diff options
105 files changed, 2269 insertions, 4003 deletions
diff --git a/CommModule/.gitignore b/CommModule/.gitignore new file mode 100644 index 0000000..40a9309 --- /dev/null +++ b/CommModule/.gitignore @@ -0,0 +1,19 @@ +# Ignore autogenerated serial conf file +/serial.conf +/serialserver.conf + +# Ignore *-active files +/client.pl-active +/server.pl-active + +# Ignore log files +/logfile20??-??-??.txt +/nohup.out +/oldlogs/ + +# Ignore working files generated by the signer +/currentcrls/ +/delta?.diff +/revoke-root?.crl +/timesync.sh +/work/ diff --git a/CommModule/client.pl b/CommModule/client.pl index 0874477..24f0abc 100755 --- a/CommModule/client.pl +++ b/CommModule/client.pl @@ -40,8 +40,8 @@ my $paranoid=1; my $debug=0; -#my $serialport="/dev/ttyS0"; -my $serialport="/dev/ttyUSB0"; +my $serialport="/dev/ttyS1"; +#my $serialport="/dev/ttyUSB0"; my $gpgbin="/usr/bin/gpg"; @@ -441,12 +441,12 @@ sub calculateDays($) { if($_[0]) { - my @sum = $dbh->selectrow_array("select sum(`points`) as `total` from `notary` where `to`='".$_[0]."' and `deleted`=0 group by `to`"); + my @sum = $dbh->selectrow_array("select sum(`awarded`) as `total` from `notary` where `to`='".$_[0]."' and `deleted`=0 AND `notary`.`method` != 'Administrative Increase' AND `notary`.`from` != `notary`.`to` group by `to`"); SysLog("Summe: $sum[0]\n") if($debug); - return ($sum[0]>=50)?730:180; + return ($sum[0]>=50)?30:3; } - return 180; + return 3; } sub X509extractSAN($) @@ -832,7 +832,7 @@ sub HandleCerts($$) SysLog "SAN: --$SAN--\n" if($debug); SysLog "memid: $row{'memid'}\n" if($debug); - my $days=$org?($server?(365*2):365):calculateDays($row{"memid"}); + my $days=$org?30:calculateDays($row{"memid"}); my $md_id = 0; $md_id = 1 if( $row{'md'} eq "md5"); @@ -1087,15 +1087,20 @@ sub HandleGPG() my $prefix="gpg"; my $short=int($row{'id'}/1000); - my $csrname = "../csr/$prefix-".$row{'id'}.".csr"; - $csrname = "../csr/$prefix/$short/$prefix-".$row{'id'}.".csr" if($newlayout); - SysLog("New Layout: "."../csr/$prefix/$short/$prefix-".$row{'id'}.".csr\n"); + + my $dirname="../csr"; + $dirname="../csr/$prefix/$short" if ($newlayout); + + #Ensure the directory exists + mkdir $dirname, 0755; + + my $csrname = "$dirname/$prefix-".$row{'id'}.".csr"; + SysLog("New Layout: $csrname\n"); #my $crtname = "../crt/$prefix-".$row{'id'}.".crt"; my $crtname=$csrname; $crtname=~s/^\.\.\/csr/..\/crt/; $crtname=~s/\.csr$/.crt/; SysLog("New Layout: $crtname\n"); - #my $csrname = "../csr/gpg-".$row{'id'}.".csr"; #my $crtname = "../crt/gpg-".$row{'id'}.".crt"; diff --git a/CommModule/readme.txt b/CommModule/readme.txt index 94f09fe..d80c46e 100644 --- a/CommModule/readme.txt +++ b/CommModule/readme.txt @@ -2,6 +2,5 @@ client.pl The real client, running on the webserver commdaemon Script to run client.pl or server.pl commmodule Script for startup/shutdown of CommModule from /etc/init.d logclean.sh Maintenance script for logfiles generated by CommModule -serial.conf Serial Port configuration file +serial.conf Serial Port configuration file server.pl The real server, running on the signing server -usbclient.pl Obsoleted USB version of client.pl above diff --git a/CommModule/serial.conf b/CommModule/serial.conf deleted file mode 100755 index bd9980c..0000000 --- a/CommModule/serial.conf +++ /dev/null @@ -1,32 +0,0 @@ -Device::SerialPort_Configuration_File -- DO NOT EDIT -- -/dev/ttyUSB0 - -C_CFLAG,7346 -C_IFLAG,0 -C_ISPEED,4098 -C_LFLAG,2608 -C_OFLAG,4 -C_OSPEED,4098 -C_VERASE,127 -C_VQUIT,28 -C_VSUSP,26 -C_VINTR,3 -C_VSTOP,19 -C_VSTART,17 -C_VKILL,21 -C_VMIN,0 -C_VEOF,4 -C_VEOL,0 -C_VTIME,0 -CFG_1,none -RCONST,0 -CFG_2,none -HNAME,localhost -ALIAS,/dev/ttyUSB0 -CFG_3,none -U_MSG,0 -DATYPE,raw -E_MSG,0 -HADDR,0 -RTOT,0 -DVTYPE,none diff --git a/CommModule/server.pl b/CommModule/server.pl index 6084042..abc1a1c 100755 --- a/CommModule/server.pl +++ b/CommModule/server.pl @@ -1002,7 +1002,7 @@ my @ready=$sel->can_read($starttime); my $count=0; #As soon as the client connected successfully, the client has to send a request faster than every 10 seconds -while(@ready = $sel->can_read(15) && -f "./server.pl-active") +while((@ready = $sel->can_read(15)) && -f "./server.pl-active") { my $data=""; #my $length=read SER,$data,1; diff --git a/CommModule/usbclient.pl b/CommModule/usbclient.pl deleted file mode 100755 index 6cbc111..0000000 --- a/CommModule/usbclient.pl +++ /dev/null @@ -1,1019 +0,0 @@ -#!/usr/bin/perl -w - -# CommModule - CAcert Communication module -# Copyright (C) 2004-2008 CAcert Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -# Production Client / CommModule - -use strict; -use Device::USB; -use POSIX; -use Time::HiRes q(usleep); -use File::CounterFile; -use File::Copy; -use DBI; -use Locale::gettext; -use IO::Socket; -use MIME::Base64; -use Digest::SHA1 qw(sha1_hex sha1); - -#Protocol version: -my $ver=1; - -#Debugging does not delete work-files for later inspection -my $debug=0; - -#Paranoid exists the program on a malicious request -my $paranoid=1; - -#Location of the openssl and gpg binaries -my $gpgbin="/usr/bin/gpg"; -my $opensslbin="/usr/bin/openssl"; - -my $mysqlphp="/home/cacert/www/includes/mysql.php"; - -my %revokefile=(2=>"../www/class3-revoke.crl",1=>"../www/revoke.crl",0=>"../www/revoke.crl"); - -#USB-Link settings -my $PACKETSIZE=0x100; -my $SALT="Salz"; -my $HASHSIZE=20; - -#End of configurations - -######################################################## - - -#Reads a while file and returns the content -#Returns undef on failure -sub readfile($) -{ - my $olds=$/; - my $content=undef; - if(open READIN,"<$_[0]") - { - binmode READIN; - undef $/; - $content=<READIN>; - close READIN; - $/=$olds; - } - return $content; -} - -#Writes/Overwrites a file with content. -#Returns 1 on success, 0 on failure. -sub writefile($$) -{ - if(open WRITEOUT,">$_[0]") - { - binmode WRITEOUT; - print WRITEOUT $_[1]; - close WRITEOUT; - return 1; - } - return 0; -} - -#mkdir "revokehashes"; -foreach (keys %revokefile) -{ - my $revokehash=sha1_hex(readfile($revokefile{$_})); - print "Root $_: Hash $revokefile{$_} = $revokehash\n"; -} - -my %monarr = ("Jan" => 1, "Feb" => 2, "Mar" => 3, "Apr" => 4, "May" => 5, "Jun" => 6, "Jul" => 7, "Aug" => 8, "Sep" => 9, "Oct" => 10, "Nov" => 11, "Dec" => 12); - -my $content=readfile($mysqlphp); -my $password="";$password=$1 if($content=~m/mysql_connect\("[^"]+",\s*"\w+",\s*"(\w+)"/); -$content=""; - -my $dbh = DBI->connect("DBI:mysql:cacert:localhost",$password?"cacert":"",$password, { RaiseError => 1, AutoCommit => 1 }) || die ("Error with the database connection.\n"); - - -#Logging functions: -sub SysLog($) -{ - my @ltime=localtime; - my $date=strftime("%Y-%m-%d",@ltime); - open LOG,">>logfile$date.txt"; - return if(not defined($_[0])); - my $timestamp=strftime("%Y-%m-%d %H:%M:%S",@ltime); - #$syslog->write($_[0]."\x00"); - print LOG "$timestamp $_[0]"; - print "$timestamp $_[0]"; - flush LOG; - close LOG; -} - - -sub Error($) -{ - SysLog($_[0]); - if($paranoid) - { - die $_[0]; - } -} - - -my $timestamp=strftime("%Y-%m-%d %H:%M:%S",localtime); - - -sub mysql_query($) -{ - $dbh->do($_[0]); -} - -sub trim($) -{ - my $new=$_[0]; - $new=~s/^\s*//; - $new=~s/\s*$//; - return($new); -} - -sub addslashes($) -{ - my $new=$_[0]; - $new=~s/['"\\]/\\$1/g; - return($new); -} - -sub recode -{ - return $_[1]; -} - - -#Hexdump function: Returns the hexdump representation of a string -sub hexdump($) -{ - return "" if(not defined($_[0])); - my $content=""; - $content.=sprintf("%02X ",unpack("C",substr($_[0],$_,1))) foreach (0 .. length($_[0])-1); - return $content; -} - -#pack3 packs together the length of the data in 3 bytes and the data itself, size limited to 16MB. In case the data is more than 16 MB, it is ignored, and a 0 Byte block is transferred -sub pack3 -{ - return "\x00\x00\x00" if(!defined($_[0])); - my $data=(length($_[0]) >= 2**24)? "":$_[0]; - my $len=pack("N",length($data)); - #print "len: ".length($data)."\n"; - return substr($len,1,3).$data; -} - - -#unpack3 unpacks packed data. -sub unpack3($) -{ - return undef if((not defined($_[0])) or length($_[0])<3); - #print "hexdump: ".hexdump("\x00".substr($_[0],0,3))."\n"; - my $len=unpack("N","\x00".substr($_[0],0,3)); - #print "len3: $len length(): ".length($_[0])." length()-3: ".(length($_[0])-3)."\n"; - return undef if(length($_[0])-3 != $len); - return substr($_[0],3); -} - - -#unpack3array extracts a whole array of concatented packed data. -sub unpack3array($) -{ - my @retarr=(); - if((not defined($_[0])) or length($_[0])<3) - { - SysLog "Datenanfang kaputt\n"; - return (); - } - my $dataleft=$_[0]; - while(length($dataleft)>=3) - { - #print "hexdump: ".hexdump("\x00".substr($dataleft,0,3))."\n"; - my $len=unpack("N","\x00".substr($dataleft,0,3)); - #print "len3: $len length(): ".length($dataleft)." length()-3: ".(length($dataleft)-3)."\n"; - if(length($dataleft)-3 < $len) - { - SysLog "Datensatz abgeschnitten\n"; - return (); - } - push @retarr, substr($dataleft,3,$len); - $dataleft=substr($dataleft,3+$len); - } - if(length($dataleft)!=0) - { - SysLog "Ende abgeschnitten\n"; - return (); - } - return @retarr; -} - -#Pack4 packs and secret-key signs some data. -sub pack4($) -{ - return pack("N",length($_[0])).$_[0].sha1($SALT.$_[0]); -} - - - - - -$timestamp=strftime("%Y-%m-%d %H:%M:%S",localtime); - -SysLog("Starting Server at $timestamp\n"); - -$SALT=readfile(".salt.key"); - -SysLog("Opening USB-Link interface:\n"); - -#Opening USB device: -my $usb = Device::USB->new(); -my @list=$usb->list_devices(0x067b,0x2501); -my $dev = $list[0]; -if(defined($dev)) -{ - #print "USB-Link Device found: ", $dev->filename(), "\n"; - if($dev->open()) - { - #print "\t", $dev->manufacturer(), ": ", $dev->product(), "\n"; - $dev->claim_interface(0); - - my $buffer=" "; - - $dev->control_msg(0xc0 , 0xfb, 0, 0, $buffer, 2, 1000); - - if($buffer ne "\x04\x08" and $buffer ne "\x0c\x04" and $buffer ne "\x00\x0c" and $buffer ne "\x04\x0c") - { - print "Please plug the USB-Link cable into the other computer.\n"; - } - else - { - print "USB-Link ok.\n"; - } - } - else - { - print "Unable to work with USB-Link device: $!\n"; - } -} -else -{ - print "USB-Link Device not found. Please plug the cable into this computer.\n"; -} - - - - - - -#sends a single packet (pack4 encoded). Returns the returncode -sub send_packet($) -{ - if((14+length($_[0])+$HASHSIZE) > $PACKETSIZE) - { - return -1; - } - # 4 Bytes Length, N Bytes Data, 20 Bytes SHA1 Hash, 0 Padding - my $data="CommModule".pack4($_[0]); - $data.=("\x00"x($PACKETSIZE-length($data))); - my $ret=$dev->bulk_write(0x2,$data,length($data),1000); - print "Send-result: $ret\n"; - return $ret; -} - -#Receives several consecutive packets. Returns the concatenated payload -sub receive_packets() -{ - print "Receiving packets ...\n"; - my $collectedpayload=""; - my $done=0; - while(!$done) - { - my $data=" "x$PACKETSIZE; - my $re=$dev->bulk_read(0x83,$data,length($data),10000); - writefile("usbpacket.dat",$data); - print "Read: $re Bytes: ".length($data)."\n"; - if($re > 0) - { - $data=~s/^.*?CommModule//s; - my $len=unpack("N",substr($data,0,4)); - print "len: $len\n"; - if($len>=0 and $len<=$PACKETSIZE-$HASHSIZE-4) - { - my $payload=substr($data,4,$len); - if(sha1($SALT.$payload) eq substr($data,4+$len,$HASHSIZE)) - { - print "Hash OK!\n"; - $collectedpayload.=substr($payload,1); - $done=1 if(substr($payload,0,1)eq "0"); - } - else - { - print "Hash NOT OK: ".sha1_hex($SALT.$payload)." vs. ".hexdump(substr($data,4+$len,$HASHSIZE))." !\n"; - return ""; - } - } - } - elsif($re == 0) - { - print "USB-Link cable disconnected?\n"; - #return ""; - } - } - print "Receiving done.\n"; - return $collectedpayload; -} - - - - -my $MAXCHUNK=$PACKETSIZE-100; - -#Sends data over the USB-Link, without handshaking -sub SendPackets($) -{ - print "Sending Packets ...\n"; - my $data=pack4($_[0]); - my $done=0; - return if(!defined($data) or !length($data)); - - while(!$done) - { - while(length($data)>0) - { - my $d=substr($data,0,$MAXCHUNK); - if(length($data)>$MAXCHUNK) - { - send_packet("1".$d); - $data=substr($data,$MAXCHUNK); - } - else - { - send_packet("0".$d); - $data=""; - } - } - $done=1; - } - print "Sending Packets done.\n"; -} - -#Receives several packets, verifies the secret key signature and extracts the payload -#Returns the payload -sub Receive -{ - my $data=receive_packets(); - if (!defined($data) or length($data)<4) - { - print "Received data too short!\n"; - return ""; - } - my $len=unpack("N",substr($data,0,4)); - if($len != (length($data)-$HASHSIZE-4)) - { - print "Length field does not match data on Receive!\n"; - return ""; - } - my $payload=substr($data,4,$len); - if(sha1($SALT.$payload) ne substr($data,4+$len,$HASHSIZE)) - { - print "Hash on Receive is BROKEN!\n"; - return ""; - } - return $payload; -} - - - - -# @result(Version,Action,Errorcode,Response)=Request(Version=1,Action=1,System=1,Root=1,Configuration="...",Parameter="...",Request="..."); -sub Request($$$$$$$$$$$) -{ - print "Version: $_[0] Action: $_[1] System: $_[2] Root: $_[3] Config: $_[4]\n"; - $_[3]=0 if($_[3]<0); - SendPackets(pack3(pack3(pack("C*",$_[0],$_[1],$_[2],$_[3],$_[4],$_[5],$_[6]>>8,$_[6]&255,$_[7])).pack3($_[8]).pack3($_[9]).pack3($_[10]))); - my $data=Receive(); - if(defined($data) and length($data)>6) - { - my @fields=unpack3array(substr($data,3)); - - SysLog "Answer from Server: ".hexdump($data)."\n" if($debug); - - #writefile("result.dat",$data); - - return $fields[1]; - } - return ""; -} - - -sub calculateDays($) -{ - if($_[0]) - { - my @sum = $dbh->selectrow_array("select sum(`points`) as `total` from `notary` where `to`='".$_[0]."' and `deleted`=0 group by `to`"); - SysLog("Summe: $sum[0]\n") if($debug); - - return ($sum[0]>=50)?730:180; - } - return 180; -} - -sub X509extractSAN($) -{ - my @bits = split("/", $_[0]); - my $SAN=""; - my $newsubject=""; - foreach my $val(@bits) - { - my @bit=split("=",$val); - if($bit[0] eq "subjectAltName") - { - $SAN.="," if($SAN ne ""); - $SAN.= trim($bit[1]); - } - else - { - $newsubject .= "/".$val; - } - } - $newsubject=~s{^//}{/}; - $newsubject=~s/[\n\r\t\x00"\\']//g; - $SAN=~s/[ \n\r\t\x00"\\']//g; - return($SAN,$newsubject); -} - -sub X509extractExpiryDate($) -{ - # TIMEZONE ?!? - my $data=`$opensslbin x509 -in "$_[0]" -noout -enddate`; - - #notAfter=Aug 8 10:26:34 2007 GMT - if($data=~m/notAfter=(\w{2,4}) *(\d{1,2}) *(\d{1,2}:\d{1,2}:\d{1,2}) (\d{4}) GMT/) - { - my $date="$4-".$monarr{$1}."-$2 $3"; - SysLog "Expiry Date found: $date\n" if($debug); - return $date; - } - else - { - SysLog "Expiry Date not found: $data\n"; - } - return ""; -} -sub X509extractSerialNumber($) -{ - # TIMEZONE ?!? - my $data=`$opensslbin x509 -in "$_[0]" -noout -serial`; - if($data=~m/serial=([0-9A-F]+)/) - { - return $1; - } - return ""; -} - -sub OpenPGPextractExpiryDate ($) -{ - my $r=""; - my $cts; - my @date; - - open(RGPG, $gpgbin.' -vv '.$_[0].' 2>&1 |') or Error('Can\'t start GnuPG($gpgbin): '.$!."\n"); - open(OUT, '> infogpg.txt' ) or Error('Can\'t open output file: infogpg.txt: '.$!); - $/="\n"; - while (<RGPG>) - { - print OUT $_; - unless ($r) - { - if ( /^\s*version \d+, created (\d+), md5len 0, sigclass \d+\s*$/ ) - { - SysLog "Detected CTS: $1\n"; - $cts = int($1); - } elsif ( /^\s*critical hashed subpkt \d+ len \d+ \(sig expires after ((\d+)y)?((\d+)d)?((\d+)h)?(\d+)m\)\s*$/ ) - { - SysLog "Detected FRAME $2 $4 $6 $8\n"; - $cts += $2 * 31536000; # secs per year (60 * 60 * 24 * 365) - $cts += $4 * 86400; # secs per day (60 * 60 * 24) - $cts += $6 * 3600; # secs per hour (60 * 60) - $cts += $8 * 60; # secs per min (60) - $r = $cts; - } - elsif(/version/) - { - SysLog "Detected VERSION\n"; - } - } - } - - close(OUT ); - close(RGPG); - - SysLog "CTS: $cts R: $r\n"; - - if ( $r ) - { - @date = gmtime($r); - $r = sprintf('%.4i-%.2i-%.2i %.2i:%.2i:%.2i', # date format - $date[5] + 1900, $date[4] + 1, $date[3], # day - $date[2], $date[1], $date[0], # time - ); - - } - SysLog "$r\n"; - return $r; -} - - -# Sets the locale according to the users preferred language -sub setUsersLanguage($) -{ - my $lang="de_DE"; - print "Searching for the language of the user $_[0]\n"; - my @a=$dbh->selectrow_array("select language from users where id='".int($_[0])."'"); - $lang = $1 if($a[0]=~m/(\w+_[\w.@]+)/); - - SysLog "The users preferred language: $lang\n"; - - if($lang ne "") - { - $ENV{"LANG"}=$lang; - setlocale(LC_ALL, $lang); - } else { - $ENV{"LANG"}="en_AU"; - setlocale(LC_ALL, "en_AU"); - } -} - - -sub getUserData($) -{ - my $sth = $dbh->prepare("select * from users where id='$_[0]'"); - $sth->execute(); - #SysLog "USER DUMP:\n"; - while ( my $rowdata = $sth->fetchrow_hashref() ) - { - my %tmp=%{$rowdata}; - #foreach (sort keys %tmp) - #{ - #SysLog " $_ -> $tmp{$_}\n"; - #} - return %tmp; - } - return (); -} - - -sub _($) -{ - return gettext($_[0]); -} - -sub sendmail($$$$$$$) -{ - my ($to, $subject, $message, $from, $replyto, $toname, $fromname)=@_; - my $errorsto="returns\@cacert.org"; - my $extra=""; - - - # sendmail($user{email}, "[CAcert.org] Your GPG/PGP Key", $body, "support\@cacert.org", "", "", "CAcert Support"); - my @lines=split("\n",$message); - $message = ""; - foreach my $line (@lines) - { - $line = trim($line); - if($line eq ".") - { - $message .= " .\n"; - } else - { - $message .= $line."\n"; - } - } - - $fromname = $from if($fromname eq ""); - - my @bits = split(",", $from); - $from = addslashes($bits['0']); - $fromname = addslashes($fromname); - - my $smtp = IO::Socket::INET->new(PeerAddr => 'localhost:25'); - $/="\n"; - SysLog "SMTP: ".<$smtp>."\n"; - print $smtp "HELO hlin.cacert.org\r\n"; - SysLog "SMTP: ".<$smtp>."\n"; - print $smtp "MAIL FROM: <returns\@cacert.org>\r\n"; - SysLog "MAIL FROM: ".<$smtp>."\n"; - - @bits = split(",", $to); - foreach my $user (@bits) - { - print $smtp "RCPT TO: <".trim($user).">\r\n"; - SysLog "RCPT TO: ".<$smtp>."\n"; - } - print $smtp "DATA\r\n"; - SysLog "DATA: ".<$smtp>."\n"; - - print $smtp "X-Mailer: CAcert.org Website\r\n"; - print $smtp "X-OriginatingIP: ".$ENV{"REMOTE_ADDR"}."\r\n"; - print $smtp "Sender: $errorsto\r\n"; - print $smtp "Errors-To: $errorsto\r\n"; - if($replyto ne "") - { - print $smtp "Reply-To: $replyto\r\n"; - } - else - { - print $smtp "Reply-To: $from\r\n"; - } - print $smtp "From: $from ($fromname)\r\n"; - print $smtp "To: $to\r\n"; - my $newsubj=encode_base64(recode("html..utf-8", trim($subject))); - #SysLog("NewSubj: --".$newsubj."--\n") if($debug); - $newsubj=~s/\n*$//; - #SysLog("NewSubj: --".$newsubj."--\n") if($debug); - print $smtp "Subject: =?utf-8?B?$newsubj?=\r\n"; - print $smtp "Mime-Version: 1.0\r\n"; - if($extra eq "") - { - print $smtp "Content-Type: text/plain; charset=\"utf-8\"\r\n"; - print $smtp "Content-Transfer-Encoding: 8bit\r\n"; - } else { - print $smtp "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n"; - print $smtp "Content-Transfer-Encoding: quoted-printable\r\n"; - print $smtp "Content-Disposition: inline\r\n"; - }; -# print $smtp "Content-Transfer-Encoding: BASE64\r\n"; - print $smtp "\r\n"; -# print $smtp chunk_split(encode_base64(recode("html..utf-8", $message)))."\r\n.\r\n"; - print $smtp recode("html..utf-8", $message)."\r\n.\r\n"; - SysLog "ENDOFTEXT: ".<$smtp>."\n"; - print $smtp "QUIT\n"; - SysLog "QUIT: ".<$smtp>."\n"; - close($smtp); -} - - -sub HandleCerts($$) -{ - my $org=$_[0]?"org":""; - my $server=$_[1]; - - my $table=$org.($server?"domaincerts":"emailcerts"); - - my $sth = $dbh->prepare("select * from $table where crt_name='' and csr_name!='' "); - $sth->execute(); - #$rowdata; - while ( my $rowdata = $sth->fetchrow_hashref() ) - { - my %row=%{$rowdata}; - - my $csrname = "../csr/".$org.($server?"server-":"client-").$row{'id'}.".csr"; - my $crtname = "../crt/".$org.($server?"server-":"client-").$row{'id'}.".crt"; - - - if($server) - { - #Weird SQL structure ... - my @sqlres=$dbh->selectrow_array("select memid from domains where id='".int($row{'domid'})."'"); - $row{'memid'}=$sqlres[0]; - SysLog("Fetched memid: $row{'memid'}\n") if($debug); - } - - SysLog "Opening $csrname\n"; - - my $crt=""; - - my $profile=0; - - # "0"=>"client.cnf", - # "1"=>"client-org.cnf", - # "2"=>"client-codesign.cnf", - # "3"=>"client-machine.cnf", - # "4"=>"client-ads.cnf", - # "5"=>"server.cnf", - # "6"=>"server-org.cnf", - # "7"=>"server-jabber.cnf", - # "8"=>"server-ocsp.cnf", - # "9"=>"server-timestamp.cnf", - # "10"=>"proxy.cnf", - # "11"=>"subca.cnf" - - - if($row{"type"} =~ m/^(8|9)$/) - { - $profile=$row{"type"}; - } - elsif($org) - { - if($row{'codesign'}) - { - $profile=2; ## TODO! - } - elsif($server) - { - $profile=6; - } - else - { - $profile=1; - } - } - else - { - if($row{'codesign'}) - { - $profile=2; - } - elsif($server) - { - $profile=5; - } - else - { - $profile=0; - } - - - } - - - - if(open(IN,"<$csrname")) - { - undef $/; - my $content=<IN>; - close IN; - SysLog "Read.\n" if($debug); - SysLog "Subject: --$row{'subject'}--\n" if($debug); - - my ($SAN,$subject)=X509extractSAN($row{'subject'}); - SysLog "Subject: --$subject--\n" if($debug); - SysLog "SAN: --$SAN--\n" if($debug); - SysLog "memid: $row{'memid'}\n" if($debug); - - my $days=$org?($server?(365*2):365):calculateDays($row{"memid"}); - - - $crt=Request($ver,1,1,$row{'rootcert'}-1,$profile,$row{'md'}eq"sha1"?2:0,$days,$row{'keytype'}eq"NS"?1:0,$content,$SAN,$subject); - if(length($crt)) - { - if($crt=~m/^-----BEGIN CERTIFICATE-----/) - { - open OUT,">$crtname"; - print OUT $crt; - close OUT; - } - else - { - open OUT,">$crtname.der"; - print OUT $crt; - close OUT; - system "$opensslbin x509 -in $crtname.der -inform der -out $crtname"; - } - } - - } - else - { - print "Error: $! Konnte $csrname nicht laden\n"; - } - - - - if(-s $crtname) - { - SysLog "Opening $crtname\n"; - - my $date=X509extractExpiryDate($crtname); - my $serial=X509extractSerialNumber($crtname); - - setUsersLanguage($row{memid}); - - my %user=getUserData($row{memid}); - - foreach (sort keys %user) - { - SysLog " $_ -> $user{$_}\n" if($debug); - } - - SysLog("update `$table` set `crt_name`='$crtname', modified=now(), serial='$serial', `expire`='$date' where `id`='".$row{'id'}."'\n"); - - $dbh->do("update `$table` set `crt_name`='$crtname', modified=now(), serial='$serial', `expire`='$date' where `id`='".$row{'id'}."'"); - - my $body = _("Hi")." $user{fname},\n\n"; - $body .= sprintf(_("You can collect your certificate for %s by going to the following location:")."\n\n", $row{'email'}); - $body .= "https://www.cacert.org/account.php?id=".($server?"15":"6")."&cert=$row{id}\n\n"; - $body .= _("If you havent imported CAcert´s root certificate, please go to:")."\n"; - $body .= "https://www.cacert.org/index.php?id=3\n"; - $body .= "Root cert fingerprint = A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B\n"; - $body .= "Root cert fingerprint = 135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33\n\n"; - $body .= _("Best regards")."\n"._("CAcert.org Support!")."\n\n"; - sendmail($user{email}, "[CAcert.org] "._("Your certificate"), $body, "support\@cacert.org", "", "", "CAcert Support"); - } else { - $dbh->do("delete from `$table` where `id`='".$row{'id'}."'"); - } - } -} - -sub HandleNewCRL($$) -{ - my ($crl,$crlname)=@_; - if(length($crl)) - { - if($crl=~m/^\%XD/) - { - writefile("$crlname.patch",$crl); - system "xdelta patch $crlname.patch $crlname $crlname.tmp"; - } - elsif($crl=~m/^-----BEGIN X509 CRL-----/) - { - writefile("$crlname.pem",$crl); - system "$opensslbin crl -in $crlname.pem -outform der -out $crlname.tmp"; - } - elsif($crl=~m/^\x30/) - { - writefile("$crlname.tmp",$crl); - } - else - { - Error "Unknown CRL format!".(substr($crl,0,5))."\n"; - } - rename "$crlname.tmp","$crlname"; # Atomic move - } -} - - -sub RevokeCerts($$) -{ - my $org=$_[0]?"org":""; - my $server=$_[1]; - - my $table=$org.($server?"domaincerts":"emailcerts"); - - my $sth = $dbh->prepare("select * from $table where revoked='1970-01-01 10:00:01'"); # WHICH TIMEZONE? - $sth->execute(); - #$rowdata; - while ( my $rowdata = $sth->fetchrow_hashref() ) - { - my %row=%{$rowdata}; - - my $csrname = "../csr/".$org.($server?"server-":"client-").$row{'id'}.".csr"; - my $crtname = "../crt/".$org.($server?"server-":"client-").$row{'id'}.".crt"; - my $crlname = $revokefile{$row{'rootcert'}}; - - my $crt=""; - - - if(open(IN,"<$crtname")) - { - undef $/; - my $content=<IN>; - close IN; - my $revokehash=sha1_hex(readfile($crlname)); - - my $crl=Request($ver,2,1,$row{'rootcert'}-1,0,0,365,0,$content,"",$revokehash); - HandleNewCRL($crl,$crlname); - - if(-s $crlname) - { - setUsersLanguage($row{memid}); - - my %user=getUserData($row{memid}); - - $dbh->do("update `$table` set `revoked`=now() where `id`='".$row{'id'}."'"); - - my $body = _("Hi")." $user{fname},\n\n"; - $body .= sprintf(_("Your certificate for %s has been revoked, as per request.")."\n\n", $row{'CN'}); - $body .= _("Best regards")."\n"._("CAcert.org Support!")."\n\n"; - sendmail($user{email}, "[CAcert.org] "._("Your certificate"), $body, "support\@cacert.org", "", "", "CAcert Support"); - } - - } - else - { - SysLog("Error: $crtname $!\n") if($debug); - } - - } - -} - - - - - -sub HandleGPG() -{ - my $sth = $dbh->prepare("select * from gpg where crt='' and csr!='' "); - $sth->execute(); - my $rowdata; - while ( $rowdata = $sth->fetchrow_hashref() ) - { - my %row=%{$rowdata}; - - my $csrname = "../csr/gpg-".$row{'id'}.".csr"; - my $crtname = "../crt/gpg-".$row{'id'}.".crt"; - - SysLog "Opening $csrname\n"; - - my $crt=""; - - if(-s $csrname && open(IN,"<$csrname")) - { - undef $/; - my $content=<IN>; - close IN; - SysLog "Read.\n"; - $crt=Request($ver,1,2,0,0,2,366,0,$content,"",""); - if(length($crt)) - { - open OUT,">$crtname"; - print OUT $crt; - close OUT; - } - - } - else - { - #Error("Error: $!\n"); - next; - } - - if(-s $crtname) - { - SysLog "Opening $crtname\n"; - setUsersLanguage($row{memid}); - - my $date=OpenPGPextractExpiryDate($crtname); - my %user=getUserData($row{memid}); - - $dbh->do("update `gpg` set `crt`='$crtname', issued=now(), `expire`='$date' where `id`='".$row{'id'}."'"); - - my $body = _("Hi")." $user{fname},\n\n"; - $body .= sprintf(_("Your CAcert signed key for %s is available online at:")."\n\n", $row{'email'}); - $body .= "https://www.cacert.org/gpg.php?id=3&cert=$row{id}\n\n"; - $body .= _("To help improve the trust of CAcert in general, it's appreciated if you could also sign our key and upload it to a key server. Below is a copy of our primary key details:")."\n\n"; - $body .= "pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA) <gpg\@cacert.org>\n"; - $body .= "Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58\n\n"; - $body .= _("Best regards")."\n"._("CAcert.org Support!")."