanitizeHTML($user['mname'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($user['mname'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Last Name")?>: </td>
- <td class="DataTD"><?=sanitizeHTML($user['lname'])?></td>
+ <td class="DataTD"><?php echo _("Last Name")?>: </td>
+ <td class="DataTD"><?php echo sanitizeHTML($user['lname'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Suffix")?><br>
- (<?=_("optional")?>)</td>
- <td class="DataTD"><?=sanitizeHTML($user['suffix'])?></td>
+ <td class="DataTD"><?php echo _("Suffix")?><br>
+ (<?php echo _("optional")?>)</td>
+ <td class="DataTD"><?php echo sanitizeHTML($user['suffix'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Date of Birth")?><br>
- (<?=_("dd/mm/yyyy")?>)</td>
- <td class="DataTD"><?=$day?> <?=ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$month,1,1))))?> <?=$year?></td>
+ <td class="DataTD"><?php echo _("Date of Birth")?><br>
+ (<?php echo _("dd/mm/yyyy")?>)</td>
+ <td class="DataTD"><?php echo $day?> <?php echo ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$month,1,1))))?> <?php echo $year?></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td colspan="2" class="title"><a href="account.php?id=59&amp;oldid=13&amp;userid=<?=intval($_SESSION['profile']['id'])?>"><?=_('Show account history')?></a></td>
+ <td colspan="2" class="title"><a href="account.php?id=59&amp;oldid=13&amp;userid=<?php echo intval($_SESSION['profile']['id'])?>"><?php echo _('Show account history')?></a></td>
</tr>
<tr>
- <td colspan="2" class="title"><a href="account.php?id=13&amp;showdetails=<?=intval(!$showdetails)?>"><?=_("View secret question & answers")?></a></td>
+ <td colspan="2" class="title"><a href="account.php?id=13&amp;showdetails=<?php echo intval(!$showdetails)?>"><?php echo _("View secret question & answers")?></a></td>
</tr>
- <? if($showdetails){ ?>
+ <?php if($showdetails){ ?>
<tr>
- <td class="DataTD" colspan="2"><?=_("Lost Pass Phrase Questions")?></td>
+ <td class="DataTD" colspan="2"><?php echo _("Lost Pass Phrase Questions")?></td>
</tr>
<tr>
- <td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?=sanitizeHTML($user['Q1'])?>"></td>
- <td class="DataTD"><input type="text" name="A1" value="<?=sanitizeHTML($user['A1'])?>"></td>
+ <td class="DataTD">1)&nbsp;<input type="text" name="Q1" size="15" value="<?php echo sanitizeHTML($user['Q1'])?>"></td>
+ <td class="DataTD"><input type="text" name="A1" value="<?php echo sanitizeHTML($user['A1'])?>"></td>
</tr>
<tr>
- <td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?=sanitizeHTML($user['Q2'])?>"></td>
- <td class="DataTD"><input type="text" name="A2" value="<?=sanitizeHTML($user['A2'])?>"></td>
+ <td class="DataTD">2)&nbsp;<input type="text" name="Q2" size="15" value="<?php echo sanitizeHTML($user['Q2'])?>"></td>
+ <td class="DataTD"><input type="text" name="A2" value="<?php echo sanitizeHTML($user['A2'])?>"></td>
</tr>
<tr>
- <td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?=sanitizeHTML($user['Q3'])?>"></td>
- <td class="DataTD"><input type="text" name="A3" value="<?=sanitizeHTML($user['A3'])?>"></td>
+ <td class="DataTD">3)&nbsp;<input type="text" name="Q3" size="15" value="<?php echo sanitizeHTML($user['Q3'])?>"></td>
+ <td class="DataTD"><input type="text" name="A3" value="<?php echo sanitizeHTML($user['A3'])?>"></td>
</tr>
<tr>
- <td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?=sanitizeHTML($user['Q4'])?>"></td>
- <td class="DataTD"><input type="text" name="A4" value="<?=sanitizeHTML($user['A4'])?>"></td>
+ <td class="DataTD">4)&nbsp;<input type="text" name="Q4" size="15" value="<?php echo sanitizeHTML($user['Q4'])?>"></td>
+ <td class="DataTD"><input type="text" name="A4" value="<?php echo sanitizeHTML($user['A4'])?>"></td>
</tr>
<tr>
- <td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?=sanitizeHTML($user['Q5'])?>"></td>
- <td class="DataTD"><input type="text" name="A5" value="<?=sanitizeHTML($user['A5'])?>"></td>
+ <td class="DataTD">5)&nbsp;<input type="text" name="Q5" size="15" value="<?php echo sanitizeHTML($user['Q5'])?>"></td>
+ <td class="DataTD"><input type="text" name="A5" value="<?php echo sanitizeHTML($user['A5'])?>"></td>
</tr>
<tr>
<input type="hidden" name="showdetails" value="1" />
- <? } ?>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <?php } ?>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
-<input type="hidden" name="csrf" value="<?=make_csrf('perschange')?>" />
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('perschange')?>" />
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
</form>
diff --git a/pages/account/14.php b/pages/account/14.php
index 29aeb21..a2968a3 100644
--- a/pages/account/14.php
+++ b/pages/account/14.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,42 +15,41 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- if (intval($_REQUEST['force']) === 1)
+<?php if (intval($_REQUEST['force']) === 1)
{
?>
<p style="border:dotted 1px #900;padding:0.3em;bold;color:#ffffff;background-color:#ff0000;"><strong><center>
-<?=_("For your own security you should change your pass phrase immediately!"); ?></center></strong>
+<?php echo _("For your own security you should change your pass phrase immediately!"); ?></center></strong>
</p>
<?}?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("Change Pass Phrase")?></td>
+ <td colspan="2" class="title"><?php echo _("Change Pass Phrase")?></td>
</tr>
-<? if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname']) { ?>
+<?php if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname']) { ?>
<tr>
- <td class="DataTD"><?=_("Old Pass Phrase")?>: </td>
+ <td class="DataTD"><?php echo _("Old Pass Phrase")?>: </td>
<td class="DataTD"><input type="password" name="oldpassword"></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD"><?=_("New Pass Phrase")?><font color="red">*</font>: </td>
+ <td class="DataTD"><?php echo _("New Pass Phrase")?><font color="red">*</font>: </td>
<td class="DataTD"><input type="password" name="pword1"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Pass Phrase Again")?><font color="red">*</font>: </td>
+ <td class="DataTD"><?php echo _("Pass Phrase Again")?><font color="red">*</font>: </td>
<td class="DataTD"><input type="password" name="pword2"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol (all white spaces at the beginning and end are removed).")?></td>
+ <td class="DataTD" colspan="2"><font color="red">*</font><?php echo _("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol (all white spaces at the beginning and end are removed).")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Pass Phrase")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update Pass Phrase")?>"></td>
</tr>
</table>
-<input type="hidden" name="csrf" value="<?=make_csrf('pwchange')?>" />
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('pwchange')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/15.php b/pages/account/15.php
index 405cb44..31ef310 100644
--- a/pages/account/15.php
+++ b/pages/account/15.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,24 +15,23 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
+<?php $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
$query = "select * from `domaincerts`,`domains` where `domaincerts`.`id`='$certid' and
`domains`.`memid`='".intval($_SESSION['profile']['id'])."' and
`domains`.`id`=`domaincerts`.`domid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
echo _("No such certificate attached to your account.");
showfooter();
exit;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$crtname=escapeshellarg($row['crt_name']);
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
?>
-<h3><?=_("Below is your Server Certificate")?></h3>
+<h3><?php echo _("Below is your Server Certificate")?></h3>
<pre>
-<?=$cert?>
+<?php echo $cert?>
</pre>
diff --git a/pages/account/16.php b/pages/account/16.php
index 829897f..5e04d7b 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -20,35 +20,33 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("New Client Certificate")?></td>
+ <td colspan="2" class="title"><?php echo _("New Client Certificate")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Add")?></td>
- <td class="DataTD"><?=_("Address")?></td>
-<?
-if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_config']['emails'])) {
+ <td class="DataTD"><?php echo _("Add")?></td>
+ <td class="DataTD"><?php echo _("Address")?></td>
+<?php if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_config']['emails'])) {
$i = 1;
foreach($_SESSION['_config']['emails'] as $val) {
?>
<tr>
- <td class="DataTD"><label for="email<?=$i?>"><?=_("Email")?></label></td>
- <td class="DataTD"><input type="text" id="email<?=$i?>" name="emails[]" value="<?=$val?>"/></td>
+ <td class="DataTD"><label for="email<?php echo $i?>"><?php echo _("Email")?></label></td>
+ <td class="DataTD"><input type="text" id="email<?php echo $i?>" name="emails[]" value="<?php echo $val?>"/></td>
</tr>
-<?
- $i++;
+<?php $i++;
}
} ?>
<tr>
- <td class="DataTD"><label for="email0"><?=_("Email")?></td>
+ <td class="DataTD"><label for="email0"><?php echo _("Email")?></td>
<td class="DataTD"><input type="text" id="email0" name="emails[]"/></td>
</tr>
<tr>
- <td class="DataTD"><label for="name"><?=_("Name")?></label></td>
- <td class="DataTD"><input type="text" id="name" name="name" value="<?=array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
+ <td class="DataTD"><label for="name"><?php echo _("Name")?></label></td>
+ <td class="DataTD"><input type="text" id="name" name="name" value="<?php echo array_key_exists('name',$_SESSION['_config'])?($_SESSION['_config']['name']):''?>"/></td>
</tr>
<tr>
- <td class="DataTD"><label for="OU"><?=_("Department")?></label></td>
- <td class="DataTD"><input type="text" id="OU" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?(sanitizeHTML($_SESSION['_config']['OU'])):''?>"/></td>
+ <td class="DataTD"><label for="OU"><?php echo _("Department")?></label></td>
+ <td class="DataTD"><input type="text" id="OU" name="OU" value="<?php echo array_key_exists('OU',$_SESSION['_config'])?(sanitizeHTML($_SESSION['_config']['OU'])):''?>"/></td>
</tr>
<tr name="expertoff" style="display:none">
@@ -56,55 +54,53 @@ if (array_key_exists('emails',$_SESSION['_config']) && is_array($_SESSION['_conf
<input type="checkbox" id="expertbox" name="expertbox" onchange="showExpert(this.checked)" />
</td>
<td class="DataTD">
- <label for="expertbox"><?=_("Show advanced options")?></label>
+ <label for="expertbox"><?php echo _("Show advanced options")?></label>
</td>
</tr>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
- <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?=_("Sign by class 3 root certificate")?></label><br />
- <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 60))?>
+ <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?php echo _("Sign by class 1 root certificate")?></label><br />
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?php echo _("Sign by class 3 root certificate")?></label><br />
+ <?php echo str_replace("\n", "<br>\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 60))?>
</td>
</tr>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <?=_("Hash algorithm used when signing the certificate:")?><br />
- <?
- foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+ <?php echo _("Hash algorithm used when signing the certificate:")?><br />
+ <?php foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
?>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
- <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
- <?
- }
+ <input type="radio" id="hash_alg_<?php echo $algorithm?>" name="hash_alg" value="<?php echo $algorithm?>" <?php echo (HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?php echo $algorithm?>"><?php echo $display_info['name']?><?php echo $display_info['info']?' - '.$display_info['info']:''?></label><br />
+ <?php }
?>
</td>
</tr>
-<? if($_SESSION['profile']['codesign'] && $_SESSION['profile']['points'] >= 100) { ?>
+<?php if($_SESSION['profile']['codesign'] && $_SESSION['profile']['points'] >= 100) { ?>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
<input type="checkbox" id="codesign" name="codesign" value="1" />
- <label for="codesign"><?=_("Code Signing")?></label>
+ <label for="codesign"><?php echo _("Code Signing")?></label>
</td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
<td class="DataTD" colspan="2" align="left">
- <label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <label for="description"><?php echo _("Optional comment, only used in the certificate overview")?></label><br />
<input type="text" id="description" name="description" maxlength="80" size="80" />
</td>
</tr>
<tr>
<td class="DataTD" colspan="2">
- <input type="submit" name="add_email" value="<?=_("Add Another Email Address")?>">
- <input type="submit" name="process" value="<?=_("Next")?>" />
+ <input type="submit" name="add_email" value="<?php echo _("Add Another Email Address")?>">
+ <input type="submit" name="process" value="<?php echo _("Next")?>" />
</td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
-<?=_("Please fill out the form, when all data is entered and you click \"Next\" you can add either a CSR (certificate signing request) or create a new key with your browser. Even in the case that a CSR is given the data from this form will be used for the certificate. Only the public key information of the CSR will be copied.")?>
+<?php echo _("Please fill out the form, when all data is entered and you click \"Next\" you can add either a CSR (certificate signing request) or create a new key with your browser. Even in the case that a CSR is given the data from this form will be used for the certificate. Only the public key information of the CSR will be copied.")?>
<script language="javascript">
function showExpert(a)
diff --git a/pages/account/17.php b/pages/account/17.php
index 0d5c2c7..c1e6263 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -19,10 +19,10 @@
require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
?>
- -- <?=_("or")?> --
+ -- <?php echo _("or")?> --
<form method="post" action="account.php">
<input type="hidden" name="keytype" value="VI">
<textarea rows="20" cols="40" name="CSR"></textarea>
- <input type="submit" name="submit" value="<?=_("Submit CSR")?>">
+ <input type="submit" name="submit" value="<?php echo _("Submit CSR")?>">
<input type="hidden" name="oldid" value="17">
</form>
diff --git a/pages/account/18.php b/pages/account/18.php
index ca0a3c8..0ecffb4 100644
--- a/pages/account/18.php
+++ b/pages/account/18.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -23,23 +23,23 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="9" class="title"><?=_("Organisation Client Certificates")?> </td>
+ <td colspan="9" class="title"><?php echo _("Organisation Client Certificates")?> </td>
</tr>
<tr>
- <td colspan="9" class="title"><?=_("Filter/Sorting")?></td>
+ <td colspan="9" class="title"><?php echo _("Filter/Sorting")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Organisation")?></td>
+ <td class="DataTD"><?php echo _("Organisation")?></td>
<td colspan="8" class="DataTD" >
<select name="orgfilterid">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $orgfilterid ? " selected" : "" ,_("All")) ?>
-<? $query = "select `orginfo`.`O`, `orginfo`.`id`
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $orgfilterid ? " selected" : "" ,_("All")) ?>
+<?php $query = "select `orginfo`.`O`, `orginfo`.`id`
from `org`, `orginfo`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orginfo`.`id` = `org`.`orgid`
ORDER BY `orginfo`.`O` ";
- $reso = mysql_query($query);
- if(mysql_num_rows($reso) >= 1){
- while($row = mysql_fetch_assoc($reso)){
+ $reso = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($reso) >= 1){
+ while($row = mysqli_fetch_assoc($reso)){
printf('<option value="%d"%s>%s</option>',$row['id'], $row['id'] == $orgfilterid ? " selected" : "" , $row['O']);
}
}?>
@@ -47,34 +47,33 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Sorting")?></td>
+ <td class="DataTD"><?php echo _("Sorting")?></td>
<td colspan="8" class="DataTD" >
<select name="sorting">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $sorting ? " selected" : "" ,_("expire date (desc)")) ?>
- <?=sprintf('<option value="%d"%s>%s</option>',1, 1 == $sorting ? " selected" : "" ,_("OU, expire date (desc)")) ?>
- <?=sprintf('<option value="%d"%s>%s</option>',2, 2 == $sorting ? " selected" : "" ,_("Common name, expire date (desc)")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $sorting ? " selected" : "" ,_("expire date (desc)")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',1, 1 == $sorting ? " selected" : "" ,_("OU, expire date (desc)")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',2, 2 == $sorting ? " selected" : "" ,_("Common name, expire date (desc)")) ?>
</select>
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Certificate status")?></td>
+ <td class="DataTD"><?php echo _("Certificate status")?></td>
<td colspan="8" class="DataTD" >
<select name="status">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $status ? " selected" : "" ,_("Current/Active")) ?>
- <?=sprintf('<option value="%d"%s>%s</option>',1, 1 == $status ? " selected" : "" ,_("All")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $status ? " selected" : "" ,_("Current/Active")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',1, 1 == $status ? " selected" : "" ,_("All")) ?>
</select>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="9"><input type="submit" name="reset" value="<?=_("Reset")?>" />&nbsp;&nbsp;&nbsp;&nbsp;
- <input type="submit" name="filter" value="<?=_("Apply filter/sort")?>" /></td>
+ <td class="DataTD" colspan="9"><input type="submit" name="reset" value="<?php echo _("Reset")?>" />&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" name="filter" value="<?php echo _("Apply filter/sort")?>" /></td>
</tr>
<tr>
<td colspan="9" class="DataTD"> </td>
</tr>
-<?
- $query = "select UNIX_TIMESTAMP(`oemail`.`created`) as `created`,
+<?php $query = "select UNIX_TIMESTAMP(`oemail`.`created`) as `created`,
UNIX_TIMESTAMP(`oemail`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
`oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
@@ -106,17 +105,17 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
$query .= "ORDER BY `orginfo`.`O`, `oemail`.`CN`, `modified` desc";
break;
}
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="9" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="9" class="DataTD"><?php echo _("No client certificates are currently listed.")?></td>
</tr>
-<? } else {
+<?php } else {
$orgname='';
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
if ($row['O']<>$orgname) {
$orgname=$row['O'];?>
@@ -124,20 +123,19 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
<td colspan="9" class="title"></td>
</tr>
<tr>
- <td colspan="9" class="title"><? printf(_("Certificates for %s"), $orgname)?> </td>
+ <td colspan="9" class="title"><?php printf(_("Certificates for %s"), $orgname)?> </td>
</tr>
<tr>
- <td class="DataTD"><?=_("OU/Department")?></td>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+ <td class="DataTD"><?php echo _("OU/Department")?></td>
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("CommonName")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
</tr>
- <?
- }
+ <?php }
if($row['timeleft'] > 0)
$verified = _("Valid");
if($row['timeleft'] < 0)
@@ -150,42 +148,42 @@ $status = array_key_exists('status',$_SESSION['_config']) ? intval($_SESSION['_c
$row['revoke'] = _("Not Revoked");
?>
<tr>
- <td class="DataTD"><?=$row['ou']?></td>
- <? if($verified == _("Valid") || $verified == _("Expired")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
-<? } else if($verified == _("Pending")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><?=$row['CN']?></td>
-<? } else { ?>
+ <td class="DataTD"><?php echo $row['ou']?></td>
+ <?php if($verified == _("Valid") || $verified == _("Expired")) { ?>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?php echo $row['id']?>"></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="account.php?id=19&cert=<?php echo $row['id']?>"><?php echo $row['CN']?></a></td>
+<?php } else if($verified == _("Pending")) { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo $row['id']?>"></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><?php echo $row['CN']?></td>
+<?php } else { ?>
<td class="DataTD">&nbsp;</td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
-<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expires']?></td>
- <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="account.php?id=19&cert=<?php echo $row['id']?>"><?php echo $row['CN']?></a></td>
+<?php } ?>
+ <td class="DataTD"><?php echo $row['serial']?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
+ <td class="DataTD"><?php echo $row['expires']?></td>
+ <td class="DataTD"><input name="comment_<?php echo $row['id']?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?php echo $row['id']?>" /></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
<td class="DataTD" colspan="9">
- <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ <?php echo _('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
- <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?php echo _("Renew")?>">&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?php echo _("Revoke/Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?php echo _("Change settings")?>"> </td>
</tr>
<tr>
- <td class="DataTD" colspan="9"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+ <td class="DataTD" colspan="9"><?php echo _("From here you can delete pending requests, or revoke valid certificates.")?></td>
</tr>
-<? } ?>
+<?php } ?>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
-</form> \ No newline at end of file
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('clicerchange')?>" />
+</form>
diff --git a/pages/account/19.php b/pages/account/19.php
index d7259f3..9b87d6c 100644
--- a/pages/account/19.php
+++ b/pages/account/19.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,21 +15,20 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
+<?php $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
$query = "select * from `orgemailcerts`,`org` where `orgemailcerts`.`id`='".intval($certid)."' and
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
showheader(_("My CAcert.org Account!"));
echo _("No such certificate attached to your account.");
showfooter();
exit;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$crtname=escapeshellarg($row['crt_name']);
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
@@ -59,15 +58,15 @@
} else {
showheader(_("My CAcert.org Account!"));
?>
-<h3><?=_("Installing your certificate")?></h3>
+<h3><?php echo _("Installing your certificate")?></h3>
-<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
+<p><?php echo _("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
<OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
+<?php echo _("You must enable ActiveX for this to work.")?>
</OBJECT>
<FORM >
-<INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
+<INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?php echo _("Install Your Certificate")?>">
</FORM>
</P>
@@ -75,8 +74,7 @@
<SCRIPT LANGUAGE=VBS>
Sub CertInst_OnClick
certchain = _
-<?
- $lines = explode("\n", $cert);
+<?php $lines = explode("\n", $cert);
if(is_array($lines))
foreach($lines as $line)
{
@@ -102,18 +100,18 @@
err.clear
cec.acceptPKCS7(certchain)
if err.number <> 0 then
- errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
+ errorMsg = "<?php echo _("Certificate installation failed!")?>" & chr(13) & chr(10) & _
"(Error code " & err.number & ")"
- msgRes = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
+ msgRes = MsgBox(errorMsg, 0, "<?php echo _("Certificate Installation Error")?>")
else
- okMsg = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
+ okMsg = "<?php echo _("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
"See Tools->Internet Options->Content->Certificates"
- msgRes = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
+ msgRes = MsgBox(okMsg, 0, "<?php echo _("Certificate Installation Complete!")?>")
end if
End Sub
</SCRIPT>
-<?
+<?php
showfooter();
exit;
}
diff --git a/pages/account/2.php b/pages/account/2.php
index 36421f9..f6a99ea 100644
--- a/pages/account/2.php
+++ b/pages/account/2.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,18 +18,17 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="4" class="title"><?=_("Email Accounts")?></td>
+ <td colspan="4" class="title"><?php echo _("Email Accounts")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Default")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Delete")?></td>
- <td class="DataTD"><?=_("Address")?></td>
+ <td class="DataTD"><?php echo _("Default")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Delete")?></td>
+ <td class="DataTD"><?php echo _("Address")?></td>
-<?
- $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
if($row['hash'] == "")
$verified = _("Verified");
@@ -37,25 +36,25 @@
$verified = _("Unverified");
?>
<tr>
- <td class="DataTD"><? if($row['hash'] == "") { ?><input type="radio" name="emailid" value="<?=$row['id']?>"
- <? if($row['email'] == $_SESSION['profile']['email']) echo " checked"; ?>><? } else { echo "&nbsp;"; } ?></td>
- <td class="DataTD"><?=$verified?></td>
-<? if($row['email'] == $_SESSION['profile']['email']) { ?>
- <td class="DataTD"><?=_("N/A")?></td>
-<? } else { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
-<? } ?>
- <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
+ <td class="DataTD"><?php if($row['hash'] == "") { ?><input type="radio" name="emailid" value="<?php echo $row['id']?>"
+ <?php if($row['email'] == $_SESSION['profile']['email']) echo " checked"; ?>><?php } else { echo "&nbsp;"; } ?></td>
+ <td class="DataTD"><?php echo $verified?></td>
+<?php if($row['email'] == $_SESSION['profile']['email']) { ?>
+ <td class="DataTD"><?php echo _("N/A")?></td>
+<?php } else { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo $row['id']?>"></td>
+<?php } ?>
+ <td class="DataTD"><?php echo sanitizeHTML($row['email'])?></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?=_("Make Default")?>"></td>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?php echo _("Make Default")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Delete")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('chgdef')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('chgdef')?>" />
</form>
<p>
-<?=_("Please Note: You can not set an unverified account as a default account, and you can not remove a default account. To remove the default account you must set another verified account as the default.")?>
+<?php echo _("Please Note: You can not set an unverified account as a default account, and you can not remove a default account. To remove the default account you must set another verified account as the default.")?>
</p>
diff --git a/pages/account/20.php b/pages/account/20.php
index 89bbc30..42cfc42 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,60 +17,58 @@
*/
include_once("../includes/shutdown.php");
?>
-<h3><?=_("CAcert Certificate Acceptable Use Policy")?></h3>
-<p><?=_("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
+<h3><?php echo _("CAcert Certificate Acceptable Use Policy")?></h3>
+<p><?php echo _("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
-<p><?=_("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
+<p><?php echo _("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
-<p><?=_("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/policy/">http://www.cacert.org/policy/</a></p>
+<p><?php echo _("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/policy/">http://www.cacert.org/policy/</a></p>
-<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
+<p><?php echo _("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
<form method="post" action="account.php">
-<p><label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+<p><label for="description"><?php echo _("Optional comment, only used in the certificate overview")?></label><br />
<input type="text" id="description" name="description" maxlength="80" size="80" />
</p>
-<p><label for="CSR"><?=_("Paste your CSR (Certificate Signing Request) below...")?></label><br />
+<p><label for="CSR"><?php echo _("Paste your CSR (Certificate Signing Request) below...")?></label><br />
<textarea id="CSR" name="CSR" cols="80" rows="15"></textarea>
</p>
<fieldset>
<legend>
<input type="checkbox" id="expertbox" onchange="showExpert(this.checked)" style="display:none" />
- <label for="expertbox"><?=_("Advanced Options")?></label>
+ <label for="expertbox"><?php echo _("Advanced Options")?></label>
</legend>
<div id="advanced_options">
<ul class="no_indent">
<li>
<input type="radio" id="root1" name="rootcert" value="1" />
- <label for="root1"><?=_("Sign by class 1 root certificate")?></label>
+ <label for="root1"><?php echo _("Sign by class 1 root certificate")?></label>
</li>
<li>
<input type="radio" id="root2" name="rootcert" value="2" checked="checked" />
- <label for="root2"><?=_("Sign by class 3 root certificate")?></label>
+ <label for="root2"><?php echo _("Sign by class 3 root certificate")?></label>
</li>
</ul>
-<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
+<p><?php echo _("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
-<p class="attach_ul"><?=_("Hash algorithm used when signing the certificate:")?></p>
+<p class="attach_ul"><?php echo _("Hash algorithm used when signing the certificate:")?></p>
<ul class="no_indent">
-<?
-foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+<?php foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
?>
<li>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
- <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label>
+ <input type="radio" id="hash_alg_<?php echo $algorithm?>" name="hash_alg" value="<?php echo $algorithm?>" <?php echo (HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?php echo $algorithm?>"><?php echo $display_info['name']?><?php echo $display_info['info']?' - '.$display_info['info']:''?></label>
</li>
-<?
-}
+<?php }
?>
</ul>
</div>
</fieldset>
-<input type="submit" name="process" value="<?=_("Submit")?>" />
-<input type="hidden" name="oldid" value="<?=$id?>" />
+<input type="submit" name="process" value="<?php echo _("Submit")?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
</form>
<script language="javascript">
diff --git a/pages/account/21.php b/pages/account/21.php
index c5832b9..eed4b6a 100644
--- a/pages/account/21.php
+++ b/pages/account/21.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -23,12 +23,11 @@ if ($org['id'] <= 0) {
?>
<p>
-<?=_("Please make sure the following details are correct before proceeding ".
+<?php echo _("Please make sure the following details are correct before proceeding ".
"any further.")?>
</p>
-<p><?
-if (is_array($_SESSION['_config']['rows'])) {
+<p><?php if (is_array($_SESSION['_config']['rows'])) {
foreach ($_SESSION['_config']['rows'] as $row) {
echo _("CommonName"), ": $row<br>\n";
}
@@ -49,22 +48,20 @@ echo _("Country"), ": {$org['C']}<br>\n";
<form method="post" action="account.php">
<p>
- <input type="submit" name="process" value="<?=_("Submit")?>">
- <input type="hidden" name="oldid" value="<?=$id?>">
+ <input type="submit" name="process" value="<?php echo _("Submit")?>">
+ <input type="hidden" name="oldid" value="<?php echo $id?>">
</p>
- <?
- if ($_SESSION['profile']['admin'] == 1) {
+ <?php if ($_SESSION['profile']['admin'] == 1) {
?>
<p>
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
<input type="checkbox" name="ocspcert" value="OCSPCert"/>
- <?=_("OCSP certificate")?>
+ <?php echo _("OCSP certificate")?>
</p>
- <?
- }
+ <?php }
?>
</form>
diff --git a/pages/account/22.php b/pages/account/22.php
index 7b7db2d..2f63b2b 100644
--- a/pages/account/22.php
+++ b/pages/account/22.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -23,23 +23,23 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="8" class="title"><?=_("Organisation Server Certificates")?> </td>
+ <td colspan="8" class="title"><?php echo _("Organisation Server Certificates")?> </td>
</tr>
<tr>
- <td colspan="8" class="title"><?=_("Filter/Sorting")?></td>
+ <td colspan="8" class="title"><?php echo _("Filter/Sorting")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Organisation")?></td>
+ <td class="DataTD"><?php echo _("Organisation")?></td>
<td colspan="7" class="DataTD" >
<select name="dorgfilterid">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $orgfilterid ? " selected" : "" ,_("All")) ?>
-<? $query = "select `orginfo`.`O`, `orginfo`.`id`
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $orgfilterid ? " selected" : "" ,_("All")) ?>
+<?php $query = "select `orginfo`.`O`, `orginfo`.`id`
from `org`, `orginfo`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orginfo`.`id` = `org`.`orgid`
ORDER BY `orginfo`.`O` ";
- $reso = mysql_query($query);
- if(mysql_num_rows($reso) >= 1){
- while($row = mysql_fetch_assoc($reso)){
+ $reso = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($reso) >= 1){
+ while($row = mysqli_fetch_assoc($reso)){
printf('<option value="%d"%s>%s</option>',$row['id'], $row['id'] == $orgfilterid ? " selected" : "" , $row['O']);
}
}?>
@@ -47,34 +47,33 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Sorting")?></td>
+ <td class="DataTD"><?php echo _("Sorting")?></td>
<td colspan="7" class="DataTD" >
<select name="dsorting">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $sorting ? " selected" : "" ,_("expire date (desc)")) ?>
- <?=sprintf('<option value="%d"%s>%s</option>',1, 1 == $sorting ? " selected" : "" ,_("Common name, expire date (desc)")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $sorting ? " selected" : "" ,_("expire date (desc)")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',1, 1 == $sorting ? " selected" : "" ,_("Common name, expire date (desc)")) ?>
</select>
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Certificate status")?></td>
+ <td class="DataTD"><?php echo _("Certificate status")?></td>
<td colspan="7" class="DataTD" >
<select name="dstatus">
- <?=sprintf('<option value="%d"%s>%s</option>',0, 0 == $status ? " selected" : "" ,_("Current/Active")) ?>
- <?=sprintf('<option value="%d"%s>%s</option>',1, 1 == $status ? " selected" : "" ,_("All")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',0, 0 == $status ? " selected" : "" ,_("Current/Active")) ?>
+ <?php echo sprintf('<option value="%d"%s>%s</option>',1, 1 == $status ? " selected" : "" ,_("All")) ?>
</select>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="8"><input type="submit" name="reset" value="<?=_("Reset")?>" />&nbsp;&nbsp;&nbsp;&nbsp;
- <input type="submit" name="filter" value="<?=_("Apply filter/sort")?>" /></td>
+ <td class="DataTD" colspan="8"><input type="submit" name="reset" value="<?php echo _("Reset")?>" />&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" name="filter" value="<?php echo _("Apply filter/sort")?>" /></td>
</tr>
<tr>
<td colspan="9" class="DataTD"> </td>
</tr>
-<?
- $query = "select UNIX_TIMESTAMP(`orgdomaincerts`.`created`) as `created`,
+<?php $query = "select UNIX_TIMESTAMP(`orgdomaincerts`.`created`) as `created`,
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired`,
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
@@ -109,16 +108,16 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
//echo $query."<br>\n";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="8" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="8" class="DataTD"><?php echo _("No domains are currently listed.")?></td>
</tr>
-<? } else {
+<?php } else {
$orgname='';
- while($row = mysql_fetch_assoc($res))
+ while($row = mysqli_fetch_assoc($res))
{
if ($row['O']<>$orgname) {
$orgname=$row['O'];?>
@@ -126,19 +125,18 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
<td colspan="9" class="title"></td>
</tr>
<tr>
- <td colspan="9" class="title"><? printf(_("Certificates for %s"), $orgname)?> </td>
+ <td colspan="9" class="title"><?php printf(_("Certificates for %s"), $orgname)?> </td>
</tr>
<tr>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("CommonName")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
</tr>
- <?
- }
+ <?php }
if($row['timeleft'] > 0)
$verified = _("Valid");
if($row['timeleft'] < 0)
@@ -151,38 +149,38 @@ $status = array_key_exists('dstatus',$_SESSION['_config']) ? intval($_SESSION['_
$row['revoke'] = _("Not Revoked");
?>
<tr>
-<? if($verified == _("Valid") || $verified == _("Expired")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"></td>
-<? } else if($verified == _("Pending")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"></td>
-<? } else { ?>
+<?php if($verified == _("Valid") || $verified == _("Expired")) { ?>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?php echo $row['id']?>"></td>
+<?php } else if($verified == _("Pending")) { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo $row['id']?>"></td>
+<?php } else { ?>
<td class="DataTD">&nbsp;</td>
-<? } ?>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expires']?></td>
- <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
+<?php } ?>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="account.php?id=23&cert=<?php echo $row['id']?>"><?php echo $row['CN']?></a></td>
+ <td class="DataTD"><?php echo $row['serial']?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
+ <td class="DataTD"><?php echo $row['expires']?></td>
+ <td class="DataTD"><input name="comment_<?php echo $row['id']?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?php echo $row['id']?>" /></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
<td class="DataTD" colspan="8">
- <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ <?php echo _('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
- <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
+ <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?php echo _("Renew")?>" />&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?php echo _("Revoke/Delete")?>" /></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?php echo _("Change settings")?>" /> </td>
</tr>
<tr>
- <td class="DataTD" colspan="9"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+ <td class="DataTD" colspan="9"><?php echo _("From here you can delete pending requests, or revoke valid certificates.")?></td>
</tr>
-<? } ?>
+<?php } ?>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>" />
-<input type="hidden" name="csrf" value="<?=make_csrf('orgsrvcerchange')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
+<input type="hidden" name="csrf" value="<?php echo make_csrf('orgsrvcerchange')?>" />
</form>
diff --git a/pages/account/23.php b/pages/account/23.php
index 4255b47..08b18d1 100644
--- a/pages/account/23.php
+++ b/pages/account/23.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,24 +15,23 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
+<?php $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
$query = "select * from `orgdomaincerts`,`org` where `orgdomaincerts`.`id`='$certid' and
`org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgdomaincerts`.`orgid`";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
echo _("No such certificate attached to your account.");
showfooter();
exit;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$crtname=escapeshellarg($row['crt_name']);
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
?>
-<h3><?=_("Below is your Server Certificate")?></h3>
+<h3><?php echo _("Below is your Server Certificate")?></h3>
<pre>
-<?=$cert?>
+<?php echo $cert?>
</pre>
diff --git a/pages/account/24.php b/pages/account/24.php
index 14a47c0..fe5b485 100644
--- a/pages/account/24.php
+++ b/pages/account/24.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,8 +15,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- // Reset session variables regarding Org's, present empty form
+<?php // Reset session variables regarding Org's, present empty form
if (array_key_exists('O',$_SESSION['_config'])) $_SESSION['_config']['O'] = "";
if (array_key_exists('contact',$_SESSION['_config'])) $_SESSION['_config']['contact'] = "";
if (array_key_exists('L',$_SESSION['_config'])) $_SESSION['_config']['L'] = "";
@@ -28,26 +27,26 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("New Organisation")?></td>
+ <td colspan="2" class="title"><?php echo _("New Organisation")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Organisation Name")?>:</td>
+ <td class="DataTD"><?php echo _("Organisation Name")?>:</td>
<td class="DataTD"><input type="text" name="O" value="" maxlength="50" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Contact Email")?>:</td>
+ <td class="DataTD"><?php echo _("Contact Email")?>:</td>
<td class="DataTD"><input type="text" name="contact" value="" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Town/Suburb")?>:</td>
+ <td class="DataTD"><?php echo _("Town/Suburb")?>:</td>
<td class="DataTD"><input type="text" name="L" value="" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("State/Province")?>:</td>
+ <td class="DataTD"><?php echo _("State/Province")?>:</td>
<td class="DataTD"><input type="text" name="ST" value="" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Country")?>:</td>
+ <td class="DataTD"><?php echo _("Country")?>:</td>
<td class="DataTD"><input type="text" name="C" value="" size="5">
<?php printf(_('(2 letter %s ISO code %s )'),
'<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
@@ -55,12 +54,12 @@
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Comments")?>:</td>
+ <td class="DataTD"><?php echo _("Comments")?>:</td>
<td class="DataTD"><textarea name="comments" cols="60" rows="10"></textarea></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Next")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/25.php b/pages/account/25.php
index a70f608..19279ad 100644
--- a/pages/account/25.php
+++ b/pages/account/25.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,26 +17,25 @@
*/ ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="700">
<tr>
- <td colspan="5" class="title"><?=_("Organisations")?></td>
+ <td colspan="5" class="title"><?php echo _("Organisations")?></td>
</tr>
<tr>
- <td colspan="5" class="title"><?=_("Order by:")?>
- <a href="account.php?id=25"><?=_("Id")?></a> -
- <a href="account.php?id=25&amp;ord=1"><?=_("Country")?></a> -
- <a href="account.php?id=25&amp;ord=2"><?=_("Name")?></a>
+ <td colspan="5" class="title"><?php echo _("Order by:")?>
+ <a href="account.php?id=25"><?php echo _("Id")?></a> -
+ <a href="account.php?id=25&amp;ord=1"><?php echo _("Country")?></a> -
+ <a href="account.php?id=25&amp;ord=2"><?php echo _("Name")?></a>
</td>
</tr>
<tr>
- <td class="DataTD" width="350"><?=_("Organisation")?></td>
- <td class="DataTD"><?=_("Domains")?></td>
- <td class="DataTD"><?=_("Admins")?></td>
- <td class="DataTD"><?=_("Edit")?></td>
- <td class="DataTD"><?=_("Delete")?></td>
+ <td class="DataTD" width="350"><?php echo _("Organisation")?></td>
+ <td class="DataTD"><?php echo _("Domains")?></td>
+ <td class="DataTD"><?php echo _("Admins")?></td>
+ <td class="DataTD"><?php echo _("Edit")?></td>
+ <td class="DataTD"><?php echo _("Delete")?></td>
</tr>
-<?
- $order = 0;
+<?php $order = 0;
if (array_key_exists('ord',$_REQUEST)) {
$order = intval($_REQUEST['ord']);
}
@@ -54,23 +53,23 @@
// Safe because $order_by only contains fixed strings
$query = sprintf("select * from `orginfo` ORDER BY %s", $order_by);
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
- $r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
- $admincount = mysql_num_rows($r2);
- $r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
- $domcount = mysql_num_rows($r2);
+ $r2 = mysqli_query($_SESSION['mconn'], "select * from `org` where `orgid`='".intval($row['id'])."'");
+ $admincount = mysqli_num_rows($r2);
+ $r2 = mysqli_query($_SESSION['mconn'], "select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
+ $domcount = mysqli_num_rows($r2);
?>
<tr>
- <td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td>
- <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
- <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
- <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td>
- <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td>
- <? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
- <td class="DataTD"><?=sanitizeHTML($row['comments'])?></td>
- <? } ?>
+ <td class="DataTD"><?php echo htmlspecialchars($row['O'])?>, <?php echo htmlspecialchars($row['ST'])?> <?php echo htmlspecialchars($row['C'])?></td>
+ <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?php echo intval($row['id'])?>"><?php echo _("Domains")?> (<?php echo $domcount?>)</a></td>
+ <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?php echo $row['id']?>"><?php echo _("Admins")?> (<?php echo $admincount?>)</a></td>
+ <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?php echo $row['id']?>"><?php echo _("Edit")?></a></td>
+ <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?php echo $row['id']?>"><?php echo _("Delete")?></a></td>
+ <?php if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
+ <td class="DataTD"><?php echo sanitizeHTML($row['comments'])?></td>
+ <?php } ?>
</tr>
-<? } ?>
+<?php } ?>
</table>
diff --git a/pages/account/26.php b/pages/account/26.php
index f8b195d..b60bcc2 100644
--- a/pages/account/26.php
+++ b/pages/account/26.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,28 +15,26 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="3" class="title"><? printf(_("%s's Domains"), $row['O']); ?> (<a href="account.php?id=28&amp;orgid=<?=intval($row['id'])?>"><?=_("Add")?></a>)</td>
+ <td colspan="3" class="title"><?php printf(_("%s's Domains"), $row['O']); ?> (<a href="account.php?id=28&amp;orgid=<?php echo intval($row['id'])?>"><?php echo _("Add")?></a>)</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Domain")?></td>
- <td class="DataTD"><?=_("Edit")?></td>
- <td class="DataTD"><?=_("Delete")?></td>
+ <td class="DataTD"><?php echo _("Domain")?></td>
+ <td class="DataTD"><?php echo _("Edit")?></td>
+ <td class="DataTD"><?php echo _("Delete")?></td>
</tr>
-<?
- $query = "select * from `orgdomains` where `orgid`='".intval($_REQUEST['orgid'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `orgdomains` where `orgid`='".intval($_REQUEST['orgid'])."'";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{ ?>
<tr>
- <td class="DataTD"><?=sanitizeHTML($row['domain'])?></a></td>
- <td class="DataTD"><a href="account.php?id=29&amp;orgid=<?=intval($row['orgid'])?>&amp;domid=<?=intval($row['id'])?>"><?=_("Edit")?></a></td>
- <td class="DataTD"><a href="account.php?id=30&amp;orgid=<?=intval($row['orgid'])?>&amp;domid=<?=intval($row['id'])?>"><?=_("Delete")?></a></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['domain'])?></a></td>
+ <td class="DataTD"><a href="account.php?id=29&amp;orgid=<?php echo intval($row['orgid'])?>&amp;domid=<?php echo intval($row['id'])?>"><?php echo _("Edit")?></a></td>
+ <td class="DataTD"><a href="account.php?id=30&amp;orgid=<?php echo intval($row['orgid'])?>&amp;domid=<?php echo intval($row['id'])?>"><?php echo _("Delete")?></a></td>
</tr>
-<? } ?>
+<?php } ?>
</table>
diff --git a/pages/account/27.php b/pages/account/27.php
index a1086d4..a2abc40 100644
--- a/pages/account/27.php
+++ b/pages/account/27.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,47 +15,47 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $row = mysql_fetch_assoc(mysql_query("select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"));
+<?php $row = mysql_fetch_assoc(mysql_query("select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"));
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Edit Organisation")?></td>
+ <td colspan="2" class="title"><?php echo _("Edit Organisation")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Organisation Name")?>:</td>
- <td class="DataTD"><input type="text" name="O" value="<?=$row['O']?>" size="90"></td>
+ <td class="DataTD"><?php echo _("Organisation Name")?>:</td>
+ <td class="DataTD"><input type="text" name="O" value="<?php echo $row['O']?>" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Contact Email")?>:</td>
- <td class="DataTD"><input type="text" name="contact" value="<?=($row['contact'])?>" size="90"></td>
+ <td class="DataTD"><?php echo _("Contact Email")?>:</td>
+ <td class="DataTD"><input type="text" name="contact" value="<?php echo ($row['contact'])?>" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Town/Suburb")?>:</td>
- <td class="DataTD"><input type="text" name="L" value="<?=($row['L'])?>" size="90"></td>
+ <td class="DataTD"><?php echo _("Town/Suburb")?>:</td>
+ <td class="DataTD"><input type="text" name="L" value="<?php echo ($row['L'])?>" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("State/Province")?>:</td>
- <td class="DataTD"><input type="text" name="ST" value="<?=($row['ST'])?>" size="90"></td>
+ <td class="DataTD"><?php echo _("State/Province")?>:</td>
+ <td class="DataTD"><input type="text" name="ST" value="<?php echo ($row['ST'])?>" size="90"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Country")?>:</td>
- <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>" size="5">
+ <td class="DataTD"><?php echo _("Country")?>:</td>
+ <td class="DataTD"><input type="text" name="C" value="<?php echo ($row['C'])?>" size="5">
<?php printf(_('(2 letter %s ISO code %s )'),
'<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">',
'</a>')?>
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Comments")?>:</td>
- <td class="DataTD"><textarea name="comments" cols=60 rows=10><?=($row['comments'])?></textarea></td>
+ <td class="DataTD"><?php echo _("Comments")?>:</td>
+ <td class="DataTD"><textarea name="comments" cols=60 rows=10><?php echo ($row['comments'])?></textarea></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('orgdetchange')?>" />
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('orgdetchange')?>" />
</form>
diff --git a/pages/account/28.php b/pages/account/28.php
index 1212f9c..9fb5ae1 100644
--- a/pages/account/28.php
+++ b/pages/account/28.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,24 +15,23 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("New Domain for %s"), sanitizeHTML($row['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("New Domain for %s"), sanitizeHTML($row['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><input type="text" name="domainname" value="<?=array_key_exists('domain',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['domain']):""?>"></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><input type="text" name="domainname" value="<?php echo array_key_exists('domain',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['domain']):""?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Add")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
</form>
diff --git a/pages/account/29.php b/pages/account/29.php
index 4229b3b..cd6b0b7 100644
--- a/pages/account/29.php
+++ b/pages/account/29.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,32 +15,31 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $org = mysql_fetch_assoc(mysql_query($query));
+ $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$_SESSION['_config']['domain'] = $row['domain'];
?>
-<h3><?=_("Warning!")?></h3>
-<p><?=_("Hitting update will also revoke all existing certificates issued under this domain")?></p>
+<h3><?php echo _("Warning!")?></h3>
+<p><?php echo _("Hitting update will also revoke all existing certificates issued under this domain")?></p>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("Update Domain for %s"), ($org['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("Update Domain for %s"), ($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><input type="text" name="domainname" value="<?=sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><input type="text" name="domainname" value="<?php echo sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
- <td class="DataTD"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD"><input type="submit" name="cancel" value="<?php echo _("Cancel")?>"></td>
+ <td class="DataTD"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
-<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domid" value="<?php echo intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/3.php b/pages/account/3.php
index cd62ce0..f222971 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,35 +17,34 @@
*/
include_once("../includes/shutdown.php");
?>
-<h3><?=_("CAcert Certificate Acceptable Use Policy")?></h3>
-<p><?=_("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
+<h3><?php echo _("CAcert Certificate Acceptable Use Policy")?></h3>
+<p><?php echo _("Once you decide to subscribe for an SSL Server Certificate you will need to complete this agreement. Please read it carefully. Your Certificate Request can only be processed with your acceptance and understanding of this agreement.")?></p>
-<p><?=_("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
+<p><?php echo _("I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to CAcert Inc. to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.")?></p>
-<p><?=_("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/cps.php">http://www.cacert.org/cps.php</a></p>
+<p><?php echo _("CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with CAcert Inc.'s CPS and supporting documentation published at")?> <a href="http://www.cacert.org/cps.php">http://www.cacert.org/cps.php</a></p>
-<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
+<p><?php echo _("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("New Client Certificate")?></td>
+ <td colspan="2" class="title"><?php echo _("New Client Certificate")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Add")?></td>
- <td class="DataTD"><?=_("Address")?></td>
+ <td class="DataTD"><?php echo _("Add")?></td>
+ <td class="DataTD"><?php echo _("Address")?></td>
</tr>
-<?
- $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{ ?>
<tr>
- <td class="DataTD"><input type="checkbox" id="addid<?=intval($row['id'])?>" name="addid[]" value="<?=intval($row['id'])?>"></td>
- <td class="DataTD" align="left"><label for="addid<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></label></td>
+ <td class="DataTD"><input type="checkbox" id="addid<?php echo intval($row['id'])?>" name="addid[]" value="<?php echo intval($row['id'])?>"></td>
+ <td class="DataTD" align="left"><label for="addid<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></label></td>
</tr>
-<? }
+<?php }
if($_SESSION['profile']['points'] >= 50)
{
$fname = $_SESSION['profile']['fname'];
@@ -56,39 +55,39 @@ if($_SESSION['profile']['points'] >= 50)
<tr>
<td class="DataTD" colspan="2" align="left">
<input type="radio" id="incname0" name="incname" value="0" checked="checked" />
- <label for="incname0"><?=_("No Name")?></label><br />
- <? if($fname && $lname) { ?>
+ <label for="incname0"><?php echo _("No Name")?></label><br />
+ <?php if($fname && $lname) { ?>
<input type="radio" id="incname1" name="incname" value="1" />
- <label for="incname1"><?=_("Include")?> '<?=$fname." ".$lname?>'</label><br />
- <? } ?>
- <? if($fname && $mname && $lname) { ?>
+ <label for="incname1"><?php echo _("Include")?> '<?php echo $fname." ".$lname?>'</label><br />
+ <?php } ?>
+ <?php if($fname && $mname && $lname) { ?>
<input type="radio" id="incname2" name="incname" value="2" />
- <label for="incname2"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'</label><br />
- <? } ?>
- <? if($fname && $lname && $suffix) { ?>
+ <label for="incname2"><?php echo _("Include")?> '<?php echo $fname." ".$mname." ".$lname?>'</label><br />
+ <?php } ?>
+ <?php if($fname && $lname && $suffix) { ?>
<input type="radio" id="incname3" name="incname" value="3" />
- <label for="incname3"><?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'</label><br />
- <? } ?>
- <? if($fname && $mname && $lname && $suffix) { ?>
+ <label for="incname3"><?php echo _("Include")?> '<?php echo $fname." ".$lname." ".$suffix?>'</label><br />
+ <?php } ?>
+ <?php if($fname && $mname && $lname && $suffix) { ?>
<input type="radio" id="incname4" name="incname" value="4" />
- <label for="incname4"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'</label><br />
- <? } ?>
+ <label for="incname4"><?php echo _("Include")?> '<?php echo $fname." ".$mname." ".$lname." ".$suffix?>'</label><br />
+ <?php } ?>
</td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
<td class="DataTD">
<input type="checkbox" id="login" name="login" value="1" checked="checked" />
</td>
<td class="DataTD" align="left">
- <label for="login"><?=_("Enable certificate login with this certificate")?><br />
- <?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?></label>
+ <label for="login"><?php echo _("Enable certificate login with this certificate")?><br />
+ <?php echo _("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?></label>
</td>
</tr>
<tr>
<td class="DataTD" colspan="2" align="left">
- <label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
+ <label for="description"><?php echo _("Optional comment, only used in the certificate overview")?></label><br />
<input type="text" id="description" name="description" maxlength="100" size="100" />
</td>
</tr>
@@ -98,63 +97,60 @@ if($_SESSION['profile']['points'] >= 50)
<input type="checkbox" id="expertbox" name="expertbox" onchange="showExpert(this.checked)" />
</td>
<td class="DataTD" align="left">
- <label for="expertbox"><?=_("Show advanced options")?></label>
+ <label for="expertbox"><?php echo _("Show advanced options")?></label>
</td>
</tr>
-<?