\n\n"; - sendmail($user{email}, "[CAcert.org] Your GPG/PGP Key", $body, "support\@cacert.org", "", "", "CAcert Support"); - } else { - $dbh->do("delete from `gpg` where `id`='".$row{'id'}."'"); - } - } -} - - -# Main program loop - -while(1) -{ - SysLog("Handling GPG database ...\n"); -# HandleGPG(); - SysLog("Issueing certs ...\n"); -# HandleCerts(0,0); #personal client certs -# HandleCerts(0,1); #personal server certs -# HandleCerts(1,0); #org client certs -# HandleCerts(1,1); #org server certs -# SysLog("Revoking certs ...\n"); -# RevokeCerts(0,0); #personal client certs -# RevokeCerts(0,1); #personal server certs -# RevokeCerts(1,0); #org client certs -# RevokeCerts(1,1); #org server certs - - #print "Sign Request X.509, Root0\n"; - #my $reqcontent=""; - #Request($ver,1,1,0,5,2,365,0,$reqcontent,"","/CN=supertest.cacert.at"); - - SysLog("NUL Request:\n"); - my $timestamp=strftime("%m%d%H%M%Y.%S",gmtime); - my $ret=Request($ver,0,0,0,0,0,0,0,$timestamp,"",""); - print "RET: $ret\n"; - - SysLog("Generate regular CRLs:\n"); - foreach my $root ((1,2)) - { - my $crlname = $revokefile{$root}; - my $revokehash=sha1_hex(readfile($crlname)); - print "Aktueller Hash am Webserver: $revokehash\n"; - my $crl=Request($ver,2,1,$root-1,0,0,365,0,"","",$revokehash); - HandleNewCRL($crl,$crlname); - } - - usleep(700000); -} @@ -1,17 +0,0 @@ -LibreSSL Documentation - -(c) 2005-2008 by CAcert Inc. -License: GNU-GPLv2 - -System Requirements: -Linux/POSIX -PHP -GetText -UFPDF - PDF generation library from http://acko.net/node/56 -OpenSSL - X.509 toolkit from http://www.openssl.org/ -openssl-vulnkey including blacklists for all common key sizes -GnuPG - OpenPGP toolkit from http://www.gnupg.org/ -whois - whois client from http://www.linux.it/~md/software/ -XEnroll - Enrollment Active-X control for IE5/6 from Microsoft (search for xenroll.cab) -CommModule - CAcert Communication Module - diff --git a/README.md b/README.md new file mode 100644 index 0000000..39c9d68 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +LibreSSL Documentation +====================== + +(c) 2005-2013 by CAcert Inc. +License: GNU-GPLv2 + +## System Requirements: + + * Linux/POSIX + * PHP 5.3 + * GetText PECL module for PHP + * UFPDF - PDF generation library from http://acko.net/node/56 + * OpenSSL - X.509 toolkit from http://www.openssl.org/ + * openssl-vulnkey including blacklists for all common key sizes + * GnuPG - OpenPGP toolkit from http://www.gnupg.org/ + * whois - whois client from http://www.linux.it/~md/software/ + * XEnroll - Enrollment Active-X control for IE5/6 from Microsoft (search for xenroll.cab) + * CommModule - CAcert Communication Module + diff --git a/cgi-bin/siteseal.cgi b/cgi-bin/siteseal.cgi deleted file mode 100755 index ac28697..0000000 --- a/cgi-bin/siteseal.cgi +++ /dev/null @@ -1,92 +0,0 @@ -#!/usr/bin/php -q -<? -/** - * check site seal - * - * @package org.cacert.framework - * @author Duane Groth <duane@groth.net> - * @copyright Copyright (C) 2003-2008, {@link http://www.cacert.org/ CAcert Inc.} - * @license GPL Version 2 - * @version $Id: siteseal.cgi,v 1.4 2008-04-06 19:44:25 root Exp $ - */ - -if($_SERVER["HTTPS"] == "on") - $http = "https"; -else - $http = "http"; - -/* obfuscate var names */ -srand((double)microtime()*1000000); -$var1 = "ca1-".md5(rand(0,9999999)); -$var2 = "ca2-".md5(rand(0,9999999)); -$var3 = "ca3-".md5(rand(0,9999999)); -$var4 = "ca4-".md5(rand(0,9999999)); -$var5 = "ca5-".md5(rand(0,9999999)); -$var6 = "ca6-".md5(rand(0,9999999)); -$var7 = "ca7-".md5(rand(0,9999999)); -$var8 = "ca8-".md5(rand(0,9999999)); -$var9 = "ca9-".md5(rand(0,9999999)); -$var10 = "caa-".md5(rand(0,9999999)); -$var11 = "cab-".md5(rand(0,9999999)); - -header("Content-Type: text/javascript"); -header("Content-Disposition: inline; filename=\"siteseal.js\""); - -?> - -var <?=$var1?> = window.location.href; -<? // var <?=$var2?> = '<?=$http?>://www.cacert.org/certdetails.php?referer=' + <?=$var1?>; ?> -var <?=$var2?> = '<?=$http?>://www.cacert.org'; -var <?=$var3?> = (new Date()).getTimezoneOffset(); - -var <?=$var4?> = navigator.userAgent.toLowerCase(); -var <?=$var5?> = false; -if (<?=$var4?>.indexOf("msid") != 1) { - <?=$var5?> = (<?=$var4?>.indexOf("msie 5") == -1 && <?=$var4?>.indexOf("msie 6") == -1); -} - -function <?=$var6?>(e) { - if (document.addEventListener) { - if (e.target.name == '<?=$var7?>') { - <?=$var8?>(); - return false; - } - } else if (document.captureEvents) { - if (e.target.toString().indexOf('certdetails') != -1) { - <?=$var8?>(); - return false; - } - } - return true; -} - -function <?=$var9?>() { - if (event.button == 1) { - if (<?=$var5?>) { - return true; - } else { - <?=$var8?>(); - return false; - } - } else if (event.button == 2) { - <?=$var8?>(); - return false; - } -} - -function <?=$var8?>() { - cacertWindow = window.open(<?=$var2?>, '<?=$var10?>', config='height=420,width=523,toolbar=no,menubar=no,scrollbars=no,resizable=no,location=no,directories=no,status=yes'); - cacertWindow.focus(); -} - -if (document.addEventListener) { - document.addEventListener('mouseup', <?=$var6?>, true); -} else { - if (document.layers) { - document.captureEvents(Event.MOUSEDOWN); - document.onmousedown=<?=$var6?>; - } -} - -document.write("<a href='" + <?=$var2?> + "' target='<?=$var10?>' tabindex='-1' onmousedown='<?=$var9?>(); return false;'><img name='<?=$var7?>' border='0' src='<?=$http?>://www.cacert.org/sealgen.php?cert=<?=$cert?>&referer=" + <?=$var1?> + "' alt='Click to verify' oncontextmenu='return false;' /></a>"); ?> - diff --git a/config/ttp.ini b/config/ttp.ini new file mode 100644 index 0000000..d0a0913 --- /dev/null +++ b/config/ttp.ini @@ -0,0 +1,6 @@ +; list of countries and the TTP CAP form to be used +[ttp_country] +Australia=ttp +Puerto Rico=ttp +US Virgin Island=ttp +USA =ttp
\ No newline at end of file @@ -0,0 +1 @@ +# This directory has to be writeable by the web server @@ -0,0 +1 @@ +# This directory has to be writeable by the web server diff --git a/includes/account.php b/includes/account.php index 6dacf2d..2eeca73 100644 --- a/includes/account.php +++ b/includes/account.php @@ -905,7 +905,8 @@ function buildSubjectFromSession() { `rootcert`='".intval($row['rootcert'])."', `type`='".intval($row['type'])."', `pkhash`='".mysql_real_escape_string($row['pkhash'])."', - `description`='".mysql_real_escape_string($row['description'])."'"; + `description`='".mysql_real_escape_string($row['description'])."', + `md`='".HashAlgorithms::clean($row['md'])."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","server",$newid); @@ -1085,7 +1086,8 @@ function buildSubjectFromSession() { `disablelogin`='".intval($row['disablelogin'])."', `codesign`='".intval($row['codesign'])."', `rootcert`='".intval($row['rootcert'])."', - `description`='".mysql_real_escape_string($row['description'])."'"; + `description`='".mysql_real_escape_string($row['description'])."', + `md`='".HashAlgorithms::clean($row['md'])."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","client",$newid); @@ -1210,6 +1212,23 @@ function buildSubjectFromSession() { exit; } + if($oldid == 6 && $_REQUEST['certid'] != "") + { + if(trim($_REQUEST['description']) != ""){ + $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $description= ""; + } + + if(trim($_REQUEST['disablelogin']) == "1"){ + $disablelogin = 1; + }else{ + $disablelogin = 0; + } + + mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'"); + } + if($oldid == 13 && $process != "" && $showdetails!="") { csrf_check("perschange"); @@ -1275,10 +1294,7 @@ function buildSubjectFromSession() { if($oldid == 13 && $process != "") { - $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`"; - $ddres = mysql_query($ddquery); - $ddrow = mysql_fetch_assoc($ddres); - $_SESSION['profile']['points'] = $ddrow['total']; + update_points_in_profile(); if($_SESSION['profile']['points'] == 0) { @@ -1337,10 +1353,7 @@ function buildSubjectFromSession() { $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'")); $_SESSION['profile']['loggedin'] = 1; - $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`"; - $ddres = mysql_query($ddquery); - $ddrow = mysql_fetch_assoc($ddres); - $_SESSION['profile']['points'] = $ddrow['total']; + update_points_in_profile(); $id = 13; @@ -1362,7 +1375,7 @@ function buildSubjectFromSession() { showheader(_("My CAcert.org Account!")); if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2']) { - echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"), + echo '<h3 class="error_fatal">', _("Failure: Pass Phrase not Changed"), '</h3>', "\n"; echo _("New Pass Phrases specified don't match or were blank."); } else { @@ -1380,15 +1393,15 @@ function buildSubjectFromSession() { } if(strlen($_SESSION['_config']['user']['pword1']) < 6) { - echo '<h3 style="color:red">', + echo '<h3 class="error_fatal">', _("Failure: Pass Phrase not Changed"), '</h3>', "\n"; echo _("The Pass Phrase you submitted was too short."); } else if($score < 3) { - echo '<h3 style="color:red">', + echo '<h3 class="error_fatal">', _("Failure: Pass Phrase not Changed"), '</h3>', "\n"; printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score); } else if($rc <= 0) { - echo '<h3 style="color:red">', + echo '<h3 class="error_fatal">', _("Failure: Pass Phrase not Changed"), '</h3>', "\n"; echo _("You failed to correctly enter your current Pass Phrase."); } else { @@ -1714,7 +1727,8 @@ function buildSubjectFromSession() { `modified`=NOW(), `codesign`='".intval($row['codesign'])."', `rootcert`='".intval($row['rootcert'])."', - `description`='".mysql_real_escape_string($row['description'])."'"; + `description`='".mysql_real_escape_string($row['description'])."', + `md`='".HashAlgorithms::clean($row['md'])."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","orgclient",$newid); @@ -2066,7 +2080,8 @@ function buildSubjectFromSession() { `subject`='".mysql_real_escape_string($row['subject'])."', `type`='".intval($row['type'])."', `rootcert`='".intval($row['rootcert'])."', - `description`='".mysql_real_escape_string($row['description'])."'"; + `description`='".mysql_real_escape_string($row['description'])."', + `md`='".HashAlgorithms::clean($row['md'])."'"; mysql_query($query); $newid = mysql_insert_id(); //echo "NewID: $newid<br/>\n"; @@ -2234,7 +2249,7 @@ function buildSubjectFromSession() { `contact`='".$_SESSION['_config']['contact']."', `L`='".$_SESSION['_config']['L']."', `ST`='".$_SESSION['_config']['ST']."', - `C`='".$_SESSION['_config']['C']."', + `C`='".strtoupper($_SESSION['_config']['C'])."', `comments`='".$_SESSION['_config']['comments']."'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O'])); @@ -2262,7 +2277,7 @@ function buildSubjectFromSession() { `contact`='".$_SESSION['_config']['contact']."', `L`='".$_SESSION['_config']['L']."', `ST`='".$_SESSION['_config']['ST']."', - `C`='".$_SESSION['_config']['C']."', + `C`='".strtoupper($_SESSION['_config']['C'])."', `comments`='".$_SESSION['_config']['comments']."' where `id`='".intval($_SESSION['_config']['orgid'])."'"); showheader(_("My CAcert.org Account!")); @@ -2785,8 +2800,8 @@ function buildSubjectFromSession() { $row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'")); printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email'])); - $my_translation = L10n::get_translation(); - L10n::set_recipient_language(intval($_REQUEST['userid'])); + $my_translation = L10n::get_translation(); + L10n::set_recipient_language(intval($_REQUEST['userid'])); $body = sprintf(_("Hi %s,"),$row['fname'])."\n\n"; $body .= _("You are receiving this email because a CAcert administrator ". "has changed the password on your account.")."\n\n"; @@ -2795,7 +2810,7 @@ function buildSubjectFromSession() { sendmail($row['email'], "[CAcert.org] "._("Password Update Notification"), $body, "support@cacert.org", "", "", "CAcert Support"); - L10n::set_translation($my_translation); + L10n::set_translation($my_translation); } showfooter(); @@ -2902,25 +2917,6 @@ function buildSubjectFromSession() { } } - /* presently not needed - if($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0 && $ticketvalidation==TRUE) - { - $memid = $_REQUEST['userid'] = intval($_REQUEST['tverify']); - if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change tverify status',$ticketno)) { - showheader(_("Something went wrong")); - echo _("Writing to the admin log failed. Can't continue."); - showfooter(); - exit; - } - $query = "select * from `users` where `id`='$memid'"; - $row = mysql_fetch_assoc(mysql_query($query)); - $ver = !$row['tverify']; - mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'"); - }elseif($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0 && $ticketvalidation==FALSE){ - $_SESSION['ticketmsg']='No action taken. Ticket number is missing!'; - } - */ - if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0 && $ticketvalidation == TRUE) { csrf_check('admsetassuret'); diff --git a/includes/account_stuff.php b/includes/account_stuff.php index 0fda2f1..9ff794d 100644 --- a/includes/account_stuff.php +++ b/includes/account_stuff.php @@ -101,7 +101,9 @@ case 506: case 509: case 511: - case 512: $expand = " explode('WoT');"; break; // Find Assurer + case 512: // Find Assurer + case 516: // TTP form + case 517: $expand = " explode('WoT');"; break; // Assurer check case 1000: case 1001: case 1002: // View GPG key @@ -142,7 +144,6 @@ <title><?=$title?></title> <? if(array_key_exists('header',$_SESSION) && $_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?> <link rel="stylesheet" href="/styles/default.css" type="text/css" /> -<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script language="JavaScript" type="text/javascript"> function explode(e) { if (document.getElementById(e).style.display == 'none') { @@ -177,12 +178,8 @@ function hideall() { </div> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3> - <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("View/Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="account.php?id=55"><?=_("My Trainings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><? -/* to delete - if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897) - echo "<li><a href='sqldump.php'>SQL Dump</a></li>"; -*/ - ?></ul> + <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("View/Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="account.php?id=55"><?=_("My Trainings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li> + </ul> </div> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3> @@ -224,7 +221,7 @@ function hideall() { <? } ?> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3> - <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?></ul> + <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><a href="wot.php?id=17"><?=_("Check Assurer Status")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul> </div> <div class="relatedLinks"> <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><? @@ -275,7 +272,7 @@ function hideall() { <div class="story"> <h3><?=$title2?></h3> <? if($_SESSION['_config']['errmsg'] != "") { ?> -<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p> +<p class="error_fatal"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?></p> <? } ?> <? } diff --git a/includes/general.php b/includes/general.php index 17b449b..83802ad 100644 --- a/includes/general.php +++ b/includes/general.php @@ -17,6 +17,7 @@ */ require_once(dirname(__FILE__)."/lib/general.php"); + require_once(dirname(__FILE__)."/notary.inc.php"); session_name("cacert"); session_start(); @@ -28,6 +29,12 @@ // if($_SESSION['profile']['id'] > 0) // session_regenerate_id(); + //cf. http://stackoverflow.com/a/14532168 + if(!defined('ENT_HTML401')) define('ENT_HTML401', 0); + if(!defined('ENT_XML1')) define('ENT_XML1', 16); + if(!defined('ENT_XHTML')) define('ENT_XHTML', 32); + if(!defined('ENT_HTML5')) define('ENT_HTML5', (32|16)); + $pageLoadTime_Start = microtime(true); $junk = array(_("Face to Face Meeting"), _("Trusted Third Parties"), _("Thawte Points Transfer"), _("Administrative Increase"), @@ -46,9 +53,7 @@ if(array_key_exists('HTTP_HOST',$_SERVER) && $_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] && - $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'] && - $_SERVER['HTTP_HOST'] != $_SESSION['_config']['tverify'] && - $_SERVER['HTTP_HOST'] != "stamp.cacert.org") + $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname']) { if(array_key_exists('HTTPS',$_SERVER) && $_SERVER['HTTPS'] == "on") header("location: https://".$_SESSION['_config']['normalhostname']); @@ -58,19 +63,18 @@ } if(array_key_exists('HTTP_HOST',$_SERVER) && - ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] || - $_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify'])) + ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])) { if(array_key_exists('HTTPS',$_SERVER) && $_SERVER['HTTPS'] == "on") { } else { - if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname']) - header("location: https://". $_SESSION['_config']['securehostname']); - if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify']) - header("location: https://".$_SESSION['_config']['tverify']); + if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname']){ + header("location: https://". $_SESSION['_config']['securehostname']); + } exit; + } } @@ -82,10 +86,7 @@ $locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".intval($_SESSION['profile']['id'])."'")); if($locked['locked'] == 0) { - $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`"; - $res = mysql_query($query); - $row = mysql_fetch_assoc($res); - $_SESSION['profile']['points'] = $row['total']; + update_points_in_profile(); } else { $_SESSION['profile'] = ""; unset($_SESSION['profile']); @@ -94,47 +95,46 @@ function loadem($section = "index") { - if($section != "index" && $section != "account" && $section != "tverify") + if($section != "index" && $section != "account") { $section = "index"; } - if($section == "account") + if($section == "account"){ include_once($_SESSION['_config']['filepath']."/includes/account_stuff.php"); + } - if($section == "index") + if($section == "index"){ include_once($_SESSION['_config']['filepath']."/includes/general_stuff.php"); - - if($section == "tverify") - include_once($_SESSION['_config']['filepath']."/includes/tverify_stuff.php"); + } } function includeit($id = "0", $section = "index") { $id = intval($id); - if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg" && $section != "disputes" && $section != "tverify" && $section != "advertising") + if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg" && $section != "disputes" && $section != "advertising") { $section = "index"; } - if($section == "tverify" && file_exists($_SESSION['_config']['filepath']."/tverify/index/$id.php")) - include_once($_SESSION['_config']['filepath']."/tverify/index/$id.php"); - else if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")) + if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")){ include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php"); + } else { $id = "0"; - if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")) + if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")){ include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php"); - else { + } else { $section = "index"; $id = "0"; - if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")) + if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php")){ include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php"); - else + } else { include_once($_SESSION['_config']['filepath']."/www/error404.php"); + } } } } @@ -266,6 +266,16 @@ } } + function isValidWildcard($name){ + if(substr($name,0,2) == "*."){ + $name = substr($name, 2); + } + if(!preg_match('/^(\\.(?!-)[a-z0-9_-]*[a-z0-9])+$/i','.'.$name)){ + return false; + } + return strpos($name, "*") === false; + } + function getcn() { unset($_SESSION['_config']['rows']); @@ -279,6 +289,12 @@ $bits = explode(".", $CN); $dom = ""; $cnok = 0; + + if(!isValidWildcard($CN)){ + $_SESSION['_config']['rejected'][] = $CN; + continue; + } + for($i = count($bits) - 1; $i >= 0; $i--) { if($dom) @@ -287,7 +303,7 @@ $dom = $bits[$i]; $_SESSION['_config']['row'] = ""; $dom = mysql_real_escape_string($dom); - $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; + $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` = '$dom' and `deleted`=0 and `hash`=''"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { @@ -328,6 +344,11 @@ else continue; + if(!isValidWildcard($alt)){ + $_SESSION['_config']['rejected'][] = $alt; + continue; + } + $bits = explode(".", $alt); $dom = ""; $altok = 0; @@ -339,7 +360,7 @@ $dom = $bits[$i]; $_SESSION['_config']['altrow'] = ""; $dom = mysql_real_escape_string($dom); - $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; + $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` = '$dom' and `deleted`=0 and `hash`=''"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { @@ -369,6 +390,12 @@ $CN = $_SESSION['_config']["$cnc.CN"]; $bits = explode(".", $CN); $dom = ""; + + if(!isValidWildcard($CN)){ + $_SESSION['_config']['rejected'][] = $CN; + continue; + } + for($i = count($bits) - 1; $i >= 0; $i--) { if($dom) @@ -415,6 +442,11 @@ else continue; + if(!isValidWildcard($alt)){ + $_SESSION['_config']['rejected'][] = $alt; + continue; + } + $bits = explode(".", $alt); $dom = ""; for($i = count($bits) - 1; $i >= 0; $i--) @@ -477,9 +509,7 @@ if($id <= 0) $id = $_SESSION['profile']['id']; - $query = "select sum(`points`) as `points` from `notary` where `to`='$id' and `deleted` = 0 group by `to`"; - $row = mysql_fetch_assoc(mysql_query($query)); - $points = $row['points']; + $points = get_received_total_points($id); $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-18)); $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `dob` < '$dob'"; @@ -506,6 +536,56 @@ return(0); } + /** + * Decode UTF-8 byte sequences into HTML entities + * + * @see https://blog.benny-baumann.de/?p=332 + */ + function charset_decode_utf8_callback($match) { + $m = $match[0]; + + switch(strlen($m)) { + case 6: + // decode six byte unicode characters + return '&#'.((ord($m[0])-252)*1073741824+(ord($m[1])-200)*16777216+(ord($m[2])-200)*262144+(ord($m[3])-128)*4096+(ord($m[4])-128)*64+(ord($m[5])-128)).';'; + case 5: + // decode five byte unicode characters + return '&#'.((ord($m[0])-248)*16777216+(ord($m[1])-200)*262144+(ord($m[2])-128)*4096+(ord($m[3])-128)*64+(ord($m[4])-128)).';'; + case 4: + // decode four byte unicode characters + return '&#'.((ord($m[0])-240)*262144+(ord($m[1])-128)*4096+(ord($m[2])-128)*64+(ord($m[3])-128)).';'; + case 3: + // decode three byte unicode characters + return '&#'.((ord($m[0])-224)*4096+(ord($m[1])-128)*64+(ord($m[2])-128)).';'; + case 2: + // decode two byte unicode characters + return '&#'.((ord($m[0])-192)*64+(ord($m[1])-128)).';'; + default: + return $m; + } + } + + /** + * Decode utf-8 strings + * @param string $string Encoded string + * @return string Decoded string + * @see https://blog.benny-baumann.de/?p=332 + */ + function charset_decode_utf8 ($string) { + // decode 2-6 byte unicode characters + $string = preg_replace_callback("/[\374-\375][\200-\277][\200-\277][\200-\277][\200-\277][\200-\277]|". + "[\370-\373][\200-\277][\200-\277][\200-\277][\200-\277]|". + "[\360-\367][\200-\277][\200-\277][\200-\277]|". + "[\340-\357][\200-\277][\200-\277]|". + "[\300-\337][\200-\277]/", + 'charset_decode_utf8_callback', $string); + + // remove broken unicode + $string = preg_replace("/[\200-\237]|\240|[\241-\377]/",'?',$string); + + return $string; + } + function gpg_hex2bin($data) { while(strstr($data, "\\x")) @@ -516,7 +596,8 @@ $after = substr($data, $pos + 4); $data = $before.$char.$after; } - return(utf8_decode($data)); + + return htmlentities(charset_decode_utf8($data), ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8', false); } function signmail($to, $subject, $message, $from, $replyto = "") @@ -646,7 +727,7 @@ $line = mysql_real_escape_string(trim(strip_tags($line))); $query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'"; - if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'"; + if(isset($_SESSION['profile']) && is_array($_SESSION['profile']) && isset($_SESSION['profile']['id'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'"; mysql_query($query); if(substr($line, 0, 3) != "250") @@ -697,20 +778,20 @@ $subject=""; if(mysql_num_rows($res) > 0) { - printf(_("Your certificate request is still queued and hasn't been processed yet. Please wait, and go to Certificates -> View to see it's status.")); + printf('<p>' . _("Your certificate request is still queued and hasn't been processed yet. Please wait, and go to Certificates -> View to see it's status." . '</p>')); $subject="[CAcert.org] Certificate TIMEOUT"; $body = "A certificate has timed out!\n\n"; } else { - printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." certid:$table:".intval($certid), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>"); + printf('<p>' . _("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.") . " certid:$table:".intval($certid) . '</p>', "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>"); $subject="[CAcert.org] Certificate FAILURE"; $body = "A certificate has failed: $table $certid $id $show\n\n"; } $body .= _("Best regards")."\n"._("CAcert.org Support!"); - sendmail("philipp@cacert.org", $subject, $body, "returns@cacert.org", "", "", "CAcert Support"); + sendmail("sw-message@cacert.org", $subject, $body, "returns@cacert.org", "", "", "CAcert Support"); if($show) showfooter(); if($show) exit; @@ -729,7 +810,7 @@ function sanitizeHTML($input) { - return htmlentities(strip_tags($input), ENT_QUOTES, 'ISO-8859-1'); + return htmlentities(strip_tags($input), ENT_QUOTES | ENT_SUBSTITUTE, 'ISO-8859-1', false); //In case of problems, please use the following line again: //return htmlentities(strip_tags(utf8_decode($input)), ENT_QUOTES); //return htmlspecialchars(strip_tags($input)); @@ -867,5 +948,32 @@ return $res; } + /** + * Returns the given ip address truncated to /16 (ipv4) or to /48 (ipv6) + */ + function anonymizeIP($ip){ + $bits = @inet_pton($ip); + if($bits === false) { + return false; + } -?> + if(strlen($bits) == 4) { + $bits[2] = "\0"; + $bits[3] = "\0"; + $newIP = @inet_ntop($bits); + if($newIP !== false) { + $newIP .= "/16"; + } + return $newIP; + } else if(strlen($bits) == 16) { + for($i=6;$i<16;$i++){ + $bits[$i]="\0"; + } + $newIP = @inet_ntop($bits); + if($newIP !== false) { + $newIP .= "/48"; + } + return $newIP; + } + return false; + } diff --git a/includes/general_stuff.php b/includes/general_stuff.php index 10c4e0a..08eb807 100644 --- a/includes/general_stuff.php +++ b/includes/general_stuff.php @@ -66,7 +66,7 @@ google_color_border = "FFFFFF"; </div> <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?> <div class="relatedLinks"> - <h3 class="pointer" onclick="explode('recom')"><?=_("Advertising")?></h3> + <h3 class="pointer" onclick="explode('recom')">Funding</h3> <ul class="menu" id="recom"><? $query = "select * from `advertising` where `expires`>NOW() and `active`=1"; $res = mysql_query($query); @@ -80,7 +80,7 @@ google_color_border = "FFFFFF"; <div class="story"> <? if($title2!="") echo "<h3>$title2</h3>"; ?> <? if($_SESSION['_config']['errmsg'] != "") { ?> -<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p> +<p class="error_fatal"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?></p> <? } ?> <? diff --git a/includes/keygen.php b/includes/keygen.php index 15dee8a..270a569 100644 --- a/includes/keygen.php +++ b/includes/keygen.php @@ -24,7 +24,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A 'manually created certificate requests instead.')?></p> </noscript> - <div id="noActiveX" style="color:red"> + <div id="noActiveX" class="error_fatal"> <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p> <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '. 'later versions you have to add this website to the list of trusted sites '. @@ -41,7 +41,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A </p> </div> - <form method="post" style="display:none" action="account.php" + <form method="post" style="display:none;" action="account.php" id="CertReqForm"> <input type="hidden" name="oldid" value="<?=intval($id)?>" /> <input type="hidden" id="CSR" name="CSR" /> @@ -72,7 +72,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A // the maximum is 2048, then only 1024, 1536 and 2048 bits may // be specified as key size. echo _('Step')?>: <span id="keySizeStep"></span></p> - <p style="color:red"><?php + <p class="error_fatal"><?php printf(_('Please note that RSA key sizes smaller than %d bit '. 'will not be accepted by CAcert.'), 2048)?> diff --git a/includes/lib/account.php b/includes/lib/account.php index dd8afd3..f9c1399 100644 --- a/includes/lib/account.php +++ b/includes/lib/account.php @@ -48,8 +48,8 @@ function fix_assurer_flag($userID = NULL) AND `cp`.`user_id` = `u`.`id` ) AND ( - SELECT SUM(`points`) FROM `notary` AS `n` - WHERE `n`.`to` = `u`.`id` + SELECT SUM(`awarded`) FROM `notary` AS `n` + WHERE `n`.`to` = `u`.`id` AND `n`.`method` != \'Administrative Increase\' AND `n`.`from` != `n`.`to` AND (`n`.`expire` > now() OR `n`.`expire` IS NULL) AND `n`.`deleted` = 0 @@ -81,8 +81,8 @@ function fix_assurer_flag($userID = NULL) AND `cp`.`user_id` = `u`.`id` ) OR ( - SELECT SUM(`points`) FROM `notary` AS `n` - WHERE `n`.`to` = `u`.`id` + SELECT SUM(`awarded`) FROM `notary` AS `n` + WHERE `n`.`to` = `u`.`id` AND `n`.`method` != \'Administrative Increase\' AND `n`.`from` != `n`.`to` AND ( `n`.`expire` > now() OR `n`.`expire` IS NULL diff --git a/includes/lib/general.php b/includes/lib/general.php index 127c6b7..3c18731 100644 --- a/includes/lib/general.php +++ b/includes/lib/general.php @@ -15,7 +15,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ - +include_once( __DIR__ . "/../notary.inc.php"); /** * Checks if the user may log in and retrieve the user id * @@ -32,9 +32,9 @@ function get_user_id_from_cert($serial, $issuer_cn) { $query = "select `memid` from `emailcerts` where - `serial`='".mysql_escape_string($serial)."' and + `serial`='".mysql_real_escape_string($serial)."' and `rootcert`= (select `id` from `root_certs` where - `Cert_Text`='".mysql_escape_string($issuer_cn)."') and + `Cert_Text`='".mysql_real_escape_string($issuer_cn)."') and `revoked`=0 and disablelogin=0 and UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; $res = mysql_query($query); @@ -146,9 +146,7 @@ function runCommand($command, $input = "", &$output = null, &$errors = true) { $Result |= 5; } - $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now() and `deleted` = 0'); - $row = mysql_fetch_assoc($query); - if ($row['points'] < 100) { + if (get_received_assurance_points(intval($userID)) < 100) { $Result |= 3; } diff --git a/includes/loggedin.php b/includes/loggedin.php index c14f8c2..cf36592 100644 --- a/includes/loggedin.php +++ b/includes/loggedin.php @@ -102,10 +102,7 @@ if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0) { - $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`"; - $res = mysql_query($query); - $row = mysql_fetch_assoc($res); - $_SESSION['profile']['points'] = $row['total']; + update_points_in_profile(); if($_SESSION['profile']['language'] == "") { diff --git a/includes/mysql.php.sample b/includes/mysql.php.sample index 01570df..f08b975 100644 --- a/includes/mysql.php.sample +++ b/includes/mysql.php.sample @@ -24,7 +24,6 @@ } $_SESSION['_config']['normalhostname'] = "www.cacert.org"; $_SESSION['_config']['securehostname'] = "secure.cacert.org"; - $_SESSION['_config']['tverify'] = "tverify.cacert.org"; function sendmail($to, $subject, $message, $from, $replyto = "", $toname = "", $fromname = "", $errorsto = "returns@cacert.org", $use_utf8 = true) { diff --git a/includes/notary.inc.php b/includes/notary.inc.php index 3b8e736..4d1def9 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -194,6 +194,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); /** * Calculate the experience points from a given Assurance + * * @param array $row - [inout] associative array containing the data from * the `notary` table, the keys 'experience' and 'calc_awarded' will be * added @@ -254,7 +255,6 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); $row['deleted'] = THAWTE_REVOCATION_DATETIME; break; } - // Don't count revoked assurances even if we are displaying them if ($row['deleted'] !== NULL_DATETIME) { $row['experience'] = 0; @@ -322,6 +322,69 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); $rank_of_assuree = get_top_assuree_position($num_of_assurees); } + /** + * Helper function to sum all assurance points received by the user + * @param int $userid + */ + function get_received_assurance_points($userid) + { + $sum_points = 0; + $sum_experience = 0; + $res = get_received_assurances(intval($userid)); + while($row = mysql_fetch_assoc($res)) + { + calc_assurances($row, $sum_points, $sum_experience); + } + return $sum_points; + } + + /** + * Helper function to sum all assurance points received by the user + * @param int $userid + */ + function get_received_experience_points($userid) + { + $sum_points = 0; + $sum_experience = 0; + $res = get_received_assurances(intval($userid)); + + // this loop sums experience points from recieved assurances + // this happens when the member has assurances with more than 150 points (super assurances) + // such points/assurances should be removed from the database. Afterwards, this logic can be removed. + while($row = mysql_fetch_assoc($res)) + { + calc_assurances($row, $sum_points, $sum_experience); + } + + $res = get_given_assurances(intval($userid)); + while($row = mysql_fetch_assoc($res)) + { + calc_experience($row, $sum_points, $sum_experience); + } + return $sum_experience; + } + + /** + * Helper function to sum all points received by the user + * @param int $userid + */ + function get_received_total_points($userid) + { + $assurance = min(100, get_received_assurance_points($userid)); + $experience = min(50, get_received_experience_points($userid)); + if($assurance < 100) { + return $assurance; + } else { + return 100 + $experience; + } + } + + /** + * Updates the assurance points in $_SESSION['profile'] + */ + function update_points_in_profile(){ + $_SESSION['profile']['points'] = get_received_total_points($_SESSION['profile']['id']); + } // ************* html table definitions ****************** @@ -332,15 +395,15 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td class="title"><?=_("Assurer Ranking")?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> - </tr> + <tr> + <td class="title"><?=_("Assurer Ranking")?></td> + </tr> + <tr> + <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> + </tr> + <tr> + <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> + </tr> </table> <br/> <? @@ -354,15 +417,11 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); */ function output_assurances_header($title, $support, $log) { - if ($support == 1) { - $log = 1; - } - $colspan = 7; if ($support == 1) { $colspan += 2; } - if ($log == 1) { + if ($log == 1 || $support == 1) { $colspan += 1; } ?> @@ -377,25 +436,25 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); if ($support == 1) { ?> - <td class="DataTD"><strong><?=_("When")?></strong></td> - <td class="DataTD"><strong><?=_("Email")?></strong></td> + <td class="DataTD"><strong><?=_("When")?></strong></td> + <td class="DataTD"><strong><?=_("Email")?></strong></td> <? } ?> - <td class="DataTD"><strong><?=_("Who")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Location")?></strong></td> - <td class="DataTD"><strong><?=_("Method")?></strong></td> - <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> + <td class="DataTD"><strong><?=_("Who")?></strong></td> + <td class="DataTD"><strong><?=_("Points")?></strong></td> + <td class="DataTD"><strong><?=_("Location")?></strong></td> + <td class="DataTD"><strong><?=_("Method")?></strong></td> + <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> <? - if ($log == 1) + if ($log == 1 || $support == 1) { ?> <td class="DataTD"><strong><?=_("Revoked")?></strong></td> <? } ?> - </tr> + </tr> <? } @@ -424,10 +483,10 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> <td class="DataTD"><?=intval($sumexperience)?></td> <? - if ($log == 1) + if ($log == 1 || $support == 1) { ?> - <td class="DataTD"> </td> + <td class="DataTD"> </td> <? } ?> @@ -532,14 +591,14 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="4" class="title"><?=_("Summary of your Points")?></td> - </tr> - <tr> - <td class="DataTD"><strong><?=_("Description")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> - <td class="DataTD"><strong><?=_("Remark")?></strong></td> + <tr> + <td colspan="4" class="title"><?=_("Summary of your Points")?></td> + </tr> + <tr> + <td class="DataTD"><strong><?=_("Description")?></strong></td> + <td class="DataTD"><strong><?=_("Points")?></strong></td> + <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> + <td class="DataTD"><strong><?=_("Remark")?></strong></td> </tr> <? } @@ -555,12 +614,12 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); function output_summary_row($title,$points,$points_countable,$remark) { ?> - <tr> - <td class="DataTD"><strong><?=$title?></strong></td> - <td class="DataTD"><?=$points?></td> - <td class="DataTD"><?=$points_countable?></td> - <td class="DataTD"><?=$remark?></td> - </tr> + <tr> + <td class="DataTD"><strong><?=$title?></strong></td> + <td class="DataTD"><?=$points?></td> + <td class="DataTD"><?=$points_countable?></td> + <td class="DataTD"><?=$remark?></td> + </tr> <? } @@ -585,7 +644,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); $log) { $sum_points = 0; - $sumexperience = 0; + $sum_experience = 0; $res = get_given_assurances(intval($userid), $log); while($row = mysql_fetch_assoc($res)) { @@ -615,7 +674,7 @@ define('THAWTE_REVOCATION_DATETIME', '2010-11-16 00:00:00'); $log) { $sum_points = 0; - $sumexperience = 0; + $sum_experience = 0; $res = get_received_assurances(intval($userid), $log); while($row = mysql_fetch_assoc($res)) { @@ -1402,8 +1461,196 @@ function get_user_agreements($memid, $type=null, $active=null){ return (strtotime($date)<=time()+$diff*86400); } + // table layout for organisation + /** + * org_edit_org_table() + * + * @param mixed $orgname + * @param mixed $contactmail + * @param mixed $town + * @param mixed $state + * @param mixed $country + * @param mixed $comment + * @param integer $type 0 - new, 1, edit + * @return + */ + function org_edit_org_table($orgname, $contactmail, $town, $state, $country, $comment, $type=0){ + if ($type > 0) { + $title = _('Edit Organisation'); + $action = _('Update'); + } else { + $title = _('New Organisation'); + $action = _('Next'); + } + org_edit_org_table_header($title); + org_edit_org_table_row(_('Organisation Name'), 'O', $orgname, 64); + org_edit_org_table_row(_('Contact Email'), 'contact', $contactmail, 255); + org_edit_org_table_row(_('Town/Suburb'), 'L', $town, 128); + org_edit_org_table_row(_('State/Province'), 'ST', $state, 128); + org_edit_org_table_country(_('Country'), 'C', $country, 2); + org_edit_org_table_comment(_('Comments'), 'comments', $comment); + org_edit_org_table_footer($action); + } + + /** + * org_edit_org_table_header() + * + * @param mixed $title + * @return + */ + function org_edit_org_table_header($title){ +?> + <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="3" class="title"><?=$title?></td> + </tr> +<? + } + + /** + * org_edit_org_table_row() + * + * @param mixed $label + * @param mixed $name + * @param mixed $value + * @param mixed $length + * @return + */ + function org_edit_org_table_row($label, $name, $value, $length){ +?> + <tr> + <td class="DataTD"><?=$label?>:</td> + <td class="DataTD"><input type="text" name="<?=$name?>" value="<?=SanitizeHTML($value)?>" maxlength="<?=intval($length)?>" size="90"></td> + <td class="DataTD"><? printf(_('max %d characters'),$length)?></td> + </tr> +<? + } + + /** + * org_edit_org_table_country() + * + * @param mixed $label + * @param mixed $name + * @param mixed $value + * @param mixed $length + * @return + */ + function org_edit_org_table_country($label, $name, $value, $length){ +?> + <tr> + <td class="DataTD"><?=$label?>:</td> + <td class="DataTD"> + <input type="text" name="<?=$name?>" value="<?=SanitizeHTML($value)?>" maxlength="<?=intval($length)?>" size="<?=intval($length)?>" /> + <? printf(_('(2 letter %s ISO code %s )'), '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">', '</a>')?> + </td> + <td class="DataTD"><?=sprintf(_('max %d characters'),$length)?></td> + </tr> +<? + } + + /** + * org_edit_org_table_comment() + * + * @param mixed $label + * @param mixed $name + * @param mixed $value + * @return + */ + function org_edit_org_table_comment($label, $name, $value){ +?> + <tr> + <td class="DataTD"><?=$label?>:</td> + <td class="DataTD"><textarea name="<?=$name?>" cols=60 rows=10><?=SanitizeHTML($value)?></textarea></td> + <td class="DataTD"> </td> + </tr> +<? + } + + /** + * org_edit_org_table_footer() + * + * @param mixed $label + * @return + */ + function org_edit_org_table_footer($label){ +?> + <tr> + <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=$label?>"></td> + </tr> + </table> +<? + } + + /** + * get_array_from_ini() + * gets an array from an ini file and trims all entries + * @param mixed $inifile, path and filename of the ini file + * @return + */ + function get_array_from_ini($inifile){ + $array = parse_ini_file('../config/ttp.ini'); + ksort($array); + foreach($array as $key => $value) + { + unset($array[$key]); + $array[trim($key)] = trim($value); + } + return $array; + } + + /** + * create_selectbox_HTML() + * + * @param mixed $name, name for the select element + * @param mixed $options, array with the data for the dropdown + * @param string $value, TRUE if the value for the option should be added + * @param string $firstline, if the should be a first line like´Choose country + * @param string $selected, if selection matches option key the + * entry is preselected in the dropdownbox + * @return + */ + function create_selectbox_HTML($name, array $options, $firstline = '', $value='', $selected = ''){ + $return_str='<select name="' . $name . '">'; + if (''!= $firstline) { + $return_str .= '<option>' . $firstline .'</option>'; + } + foreach ($options as $key => $avalue) { + $return_str.='<option'; + if ($value) { + $return_str.=' value="'.$avalue.'"'; + } + if ($key==$selected){ + $return_str.=' selected="selected"'; + } + $return_str.='>'.$key.'</option>'; + } + $return_str.='</select>'; + return $return_str; + } + + //user function + function get_user_id_from_email($email){ + $email = mysql_real_escape_string(trim($email)); + $res = query_init ("select `id` from `users` where `email` = '" . $email . "'"); + $row = query_getnextrow($res); + + return intval($row['id']); + } + + function get_number_of_adminlog_entries($uid, $typeid, $hours=1){ + $uid = intval($uid); + $typeid = intval($typeid); + $hours = intval($hours); + $res = query_init ("SELECT count(*) AS `no` FROM `adminlog` + WHERE `adminid` = " . $uid . " AND `actiontypeid`=" . $typeid . " and `when` > NOW() - INTERVAL " . $hours . " HOUR " ); + $row = query_getnextrow($res); + + return intval($row['no']); + } + /** - * Write some information to the adminlog + * write_se_log() + * writes an information to the adminlog * * @param int $uid - id of the user account * @param int $adminid - id of the admin @@ -1411,14 +1658,15 @@ function get_user_agreements($memid, $type=null, $active=null){ * @param string $info - the ticket / arbitration number or other information * @return bool - true := success, false := error */ -function write_se_log($uid, $adminid, $type, $info){ +function write_se_log($uid, $adminid, $type, $info, $typeid=1){ //records all support engineer actions changing a user account $uid = intval($uid); $adminid = intval($adminid); $type = mysql_real_escape_string($type); $info = mysql_real_escape_string($info); - $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`) values - (Now(), $uid, $adminid, '$type', '$info')"; + $typeid = intval($typeid); + $query="insert into `adminlog` (`when`, `uid`, `adminid`,`type`,`information`,`actiontypeid`) values + (Now(), $uid, $adminid, '$type', '$info', '$typeid')"; return mysql_query($query); } @@ -2138,3 +2386,40 @@ function output_gpg_certs($row, $support=0, $readonly=true){ </tr> <? } + +/** + * revoke_assurance() + * revokes an assurance and adjusts the old point calculation + * @param mixed $assuranceid - id of the assurance + * @param mixed $toid - id of the assuree + * @return + */ +function revoke_assurance($assuranceid, $toid){ + $assuranceid = intval($assuranceid); + $toid = intval($toid); + $points = 0; + + $query = "update `notary` set `deleted` = NOW() where `id` = '$assuranceid' LIMIT 1"; + mysql_query($query); + recalculate_old_assurance_points($toid); + fix_assurer_flag($toid); +} + +/** + * recalculates the old points of an assuree + * @param int $toid - id of the assuree + */ +function recalculate_old_assurance_points($toid){ + $query = "select * from `notary` where `to` = '$toid' and `method` != 'Administrative Increase' and `deleted` = 0 order by `when`"; + $res = mysql_query($query); + while($row = mysql_fetch_assoc($res)){ + $maxToAward = max(100 - $points, 0); + $newpoints = min($row['awarded'], $maxToAward); + + $points += $row['awarded']; + + $query = "update `notary` set `points` = '". (int)$newpoints ."' where `id`='" . (int)$row['id'] . "' LIMIT 1"; + mysql_query($query); + } + +} diff --git a/includes/shutdown.php b/includes/shutdown.php index 4ceaf25..03b7814 100644 --- a/includes/shutdown.php +++ b/includes/shutdown.php @@ -21,8 +21,8 @@ if(0) { ?> - <font color="#ff0000"><? printf(_("This function is currently disabled. Please visit %s for more information."), - "<a target='_blank' href='http://wiki.cacert.org/wiki/ClientSecurity'>http://wiki.cacert.org/wiki/ClientSecurity</a>")?></font> + <span class="error_fatal"><? printf(_("This function is currently disabled. Please visit %s for more information."), + "<a target='_blank' href='http://wiki.cacert.org/wiki/ClientSecurity'>http://wiki.cacert.org/wiki/ClientSecurity</a>")?></span> <? exit; } diff --git a/includes/tverify_stuff.php b/includes/tverify_stuff.php deleted file mode 100644 index 93f7c32..0000000 --- a/includes/tverify_stuff.php +++ /dev/null @@ -1,78 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -if(!function_exists("showheader")) -{ - function showheader($title = "CAcert.org", $title2 = "") - { - -?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<head> -<title><?=$title?></title> -<? if($_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?> -<link rel="stylesheet" href="/styles/default.css" type="text/css"> -<link href="http://my.rsscache.com/www.cacert.org/rss.php" rel="alternate" type="application/rss+xml" title="rss"> -</head> -<body> - <div id="pagecell1"> - <div id="pageName"><br> - <h2><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="https://www.CAcert.org/images/cacert4.png" border="0" alt="CAcert.org logo"></a></h2> -<div id="googlead"><h2><?=_("Free digital certificates!")?></h2></div> - </div> - <div id="pageNav"> - <div class="relatedLinks"> - <h3><?=_("Join CAcert.org")?></h3> - <a href="http://<?=$_SESSION['_config']['normalhostname']?>/"><?=_("Main Website")?></a> - <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=1"><?=_("Join")?></a> - </div> - <div class="relatedLinks"> - <h3><?=_("My Account")?></h3> - <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Normal Login")?></a> - <a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Cert Login")?></a> - <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a> - </div> - </div> - <div id="content"> - <div class="story"> - <h3><?=$title2?></h3> -<? if($_SESSION['_config']['errmsg'] != "") { ?> -<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p> -<? } ?> -<? - } -} - -if(!function_exists("showfooter")) -{ - function showfooter() - { -?> - </div> - </div> - <div id="siteInfo"> - <a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="/index.php?id=13"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> | - <a href="/index.php?id=10"><?=_("Privacy Policy")?></a> | - <a href="/index.php?id=51"><?=_("Mission Statement")?></a> | <a href="/index.php?id=11"><?=_("Contact Us")?></a> | - <a href="/index.php?id=19"><?=_("Further Information")?></a> | ©2002-<?=date("Y")?> <?=_("by CAcert")?></div> -</div> -</body> -</html><? - } -} -?> diff --git a/pages/account/13.php b/pages/account/13.php index ea28c0e..767e721 100644 --- a/pages/account/13.php +++ b/pages/account/13.php @@ -14,8 +14,8 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? +*/ + $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0"; $res = mysql_query($query); $user = mysql_fetch_assoc($res); @@ -27,16 +27,23 @@ if($showdetails){ $body = sprintf(_("Hi %s,"),$user['fname'])."\n\n"; - $body .= _("You receive this automatic mail since you yourself or someone ". + $ip = anonymizeIp($_SERVER['REMOTE_ADDR']); + if($ip === false) { + $ip = _("Error anonymising IP/network information"); + } + $body .= sprintf(_("You receive this automatic mail since you yourself or someone ". "else looked up your secret questions and answers for a forgotten ". "password.\n\n". + "Network: %s\nTime: %s\n\n". "If it was you who looked up or changed that data, or clicked ". "through the menu in your account, everything is in best order ". "and you can ignore this mail.\n\n". "But if you received this mail without a recognisable reason, ". "there is a danger that an unauthorised person accessed your ". "account, and you should promptly change your password and your ". - "secret questions and answers.")."\n\n"; + "secret questions and answers."), + $ip, + date("Y-m-d H:i:s T"))."\n\n"; $body .= _("Best regards")."\n"._("CAcert Support"); diff --git a/pages/account/14.php b/pages/account/14.php index 29aeb21..97f6f05 100644 --- a/pages/account/14.php +++ b/pages/account/14.php @@ -37,15 +37,15 @@ </tr> <? } ?> <tr> - <td class="DataTD"><?=_("New Pass Phrase")?><font color="red">*</font>: </td> + <td class="DataTD"><?=_("New Pass Phrase")?><span class="error_indicator">*</span>: </td> <td class="DataTD"><input type="password" name="pword1"></td> </tr> <tr> - <td class="DataTD"><?=_("Pass Phrase Again")?><font color="red">*</font>: </td> + <td class="DataTD"><?=_("Pass Phrase Again")?><span class="error_indicator">*</span>: </td> <td class="DataTD"><input type="password" name="pword2"></td> </tr> <tr> - <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol (all white spaces at the beginning and end are removed).")?></td> + <td class="DataTD" colspan="2"><span class="error_indicator">*</span><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol (all white spaces at the beginning and end are removed).")?></td> </tr> <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update Pass Phrase")?>"></td> diff --git a/pages/account/24.php b/pages/account/24.php index 14a47c0..2ad526e 100644 --- a/pages/account/24.php +++ b/pages/account/24.php @@ -16,51 +16,25 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> <? - // Reset session variables regarding Org's, present empty form - if (array_key_exists('O',$_SESSION['_config'])) $_SESSION['_config']['O'] = ""; - if (array_key_exists('contact',$_SESSION['_config'])) $_SESSION['_config']['contact'] = ""; - if (array_key_exists('L',$_SESSION['_config'])) $_SESSION['_config']['L'] = ""; - if (array_key_exists('ST',$_SESSION['_config'])) $_SESSION['_config']['ST'] = ""; - if (array_key_exists('C',$_SESSION['_config'])) $_SESSION['_config']['C'] = ""; - if (array_key_exists('comments',$_SESSION['_config'])) $_SESSION['_config']['comments'] = ""; - +$orgname = ''; +$contactmail = ''; +$town = ''; +$state = ''; +$country = ''; +$comment = ''; + + // Reset session variables regarding Org's, present empty form +if (array_key_exists('O',$_SESSION['_config'])) $_SESSION['_config']['O'] = ""; +if (array_key_exists('contact',$_SESSION['_config'])) $_SESSION['_config']['contact'] = ""; +if (array_key_exists('L',$_SESSION['_config'])) $_SESSION['_config']['L'] = ""; +if (array_key_exists('ST',$_SESSION['_config'])) $_SESSION['_config']['ST'] = ""; +if (array_key_exists('C',$_SESSION['_config'])) $_SESSION['_config']['C'] = ""; +if (array_key_exists('comments',$_SESSION['_config'])) $_SESSION['_config']['comments'] = ""; + ?> <form method="post" action="account.php"> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="2" class="title"><?=_("New Organisation")?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Organisation Name")?>:</td> - <td class="DataTD"><input type="text" name="O" value="" maxlength="50" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Contact Email")?>:</td> - <td class="DataTD"><input type="text" name="contact" value="" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Town/Suburb")?>:</td> - <td class="DataTD"><input type="text" name="L" value="" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("State/Province")?>:</td> - <td class="DataTD"><input type="text" name="ST" value="" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Country")?>:</td> - <td class="DataTD"><input type="text" name="C" value="" size="5"> - <?php printf(_('(2 letter %s ISO code %s )'), - '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">', - '</a>')?> - </td> - </tr> - <tr> - <td class="DataTD"><?