-if($_SESSION['profile']['points'] >= 50)
+<?php if($_SESSION['profile']['points'] >= 50)
{
?>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
- <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?=_("Sign by class 3 root certificate")?></label><br />
- <?=str_replace("\n", "<br />\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 125))?>
+ <input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?php echo _("Sign by class 1 root certificate")?></label><br />
+ <input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?php echo _("Sign by class 3 root certificate")?></label><br />
+ <?php echo str_replace("\n", "<br />\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 125))?>
</td>
</tr>
-<? } ?>
+<?php } ?>
<tr name="expert">
<td class="DataTD" colspan="2" align="left">
- <?=_("Hash algorithm used when signing the certificate:")?><br />
- <?
- foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
+ <?php echo _("Hash algorithm used when signing the certificate:")?><br />
+ <?php foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
?>
- <input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
- <label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
- <?
- }
+ <input type="radio" id="hash_alg_<?php echo $algorithm?>" name="hash_alg" value="<?php echo $algorithm?>" <?php echo (HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
+ <label for="hash_alg_<?php echo $algorithm?>"><?php echo $display_info['name']?><?php echo $display_info['info']?' - '.$display_info['info']:''?></label><br />
+ <?php }
?>
</td>
</tr>
-<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
+<?php if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
<tr name="expert">
<td class="DataTD">
<input type="checkbox" id="codesign" name="codesign" value="1" />
</td>
<td class="DataTD" align="left">
- <label for="codesign"><?=_("Code Signing")?><br />
- <?=_("Please note: By ticking this box you will automatically have your name included in the certificate.")?></label>
+ <label for="codesign"><?php echo _("Code Signing")?><br />
+ <?php echo _("Please note: By ticking this box you will automatically have your name included in the certificate.")?></label>
</td>
</tr>
-<? } ?>
+<?php } ?>
<tr name="expert">
<td class="DataTD">
<input type="checkbox" id="SSO" name="SSO" value="1" />
</td>
<td class="DataTD" align="left">
- <label for="SSO"><?=_("Add Single Sign On ID Information")?><br />
- <?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
- <a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a></label>
+ <label for="SSO"><?php echo _("Add Single Sign On ID Information")?><br />
+ <?php echo str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
+ <a href="http://wiki.cacert.org/wiki/SSO"><?php echo _("SSO WIKI Entry")?></a></label>
</td>
</tr>
<tr name="expert">
<td class="DataTD" colspan="2">
- <label for="optionalCSR"><?=_("Optional Client CSR, no information on the certificate will be used")?></label><br />
+ <label for="optionalCSR"><?php echo _("Optional Client CSR, no information on the certificate will be used")?></label><br />
<textarea id="optionalCSR" name="optionalCSR" cols="80" rows="5"></textarea>
</td>
</tr>
@@ -165,15 +161,15 @@ if($_SESSION['profile']['points'] >= 50)
<input type="checkbox" id="CCA" name="CCA" />
</td>
<td class="DataTD" align="left">
- <label for="CCA"><strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
- <?=_("Please note: You need to accept the CCA to proceed.")?></label>
+ <label for="CCA"><strong><?php echo sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?php echo _("Please note: You need to accept the CCA to proceed.")?></label>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>" /></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Next")?>" /></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
</form>
<script language="javascript">
diff --git a/pages/account/30.php b/pages/account/30.php
index 04ad229..d43abe8 100644
--- a/pages/account/30.php
+++ b/pages/account/30.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,32 +15,31 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $org = mysql_fetch_assoc(mysql_query($query));
+ $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$_SESSION['_config']['domain'] = $row['domain'];
?>
-<h3><?=_("Warning!")?></h3>
-<p><?=_("Hitting delete will also revoke all existing certificates issued under this domain")?></p>
+<h3><?php echo _("Warning!")?></h3>
+<p><?php echo _("Hitting delete will also revoke all existing certificates issued under this domain")?></p>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("Delete Domain for %s"), ($org['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("Delete Domain for %s"), ($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s and all certificates issued under this domain?"), sanitizeHTML($row['domain'])); ?></td>
+ <td class="DataTD" colspan="2"><?php printf(_("Are you really sure you want to remove %s and all certificates issued under this domain?"), sanitizeHTML($row['domain'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
- <input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?php echo _("Cancel")?>">
+ <input type="submit" name="process" value="<?php echo _("Delete")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
-<input type="hidden" name="domain" value="<?=sanitizeHTML($row['domain'])?>">
-<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domain" value="<?php echo sanitizeHTML($row['domain'])?>">
+<input type="hidden" name="domid" value="<?php echo intval($_REQUEST['domid'])?>">
</form>
diff --git a/pages/account/31.php b/pages/account/31.php
index 9f3d27e..3df4400 100644
--- a/pages/account/31.php
+++ b/pages/account/31.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,25 +15,24 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $org = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("Delete Organisation"), ($org['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("Delete Organisation"), ($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s and all certificates issued under this organisation?"), sanitizeHTML($org['O'])); ?></td>
+ <td class="DataTD" colspan="2"><?php printf(_("Are you really sure you want to remove %s and all certificates issued under this organisation?"), sanitizeHTML($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
- <input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?php echo _("Cancel")?>">
+ <input type="submit" name="process" value="<?php echo _("Delete")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
</form>
diff --git a/pages/account/32.php b/pages/account/32.php
index a05c927..4ae3185 100644
--- a/pages/account/32.php
+++ b/pages/account/32.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,38 +15,36 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="500">
<tr>
- <td colspan="5" class="title"><? printf(_("%s's Administrators"), $row['O']); ?> (<a href="account.php?id=33&amp;orgid=<?=$row['id']?>"><?=_("Add")?></a>)</td>
+ <td colspan="5" class="title"><?php printf(_("%s's Administrators"), $row['O']); ?> (<a href="account.php?id=33&amp;orgid=<?php echo $row['id']?>"><?php echo _("Add")?></a>)</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Administrator")?></td>
- <td class="DataTD"><?=_("Master Account")?></td>
- <td class="DataTD"><?=_("Department")?></td>
- <td class="DataTD"><?=_("Comments")?></td>
- <td class="DataTD"><?=_("Delete")?></td>
+ <td class="DataTD"><?php echo _("Administrator")?></td>
+ <td class="DataTD"><?php echo _("Master Account")?></td>
+ <td class="DataTD"><?php echo _("Department")?></td>
+ <td class="DataTD"><?php echo _("Comments")?></td>
+ <td class="DataTD"><?php echo _("Delete")?></td>
</tr>
-<?
- $query = "select * from `org` where `orgid`='".intval($_REQUEST['orgid'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `org` where `orgid`='".intval($_REQUEST['orgid'])."'";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['memid'])."'"));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($row['memid'])."'"));
?>
<tr>
- <td class="DataTD"><a href='mailto:<?=sanitizeHTML($user['email'])?>'><?=sanitizeHTML($user['fname'])?> <?=sanitizeHTML($user['lname'])?></a></td>
- <td class="DataTD"><?=($row['masteracc'])?></a></td>
- <td class="DataTD"><?=sanitizeHTML($row['OU'])?></a></td>
- <td class="DataTD"><?=sanitizeHTML($row['comments'])?></a></td>
-<? if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
- <td class="DataTD"><a href="account.php?id=34&amp;orgid=<?=$row['orgid']?>&amp;memid=<?=$row['memid']?>"><?=_("Delete")?></a></td>
-<? } else { ?>
+ <td class="DataTD"><a href='mailto:<?php echo sanitizeHTML($user['email'])?>'><?php echo sanitizeHTML($user['fname'])?> <?php echo sanitizeHTML($user['lname'])?></a></td>
+ <td class="DataTD"><?php echo ($row['masteracc'])?></a></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['OU'])?></a></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['comments'])?></a></td>
+<?php if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+ <td class="DataTD"><a href="account.php?id=34&amp;orgid=<?php echo $row['orgid']?>&amp;memid=<?php echo $row['memid']?>"><?php echo _("Delete")?></a></td>
+<?php } else { ?>
<td class="DataTD">N/A</td>
-<? } ?>
+<?php } ?>
</tr>
-<? } ?>
+<?php } ?>
</table>
diff --git a/pages/account/33.php b/pages/account/33.php
index 9e2f67a..3769372 100644
--- a/pages/account/33.php
+++ b/pages/account/33.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,9 +15,8 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
// Reset session variables regarding OrgAdmin's, present empty form
if (array_key_exists('email',$_SESSION['_config'])) $_SESSION['_config']['email']="";
@@ -27,36 +26,36 @@
?>
<form method="post" action="account.php">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("New Admin for %s"), ($row['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("New Admin for %s"), ($row['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
+ <td class="DataTD"><?php echo _("Email")?>:</td>
<td class="DataTD"><input type="text" name="email" value=""></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Department")?>:</td>
+ <td class="DataTD"><?php echo _("Department")?>:</td>
<td class="DataTD"><input type="text" name="OU" value=""></td>
</tr>
-<? if($_SESSION['profile']['orgadmin'] == 1) { ?>
+<?php if($_SESSION['profile']['orgadmin'] == 1) { ?>
<tr>
- <td class="DataTD"><?=_("Master Account")?>:</td>
+ <td class="DataTD"><?php echo _("Master Account")?>:</td>
<td class="DataTD"><select name="masteracc">
<option value="0">No</option> // make default option as of SA telco 2011-08-02 on bug 966
<option value="1">Yes</option>
</select></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD"><?=_("Comments")?>:</td>
+ <td class="DataTD"><?php echo _("Comments")?>:</td>
<td class="DataTD"><textarea name="comments" cols="30" rows="5"></textarea></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Add")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('orgadmadd')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('orgadmadd')?>" />
</form>
diff --git a/pages/account/34.php b/pages/account/34.php
index b11bc7d..26d47f9 100644
--- a/pages/account/34.php
+++ b/pages/account/34.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,31 +15,30 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
- $row = mysql_fetch_assoc(mysql_query($query));
+<?php $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
- $org = mysql_fetch_assoc(mysql_query($query));
+ $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$query = "select * from `users` where `id`='".intval($_REQUEST['memid'])."'";
- $user = mysql_fetch_assoc(mysql_query($query));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$_SESSION['_config']['domain'] = $row['domain'];
?>
<form method="post" action="account.php">
-<input type="hidden" name="memid" value="<?=intval($_REQUEST['memid'])?>">
+<input type="hidden" name="memid" value="<?php echo intval($_REQUEST['memid'])?>">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><? printf(_("Delete Admin for %s"), ($org['O'])); ?></td>
+ <td colspan="2" class="title"><?php printf(_("Delete Admin for %s"), ($org['O'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><? printf(_("Are you really sure you want to remove %s from administering this organisation?"), sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])); ?></td>
+ <td class="DataTD" colspan="2"><?php printf(_("Are you really sure you want to remove %s from administering this organisation?"), sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])); ?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("Cancel")?>">
- <input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?php echo _("Cancel")?>">
+ <input type="submit" name="process" value="<?php echo _("Delete")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="orgid" value="<?php echo intval($_REQUEST['orgid'])?>">
</form>
diff --git a/pages/account/35.php b/pages/account/35.php
index 05c7f2b..83b6f77 100644
--- a/pages/account/35.php
+++ b/pages/account/35.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,86 +18,80 @@
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
-<?
-$query = "select *
+<?php $query = "select *
from `orginfo`,`org`
where `orginfo`.`id`=`org`.`orgid`
and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
-$res = mysql_query($query);
-while($row = mysql_fetch_assoc($res))
+$res = mysqli_query($_SESSION['mconn'], $query);
+while($row = mysqli_fetch_assoc($res))
{
?>
<tr>
- <td colspan="3" class="title"><?=_("Organisation")?></td>
+ <td colspan="3" class="title"><?php echo _("Organisation")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Organisation Name")?>:</td>
- <td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+ <td class="DataTD"><?php echo _("Organisation Name")?>:</td>
+ <td colspan="2" class="DataTD" ><b><?php echo $row['O']?></b></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Contact Email")?>:</td>
- <td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+ <td class="DataTD"><?php echo _("Contact Email")?>:</td>
+ <td colspan="2" class="DataTD"><?php echo ($row['contact'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Town/Suburb")?>:</td>
- <td colspan="2" class="DataTD"><?=($row['L'])?></td>
+ <td class="DataTD"><?php echo _("Town/Suburb")?>:</td>
+ <td colspan="2" class="DataTD"><?php echo ($row['L'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("State/Province")?>:</td>
- <td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+ <td class="DataTD"><?php echo _("State/Province")?>:</td>
+ <td colspan="2" class="DataTD"><?php echo ($row['ST'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Country")?>:</td>
- <td colspan="2" class="DataTD"><?=($row['C'])?></td>
+ <td class="DataTD"><?php echo _("Country")?>:</td>
+ <td colspan="2" class="DataTD"><?php echo ($row['C'])?></td>
</tr>
- <?
-
+ <?php
//domain info
$query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
- $res1 = mysql_query($query);
- while($domain = mysql_fetch_assoc($res1))
+ $res1 = mysqli_query($_SESSION['mconn'], $query);
+ while($domain = mysqli_fetch_assoc($res1))
{
?>
<tr>
- <td class="DataTD"><?=_("Domain")?></td>
- <td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+ <td class="DataTD"><?php echo _("Domain")?></td>
+ <td colspan="2" class="DataTD"><?php echo sanitizeHTML($domain['domain'])?></td>
</tr>
- <?
- }
+ <?php }
?>
<tr>
- <td class="DataTD"><?=_("Administrator")?></td>
- <td class="DataTD"><?=_("Master Account")?></td>
- <td class="DataTD"><?=_("Department")?></td>
+ <td class="DataTD"><?php echo _("Administrator")?></td>
+ <td class="DataTD"><?php echo _("Master Account")?></td>
+ <td class="DataTD"><?php echo _("Department")?></td>
</tr>
- <?
-
+ <?php
//org admins
$query = "select * from `org` where `orgid`='".intval($row['id'])."'";
- $res2 = mysql_query($query);
- while($org = mysql_fetch_assoc($res2))
+ $res2 = mysqli_query($_SESSION['mconn'], $query);
+ while($org = mysqli_fetch_assoc($res2))
{
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($org['memid'])."'"));
?>
<tr>
- <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
- <td class="DataTD"><?=($org['masteracc'])?></td>
- <td class="DataTD"><?=($org['OU'])?></td>
+ <td class="DataTD"><a href='mailto:<?php echo $user['email']?>'><?php echo ($user['fname'])?> <?php echo ($user['lname'])?></a></td>
+ <td class="DataTD"><?php echo ($org['masteracc'])?></td>
+ <td class="DataTD"><?php echo ($org['OU'])?></td>
</tr>
- <?
-
+ <?php
if(intval($org['masteracc']) === 1 &&
intval($org['memid']) === intval($_SESSION['profile']['id']))
{
$master="account.php?id=32&amp;orgid=".intval($row['id']);
?>
<tr>
- <td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+ <td colspan="3" class="DataTD"><a href="<?php echo $master ?>"><?php echo _("Edit")?></a></td>
</tr>
- <?
- }
+ <?php }
}
} ?>
</table>
diff --git a/pages/account/36.php b/pages/account/36.php
index be0f590..e9400dd 100644
--- a/pages/account/36.php
+++ b/pages/account/36.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,18 +18,18 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("My Alert Settings")?></td>
+ <td colspan="2" class="title"><?php echo _("My Alert Settings")?></td>
</tr>
<tr>
- <td class="DataTD" valign="top"><b><?=_("Alert me if")?></b>: </td>
- <td class="DataTD" align="left"><input type="checkbox" name="general" value="1"<? if(array_key_exists('general',$_REQUEST) && $_REQUEST['general']) echo " checked='checked'"; ?>><?=_("General Announcements")?><br>
- <input type="checkbox" name="country" value="1"<? if(array_key_exists('country',$_REQUEST) && $_REQUEST['country']) echo " checked='checked'"; ?>><?=_("Country Announcements")?><br>
- <input type="checkbox" name="regional" value="1"<? if(array_key_exists('regional',$_REQUEST) && $_REQUEST['regional']) echo " checked='checked'"; ?>><?=_("Regional Announcements")?><br>
- <input type="checkbox" name="radius" value="1"<? if(array_key_exists('radius',$_REQUEST) && $_REQUEST['radius']) echo " checked='checked'"; ?>><?=_("Within 200km Announcements")?></td>
+ <td class="DataTD" valign="top"><b><?php echo _("Alert me if")?></b>: </td>
+ <td class="DataTD" align="left"><input type="checkbox" name="general" value="1"<?php if(array_key_exists('general',$_REQUEST) && $_REQUEST['general']) echo " checked='checked'"; ?>><?php echo _("General Announcements")?><br>
+ <input type="checkbox" name="country" value="1"<?php if(array_key_exists('country',$_REQUEST) && $_REQUEST['country']) echo " checked='checked'"; ?>><?php echo _("Country Announcements")?><br>
+ <input type="checkbox" name="regional" value="1"<?php if(array_key_exists('regional',$_REQUEST) && $_REQUEST['regional']) echo " checked='checked'"; ?>><?php echo _("Regional Announcements")?><br>
+ <input type="checkbox" name="radius" value="1"<?php if(array_key_exists('radius',$_REQUEST) && $_REQUEST['radius']) echo " checked='checked'"; ?>><?php echo _("Within 200km Announcements")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update My Settings")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update My Settings")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/37.php b/pages/account/37.php
index 48c737a..c9b1b52 100644
--- a/pages/account/37.php
+++ b/pages/account/37.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/FAQ/AboutUs">', '</a>');
?>
diff --git a/pages/account/38.php b/pages/account/38.php
index 7caddb0..2bcb77c 100644
--- a/pages/account/38.php
+++ b/pages/account/38.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
diff --git a/pages/account/39.php b/pages/account/39.php
index 9e09bb8..dbceaa4 100644
--- a/pages/account/39.php
+++ b/pages/account/39.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_('This page has been moved to the %spolicy directory%s. Please update '.
+<?php printf(_('This page has been moved to the %spolicy directory%s. Please update '.
'your bookmarks and report any broken links.'),
'<a href="/policy/PrivacyPolicy.html">', '</a>');
?>
diff --git a/pages/account/4.php b/pages/account/4.php
index 8ac8b65..eb90b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
diff --git a/pages/account/40.php b/pages/account/40.php
index a809595..f37548f 100644
--- a/pages/account/40.php
+++ b/pages/account/40.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,18 +17,18 @@
*/
if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['secrethash'] = md5(date("YmdHis").rand(0, intval(date("u"))));
?>
-<H3><?=_("Contact Us")?></H3>
+<H3><?php echo _("Contact Us")?></H3>
-<p><b><?=_("General Questions")?></b></p>
-<p><b><?=_("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p>
-<p><b><?=_("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p>
-<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
-<p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?=_("Go here for more details.")?></a></p>
-<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
-<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
-<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
+<p><b><?php echo _("General Questions")?></b></p>
+<p><b><?php echo _("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p>
+<p><b><?php echo _("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p>
+<p><?php echo sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p>
+<p><?php echo _("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?php echo _("Go here for more details.")?></a></p>
+<p><?php echo _("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
+<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?php echo _("Click here to go to the Support List")?></a></p>
+<p><?php echo _("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
<form method="post" action="account.php" name="form1">
- <input type="hidden" name="oldid" value="<?=$id?>">
+ <input type="hidden" name="oldid" value="<?php echo $id?>">
<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
<p class="robotic" id="pot">
@@ -36,18 +36,18 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<input name="robotest" type="text" id="robotest" class="robotest" />
</p>
<table border="0">
- <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
- <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
- <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
- <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
+ <tr><td width="100"><?php echo _("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td>
+ <tr><td width="100"><?php echo _("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td>
+ <tr><td width="100"><?php echo _("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr>
+ <tr><td width="100" valign="top"><?php echo _("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
<tr>
- <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
- <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td>
+ <td colspan="2"><font color="#ff0000"><?php echo _("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td colspan="2"><?php echo _("For confidential data use \"send to support\".")?></td>
</tr>
<tr>
- <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
- <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ <td colspan="2"><input type="submit" name="process[0]" value="<?php echo _("Send to mailing list")?>"></td>
+ <td colspan="2"><input type="submit" name="process[1]" value="<?php echo _("Send to support")?>"></td>
</tr>
</table>
</form>
@@ -57,12 +57,12 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><b>Secure IRC</b></p>
<p><a href="ircs://irc.CAcert.org:7000/CAcert">ircs://irc.CAcert.org:7000/CAcert</a></p>
-<p><b><?=_("Other Mailing Lists")?></b></p>
-<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
-<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
+<p><b><?php echo _("Other Mailing Lists")?></b></p>
+<p><?php echo _("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
+<p><a href="http://lists.cacert.org/"><?php echo _("Click here to view all lists available")?></a></p>
-<p><b><?=_("Security Issues")?></b></p>
-<p><?=sprintf(_("Please use any of the following ways to report security ".
+<p><b><?php echo _("Security Issues")?></b></p>
+<p><?php echo sprintf(_("Please use any of the following ways to report security ".
"issues: You can use the above contact form for sensitive information. ".
"You can email us to %s. You can file a bugreport on %s and mark it as ".
"private."),
@@ -73,7 +73,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<script type="text/javascript">
<!--
- var pagehash = '<?=$_SESSION['_config']['secrethash']?>';
+ var pagehash = '<?php echo $_SESSION['_config']['secrethash']?>';
document.form1.secrethash2.value = pagehash;
document.form2.secrethash2.value = pagehash;
diff --git a/pages/account/41.php b/pages/account/41.php
index d61d8db..4398f6a 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -22,13 +22,12 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("My Language Settings")?></td>
+ <td colspan="2" class="title"><?php echo _("My Language Settings")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("My preferred language")?>:</td>
+ <td class="DataTD"><?php echo _("My preferred language")?>:</td>
<td class="DataTD"><select name="lang">
-<?
- foreach(L10n::$translations as $key => $val)
+<?php foreach(L10n::$translations as $key => $val)
{
echo "<option value='$key'";
if($key == L10n::get_translation())
@@ -40,38 +39,36 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
</td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
<input type="hidden" name="action" value="default">
-<input type="hidden" name="csrf" value="<?=make_csrf('mainlang')?>" />
+<input type="hidden" name="csrf" value="<?php echo make_csrf('mainlang')?>" />
</form>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="2" class="title"><?=_("Additional Language Preferences")?></td>
+ <td colspan="2" class="title"><?php echo _("Additional Language Preferences")?></td>
</tr>
-<?
- $query = "select * from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."'";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
- $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_escape_string($row['lang'])."'"));
+ $lang = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `languages` where `locale`='".mysqli_real_escape_string($_SESSION['mconn'], $row['lang'])."'"));
?>
<tr>
- <td class="DataTD"><?=_("Additional Language")?>:</td>
- <td class="DataTD" align="left"><? echo "${lang['lang']} - ${lang['country']}"; ?>
- <a href="account.php?oldid=41&amp;action=dellang&amp;remove=<?=$row['lang']?>&amp;csrf=<?=make_csrf('seclang')?>"><?=_("Delete")?></a></td>
+ <td class="DataTD"><?php echo _("Additional Language")?>:</td>
+ <td class="DataTD" align="left"><?php echo "${lang['lang']} - ${lang['country']}"; ?>
+ <a href="account.php?oldid=41&amp;action=dellang&amp;remove=<?php echo $row['lang']?>&amp;csrf=<?php echo make_csrf('seclang')?>"><?php echo _("Delete")?></a></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD"><?=_("Secondary languages")?>:</td>
+ <td class="DataTD"><?php echo _("Secondary languages")?>:</td>
<td class="DataTD"><select name="addlang">
-<?
- $query = "select * from `languages` order by `locale`";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `languages` order by `locale`";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
sanitizeHTML($row['locale']),
@@ -85,10 +82,10 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
</td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Add")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
<input type="hidden" name="action" value="addsec">
-<input type="hidden" name="csrf" value="<?=make_csrf('seclang')?>" />
+<input type="hidden" name="csrf" value="<?php echo make_csrf('seclang')?>" />
</form>
diff --git a/pages/account/42.php b/pages/account/42.php
index 8decae4..63ff969 100644
--- a/pages/account/42.php
+++ b/pages/account/42.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,19 +15,19 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } ?>
+<?php if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?php echo $_SESSION['_config']['error']?></div><?php unset($_SESSION['_config']['error']); } ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Find User")?></td>
+ <td colspan="2" class="title"><?php echo _("Find User")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><input type="text" name="email" value="<?=array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):''?>" size="30" title="<?=_("use % as wildcard")?>"></td>
+ <td class="DataTD"><?php echo _("Email")?>:</td>
+ <td class="DataTD"><input type="text" name="email" value="<?php echo array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):''?>" size="30" title="<?php echo _("use % as wildcard")?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Next")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/43.php b/pages/account/43.php
index c889ce3..1faf2a7 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -37,7 +37,7 @@ if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
{
$_REQUEST['userid'] = 0;
- $emailsearch = $email = mysql_real_escape_string(stripslashes($_REQUEST['email']));
+ $emailsearch = $email = mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['email']));
//Disabled to speed up the queries
//if(!strstr($email, "%"))
@@ -63,46 +63,43 @@ if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
group by `users`.`id` limit 100";
}
// bug-975 ted+uli changes --- end
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 1) {
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 1) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+ <td colspan="5" class="title"><?php echo _("Select Specific Account Details")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("User ID")?></td>
- <td class="DataTD"><?=_("Email")?></td>
+ <td class="DataTD"><?php echo _("User ID")?></td>
+ <td class="DataTD"><?php echo _("Email")?></td>
</tr>
-<?
- while($row = mysql_fetch_assoc($res))
+<?php
+ while($row = mysqli_fetch_assoc($res))
{
?>
<tr>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=intval($row['id'])?></a></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>"><?php echo intval($row['id'])?></a></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></a></td>
</tr>
-<?