=_("Comments")?>:</td> - <td class="DataTD"><textarea name="comments" cols="60" rows="10"></textarea></td> - </tr> - <tr> - <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> - </tr> -</table> +<? +org_edit_org_table($orgname, $contactmail, $town, $state, $country, $comment, 0); +?> <input type="hidden" name="oldid" value="<?=$id?>"> </form> diff --git a/pages/account/25.php b/pages/account/25.php index a70f608..db63529 100644 --- a/pages/account/25.php +++ b/pages/account/25.php @@ -63,7 +63,7 @@ $domcount = mysql_num_rows($r2); ?> <tr> - <td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td> + <td class="DataTD"><?=sanitizeHTML($row['O'])?>, <?=sanitizeHTML($row['ST'])?> <?=sanitizeHTML($row['C'])?></td> <td class="DataTD"><a href="account.php?id=26&orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td> <td class="DataTD"><a href="account.php?id=32&orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td> <td class="DataTD"><a href="account.php?id=27&orgid=<?=$row['id']?>"><?=_("Edit")?></a></td> diff --git a/pages/account/27.php b/pages/account/27.php index a1086d4..d07a781 100644 --- a/pages/account/27.php +++ b/pages/account/27.php @@ -16,46 +16,20 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> <? - $row = mysql_fetch_assoc(mysql_query("select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'")); + $orgid = intval($_REQUEST['orgid']); + $row = mysql_fetch_assoc(mysql_query("select * from `orginfo` where `id`='" . $orgid . "'")); + $orgname = $row['O']; + $contactmail = $row['contact']; + $town = $row['L']; + $state = $row['ST']; + $country = $row['C']; + $comment = $row['comments']; ?> <form method="post" action="account.php"> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="2" class="title"><?=_("Edit Organisation")?></td> - </tr> - <tr> - <td class="DataTD"><?=_("Organisation Name")?>:</td> - <td class="DataTD"><input type="text" name="O" value="<?=$row['O']?>" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Contact Email")?>:</td> - <td class="DataTD"><input type="text" name="contact" value="<?=($row['contact'])?>" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Town/Suburb")?>:</td> - <td class="DataTD"><input type="text" name="L" value="<?=($row['L'])?>" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("State/Province")?>:</td> - <td class="DataTD"><input type="text" name="ST" value="<?=($row['ST'])?>" size="90"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Country")?>:</td> - <td class="DataTD"><input type="text" name="C" value="<?=($row['C'])?>" size="5"> - <?php printf(_('(2 letter %s ISO code %s )'), - '<a href="http://www.iso.org/iso/home/standards/country_codes/iso-3166-1_decoding_table.htm">', - '</a>')?> - </td> - </tr> - <tr> - <td class="DataTD"><?=_("Comments")?>:</td> - <td class="DataTD"><textarea name="comments" cols=60 rows=10><?=($row['comments'])?></textarea></td> - </tr> - <tr> - <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td> - </tr> -</table> +<? + org_edit_org_table($orgname, $contactmail, $town, $state, $country, $comment, 1); +?> <input type="hidden" name="oldid" value="<?=intval($id)?>"> -<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>"> +<input type="hidden" name="orgid" value="<?=$orgid?>"> <input type="hidden" name="csrf" value="<?=make_csrf('orgdetchange')?>" /> </form> diff --git a/pages/account/40.php b/pages/account/40.php index a809595..9613c2d 100644 --- a/pages/account/40.php +++ b/pages/account/40.php @@ -1,6 +1,6 @@ <? /* LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. + Copyright (C) 2004-2014 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,16 +17,16 @@ */ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['secrethash'] = md5(date("YmdHis").rand(0, intval(date("u")))); ?> -<H3><?=_("Contact Us")?></H3> +<h3><?=_("Contact Us")?></h3> <p><b><?=_("General Questions")?></b></p> -<p><b><?=_("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p> +<p><b><?=_("PLEASE NOTE: CAcert support is a volunteer effort. You would help everyone, including yourself to get a reply quickly, by directing general questions to the right place. Due to the large amounts of support questions, incorrectly directed emails may be overlooked.")?></b></p> <p><b><?=_("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p> -<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p> +<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='//wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p> <p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?=_("Go here for more details.")?></a></p> -<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p> -<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p> -<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p> +<p><?=_("General questions about CAcert should be sent to the general support mailing list. This list is read by many more volunteers, then those directly involved in the support team. Please send all emails in ENGLISH only, as everyone on the mailing list understands English, even if this is not their native language. Doing so will increase your chance to get a competent reply.")?></p> +<p> +<?=sprintf(_("You can use the form below to contact the support team directly. The mail is NOT send to the mailing list. Alternatively you can contact the support team by writing an email to %ssupport@cacert.org%s"), "<a href='mailto:support@cacert.org'>", "</a>");?></p> <form method="post" action="account.php" name="form1"> <input type="hidden" name="oldid" value="<?=$id?>"> <!-- <input type="hidden" name="support" value="yes"> --> @@ -35,23 +35,32 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s <label>If you're human leave this blank:</label> <input name="robotest" type="text" id="robotest" class="robotest" /> </p> -<table border="0"> - <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td> - <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td> - <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr> - <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr> - + <table border="0"> + <tr> + <td width="100"><?=_("Your Name")?>:</td> + <td width="300"><input type="text" name="who"></td> + </tr> + <tr> + <td><?=_("Your Email")?>:</td> + <td><input type="text" name="email"></td> + </tr> + <tr> + <td><?=_("Subject")?>:</td> + <td><input type="text" name="subject"></td> + </tr> + <tr> + <td valign="top"><?=_("Message")?>:</td> + <td><textarea name="message" cols="70" rows="10"></textarea></td> + </tr> <tr> - <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td> <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td> </tr> <tr> - <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td> <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td> </tr> </table> </form> - +<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p> <p><b>IRC</b></p> <p><a href="irc://irc.CAcert.org/CAcert">irc://irc.CAcert.org/CAcert</a></p> <p><b>Secure IRC</b></p> diff --git a/pages/account/41.php b/pages/account/41.php index d61d8db..f644025 100644 --- a/pages/account/41.php +++ b/pages/account/41.php @@ -57,7 +57,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php'); $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { - $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_escape_string($row['lang'])."'")); + $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_real_escape_string($row['lang'])."'")); ?> <tr> <td class="DataTD"><?=_("Additional Language")?>:</td> diff --git a/pages/account/43.php b/pages/account/43.php index c889ce3..279da15 100644 --- a/pages/account/43.php +++ b/pages/account/43.php @@ -37,7 +37,7 @@ if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0) { $_REQUEST['userid'] = 0; - $emailsearch = $email = mysql_real_escape_string(stripslashes($_REQUEST['email'])); + $emailsearch = $email = mysql_real_escape_string(stripslashes(trim($_REQUEST['email']))); //Disabled to speed up the queries //if(!strstr($email, "%")) @@ -112,17 +112,10 @@ if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0) // display user information for given user id if(intval($_REQUEST['userid']) > 0) { $userid = intval($_REQUEST['userid']); - $res =get_user_data($userid); - if(mysql_num_rows($res) <= 0) { + $user_data_res =get_user_data($userid); + if(mysql_num_rows($user_data_res) <= 0) { echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!"); } else { - $row = mysql_fetch_assoc($res); - $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."' and `deleted` = 0"; - $dres = mysql_query($query); - $drow = mysql_fetch_assoc($dres); - $alerts =get_alerts(intval($row['id'])); - -//display account data //deletes an assurance if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0 && $ticketvalidation == true) @@ -136,8 +129,7 @@ if(intval($_REQUEST['userid']) > 0) { if ($res) { $trow = mysql_fetch_assoc($res); if ($trow) { - mysql_query("update `notary` set `deleted`=NOW() where `id`='".intval($assurance)."'"); - fix_assurer_flag($trow['to']); + revoke_assurance(intval($assurance),$trow['to']); } } } @@ -145,6 +137,15 @@ if(intval($_REQUEST['userid']) > 0) { $ticketmsg=_('No assurance revoked. Ticket number is missing!'); } + $row = mysql_fetch_assoc($user_data_res); + $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($row['id'])."' and `deleted` = 0"; + $dres = mysql_query($query); + $drow = mysql_fetch_assoc($dres); + $alerts =get_alerts(intval($row['id'])); + +//display account data + + //Ticket number ?> @@ -283,12 +284,6 @@ if(intval($_REQUEST['userid']) > 0) { <td class="DataTD"><?=_("Ad Admin")?>:</td> <td class="DataTD"><a href="account.php?id=43&adadmin=<?=intval($row['id'])?>&ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['adadmin'])?></a> (0 = none, 1 = submit, 2 = approve)</td> </tr> - <!-- presently not needed - <tr> - <td class="DataTD"><?=_("Tverify Account")?>:</td> - <td class="DataTD"><a href="account.php?id=43&tverify=<?=intval($row['id'])?>&ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($row['tverify'])?></a></td> - </tr> - --> <tr> <td class="DataTD"><?=_("General Announcements")?>:</td> <td class="DataTD"><a href="account.php?id=43&general=<?=intval($row['id'])?>&ticketno=<?=sanitizeHTML($ticketno)?>"><?=intval($alerts['general'])?></a></td> @@ -327,6 +322,19 @@ if(intval($_REQUEST['userid']) > 0) { </tr> <? } else { + $body = sprintf(_("Hi %s,"),$row['fname'])."\n\n"; + $body .= sprintf(_("You receive this automatic mail becasue a supporter ". + "looked up your secret questions and answers for a forgotten ". + "password.\n\n". + "Time: %s\n\n". + "If you received this mail without a recognisable reason, ". + "there is a danger that an unauthorised person accessed your ". + "account, and you should promptly report this to support@cacert.org."), + date("Y-m-d H:i:s T"))."\n\n"; + + $body .= _("Best regards")."\n"._("CAcert Support"); + + sendmail($row['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support"); ?> <tr> <td class="DataTD"><?=_("Lost Password")?> - Q1:</td> @@ -390,7 +398,7 @@ if(intval($_REQUEST['userid']) > 0) { ?> <tr> <td class="DataTD"><?=_("Assurance Points")?>:</td> - <td class="DataTD"><?=intval($drow['points'])?></td> + <td class="DataTD"><?=get_received_total_points(intval($row['id']))?></td> </tr> <? // show account history diff --git a/pages/account/48.php b/pages/account/48.php index 8cdd7ac..67f2520 100644 --- a/pages/account/48.php +++ b/pages/account/48.php @@ -26,6 +26,9 @@ <td class="DataTD"><input type="text" name="domain" value="<?=array_key_exists('domain',$_POST)?sanitizeHTML($_POST['domain']):''?>"></td> </tr> <tr> + <td class="DataTD" colspan="2"><?=_("For search by ID use # prefix e.g. #123456")?></td> + </tr> + <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> </tr> </table> diff --git a/pages/account/49.php b/pages/account/49.php index 0218fa0..e9973f2 100644 --- a/pages/account/49.php +++ b/pages/account/49.php @@ -19,44 +19,51 @@ $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']); if($userid <= 0) { - $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain'])); - if(!strstr($domain, "%")) + $domainsearch = $domain = mysql_real_escape_string(trim(stripslashes($_POST['domain']))); + if(!strstr($domain, "%")) { $domainsearch = "%$domain%"; - if(preg_match("/^\d+$/",$domain)) + } + + //check if request is id if not set search ID to -1 + if(preg_match('/^#(\d+)$/', $domain, $match)) { $domainsearch = ""; + $domainid = intval($match[1]); + } else { + $domainid = -1; + } + $query = "select `users`.`id` as `id`, `domains`.`domain` as `domain`, `domains`.`id`as `domid` from `users`,`domains` where `users`.`id`=`domains`.`memid` and - (`domains`.`domain` like '$domainsearch' or `domains`.`id`='$domain') and + (`domains`.`domain` like '$domainsearch' or `domains`.`id`='$domainid') and `domains`.`deleted`=0 and `users`.`deleted`=0 and `users`.`verified`=1 group by `users`.`id` limit 100"; $res = mysql_query($query); - if(mysql_num_rows($res) >= 1) { ?> + if(mysql_num_rows($res) > 1) { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="5" class="title"><?=_("Select Specific User Account Details")?></td> </tr> -<? - while($row = mysql_fetch_assoc($res)) - { ?> +<? while($row = mysql_fetch_assoc($res)) { ?> <tr> <td class="DataTD"><?=_("Domain")?>:</td> <td class="DataTD"><?=$row['domid']?></td> <td class="DataTD"><a href="account.php?id=43&userid=<?=$row['id']?>"><?=sanitizeHTML($row['domain'])?></a></td> </tr> -<? } if(mysql_num_rows($res) >= 100) { ?> +<? } + if(mysql_num_rows($res) >= 100) { ?> <tr> <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td> </tr> -<? } else { ?> +<? } else { ?> <tr> <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td> </tr> -<? } ?> +<? } ?> </table><br><br> <? } elseif(mysql_num_rows($res) == 1) { $row = mysql_fetch_assoc($res); - $_GET['userid'] = intval($row['id']); + $userid = intval($row['id']); } else { ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> @@ -64,35 +71,33 @@ </tr> </table><br><br><? } - - $query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domain' limit 100"; + $query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domainid' limit 100"; $res = mysql_query($query); - if(mysql_num_rows($res) >= 1) { ?> + if(mysql_num_rows($res) > 1) { ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="5" class="title"><?=_("Select Specific Organisation Account Details")?></td> </tr> -<? - while($row = mysql_fetch_assoc($res)) - { ?> +<? while($row = mysql_fetch_assoc($res)) { ?> <tr> <td class="DataTD"><?=_("Domain")?>:</td> <td class="DataTD"><?=$row['id']?></td> <td class="DataTD"><a href="account.php?id=26&orgid=<?=intval($row['orgid'])?>"><?=sanitizeHTML($row['domain'])?></a></td> </tr> -<? } if(mysql_num_rows($res) >= 100) { ?> +<? } + if(mysql_num_rows($res) >= 100) { ?> <tr> <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td> </tr> -<? } else { ?> +<? } else { ?> <tr> <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td> </tr> -<? } ?> +<? } ?> </table><br><br> <? } elseif(mysql_num_rows($res) == 1) { $row = mysql_fetch_assoc($res); - $_GET['userid'] = intval($row['id']); + $userid = intval($row['id']); } else { ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> @@ -104,7 +109,7 @@ if($userid > 0) { - header("location: account.php?id=43&userid=".intval($_GET['userid'])); + header("location: account.php?id=43&userid=".intval($userid)); exit; } ?> diff --git a/pages/account/51.php b/pages/account/51.php deleted file mode 100644 index 7273840..0000000 --- a/pages/account/51.php +++ /dev/null @@ -1,34 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?> -<? - $uid = intval($_GET['photoid']); - $query = "select * from `tverify` where `id`='$uid' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) { ?> -<img src="account.php?id=51&photoid=<?=$uid ?>&img=show" border="0" width="800"> -<? } else { - $query = "select * from `tverify` where `id`='$uid' and `modified`=1"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - echo _("This UID has already been voted on."); - } else { - echo _("Unable to locate a valid request for that UID."); - } - } } ?> diff --git a/pages/account/52.php b/pages/account/52.php deleted file mode 100644 index 6c00c26..0000000 --- a/pages/account/52.php +++ /dev/null @@ -1,105 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -if($_SESSION['profile']['tverify'] <= 0) { - echo _("You don't have access to this area."); -} else { - $uid = intval($_GET['uid']); - $query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) { - $row = mysql_fetch_assoc($res); - $memid = intval($row['memid']); - - $query2 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $rc2 = mysql_num_rows(mysql_query($query2)); - if($rc2 > 0) { - showheader(_("My CAcert.org Account!")); - echo _("You have already voted on this request."); - showfooter(); - exit; - } - - $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `deleted` = 0"; - $notary = mysql_fetch_assoc(mysql_query($query)); - $query = "select * from `users` where `id`='".intval($memid)."'"; - $user = mysql_fetch_assoc(mysql_query($query)); - $tobe = 50 - $notary['points']; - if($row['URL'] != '' && $row['photoid'] != '') { - $tobe = 150 - $notary['points']; - } else if($row['URL'] != '') { - $tobe = 90 - $notary['points']; - } - if(intval($tobe) <= 0) { - $tobe = 0; - } -?> -<?=_("Request Details")?>:<br> -<?=_("Name on file")?>: <?=sanitizeHTML($user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'])?><br> -<?=_("Primary email address")?>: <?=sanitizeHTML($user['email'])." (".intval($user['id']).")"?><br> -<?=_("Certificate Subject")?>: <?=sanitizeHTML($row['CN'])?><br> -<? if($row['URL'] != '') { ?> -<?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br> -<? } ?> -<? if($row['photoid'] != '') { ?> -<?=_("Photo ID URL")?>: <a href="/account.php?id=51&photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br> -<? } ?> -<?=_("Current Points")?>: <?=intval($notary['points'])?><br> -<?=_("Potential Points")?>: <?=intval($tobe)?><br> -<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br> - -<br> -<form method="post" action="account.php"> -<?=_("Comment")?>: <input type="text" name="comment"><br> -<input type="submit" name="agree" value="<?=_("I agree with this Application")?>"> -<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>"> -<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>"> -<input type="hidden" name="uid" value="<?=intval($uid)?>"> -</form> -<? - } else { - $query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=1"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) { - echo _("This UID has already been voted on.")."<br/>"; - } else { - if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>"; - } - - // Search for open requests: - $query = "select * from `tverify` where `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) { - echo "<br/>"._("The following requests are still open:")."<br/><ul>"; - while($row = mysql_fetch_assoc($res)) { - $uid=intval($row['id']); - $query3 = "select * from `tverify-vote` where `tverify`='".intval($uid)."' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $rc3 = mysql_num_rows(mysql_query($query3)); - if($rc3 <= 0) - { - echo "<li><a href='account.php?id=52&uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n"; - } - } - echo "</ul>\n<br>\n"; - } else { - echo "<br/>"._("There are no pending requests where you haven't voted yet."); - } - } -} - -?> diff --git a/pages/account/53.php b/pages/account/53.php index cc9e2d6..1ec04b2 100644 --- a/pages/account/53.php +++ b/pages/account/53.php @@ -16,7 +16,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> <? - $town = array_key_exists('town',$_REQUEST)?mysql_escape_string(stripslashes($_REQUEST['town'])):""; + $town = array_key_exists('town',$_REQUEST)?mysql_real_escape_string(stripslashes($_REQUEST['town'])):""; $regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0; $ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0; $start = array_key_exists('start',$_REQUEST)?intval($_REQUEST['start']):0; diff --git a/pages/account/54.php b/pages/account/54.php index 753b4af..35dce33 100644 --- a/pages/account/54.php +++ b/pages/account/54.php @@ -19,7 +19,7 @@ $ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0; $regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0; $locid = array_key_exists('locid',$_REQUEST)?intval($_REQUEST['locid']):0; - $name = array_key_exists('name',$_REQUEST)?mysql_escape_string($_REQUEST['name']):""; + $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string($_REQUEST['name']):""; if($ccid > 0 && $_REQUEST['action'] == "add") { ?> <form method="post" action="account.php"> diff --git a/pages/account/55.php b/pages/account/55.php index 24cc86d..2032b18 100644 --- a/pages/account/55.php +++ b/pages/account/55.php @@ -90,10 +90,11 @@ $query = ' SELECT `u`.`id`, `u`.`assurer`, - SUM(`points`) + SUM(`awarded`) FROM `users` AS `u`, `notary` AS `n` WHERE `u`.`id` = \''.intval($_SESSION['profile']['id']).'\' + AND `n`.`method` != \'Administrative Increase\' AND `n`.`from` != `n`.`to` AND `n`.`to` = `u`.`id` AND `expire` < NOW() AND `n`.`deleted` = 0 diff --git a/pages/account/6.php b/pages/account/6.php index de8d1a3..2719e27 100644 --- a/pages/account/6.php +++ b/pages/account/6.php @@ -97,6 +97,11 @@ if (array_key_exists('format', $_REQUEST)) { } else { showheader(_("My CAcert.org Account!"), _("Install your certificate")); + + echo '<p>'.sprintf(_('Find the signed certificate together with links for download below. Depending on the way your key was generated you will need to either import the certificate into your browser and export the combined key from there, or save the certificate and combine it with your key file using a tool like OpenSSL or XCA. More information is available in the %sWiki%s.'), '<a href="https://wiki.cacert.org/HowToDocuments/InstallClientCertificate" target="_blank">','</a>').'</p>'; + + echo '<p>'.sprintf(_('Nota bene: We need your support to keep our services operational. Please consider to %sdonate%s or support our teams with your work.'), '<a href="https://funding.cacert.org" target="_blank">','</a>').'</p>'; + echo '<ul class="no_indent">'; echo "<li><a href='account.php?id=$id&cert=$certid&install'>". _("Install the certificate into your browser"). @@ -113,8 +118,8 @@ if (array_key_exists('format', $_REQUEST)) { $crtname=escapeshellarg($row['crt_name']); $cert = shell_exec("/usr/bin/openssl x509 -in $crtname -outform PEM"); echo "<pre>$cert</pre>"; +?> - ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="2" class="title"><?=_("Information about the certificate")?></td> diff --git a/pages/advertising/1.php b/pages/advertising/1.php index 5de2ad3..a7c781e 100644 --- a/pages/advertising/1.php +++ b/pages/advertising/1.php @@ -15,7 +15,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> -<? global $errmsg, $link, $title, $months; if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } ?> +<? global $errmsg, $link, $title, $months; if($errmsg != "") { ?><p class="error_fatal"><?=$errmsg?></p><? } ?> <form method="post" action="advertising.php" ACCEPTCHARSET="utf-8"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> diff --git a/pages/gpg/2.php b/pages/gpg/2.php index 84e11d2..dc6164f 100644 --- a/pages/gpg/2.php +++ b/pages/gpg/2.php @@ -64,7 +64,7 @@ <? } ?> <td class="DataTD"><?=$row['expire']?></td> <td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['keyid'])?></a></td> - <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> + <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=sanitizeHTML($row['description'])?>" /></td> <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td> </tr> <? } ?> diff --git a/pages/index/0.php b/pages/index/0.php index 6cca117..5cd0afc 100644 --- a/pages/index/0.php +++ b/pages/index/0.php @@ -19,7 +19,7 @@ <p><?=_("CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.")?></p> -<p><?=_("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.")?></p> +<p><?=_("CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.")?></p> <p><?=sprintf(_("If you want to have free certificates issued to you, %s join the CAcert Community %s."),'<a href="https://www.cacert.org/index.php?id=1">', '</a>')?></p> @@ -27,7 +27,7 @@ <?=sprintf(_("This license applies to using the CAcert %s root keys %s."),'<a href="/index.php?id=3">','</a>')?></p> -<? if(!array_key_exists('mconn',$_SESSION) || !$_SESSION['mconn']) echo "<font size='+1'>"._("Most CAcert functions are currently unavailable. Please come back later.")."</font>";?> +<? if(!array_key_exists('mconn',$_SESSION) || !$_SESSION['mconn']) echo "<span class=\"error_fatal\">"._("Most CAcert functions are currently unavailable. Please come back later.")."</span>";?> diff --git a/pages/index/1.php b/pages/index/1.php index 0f63e7b..5370d8f 100644 --- a/pages/index/1.php +++ b/pages/index/1.php @@ -35,32 +35,32 @@ <tr> <td class="DataTD" width="125"><?=_("First Name")?>: </td> - <td class="DataTD" width="125"><input type="text" name="fname" size="30" value="<?=array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" autocomplete="off"></td> - <td rowspan="4" class="DataTD" width="125"><? printf(_("Help on Names %sin the wiki%s"),'<a href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td> + <td class="DataTD" width="125"><input type="text" name="fname" size="30" value="<?=array_key_exists('fname',$_REQUEST)?sanitizeHTML($_REQUEST['fname']):""?>" tabindex="1" autocomplete="off"></td> + <td rowspan="4" class="DataTD" width="125"><? printf(_("Help on Names %sin the wiki%s"),'<a tabindex="1" href="//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm" target="_blank">','</a>')?></td> </tr> <tr> <td class="DataTD" valign="top"><?=_("Middle Name(s)")?><br> (<?=_("optional")?>) </td> - <td class="DataTD"><input type="text" name="mname" size="30" value="<?=array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="mname" size="30" value="<?=array_key_exists('mname',$_REQUEST)?sanitizeHTML($_REQUEST['mname']):""?>" tabindex="3" autocomplete="off"></td> </tr> <tr> <td class="DataTD"><?=_("Last Name")?>: </td> - <td class="DataTD"><input type="text" name="lname" size="30" value="<?=array_key_exists('lname',$_REQUEST)?sanitizeHTML($_REQUEST['lname']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="lname" size="30" value="<?=array_key_exists('lname',$_REQUEST)?sanitizeHTML($_REQUEST['lname']):""?>" tabindex="4" autocomplete="off"></td> </tr> <tr> <td class="DataTD"><?=_("Suffix")?><br> (<?=_("optional")?>)</td> - <td class="DataTD"><input type="text" name="suffix" size="30" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" autocomplete="off"><br><?=sprintf(_("Please only write Name Suffixes into this field."))?></td> + <td class="DataTD"><input type="text" name="suffix" size="30" value="<?=array_key_exists('suffix',$_REQUEST)?sanitizeHTML($_REQUEST['suffix']):""?>" tabindex="5" autocomplete="off"><br><?=sprintf(_("Please only write Name Suffixes into this field."))?></td> </tr> <tr> <td class="DataTD"><?=_("Date of Birth")?><br> (<?=_("dd/mm/yyyy")?>)</td> - <td class="DataTD"><nobr><select name="day"> + <td class="DataTD"><nobr><select name="day" tabindex="6"> <? for($i = 1; $i <= 31; $i++) { @@ -71,7 +71,7 @@ } ?> </select> - <select name="month"> + <select name="month" tabindex="7"> <? for($i = 1; $i <= 12; $i++) { @@ -82,29 +82,30 @@ } ?> </select> - <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['signup']) ? sanitizeHTML($_SESSION['signup']['year']):""?>" size="4" autocomplete="off"></nobr> + <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['signup']) ? sanitizeHTML($_SESSION['signup']['year']):""?>" size="4" tabindex="8" autocomplete="off"></nobr> </td> <td class="DataTD"> </td> </tr> <tr> <td class="DataTD"><?=_("Email Address")?>: </td> - <td class="DataTD"><input type="text" name="email" size="30" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="email" size="30" value="<?=array_key_exists('email',$_REQUEST)?sanitizeHTML($_REQUEST['email']):""?>" tabindex="9" autocomplete="off"></td> <td class="DataTD"><?=_("I own or am authorised to control this email address")?></td> </tr> <tr> - <td class="DataTD"><?=_("Pass Phrase")?><font color="red">*</font>: </td> - <td class="DataTD"><input type="password" name="pword1" size="30" autocomplete="off"></td> + <td class="DataTD"><?=_("Pass Phrase")?><span class="error_indicator">*</span>: </td> + <td class="DataTD"><input type="password" name="pword1" size="30" tabindex="10" autocomplete="off"></td> <td class="DataTD" rowspan="2"> </td> </tr> + <tr> - <td class="DataTD"><?=_("Pass Phrase Again")?><font color="red">*</font>: </td> - <td class="DataTD"><input type="password" name="pword2" size="30" autocomplete="off"></td> + <td class="DataTD"><?=_("Pass Phrase Again")?><span class="error_indicator">*</span>: </td> + <td class="DataTD"><input type="password" name="pword2" size="30" tabindex="11" autocomplete="off"></td> </tr> <tr> - <td class="DataTD" colspan="3"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td> + <td class="DataTD" colspan="3"><span class="error_indicator">*</span><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td> </tr> <tr> @@ -119,32 +120,32 @@ <tr> <td class="DataTD">1)</td> - <td class="DataTD"><input type="text" name="Q1" size="30" value="<?=array_key_exists('Q1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q1']):""?>"></td> - <td class="DataTD"><input type="text" name="A1" size="30" value="<?=array_key_exists('A1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A1']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="Q1" size="30" value="<?=array_key_exists('Q1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q1']):""?>" tabindex="12"></td> + <td class="DataTD"><input type="text" name="A1" size="30" value="<?=array_key_exists('A1',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A1']):""?>" tabindex="13" autocomplete="off"></td> </tr> <tr> <td class="DataTD">2)</td> - <td class="DataTD"><input type="text" name="Q2" size="30" value="<?=array_key_exists('Q2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q2']):""?>"></td> - <td class="DataTD"><input type="text" name="A2" size="30" value="<?=array_key_exists('A2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A2']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="Q2" size="30" value="<?=array_key_exists('Q2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q2']):""?>" tabindex="14"></td> + <td class="DataTD"><input type="text" name="A2" size="30" value="<?=array_key_exists('A2',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A2']):""?>" tabindex="15" autocomplete="off"></td> </tr> <tr> <td class="DataTD">3)</td> - <td class="DataTD"><input type="text" name="Q3" size="30" value="<?=array_key_exists('Q3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q3']):""?>"></td> - <td class="DataTD"><input type="text" name="A3" size="30"value="<?=array_key_exists('A3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A3']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="Q3" size="30" value="<?=array_key_exists('Q3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q3']):""?>" tabindex="16"></td> + <td class="DataTD"><input type="text" name="A3" size="30"value="<?=array_key_exists('A3',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A3']):""?>" tabindex="17" autocomplete="off"></td> </tr> <tr> <td class="DataTD">4)</td> - <td class="DataTD"><input type="text" name="Q4" size="30"" value="<?=array_key_exists('Q4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q4']):""?>"></td> - <td class="DataTD"><input type="text" name="A4" size="30" value="<?=array_key_exists('A4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A4']):""?>" autcomplete="off"></td> + <td class="DataTD"><input type="text" name="Q4" size="30"" value="<?=array_key_exists('Q4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q4']):""?>" tabindex="18"></td> + <td class="DataTD"><input type="text" name="A4" size="30" value="<?=array_key_exists('A4',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A4']):""?>" tabindex="19" autcomplete="off"></td> </tr> <tr> <td class="DataTD">5)</td> - <td class="DataTD"><input type="text" name="Q5" size="30" value="<?=array_key_exists('Q5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q5']):""?>"></td> - <td class="DataTD"><input type="text" name="A5" size="30" value="<?=array_key_exists('A5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A5']):""?>" autocomplete="off"></td> + <td class="DataTD"><input type="text" name="Q5" size="30" value="<?=array_key_exists('Q5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['Q5']):""?>" tabindex="20"></td> + <td class="DataTD"><input type="text" name="A5" size="30" value="<?=array_key_exists('A5',$_SESSION['signup'])?sanitizeHTML($_SESSION['signup']['A5']):""?>" tabindex="21" autocomplete="off"></td> </tr> <tr> @@ -154,10 +155,10 @@ <tr> <td class="DataTD" valign="top"><?=_("Alert me if")?>: </td> <td class="DataTD" align="left"> - <input type="checkbox" name="general" value="1" <?=array_key_exists('general',$_SESSION['signup'])? ($_SESSION['signup']['general'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("General Announcements")?><br> - <input type="checkbox" name="country" value="1" <?=array_key_exists('country',$_SESSION['signup'])? ($_SESSION['signup']['country'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Country Announcements")?><br> - <input type="checkbox" name="regional" value="1" <?=array_key_exists('regional',$_SESSION['signup'])? ($_SESSION['signup']['regional'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Regional Announcements")?><br> - <input type="checkbox" name="radius" value="1" <?=array_key_exists('radius',$_SESSION['signup'])? ($_SESSION['signup']['radius'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Within 200km Announcements")?></td> + <input type="checkbox" name="general" value="1" tabindex="22" <?=array_key_exists('general',$_SESSION['signup'])? ($_SESSION['signup']['general'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("General Announcements")?><br> + <input type="checkbox" name="country" value="1" tabindex="23" <?=array_key_exists('country',$_SESSION['signup'])? ($_SESSION['signup']['country'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Country Announcements")?><br> + <input type="checkbox" name="regional" value="1" tabindex="24" <?=array_key_exists('regional',$_SESSION['signup'])? ($_SESSION['signup']['regional'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Regional Announcements")?><br> + <input type="checkbox" name="radius" value="1" tabindex="25" <?=array_key_exists('radius',$_SESSION['signup'])? ($_SESSION['signup']['radius'] == "0" ?"":"checked=\"checked\""):"checked=\"checked\"" ?>><?=_("Within 200km Announcements")?></td> <td class="DataTD"> </td> </tr> @@ -165,11 +166,15 @@ <td class="DataTD" colspan="3"><?=_("When you click on next, we will send a confirmation email to the email address you have entered above.")?></td> </tr> <tr> - <td class="DataTD" colspan="3"><input type="checkbox" name="cca_agree" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> ><?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.html">http://www.cacert.org/policy/CAcertCommunityAgreement.html</a></td> + <td class="DataTD" colspan="3"> + <input type="checkbox" name="cca_agree" tabindex="26" value="1" <?=array_key_exists('cca_agree',$_SESSION['signup'])? ($_SESSION['signup']['cca_agree'] == "1" ?"checked=\"checked\"":""):"" ?> > + <br/> + <?=_("I agree to the terms and conditions of the CAcert Community Agreement")?>: <a href="/policy/CAcertCommunityAgreement.html" tabindex="28" >http://www.cacert.org/policy/CAcertCommunityAgreement.php</a> + </td> </tr> <tr> - <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=_("Next")?>"></td> + <td class="DataTD" colspan="3"><input type="submit" name="process" value="<?=_("Next")?>" tabindex="27"></td> </tr> </table> diff --git a/pages/index/11.php b/pages/index/11.php index d1ef4df..3939352 100644 --- a/pages/index/11.php +++ b/pages/index/11.php @@ -1,6 +1,6 @@ <? /* LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. + Copyright (C) 2004-2014 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,41 +17,50 @@ */ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['secrethash'] = md5(date("YmdHis").rand(0, intval(date("u")))); ?> -<H3><?=_("Contact Us")?></H3> +<h3><?=_("Contact Us")?></h3> <p><b><?=_("General Questions")?></b></p> -<p><b><?=_("PLEASE NOTE: Due to the large amounts of support questions, incorrectly directed emails may be over looked, this is a volunteer effort and directing general questions to the right place will help everyone, including yourself as you will get a reply quicker.")?></b></p> +<p><b><?=_("PLEASE NOTE: CAcert support is a volunteer effort. You would help everyone, including yourself to get a reply quickly, by directing general questions to the right place. Due to the large amounts of support questions, incorrectly directed emails may be overlooked.")?></b></p> <p><b><?=_("If you are contacting us about advertising, please use the form at the bottom of the website, the first contact form is not the correct place.")?></b></p> -<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='http://wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p> +<p><?=sprintf(_("If you are having trouble with your username or password, please visit our %swiki page%s for more information"), "<a href='//wiki.cacert.org/wiki/FAQ/LostPasswordOrAccount' target='_new'>", "</a>");?></p> <p><?=_("Before contacting us, be sure to read the information on our official and unofficial HowTo and FAQ pages.")?> - <a href="//wiki.cacert.org/HELP/"><?=_("Go here for more details.")?></a></p> -<p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p> -<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p> -<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p> +<p><?=_("General questions about CAcert should be sent to the general support mailing list. This list is read by many more volunteers, then those directly involved in the support team. Please send all emails in ENGLISH only, as everyone on the mailing list understands English, even if this is not their native language. Doing so will increase your chance to get a competent reply.")?></p> +<p> +<?=sprintf(_("You can use the form below to contact the support team directly. The mail is NOT send to the mailing list. Alternatively you can contact the support team by writing an email to %ssupport@cacert.org%s"), "<a href='mailto:support@cacert.org'>", "</a>");?></p> <form method="post" action="index.php" name="form1"> <input type="hidden" name="oldid" value="<?=$id?>"> -<!-- <input type="hidden" name="support" value="yes"> --> +<!-- <input type="hidden" name="support" value="yes"> --> <input type="hidden" name="secrethash2" value=""> <p class="robotic" id="pot"> <label>If you're human leave this blank:</label> <input name="robotest" type="text" id="robotest" class="robotest" /> </p> <table border="0"> - <tr><td width="100"><?=_("Your Name")?>:</td><td width="100"><input type="text" name="who"></td><td width="100"></td><td width="100"></td> - <tr><td width="100"><?=_("Your Email")?>:</td><td colspan="3"><input type="text" name="email"></td> - <tr><td width="100"><?=_("Subject")?>:</td><td colspan="3"><input type="text" name="subject"></td></tr> - <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr> - <tr> - <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use \"send to mailing list\" when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td> + <td width="100"><?=_("Your Name")?>:</td> + <td width="300"><input type="text" name="who"></td> + </tr> + <tr> + <td><?=_("Your Email")?>:</td> + <td><input type="text" name="email"></td> + </tr> + <tr> + <td><?=_("Subject")?>:</td> + <td><input type="text" name="subject"></td> + </tr> + <tr> + <td valign="top"><?=_("Message")?>:</td> + <td><textarea name="message" cols="70" rows="10"></textarea></td> + </tr> + <tr> <td colspan="2"><?=_("For confidential data use \"send to support\".")?></td> </tr> <tr> - <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td> <td colspan="2"><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td> </tr> </table> </form> - +<p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p> <p><b>IRC</b></p> <p><a href="irc://irc.CAcert.org/CAcert">irc://irc.CAcert.org/CAcert</a></p> <p><b>Secure IRC</b></p> diff --git a/pages/index/13.php b/pages/index/13.php index 612422f..5c2c97e 100644 --- a/pages/index/13.php +++ b/pages/index/13.php @@ -44,6 +44,8 @@ Account No.: 180264 <p><?=_("Thank you very much for your support, your donations help CAcert to continue to operate.")?></p> +<h3>Funding</h3> +<p><?=sprintf(_("If you want to support some special funding projects please visit the %sfunding page%s."), '<a href="https://funding.cacert.org" target="_blank">','</a>')?></p> <h3><?=_("Using Our Affiliate Partners")?></h3> diff --git a/pages/index/3.php b/pages/index/3.php index f060c8f..7c52447 100644 --- a/pages/index/3.php +++ b/pages/index/3.php @@ -29,6 +29,7 @@ <ul class="no_indent"> <li><a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a></li> <li><a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a></li> + <li><a href="certs/root.cer"><?=_("Root Certificate (CER Format base64 encoded)")?></a></li> <li><a href="certs/root.txt"><?=_("Root Certificate (Text Format)")?></a></li> <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a></li> <li><?=_("SHA1 Fingerprint:")?> 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33</li> @@ -39,6 +40,7 @@ <ul class="no_indent"> <li><a href="certs/class3.crt"><?=_("Intermediate Certificate (PEM Format)")?></a></li> <li><a href="certs/class3.der"><?=_("Intermediate Certificate (DER Format)")?></a></li> + <li><a href="certs/class3.der"><?=_("Intermediate Certificate (CER Format base64 encoded)")?></a></li> <li><a href="certs/class3.txt"><?=_("Intermediate Certificate (Text Format)")?></a></li> <li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a></li> <?php /* diff --git a/pages/index/6.php b/pages/index/6.php index fe57d81..22b7711 100644 --- a/pages/index/6.php +++ b/pages/index/6.php @@ -79,15 +79,15 @@ </tr> <? } ?> <tr> - <td class="DataTD"><?=_("New Pass Phrase")?><font color="red">*</font>: </td> + <td class="DataTD"><?=_("New Pass Phrase")?><span class="error_indicator">*</span>: </td> <td class="DataTD"><input type="password" name="newpass1" autocomplete="off"></td> </tr> <tr> - <td class="DataTD"><?=_("Repeat")?><font color="red">*</font>: </td> + <td class="DataTD"><?=_("Repeat")?><span class="error_indicator">*</span>: </td> <td class="DataTD"><input type="password" name="newpass2" autocomplete="off"></td> </tr> <tr> - <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td> + <td class="DataTD" colspan="2"><span class="error_indicator">*</span><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td> </tr> <tr> <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> diff --git a/pages/index/feed.rss b/pages/index/feed.rss new file mode 100644 index 0000000..def221f --- /dev/null +++ b/pages/index/feed.rss @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?><!-- generator="WordPress/2.5.1" --> +<rss version="0.92"> + <channel> + <title>CAcert NEWS Blog</title> + <link>http://blog.cacert.org</link> + <description>CAcert NEWS and up coming events.</description> + <lastBuildDate>Fri, 20 Aug 2010 11:54:30 +0000</lastBuildDate> + <docs>http://backend.userland.com/rss092</docs> + <language>en</language> + + <item> + <title>Looking for confirmation email on creating account?</title> + <description>Please go to https://ca-mgr1.it-sls.de/login login with your just created account and password. Under MAIL you'll find your individual confirmation email. + </description> + <link>https://ca-mgr1.it-sls.de/testsystemdoc.html</link> + </item> + <item> + <title>You are interested in helping Testing ?</title> + <description>Create your test account on the Testserver. Beware of the confirmation email (see above) Entry page for Testers: https://wiki.cacert.org/Software/CurrentTest. Please contact Ulrich becoming a Testteam member.</description> + <link>https://wiki.cacert.org/Software/CurrentTest</link> + </item> + <item> + <title>Dear Testers</title> + <description>We had one work with no activity on the testserver caused by inactivity by the Software-Assessment team, caused by router problems at the hosting site of the testserver. Probably latter has been fixed. + + The reported bugs can be categorized into + 1. Testserver-Mgmt-System related + 2. Production Server recovery process to Testserver + 3. general software errors + + Group 1+2 are essential for our current test phase, as they covers the problems in building the base testserver environment that is needed for testing. + + So language and country selection support is an essential feature we've worked on the last week. + + One problem couldn't be solved till today: secondary language selection all other country and language related bugs should be fixed in the meantime. + + Also the Show my Points details now has the correct script (after some confusion in the Software-Assessment team and one developer), comparable to the script on the production website. + + On the main entry page for testers https://wiki.cacert.org/Software/CurrentTest the updates on the bugs are marked with (i) so here comes the 2nd test round ... + + Please report your found bugs and also success reports to the listed bug numbers + + Thanks for your assistance .... ;)</description> + <link>https://cacert1.it-sls.de/</link> + </item> + </channel> +</rss> diff --git a/pages/wot/1.php b/pages/wot/1.php index 9047f27..e69178d 100644 --- a/pages/wot/1.php +++ b/pages/wot/1.php @@ -92,7 +92,8 @@ $query = "select *, `users`.`id` as `id` from `users`,`notary` where `listme`='1' and `ccid`='".$ccid."' and `regid`='".$regid."' and `locid`='".$locid."' and `users`.`id`=`notary`.`to` and `notary`.`deleted`=0 - group by `notary`.`to` HAVING SUM(`points`) >= 100 order by `points` desc"; + AND `notary`.`method` != 'Administrative Increase' AND `notary`.`from` != `notary`.`to` + group by `notary`.`to` HAVING SUM(`awarded`) >= 100 order by `points` desc"; $list = mysql_query($query); if(mysql_num_rows($list) > 0) { @@ -112,7 +113,7 @@ <td class="DataTD"><?=maxpoints($row['id'])?></td> <td class="DataTD"><?=sanitizeHTML($row['contactinfo'])?></td> <td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td> - <td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td> + <td class="DataTD"><?=$row['assurer']?_("Yes"):("<span class=\"error_indicator\">"._("Not yet!")."</span>")?></td> </tr> <? } diff --git a/pages/wot/12.php b/pages/wot/12.php index a0bbf50..e6b20ca 100644 --- a/pages/wot/12.php +++ b/pages/wot/12.php @@ -65,9 +65,9 @@ document.f.location.focus(); { $bits = explode(",", $_REQUEST['location']); - $loc = trim(mysql_escape_string($bits['0'])); - $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1'])); - $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2'])); + $loc = trim(mysql_real_escape_string($bits['0'])); + $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1'])); + $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2'])); $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and diff --git a/pages/wot/13.php b/pages/wot/13.php index eac7e18..1143769 100644 --- a/pages/wot/13.php +++ b/pages/wot/13.php @@ -21,9 +21,9 @@ if(array_key_exists('location',$_REQUEST) && $_REQUEST['location'] != "") { { $bits = explode(",", $_REQUEST['location']); - $loc = trim(mysql_escape_string($bits['0'])); - $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1'])); - $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2'])); + $loc = trim(mysql_real_escape_string($bits['0'])); + $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1'])); + $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2'])); $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and `locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id` diff --git a/pages/wot/16.php b/pages/wot/16.php new file mode 100644 index 0000000..069b7a2 --- /dev/null +++ b/pages/wot/16.php @@ -0,0 +1,143 @@ +<?php +/*LibreSSL - CAcert web application +Copyright (C) 2004-2008 CAcert Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +//******************* TTP Console ************ + +if ($_SESSION['profile']['ttpadmin'] < 1) { + echo _("You are not allowed to view this page."); + exit; +} + +//Check for test or productive environment, in case of test the user data for the print out is extended by 'test system' +$testserver=''; +if ($_SESSION['_config']['normalhostname']=='cacert1.it-sls.de') { + $testserver=' test system'; +} + +$row = $_SESSION['_config']['notarise']; +$fname = $row['fname']; +$mname = $row['mname']; +$lname = $row['lname']; +$suffix = $row['suffix']; +$fullname = $fname." ".$mname." ".$lname." ".$suffix; +$email = $row['email']; +$dob = date_format(new DateTime($row['dob']), 'Y-m-d'); +$userid = $row['id']; + +//List TTP Assurances and TotalPoints +//changed get_received_assurances ($userid, $support) + +//include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php"); +include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); + +output_received_assurances(intval($userid),2); //support==2 => TTP + + +$query = "select sum(`points`) as `points` from `notary` where `to`='".intval($userid)."'"; +$dres = mysql_query($query); +$drow = mysql_fetch_assoc($dres); + +$points=$drow['points']; +if ($points<1) { + $points=0; +} + +$res = get_received_assurances(intval($userid), 2); +$ttp_assurances_count=$num_rows = mysql_num_rows($res); + +//Form +?> +<table align="center" class="wrapper"> + <tr> + <td class="title"><?=sprintf(_('Total assurance points for %s'),$fullname)?></td> + </tr> + <tr> + <td><?=sprintf(_('%s points'), $points)?></td> + </tr> +</table> +<br/> +<form action="https://pdf.cacert.eu/cacertpdf.php" method="get" accept-charset="UTF-8"> + <table align="center" class="wrapper"> + <tr> + <td colspan="2" class="title"><?= _('TTP CAP form creation')?></td> + </tr> + <tr> + <td colspan="2" class="title"><?= _('User information')?></td> + </tr> + <tr> + <td><?=_('Fullname')?><input type="hidden" name="fullname" value="<?=$fullname.$testserver?>"/></td> + <td><?=$fullname?></td> + </tr> + <tr> + <td><?=_('Date of Birth')?><input type="hidden" name="dob" value="<?=$dob.$testserver?>"/></td> + <td><?=$dob?></td> + </tr> + <tr> + <td><?=_('Email')?><input type="hidden" name="email" value="<?=$email.$testserver?>"/></td> + <td><?=$email?></td> + </tr> + <tr></tr> + <tr> + <td><?=_('Country where the TTP will be visited')?></td> + <td> + <? + $ttpcountries=get_array_from_ini('../config/ttp.ini'); + echo create_selectbox_HTML('type',$ttpcountries, '',TRUE); + ?> + </td> + </tr> + <tr> + <td colspan="2" class="title"><?=_('TTP Admin postal address, including name, street, country etc.')?></td> + </tr> + <tr> + <td><?=_('Line').' 1'?></td> + <td><input type="text" name="adress" /></td> + </tr> + <tr> + <td><?=_('Line').' 2'?></td> + <td><input type="text" name="adress1" /></td> + </tr> + <tr> + <td><?=_('Line').' 3'?></td> + <td><input type="text" name="adress2" /></td> + </tr> + <tr> + <td><?=_('Line').' 4'?></td> + <td><input type="text" name="adress3" /></td> + </tr> + <tr> + <td><?=_('Line').' 5'?></td> + <td><input type="text" name="adress4" /></td> + </tr> + <tr> + <td colspan="2" class="title"> + <? + if ($points>=100 || $ttp_assurances_count>=2) { + echo _('No TTP assurance allowed'); + }else{ + ?><input type="submit" value="<?=_('Create TTP CAP pdf file')?>"/><? + }?> + </td> + </tr> + </table> + <input type="hidden" name="lang" value="en"/> +</form> + +<div class="blockcenter"> + <a href="wot.php?id=6&userid=<?=$userid ?>"><?=_("Back")?></a> +</div> diff --git a/pages/wot/17.php b/pages/wot/17.php new file mode 100644 index 0000000..657f990 --- /dev/null +++ b/pages/wot/17.php @@ -0,0 +1,76 @@ +<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2008 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ +include_once("../includes/shutdown.php"); +require_once("../includes/lib/l10n.php"); + +if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") +{ + ?><font color="orange" size="+1"> + <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?> + </font> + <?unset($_SESSION['_config']['error']); +} + +if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { + unset($_SESSION['_config']['noemailfound']); +} + +?> +<form method="post" action="wot.php" name="form1"> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="2" class="title"><?=_('Check Assurer Status')?></td> + </tr> + <tr> + <td class="DataTD"><?=_('Email to check')?>:</td> +<? if(array_key_exists('remindersent',$_SESSION['_config']) && $_SESSION['_config']['remindersent'] == 1) { unset($_SESSION['_config']['remindersent']) ?> + <td class="DataTD"><input type="text" name="email" id="email" value=""></td> + <? } else { ?> + <td class="DataTD"><input type="text" name="email" id="email" value="<?=array_key_exists('email',$_POST)?sanitizeHTML($_POST['email']):""?>"></td> + <? } ?> + </tr> + <tr> + <td class="DataTD"><?=_('Reason why the assurer status is needed')?>:</td> + <td class="DataTD"><select name="reason"><option>--</option> + <option><?=_('Assurance')?></option> + <option><?=_('Event Preparation')?></option> + <option><?=_('Arbitration')?></option> + <option><?=_('CARS check')?