- }
+<?php }
- if(mysql_num_rows($res) >= 100) {
+ if(mysqli_num_rows($res) >= 100) {
?>
<tr>
- <td class="DataTD" colspan="2"><?=_("Only the first 100 rows are displayed.")?></td>
+ <td class="DataTD" colspan="2"><?php echo _("Only the first 100 rows are displayed.")?></td>
</tr>
-<?
- } else {
+<?php } else {
?>
<tr>
- <td class="DataTD" colspan="2"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
+ <td class="DataTD" colspan="2"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
</tr>
-<?
- }
+<?php }
?>
</table><br><br>
-<?
- } elseif(mysql_num_rows($res) == 1) {
- $row = mysql_fetch_assoc($res);
+<?php
+ } elseif(mysqli_num_rows($res) == 1) {
+ $row = mysqli_fetch_assoc($res);
$_REQUEST['userid'] = $row['id'];
} else {
printf(_("No users found matching %s"), sanitizeHTML($email));
@@ -113,13 +110,13 @@ if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
if(intval($_REQUEST['userid']) > 0) {
$userid = intval($_REQUEST['userid']);
$res =get_user_data($userid);
- if(mysql_num_rows($res) <= 0) {
+ if(mysqli_num_rows($res) <= 0) {
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else {
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."' and `deleted` = 0";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$alerts =get_alerts(intval($row['id']));
//display account data
@@ -132,11 +129,11 @@ if(intval($_REQUEST['userid']) > 0) {
} else {
$assurance = intval($_REQUEST['assurance']);
$trow = 0;
- $res = mysql_query("select `to` from `notary` where `id`='".intval($assurance)."' and `deleted` = 0");
+ $res = mysqli_query($_SESSION['mconn'], "select `to` from `notary` where `id`='".intval($assurance)."' and `deleted` = 0");
if ($res) {
- $trow = mysql_fetch_assoc($res);
+ $trow = mysqli_fetch_assoc($res);
if ($trow) {
- mysql_query("update `notary` set `deleted`=NOW() where `id`='".intval($assurance)."'");
+ mysqli_query($_SESSION['mconn'], "update `notary` set `deleted`=NOW() where `id`='".intval($assurance)."'");
fix_assurer_flag($trow['to']);
}
}
@@ -148,20 +145,20 @@ if(intval($_REQUEST['userid']) > 0) {
//Ticket number
?>
-<form method="post" action="account.php?id=43&userid=<?=intval($_REQUEST['userid'])?>">
+<form method="post" action="account.php?id=43&userid=<?php echo intval($_REQUEST['userid'])?>">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_('Ticket handling') ?></td>
+ <td colspan="2" class="title"><?php echo _('Ticket handling') ?></td>
</tr>
<tr>
- <td class="DataTD"><?=_('Ticket no')?>:</td>
- <td class="DataTD"><input type="text" name="ticketno" value="<?=sanitizeHTML($ticketno)?>"/></td>
+ <td class="DataTD"><?php echo _('Ticket no')?>:</td>
+ <td class="DataTD"><input type="text" name="ticketno" value="<?php echo sanitizeHTML($ticketno)?>"/></td>
</tr>
<tr>
- <td colspan="2" class="DataTDError"><?=$ticketmsg?></td><?php $_SESSION['ticketmsg']='' ?>
+ <td colspan="2" class="DataTDError"><?php echo $ticketmsg?></td><?php $_SESSION['ticketmsg']='' ?>
</tr>
<tr>
- <td colspan="2" ><input type="submit" value="<?=_('Set ticket number') ?>"></td>
+ <td colspan="2" ><input type="submit" value="<?php echo _('Set ticket number') ?>"></td>
</tr>
</table>
</form>
@@ -171,47 +168,45 @@ if(intval($_REQUEST['userid']) > 0) {
<!-- display data table -->
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><? printf(_("%s's Account Details"), sanitizeHTML($row['email'])); ?></td>
+ <td colspan="5" class="title"><?php printf(_("%s's Account Details"), sanitizeHTML($row['email'])); ?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
+ <td class="DataTD"><?php echo _("Email")?>:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['email'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("First Name")?>:</td>
- <td class="DataTD"><form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to modify this DOB and/or last name?")?>')) return false;">
- <input type="hidden" name="csrf" value="<?=make_csrf('admchangepers')?>" />
- <input type="text" name="fname" value="<?=sanitizeHTML($row['fname'])?>">
+ <td class="DataTD"><?php echo _("First Name")?>:</td>
+ <td class="DataTD"><form method="post" action="account.php" onSubmit="if(!confirm('<?php echo _("Are you sure you want to modify this DOB and/or last name?")?>')) return false;">
+ <input type="hidden" name="csrf" value="<?php echo make_csrf('admchangepers')?>" />
+ <input type="text" name="fname" value="<?php echo sanitizeHTML($row['fname'])?>">
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Middle Name")?>:</td>
- <td class="DataTD"><input type="text" name="mname" value="<?=sanitizeHTML($row['mname'])?>"></td>
+ <td class="DataTD"><?php echo _("Middle Name")?>:</td>
+ <td class="DataTD"><input type="text" name="mname" value="<?php echo sanitizeHTML($row['mname'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Last Name")?>:</td>
+ <td class="DataTD"><?php echo _("Last Name")?>:</td>
<td class="DataTD"> <input type="hidden" name="oldid" value="43">
<input type="hidden" name="action" value="updatedob">
- <input type="hidden" name="userid" value="<?=intval($userid)?>">
- <input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>">
+ <input type="hidden" name="userid" value="<?php echo intval($userid)?>">
+ <input type="text" name="lname" value="<?php echo sanitizeHTML($row['lname'])?>">
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Suffix")?>:</td>
- <td class="DataTD"><input type="text" name="suffix" value="<?=sanitizeHTML($row['suffix'])?>"></td>
+ <td class="DataTD"><?php echo _("Suffix")?>:</td>
+ <td class="DataTD"><input type="text" name="suffix" value="<?php echo sanitizeHTML($row['suffix'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Date of Birth")?>:</td>
+ <td class="DataTD"><?php echo _("Date of Birth")?>:</td>
<td class="DataTD">
- <?
- $year = intval(substr($row['dob'], 0, 4));
+ <?php $year = intval(substr($row['dob'], 0, 4));
$month = intval(substr($row['dob'], 5, 2));
$day = intval(substr($row['dob'], 8, 2));
?>
<nobr>
<select name="day">
- <?
- for($i = 1; $i <= 31; $i++) {
+ <?php for($i = 1; $i <= 31; $i++) {
echo "<option";
if($day == $i) {
echo " selected='selected'";
@@ -221,8 +216,7 @@ if(intval($_REQUEST['userid']) > 0) {
?>
</select>
<select name="month">
- <?
- for($i = 1; $i <= 12; $i++) {
+ <?php for($i = 1; $i <= 12; $i++) {
echo "<option value='$i'";
if($month == $i)
echo " selected='selected'";
@@ -230,231 +224,220 @@ if(intval($_REQUEST['userid']) > 0) {
}
?>
</select>
- <input type="text" name="year" value="<?=$year?>" size="4">
+ <input type="text" name="year" value="<?php echo $year?>" size="4">
<input type="submit" value="Go">
- <input type="hidden" name="ticketno" value="<?=sanitizeHTML($ticketno)?>"/>
+ <input type="hidden" name="ticketno" value="<?php echo sanitizeHTML($ticketno)?>"/>
</form>
</nobr>
</td>
</tr>
- <? // list of flags ?>
+ <?php // list of flags ?>
<tr>
- <td class="DataTD"><?=_("CCA accepted")?>:</td>
- <td class="DataTD"><a href="account.php?id=57&amp;userid=<?=intval($row['id'])?>"><?=intval(get_user_agreement_status($row['id'], 'CCA')) ? _("Yes") : _("No") ?></a></td>
+ <td class="DataTD"><?php echo _("CCA accepted")?>:</td>
+ <td class="DataTD"><a href="account.php?id=57&amp;userid=<?php echo intval($row['id'])?>"><?php echo intval(get_user_agreement_status($row['id'], 'CCA')) ? _("Yes") : _("No") ?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Trainings")?>:</td>
- <td class="DataTD"><a href="account.php?id=55&amp;userid=<?=intval($row['id'])?>">show</a></td>
+ <td class="DataTD"><?php echo _("Trainings")?>:</td>
+ <td class="DataTD"><a href="account.php?id=55&amp;userid=<?php echo intval($row['id'])?>">show</a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Is Assurer")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;assurer=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admsetassuret')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['assurer'])?></a></td>
+ <td class="DataTD"><?php echo _("Is Assurer")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;assurer=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admsetassuret')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['assurer'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Blocked Assurer")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;assurer_blocked=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['assurer_blocked'])?></a></td>
+ <td class="DataTD"><?php echo _("Blocked Assurer")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;assurer_blocked=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['assurer_blocked'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Account Locking")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;locked=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admactlock')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['locked'])?></a></td>
+ <td class="DataTD"><?php echo _("Account Locking")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;locked=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admactlock')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['locked'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Code Signing")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;codesign=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admcodesign')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['codesign'])?></a></td>
+ <td class="DataTD"><?php echo _("Code Signing")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;codesign=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admcodesign')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['codesign'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Org Assurer")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;orgadmin=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admorgadmin')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['orgadmin'])?></a></td>
+ <td class="DataTD"><?php echo _("Org Assurer")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;orgadmin=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admorgadmin')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['orgadmin'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("TTP Admin")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;ttpadmin=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admttpadmin')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['ttpadmin'])?></a></td>
+ <td class="DataTD"><?php echo _("TTP Admin")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;ttpadmin=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admttpadmin')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['ttpadmin'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Location Admin")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;locadmin=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=$row['locadmin']?></a></td>
+ <td class="DataTD"><?php echo _("Location Admin")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;locadmin=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo $row['locadmin']?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Admin")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;admin=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admsetadmin')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['admin'])?></a></td>
+ <td class="DataTD"><?php echo _("Admin")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;admin=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admsetadmin')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['admin'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Ad Admin")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;adadmin=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['adadmin'])?></a> (0 = none, 1 = submit, 2 = approve)</td>
+ <td class="DataTD"><?php echo _("Ad Admin")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;adadmin=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['adadmin'])?></a> (0 = none, 1 = submit, 2 = approve)</td>
</tr>
<!-- presently not needed
<tr>
- <td class="DataTD"><?=_("Tverify Account")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;tverify=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['tverify'])?></a></td>
+ <td class="DataTD"><?php echo _("Tverify Account")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;tverify=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($row['tverify'])?></a></td>
</tr>
-->
<tr>
- <td class="DataTD"><?=_("General Announcements")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;general=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($alerts['general'])?></a></td>
+ <td class="DataTD"><?php echo _("General Announcements")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;general=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($alerts['general'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Country Announcements")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;country=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($alerts['country'])?></a></td>
+ <td class="DataTD"><?php echo _("Country Announcements")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;country=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($alerts['country'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Regional Announcements")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;regional=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($alerts['regional'])?></a></td>
+ <td class="DataTD"><?php echo _("Regional Announcements")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;regional=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($alerts['regional'])?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
- <td class="DataTD"><a href="account.php?id=43&amp;radius=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($alerts['radius'])?></a></td>
+ <td class="DataTD"><?php echo _("Within 200km Announcements")?>:</td>
+ <td class="DataTD"><a href="account.php?id=43&amp;radius=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo intval($alerts['radius'])?></a></td>
</tr>
- <? //change password, view secret questions and delete account section ?>
+ <?php //change password, view secret questions and delete account section ?>
<tr>
- <td class="DataTD"><?=_("Change Password")?>:</td>
- <td class="DataTD"><a href="account.php?id=44&amp;userid=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Change Password")?></a></td>
+ <td class="DataTD"><?php echo _("Change Password")?>:</td>
+ <td class="DataTD"><a href="account.php?id=44&amp;userid=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Change Password")?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Delete Account")?>:</td>
- <td class="DataTD"><a href="account.php?id=50&amp;userid=<?=intval($row['id'])?>&amp;csrf=<?=make_csrf('admdelaccount')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Delete Account")?></a></td>
+ <td class="DataTD"><?php echo _("Delete Account")?>:</td>
+ <td class="DataTD"><a href="account.php?id=50&amp;userid=<?php echo intval($row['id'])?>&amp;csrf=<?php echo make_csrf('admdelaccount')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Delete Account")?></a></td>
</tr>
- <?
- // This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
+ <?php // This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if(array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==true) {
if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno)) {
?>
<tr>
- <td class="DataTD" colspan="2"><?=_("Writing to the admin log failed. Can't continue.")?></td>
+ <td class="DataTD" colspan="2"><?php echo _("Writing to the admin log failed. Can't continue.")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Show Lost Password Details")?></a></td>
+ <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Show Lost Password Details")?></a></td>
</tr>
- <?
- } else {
+ <?php } else {
?>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - Q1:</td>
- <td class="DataTD"><?=sanitizeHTML($row['Q1'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - Q1:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['Q1'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - A1:</td>
- <td class="DataTD"><?=sanitizeHTML($row['A1'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - A1:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['A1'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - Q2:</td>
- <td class="DataTD"><?=sanitizeHTML($row['Q2'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - Q2:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['Q2'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - A2:</td>
- <td class="DataTD"><?=sanitizeHTML($row['A2'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - A2:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['A2'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - Q3:</td>
- <td class="DataTD"><?=sanitizeHTML($row['Q3'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - Q3:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['Q3'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - A3:</td>
- <td class="DataTD"><?=sanitizeHTML($row['A3'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - A3:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['A3'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - Q4:</td>
- <td class="DataTD"><?=sanitizeHTML($row['Q4'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - Q4:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['Q4'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - A4:</td>
- <td class="DataTD"><?=sanitizeHTML($row['A4'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - A4:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['A4'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - Q5:</td>
- <td class="DataTD"><?=sanitizeHTML($row['Q5'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - Q5:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['Q5'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Lost Password")?> - A5:</td>
- <td class="DataTD"><?=sanitizeHTML($row['A5'])?></td>
+ <td class="DataTD"><?php echo _("Lost Password")?> - A5:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['A5'])?></td>
</tr>
- <?
- }
+ <?php }
} elseif (array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==false) {
?>
<tr>
- <td class="DataTD" colspan="2"><?=_('No access granted. Ticket number is missing')?></td>
+ <td class="DataTD" colspan="2"><?php echo _('No access granted. Ticket number is missing')?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Show Lost Password Details")?></a></td>
+ <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Show Lost Password Details")?></a></td>
</tr>
- <?
- } else {
+ <?php } else {
?>
<tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Show Lost Password Details")?></a></td>
+ <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;showlostpw=yes&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Show Lost Password Details")?></a></td>
</tr>
- <? }
+ <?php }
// list assurance points
?>
<tr>
- <td class="DataTD"><?=_("Assurance Points")?>:</td>
- <td class="DataTD"><?=intval($drow['points'])?></td>
+ <td class="DataTD"><?php echo _("Assurance Points")?>:</td>
+ <td class="DataTD"><?php echo intval($drow['points'])?></td>
</tr>
- <?
- // show account history
+ <?php // show account history
?>
<tr>
- <td class="DataTD" colspan="2"><a href="account.php?id=59&amp;oldid=43&amp;userid=<?=intval($row['id'])?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_('Show account history')?></a></td>
+ <td class="DataTD" colspan="2"><a href="account.php?id=59&amp;oldid=43&amp;userid=<?php echo intval($row['id'])?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _('Show account history')?></a></td>
</tr>
</table>
<br/>
- <?
- //list secondary email addresses
+ <?php //list secondary email addresses
$dres = get_email_addresses(intval($row['id']),$row['email']);
- if(mysql_num_rows($dres) > 0) {
+ if(mysqli_num_rows($dres) > 0) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Alternate Verified Email Addresses")?></td>
+ <td colspan="5" class="title"><?php echo _("Alternate Verified Email Addresses")?></td>
</tr>
- <?
- while($drow = mysql_fetch_assoc($dres)) {
+ <?php
+ while($drow = mysqli_fetch_assoc($dres)) {
?>
<tr>
- <td class="DataTD"><?=_("Secondary Emails")?>:</td>
- <td class="DataTD"><?=sanitizeHTML($drow['email'])?></td>
+ <td class="DataTD"><?php echo _("Secondary Emails")?>:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['email'])?></td>
</tr>
- <?
- }
+ <?php }
?>
</table>
<br/>
- <?
- }
+ <?php }
// list of domains
$dres=get_domains(intval($row['id']));
- if(mysql_num_rows($dres) > 0) {
+ if(mysqli_num_rows($dres) > 0) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Verified Domains")?></td>
+ <td colspan="5" class="title"><?php echo _("Verified Domains")?></td>
</tr>
- <?
- while($drow = mysql_fetch_assoc($dres)) {
+ <?php
+ while($drow = mysqli_fetch_assoc($dres)) {
?>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><?=sanitizeHTML($drow['domain'])?></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['domain'])?></td>
</tr>
- <?
- }
+ <?php }
?>
</table>
<br/>
- <?
- }
+ <?php }
?>
- <? // Begin - Debug infos ?>
+ <?php // Begin - Debug infos ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Account State")?></td>
+ <td colspan="2" class="title"><?php echo _("Account State")?></td>
</tr>
- <?
- // --- bug-975 begin ---
+ <?php // --- bug-975 begin ---
// potential db inconsistency like in a20110804.1
// Admin console -> don't list user account
// User login -> impossible
@@ -488,7 +471,7 @@ if(intval($_REQUEST['userid']) > 0) {
4. users.email = primary-email
--- Assurer, assure someone find user query
- select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."'
+ select * from `users` where `email`='".mysqli_real_escape_string($_SESSION['mconn'], $_POST['email']))."'
and `deleted`=0
=> requirements
1. users.deleted = 0
@@ -527,8 +510,8 @@ if(intval($_REQUEST['userid']) > 0) {
// current userid intval($row['id'])
$query = "select `email` as `uemail`, `deleted` as `udeleted`, `verified`, `locked`
from `users` where `id`='".intval($row['id'])."' ";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$uemail = $drow['uemail'];
$udeleted = $drow['udeleted'];
$uverified = $drow['verified'];
@@ -538,16 +521,16 @@ if(intval($_REQUEST['userid']) > 0) {
where `memid`='".intval($row['id'])."' and
`email` ='".$uemail."' and
`deleted` = 0";
- $dres = mysql_query($query);
- if ($drow = mysql_fetch_assoc($dres)) {
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ if ($drow = mysqli_fetch_assoc($dres)) {
$drow['edeleted'] = 0;
} else {
// try if there are deleted entries
$query = "select `hash`, `deleted` as `edeleted`, `email` as `eemail` from `email`
where `memid`='".intval($row['id'])."' and
`email` ='".$uemail."'";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
}
if ($drow) {
@@ -582,52 +565,49 @@ if(intval($_REQUEST['userid']) > 0) {
// $inconsistencydisp = _("Yes");
?>
<tr>
- <td class="DataTD"><?=_("Account inconsistency")?>:</td>
- <td class="DataTD"><?=$inccause?><br>code: <?=intval($inconsistency)?></td>
+ <td class="DataTD"><?php echo _("Account inconsistency")?>:</td>
+ <td class="DataTD"><?php echo $inccause?><br>code: <?php echo intval($inconsistency)?></td>
</tr>
<tr>
<td colspan="2" class="DataTD" style="max-width: 75ex;">
- <?=_("Account inconsistency can cause problems in daily account operations and needs to be fixed manually through arbitration/critical team.")?>
+ <?php echo _("Account inconsistency can cause problems in daily account operations and needs to be fixed manually through arbitration/critical team.")?>
</td>
</tr>
- <?
- }
+ <?php }
// --- bug-975 end ---
?>
</table>
<br />
- <?
- // End - Debug infos
+ <?php // End - Debug infos
// certificate overview
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("Certificates")?></td>
+ <td colspan="6" class="title"><?php echo _("Certificates")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Cert Type")?>:</td>
- <td class="DataTD"><?=_("Total")?></td>
- <td class="DataTD"><?=_("Valid")?></td>
- <td class="DataTD"><?=_("Expired")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Latest Expire")?></td>
+ <td class="DataTD"><?php echo _("Cert Type")?>:</td>
+ <td class="DataTD"><?php echo _("Total")?></td>
+ <td class="DataTD"><?php echo _("Valid")?></td>
+ <td class="DataTD"><?php echo _("Expired")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Latest Expire")?></td>
</tr>
<!-- server certificates -->
<tr>
- <td class="DataTD"><?=_("Server")?>:</td>
- <?
- $query = "
+ <td class="DataTD"><?php echo _("Server")?>:</td>
+ <?php $query = "
select COUNT(*) as `total`,
MAX(`domaincerts`.`expire`) as `maxexpire`
from `domains` inner join `domaincerts`
on `domains`.`id` = `domaincerts`.`domid`
where `domains`.`memid` = '".intval($row['id'])."'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
@@ -644,8 +624,8 @@ if(intval($_REQUEST['userid']) > 0) {
and `revoked` = '0000-00-00 00:00:00'
and `expire` > NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "
@@ -655,8 +635,8 @@ if(intval($_REQUEST['userid']) > 0) {
where `domains`.`memid` = '".intval($row['id'])."'
and `expire` <= NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "
@@ -666,34 +646,31 @@ if(intval($_REQUEST['userid']) > 0) {
where `domains`.`memid` = '".intval($row['id'])."'
and `revoked` != '0000-00-00 00:00:00'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$revoked = $drow['revoked'];
?>
- <td class="DataTD"><?=intval($total)?></td>
- <td class="DataTD"><?=intval($valid)?></td>
- <td class="DataTD"><?=intval($expired)?></td>
- <td class="DataTD"><?=intval($revoked)?></td>
- <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
- <?
- } else { // $total > 0
+ <td class="DataTD"><?php echo intval($total)?></td>
+ <td class="DataTD"><?php echo intval($valid)?></td>
+ <td class="DataTD"><?php echo intval($expired)?></td>
+ <td class="DataTD"><?php echo intval($revoked)?></td>
+ <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?php } else { // $total > 0
?>
- <td colspan="5" class="DataTD"><?=_("None")?></td>
- <?
- }
+ <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+ <?php }
?>
</tr>
<!-- client certificates -->
<tr>
- <td class="DataTD"><?=_("Client")?>:</td>
- <?
- $query = "
+ <td class="DataTD"><?php echo _("Client")?>:</td>
+ <?php $query = "
select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
from `emailcerts`
where `memid` = '".intval($row['id'])."'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
@@ -709,8 +686,8 @@ if(intval($_REQUEST['userid']) > 0) {
and `revoked` = '0000-00-00 00:00:00'
and `expire` > NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "
@@ -719,8 +696,8 @@ if(intval($_REQUEST['userid']) > 0) {
where `memid` = '".intval($row['id'])."'
and `expire` <= NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "
@@ -729,34 +706,31 @@ if(intval($_REQUEST['userid']) > 0) {
where `memid` = '".intval($row['id'])."'
and `revoked` != '0000-00-00 00:00:00'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$revoked = $drow['revoked'];
?>
- <td class="DataTD"><?=intval($total)?></td>
- <td class="DataTD"><?=intval($valid)?></td>
- <td class="DataTD"><?=intval($expired)?></td>
- <td class="DataTD"><?=intval($revoked)?></td>
- <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
- <?
- } else { // $total > 0
+ <td class="DataTD"><?php echo intval($total)?></td>
+ <td class="DataTD"><?php echo intval($valid)?></td>
+ <td class="DataTD"><?php echo intval($expired)?></td>
+ <td class="DataTD"><?php echo intval($revoked)?></td>
+ <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?php } else { // $total > 0
?>
- <td colspan="5" class="DataTD"><?=_("None")?></td>
- <?
- }
+ <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+ <?php }
?>
</tr>
<!-- gpg certificates -->
<tr>
- <td class="DataTD"><?=_("GPG")?>:</td>
- <?
- $query = "
+ <td class="DataTD"><?php echo _("GPG")?>:</td>
+ <?php $query = "
select COUNT(*) as `total`, MAX(`expire`) as `maxexpire`
from `gpg`
where `memid` = '".intval($row['id'])."'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
@@ -771,8 +745,8 @@ if(intval($_REQUEST['userid']) > 0) {
where `memid` = '".intval($row['id'])."'
and `expire` > NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "
@@ -781,36 +755,33 @@ if(intval($_REQUEST['userid']) > 0) {
where `memid` = '".intval($row['id'])."'
and `expire` <= NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$expired = $drow['expired'];
?>
- <td class="DataTD"><?=intval($total)?></td>
- <td class="DataTD"><?=intval($valid)?></td>
- <td class="DataTD"><?=intval($expired)?></td>
+ <td class="DataTD"><?php echo intval($total)?></td>
+ <td class="DataTD"><?php echo intval($valid)?></td>
+ <td class="DataTD"><?php echo intval($expired)?></td>
<td class="DataTD"></td>
- <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
- <?
- } else { // $total > 0
+ <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?php } else { // $total > 0
?>
- <td colspan="5" class="DataTD"><?=_("None")?></td>
- <?
- }
+ <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+ <?php }
?>
</tr>
<!-- org server certificates -->
<tr>
- <td class="DataTD"><a href="account.php?id=58&amp;userid=<?=intval($row['id'])?>"><?=_("Org Server")?></a>:</td>
- <?