></option> + <option><?=_('CATS certificate creation')?></option> + <option><?=_('Organisation Assurance')?></option> + </select></td> + </tr> + <tr> + <td class="DataTD" colspan="2"><?=_('If you request the assurer status the result is send via mail to the person of whom you request the status of.')?></td> + </tr> + <tr> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td> + </tr> +</table> +<input type="hidden" name="oldid" value="<?=$id?>"> +</form> +<SCRIPT LANGUAGE="JavaScript"> +//<![CDATA[ + function my_init() + { + document.getElementById("email").focus(); + } + + window.onload = my_init(); +//]]> +</script> diff --git a/pages/wot/3.php b/pages/wot/3.php index 0864ffd..cb3a008 100644 --- a/pages/wot/3.php +++ b/pages/wot/3.php @@ -17,31 +17,68 @@ */ ?> <h3><?=_("CAcert Web of Trust Rules")?></h3> -<p><?=_("It is essential that CAcert Assurers understand and follow the rules below to ensure that applicants for assurance are suitably identified, which, in turn, maintains trust in the system.")?></p> +<p><?=_("CAcert Assurers should understand and follow the rules.")?></p> +<p><?=_("The assurance process consists of two parts")?></p> +<ol> + <li><?=_("a face to face meeting between the assurer and the assuree")?></li> + <li><?=_("the assurer validating that data while entering it to the CAcert system")?></li> +</ol> +<h4><?=_("Face to face meeting")?></h4> +<ul> + <li><?=_("Assurer and assuree have to meet in person")?></li> + <li><?=_("A CAcert Assurance Programme (CAP) form has to be filled and signed by the assuree. It must contain the following information:")?> + <ul> + <li><?=_("All names of the assuree that appear in the account")?></li> + <li><?=_("Date of birth of the assuree")?></li> + <li><?=_("Primary email address of the assuree")?></li> + <li><?=sprintf(_("The acceptance of the %sCAcert Community Agreement%s (CCA) by the assuree"), "<a href=\"/policy/CAcertCommunityAgreement.html\">", "</a>")?></li> + <li><?=_("The agreement to enter an assurance by the assuree")?></li> + <li><?=_("The signature of the assuree")?></li> + <li><?=_("The date of the signature")?></li> + </ul></li> + <li><?=("At least one government issued photo identification document (ID-Card, drivers license, passport, ...) of the assuree has to be checked by the assurer. We prefer and advise to check two such documents, if possible.")?></li> +</ul> +<ul> + <li><?=_("The assurer has to compare the data of the document with the data entered in the CAP-form. Missing data needs to be added. The signatures on the documents and CAP-form should be compared. The photo should match the person. If there is any doubt in those points, the assurer should consider to either reduce the points (for minor issues) or decide to refuse to finish the assurance at all.")?></li> + <li><?=_("It is recommended that the assurer also notes if the assuree has an account and to repeat entries that may be hard to read in the assurers hand.")?></li> + <li><?=_("The assurer is asked to verify, if the assuree understands the crucial points of the CAcert Community Agreement and the assurance process.")?></li> + <li><?=_("If there are major issues the assurer (or the assuree) should consider to file a dispute, by sending a mail to support@cacert.org.")?></li> + <li><?=_("If the assurer is convinced that the assurance was ok, the assurer has to approve this by adding the following data to the CAP-form.")?> + <ul> + <li><?=_("Name of the assurer")?></li> + <li><?=_("Date of the assurance")?></li> + <li><?=_("Place of the assurance")?></li> + <li><?=_("Record over the type of documents used during the assurance (no numbers may be noted)")?></li> + <li><?=_("Points issued by the assurer")?></li> + <li><?=sprintf(_("That the assurance was done under the %sAssurance Policy%s (AP)"), "<a href=\"/policy/AssurancePolicy.html\">", "</a>")?></li> + <li><?=_("The signature of the assurer")?></li> + </ul> + </li> +</ul> +<h4><?=_("Validating and entering the data to the CAcert system")?></h4> +<p><?=_("After the meeting the assurer has to log into the CAcert webpage and follow the \"Assure Someone\" link.")?></p> +<ul> + <li><?=_("The primary email address and the date of birth from the assuree, as written on the CAP-form have to be entered by the assurer.")?></li> + <li><?=_("Only if they were entered correctly the assurer gets access to the assurance page with the remaining data of the assuree.")?></li> + <li><?=_("This page shows the names, date of birth and primary email address of the assuree.")?></li> + <li><?=_("It has to be compared to the data written on the CAP-form by the assurer.")?></li> + <li><?=sprintf(_("If the data matches completely, the assurer may enter the assurance. (The acceptable discrepancies for the names can be found in the %sAssurance Handbook%s (AH))"), "<a href=\"//wiki.cacert.org/AssuranceHandbook2\">", "</a>")?></li> + <li><?=_("The assurer has to enter the assurance points.")?></li> + <li><?=_("The assurer has to acknowledge the face-to-face meeting with the assuree, that the data on the pages matches the assuree, and that the CCA is accepted by the assurer. +")?></li> +</ul> +<h4><?=_("Privacy")?></h4> +<p><?=_("The assurer is responsible to maintain the confidentiality and privacy of the assuree.")?></p> +<p><?=_("In particular the CAP-forms have to be stored safely for at least 7 years and not to be shown to anybody but")?></p> +<ul> + <li><?=_("the assuree")?></li> + <li><?=_("the Arbitrator of a valid arbitration case who requests to see it with a good reason based on the case")?></li> + <li><?=_("another person named by such an Arbitrator.")?></li> +</ul> +<p><?=_("Exceptions may be made only with the explicit consent of the assuree.")?></p> -<p><?=_("Contact")?><br> -<br> -* <?=_("You must meet the applicant in person;")?><br> -* <?=_("You must sight at least one form of government issued photo identification. It's preferable if 2 forms of Government issued photo ID are presented, as less points may be issued if there is any doubt on the person by the person issuing points;")?><br> -* <?=_("Complete the assurance form if the applicant has not already done so. Ensure that all information matches.")?><br> -</p> +<h4><?=_("Fees")?></h4> +<p><?=_("The assurer may charge a fee for the expenses however not for the assurance itself, but only if the assuree has been advised of the amount prior to the meeting.")?></p> -<p><?=_("Processing")?><br> -<?=_("After the meeting, visit the CAcert Web site's make an Assurance page and:")?><br> -<br> -* <?=_("Enter the applicant's email address;")?><br> -* <?=_("Compare the online information to the information recorded on the paper form;")?><br> -* <?=_("If, and only if, the two match completely - you may award trust points up to the maximum points you are able to allocate;")?><br> -</p> - -<p><?=_("Privacy")?><br> -<?=_("It is imperative that you maintain the confidentiality and privacy of the applicant, and never disclose the information obtained without the applicant's consent.")?></p> - -<p><?=_("Fees")?><br> -<?=_("You may charge a fee for your expenses if the applicant has been advised of the amount prior to the meeting.")?></p> - -<p><?=_("Liability")?><br> -<?=_("A CAcert Assurer who knowingly, or reasonably ought to have known, assures an applicant contrary to this policy may be held liable.")?></p> - -<p><?=_("Assurance Points")?><br> -<?=_("CAcert may, from time to time, alter the amount of Assurance Points that a class of assurer may assign as is necessary to effect a policy or rule change. We may also alter the amount of Assurance Points available to an individual, or new class of assurer, should another policy of CAcert require this.")?></p> +<h4><?=_("Liability")?></h4> +<p><?=_("An assurer who assures someone contrary to this process, as it is defined in the Assurance Policy (AP) may be held liable up to 1000 EUR per case.")?></p> diff --git a/pages/wot/4.php b/pages/wot/4.php index 628e6a5..954bc76 100644 --- a/pages/wot/4.php +++ b/pages/wot/4.php @@ -43,12 +43,13 @@ if ($_SESSION['profile']['points']<100){ <form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> - <td class="DataTD"><?=_("Country where you want to visit the TTP")?></td> - <td class="DataTD"><select size="1" name="country"> - <option>Australia</option> - <option>Puerto Rico</option> - <option>USA</option> - </select></td> + <td class="DataTD"><?=_('Country where you want to visit the TTP')?></td> + <td class="DataTD"> + <? + $ttpcountries=get_array_from_ini('../config/ttp.ini'); + echo create_selectbox_HTML('country',$ttpcountries, _('Choose country')); + ?> + </td> </tr> <tr> <td class="DataTD"><?=_("I want to take part in the TTP Topup programme")?></td> @@ -72,7 +73,7 @@ if ($_SESSION['profile']['points']<100){ </form> */ ?> - <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p> + <p><?=_("We are working to develop the TTP TOPUP process to be able to fill the gap of the missing 30 assurance points to 100 assurance points. Meanwhile you have to close this gap with face to face assurances from CAcert Assurers. Think not only travelling to populated countries, but as well to assurers visiting your country or area.")?></p> <? } } else { diff --git a/pages/wot/5.php b/pages/wot/5.php index 565dd6a..01737e1 100644 --- a/pages/wot/5.php +++ b/pages/wot/5.php @@ -21,9 +21,9 @@ <? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { - ?><font color="orange" size="+1"> + ?><span class="error_warning"> <? echo _("ERROR").": ".$_SESSION['_config']['error'] ?> - </font> + </span> <?unset($_SESSION['_config']['error']); } diff --git a/pages/wot/6.php b/pages/wot/6.php index 39605f3..edecc20 100644 --- a/pages/wot/6.php +++ b/pages/wot/6.php @@ -17,10 +17,10 @@ */ ?> <? - if(!array_key_exists('notarise',$_SESSION['_config'])) +if(!array_key_exists('notarise',$_SESSION['_config'])) { - echo "Error: No user data found."; - exit; + echo "Error: No user data found."; + exit; } $row = $_SESSION['_config']['notarise']; @@ -28,12 +28,12 @@ $_SESSION['assuresomeone']['month'] = 0; $_SESSION['assuresomeone']['day'] = 0; - if($_SESSION['profile']['ttpadmin'] == 1) -// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP"); -// else - $methods = array("Face to Face Meeting", "Trusted 3rd Parties"); + if($_SESSION['profile']['ttpadmin'] == 2) + $methods = array('Face to Face Meeting', 'TTP-Assisted', 'TTP-TOPUP'); + elseif($_SESSION['profile']['ttpadmin'] == 1) + $methods = array('Face to Face Meeting', 'TTP-Assisted'); else - $methods = array("Face to Face Meeting"); + $methods = array('Face to Face Meeting'); $mnames = array( '01' => _('January'), @@ -85,4 +85,9 @@ AssureTextLine(_("Policy"),"<a href=\"/policy/CAcertCommunityAgreement.html\" target=\"_blank\">"._("CAcert Community Agreement")."</a> - <a href=\"/policy/AssurancePolicy.html\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>"); AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")"); AssureFoot($id,_("I confirm this Assurance")); + + if($_SESSION['profile']['ttpadmin'] >= 1) { + ?><div class='blockcenter'><a href="wot.php?id=16"><?=_('Show TTP details')?></a></div><? + } + ?> diff --git a/pages/wot/8.php b/pages/wot/8.php index af67d0b..8b1e0e2 100644 --- a/pages/wot/8.php +++ b/pages/wot/8.php @@ -15,7 +15,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ ?> -<? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><font color="#ff0000">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?> +<? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><span class="error_fatal">ERROR: <?=$_SESSION['_config']['error']?></span><? unset($_SESSION['_config']['error']); } ?> <form method="post" action="wot.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> diff --git a/pages/wot/9.php b/pages/wot/9.php index 20f2c6d..ffdb26b 100644 --- a/pages/wot/9.php +++ b/pages/wot/9.php @@ -27,15 +27,14 @@ $user = mysql_fetch_array($res); $userlang = L10n::normalise_translation($user['language']); - $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary` - where `to`='".intval($user['id'])."' and `deleted`=0 group by `to` HAVING SUM(`points`) > 0")); + $points = get_received_total_points(intval($user['id'])); if($points <= 0) { echo _("Sorry, I was unable to locate that user."); } else { $_SESSION['_config']['pagehash'] = md5(date("U")); ?> -<? if($_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?> +<? if($_SESSION['_config']['error'] != "") { ?><span class="error_fatal">ERROR: <?=$_SESSION['_config']['error']?></span><? unset($_SESSION['_config']['error']); } ?> <form method="post" action="wot.php"> <input type="hidden" name="userid" value="<?=intval($user['id'])?>"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> diff --git a/scripts/cron/refresh_stats.php b/scripts/cron/refresh_stats.php index 3b446ba..b9d1f8e 100755 --- a/scripts/cron/refresh_stats.php +++ b/scripts/cron/refresh_stats.php @@ -122,57 +122,37 @@ function getDataFromLive() { $stats['users_1to49'] = number_format(tc( "select count(*) as `count` from ( select 1 from `notary` - where `deleted` = 0 + where `deleted` = 0 AND `method` != 'Administrative Increase' AND `from` != `to` group by `to` - having sum(`points`) > 0 and sum(`points`) < 50 + having sum(`awarded`) > 0 and sum(`awarded`) < 50 ) as `low_points`")); $stats['users_50to99'] = number_format(tc( "select count(*) as `count` from ( select 1 from `notary` - where `deleted` = 0 + where `deleted` = 0 AND `method` != 'Administrative Increase' AND `from` != `to` group by `to` - having sum(`points`) >= 50 and sum(`points`) < 100 + having sum(`awarded`) >= 50 and sum(`awarded`) < 100 ) as `high_points`")); - $stats['assurer_candidates'] = number_format(tc( - "select count(*) as `count` from `users` - where ( - select sum(`points`) from `notary` - where `to`=`users`.`id` - and `deleted` = 0 - ) >= 100 - and not exists( - select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` - where `cp`.`user_id`=`users`.`id` - and `cp`.`variant_id`=`cv`.`id` - and `cv`.`type_id`=1 - )" - )); - - $stats['aussurers_with_test'] = number_format(tc( - "select count(*) as `count` from `users` - where ( - select sum(`points`) from `notary` - where `to`=`users`.`id` - and `deleted` = 0 - ) >= 100 - and exists( - select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` - where `cp`.`user_id`=`users`.`id` - and `cp`.`variant_id`=`cv`.`id` - and `cv`.`type_id`=1 - )" - )); + $startdate = date("Y-m-d", mktime(0, 0, 0, 1, 1, 2002)); + $enddate = date("Y-m-d", mktime(0, 0, 0, 1, 1, date("Y") + 1)); + + $assurercount = assurer_count($startdate, $enddate, 1); + $stats['assurer_with_test'] = number_format($assurercount); + + $stats['assurer_candidates'] = number_format(assurer_count($startdate, $enddate,0) - $assurercount); $stats['points_issued'] = number_format(tc( "select sum(greatest(`points`, `awarded`)) as `count` from `notary` where `deleted` = 0 and `method` = 'Face to Face Meeting'")); - $totalusers=0; - $totassurers=0; - $totalcerts=0; + $totalcerts = 0; + $totalusers = 0; + $totalcandidates = 0; + $totalassurers = 0; + for($i = 0; $i < 12; $i++) { $first_ts = mktime(0, 0, 0, date("m") - $i, 1, date("Y")); $next_month_ts = mktime(0, 0, 0, date("m") - $i + 1, 1, date("Y")); @@ -188,14 +168,8 @@ function getDataFromLive() { and `deleted` = 0 and `locked` = 0"); - $totassurers += $assurers = tc( - "select count(*) as `count` from ( - select 1 from `notary` - where `when` >= '$first' and `when` < '$next_month' - and `method`!='Administrative Increase' - and `deleted` = 0 - group by `to` having sum(`points`) >= 100 - ) as `assurer_candidates`"); + $totalcandidates += $candidates = assurer_count($first, $next_month, 0); + $totalassurers += $assurers = assurer_count($first, $next_month, 1); $certs = tc( "select count(*) as `count` from `domaincerts` @@ -222,6 +196,7 @@ function getDataFromLive() { $tmp_arr = array(); $tmp_arr['date'] = date("Y-m", $first_ts); $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_candidates'] = number_format($candidates); $tmp_arr['new_assurers'] = number_format($assurers); $tmp_arr['new_certificates'] = number_format($certs); @@ -229,13 +204,16 @@ function getDataFromLive() { } $stats['growth_last_12m_total'] = array( 'new_users' => number_format($totalusers), - 'new_assurers' => number_format($totassurers), + 'new_candidates' => number_format($totalcandidates), + 'new_assurers' => number_format($totalassurers), 'new_certificates' => number_format($totalcerts), ); $totalcerts = 0; $totalusers = 0; - $totassurers = 0; + $totalcandidates = 0; + $totalassurers = 0; + for($i = date("Y"); $i >= 2002; $i--) { $first_ts = mktime(0, 0, 0, 1, 1, $i); $next_year_ts = mktime(0, 0, 0, 1, 1, $i + 1); @@ -251,14 +229,8 @@ function getDataFromLive() { and `deleted` = 0 and `locked` = 0"); - $totassurers += $assurers = tc( - "select count(*) as `count` from ( - select 1 from `notary` - where `when` >= '$first' and `when` < '$next_year' - and `method`!='Administrative Increase' - and `deleted` = 0 - group by `to` having sum(`points`) >= 100 - ) as `assurer_candidates`"); + $totalcandidates += $candidates = assurer_count($first, $next_year, 0); + $totalassurers += $assurers = assurer_count($first, $next_year, 1); $certs = tc( "select count(*) as `count` from `domaincerts` @@ -285,6 +257,7 @@ function getDataFromLive() { $tmp_arr = array(); $tmp_arr['date'] = $i; $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_candidates'] = number_format($candidates); $tmp_arr['new_assurers'] = number_format($assurers); $tmp_arr['new_certificates'] = number_format($certs); @@ -292,13 +265,81 @@ function getDataFromLive() { } $stats['growth_last_years_total'] = array( 'new_users' => number_format($totalusers), - 'new_assurers' => number_format($totassurers), + 'new_candidates' => number_format($totalcandidates), + 'new_assurers' => number_format($totalassurers), 'new_certificates' => number_format($totalcerts), ); return $stats; } +/** + * assurer_count() + * returns the number of new assurer in period given through from and to, type is defining the CATS type that is used as definition to be assurer + * @param mixed $from + * @param mixed $to + * @param integer $type + * @return + */ +function assurer_count($from, $to, $type = 1){ + if ($type == 0) { + $atype = ""; + $btype = ""; + } else { + $atype = " AND n.`to` in (SELECT c.user_id FROM cats_passed as c, cats_variant as v WHERE c.variant_id = v.id and v.type_id = $type and pass_date < @a) "; + $btype = " AND n.`to` in (SELECT c.user_id FROM cats_passed as c, cats_variant as v WHERE c.variant_id = v.id and v.type_id = $type and pass_date < @b) "; + } + + $query1 = "SET @a = '$from';"; + + $query2 = "SET @b = '$to';"; + + $query3 = "CREATE TEMPORARY TABLE a + SELECT n.`to`, sum(n.awarded) as `received_pts`, max(n.`when`) as `last_assurance` + FROM cacert.notary as n + WHERE 1 + AND n.`from` != n.`to` + AND (n.`deleted` = '0000-00-00 00:00:00') + AND n.`when` < @a + $atype + GROUP by n.`to` + HAVING 1 + AND `received_pts` >= 100 + ORDER by `last_assurance` DESC;"; + + $query4 = "CREATE TEMPORARY TABLE b + SELECT n.`to`, sum(n.awarded) as `received_pts`, max(n.`when`) as `last_assurance` + FROM cacert.notary as n + WHERE 1 + AND n.`from` != n.`to` + AND (n.`deleted` = '0000-00-00 00:00:00') + AND n.`when` < @b + $btype + GROUP by n.`to` + HAVING 1 + AND `received_pts` >= 100 + ORDER by `last_assurance` DESC;"; + + $query5 = "SELECT count(*) as `count` FROM b WHERE b.`to` NOT IN (SELECT a.`to` FROM a);"; + + $query6 = "DROP TEMPORARY TABLE a;"; + + $query7 = "DROP TEMPORARY TABLE b;"; + + + sql_query($query1); + sql_query($query2); + sql_query($query3); + sql_query($query4); + + $row = mysql_fetch_assoc(sql_query($query5)); + + sql_query($query6); + sql_query($query7); + + return(intval($row['count'])); +} + $stats = getDataFromLive(); if (! updateCache($stats) ) { diff --git a/scripts/cron/updatesort.php b/scripts/cron/updatesort.php index 051b179..4b2c29b 100755 --- a/scripts/cron/updatesort.php +++ b/scripts/cron/updatesort.php @@ -28,7 +28,7 @@ mysql_query("update `locations` set `acount`=0"); $query = "SELECT `users`.`locid` AS `locid`, count(*) AS `total` FROM `users` - WHERE users.assurer='1' AND `users`.`locid` != 0 and users.listme=1 + WHERE users.assurer='1' AND `users`.`locid` != 0 and users.listme=1 and `users`.`deleted` = 0 GROUP BY `users`.`locid`"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) @@ -41,7 +41,7 @@ mysql_query("update `regions` set `acount`=0"); $query = "SELECT `users`.`regid` AS `regid`, count(*) AS `total` FROM `users` - WHERE users.assurer='1' AND `users`.`regid` != 0 and users.listme=1 + WHERE users.assurer='1' AND `users`.`regid` != 0 and users.listme=1 and `users`.`deleted` = 0 GROUP BY `users`.`regid`"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) @@ -56,7 +56,7 @@ mysql_query("update `countries` set `acount`=0"); $query = "SELECT `users`.`ccid` AS `ccid`, count(*) AS `total` FROM `users` - WHERE users.assurer='1' AND `users`.`ccid` != 0 and users.listme=1 + WHERE users.assurer='1' AND `users`.`ccid` != 0 and users.listme=1 and `users`.`deleted` = 0 GROUP BY `users`.`ccid`"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) diff --git a/scripts/send_heartbleed.php b/scripts/send_heartbleed.php index 6bf0f5f..6bf0f5f 100644..100755 --- a/scripts/send_heartbleed.php +++ b/scripts/send_heartbleed.php diff --git a/stamp/.htaccess b/stamp/.htaccess deleted file mode 100644 index 3ad2abb..0000000 --- a/stamp/.htaccess +++ /dev/null @@ -1,5 +0,0 @@ -php_value auto_prepend_file /www/stamp/common.php -php_value output_buffering 1 -errordocument 404 /error404.php -errordocument 403 /error403.php -errordocument 401 /error401.php diff --git a/stamp/certdet.php b/stamp/certdet.php deleted file mode 100644 index a43d2a0..0000000 --- a/stamp/certdet.php +++ /dev/null @@ -1,86 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $org = $invalid = 0; - $tz = intval($_REQUEST['tz']); - $now = date("Y-m-d", gmmktime("U") + ($tz * 3600)); - - $arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2); - $arr = explode("/", $arr['1'], 2); - $ref = $arr['0']; - - $arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2); - $arr = explode("/", $arr['1'], 2); - $siteref = $arr['0']; - - if($siteref != "") - $siterefer = $_SERVER['HTTP_REFERER']; - else - $siterefer = $_REQUEST['refer']; - - if($ref == "" || ($ref != $siteref && $siteref != "")) - { - $invalid = 2; - } else { - if($_SESSION['_stamp']['ref'] == "") - $_SESSION['_stamp']['ref'] = $siterefer; - list($invalid, $info) = checkhostname($ref); - } -?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<head> -<title>CAcert.org Certificate Details!</title> -<link rel="stylesheet" href="style.css" type="text/css"> -</head> -<body> - <div id="pagecell1"> - <div id="pageName"><br> - <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org"> - <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2> -<? if($_SERVER['HTTPS']!="on") { ?> -<div id="googlead"><br><script type="text/javascript"><!-- -google_ad_client = "pub-0959373285729680"; -google_alternate_color = "ffffff"; -google_ad_width = 234; -google_ad_height = 60; -google_ad_format = "234x60_as"; -google_ad_type = "text"; -google_ad_channel = ""; -//--></script> -<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div> -<? } ?> - </div> - <div id="content"> - <div class="story"> - <h3>SSL Certificate Details for <?=$ref?></h3> -<? if($invalid == 0) { ?> - <p> - Status: Valid<br /> - Valid From: <?=$info['issued']?> GMT<br /> - Valid To: <?=$info['expire']?> GMT<br /> - Subject: <a href="#" title="<?=$info['subject']?>" onClick="return false;"><?=substr($info['subject'],0,80)?></a><br /> - Organisation: <? if($info['org'] == 0) { ?>N/A<? } else { echo $info['O'].", ".$info['L']." ".$info['ST']." ".$info['C']; } ?><br /> - Verification: <? if($info['points'] >= 50) { echo "Person had been assured at time of issue with at least 50 points."; } - else if($info['org'] == 1) { ?>This organisation was assured at the time the certificate was issued.<? } ?></p> -<? } else { ?> - <p style="color:red">This site has potentially abused CAcert logos and Copyrights, please report it so we may further investigate.</p> -<? } ?> - <p><a href="report.php">Problem with this site? Please report it</a></p> - </div> - </div> -</body> -</html> diff --git a/stamp/common.php b/stamp/common.php deleted file mode 100644 index d99a23a..0000000 --- a/stamp/common.php +++ /dev/null @@ -1,151 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - - include_once("/www/includes/general.php"); - - function clean($key) - { - return(mysql_real_escape_string(strip_tags(trim($_REQUEST[$key])))); - } - - function checkhostname($ref) - { - $ref = trim($ref); - if($ref[count($ref)-1] == "." || $ref[count($ref)-1] == ":") - $ref = substr($ref, 0, -1); - - $stampid = 0; - $query = "select * from `stampcache` where `hostname`='$ref'"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - $row = mysql_fetch_assoc($res); - if($row['cacheexpire'] >= date("U")) - return(array($row['valid'], $row)); - else { - if($row['certid'] > 0) - { - if($row['org'] == 0) - $query = "select * from `domaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0"; - else - $query = "select * from `orgdomaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0"; - if($_REQUEST['debug'] == 1) - echo $query."<br>\n"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - $query = "update `stampcache` set `cacheexpire`='".(date("U")+600)."' where `id`='$row[id]'"; - if($_REQUEST['debug'] == 1) - echo $query."<br>\n"; - mysql_query($query); - return(array($row['valid'], $row)); - } - } - $stampid = $row['id']; - } - } - - $query = "select *,`domaincerts`.`id` as `certid`,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and - `domaincerts`.`revoked`=0 and `domaincerts`.`expire` > NOW() and - (`domaincerts`.`subject` like '%=DNS:$ref/%' OR `domaincerts`.`subject` like '%=$ref/%' OR - `domaincerts`.`subject` like '%=DNS:$ref' OR `domaincerts`.`subject` like '%=$ref') - group by `domaincerts`.`id` order by `domaincerts`.`id`"; - if($_REQUEST['debug'] == 1) - echo $query."<br>\n"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $bits = explode(".", $ref); - for($i = 1; $i < count($bits); $i++) - { - if($ref2 != "") - $ref2 .= "."; - $ref2 .= $bits[$i]; - } - $query = "select *,`domaincerts`.`id` as `certid`,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts` - where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and - `domaincerts`.`revoked`=0 and `domaincerts`.`expire` > NOW() and - (`domaincerts`.`subject` like '%=DNS:$ref/%' or `domaincerts`.`subject` like '%=DNS:*.$ref2/%' OR - `domaincerts`.`subject` like '%=DNS:$ref' or `domaincerts`.