- $query = "
+ <td class="DataTD"><a href="account.php?id=58&amp;userid=<?php echo intval($row['id'])?>"><?php echo _("Org Server")?></a>:</td>
+ <?php $query = "
select COUNT(*) as `total`,
MAX(`orgcerts`.`expire`) as `maxexpire`
from `orgdomaincerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
@@ -827,8 +798,8 @@ if(intval($_REQUEST['userid']) > 0) {
and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
and `orgcerts`.`expire` > NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "
@@ -838,8 +809,8 @@ if(intval($_REQUEST['userid']) > 0) {
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`expire` <= NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "
@@ -849,36 +820,33 @@ if(intval($_REQUEST['userid']) > 0) {
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$revoked = $drow['revoked'];
?>
- <td class="DataTD"><?=intval($total)?></td>
- <td class="DataTD"><?=intval($valid)?></td>
- <td class="DataTD"><?=intval($expired)?></td>
- <td class="DataTD"><?=intval($revoked)?></td>
- <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
- <?
- } else { // $total > 0
+ <td class="DataTD"><?php echo intval($total)?></td>
+ <td class="DataTD"><?php echo intval($valid)?></td>
+ <td class="DataTD"><?php echo intval($expired)?></td>
+ <td class="DataTD"><?php echo intval($revoked)?></td>
+ <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?php } else { // $total > 0
?>
- <td colspan="5" class="DataTD"><?=_("None")?></td>
- <?
- }
+ <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+ <?php }
?>
</tr>
<!-- org client certificates -->
<tr>
- <td class="DataTD"><?=_("Org Client")?>:</td>
- <?
- $query = "
+ <td class="DataTD"><?php echo _("Org Client")?>:</td>
+ <?php $query = "
select COUNT(*) as `total`,
MAX(`orgcerts`.`expire`) as `maxexpire`
from `orgemailcerts` as `orgcerts` inner join `org`
on `orgcerts`.`orgid` = `org`.`orgid`
where `org`.`memid` = '".intval($row['id'])."'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$total = $drow['total'];
$maxexpire = "0000-00-00 00:00:00";
@@ -895,8 +863,8 @@ if(intval($_REQUEST['userid']) > 0) {
and `orgcerts`.`revoked` = '0000-00-00 00:00:00'
and `orgcerts`.`expire` > NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$valid = $drow['valid'];
$query = "
@@ -906,8 +874,8 @@ if(intval($_REQUEST['userid']) > 0) {
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`expire` <= NOW()
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$expired = $drow['expired'];
$query = "
@@ -917,53 +885,50 @@ if(intval($_REQUEST['userid']) > 0) {
where `org`.`memid` = '".intval($row['id'])."'
and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
";
- $dres = mysql_query($query);
- $drow = mysql_fetch_assoc($dres);
+ $dres = mysqli_query($_SESSION['mconn'], $query);
+ $drow = mysqli_fetch_assoc($dres);
$revoked = $drow['revoked'];
?>
- <td class="DataTD"><?=intval($total)?></td>
- <td class="DataTD"><?=intval($valid)?></td>
- <td class="DataTD"><?=intval($expired)?></td>
- <td class="DataTD"><?=intval($revoked)?></td>
- <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
- <?
- } else { // $total > 0
+ <td class="DataTD"><?php echo intval($total)?></td>
+ <td class="DataTD"><?php echo intval($valid)?></td>
+ <td class="DataTD"><?php echo intval($expired)?></td>
+ <td class="DataTD"><?php echo intval($revoked)?></td>
+ <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+ <?php } else { // $total > 0
?>
- <td colspan="5" class="DataTD"><?=_("None")?></td>
- <?
- }
+ <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+ <?php }
?>
</tr>
<tr>
<td colspan="6" class="title">
- <form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to revoke all private certificates?")?>')) return false;">
+ <form method="post" action="account.php" onSubmit="if(!confirm('<?php echo _("Are you sure you want to revoke all private certificates?")?>')) return false;">
<input type="hidden" name="action" value="revokecert">
<input type="hidden" name="oldid" value="43">
- <input type="hidden" name="userid" value="<?=intval($userid)?>">
- <input type="submit" value="<?=_('revoke certificates')?>">
- <input type="hidden" name="ticketno" value="<?=sanitizeHTML($ticketno)?>"/>
+ <input type="hidden" name="userid" value="<?php echo intval($userid)?>">
+ <input type="submit" value="<?php echo _('revoke certificates')?>">
+ <input type="hidden" name="ticketno" value="<?php echo sanitizeHTML($ticketno)?>"/>
</form>
</td>
</tr>
</table>
<br />
- <? // list assurances ?>
+ <?php // list assurances ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td class="DataTD">
- <a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;shownotary=assuredto&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Show Assurances the user got")?></a>
- (<a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;shownotary=assuredto15&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("New calculation")?></a>)
+ <a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;shownotary=assuredto&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Show Assurances the user got")?></a>
+ (<a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;shownotary=assuredto15&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("New calculation")?></a>)
</td>
</tr>
<tr>
<td class="DataTD">
- <a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;shownotary=assuredby&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("Show Assurances the user gave")?></a>
- (<a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>&amp;shownotary=assuredby15&amp;ticketno=<?=sanitizeHTML($ticketno)?>"><?=_("New calculation")?></a>)
+ <a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;shownotary=assuredby&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("Show Assurances the user gave")?></a>
+ (<a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>&amp;shownotary=assuredby15&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>"><?php echo _("New calculation")?></a>)
</td>
</tr>
</table>
- <?
- // if(array_key_exists('assuredto',$_GET) && $_GET['assuredto'] == "yes") {
+ <?php // if(array_key_exists('assuredto',$_GET) && $_GET['assuredto'] == "yes") {
function showassuredto($ticketno)
@@ -971,96 +936,90 @@ if(intval($_REQUEST['userid']) > 0) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="8" class="title"><?=_("Assurance Points")?></td>
+ <td colspan="8" class="title"><?php echo _("Assurance Points")?></td>
</tr>
<tr>
- <td class="DataTD"><b><?=_("ID")?></b></td>
- <td class="DataTD"><b><?=_("Date")?></b></td>
- <td class="DataTD"><b><?=_("Who")?></b></td>
- <td class="DataTD"><b><?=_("Email")?></b></td>
- <td class="DataTD"><b><?=_("Points")?></b></td>
- <td class="DataTD"><b><?=_("Location")?></b></td>
- <td class="DataTD"><b><?=_("Method")?></b></td>
- <td class="DataTD"><b><?=_("Revoke")?></b></td>
+ <td class="DataTD"><b><?php echo _("ID")?></b></td>
+ <td class="DataTD"><b><?php echo _("Date")?></b></td>
+ <td class="DataTD"><b><?php echo _("Who")?></b></td>
+ <td class="DataTD"><b><?php echo _("Email")?></b></td>
+ <td class="DataTD"><b><?php echo _("Points")?></b></td>
+ <td class="DataTD"><b><?php echo _("Location")?></b></td>
+ <td class="DataTD"><b><?php echo _("Method")?></b></td>
+ <td class="DataTD"><b><?php echo _("Revoke")?></b></td>
</tr>
- <?
- $query = "select * from `notary` where `to`='".intval($_GET['userid'])."' and `deleted` = 0";
- $dres = mysql_query($query);
+ <?php $query = "select * from `notary` where `to`='".intval($_GET['userid'])."' and `deleted` = 0";
+ $dres = mysqli_query($_SESSION['mconn'], $query);
$points = 0;
- while($drow = mysql_fetch_assoc($dres)) {
- $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['from'])."'"));
+ while($drow = mysqli_fetch_assoc($dres)) {
+ $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($drow['from'])."'"));
$points += $drow['points'];
?>
<tr>
- <td class="DataTD"><?=$drow['id']?></td>
- <td class="DataTD"><?=sanitizeHTML($drow['date'])?></td>
- <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($drow['from'])?>"><?=sanitizeHTML($fromuser['fname'])." ".sanitizeHTML($fromuser['lname'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['from'])?>"><?=sanitizeHTML($fromuser['email'])?></a></td>
- <td class="DataTD"><?=intval($drow['points'])?></td>
- <td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
- <td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>&amp;assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),intval($drow['id']))?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><?php echo $drow['id']?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['date'])?></td>
+ <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?php echo intval($drow['from'])?>"><?php echo sanitizeHTML($fromuser['fname'])." ".sanitizeHTML($fromuser['lname'])?></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($drow['from'])?>"><?php echo sanitizeHTML($fromuser['email'])?></a></td>
+ <td class="DataTD"><?php echo intval($drow['points'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['location'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['method'])?></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($drow['to'])?>&amp;assurance=<?php echo intval($drow['id'])?>&amp;csrf=<?php echo make_csrf('admdelassurance')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>" onclick="return confirm('<?php echo sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),intval($drow['id']))?>');"><?php echo _("Revoke")?></a></td>
</tr>
- <?
- }
+ <?php }
?>
<tr>
- <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
- <td class="DataTD"><?=intval($points)?></td>
+ <td class="DataTD" colspan="4"><b><?php echo _("Total Points")?>:</b></td>
+ <td class="DataTD"><?php echo intval($points)?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
- <?
- }
+ <?php }
function showassuredby($ticketno)
{
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="8" class="title"><?=_("Assurance Points The User Issued")?></td>
+ <td colspan="8" class="title"><?php echo _("Assurance Points The User Issued")?></td>
</tr>
<tr>
- <td class="DataTD"><b><?=_("ID")?></b></td>
- <td class="DataTD"><b><?=_("Date")?></b></td>
- <td class="DataTD"><b><?=_("Who")?></b></td>
- <td class="DataTD"><b><?=_("Email")?></b></td>
- <td class="DataTD"><b><?=_("Points")?></b></td>
- <td class="DataTD"><b><?=_("Location")?></b></td>
- <td class="DataTD"><b><?=_("Method")?></b></td>
- <td class="DataTD"><b><?=_("Revoke")?></b></td>
+ <td class="DataTD"><b><?php echo _("ID")?></b></td>
+ <td class="DataTD"><b><?php echo _("Date")?></b></td>
+ <td class="DataTD"><b><?php echo _("Who")?></b></td>
+ <td class="DataTD"><b><?php echo _("Email")?></b></td>
+ <td class="DataTD"><b><?php echo _("Points")?></b></td>
+ <td class="DataTD"><b><?php echo _("Location")?></b></td>
+ <td class="DataTD"><b><?php echo _("Method")?></b></td>
+ <td class="DataTD"><b><?php echo _("Revoke")?></b></td>
</tr>
- <?
- $query = "select * from `notary` where `from`='".intval($_GET['userid'])."' and `deleted` = 0";
- $dres = mysql_query($query);
+ <?php $query = "select * from `notary` where `from`='".intval($_GET['userid'])."' and `deleted` = 0";
+ $dres = mysqli_query($_SESSION['mconn'], $query);
$points = 0;
- while($drow = mysql_fetch_assoc($dres)) {
- $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['to'])."'"));
+ while($drow = mysqli_fetch_assoc($dres)) {
+ $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($drow['to'])."'"));
$points += intval($drow['points']);
?>
<tr>
- <td class="DataTD"><?=intval($drow['id'])?></td>
- <td class="DataTD"><?=$drow['date']?></td>
- <td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($drow['to'])?>"><?=sanitizeHTML($fromuser['fname']." ".$fromuser['lname'])?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($drow['to'])?>"><?=sanitizeHTML($fromuser['email'])?></a></td>
- <td class="DataTD"><?=intval($drow['points'])?></td>
- <td class="DataTD"><?=sanitizeHTML($drow['location'])?></td>
- <td class="DataTD"><?=sanitizeHTML($drow['method'])?></td>
- <td class="DataTD"><a href="account.php?id=43&userid=<?=intval($drow['from'])?>&assurance=<?=intval($drow['id'])?>&amp;csrf=<?=make_csrf('admdelassurance')?>&amp;ticketno=<?=sanitizeHTML($ticketno)?>" onclick="return confirm('<?=sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),intval($drow['id']))?>');"><?=_("Revoke")?></a></td>
+ <td class="DataTD"><?php echo intval($drow['id'])?></td>
+ <td class="DataTD"><?php echo $drow['date']?></td>
+ <td class="DataTD"><a href="wot.php?id=9&userid=<?php echo intval($drow['to'])?>"><?php echo sanitizeHTML($fromuser['fname']." ".$fromuser['lname'])?></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($drow['to'])?>"><?php echo sanitizeHTML($fromuser['email'])?></a></td>
+ <td class="DataTD"><?php echo intval($drow['points'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['location'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($drow['method'])?></td>
+ <td class="DataTD"><a href="account.php?id=43&userid=<?php echo intval($drow['from'])?>&assurance=<?php echo intval($drow['id'])?>&amp;csrf=<?php echo make_csrf('admdelassurance')?>&amp;ticketno=<?php echo sanitizeHTML($ticketno)?>" onclick="return confirm('<?php echo sprintf(_("Are you sure you want to revoke the assurance with ID &quot;%s&quot;?"),intval($drow['id']))?>');"><?php echo _("Revoke")?></a></td>
</tr>
- <?
- }
+ <?php }
?>
<tr>
- <td class="DataTD" colspan="4"><b><?=_("Total Points")?>:</b></td>
- <td class="DataTD"><?=intval($points)?></td>
+ <td class="DataTD" colspan="4"><b><?php echo _("Total Points")?>:</b></td>
+ <td class="DataTD"><?php echo intval($points)?></td>
<td class="DataTD" colspan="3">&nbsp;</td>
</tr>
</table>
<?} ?>
<br/><br/>
-<?
-} }
+<?php } }
if(isset($_GET['shownotary'])) {
switch($_GET['shownotary']) {
diff --git a/pages/account/44.php b/pages/account/44.php
index 718f0e0..378335c 100644
--- a/pages/account/44.php
+++ b/pages/account/44.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,9 +18,8 @@
if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") {
?>
- <div style="color: orange;">ERROR: <?=$_SESSION['_config']['error']?></div>
- <?
- unset($_SESSION['_config']['error']);
+ <div style="color: orange;">ERROR: <?php echo $_SESSION['_config']['error']?></div>
+ <?php unset($_SESSION['_config']['error']);
}
$ticketno = "";
@@ -39,21 +38,21 @@ if (!valid_ticket_number($ticketno)) {
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Change Password")?></td>
+ <td colspan="2" class="title"><?php echo _("Change Password")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><b><?=sanitizeHTML($_REQUEST['email'])?></b></td>
+ <td class="DataTD"><?php echo _("Email")?>:</td>
+ <td class="DataTD"><b><?php echo sanitizeHTML($_REQUEST['email'])?></b></td>
</tr>
<tr>
- <td class="DataTD"><?=_("New Password")?>:</td>
- <td class="DataTD"><input type="text" name="newpass" value="<?=array_key_exists('newpass',$_REQUEST)?sanitizeHTML($_REQUEST['newpass']):""?>"></td>
+ <td class="DataTD"><?php echo _("New Password")?>:</td>
+ <td class="DataTD"><input type="text" name="newpass" value="<?php echo array_key_exists('newpass',$_REQUEST)?sanitizeHTML($_REQUEST['newpass']):""?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Next")?>"></td>
</tr>
</table>
-<input type="hidden" name="userid" value="<?=intval($_REQUEST['userid'])?>">
-<input type="hidden" name="oldid" value="<?=intval($id)?>">
-<input type="hidden" name="ticketno" value="<?=sanitizeHTML($ticketno)?>"/>
+<input type="hidden" name="userid" value="<?php echo intval($_REQUEST['userid'])?>">
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>">
+<input type="hidden" name="ticketno" value="<?php echo sanitizeHTML($ticketno)?>"/>
</form>
diff --git a/pages/account/45.php b/pages/account/45.php
index 23bce9d..226a0e5 100644
--- a/pages/account/45.php
+++ b/pages/account/45.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,9 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("Paste your CSR below...")?></p>
+<p><?php echo _("Paste your CSR below...")?></p>
<form method="post" action="account.php">
<textarea name="CSR" cols="80" rows="15"></textarea><br>
-<input type="submit" name="process" value="<?=_("Submit")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="submit" name="process" value="<?php echo _("Submit")?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/48.php b/pages/account/48.php
index 8cdd7ac..c9711f4 100644
--- a/pages/account/48.php
+++ b/pages/account/48.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,19 +15,19 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } ?>
+<?php if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?php echo $_SESSION['_config']['error']?></div><?php unset($_SESSION['_config']['error']); } ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Find User by Domain")?></td>
+ <td colspan="2" class="title"><?php echo _("Find User by Domain")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><input type="text" name="domain" value="<?=array_key_exists('domain',$_POST)?sanitizeHTML($_POST['domain']):''?>"></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><input type="text" name="domain" value="<?php echo array_key_exists('domain',$_POST)?sanitizeHTML($_POST['domain']):''?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Next")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/49.php b/pages/account/49.php
index 0218fa0..3478fcb 100644
--- a/pages/account/49.php
+++ b/pages/account/49.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,11 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
+<?php $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
if($userid <= 0)
{
- $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain']));
+ $domainsearch = $domain = mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_POST['domain']));
if(!strstr($domain, "%"))
$domainsearch = "%$domain%";
if(preg_match("/^\d+$/",$domain))
@@ -30,76 +29,74 @@
`domains`.`deleted`=0 and `users`.`deleted`=0 and
`users`.`verified`=1
group by `users`.`id` limit 100";
- $res = mysql_query($query);
- if(mysql_num_rows($res) >= 1) { ?>
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific User Account Details")?></td>
+ <td colspan="5" class="title"><?php echo _("Select Specific User Account Details")?></td>
</tr>
-<?
- while($row = mysql_fetch_assoc($res))
+<?php
+ while($row = mysqli_fetch_assoc($res))
{ ?>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><?=$row['domid']?></td>
- <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=$row['id']?>"><?=sanitizeHTML($row['domain'])?></a></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><?php echo $row['domid']?></td>
+ <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo $row['id']?>"><?php echo sanitizeHTML($row['domain'])?></a></td>
</tr>
-<? } if(mysql_num_rows($res) >= 100) { ?>
+<?php } if(mysqli_num_rows($res) >= 100) { ?>
<tr>
- <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td>
+ <td class="DataTD" colspan="3"><?php echo _("Only the first 100 rows are displayed.")?></td>
</tr>
-<? } else { ?>
+<?php } else { ?>
<tr>
- <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
+ <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
</tr>
-<? } ?>
+<?php } ?>
</table><br><br>
-<? } elseif(mysql_num_rows($res) == 1) {
- $row = mysql_fetch_assoc($res);
+<? } elseif(mysqli_num_rows($res) == 1) {
+ $row = mysqli_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?printf(_("No personal domains found matching %s"), sanitizeHTML($domain));?></td>
</tr>
- </table><br><br><?
- }
+ </table><br><br><?php }
$query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domain' limit 100";
- $res = mysql_query($query);
- if(mysql_num_rows($res) >= 1) { ?>
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) >= 1) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Select Specific Organisation Account Details")?></td>
+ <td colspan="5" class="title"><?php echo _("Select Specific Organisation Account Details")?></td>
</tr>
-<?
- while($row = mysql_fetch_assoc($res))
+<?php
+ while($row = mysqli_fetch_assoc($res))
{ ?>
<tr>
- <td class="DataTD"><?=_("Domain")?>:</td>
- <td class="DataTD"><?=$row['id']?></td>
- <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['orgid'])?>"><?=sanitizeHTML($row['domain'])?></a></td>
+ <td class="DataTD"><?php echo _("Domain")?>:</td>
+ <td class="DataTD"><?php echo $row['id']?></td>
+ <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?php echo intval($row['orgid'])?>"><?php echo sanitizeHTML($row['domain'])?></a></td>
</tr>
-<? } if(mysql_num_rows($res) >= 100) { ?>
+<?php } if(mysqli_num_rows($res) >= 100) { ?>
<tr>
- <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td>
+ <td class="DataTD" colspan="3"><?php echo _("Only the first 100 rows are displayed.")?></td>
</tr>
-<? } else { ?>
+<?php } else { ?>
<tr>
- <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
+ <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
</tr>
-<? } ?>
+<?php } ?>
</table><br><br>
-<? } elseif(mysql_num_rows($res) == 1) {
- $row = mysql_fetch_assoc($res);
+<? } elseif(mysqli_num_rows($res) == 1) {
+ $row = mysqli_fetch_assoc($res);
$_GET['userid'] = intval($row['id']);
} else {
?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="5" class="title"><?printf(_("No organisational domains found matching %s"), sanitizeHTML($domain));?></td>
</tr>
- </table><br><br><?
- }
+ </table><br><br><?php }
}
if($userid > 0)
diff --git a/pages/account/5.php b/pages/account/5.php
index efed0ab..17fecaa 100644
--- a/pages/account/5.php
+++ b/pages/account/5.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,23 +15,22 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? $viewall=0; if(array_key_exists('viewall',$_REQUEST)) $viewall=intval($_REQUEST['viewall']); ?>
+<?php $viewall=0; if(array_key_exists('viewall',$_REQUEST)) $viewall=intval($_REQUEST['viewall']); ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
+ <td colspan="10" class="title"><?php echo _("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?php echo intval(!$viewall)?>"><?php echo $viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td class="DataTD"><?=_("Login")?></td>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
-<?
- $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
+ <td class="DataTD"><?php echo _("Renew/Revoke/Delete")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Email Address")?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td class="DataTD"><?php echo _("Login")?></td>
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
+<?php $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
`emailcerts`.`expire`,
@@ -53,15 +52,15 @@
$query .= " HAVING `timeleft` > 0 or `expire` = 0 ";
$query .= " ORDER BY `modified` desc";
// echo $query."<br>\n";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="10" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="10" class="DataTD"><?php echo _("No client certificates are currently listed.")?></td>
</tr>
-<? } else {
- while($row = mysql_fetch_assoc($res))
+<?php } else {
+ while($row = mysqli_fetch_assoc($res))
{
if($row['timeleft'] > 0)
$verified = _("Valid");
@@ -75,53 +74,53 @@
$row['revoke'] = _("Not Revoked");
?>
<tr>
-<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"></td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></a></td>
-<? } else if($verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"></td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
-<? } else { ?>
+<?php if($verified != _("Pending") && $verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?php echo intval($row['id'])?>"></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="account.php?id=6&amp;cert=<?php echo intval($row['id'])?>"><?php echo (trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></a></td>
+<?php } else if($verified != _("Revoked")) { ?>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>"></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><?php echo (trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
+<?php } else { ?>
<td class="DataTD">&nbsp;</td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
-<? } ?>
- <td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
- <td class="DataTD"><?=sanitizeHTML($row['revoke'])?></td>
- <td class="DataTD"><?=sanitizeHTML($row['expire'])?></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><?php echo (trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
+<?php } ?>
+ <td class="DataTD"><?php echo sanitizeHTML($row['serial'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['revoke'])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['expire'])?></td>
<td class="DataTD">
- <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":'checked="checked"'?>/>
- <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
+ <input type="checkbox" name="disablelogin_<?php echo intval($row['id'])?>" value="1" <?php echo $row['disablelogin']?"":'checked="checked"'?>/>
+ <input type="hidden" name="cert_<?php echo intval($row['id'])?>" value="1" />
</td>
- <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
+ <td class="DataTD"><input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" /></td>
</tr>
- <? } ?>
+ <?php } ?>
<tr>
<td class="DataTD" colspan="9">
- <a href="account.php?id=5&amp;viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
+ <a href="account.php?id=5&amp;viewall=<?php echo intval(!$viewall)?>"><b><?php echo $viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
</td>
</tr>
<tr>
<td class="DataTD" colspan="9">
- <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ <?php echo _('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
- <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
+ <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?php echo _("Renew")?>" />&#160;&#160;&#160;&#160;
+ <input type="submit" name="revoke" value="<?php echo _("Revoke/Delete")?>" /></td>
- <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
+ <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?php echo _("Change settings")?>" /> </td>
</tr>
-<? } ?>
+<?php } ?>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>" />
-<input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>" />
+<input type="hidden" name="csrf" value="<?php echo make_csrf('clicerchange')?>" />
</form>
-<p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
-<p><?=_("Login").": "._("By allowing certificate login, this certificate can be used to login into your account at https://secure.cacert.org/ .")?></p>
+<p><?php echo _("From here you can delete pending requests, or revoke valid certificates.")?></p>
+<p><?php echo _("Login").": "._("By allowing certificate login, this certificate can be used to login into your account at https://secure.cacert.org/ .")?></p>
diff --git a/pages/account/50.php b/pages/account/50.php
index a4c2413..1e2a12f 100644
--- a/pages/account/50.php
+++ b/pages/account/50.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,27 +15,27 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? if($_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } ?>
+<?php if($_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?php echo $_SESSION['_config']['error']?></div><?php unset($_SESSION['_config']['error']); } ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Delete Account")?></td>
+ <td colspan="2" class="title"><?php echo _("Delete Account")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email")?>:</td>
- <td class="DataTD"><b><?=sanitizeHTML($_REQUEST['email'])?></b></td>
+ <td class="DataTD"><?php echo _("Email")?>:</td>
+ <td class="DataTD"><b><?php echo sanitizeHTML($_REQUEST['email'])?></b></td>
</tr>
<tr>
- <td class="DataTD"><?=_("New Username from arbitration number + sequence number a20xxyyzz.a.b")?>:</td>
+ <td class="DataTD"><?php echo _("New Username from arbitration number + sequence number a20xxyyzz.a.b")?>:</td>
<td class="DataTD"><input type="text" name="arbitrationno"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><?=_("Are you sure you want to delete this user, while not actually deleting the account it will completely disable it and revoke any/all certificates currently issued.")?></td>
+ <td class="DataTD" colspan="2"><?php echo _("Are you sure you want to delete this user, while not actually deleting the account it will completely disable it and revoke any/all certificates currently issued.")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?=_("No")?>"> <input type="submit" name="process" value="<?=_("Yes")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="cancel" value="<?php echo _("No")?>"> <input type="submit" name="process" value="<?php echo _("Yes")?>"></td>
</tr>
</table>
-<input type="hidden" name="userid" value="<?=intval($_REQUEST['userid'])?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="userid" value="<?php echo intval($_REQUEST['userid'])?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/account/51.php b/pages/account/51.php
index 7273840..cfe8d7f 100644
--- a/pages/account/51.php
+++ b/pages/account/51.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,17 +15,16 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
-<?
- $uid = intval($_GET['photoid']);
+<?php if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
+<?php $uid = intval($_GET['photoid']);
$query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) { ?>
-<img src="account.php?id=51&amp;photoid=<?=$uid ?>&amp;img=show" border="0" width="800">
-<? } else {
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0) { ?>
+<img src="account.php?id=51&amp;photoid=<?php echo $uid ?>&amp;img=show" border="0" width="800">
+<?php } else {
$query = "select * from `tverify` where `id`='$uid' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
echo _("This UID has already been voted on.");
} else {
diff --git a/pages/account/52.php b/pages/account/52.php
index 6c00c26..f7210e0 100644
--- a/pages/account/52.php
+++ b/pages/account/52.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -21,13 +21,13 @@ if($_SESSION['profile']['tverify'] <= 0) {
} else {
$uid = intval($_GET['uid']);
$query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) {
- $row = mysql_fetch_assoc($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0) {
+ $row = mysqli_fetch_assoc($res);
$memid = intval($row['memid']);
$query2 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc2 = mysql_num_rows(mysql_query($query2));
+ $rc2 = mysqli_num_rows(mysqli_query($_SESSION['mconn'], $query2));
if($rc2 > 0) {
showheader(_("My CAcert.org Account!"));
echo _("You have already voted on this request.");
@@ -36,9 +36,9 @@ if($_SESSION['profile']['tverify'] <= 0) {
}
$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `deleted` = 0";
- $notary = mysql_fetch_assoc(mysql_query($query));
+ $notary = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$query = "select * from `users` where `id`='".intval($memid)."'";
- $user = mysql_fetch_assoc(mysql_query($query));
+ $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$tobe = 50 - $notary['points'];
if($row['URL'] != '' && $row['photoid'] != '') {
$tobe = 150 - $notary['points'];
@@ -49,33 +49,32 @@ if($_SESSION['profile']['tverify'] <= 0) {
$tobe = 0;
}
?>
-<?=_("Request Details")?>:<br>
-<?=_("Name on file")?>: <?=sanitizeHTML($user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'])?><br>
-<?=_("Primary email address")?>: <?=sanitizeHTML($user['email'])." (".intval($user['id']).")"?><br>
-<?=_("Certificate Subject")?>: <?=sanitizeHTML($row['CN'])?><br>
+<?php echo _("Request Details")?>:<br>
+<?php echo _("Name on file")?>: <?php echo sanitizeHTML($user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'])?><br>
+<?php echo _("Primary email address")?>: <?php echo sanitizeHTML($user['email'])." (".intval($user['id']).")"?><br>
+<?php echo _("Certificate Subject")?>: <?php echo sanitizeHTML($row['CN'])?><br>
<? if($row['URL'] != '') { ?>
-<?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br>
+<?php echo _("Notary URL")?>: <a href="<?php echo $row['URL']?>"><?php echo $row['URL']?></a><br>
<? } ?>
<? if($row['photoid'] != '') { ?>
-<?=_("Photo ID URL")?>: <a href="/account.php?id=51&amp;photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br>
+<?php echo _("Photo ID URL")?>: <a href="/account.php?id=51&amp;photoid=<?php echo intval($row['id'])?>"><?php echo _("Here")?></a><br>
<? } ?>
-<?=_("Current Points")?>: <?=intval($notary['points'])?><br>
-<?=_("Potential Points")?>: <?=intval($tobe)?><br>
-<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br>
+<?php echo _("Current Points")?>: <?php echo intval($notary['points'])?><br>
+<?php echo _("Potential Points")?>: <?php echo intval($tobe)?><br>
+<?php echo _("Date of Birth")?>: <?php echo $user['dob']?> (YYYY-MM-DD)<br>
<br>
<form method="post" action="account.php">
-<?=_("Comment")?>: <input type="text" name="comment"><br>
-<input type="submit" name="agree" value="<?=_("I agree with this Application")?>">
-<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>">
-<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>">
-<input type="hidden" name="uid" value="<?=intval($uid)?>">
+<?php echo _("Comment")?>: <input type="text" name="comment"><br>
+<input type="submit" name="agree" value="<?php echo _("I agree with this Application")?>">
+<input type="submit" name="disagree" value="<?php echo _("I don't agree with this Application")?>">
+<input type="hidden" name="oldid" value="<?php echo intval($_GET['id'])?>">
+<input type="hidden" name="uid" value="<?php echo intval($uid)?>">
</form>
-<?
- } else {
+<?php } else {
$query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) {
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0) {
echo _("This UID has already been voted on.")."<br/>";
} else {
if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
@@ -83,13 +82,13 @@ if($_SESSION['profile']['tverify'] <= 0) {
// Search for open requests:
$query = "select * from `tverify` where `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) {
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0) {
echo "<br/>"._("The following requests are still open:")."<br/><ul>";
- while($row = mysql_fetch_assoc($res)) {
+ while($row = mysqli_fetch_assoc($res)) {
$uid=intval($row['id']);
$query3 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc3 = mysql_num_rows(mysql_query($query3));
+ $rc3 = mysqli_num_rows(mysqli_query($_SESSION['mconn'], $query3));
if($rc3 <= 0)
{
echo "<li><a href='account.php?id=52&amp;uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n";
diff --git a/pages/account/53.php b/pages/account/53.php
index cc9e2d6..de0a468 100644
--- a/pages/account/53.php
+++ b/pages/account/53.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,8 +15,8 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $town = array_key_exists('town',$_REQUEST)?mysql_escape_string(stripslashes($_REQUEST['town'])):"";
+<?php
+ $town = array_key_exists('town',$_REQUEST)?mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['town'])):"";
$regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
$ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
$start = array_key_exists('start',$_REQUEST)?intval($_REQUEST['start']):0;
@@ -29,7 +29,7 @@
if($regid > 0)
{
- $reg = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
+ $reg = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `regions` where `id`='$regid'"));
$display = "<ul class='top'>\n<li>\n".
"<a href='account.php?id=53&amp;regid=$regid'>".sanitizeHTML($reg['name'])."</a> - <a href='account.php?action=add&amp;id=54&amp;regid=$regid'>"._("Add")."</a>\n".
$display;
@@ -38,7 +38,7 @@
if($ccid > 0)
{
- $cnt = mysql_fetch_assoc(mysql_query("select * from `countries` where `id`='$ccid'"));
+ $cnt = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `countries` where `id`='$ccid'"));
$display = "<ul class='top'>\n<li>\n".
"<a href='account.php?id=53&amp;ccid=$ccid'>".sanitizeHTML($cnt['name'])."</a> - <a href='account.php?action=add&amp;id=54&amp;ccid=$ccid'>"._("Add")."</a>\n".
$display;
@@ -51,16 +51,16 @@
{
echo "<ul>\n";
$query = "select * from `countries` order by `name`";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
echo "<li><a href='account.php?id=53&amp;ccid=".intval($row['id'])."'>".sanitizeHTML($row['name'])."</a></li>\n";
echo "</ul>\n</li>\n</ul></div>\n<br>\n";
} elseif($regid <= 0) {
echo "<ul>\n";
$query = "select * from `regions` where `ccid`='$ccid' order by `name`";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
echo "<li>( <a href='account.php?action=edit&amp;id=54&regid=".intval($row['id'])."'>"._("edit")."</a> |";
echo " <a href='account.php?action=delete&amp;id=53&regid=".intval($row['id'])."'";
@@ -74,11 +74,11 @@
if($town != "")
{
$query = "select * from `locations` where `regid`='$regid' and `name` < '$town'";
- $start = mysql_num_rows(mysql_query($query));
+ $start = mysqli_num_rows(mysqli_query($_SESSION['mconn'], $query));
}
$query = "select * from `locations` where `regid`='$regid' order by `name` limit $start, $limit";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
echo "<li>( <a href='account.php?action=move&amp;id=54&amp;locid=".intval($row['id'])."'>"._("move")."</a> |";
echo " <a href='account.php?action=aliases&amp;id=54&amp;locid=".intval($row['id'])."'>"._("aliases")."</a> |";
@@ -89,7 +89,7 @@
echo "</ul>\n</li>\n</ul>\n</li>\n</ul></div>\n<br>\n";
$st="";$prev="";$end="";$next="";
- $rc = mysql_num_rows(mysql_query("select * from `locations` where `regid`='$regid'"));
+ $rc = mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `locations` where `regid`='$regid'"));
if($start > 0)
{
$prev = $start - $limit;
diff --git a/pages/account/54.php b/pages/account/54.php
index 753b4af..2781600 100644
--- a/pages/account/54.php
+++ b/pages/account/54.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,81 +15,81 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
+<?php
$ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
$regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
$locid = array_key_exists('locid',$_REQUEST)?intval($_REQUEST['locid']):0;
- $name = array_key_exists('name',$_REQUEST)?mysql_escape_string($_REQUEST['name']):"";
+ $name = array_key_exists('name',$_REQUEST)?mysqli_real_escape_string($_SESSION['mconn'],$_REQUEST['name']):"";
if($ccid > 0 && $_REQUEST['action'] == "add") { ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Add Region")?></td>
+ <td colspan="2" class="title"><?php echo _("Add Region")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Region")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
+ <td class="DataTD"><?php echo _("Region")?>:</td>
+ <td class="DataTD"><input type="text" name="name" value="<?php echo sanitizeHTML($name)?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
-<input type="hidden" name="ccid" value="<?=$ccid?>">
+<input type="hidden" name="ccid" value="<?php echo $ccid?>">
<input type="hidden" name="oldid" value="54">
</form>
-<? } if($regid > 0 && $_REQUEST['action'] == "edit") {
+<?php } if($regid > 0 && $_REQUEST['action'] == "edit") {
$query = "select * from `regions` where `id`='$regid' order by `name`";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$name = $row['name'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Edit Region")?></td>
+ <td colspan="2" class="title"><?php echo _("Edit Region")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Region")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
+ <td class="DataTD"><?php echo _("Region")?>:</td>
+ <td class="DataTD"><input type="text" name="name" value="<?php echo sanitizeHTML($name)?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
-<input type="hidden" name="regid" value="<?=$regid?>">
+<input type="hidden" name="regid" value="<?php echo $regid?>">
<input type="hidden" name="oldid" value="54">
</form>
-<? } if($regid > 0 && $_REQUEST['action'] == "add") { ?>
+<?php } if($regid > 0 && $_REQUEST['action'] == "add") { ?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Add Location")?></td>
+ <td colspan="2" class="title"><?php echo _("Add Location")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
+ <td class="DataTD"><?php echo _("Location")?>:</td>
+ <td class="DataTD"><input type="text" name="name" value="<?php echo sanitizeHTML($name)?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Longitude")?>:</td>
- <td class="DataTD"><input type="text" name="longitude" value="<?=array_key_exists('longitude',$_REQUEST)?sanitizeHTML($_REQUEST['longitude']):""?>"></td>
+ <td class="DataTD"><?php echo _("Longitude")?>:</td>
+ <td class="DataTD"><input type="text" name="longitude" value="<?php echo array_key_exists('longitude',$_REQUEST)?sanitizeHTML($_REQUEST['longitude']):""?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Latitude")?>:</td>
- <td class="DataTD"><input type="text" name="latitude" value="<?=array_key_exists('latitude',$_REQUEST)?sanitizeHTML($_REQUEST['latitude']):""?>"></td>
+ <td class="DataTD"><?php echo _("Latitude")?>:</td>
+ <td class="DataTD"><input type="text" name="latitude" value="<?php echo array_key_exists('latitude',$_REQUEST)?sanitizeHTML($_REQUEST['latitude']):""?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
-<input type="hidden" name="regid" value="<?=$regid?>">
+<input type="hidden" name="regid" value="<?php echo $regid?>">
<input type="hidden" name="oldid" value="54">
</form>
-<? } if($locid > 0 && $_REQUEST['action'] == "edit") {
+<?php } if($locid > 0 && $_REQUEST['action'] == "edit") {
$query = "select * from `locations` where `id`='$locid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
if($name == "")
$name = $row['name'];
@@ -101,56 +101,56 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Edit Location")?></td>
+ <td colspan="2" class="title"><?php echo _("Edit Location")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
+ <td class="DataTD"><?php echo _("Location")?>:</td>
+ <td class="DataTD"><input type="text" name="name" value="<?php echo sanitizeHTML($name)?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Longitude")?>:</td>
- <td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
+ <td class="DataTD"><?php echo _("Longitude")?>:</td>
+ <td class="DataTD"><input type="text" name="longitude" value="<?php echo sanitizeHTML($_REQUEST['longitude'])?>"></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Latitude")?>:</td>
- <td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
+ <td class="DataTD"><?php echo _("Latitude")?>:</td>
+ <td class="DataTD"><input type="text" name="latitude" value="<?php echo sanitizeHTML($_REQUEST['latitude'])?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
-<input type="hidden" name="locid" value="<?=$locid?>">
+<input type="hidden" name="locid" value="<?php echo $locid?>">
<input type="hidden" name="oldid" value="54">
</form>
-<? } if($locid > 0 && $_REQUEST['action'] == "aliases") {
+<?php } if($locid > 0 && $_REQUEST['action'] == "aliases") {
$query = "select * from `localias` where `locid`='".intval($locid)."'";
- $res = mysql_query($query);
- $rc = mysql_num_rows($res);
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ $rc = mysqli_num_rows($res);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Location Aliases")?> - <a href="javascript:Show_Stuff()"><?=_("Add")?></a></td>
+ <td colspan="2" class="title"><?php echo _("Location Aliases")?> - <a href="javascript:Show_Stuff()"><?php echo _("Add")?></a></td>
</tr>
<tr ID="display1">
<td colspan="2" class="DataTD">
<form method="post" action="account.php" ACCEPTCHARSET="utf-8">
- <?=_("Location Alias")?>: <input type="text" name="name"> <input type="submit" value="Add">
+ <?php echo _("Location Alias")?>: <input type="text" name="name"> <input type="submit" value="Add">
<input type="hidden" name="action" value="alias">
- <input type="hidden" name="locid" value="<?=intval($locid)?>">
+ <input type="hidden" name="locid" value="<?php echo intval($locid)?>">
<input type="hidden" name="oldid" value="54">
</form>
</td>
</tr>
-<?
- while($row = mysql_fetch_assoc($res))
+<?php
+ while($row = mysqli_fetch_assoc($res))
{
?>
<tr>
- <td class="DataTD"><?=$row['name']?></td>
- <td class="DataTD"><a href="account.php?id=54&amp;locid=<?=$locid?>&amp;name=<?=($row['name'])?>&amp;action=delalias" onclick="return confirm('Are you sure you want to delete this location alias?');"><?=_("Delete")?></td>
+ <td class="DataTD"><?php echo $row['name']?></td>
+ <td class="DataTD"><a href="account.php?id=54&amp;locid=<?php echo $locid?>&amp;name=<?php echo ($row['name'])?>&amp;action=delalias" onclick="return confirm('Are you sure you want to delete this location alias?');"><?php echo _("Delete")?></td>
</tr>
-<? } ?>
+<?php } ?>
</table>
<script language="JavaScript" type="text/javascript">
<!--
@@ -167,27 +167,26 @@ function Show_Stuff()
document.getElementById("display1").style.display = "none";
-->
</script>
-<? } if($locid > 0 && $_REQUEST['action'] == "move") {
+<?php } if($locid > 0 && $_REQUEST['action'] == "move") {
$query = "select * from `locations` where `id`='$locid'";
- $row = mysql_fetch_assoc(mysql_query($query));
+ $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
$newreg = $_REQUEST['newreg'] = $row['regid'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Move Location")?></td>
+ <td colspan="2" class="title"><?php echo _("Move Location")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Location")?>:</td>
- <td class="DataTD"><?=$row['name']?></td>
+ <td class="DataTD"><?php echo _("Location")?>:</td>
+ <td class="DataTD"><?php echo $row['name']?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Set Region")?>:</td>
+ <td class="DataTD"><?php echo _("Set Region")?>:</td>
<td class="DataTD"><select name="newreg">
-<?
- $query = "select * from `regions` where `ccid`='".intval($row['ccid'])."' order by `name`";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+<?php $query = "select * from `regions` where `ccid`='".intval($row['ccid'])."' order by `name`";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
echo "<option value='".intval($row['id'])."'";
if($_REQUEST['newreg'] == $row['id'])
@@ -198,12 +197,12 @@ document.getElementById("display1").style.display = "none";
</select></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="move">
-<input type="hidden" name="locid" value="<?=$locid?>">
+<input type="hidden" name="locid" value="<?php echo $locid?>">
<input type="hidden" name="oldid" value="54">
</form>
-<? } ?>
+<?php } ?>
diff --git a/pages/account/55.php b/pages/account/55.php
index 24cc86d..0ce7e86 100644
--- a/pages/account/55.php
+++ b/pages/account/55.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,78 +15,72 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
+<?php if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
$user_id = intval($_SESSION['profile']['id']);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Your passed Tests")?></td>
+ <td colspan="5" class="title"><?php echo _("Your passed Tests")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
+ <td class="DataTD"><?php echo _("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
</tr>
</table>
-<?
- } else {
+<?php } else {
$user_id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else {
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
}
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
+ <td colspan="5" class="title"><?php echo _("Passed Tests of")." ".sanitizeHTML($row['fname'])." ".sanitizeHTML($row['mname'])." ".sanitizeHTML($row['lname'])?></td>
</tr>
</table>
-<?
- }
+<?php }
?>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td class="DataTD"><b><?=_("Date")?></b></td>
- <td class="DataTD"><b><?=_("Test")?></b></td>
- <td class="DataTD"><b><?=_("Variant")?></b></td>
+ <td class="DataTD"><b><?php echo _("Date")?></b></td>
+ <td class="DataTD"><b><?php echo _("Test")?></b></td>
+ <td class="DataTD"><b><?php echo _("Variant")?></b></td>
</tr>
-<?
- $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
+<?php $query = "SELECT `CP`.`pass_date`, `CT`.`type_text`, `CV`.`test_text` ".
" FROM `cats_passed` AS CP, `cats_variant` AS CV, `cats_type` AS CT ".
" WHERE `CP`.`variant_id`=`CV`.`id` AND `CV`.`type_id`=`CT`.`id` AND `CP`.`user_id` ='".intval($user_id)."'".
" ORDER BY `CP`.`pass_date`";
- $res = mysql_query($query);
+ $res = mysqli_query($_SESSION['mconn'], $query);
$HaveTest=0;
- while($row = mysql_fetch_array($res, MYSQL_NUM))
+ while($row = mysqli_fetch_array($res, MYSQL_NUM))
{
if ($row[1] == "Assurer Challenge") {
$HaveTest=1;
}
?>
<tr>
- <td class="DataTD"><?=sanitizeHTML($row[0])?></td>
- <td class="DataTD"><?=sanitizeHTML($row[1])?></td>
- <td class="DataTD"><?=sanitizeHTML($row[2])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row[0])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row[1])?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row[2])?></td>
</tr>
-<? }
+<?php }
?>
</table>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
-<?
- if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+<?php if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
?>
- <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr>
-<?
- } else {
+ <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($user_id)?>">back</a></td></tr>
+<?php } else {
$query = '
SELECT `u`.`id`,
`u`.`assurer`,
@@ -99,22 +93,22 @@
AND `n`.`deleted` = 0
GROUP BY `u`.`id`, `u`.`assurer`
';
- $res = mysql_query($query);
+ $res = mysqli_query($_SESSION['mconn'], $query);
if (!$res) {
print '<td colspan="3" class="DataTD">'._('Internal Error').'</td>'."\n";
} else {
- $row = mysql_fetch_array($res, MYSQL_NUM);
+ $row = mysqli_fetch_array($res, MYSQL_NUM);
if ($HaveTest && ($row[2]>=100)) {
if (!$row[1]) {
// This should not happen...
fix_assurer_flag($_SESSION['profile']['id']);
}
-?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td>
-<? } elseif (($row[2]>=100) && !$HaveTest) {
-?> <td colspan="3" class="DataTD"><?=_("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td>
-<? } elseif ($HaveTest && ($row[2]<100)) {
-?> <td colspan="3" class="DataTD"><?=_("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td>
-<? }
+?> <td colspan="3" class="DataTD"><?php echo _("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.")?></td>
+<?php } elseif (($row[2]>=100) && !$HaveTest) {
+?> <td colspan="3" class="DataTD"><?php echo _("You have at least 100 Assurance Points, if you want to become an assurer try the ").'<a href="https://cats.cacert.org">'._("Assurer Challenge").'</a>!'?></td>
+<?php } elseif ($HaveTest && ($row[2]<100)) {
+?> <td colspan="3" class="DataTD"><?php echo _("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!")?></td>
+<?php }
}
}
?> </tr>
diff --git a/pages/account/56.php b/pages/account/56.php
index cabe8e0..e6c3dd7 100644
--- a/pages/account/56.php
+++ b/pages/account/56.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,27 +15,25 @@ You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?=_("List of Organisation Assurers:")?>
+<?php echo _("List of Organisation Assurers:")?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="1" class="title"><?=_("Name")?></td>
- <td colspan="1" class="title"><?=_("Email")?></td>
- <td colspan="1" class="title"><?=_("Country")?></td>
+ <td colspan="1" class="title"><?php echo _("Name")?></td>
+ <td colspan="1" class="title"><?php echo _("Email")?></td>
+ <td colspan="1" class="title"><?php echo _("Country")?></td>
</tr>
- <?
- $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ <?php $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
?>
<tr>
- <td><?=sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td>
- <td><a href="mailto:<?=sanitizeHTML($row['email'])?>"><?=sanitizeHTML($row['email'])?></a></td>
- <td><?=sanitizeHTML($row['name'])?></td>
+ <td><?php echo sanitizeHTML($row['fname'])." ".sanitizeHTML($row['lname'])?></td>
+ <td><a href="mailto:<?php echo sanitizeHTML($row['email'])?>"><?php echo sanitizeHTML($row['email'])?></a></td>
+ <td><?php echo sanitizeHTML($row['name'])?></td>
</tr>
- <?
- }
+ <?php }
?>
</table>
diff --git a/pages/account/57.php b/pages/account/57.php
index 9db7ccf..225b60c 100644
--- a/pages/account/57.php
+++ b/pages/account/57.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,8 +15,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- include_once($_SESSION['_config']['filepath'].'/includes/notary.inc.php');
+<?php include_once($_SESSION['_config']['filepath'].'/includes/notary.inc.php');
if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
@@ -25,16 +24,16 @@
} else {
$user_id = intval($_REQUEST['userid']);
$query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else {
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="5" class="title"><?=_('CCA agreement of').' '.sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname'])?></td>
+ <td colspan="5" class="title"><?php echo _('CCA agreement of').' '.sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname'])?></td>
</tr>
</table>
@@ -42,13 +41,12 @@
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td class="DataTD"><b><?=_('CCA type')?></b></td>
- <td class="DataTD"><b><?=_('Date')?></b></td>
- <td class="DataTD"><b><?=_('Method')?></b></td>
- <td class="DataTD"><b><?=_('Type')?></b></td>
+ <td class="DataTD"><b><?php echo _('CCA type')?></b></td>
+ <td class="DataTD"><b><?php echo _('Date')?></b></td>
+ <td class="DataTD"><b><?php echo _('Method')?></b></td>
+ <td class="DataTD"><b><?php echo _('Type')?></b></td>
</tr>
-<?
- $data=get_first_user_agreement($user_id, 'CCA', 1);
+<?php $data=get_first_user_agreement($user_id, 'CCA', 1);
if (!isset($data['active'])){
$type='';
}else{
@@ -56,13 +54,12 @@
}
?>
<tr>
- <td class="DataTD"><?=_('First active CCA')?></td>
- <td class="DataTD"><?=isset($data['date'])?$data['date']:''?></td>
- <td class="DataTD"><?=isset($data['method'])?$data['method']:''?></td>
- <td class="DataTD"><?=$type?></td>
+ <td class="DataTD"><?php echo _('First active CCA')?></td>
+ <td class="DataTD"><?php echo isset($data['date'])?$data['date']:''?></td>
+ <td class="DataTD"><?php echo isset($data['method'])?$data['method']:''?></td>
+ <td class="DataTD"><?php echo $type?></td>
</tr>
-<?
- $data=get_first_user_agreement($user_id, 'CCA', 0);
+<?php $data=get_first_user_agreement($user_id, 'CCA', 0);
if (!isset($data['active'])){
$type="";
}else{
@@ -70,13 +67,12 @@
}
?>
<tr>
- <td class="DataTD"><?=_('First passive CCA')?></td>
- <td class="DataTD"><?=isset($data['date'])?$data['date']:''?></td>
- <td class="DataTD"><?=isset($data['method'])?$data['method']:''?></td>
- <td class="DataTD"><?=$type?></td>
+ <td class="DataTD"><?php echo _('First passive CCA')?></td>
+ <td class="DataTD"><?php echo isset($data['date'])?$data['date']:''?></td>
+ <td class="DataTD"><?php echo isset($data['method'])?$data['method']:''?></td>
+ <td class="DataTD"><?php echo $type?></td>
</tr>
-<?