`subject` like '%=DNS:*.$ref2' OR - `domaincerts`.`subject` like '%=$ref/%' or `domaincerts`.`subject` like '%=*.$ref2/%' OR - `domaincerts`.`subject` like '%=$ref' or `domaincerts`.`subject` like '%=*.$ref2') - group by `domaincerts`.`id` order by `domaincerts`.`id`"; - if($_REQUEST['debug'] == 1) - echo $query."<br>\n"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $query = "select *,`orgdomaincerts`.`id` as `certid`,`orgdomaincerts`.`created` as `issued` from `orgdomaincerts`,`orgdomlink`,`orgdomains` where - (`orgdomaincerts`.`subject` like '%=DNS:$ref/%' or `orgdomaincerts`.`subject` like '%=DNS:*.$ref2/%' OR - `orgdomaincerts`.`subject` like '%=DNS:$ref' or `orgdomaincerts`.`subject` like '%=DNS:*.$ref2' OR - `orgdomaincerts`.`subject` like '%=$ref/%' or `orgdomaincerts`.`subject` like '%=*.$ref2/%' OR - `orgdomaincerts`.`subject` like '%=$ref' or `orgdomaincerts`.`subject` like '%=*.$ref2') AND - `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomlink`.`orgdomid`=`orgdomains`.`id` and - `orgdomaincerts`.`revoked`=0 and `orgdomaincerts`.`expire` > NOW() - group by `orgdomaincerts`.`id` order by `orgdomaincerts`.`id`"; - if($_REQUEST['debug'] == 1) - echo $query."<br>\n"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - $invalid = 1; - } else { - $org = 1; - } - } - } - - if($invalid == 0) - { - $cert = mysql_fetch_assoc($res); - if($org == 0) - { - $query = "SELECT *, sum(`points`) AS `total` FROM `users`, `notary` WHERE `users`.`id` = '$cert[memid]' AND - `notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' and `notary`.`deleted`=0 GROUP BY `notary`.`to`"; - $user = mysql_fetch_assoc(mysql_query($query)); - } else { - $query = "select * from `orginfo` where `id`='$cert[orgid]'"; - $orgi = mysql_fetch_assoc(mysql_query($query)); - } - - if($stampid <= 0) - { - $query = "insert into `stampcache` set `certid`='$cert[certid]',`cacheexpire`='".(date("U")+600)."',`issued`='$cert[issued]', - `expire`='$cert[expire]',`subject`='$cert[subject]',`hostname`='$ref',`org`='$org',`points`='$user[total]', - `O`='$orgi[O]',`L`='$orgi[L]',`ST`='$orgi[ST]',`C`='$orgi[C]',`valid`='$invalid'"; - } else { - $query = "update `stampcache` set `certid`='$cert[certid]',`cacheexpire`='".(date("U")+600)."',`issued`='$cert[issued]', - `expire`='$cert[expire]',`subject`='$cert[subject]',`hostname`='$ref',`org`='$org',`points`='$user[total]', - `O`='$orgi[O]',`L`='$orgi[L]',`ST`='$orgi[ST]',`C`='$orgi[C]',`valid`='$invalid' where `id`='$stampid'"; - } - mysql_query($query); - } else if($stampid > 0) { - mysql_query("update `stampcache` set `cacheexpire`='".(date("U")+600)."' where `id`='$stampid'"); - } else { - $query = "insert into `stampcache` set `cacheexpire`='".(date("U")+600)."',`hostname`='$ref',`valid`='$invalid'"; - mysql_query($query); - } - - $arr = array("issued" => $cert['issued'], "expire" => $cert['expire'], "subject" => $cert['subject'], "hostname" => $ref, - "org" => $org, "points" => $user['total'], "O" => $orgi['O'], "L" => $orgi['L'], "ST" => $orgi['ST'], - "C" => $orgi['C']); - - return(array($invalid, $arr)); - } -?> diff --git a/stamp/displogo.php b/stamp/displogo.php deleted file mode 100644 index 9c1f534..0000000 --- a/stamp/displogo.php +++ /dev/null @@ -1,59 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $img = "/www/stamp/images/CAverify.png"; - $arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2); - $arr = explode("/", $arr['1'], 2); - $ref = $arr['0']; - - $arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2); - $arr = explode("/", $arr['1'], 2); - $siteref = $arr['0']; - - if($_REQUEST['debug'] != 1) - header('Content-type: image/png'); - $im = imagecreatefrompng($img); - - if($ref == "" || ($ref != $siteref && $siteref != "")) - { - $tc = imagecolorallocate ($im, 255, 0, 0); - imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc); - imagestring ($im, 2, 1, 45, "Click to Report", $tc); - imagepng($im); - exit; - } - - list($invalid, $info) = checkhostname($ref); - - if($invalid > 0) - { - $tc = imagecolorallocate ($im, 255, 0, 0); - imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc); - imagestring ($im, 2, 1, 45, "Click to Report", $tc); - imagepng($im); - exit; - } - - $tz = intval($_REQUEST['tz']); - $now = date("Y-m-d", gmmktime("U") + ($tz * 3600)); - - $tc = imagecolorallocate ($im, 0, 0, 0); - imagestring ($im, 4, 1, 27, "Valid Cert!", $tc); - imagestring ($im, 1, 7, 42, "Click to Verify", $tc); - imagestring ($im, 1, 20, 52, $now, $tc); - imagepng($im); -?> diff --git a/stamp/images/CAverify.png b/stamp/images/CAverify.png Binary files differdeleted file mode 100644 index ab5c1ea..0000000 --- a/stamp/images/CAverify.png +++ /dev/null diff --git a/stamp/index.php b/stamp/index.php deleted file mode 100644 index 81a88db..0000000 --- a/stamp/index.php +++ /dev/null @@ -1,75 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> - - -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<head> -<title>CAcert.org Site Stamp DISCONTINUED!</title> -<link rel="stylesheet" href="style.css" type="text/css"> -</head> -<body> - <div id="pagecell1"> - <div id="pageName"><br> - <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org"> - <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2> -<? if($_SERVER['HTTPS']!="on") { ?> -<div id="googlead"><br><script type="text/javascript"><!-- -google_ad_client = "pub-0959373285729680"; -google_alternate_color = "ffffff"; -google_ad_width = 234; -google_ad_height = 60; -google_ad_format = "234x60_as"; -google_ad_type = "text"; -google_ad_channel = ""; -//--></script> -<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div> -<? } ?> - </div> - <div id="content"> - <div class="story"> - <h3>CAcert.org Site Stamp DISCONTINUED!</h3> - - The CAcert Site Stamp service is currently being discontinued. Please remove the stamps from your website. - <!-- - <p>The CAcert Site Stamp Programme is a very useful tool for site owners everywhere, it allows you yet another option to prevent people - from stealing your content or making a fake site to pretend to be your site to carry out a phishing attack against your customers.</p> - <p>To add the CAcert logo to your site you need to register for a <a href="https://www.cacert.org">CAcert</a> server certificate, then add the - following line somewhere on your website:</p> - <p><script type="text/javascript"><br /> - <!- -<br /> - document.write('<');<br /> - document.write('script type="text/javascript" src="'+location.protocol+'//stamp.cacert.org/showlogo.php"><');<br /> - document.write('/script>');<br /> - // - -><br /> - </script></p> - < s c ript type="text/javascript"> - < ! -<? ?> - - document.write('<'); - document.write('script type="text/javascript" src="'+location.protocol+'//stamp.cacert.org/showlogo.php"><'); - document.write('/script>'); - //- -> - </script> - <br /><br /><br /><br /> - --> - </div> - - </div> - </div> -</body> -</html> diff --git a/stamp/old_showlogo.php.broken b/stamp/old_showlogo.php.broken deleted file mode 100644 index 7f9045c..0000000 --- a/stamp/old_showlogo.php.broken +++ /dev/null @@ -1,25 +0,0 @@ -try -{ - var URI = location.protocol+'//stamp.cacert.org'; - var URL = encodeURIComponent(URI); - var curDateTime = new Date(); - var tz = -(curDateTime.getTimezoneOffset()/60); - var rf = encodeURIComponent(parent==self ? window.document.referrer : top.document.referrer); - var ul = encodeURIComponent(navigator.appName=="Netscape" ? navigator.language : navigator.userLanguage); - if(typeof(screen)=="object") - { - var sr = encodeURIComponent(screen.width+","+screen.height); - var cd = encodeURIComponent(screen.colorDepth); - var jo = encodeURIComponent(navigator.javaEnabled()?"Yes":"No"); - } - - document.write("<script type='text/javascript'>function popup() { "); - document.write("window.open('"+URI+"/certdet.php?refer="+location.href+"&tz="+tz+"', 'CertInfo',"); - document.write("'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=600,height=400,left=200,top=100'); } </script>"); - document.write("<a href='#' onClick='popup(); return false;'>"); - document.write("<img src='"+URI+"/displogo.php?refer="+location.href+"&tz="+tz+"&rf="+rf+"&ul="+ul+"&sr="+sr+"&cd="+cd+"&jo="+jo+"&URL="+URL+"' border='0' /></a>"); -} -catch(e) -{ - document.write("<img src='http://stamp.cacert.org/javascript_is_broken.php'/>"); -} diff --git a/stamp/report.php b/stamp/report.php deleted file mode 100644 index 519aa3a..0000000 --- a/stamp/report.php +++ /dev/null @@ -1,121 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $arr = explode("//", mysql_real_escape_string(trim($_SESSION['_stamp']['ref'])), 2); - $arr = explode("/", $arr['1'], 2); - $ref = $arr['0']; - - $refer = mysql_real_escape_string(strip_tags(trim($_SESSION['_stamp']['ref']))); - $name = clean('name'); - $email = clean('email'); - $comment = clean('comment'); - $reason = clean('reason'); - $process = clean('process'); - - if($process != "" && ($_POST['pagehash'] != $_SESSION['_stamp']['pagehash'] || $_SESSION['_stamp']['pagehash'] == "")) - { - $errmsg = "Your report seemed to be posted is a suspicious manner, please try to re-submit it, or contact support for further help."; - $process = ""; - } - - if($process != "" && ($name == "" || $email == "" || $comment == "" || $reason == "")) - { - $errmsg = "You must supply your name, a valid email address and comment."; - $process = ""; - } - - if($process != "") - { - $checkemail = checkEmail($email); - if($checkemail != "OK") - { - $errmsg = $checkemail; - $process = ""; - } - } else { - $_SESSION['_stamp']['pagehash'] = $pagehash = md5(date("U").$ref); - } - - if($process != "") - { - $IP = mysql_real_escape_string(trim($_SERVER['REMOTE_ADDR'])); - $iplong = ip2long($IP); - mysql_query("insert into `abusereports` set `when`=NOW(), `IP`='$iplong', `url`='$refer', `name`='$name', `email`='$email', - `comment`='$comment', `reason`='$reason'"); - $id = mysql_insert_id(); - - $body = "New Abuse Report has been lodged via the the Stamp Interface:\n\n"; - $body .= "Reported ID: $id\n"; - $body .= "Reported IP: $IP\n"; - $body .= "From: $name <$email>\n"; - $body .= "URL: $refer\n"; - $body .= "Reason: $reason\n"; - $body .= "Comment: $comment\n"; - - sendmail("cacert-abuse@lists.cacert.org", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website"); - } - -?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<head> -<title>CAcert.org Abuse Report!</title> -<link rel="stylesheet" href="style.css" type="text/css"> -</head> -<body> - <div id="pagecell1"> - <div id="pageName"><br> - <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org"> - <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2> -<? if($_SERVER['HTTPS']!="on") { ?> -<div id="googlead"><br><script type="text/javascript"><!-- -google_ad_client = "pub-0959373285729680"; -google_alternate_color = "ffffff"; -google_ad_width = 234; -google_ad_height = 60; -google_ad_format = "234x60_as"; -google_ad_type = "text"; -google_ad_channel = ""; -//--></script> -<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div> -<? } ?> - </div> - <div id="content"> - <div class="story"> - <h3>Report abuse for <?=$ref?></h3> -<? if($process == "") { ?> -<? if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } else { ?><br /><? } ?> - <form method="post" action="report.php"> - <label for="refer">URL: </label><input type="text" name="refer" value="<?=$refer?>" readonly="1" /><br /> - <label for="name">Name: </label><input type="text" name="name" value="<?=$name?>" /><br /> - <label for="email">Email: </label><input type="text" name="email" value="<?=$email?>" /><br /> - <label for="reason">Reason: </label><select name="reason"> - <option value='invalid'<? if($reason == "invalid") { echo " selected"; } ?>>Invalid Domain</option> - <option value='phishing'<? if($reason == "phishing") { echo " selected"; } ?>>Phishing Site</option> - <option value='spam'<? if($reason == "spam") { echo " selected"; } ?>>Spam</option> - <option value='other'<? if($reason == "other") { echo " selected"; } ?>>Other</option> - </select><br /> - <label for="comment">Comment/Other: </label><input type="text" name="comment" value="<?=$comment?>" /><br /><br /> - <label for="sub"> </label><input type="submit" name="process" value="Report Site"><br /> - <input type="hidden" name="pagehash" value="<?=$pagehash?>"> - </form> -<? } else { ?> - <p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.</p> -<? } ?> - </div> - </div> -</body> -</html> diff --git a/stamp/showlogo.php b/stamp/showlogo.php deleted file mode 100644 index e69de29..0000000 --- a/stamp/showlogo.php +++ /dev/null diff --git a/stamp/style.css b/stamp/style.css deleted file mode 100644 index c00a4c7..0000000 --- a/stamp/style.css +++ /dev/null @@ -1,620 +0,0 @@ -/***********************************************/ -/* emx_nav_right.css */ -/* Use with template Halo_rightNav.html */ -/***********************************************/ - -/***********************************************/ -/* HTML tag styles */ -/***********************************************/ -body { - font-family: Arial,sans-serif; - color: #333333; - line-height: 1.166; - margin: 0px; - padding: 0px; - background: #cccccc; -/* url("/siteimages/bg_grad.jpg") fixed; */ -} - - -/******* hyperlink and anchor tag styles *******/ - -a:link, a:visited { - color: #005FA9; - text-decoration: none; -} - -a:hover { - text-decoration: underline; -} - -/************** header tag styles **************/ - -h1 { - font: bold 120% Arial,sans-serif; - color: #334d55; - margin: 0px; - padding: 0px; -} - -h2 { - font: bold 114% Arial,sans-serif; - color: #006699; - margin: 0px; - padding: 0px; -} - -h3 { - font: bold 100% Arial,sans-serif; - color: #334d55; - margin: 0px; - padding: 0px; - cursor: pointer; - /* cursor: hand; */ -} - -h4 { - font: bold 100% Arial,sans-serif; - color: #333333; - margin: 0px; - padding: 0px; -} - -h5 { - font: 100% Arial,sans-serif; - color: #334d55; - margin: 0px; - padding: 0px; -} - - -/*************** list tag styles ***************/ - -ul.menu { - list-style: none; - margin :0px 0px 0px 15px; - padding-left: 5px; - border-left: 1px dotted #000; -} - -ul.top { - list-style: none; - margin: 0px 0px 0px 15px; - padding-left: 5px; - border-left: 0px; -} - -ul { - list-style: none; - margin: 0px 0px 0px 15px; - padding-left: 5px; - border-left: 1px dotted #000; -} - -/***********************************************/ -/* Layout Divs */ -/***********************************************/ -#pagecell1 { - position:absolute; - top: 2%; - left: 2%; - right: 2%; - width: 96%; - background-color: #ffffff; -} - -#tl { - position:absolute; - top: -1px; - left: -1px; - margin: 0px; - padding: 0px; - z-index: 100; -} - -#tr { - position:absolute; - top: -1px; - right: -1px; - margin: 0px; - padding: 0px; - z-index: 100; -} - -#masthead{ - position: absolute; - top: 0px; - left: 2%; - right: 2%; - width:95.6%; - -} - -#pageNav{ - float: right; - width:178px; - padding: 0px; - background-color: #F5f7f7; - border-left: 1px solid #cccccc; - font: small Verdana,sans-serif; -} - -#content{ - padding: 0px 10px 0px 0px; - margin:0px 0px 0px 0px; -} - - -/***********************************************/ -/* Component Divs */ -/***********************************************/ -#siteName{ - margin: 0px; - padding: 16px 0px 8px 0px; - color: #ffffff; - font-weight: normal; -} - -/************** utility styles *****************/ - -#utility{ - font: 75% Verdana,sans-serif; - position: absolute; - top: 16px; - right: 0px; - color: #919999; -} - -#utility a{ - color: #ffffff; -} - -#utility a:hover{ - text-decoration: underline; -} - -/************** pageName styles ****************/ - -#pageName{ - padding: 0px 0px 14px 10px; - margin: 0px; - border-bottom:1px solid #ccd2d2; -} - -#pageName h2{ - font: bold 175% Arial,sans-serif; - color: #000000; - margin:0px; - padding: 0px; -} - -/************* globalNav styles ****************/ - -#globalNav{ -position: relative; -width: 100%; -min-width: 640px; -height: 32px; -color: #cccccc; -padding: 0px; -margin: 0px; -background-image: url("siteimages/glbnav_background.gif"); -} - -#globalNav img{ - margin-bottom: -4px; - -} - -#gnl { - position: absolute; - top: 0px; - left:0px; -} - -#gnr { - position: absolute; - top: 0px; - right:0px; -} - -#globalLink{ - position: absolute; - top: 6px; - height: 22px; - min-width: 640px; - padding: 0px; - margin: 0px; - left: 10px; - z-index: 100; -} - - -a.glink, a.glink:visited{ - font-size: small; - color: #000000; - font-weight: bold; - margin: 0px; - padding: 2px 5px 4px 5px; - border-right: 1px solid #8FB8BC; -} - -a.glink:hover{ - background-image: url("siteimages/glblnav_selected.gif"); - text-decoration: none; -} - -.skipLinks {display: none;} - -/************ subglobalNav styles **************/ - -.subglobalNav{ - position: absolute; - top: 84px; - left: 0px; - /*width: 100%;*/ - min-width: 640px; - height: 20px; - padding: 0px 0px 0px 10px; - visibility: hidden; - color: #ffffff; -} - -.subglobalNav a:link, .subglobalNav a:visited { - font-size: 80%; - color: #ffffff; -} - -.subglobalNav a:hover{ - color: #cccccc; -} - -/*************** search styles *****************/ -/* -#listshow { - z-order: 101; -} -*/ -#search{ - position: absolute; - top: 125px; - right: 0px; -} - -#search form { - position: absolute; - top: 125px; - right: 300px; -} -#search input { - font-size: 11px; -} - -#search1{ - position: absolute; - top: 85px; - right: 300px; -} - -#search2{ - position: absolute; - top: 100px; - right: 300px; -} - -#search3{ - position: absolute; - top: 85px; - right: 240px; -} - -#search4{ - position: absolute; - top: 100px; - right: 226px; -} - -#googlead{ - position: absolute; - top: 5px; - right: 5px; - z-index: 101; -} - -#search input{ - font-size: 70%; - margin: 0px 0px 0px 10px; - } - -#search a:link, #search a:visited { - font-size: 80%; - font-weight: bold; - -} - -#search a:hover{ - margin: 0px; -} - - -/************* breadCrumb styles ***************/ - -#breadCrumb{ - padding: 5px 0px 5px 10px; - font: small Verdana,sans-serif; - color: #AAAAAA; -} - -#breadCrumb a{ - color: #AAAAAA; -} - -#breadCrumb a:hover{ - color: #005FA9; - text-decoration: underline; -} - - -/************** feature styles *****************/ - -.feature{ - padding: 0px 0px 10px 10px; - font-size: 80%; - min-height: 200px; - height: 200px; -} -html>body .feature {height: auto;} - -.feature h3{ - font: bold 175% Arial,sans-serif; - color: #000000; - padding: 30px 0px 5px 0px; -} - -.feature img{ - float: left; - padding: 0px 10px 0px 0px; -} - - -/*************** story styles ******************/ - -.story { - padding: 10px 0px 0px 10px; - font-size: 80%; - min-height: 272px; -} - -.story h3{ - font: bold 125% Arial,sans-serif; - color: #000000; -} - -.story p { - padding: 0px 0px 10px 0px; -} - -.story a.capsule{ - font: bold 1em Arial,sans-serif; - color: #005FA9; - display:block; - padding-bottom: 5px; -} - -.story a.capsule:hover{ - text-decoration: underline; -} - -td.storyLeft{ - padding-right: 12px; -} - - -/************** siteInfo styles ****************/ - -#siteInfo{ - clear: both; - border-top: 1px solid #cccccc; - font-size: small; - color: #cccccc; - padding: 10px 10px 10px 10px; -} - -/************ sectionLinks styles **************/ - -#sectionLinks{ - margin: 0px; - padding: 0px; - -} - -#sectionLinks h3{ - padding: 10px 0px 2px 10px; - border-bottom: 1px solid #cccccc; -} - -#sectionLinks a:link, #sectionLinks a:visited { - display: block; - border-top: 1px solid #ffffff; - border-bottom: 1px solid #cccccc; - background-image: url("siteimages/bg_nav.jpg"); - font-weight: bold; - padding: 3px 0px 3px 10px; - color: #21536A; -} - -#sectionLinks a:hover{ - border-top: 1px solid #cccccc; - background-color: #DDEEFF; - background-image: none; - font-weight: bold; - text-decoration: none; -} - - -/************* relatedLinks styles **************/ - -.relatedLinks{ - margin: 0px; - padding: 0px 0px 10px 10px; - border-bottom: 1px solid #cccccc; -} - -.relatedLinks h3{ - padding: 10px 0px 2px 0px; -} - -.relatedLinks a{ - display: block; -} - - -/**************** advert styles *****************/ - -#advert{ - padding: 10px; -} - -#advert img{ - display: block; -} - -/********************* end **********************/ - -.DataTD input, .DataTD textarea { - FONT-SIZE: 92%; -} - -.DataTD select, .DataTD option { - FONT-SIZE: 92%; -} - -.DataTD { - background-color: #E2E2E2; - border-style: inset; - border-width: 1px; - FONT-SIZE: 8pt; - COLOR: #000000; - FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif; - - background: #ffffff; - padding: 1px 5px 1px 5px; - border: 1px #CFCFCF solid; - border-left: 1px #CFCFCF dotted; - border-right: 1px #CFCFCF dotted; -} - -.DataTDGrey { - background-color: #EFEDED; - border-style: inset; - border-width: 1px; - FONT-SIZE: 8pt; - COLOR: #000000; - FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif; - - padding: 1px 5px 1px 5px; - border: 1px #CFCFCF solid; - border-left: 1px #CFCFCF dotted; - border-right: 1px #CFCFCF dotted; -} - -.DataTDNotDotted { - background-color: #E2E2E2; - border-style: inset; - border-width: 1px; - FONT-SIZE: 8pt; - COLOR: #000000; - FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif; - - background: #ffffff; - padding: 1px 5px 1px 5px; - border: 1px #CFCFCF solid; - border-left: 1px #CFCFCF solid; - border-right: 1px #CFCFCF solid; -} - -.wrapper { - border-collapse: collapse; - font-family: verdana, sans-serif; - font-size: 11px; - text-align: center; -} - -td.greytxt { - color: #CCCCCC; - font-size: smaller; - text-align: right; - vertical-align: bottom; -} - -.title { - background: #E2E2E2; - font-weight:BOLD; - padding: 1px 5px 1px 5px; - border: 1px solid #CFCFCF; - border-bottom: 3px double #CFCFCF; - border-top: 1px solid #656565; - text-align: center; -} - -.errmsg { - font-weight: BOLD; - color: #FF0000; -} - -.ac_menu -{ - border:1px solid black -} -.ac_normal -{ - background-color:#ffffff; - cursor:pointer; -} -.ac_highlight -{ - background-color:#3366cc; - color:white; - cursor:pointer; -} -.ac_normal .a -{ - font-size:13px; - color:black; -} -.ac_highlight .a -{ - font-size:13px; -} -.ac_normal .d -{ - float:right; - font-size:10px; - color:green; -} -.ac_highlight .d -{ - float:right; - font-size:10px; -} - -br { - clear: left; -} - -label { - font-size: 90%; -} - -label,input,select { - display: block; - width: 250px; - float: left; - margin-bottom: 10px; -} - -label { - text-align: right; - width: 75px; - padding-right: 20px; -} diff --git a/tverify/.htaccess b/tverify/.htaccess deleted file mode 100644 index bb5fe0e..0000000 --- a/tverify/.htaccess +++ /dev/null @@ -1,5 +0,0 @@ -php_value auto_prepend_file /www/includes/general.php -php_value output_buffering 1 -errordocument 404 /error404.php -errordocument 403 /error403.php -errordocument 401 /error401.php diff --git a/tverify/favicon.ico b/tverify/favicon.ico Binary files differdeleted file mode 100644 index 3c9c9c2..0000000 --- a/tverify/favicon.ico +++ /dev/null diff --git a/tverify/index.php b/tverify/index.php deleted file mode 100644 index 8976341..0000000 --- a/tverify/index.php +++ /dev/null @@ -1,163 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? -// phpinfo(); exit; - include_once("../includes/general.php"); - loadem("tverify"); - - $id = intval($_GET['id']); - if(intval($_REQUEST['id']) > 0) - $id = intval($_REQUEST['id']); - - if($id == 1) - { - $nofile = 1; - $filename = ""; - $photoid = $_FILES['photoid']; - if($photoid['error'] == 0 && $_REQUEST["notaryURL"] != "") - { - $filename = $photoid['tmp_name']; - $do = trim(`file -b -i $filename`); - $type = strtolower($do); - switch($type) - { - case 'image/gif': $ext = "gif"; $nofile = 0; break; - case 'image/jpeg': $ext = "jpg"; $nofile = 0; break; - case 'image/jpg': $ext = "jpg"; $nofile = 0; break; - case 'image/png': $ext = "png"; $nofile = 0; break; - default: - $id = 0; - $_SESSION['_config']['errmsg'] = _("Only jpg, gif and png file types are acceptable, your browser sent a file of type: ").$type; - } - } - } - - if($id == 1) - { - $email = mysql_escape_string(trim($_REQUEST["email"])); - $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"]))); - $URL = mysql_escape_string(trim($_REQUEST["notaryURL"])); - $CN = mysql_escape_string($_SESSION['_config']['CN']); - $memid = intval($_SESSION['_config']['uid']); - $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'")); - $tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'")); - - if($URL != "" && $nofile == 0) - $max = 150; - else if($URL != "") - $max = 90; - else - $max = 50; - - if($URL != "") - if(!preg_match("/^https:\/\/www\.thawte\.com\/cgi\/personal\/wot\/directory\.exe\?(.*?&)?node=\d+(&.*)?$/",$URL)) - { - showheader(_("Thawte Points Transfer")); - echo _("You failed to enter a valid Thawte Notary URL."); - showfooter(); - exit; - } - - if($tmp['points'] >= $max) - { - showheader(_("Thawte Points Transfer")); - echo _("Your request would not gain you any more points and will not be taken any further."). - sprintf(_("You have %s points already and you would have been issued up to %s points."), $tmp['points'], $max); - showfooter(); - exit; - } - - } - - if($id == 1) - { - $query = "select * from `users`,`email` where `email`.`memid`='$memid' and `email`.`email`='$email' and `users`.`id`=`email`.`memid` and - (`password`=old_password('$password') or `password`=sha1('$password') or `password`=password('$password'))"; - if(mysql_num_rows(mysql_query($query)) <= 0) - { - $_SESSION['_config']['errmsg'] = _("I'm sorry, I couldn't match your login details (password) to your certificate to an account on this system."); - $id = 0; - } else { - $query = "insert into `tverify` set `memid`='$memid', `URL`='$URL', `CN`='$CN', `created`=NOW()"; - mysql_query($query); - $tverify = mysql_insert_id(); - if($nofile == 0) - { - $filename = $photoid['tmp_name']; - $newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext); - move_uploaded_file($filename, $newfile); - $query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'"; - mysql_query($query); - } - } - } - - if($id == 1) - { - $points = 0; - if($URL != "" && $newfile != "") - $points = 150 - intval($tmp['points']); - else if($URL != "") - $points = 90 - intval($tmp['points']); - else - $points = 50 - intval($tmp['points']); - - if($points < 0) - $points = 0; - } - - if($id == 1 && $max == 50) - { - if($points > 0) - { - mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points', - `method`='Thawte Points Transfer', `when`=NOW()"); - fix_assurer_flag($memid); - } - $totalpoints = intval($tmp['points']) + $points; - mysql_query("update `tverify` set `modified`=NOW() where `id`='$tverify'"); - - $body = _("Your request to have points transfered was sucessful. You were issued $points points as a result, and you now have $totalpoints in total")."