- $data=get_last_user_agreement($user_id, 'CCA');
+<?php $data=get_last_user_agreement($user_id, 'CCA');
if (!isset($data['active'])){
$type="";
}elseif($data['active']==1){
@@ -86,22 +82,20 @@
}
?>
<tr>
- <td class="DataTD"><?=_('Last CCA')?></td>
- <td class="DataTD"><?=isset($data['date'])?$data['date']:''?></td>
- <td class="DataTD"><?=isset($data['method'])?$data['method']:''?></td>
- <td class="DataTD"><?=$type?></td>
+ <td class="DataTD"><?php echo _('Last CCA')?></td>
+ <td class="DataTD"><?php echo isset($data['date'])?$data['date']:''?></td>
+ <td class="DataTD"><?php echo isset($data['method'])?$data['method']:''?></td>
+ <td class="DataTD"><?php echo $type?></td>
</tr>
</table>
<br>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
-<?
- if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
+<?php if ($_SESSION['profile']['admin'] == 1 && array_key_exists('userid',$_REQUEST) && intval($_REQUEST['userid']) > 0) {
?>
- <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($user_id)?>">back</a></td></tr>
-<? }
+ <tr><td colspan="3" class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($user_id)?>">back</a></td></tr>
+<?php }
?> </table>
-<?
- }
+<?php }
}
?>
diff --git a/pages/account/58.php b/pages/account/58.php
index af26b70..4a9d3ca 100644
--- a/pages/account/58.php
+++ b/pages/account/58.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -21,34 +21,34 @@ if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST)
} else {
$user_id = intval($_REQUEST['userid']);
$query = "select `users`.`fname`, `users`.`mname`, `users`.`lname` from `users` where `id`='$user_id' and `users`.`deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) != 1){
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) != 1){
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
} else {
- if ($row = mysql_fetch_assoc($res)){
+ if ($row = mysqli_fetch_assoc($res)){
$username=sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname']);
$query = "select `orginfo`.`o`, `org`.`masteracc`
FROM `orginfo`, `org`
WHERE `orginfo`.`id` = `org`.`orgid`
AND `org`.`memid`='$user_id' order by `orginfo`.`o`";
- $res1 = mysql_query($query);?>
- <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?
- if (mysql_num_rows($res1) <= 0) {?>
+ $res1 = mysqli_query($_SESSION['mconn'], $query);?>
+ <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?php
+ if (mysqli_num_rows($res1) <= 0) {?>
<tr>
- <td colspan="2" class="title"><?=sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
+ <td colspan="2" class="title"><?php echo sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
</tr>
<?}else{?>
<tr>
- <td colspan="2" class="title"><?=sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
+ <td colspan="2" class="title"><?php echo sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
</tr>
<tr>
- <td class="DataTD"><b><?=_('Organisation')?></b></td>
- <td class="DataTD"><b><?=_('Masteraccount')?></b></td>
- </tr><?
- while($drow = mysql_fetch_assoc($res1)){?>
+ <td class="DataTD"><b><?php echo _('Organisation')?></b></td>
+ <td class="DataTD"><b><?php echo _('Masteraccount')?></b></td>
+ </tr><?php
+ while($drow = mysqli_fetch_assoc($res1)){?>
<tr>
- <td class="DataTD"><?=$drow['o']?></td>
- <td class="DataTD"><?=$drow['masteracc'] ? _("Yes") : _("No") ?></td>
+ <td class="DataTD"><?php echo $drow['o']?></td>
+ <td class="DataTD"><?php echo $drow['masteracc'] ? _("Yes") : _("No") ?></td>
</tr>
<?}
}
diff --git a/pages/account/59.php b/pages/account/59.php
index 1c73ae5..98016fe 100644
--- a/pages/account/59.php
+++ b/pages/account/59.php
@@ -21,13 +21,13 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
$userid = intval($_REQUEST['userid']);
$res = get_user_data($userid);
-if (mysql_num_rows($res) <= 0)
+if (mysqli_num_rows($res) <= 0)
{
echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
exit;
}
-$user = mysql_fetch_assoc($res);
+$user = mysqli_fetch_assoc($res);
$fname = $user['fname'];
$mname = $user['mname'];
@@ -85,177 +85,168 @@ if ($userid != $_SESSION['profile']['id']) {
<td colspan="2" class="title"><?printf(_('Account history of %s'),$username)?></td>
</tr>
<tr>
- <td colspan="2" class="title"><?=_('User actions')?></td>
+ <td colspan="2" class="title"><?php echo _('User actions')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_('User name')?></td>
- <td class="DataTD"><?=sanitizeHTML($username)?></td>
+ <td class="DataTD"><?php echo _('User name')?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($username)?></td>
</tr>
<tr>
- <td class="DataTD"><?=_('Date of Birth')?></td>
- <td class="DataTD"><?=sanitizeHTML($dob)?></td>
+ <td class="DataTD"><?php echo _('Date of Birth')?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($dob)?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Is Assurer")?>:</td>
- <td class="DataTD"><?= ($user['assurer']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Is Assurer")?>:</td>
+ <td class="DataTD"><?php echo ($user['assurer']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Blocked Assurer")?>:</td>
- <td class="DataTD"><?= ($user['assurer_blocked']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Blocked Assurer")?>:</td>
+ <td class="DataTD"><?php echo ($user['assurer_blocked']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Account Locking")?>:</td>
- <td class="DataTD"><?= ($user['locked']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Account Locking")?>:</td>
+ <td class="DataTD"><?php echo ($user['locked']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Code Signing")?>:</td>
- <td class="DataTD"><?= ($user['codesign']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Code Signing")?>:</td>
+ <td class="DataTD"><?php echo ($user['codesign']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Org Assurer")?>:</td>
- <td class="DataTD"><?= ($user['orgadmin']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Org Assurer")?>:</td>
+ <td class="DataTD"><?php echo ($user['orgadmin']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("TTP Admin")?>:</td>
- <td class="DataTD"><?= $user['ttpadmin']._(' - 0 = none, 1 = TTP Admin, 2 = TTP TOPUP admin')?></td>
+ <td class="DataTD"><?php echo _("TTP Admin")?>:</td>
+ <td class="DataTD"><?php echo $user['ttpadmin']._(' - 0 = none, 1 = TTP Admin, 2 = TTP TOPUP admin')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Location Admin")?>:</td>
- <td class="DataTD"><?= ($user['locadmin']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Location Admin")?>:</td>
+ <td class="DataTD"><?php echo ($user['locadmin']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Admin")?>:</td>
- <td class="DataTD"><?= ($user['admin']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Admin")?>:</td>
+ <td class="DataTD"><?php echo ($user['admin']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Ad Admin")?>:</td>
- <td class="DataTD"><?= $user['adadmin']._(' - 0 = none, 1 = submit, 2 = approve')?></td>
+ <td class="DataTD"><?php echo _("Ad Admin")?>:</td>
+ <td class="DataTD"><?php echo $user['adadmin']._(' - 0 = none, 1 = submit, 2 = approve')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("General Announcements")?>:</td>
- <td class="DataTD"><?= ($alerts['general']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("General Announcements")?>:</td>
+ <td class="DataTD"><?php echo ($alerts['general']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Country Announcements")?>:</td>
- <td class="DataTD"><?= ($alerts['country']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Country Announcements")?>:</td>
+ <td class="DataTD"><?php echo ($alerts['country']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Regional Announcements")?>:</td>
- <td class="DataTD"><?= ($alerts['regional']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Regional Announcements")?>:</td>
+ <td class="DataTD"><?php echo ($alerts['regional']==0)? _('No'):_('Yes')?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Within 200km Announcements")?>:</td>
- <td class="DataTD"><?= ($alerts['radius']==0)? _('No'):_('Yes')?></td>
+ <td class="DataTD"><?php echo _("Within 200km Announcements")?>:</td>
+ <td class="DataTD"><?php echo ($alerts['radius']==0)? _('No'):_('Yes')?></td>
</tr>
</table>
<br/>
-<?
-
+<?php
// Email addresses
$dres = get_email_addresses($userid,'',1);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="3" class="title"><?=_('Email addresses')?></td>
+ <td colspan="3" class="title"><?php echo _('Email addresses')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_log_email_header();
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_log_email($drow,$email);
}
} else {
?>
<tr>
- <td colspan="3" ><?=_('no entry available')?></td>
+ <td colspan="3" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-
+<?php
// Domains
$dres = get_domains($userid, 1);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="3" class="title"><?=_('Domains')?></td>
+ <td colspan="3" class="title"><?php echo _('Domains')?></td>
</tr>
<?
-if (mysql_num_rows($dres) > 0) {
+if (mysqli_num_rows($dres) > 0) {
output_log_domains_header();
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_log_domains($drow);
}
} else {
?>
<tr>
- <td colspan="3" ><?=_('no entry available')?></td>
+ <td colspan="3" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-// Trainings
+<?php // Trainings
$dres = get_training_results($userid);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="3" class="title"><?=_('Trainings')?></td>
+ <td colspan="3" class="title"><?php echo _('Trainings')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_log_training_header();
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_log_training($drow);
}
} else {
?>
<tr>
- <td colspan="3" ><?=_('no entry available')?></td>
+ <td colspan="3" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-// User Agreements
+<?php // User Agreements
$dres = get_user_agreements($userid);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="4" class="title"><?=_('User agreements')?></td>
+ <td colspan="4" class="title"><?php echo _('User agreements')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_log_agreement_header();
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_log_agreement($drow);
}
} else {
?>
<tr>
- <td colspan="4" ><?=_('no entry available')?></td>
+ <td colspan="4" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-// Client Certificates
+<?php // Client Certificates
$dres = get_client_certs($userid, 1);
$colspan=8;
if (1 == $support) {
@@ -264,28 +255,26 @@ if (1 == $support) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="<?=$colspan?>" class="title"><?=_('Client certificates')?></td>
+ <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Client certificates')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_client_cert_header($support);
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_client_cert($drow,$support);
}
} else {
?>
<tr>
- <td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
+ <td colspan="<?php echo $colspan?>" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-// Server Certificates
+<?php // Server Certificates
$dres = get_server_certs($userid,1);
$colspan = 7;
if (1 == $support) {
@@ -294,28 +283,26 @@ if (1 == $support) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="<?=$colspan?>" class="title"><?=_('Server certificates')?></td>
+ <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Server certificates')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_server_certs_header($support);
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_server_certs($drow,$support);
}
} else {
?>
<tr>
- <td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
+ <td colspan="<?php echo $colspan?>" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
</table>
<br/>
-<?
-// GPG Certificates
+<?php // GPG Certificates
$dres = get_gpg_certs($userid,1);
$colspan = 6;
if (1 == $support) {
@@ -324,33 +311,29 @@ if (1 == $support) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="<?=$colspan?>" class="title"><?=_('GPG/PGP certificates')?></td>
+ <td colspan="<?php echo $colspan?>" class="title"><?php echo _('GPG/PGP certificates')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_gpg_certs_header($support);
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_gpg_certs($drow, $support);
}
} else {
?>
<tr>
- <td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
+ <td colspan="<?php echo $colspan?>" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}?>
+ <?php }?>
</table>
<br/>
-<?
-
+<?php
output_given_assurances($userid, $support, $ticketno, 1);
-?><br/><?
-
+?><br/><?php
output_received_assurances($userid, $support, $ticketno, 1);
-?><br/><?
-
+?><br/><?php
$dres = get_se_log($userid);
$colspan = 2;
if (1 == $support) {
@@ -359,26 +342,25 @@ if (1 == $support) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="<?=$colspan?>" class="title"><?=_('Admin log')?></td>
+ <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Admin log')?></td>
</tr>
-<?
-if (mysql_num_rows($dres) > 0) {
+<?php
+if (mysqli_num_rows($dres) > 0) {
output_log_se_header($support);
- while ($drow = mysql_fetch_assoc($dres))
+ while ($drow = mysqli_fetch_assoc($dres))
{
output_log_se($drow,$support);
}
} else {
?>
<tr>
- <td colspan="<?=$colspan?>" ><?=_('no entry available')?></td>
+ <td colspan="<?php echo $colspan?>" ><?php echo _('no entry available')?></td>
</tr>
- <?
-}
+ <?php }
?>
<tr>
- <td colspan="<?=$colspan?>" >
- <a href="account.php?id=<?=$oldid?intval($oldid):($support?43:13)?>&amp;userid=<?=intval($userid)?>"><?= _('Back to previous page.')?></a>
+ <td colspan="<?php echo $colspan?>" >
+ <a href="account.php?id=<?php echo $oldid?intval($oldid):($support?43:13)?>&amp;userid=<?php echo intval($userid)?>"><?php echo _('Back to previous page.')?></a>
</td>
</tr>
diff --git a/pages/account/6.php b/pages/account/6.php
index de8d1a3..97acd7f 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -39,14 +39,14 @@ $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
where `emailcerts`.`id`='$certid' and
`emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
-$res = mysql_query($query);
-if(mysql_num_rows($res) <= 0) {
+$res = mysqli_query($_SESSION['mconn'], $query);
+if(mysqli_num_rows($res) <= 0) {
showheader(_("My CAcert.org Account!"));
echo _("No such certificate attached to your account.");
showfooter();
exit;
}
-$row = mysql_fetch_assoc($res);
+$row = mysqli_fetch_assoc($res);
if (array_key_exists('format', $_REQUEST)) {
@@ -117,10 +117,9 @@ if (array_key_exists('format', $_REQUEST)) {
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Information about the certificate")?></td>
+ <td colspan="2" class="title"><?php echo _("Information about the certificate")?></td>
</tr>
-<?
- if($row['timeleft'] > 0)
+<?php if($row['timeleft'] > 0)
$verified = _("Valid");
if($row['timeleft'] < 0)
$verified = _("Expired");
@@ -132,37 +131,36 @@ if (array_key_exists('format', $_REQUEST)) {
$row['revoke'] = _("Not Revoked");
?>
<tr>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=$verified?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo $verified?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
+ <td class="DataTD"><?php echo _("Email Address")?></td>
+ <td class="DataTD"><?php echo (trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("SerialNumber")?></td>
- <td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
+ <td class="DataTD"><?php echo _("SerialNumber")?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['serial'])?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Revoked")?></td>
- <td class="DataTD"><?=$row['revoke']?></td>
+ <td class="DataTD"><?php echo _("Revoked")?></td>
+ <td class="DataTD"><?php echo $row['revoke']?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Expires")?></td>
- <td class="DataTD"><?=$row['expire']?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td class="DataTD"><?php echo $row['expire']?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Login")?></td>
+ <td class="DataTD"><?php echo _("Login")?></td>
<td class="DataTD">
- <input type="checkbox" name="disablelogin" disabled="disabled" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
+ <input type="checkbox" name="disablelogin" disabled="disabled" value="1" <?php echo $row['disablelogin']?"":"checked='checked'"?>/>
</td>
</tr>
<tr>
- <td class="DataTD"><?=_("Comment")?></td>
- <td class="DataTD"><?=htmlspecialchars($row['description'])?></td>
+ <td class="DataTD"><?php echo _("Comment")?></td>
+ <td class="DataTD"><?php echo htmlspecialchars($row['description'])?></td>
</tr>
</table>
-<?
- showfooter();
+<?php showfooter();
exit;
}
diff --git a/pages/account/7.php b/pages/account/7.php
index 564fd6d..e00bd85 100644
--- a/pages/account/7.php
+++ b/pages/account/7.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,22 +15,22 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("Please Note: You only need to enter the main part of your domain, eg. mydomain.com rather then www.mydomain.com. Once you have verified your domain you are able to enter any sub-domain, such as www.mydomain.com or www.this.is.mydomain.com as the system checks from right to left, rather then specific hostnames when you upload a CSR to the system.")?></p>
+<p><?php echo _("Please Note: You only need to enter the main part of your domain, eg. mydomain.com rather then www.mydomain.com. Once you have verified your domain you are able to enter any sub-domain, such as www.mydomain.com or www.this.is.mydomain.com as the system checks from right to left, rather then specific hostnames when you upload a CSR to the system.")?></p>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Add Domain")?></td>
+ <td colspan="2" class="title"><?php echo _("Add Domain")?></td>
</tr>
<tr>
- <td class="DataTD" width="125"><?=_("Domain")?>: </td>
- <td class="DataTD" width="125"><input type="text" name="newdomain" value="<?=array_key_exists('newdomain',$_GET)?sanitizeHTML($_GET['newdomain']):''?>"></td>
+ <td class="DataTD" width="125"><?php echo _("Domain")?>: </td>
+ <td class="DataTD" width="125"><input type="text" name="newdomain" value="<?php echo array_key_exists('newdomain',$_GET)?sanitizeHTML($_GET['newdomain']):''?>"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("I own or am authorised to control this domain")?>"/></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("I own or am authorised to control this domain")?>"/></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('adddomain')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('adddomain')?>" />
</form>
-<p><?=_("Currently we only issue certificates for Punycode domains if the person requesting them has code signing attributes attached to their account, as these have potentially slightly higher security risk.")?></p>
+<p><?php echo _("Currently we only issue certificates for Punycode domains if the person requesting them has code signing attributes attached to their account, as these have potentially slightly higher security risk.")?></p>
diff --git a/pages/account/8.php b/pages/account/8.php
index 79448d1..e3f0777 100644
--- a/pages/account/8.php
+++ b/pages/account/8.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -19,20 +19,20 @@
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Please choose an authority email address")?></td>
+ <td colspan="2" class="title"><?php echo _("Please choose an authority email address")?></td>
</tr>
-<? $tagged=0;
+<?php $tagged=0;
if(is_array($_SESSION['_config']['addy']))
foreach($_SESSION['_config']['addy'] as $add) { ?>
<tr>
- <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?> /></td>
- <td class="DataTD" width="175"><?=$add?></td>
+ <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?php echo $add?>"<?php if($tagged == 0) { echo " checked=\"checked\""; $tagged = 1; } ?> /></td>
+ <td class="DataTD" width="175"><?php echo $add?></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Probe")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Probe")?>"></td>
</tr>
</table>
-<input type="hidden" name="csrf" value="<?=make_csrf('ctcinfo')?>" />
-<input type="hidden" name="oldid" value="<?=$id?>" />
+<input type="hidden" name="csrf" value="<?php echo make_csrf('ctcinfo')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
</form>
diff --git a/pages/account/9.php b/pages/account/9.php
index 1be45f5..b26e83a 100644
--- a/pages/account/9.php
+++ b/pages/account/9.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,24 +18,23 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="3" class="title"><?=_("Domains")?></td>
+ <td colspan="3" class="title"><?php echo _("Domains")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Delete")?></td>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Address")?></td>
+ <td class="DataTD"><?php echo _("Delete")?></td>
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Address")?></td>
-<?
- $query = "select * from `domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+<?php $query = "select * from `domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="3" class="DataTD"><?=_("No domains are currently listed.")?></td>
+ <td colspan="3" class="DataTD"><?php echo _("No domains are currently listed.")?></td>
</tr>
-<? } else {
- while($row = mysql_fetch_assoc($res))
+<?php } else {
+ while($row = mysqli_fetch_assoc($res))
{
if($row['hash'] == "")
$verified = _("Verified");
@@ -43,15 +42,15 @@
$verified = _("Unverified");
?>
<tr>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"></td>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><?=sanitizeHTML($row['domain'])?></td>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?php echo intval($row['id'])?>"></td>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['domain'])?></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?php echo _("Delete")?>"></td>
</tr>
-<? } ?>
+<?php } ?>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/advertising/0.php b/pages/advertising/0.php
index 0404a5e..858b902 100644
--- a/pages/advertising/0.php
+++ b/pages/advertising/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,8 +15,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $tdcols = 6;
+<?php $tdcols = 6;
if($_SESSION['profile']['adadmin'] == 2)
$tdcols++;
@@ -24,13 +23,13 @@
{
$approve = intval($_REQUEST['approve']);
$query = "select * from `advertising` where `id`='$approve' and `expires`='0000-00-00 00:00:00'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$end = date("Y-m-d H:i:s", mktime(date("H"), date("i"), date("s"), date("m")+$row['months'], date("d"), date("Y")));
$query = "update `advertising` set `expires`='$end', `active`=1, `approvedby`='".$_SESSION['profile']['id']."' where `id`='$approve'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'],$query);
echo "<p>The ad was approved and is now active.</p>\n";
}
}
@@ -38,13 +37,13 @@
{
$deactive = intval($_REQUEST['deactive']);
$query = "select * from `advertising` where `id`='$deactive'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) > 0)
{
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
$end = date("Y-m-d H:i:s", mktime(date("H"), date("i"), date("s"), date("m")+$row['months'], date("d"), date("Y")));
$query = "update `advertising` set `active`=0 where `id`='$deactive'";
- mysql_query($query);
+ mysqli_query($_SESSION['mconn'], $query);
echo "<p>The ad was deactivated and is now inactive.</p>\n";
}
}
@@ -52,7 +51,7 @@
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="500">
<tr>
- <td colspan="<?=$tdcols?>" class="title"><?=_("View Advertising")?> <a href="advertising.php?id=<?=$id?>&showall=1"><?=_("Show All")?></a></td>
+ <td colspan="<?php echo $tdcols?>" class="title"><?php echo _("View Advertising")?> <a href="advertising.php?id=<?php echo $id?>&showall=1"><?php echo _("Show All")?></a></td>
</tr>
<tr>
<td class="DataTD">ID</td>
@@ -61,16 +60,15 @@
<td class="DataTD">Expires</td>
<td class="DataTD">Edit</td>
<td class="DataTD">Disable</td>
-<? if($_SESSION['profile']['adadmin'] == 2) { echo "\t<td class='DataTD'>Approve</td>\n"; }
+<?php if($_SESSION['profile']['adadmin'] == 2) { echo "\t<td class='DataTD'>Approve</td>\n"; }
?> </tr>
-<?
- $query = "select *,UNIX_TIMESTAMP(`expires`)-UNIX_TIMESTAMP(NOW()) as `timeleft` from `advertising` where `replaced`=0 ";
+<?php $query = "select *,UNIX_TIMESTAMP(`expires`)-UNIX_TIMESTAMP(NOW()) as `timeleft` from `advertising` where `replaced`=0 ";
if(!array_key_exists('showall',$_REQUEST) || $_REQUEST['showall'] != 1)
$query .= "and `active`=1 having `timeleft` > 0 ";
$query .= "order by `id` desc";
- $res = mysql_query($query);
- while($row = mysql_fetch_assoc($res))
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ while($row = mysqli_fetch_assoc($res))
{
if($row['expires'] == "0000-00-00 00:00:00")
$status = "Pending";
diff --git a/pages/advertising/1.php b/pages/advertising/1.php
index 5de2ad3..8254038 100644
--- a/pages/advertising/1.php
+++ b/pages/advertising/1.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,16 +15,15 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<? global $errmsg, $link, $title, $months; if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } ?>
+<?php global $errmsg, $link, $title, $months; if($errmsg != "") { ?><p style="color:red"><?php echo $errmsg?></p><?php } ?>
<form method="post" action="advertising.php" ACCEPTCHARSET="utf-8">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("New Advertisement")?></td>
+ <td colspan="6" class="title"><?php echo _("New Advertisement")?></td>
</tr>
- <tr><td class='DataTD'>Link Title:</td><td class='DataTD'><input type="text" name="title" value="<?=$title?>"></td></tr>
- <tr><td class='DataTD'>URL:</td><td class='DataTD'><input type="text" name="link" value="<?=$link?>"></td></tr>
- <tr><td class='DataTD'>Months:</td><td class='DataTD'><select name="months"><?
- for($i = 1; $i <= 12; $i++)
+ <tr><td class='DataTD'>Link Title:</td><td class='DataTD'><input type="text" name="title" value="<?php echo $title?>"></td></tr>
+ <tr><td class='DataTD'>URL:</td><td class='DataTD'><input type="text" name="link" value="<?php echo $link?>"></td></tr>
+ <tr><td class='DataTD'>Months:</td><td class='DataTD'><select name="months"><?php for($i = 1; $i <= 12; $i++)
{
echo "<option value='$i'";
if($months == $i)
@@ -34,5 +33,5 @@
?></td></tr>
<tr><td class='DataTD' colspan='2'><input type="submit" name="process" value="Submit New Advertisment"></tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/disputes/0.php b/pages/disputes/0.php
index 89da7cf..40b7580 100644
--- a/pages/disputes/0.php
+++ b/pages/disputes/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,10 +15,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("Disputes and Abuse Reporting")?></H3>
-<p><?=_("Please select the most appropriate section to report your problem.")?></p>
-<H4><?=_("Disputes")?></H4>
-<p><?=_("If you want to dispute who has control of your email address or domain, select 'Dispute Email' or 'Dispute Domain' on the right hand side.")?></p>
-<H4><?=_("Abuses")?></H4>
-<p><?=_("If you would like to report an abuse of our certificates that breaches our policies please select the Abuse menu on the right.")?></p>
+<H3><?php echo _("Disputes and Abuse Reporting")?></H3>
+<p><?php echo _("Please select the most appropriate section to report your problem.")?></p>
+<H4><?php echo _("Disputes")?></H4>
+<p><?php echo _("If you want to dispute who has control of your email address or domain, select 'Dispute Email' or 'Dispute Domain' on the right hand side.")?></p>
+<H4><?php echo _("Abuses")?></H4>
+<p><?php echo _("If you would like to report an abuse of our certificates that breaches our policies please select the Abuse menu on the right.")?></p>
diff --git a/pages/disputes/1.php b/pages/disputes/1.php
index 7395b34..1777f53 100644
--- a/pages/disputes/1.php
+++ b/pages/disputes/1.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,21 +15,21 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("Email Dispute")?></H3>
-<p><?=_("If your dispute is successful you will have the email address removed from the system, you will need add the email address as per usual afterwards. The email will be removed from the current account and any certificates will be revoked.")?></p>
+<H3><?php echo _("Email Dispute")?></H3>
+<p><?php echo _("If your dispute is successful you will have the email address removed from the system, you will need add the email address as per usual afterwards. The email will be removed from the current account and any certificates will be revoked.")?></p>
<form method="post" action="disputes.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Which Email?")?></td>
+ <td colspan="2" class="title"><?php echo _("Which Email?")?></td>
</tr>
<tr>
- <td class="DataTD" width="125"><?=_("Email Address")?>: </td>
+ <td class="DataTD" width="125"><?php echo _("Email Address")?>: </td>
<td class="DataTD" width="125"><input type="text" name="dispute" value=""></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("File Dispute")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("File Dispute")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('emaildispute')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('emaildispute')?>" />
</form>
diff --git a/pages/disputes/2.php b/pages/disputes/2.php
index 717823e..ca3928b 100644
--- a/pages/disputes/2.php
+++ b/pages/disputes/2.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,22 +15,22 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("Domain Dispute")?></H3>
-<p><?=_("If your dispute is successful the domain will be removed from the current account and any certificates will be revoked.")?></p>
+<H3><?php echo _("Domain Dispute")?></H3>
+<p><?php echo _("If your dispute is successful the domain will be removed from the current account and any certificates will be revoked.")?></p>
<form method="post" action="disputes.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Dispute Domain")?></td>
+ <td colspan="2" class="title"><?php echo _("Dispute Domain")?></td>
</tr>
<tr>
- <td class="DataTD" width="125"><?=_("Domain")?>: </td>
+ <td class="DataTD" width="125"><?php echo _("Domain")?>: </td>
<td class="DataTD" width="125"><input type="text" name="dispute"></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("File Dispute")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("File Dispute")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<input type="hidden" name="csrf" value="<?=make_csrf('domaindispute')?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>">
+<input type="hidden" name="csrf" value="<?php echo make_csrf('domaindispute')?>" />
</form>
diff --git a/pages/disputes/4.php b/pages/disputes/4.php
index 7016a66..6aaa921 100644
--- a/pages/disputes/4.php
+++ b/pages/disputes/4.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,28 +15,28 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("Email Dispute")?></H3>
-<p><? printf(_("Currently the email '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), sanitizeHTML($_SESSION['_config']['email'])); ?></p>
+<H3><?php echo _("Email Dispute")?></H3>
+<p><?php printf(_("Currently the email '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), sanitizeHTML($_SESSION['_config']['email'])); ?></p>
<form method="post" action="disputes.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Email Dispute")?></td>
+ <td colspan="2" class="title"><?php echo _("Email Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?=_("Reject Dispute")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?php echo _("Reject Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?=_("Accept Dispute")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?php echo _("Accept Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?=_("Report Dispute as Abuse")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?php echo _("Report Dispute as Abuse")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update Dispute")?>"></td>
</tr>
</table>
<input type="hidden" name="type" value="reallyemail">
-<input type="hidden" name="emailid" value="<?=intval($_REQUEST['emailid'])?>">
-<input type="hidden" name="hash" value="<?=sanitizeHTML($_REQUEST['hash'])?>">
+<input type="hidden" name="emailid" value="<?php echo intval($_REQUEST['emailid'])?>">
+<input type="hidden" name="hash" value="<?php echo sanitizeHTML($_REQUEST['hash'])?>">
</form>
diff --git a/pages/disputes/5.php b/pages/disputes/5.php
index 7212bae..fa4906d 100644
--- a/pages/disputes/5.php
+++ b/pages/disputes/5.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -19,20 +19,20 @@
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Please choose an authority email address")?></td>
+ <td colspan="2" class="title"><?php echo _("Please choose an authority email address")?></td>
</tr>
-<? $tagged=0;
+<?php $tagged=0;
if(is_array($_SESSION['_config']['addy']))
foreach($_SESSION['_config']['addy'] as $add) { ?>
<tr>
- <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?=$add?>"<? if($tagged == 0) { echo " checked='checked'"; $tagged = 1; } ?>></td>
- <td class="DataTD" width="175"><?=$add?></td>
+ <td class="DataTD" width="75"><input type="radio" name="authaddy" value="<?php echo $add?>"<?php if($tagged == 0) { echo " checked='checked'"; $tagged = 1; } ?>></td>
+ <td class="DataTD" width="175"><?php echo $add?></td>
</tr>
-<? } ?>
+<?php } ?>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update Dispute")?>"></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="oldid" value="<?php echo $id?>">
</form>
diff --git a/pages/disputes/6.php b/pages/disputes/6.php
index 159ff6f..818fb7c 100644
--- a/pages/disputes/6.php
+++ b/pages/disputes/6.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,28 +15,28 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<H3><?=_("Domain Dispute")?></H3>
-<p><? printf(_("Currently the domain '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), sanitizeHTML($_SESSION['_config']['domain'])); ?></p>
+<H3><?php echo _("Domain Dispute")?></H3>
+<p><?php printf(_("Currently the domain '%s' is in dispute, you have been sent an email to resolve the issue, below you have the option to accept, reject or report the request as fraudulent."), sanitizeHTML($_SESSION['_config']['domain'])); ?></p>
<form method="post" action="disputes.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="2" class="title"><?=_("Domain Dispute")?></td>
+ <td colspan="2" class="title"><?php echo _("Domain Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?=_("Reject Dispute")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="reject" checked> <?php echo _("Reject Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?=_("Accept Dispute")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="accept"> <?php echo _("Accept Dispute")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?=_("Report Dispute as Abuse")?></td>
+ <td class="DataTD" colspan="2"><input type="radio" name="action" value="abuse"> <?php echo _("Report Dispute as Abuse")?></td>
</tr>
<tr>
- <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Dispute")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Update Dispute")?>"></td>
</tr>
</table>
<input type="hidden" name="type" value="reallydomain">
-<input type="hidden" name="domainid" value="<?=intval($_REQUEST['domainid'])?>">
-<input type="hidden" name="hash" value="<?=sanitizeHTML($_REQUEST['hash'])?>">
+<input type="hidden" name="domainid" value="<?php echo intval($_REQUEST['domainid'])?>">
+<input type="hidden" name="hash" value="<?php echo sanitizeHTML($_REQUEST['hash'])?>">
</form>
diff --git a/pages/gpg/0.php b/pages/gpg/0.php
index a11c4bf..30d995c 100644
--- a/pages/gpg/0.php
+++ b/pages/gpg/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -17,13 +17,13 @@
*/
include_once("../includes/shutdown.php");
?>
-<p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
+<p><?php echo _("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
<form method="post" action="gpg.php">
-<p><?=_("Optional comment, only used in the certificate overview")?><br />
+<p><?php echo _("Optional comment, only used in the certificate overview")?><br />
<input type="text" name="description" maxlength="80" size=80 /></p>
-<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br />
-<p><input type="checkbox" name="CCA" /> <strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
- <?=_("Please Note: You need to accept the CCA to proceed.")?></p>
-<input type="submit" name="process" value="<?=_("Submit")?>" />
-<input type="hidden" name="oldid" value="<?=$id?>" />
+<textarea name="CSR" cols="80" rows="15"><?php echo array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br />
+<p><input type="checkbox" name="CCA" /> <strong><?php echo sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
+ <?php echo _("Please Note: You need to accept the CCA to proceed.")?></p>
+<input type="submit" name="process" value="<?php echo _("Submit")?>" />
+<input type="hidden" name="oldid" value="<?php echo $id?>" />
</form>
diff --git a/pages/gpg/2.php b/pages/gpg/2.php
index 84e11d2..3e21496 100644
--- a/pages/gpg/2.php
+++ b/pages/gpg/2.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -18,30 +18,29 @@
<form method="post" action="gpg.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="6" class="title"><?=_("OpenPGP Keys")?></td>
+ <td colspan="6" class="title"><?php echo _("OpenPGP Keys")?></td>
</tr>
<tr>
- <td class="DataTD"><?=_("Status")?></td>
- <td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("Expires")?></td>
- <td class="DataTD"><?=_("Key ID")?></td>
- <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
-<?
- $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
+ <td class="DataTD"><?php echo _("Status")?></td>
+ <td class="DataTD"><?php echo _("Email Address")?></td>
+ <td class="DataTD"><?php echo _("Expires")?></td>
+ <td class="DataTD"><?php echo _("Key ID")?></td>
+ <td colspan="2" class="DataTD"><?php echo _("Comment *")?></td>
+<?php $query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`expire`) as `expired`,
`expire`, `id`, `level`,
`email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
ORDER BY `issued` desc";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
?>
<tr>
- <td colspan="6" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
+ <td colspan="6" class="DataTD"><?php echo _("No OpenPGP keys are currently listed.")?></td>
</tr>
-<? } else {
- while($row = mysql_fetch_assoc($res))
+<?php } else {
+ while($row = mysqli_fetch_assoc($res))
{
$verified = '';
if($row['timeleft'] > 0)
@@ -52,31 +51,31 @@
$verified = _("Pending");
?>
<tr>
-<? if($verified == _("Valid")) { ?>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
-<? } else if($verified == _("Pending")) { ?>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
-<? } else { ?>
- <td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
-<? } ?>
- <td class="DataTD"><?=$row['expire']?></td>
- <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['keyid'])?></a></td>
- <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
+<?php if($verified == _("Valid")) { ?>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></a></td>
+<?php } else if($verified == _("Pending")) { ?>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><?php echo sanitizeHTML($row['email'])?></td>
+<?php } else { ?>
+ <td class="DataTD"><?php echo $verified?></td>
+ <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></a></td>
+<?php } ?>
+ <td class="DataTD"><?php echo $row['expire']?></td>
+ <td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['keyid'])?></a></td>
+ <td class="DataTD"><input name="comment_<?php echo intval($row['id'])?>" type="text" value="<?php echo htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?php echo intval($row['id'])?>" /></td>
</tr>
-<? } ?>
-<? } ?>
+<?php } ?>
+<?php } ?>
<tr>
<td class="DataTD" colspan="6">
- <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
+ <?php echo _('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
</td>
</tr>
<tr>
- <td class="DataTD" colspan="6"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
+ <td class="DataTD" colspan="6"><input type="submit" name="change" value="<?php echo _("Change settings")?>" /> </td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=intval($id)?>" />
+<input type="hidden" name="oldid" value="<?php echo intval($id)?>" />
</form>
diff --git a/pages/gpg/3.php b/pages/gpg/3.php
index d9f54fb..2ca7bd8 100644
--- a/pages/gpg/3.php
+++ b/pages/gpg/3.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,19 +15,18 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<?
- $certid = intval($_REQUEST['cert']);
+<?php $certid = intval($_REQUEST['cert']);
$query = "select * from `gpg` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
+ $res = mysqli_query($_SESSION['mconn'], $query);
+ if(mysqli_num_rows($res) <= 0)
{
echo _("No such OpenPGP key attached to your account.");
showfooter();
exit;
}
- $row = mysql_fetch_assoc($res);
+ $row = mysqli_fetch_assoc($res);
?>
-<h3><?=_("Below is your OpenPGP key")?></h3>
+<h3><?php echo _("Below is your OpenPGP key")?></h3>
<pre>
-<? readfile($row['crt']); ?>
+<?php readfile($row['crt']); ?>
</pre>
diff --git a/pages/help/0.php b/pages/help/0.php
index 7aa9d3b..bd2c688 100644
--- a/pages/help/0.php
+++ b/pages/help/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/0">', '</a>');
?>
diff --git a/pages/help/2.php b/pages/help/2.php
index a03a773..5156171 100644
--- a/pages/help/2.php
+++ b/pages/help/2.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/2">', '</a>');
?>
diff --git a/pages/help/3.php b/pages/help/3.php
index 8cdeb08..6fcf01b 100644
--- a/pages/help/3.php
+++ b/pages/help/3.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/3">', '</a>');
?>
diff --git a/pages/help/4.php b/pages/help/4.php
index 248564c..d486e1a 100644
--- a/pages/help/4.php
+++ b/pages/help/4.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/4">', '</a>');
?>
diff --git a/pages/help/5.php b/pages/help/5.php
index 604febc..be005bc 100644
--- a/pages/help/5.php
+++ b/pages/help/5.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/5">', '</a>');
?>
diff --git a/pages/help/6.php b/pages/help/6.php
index 5308e93..3bc3297 100644
--- a/pages/help/6.php
+++ b/pages/help/6.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/6">', '</a>');
?>
diff --git a/pages/help/7.php b/pages/help/7.php
index 73e18da..1639efb 100644
--- a/pages/help/7.php
+++ b/pages/help/7.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/7">', '</a>');
?>
diff --git a/pages/help/8.php b/pages/help/8.php
index 41c4959..8c92ecc 100644
--- a/pages/help/8.php
+++ b/pages/help/8.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/8">', '</a>');
?>
diff --git a/pages/help/9.php b/pages/help/9.php
index d6fdc39..684845c 100644
--- a/pages/help/9.php
+++ b/pages/help/9.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -16,8 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p style="background-color: #FF8080; font-size: 150%">
-<?
-printf(_("This page has been moved to the %swiki%s. Please update your ".
+<?php printf(_("This page has been moved to the %swiki%s. Please update your ".
"bookmarks and report any broken links."),
'<a href="//wiki.cacert.org/HELP/9">', '</a>');
?>
diff --git a/pages/index/0.php b/pages/index/0.php
index 6cca117..06c877a 100644
--- a/pages/index/0.php
+++ b/pages/index/0.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,25 +15,24 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<h3><?=_("Are you new to CAcert?")?></h3>
+<h3><?php echo _("Are you new to CAcert?")?></h3>
-<p><?=_("CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.")?></p>
+<p><?php echo _("CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.")?></p>
-<p><?=_("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.")?></p>
+<p><?php echo _("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.")?></p>
-<p><?=sprintf(_("If you want to have free certificates issued to you, %s join the CAcert Community %s."),'<a href="https://www.cacert.org/index.php?id=1">', '</a>')?></p>
+<p><?php echo sprintf(_("If you want to have free certificates issued to you, %s join the CAcert Community %s."),'<a href="https://www.cacert.org/index.php?id=1">', '</a>')?></p>
-<p><?=sprintf(_("If you want to use certificates issued by CAcert, read the CAcert %s Root Distribution License %s."),'<a href="/policy/RootDistributionLicense.html">',"</a>")?>
-<?=sprintf(_("This license applies to using the CAcert %s root keys %s."),'<a href="/index.php?id=3">','</a>')?></p>
+<p><?php echo sprintf(_("If you want to use certificates issued by CAcert, read the CAcert %s Root Distribution License %s."),'<a href="/policy/RootDistributionLicense.html">',"</a>")?>
+<?php echo sprintf(_("This license applies to using the CAcert %s root keys %s."),'<a href="/index.php?id=3">','</a>')?></p>
-<? if(!array_key_exists('mconn',$_SESSION) || !$_SESSION['mconn']) echo "<font size='+1'>"._("Most CAcert functions are currently unavailable. Please come back later.")."</font>";?>
+<?php if(!array_key_exists('mconn',$_SESSION) || !$_SESSION['mconn']) echo "<font size='+1'>"._("Most CAcert functions are currently unavailable. Please come back later.")."</font>";?>
<div class="newsbox">
-<?
- printf("<p id='lnews'>%s</p>\n\n",_('Latest News'));
+<?php printf("<p id='lnews'>%s</p>\n\n",_('Latest News'));
$xml = "/www/pages/index/feed.rss"; // FIXME: use relative path to allow operation with different document root
$dom = new DOMDocument();
@@ -79,40 +78,40 @@
}
?>
-[ <a href="http://blog.CAcert.org/"><?=_('More News Items')?></a> ]
+[ <a href="http://blog.CAcert.org/"><?php echo _('More News Items')?></a> ]
</div>
<hr/>
-<h3><?=_("For CAcert Community Members")?></h3>
+<h3><?php echo _("For CAcert Community Members")?></h3>
-<p><?=sprintf(_("Have you passed the CAcert %s Assurer Challenge %s yet?"),'<a href="http://wiki.cacert.org/wiki/AssurerChallenge">','</a>')?></p>
+<p><?php echo sprintf(_("Have you passed the CAcert %s Assurer Challenge %s yet?"),'<a href="http://wiki.cacert.org/wiki/AssurerChallenge">','</a>')?></p>
-<p><?=sprintf(_("Have you read the CAcert %sCommunity Agreement%s yet?"),'<a href="/policy/CAcertCommunityAgreement.html">','</a>')?></p>
+<p><?php echo sprintf(_("Have you read the CAcert %sCommunity Agreement%s yet?"),'<a href="/policy/CAcertCommunityAgreement.html">','</a>')?></p>
-<p><?=sprintf(_("For general documentation and help, please visit the CAcert %sWiki Documentation site %s."),'<a href="http://wiki.CAcert.org">','</a>')?>
-<?=sprintf(_("For specific policies, see the CAcert %sApproved Policies page%s."),'<a href="/policy/">',"</a>")?></p>
+<p><?php echo sprintf(_("For general documentation and help, please visit the CAcert %sWiki Documentation site %s."),'<a href="http://wiki.CAcert.org">','</a>')?>
+<?php echo sprintf(_("For specific policies, see the CAcert %sApproved Policies page%s."),'<a href="/policy/">',"</a>")?></p>
-<h3><?=_("Do you want to help CAcert?")?></h3>
-<b><?=_("We are facing an uphill battle to fund this service and could do with your help?")?></b><br/>
+<h3><?php echo _("Do you want to help CAcert?")?></h3>
+<b><?php echo _("We are facing an uphill battle to fund this service and could do with your help?")?></b><br/>
-<?=_("If you can, please donate.")?><br />
-<?=_("AU$50 per year for this button")?><br />
+<?php echo _("If you can, please donate.")?><br />
+<?php echo _("AU$50 per year for this button")?><br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="image" src="/images/payment2a.png" border="0" name="submit" alt="PayPal">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHsQYJKoZIhvcNAQcEoIIHojCCB54CAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBxGkBs/mmEZRh6K8mwoFJtMp+osc6AkkbKTcC9vaFbZNIDEYXCuhGWEoAZDXXZDO+AhMezeG0ug87wjDMKFkI5g5ma8uGlhQvZ6Qu1Ra8zeL9iUUk6uPpiq1h2kjD0C9CgoZmrHpKB+T8+EXFG5PISbwqqoE8OOavsxMNGhTzxJzELMAkGBSsOAwIaBQAwggEtBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECPQ/Y13nrcTCgIIBCOLwLR4pRGnq0o5O9jGmhbF2+u56cBWCoRbZGcgoQqHXgdPKTS4EkXmu1wvLa5Y4XTgL6HUVavYViJAONgLkVyktAHlkl5XPycaAuTL4NyXCJf1VjscXS7tPv0CZ8w2JU5MlzsQ8w0UTQF0+4WDpcsj+klTlO5KyyWMaScZBsziGndfeyfO6Navv3Z5SiHb92D/i9Xf4wZaex6pX3u14WPsczTkUpne6qXmgwPS7jG+oPjWPrPRCHpe/wn3P/AC1WyHzr4X8YxR9+2gbjmyE+2RwS5vqFKcApNxuoAAtLoS2IKGg872PJUctAZEoPt2FCwisFwf170tc9gb1dtRe6KymAMRr6TDM6aCCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAeFw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc97CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAAE1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEAAaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSBszCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692Ag422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA4MDUwMjA0NDIyOFowIwYJKoZIhvcNAQkEMRYEFHfXhKQoFxBqqG6q/87VmWf4364dMA0GCSqGSIb3DQEBAQUABIGAwPUhL0gvCMysU8a9lqGuYdNm54FYsogI2LXv6vNHKc5/xTHJ65LSV8mhmyWwxL8fUDu8IHOZbccSipiUaQTsPr57tRrwmXOV+7VC/NIciK1ulwvWwazcvP96fdr9B5OqxjxDz8AsEcXnRjFm4LehsdnP9Z9B/Z9/nwT6htjxyO0=-----END PKCS7-----
">
</form>
-<?=_("or a one off donation for this button whatever you can afford to help")?>
+<?php echo _("or a one off donation for this button whatever you can afford to help")?>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="image" src="/images/payment2a.png" border="0" name="submit" alt="Make payments with PayPal">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHRwYJKoZIhvcNAQcEoIIHODCCBzQCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCA1pOad7SD8OtSdvHxI3CItmi2sb2eq/1UZbQboNkJTwlaTbTZfoWzBuFmimBR/Qz21Z+L7wFa7XxfhwRLC4V/X4uTJVAIDaKsdTXFNx51EMu+LyiP1O+7GxcdNR7njwvndIaHN0HZIdidpG8jFPP/8ZsLaPe2/Dh2S7344wSuUDELMAkGBSsOAwIaBQAwgcQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIYn0dsk7tIRmAgaBNejWqE2RRr+Tsb3fVlcbuG98Bq+zaMO5g8n8i3DnBjIoSJNb+ZuSj53oWrh/+HCY4EY1Rg3qHiUSMOS/o9k75UR7C+ez0R9tmZ2eQrdxlqTVuvENRA0W5z6iTJYog5XhMoKScOFUBaIr9zxjETUY2Y1V3X8qRFIe0YWlYRYbePs2p/IDatirUFhOJSff0ancU2GZULRy0PiZHtzbm8Gy/oIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDcxMTAzMDcxMDI1WjAjBgkqhkiG9w0BCQQxFgQU8tPwGUvNb8eYe8Pfhe9YutgXm/YwDQYJKoZIhvcNAQEBBQAEgYBpwhhgz5ED5qxBosfMaifzIr2anV5ScQqqQbC1hphWBQ4e2PT5+TQWCcQkrTh2UTp3vC81Y8vYZ+fussa+zPBE8DmeFDfzpLJo+TQHZUiKxWUDu6drv3o3mV3VjAkaqIhAdubhEOxj2bbKND3IRT1lfIVVSUipndKzRjukZJK39A==-----END PKCS7-----
">
</form>
-<p><?=_("If you are located in Australia, use bank transfer instead.")?></p>
+<p><?php echo _("If you are located in Australia, use bank transfer instead.")?></p>
-<p><?=_("CAcert bank account details:")?></p>
+<p><?php echo _("CAcert bank account details:")?></p>
<ul class="no_indent">
<li>Account Name: CAcert Inc</li>
<li>SWIFT: WPACAU2S</li>
@@ -121,4 +120,4 @@
</ul>
<br /><br />
-<?=_("If you want to participate in CAcert.org, have a look")?> <a href="http://wiki.cacert.org/wiki/HelpingCAcert"><?=_("here")?></a> <?=_("and")?> <a href="http://wiki.cacert.org/wiki/SystemTasks"><?=_("here")?></a>.
+<?php echo _("If you want to participate in CAcert.org, have a look")?> <a href="http://wiki.cacert.org/wiki/HelpingCAcert"><?php echo _("here")?></a> <?php echo _("and")?> <a href="http://wiki.cacert.org/wiki/SystemTasks"><?php echo _("here")?></a>.
diff --git a/pages/index/1.php b/pages/index/1.php
index 0f63e7b..d22339a 100644
--- a/pages/index/1.php
+++ b/pages/index/1.php
@@ -1,4 +1,4 @@
-<? /*
+<?php /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
@@ -15,54 +15,53 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
-<p><?=_("By joining CAcert and becoming a member, you agree to the CAcert Community Agreement. Please take a moment now to read that and agree to it; this will be required to complete the process of joining.")?></p>
-<p><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
+<p><?php echo _("By joining CAcert and becoming a member, you agree to the CAcert Community Agreement. Please take a moment now to read that and agree to it; this will be required to complete the process of joining.")?></p>
+<p><?php echo _("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
-<b><?=_("Note: Please enter your date of birth and names as they are written in your official documents.")?></b><br /><br />
-<?=_("Because CAcert is a certificate authority (CA) people rely on us knowing about the identity of the users of our certificates. So even as we value privacy very much, we need to collect at least some basic information about our members. This is especially the case for everybody who wants to take part in our web of trust.")?>
-<?=_("Your private information will be used for internal procedures only and will not be shared with third parties.")?>
+<b><?php echo _("Note: Please enter your date of birth and names as they are written in your official documents.")?></b><br /><br />
+<?php echo _("Because CAcert is a certificate authority (CA) people rely on us knowing about the identity of the users of our certificates. So even as we value privacy very much, we need to collect at least some basic information about our members. This is especially the case for everybody who wants to take part in our web of trust.")?>
+<?php echo _("Your private information will be used for internal procedures only and will not be shared with third parties.")?>
</p>
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
-<?=_("A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br>
-<b><?=_("Note: White spaces at the beginning and end of a password will be removed.")?></b>
+<?php echo _("A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?><br><br>
+<b><?php echo _("Note: White spaces at the beginning and end of a password will be removed.")?></b>
</p>
<form method="post" action="index.php" autocomplete="off">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
- <td colspan="3" class="title"><?=_("My Details")?></td>
+ <td colspan="3" class="title"><?php echo _("My Details")?></td>
</tr>
<tr>
- <td class="DataTD" width="125"><?=_("First Name")?>: </td>
- <td class="DataTD" width="125"><input type="text" name="fname" size="30" value="<?=array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" autocomplete="off"></td>
- <td rowspan="4" class="DataTD" width="125"><? printf(_("Help on Names %sin the wiki%s"),'<a href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td>
+ <td class="DataTD" width="125"><?php echo _("First Name")?>: </td>
+ <td class="DataTD" width="125"><input type="text" name="fname" size="30" value="<?php echo array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" autocomplete="off"></td>
+ <td rowspan="4" class="DataTD" width="125"><?php printf(_("Help on Names %sin the wiki%s"),'<a href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td>
</tr>
<tr>
- <td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br>
- (<?=_("optional")?>)
+ <td class="DataTD" valign="top"><?php echo _("Middle Name(s)")?><br>
+ (<?php echo _("optional")?>)
</td>
- <td class="DataTD"><input type="text" name="mname" size="30" value="<?=array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" autocomplete="off"></td>
+ <td class="DataTD"><input type="text" name="mname" size="30" value="<?php echo array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" autocomplete="off"></td>
</tr>
<