\n\n"; - - $body .= _("Best regards")."\n"; - $body .= _("CAcert Support Team"); - sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); - } else if($id == 1) { - $body = "There is a new valid request for thawte points tranfer, details as follows:\n\n"; - $body .= "To vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n"; - $body .= "Or use the certificate login: https://secure.cacert.org/account.php?id=52&uid=$tverify\n\n"; - - $body .= "We know that by signing into https://tverify.cacert.org that\n"; - $body .= "1. they have possession of a cert issued from Thawte\n"; - $body .= "2. the person named in the cert has been verified by Thawte's Web of Trust\n"; - $body .= "3. at least 1 of the emails listed as valid in that cert belongs to a\n"; - $body .= "CAcert.org user\n\n"; - $body .= "It's up to us as voting members to verify the details that can't be\n"; - $body .= "programatically handled, that means checking the ID, and signing into\n"; - $body .= "the Thawte site and validating their name is listed as a notary.\n\n"; - - $body .= "Best regards"."\n"; - $body .= "CAcert Support Team"; - - sendmail("cacert-tverify@lists.cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); - } - - showheader(_("Thawte Points Transfer")); - includeit($id, "tverify"); - showfooter(); -?> diff --git a/tverify/index/0.php b/tverify/index/0.php deleted file mode 100644 index 2264bab..0000000 --- a/tverify/index/0.php +++ /dev/null @@ -1,149 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $continue = 1; - //Checking for Thawte Freemail members, who aren´t notaries - if($_SERVER['SSL_CLIENT_S_DN_CN'] == 'Thawte Freemail Member') - { - $continue = 0; - echo _("I wasn't able to locate your name on your certificate, as such you can't continue with this process."); - } - - //Extracting the Email address from the certificate that is presented, looking up the email in the database to find the user that has registered it. - if($continue == 1) - { - $addy = array(); - $emails = explode("/", trim($_SERVER['SSL_CLIENT_S_DN'])); - foreach($emails as $email) - { - $bits = explode("=", $email); - if($bits['0'] == "emailAddress") - { - $query = "select * from `email` where `email`='".$bits['1']."' and `deleted`=0 and hash=''"; - $account = mysql_query($query); - if(mysql_num_rows($account)) - $addy[] = $bits['1']; - } - } - } - - //Verifying that we found a record with that email address - if(count($addy) <= 0 && $continue == 1) - { - $continue = 0; - echo _("I wasn't able to match any email accounts on your certificate to any accounts in our database, as such I can't continue with this process."); - } - - //If we found one, we extract the member-id from the sql result of the query we did above, and fetch the name of that user - if($continue == 1) - { - $row = mysql_fetch_assoc($account); - $memid = $row['memid']; - - - //Fetching the name of the user we have in the database: - $query = "select `fname`, `mname`, `lname`, `suffix` from `users` where `id`='$memid' and `deleted`=0"; - $res = mysql_query($query); - $row = mysql_fetch_assoc($res); - - //Building the user´s name, and ignoring punctuation - $cacert_name=$row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix']; - $cacert_name=strtr($cacert_name,",.",""); - $cacert_name=trim(str_replace(" ", " ", $cacert_name)); - - //Generate a short name form without the middle name - $cacert_short_name=$row['fname']." ".$row['lname']." ".$row['suffix']; - $cacert_short_name=strtr($cacert_short_name,",.",""); - $cacert_short_name=trim(str_replace(" ", " ", $cacert_short_name)); - - - $tverifybits = explode(" ", trim($_SERVER['SSL_CLIENT_S_DN_G']), 2); - $firstname = trim($tverifybits['0']); - $givenname = trim($_SERVER['SSL_CLIENT_S_DN_G']); - $lastname = trim($_SERVER['SSL_CLIENT_S_DN_S']); - $tverify_name=strtr("$givenname $lastname",",.",""); - $tverify_short_name=strtr("$firstname $lastname",",.",""); - - if(($cacert_name != $tverify_name) and ($cacert_short_name == $tverify_name)) - { - $continue = 0; - printf(_("Your CAcert account contains a middle name (%s), but we cannot verify this middle name with the certificate."),$row['mname']); - - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name == $tverify_short_name)) - { - printf(_("Your certificate containes a middle name (%s) which isn´t listed in your CAcert account. In case you might want to get certificates with your middle name included in the future, you should add the middle name to your CAcert account before continueing.")); - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name) and ($cacert_short_name == $tverify_short_name)) - { - printf(_("There is a problem with your middle name. You could remove the middle name in your CAcert account, which should help to continue with the TVerify process, but then you can´t use it in your certificates.")); - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name)) - { - $continue = 0; - printf(_("The name and email address on your certificate (%s) could not be exactly matched to any stored in our database (%s), as such I'm not able to continue with this process."),$tverify_name,$cacert_name); - } - } - - if($_SERVER['SSL_CLIENT_VERIFY'] == "SUCCESS" && $continue == 1) - { - $_SESSION['_config']['uid'] = $memid; - $_SESSION['_config']['CN'] = trim($_SERVER['SSL_CLIENT_S_DN']); -?> -<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"> -<?=_("By just submitting your Thawte certificate you can be issued 50 points automatically to any matching account in the system that you operate.")?><br> -<?=_("To receive an additional 40 points you must also include a valid link to your notary listing on the Thawte website.")?><br> -<?=_("If you meet the above criteria you are also elligible to receive an additional 60 points by submitting a legible government issued copy of your photo ID. If details on your photo ID aren't legible you may be excluded from receiving these points.")?></p> -<? if($_SESSION['_config']['errmsg'] != "") { ?><p> </p><p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><? - echo $_SESSION['_config']['errmsg']."</p>"; - unset($_SESSION['_config']['errmsg']); -} ?> -<form method="post" action="index.php" enctype="multipart/form-data"> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="2" class="title"><?=_("Points Transfer and Verification")?></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Email Address")?>: </td> - <td class="DataTD" width="125"><input type="text" name="email" value="<?=$row['email']?>"></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Notary URL")?>: </td> - <td class="DataTD" width="125"><input type="text" name="notaryURL" value="<?=htmlentities($_POST['notaryURL'])?>"></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Photo ID")?>: </td> - <td class="DataTD" width="125"><input type="file" name="photoid"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Pass Phrase")?>: </td> - <td class="DataTD"><input type="password" name="pword"></td> - </tr> - <tr> - <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Submit Application for Points Transfer")?>"></td> - </tr> - -</table> -<input type="hidden" name="id" value="1"> -</form> -<? } else if($continue == 1) { - echo _("1I'm sorry, I couldn't verify your certificate"); - } -?> diff --git a/tverify/index/1.php b/tverify/index/1.php deleted file mode 100644 index ad9875a..0000000 --- a/tverify/index/1.php +++ /dev/null @@ -1 +0,0 @@ -<p><?=_("Your request is now queued for processing, you will be notified by an automated email when your request has been verified by the points transfer team.");?></p> diff --git a/www/.gitignore b/www/.gitignore new file mode 100644 index 0000000..faca589 --- /dev/null +++ b/www/.gitignore @@ -0,0 +1,5 @@ +# Ignore CRLs autogenerated by the CommModule +/class3-revoke.crl +/class3-revoke.crl.patch +/revoke.crl +/revoke.crl.patch @@ -17,7 +17,7 @@ */ header('Content-Type: text/html; charset=UTF-8'); - if($_REQUEST['i'] != "") + if(isset($_REQUEST['i']) && $_REQUEST['i'] != "") echo "<html><body><script language=\"JavaScript\"><!--\n"; $s = mysql_real_escape_string($_REQUEST['s']); @@ -27,15 +27,16 @@ $bits = explode(",", $s); - $loc = trim(mysql_real_escape_string($bits['0'])); - $reg = trim(mysql_real_escape_string($bits['1'])); - $ccname = trim(mysql_real_escape_string($bits['2'])); + $loc = trim(mysql_real_escape_string($bits[0])); + $reg = trim(mysql_real_escape_string(isset($bits[1])?$bits[1]:"")); + $ccname = trim(mysql_real_escape_string(isset($bits[2])?$bits[2]:"")); $query = "select `locations`.`id` as `locid`, `locations`.`name` as `locname`, `regions`.`name` as `regname`, `countries`.`name` as `ccname` from `locations`, `regions`, `countries` where `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and `locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id` order by `locations`.`acount` DESC, `locations`.`name` ASC limit 10"; $res = mysql_query($query); + $rc = 0; while($row = mysql_fetch_assoc($res)) { $rc++; @@ -45,7 +46,7 @@ } echo ");"; - if($_REQUEST['i'] != "") + if(isset($_REQUEST['i']) && $_REQUEST['i'] != "") echo "\n\n// -->\n</script></body></html>"; exit; diff --git a/www/account.php b/www/account.php index c7f34a3..8dbf7a5 100644 --- a/www/account.php +++ b/www/account.php @@ -1,6 +1,6 @@ <? /* LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. + Copyright (C) 2004-2015 CAcert Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -54,17 +54,6 @@ exit; } - } else if($id == 51 && $_GET['img'] == "show") { - $query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res)) - { - $row = mysql_fetch_assoc($res); - readfile($row['photoid']); - } else { - die("No such file."); - } - exit; } else if ($id == 37) { $protocol = $_SERVER['HTTPS'] ? 'https' : 'http'; $newUrl = $protocol . '://wiki.cacert.org/FAQ/AboutUs'; diff --git a/www/alert_hash_collision.php b/www/alert_hash_collision.php index bad60e8..f5eaa9c 100644 --- a/www/alert_hash_collision.php +++ b/www/alert_hash_collision.php @@ -14,13 +14,13 @@ if (!preg_match('/^(mem|org)-[0-9]+$/', @$_POST['usernym'])) if (preg_match('/^mem-[0-9]+$/', @$_POST['usernym'])) { - mysql_query("update emailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); - mysql_query("update domaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); + mysql_query("update emailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); + mysql_query("update domaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); } else { - mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); - mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); + mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); + mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';"); } //exec(REPORT_WEAK . ' ' . $_POST['usernym'] . ' ' . lower($_POST['pkhash'])); diff --git a/www/api/ccsr.php b/www/api/ccsr.php deleted file mode 100644 index 3bfe55a..0000000 --- a/www/api/ccsr.php +++ /dev/null @@ -1,109 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -require_once '../../includes/lib/check_weak_key.php'; - - $username = mysql_real_escape_string($_REQUEST['username']); - $password = mysql_real_escape_string($_REQUEST['password']); - - $query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))"; - $res = mysql_query($query); - if(mysql_num_rows($res) != 1) - die("403,That username couldn't be found\n"); - $user = mysql_fetch_assoc($res); - $memid = $user['id']; - $emails = array(); - foreach($_REQUEST['email'] as $email) - { - $email = mysql_real_escape_string(trim($email)); - $query = "select * from `email` where `memid`='".intval($memid)."' and `hash`='' and `deleted`=0 and `email`='$email'"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - $row = mysql_fetch_assoc($res); - $id = $row['id']; - $emails[$id] = $email; - } - } - if(count($emails) <= 0) - die("404,Wasn't able to match any emails sent against your account"); - $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `notary`.`deleted`=0 group by `to`"; - $row = mysql_fetch_assoc(mysql_query($query)); - $points = $row['points']; - - $name = "CAcert WoT User\n"; - $newname = mysql_real_escape_string(trim($_REQUEST['name'])); - if($points >= 50) - { - if($newname == $user['fname']." ".$user['lname'] || - $newname == $user['fname']." ".$user['mname']." ".$user['lname'] || - $newname == $user['fname']." ".$user['lname']." ".$user['suffix'] || - $newname == $user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']) - $name = $newname; - } - - $codesign = 0; - if($user['codesign'] == "1" && $_REQUEST['codesign'] == "1" && $points >= 100) - $codesign = 1; - - $CSR = trim($_REQUEST['optionalCSR']); - - if (($weakKey = checkWeakKeyCSR($CSR)) !== "") - { - die("403, $weakKey"); - } - - $incsr = tempnam("/tmp", "ccsrIn"); - $checkedcsr = tempnam("/tmp", "ccsrOut"); - $fp = fopen($incsr, "w"); - fputs($fp, $CSR); - fclose($fp); - $incsr_esc = escapeshellarg($incsr); - $checkedcsr_esc = escapeshellarg($checkedcsr); - $do = shell_exec("/usr/bin/openssl req -in $incsr_esc -out $checkedcsr_esc"); - @unlink($incsr); - if(filesize($checkedcsr) <= 0) - die("404,Invalid or missing CSR"); - - $csrsubject = "/CN=$name"; - foreach($emails as $id => $email) - $csrsubject .= "/emailAddress=".$email; - - $query = "insert into `emailcerts` set `CN`='".mysql_real_escape_string($user['email'])."', `keytype`='MS', - `memid`='".intval($user['id'])."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), - `subject`='".mysql_real_escape_string($csrsubject)."', `codesign`='".intval($codesign)."'"; - mysql_query($query); - $certid = mysql_insert_id(); - $CSRname = generatecertpath("csr","client",$certid); - rename($checkedcsr, $CSRname); - - mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$certid'"); - - foreach($emails as $emailid => $email) - mysql_query("insert into `emaillink` set `emailcertsid`='$certid', `emailid`='".intval($emailid)."'"); - - $do = shell_exec("../../scripts/runclient"); - sleep(10); // THIS IS BROKEN AND SHOULD BE FIXED - $query = "select * from `emailcerts` where `id`='$certid' and `crt_name` != ''"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - die("404,Your certificate request has failed. ID: ".intval($certid)); - $cert = mysql_fetch_assoc($res); - echo "200,Authentication Ok\n"; - readfile("../".$cert['crt_name']); -?> diff --git a/www/api/cemails.php b/www/api/cemails.php deleted file mode 100644 index f937069..0000000 --- a/www/api/cemails.php +++ /dev/null @@ -1,48 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $username = mysql_escape_string($_REQUEST['username']); - $password = mysql_escape_string($_REQUEST['password']); - - $query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))"; - $res = mysql_query($query); - if(mysql_num_rows($res) != 1) - die("403,That username couldn't be found\n"); - echo "200,Authentication Ok\n"; - $user = mysql_fetch_assoc($res); - $memid = $user['id']; - $query = "select sum(`points`) as `points` from `notary` where `to`='".intval($memid)."' and `notary`.`deleted`=0 group by `to`"; - $row = mysql_fetch_assoc(mysql_query($query)); - $points = $row['points']; - echo "CS=".intval($user['codesign'])."\n"; - echo "NAME=CAcert WoT User\n"; - if($points >= 50) - { - echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])."\n"; - if($user['mname'] != "") - echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])."\n"; - if($user['suffix'] != "") - echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n"; - if($user['mname'] != "" && $user['suffix'] != "") - echo "NAME=".sanitizeHTML($user['fname'])." ".sanitizeHTML($user['mname'])." ".sanitizeHTML($user['lname'])." ".sanitizeHTML($user['suffix'])."\n"; - } - $query = "select * from `email` where `memid`='".intval($memid)."' and `hash`='' and `deleted`=0"; - $res = mysql_query($query); - while($row = mysql_fetch_assoc($res)) { - echo "EMAIL=".sanitizeHTML($row['email'])."\n"; - } -?> diff --git a/www/api/edu.php b/www/api/edu.php index 27b7b1b..80a4e79 100644 --- a/www/api/edu.php +++ b/www/api/edu.php @@ -20,7 +20,7 @@ if ($ipadress=='72.36.220.19' && $_SERVER['HTTPS']=="on") { - $serial=mysql_escape_string($_REQUEST["serial"]); + $serial=mysql_real_escape_string($_REQUEST["serial"]); $root=intval($_REQUEST["root"]); $sql="select memid from emailcerts where serial='$serial' and rootcert='$root'"; diff --git a/www/cacert1-class3-revoke.crl b/www/cacert1-class3-revoke.crl new file mode 120000 index 0000000..3bcd255 --- /dev/null +++ b/www/cacert1-class3-revoke.crl @@ -0,0 +1 @@ +class3-revoke.crl
\ No newline at end of file diff --git a/www/cacert1-revoke.crl b/www/cacert1-revoke.crl new file mode 120000 index 0000000..e7b822f --- /dev/null +++ b/www/cacert1-revoke.crl @@ -0,0 +1 @@ +revoke.crl
\ No newline at end of file diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php index feb92d4..eefbb85 100644 --- a/www/cats/cats_import.php +++ b/www/cats/cats_import.php @@ -31,8 +31,10 @@ function sanitize_string($buffer) { } define ('UNDEFINED', 'nd'); -define ('ALLOWED_IP', '213.154.225.243'); -define ('ALLOWED_IP2', '172.16.2.27'); +// Specific for testserver: Accept Test-CATS-Server +define ('ALLOWED_IP', '192.109.159.27'); +//define ('ALLOWED_IP', '213.154.225.243'); +define ('ALLOWED_IP2', '192.109.159.28'); define ('CONFIG_FILEPATH', '/www/'); $remote_addr = (isset($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:UNDEFINED; diff --git a/www/certs/cacert.asc b/www/certs/cacert.asc index 120f516..e526392 100644 --- a/www/certs/cacert.asc +++ b/www/certs/cacert.asc @@ -1,30 +1,31 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.2.2 (GNU/Linux) +Version: GnuPG v1.4.9 (GNU/Linux) -mQGiBD8OdRwRBACEr0/NPA88qp8f6KyIMMveLQ1FOuLi0aDQDPybG7u1nrBoi3VI -tSRyfYcdExVxWQjTGd9qbShzXBw2DsxjA6YjiGzWKpVcqtj9uUDpSlylBaoadUzu -Sf3r3IkOHR2QJeC+9v2il30xy5XLMxDRbQYaSmf4uwTlIOUWNn118KpdawCgoNny -p4DR9EvRgCmY5z6IKHA2WscD/AhAKDVHCIAoZHzSB/puNOuVUSKRbIWNAqUAYosz -GRzYWb8O/3Ja4fNb3IMQ1gIsEcnUJFHnzID3pTjqWyiCId/NSX3fLuQxZHZE9n8P -PqlZIvqMrOfCT0RJQa0zTFcrgepnmnHLj7qmtXQZm+YkTvlihOZNtVA4JNzrxDrQ -egkqA/4hr0LezNJfkUhWnbW604p7AmmKK7Hi/ZixAfnxN0adgnV7oC3Q4VM8aB2i -gReSuifluHiaJmf/WsA3KH4bdyLRbagz6dOPkXY8bQKy9yRxQz9oYwudlluYoZXe -gSQI2Jle9U2ENefa9ouvVlsB0he1qzF6VzHXAXpLsANt5smDh7Q0Q0EgQ2VydCBT -aWduaW5nIEF1dGhvcml0eSAoUm9vdCBDQSkgPGdwZ0BjYWNlcnQub3JnPohfBBMR -AgAfBQI/DnUcBQk4ZAkABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRDSuw0BZdD9WEFX -AJ9C6WBcYfTYw1uvZ+N85TPGG5PMKQCcCM1tyULC5J6pfwevywS6cEwfagW5Ag0E -Pw51MBAIANUbl1u0j+mnVJk1fKbJ+Ul6SAYpNtordfgrgrmlnOhMCFcROrCzsaaI -1ehohxMbTnIj0RP0g/KotahAurqB98qzHIxXZMEJSzBE2OCNvlIXqUyT1jwhAUN6 -e71s084Lml84gD4cIr7+2YtwIu+6zrE+YdjfMT1NibM3vmiXaknrk4aADb02ZS5U -iDeRstUO5PG7qVg4umR0HZJ1Ck2U7Kdjaekzzlm0q/vYMZKTYX37NkZRUU0QFLsM -tACEaZnwKf9hMAWJwG1OFyJeLVH8xvzCkI4I+fpAvAQj6LVAh41SHl7EivH6SiTp -/+61idoz/CGqeLBxuex6Z+Y53U54FmcAAwUH/2chzBs1YWFX5LuLGEW3R3UW/wDb -RnYpsSR+pnMBVh18WS0nF08R/SXtb12RsqN5H+GtELOZng6IWL5hhgNaYvF1F4sW -Ezm2nyVmTsu7/DtHLmXtzz1oNLQ9pzJkoqP2pGtPYQKvmiuoNbt+l1prwjt5zn1D -slLn8w0+9/PP1YdKpuZ/189yQP6iYsLHxBxg/50MbSzoFwiT22aJCdF+OJ7zRwDy -GhjnfV7HVwdEDV5rvb7aRolRmZZF2UADSPu52BWT4PI0nVnewAgivyELqVU3Zc3P -aWqmH5BAh22MjbsbXrWZXK/WOfZCNlPVdfHxwFGxnlwsHgmyrkPAs3szJGiITAQY -EQIADAUCPw51MAUJOGQJAAAKCRDSuw0BZdD9WMw8AJwIVUzB2WQJGAbf/aXzCABn -QWdKwACdEWUSf69RZiJgp4oMfXMx0fDEh2I= -=OaPO +mQGiBE3TAtQRBACuFhUNT3BOIXflZx8ENFN2hf0KHDgReWMW5+hcx8M2C9mueAST +89x0QxtdWUbsrMFSr3UvDIKjoPFVzV+WT/dez5aADSrnR4OxYPfzcNIWPjm8su/9 +HrH6+ivaH+iOoBOuhYrHthun+1fsqLedhTMNqb+tt6OfzqIuyFkmpm+FqwCg5ECF +s53E7j6BJuKYLeWqFDqFOH0D/1pnXyBF78YurXcwwA7eSQWoc3f1g5lwyqOWwcLv +ynI/dcPV5BosEUcqEjaNEyBR0LFRZC7tnw2VLPzr65aLA6SrFqEJ2bEdWkO9vM5g +8InhmcqTz7Yg/QGnyGT0iNBMG8zg4Ajz20Ty6GE887HMao6qpYKXSbujMRWVjVLn +VjpgA/9i1gsBjpGwr5rJ67dyDLVkJ5XMEP2ivgAhzKQ/inyLk2N3Nbm0YKWgrZRE ++pEcZVsLn2jHqd5yu1zVr3Cm44HHaB/A4ew+hRio9vbhJy7cfanfZpAL8Rg8wZbQ +t4x6zvrs0fXXNuD1BiSucOK4qGZ2vWukggmhAlHu5x5hws5qtbRLQ0FjZXJ0IFRl +c3QgU2VydmVyIFNpZ25pbmcgQXV0aG9yaXR5IChmb3IgdGVzdGluZyBvbmx5ISEh +KSA8Z3BnQGNhY2VydC5vcmc+iGYEExECACYFAk3TAtQCGwMFCSWYBgAGCwkIBwMC +BBUCCAMEFgIDAQIeAQIXgAAKCRBL5zSBd/dRrLxrAJ9kaSLRAlcy9e57yuAAxoZy +weX20ACg44B1AA26G0OePf9o3YBdUTjPsES5Ag0ETdMC1BAIAI9UEZ2NKbJfVWc+ +CBb5kKhO6qazLDnRsRkMY5WE1PTBP09ieAaQ7cv424e6fKdZxSO5vUQ27tLmcQXo +ICoREsDuSyESvEPbyBOro5LIY+z52TihqEHLPUN7OxlbPLX81AIKOCgEIUtpcYoX +MiwXPVO50Swo3PCCQiOQ7ewvkd32ZbSPl50B+/59JiDsQsnx1o+Ls7WkALzQ6w7T +UxLIVYWuFd9Hg/VOXBH67e81p/O7SDy6pMkDQaA9F22rA5Vv5TBJ2BAKWYfYK47i +HxtUhw2/WBUzhcw2AGqCnCy9nrYELLAqljnlCdWLyvhuWyUAG87D/1/5qD0+9idh +jcFWH/MAAwUH/2R7AWSZzbomxTcO5Q7/WxzTDtgUEy7eRbjqFMAusiQlTYDdeHz8 +PfWok6mGhUapJaGnA05hy6aYBIzl4idmQgz39xD47O0qeDWve6YwrDuLYju6JIwv +YfNiNAOjrZcRW4PCYeJfIK0WHV3+3kkneOX4Mql9QNKWs5W2LReMnHyq6POWasuf +EgDu0TfqaJTeK3IXKrEJI8G4R4xdHXmZ16Is5T49w09mvMan+TTGczzjWn0aWD3D +DOlTKK7h+82MSNCTiCi7aNoEyMTfeadSsrbqiaqtF0P/fyBDpGWFj3/A4foAcgtx +KVt0UHf1Va1g8M+czG3pCOne6dyafZGAe7qITwQYEQIADwUCTdMC1AIbDAUJJZgG +AAAKCRBL5zSBd/dRrAC5AKDdxp26zp4Km3jItBdeMD/gv8qxMgCgmmH1kizLe5Rk +yYchS2oleEWXIqM= +=9tD2 -----END PGP PUBLIC KEY BLOCK----- diff --git a/www/certs/class3.crt b/www/certs/class3.crt index 087ca0e..1899afb 100644 --- a/www/certs/class3.crt +++ b/www/certs/class3.crt @@ -1,42 +1,43 @@ -----BEGIN CERTIFICATE----- -MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv -b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ -Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y -dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU -MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0 -Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a -iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1 -aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C -jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia -pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0 -FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt -XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL -oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6 -R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp -rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/ -LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA -BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow -gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV -BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG -A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS -c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH -AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr -BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB -MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y -Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj -ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5 -b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D -QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc -7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH -Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4 -D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3 -VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a -lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW -Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt -hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz -0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn -ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT -d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60 -4GGSt/M3mMS+lqO3ig== +MIIHgjCCBWqgAwIBAgICEBswDQYJKoZIhvcNAQELBQAwgYcxCzAJBgNVBAYTAkFV +MRgwFgYDVQQIEw9OZXcgU291dGggV2FsZXMxGjAYBgNVBAoTEUNBY2VydCBUZXN0 +c2VydmVyMSEwHwYDVQQLExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxHzAdBgNV +BAMTFkNBY2VydCBUZXN0c2VydmVyIFJvb3QwHhcNMTEwNTAxMTgyNTA5WhcNMjEw +NDI4MTgyNTA5WjBiMRkwFwYDVQQKExBDQWNlcnQgVGVzdHNldmVyMSEwHwYDVQQL +ExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxIjAgBgNVBAMTGUNBY2VydCBUZXN0 +c2VydmVyIENsYXNzIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI +576JQukwI58zuNidaS0HUYVCBmy4mpV7VhydDtW07hDu5lYGmbcuBW+SfjPCjMMR +QVEiNrWv3tLclBKah/ubOmgP1HenQxRfGiJkuPk7dwlM7qqPfRn/H1Pm1w1bj/e1 +yZkeNc0UzMPdRbD9InR3/hwHQ1hfLHKGbbYc6uTb+0UOgGAsMwb/WVb+8mSrgERZ +9pFhw8uK5+BFgJwSdsTsN68h5ZDL4VIf9Zq8z8jNGcXK0DSoZ0vT0y6EyVdXiXNS +PF/zAPTbBBQcBGmhKBlcTLwcPHLeHIEfwRGf72wqBYNNrT0J37yTci31x+xC0/iQ +wjPD4rRhYFxm/UW9sFtEJVtIf9o/oj2Mh2FGRa0DDk0oX+jewZEnTy+MUd0k4LFy +Md6Ucn4lJsb3uHnjZ8ayz5DEMDQ/3Mzjf6CjhOc4oXm5UXuE2gsZyno93fLtTXAc +4w0KzMcZ2diAp5Tdpq0w3pMJUAFoehFScBRK7Kb9xuXVPxoSvGCVPNXXUsEioIlf +T2StKvDVBPBTtWRnE0BLYTJaWQAnWp64QgWiVn+JmdGkIm4sHpB1FweN4msdkgic +6JAlYJRp71tSjuEnJwVtgqLqpUtLPTpJ64/0lDlazCJ5NaduTpAA+MSqXlHSA/Rb +Q1VSaKdRadqLYOUoqGFwHdldeyZpAwp0ibM62GmVrQIDAQABo4ICGjCCAhYwHQYD +VR0OBBYEFISE4B0WSV6xxeXnzy2oVnRL6JKUMIG0BgNVHSMEgawwgamAFIXXBQrW +j/IELV7ry/32aYsfTgb+oYGNpIGKMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMP +TmV3IFNvdXRoIFdhbGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8G +A1UECxMYaHR0cDovL2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQg +VGVzdHNlcnZlciBSb290ggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEE +UTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEF +BQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBGBgNVHSAEPzA9MDsG +BCsGAQUwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5DQWNlcnQub3JnL2luZGV4 +LnBocD9pZD0xMDA0BglghkgBhvhCAQgEJxYlaHR0cDovL3d3dy5DQWNlcnQub3Jn +L2luZGV4LnBocD9pZD0xMDBQBglghkgBhvhCAQ0EQxZBVG8gZ2V0IHlvdXIgb3du +IGNlcnRpZmljYXRlIGZvciBGUkVFLCBnbyB0byBodHRwOi8vd3d3LkNBY2VydC5v +cmcwDQYJKoZIhvcNAQELBQADggIBAFWedxYAhAD+hiOxIqMoynyAdMaBbmCg7zJc +Eq6pgbP7cHL+4zzIP4Zc/tPsmbL7il3cILb0+ETwmXRnC6c9E2xWke6jv9qzQ0Aj +QI7FQdD/0cJgKagMTn+aBgyiGG6U0zTKU7cK3Ae3zSjtdaibEJyQoQlLuEzZzDYO +LBXJXDEInhrZ+gqWRnWDOJwdr/19alqgF8nvxKQ136vV8Lqmsrzcs0O+6v53YeVj +9AYyeCLK2XPCyhGpia2t7uPIN1zolCgJLXQcJEg3dGRqsmAeuB7PylOz9xuxXjYR +Sq6fcOP31CxhSeHwTqTxzkuz/u+l4RBq/0LkMS/QBBmnjaqPy3TbEwner/xMWxyL +i9DPLPrXnJXrxczV5ScUt+0cMYWDY+A+pnxwd0s/TzfDIChidSTKSbY9kPcbxCVO +W+Pz6muoYWrPuj02rZDIN29rIQAe73vh3C++zvAB6SfbfTTMij97K86fc9Rs6amK +CwdhKWKFibL6z0FhxAvjpxo3Fugm4q9sDAzx3GHUJ1vzq3ZJAbY1CiPglUb9rAi+ +cpFkrnSP9paa/w5iYrSTOBduGdBp8kcrHXB9RuSLndL+J41xexIBb+tSTQ8H8pzk +iRTOfmYoGiizERHM1OUl9BPW/2+UZ9o4KUl7sPakniMkpm1dBKhvXj9rcA8+SUpp +Raog64+T -----END CERTIFICATE----- diff --git a/www/certs/class3.der b/www/certs/class3.der Binary files differindex 56f8c88..e13d2b9 100644 --- a/www/certs/class3.der +++ b/www/certs/class3.der diff --git a/www/certs/class3.txt b/www/certs/class3.txt index a77aa14..68533d8 100644 --- a/www/certs/class3.txt +++ b/www/certs/class3.txt @@ -1,59 +1,59 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 672138 (0xa418a) + Serial Number: 4123 (0x101b) Signature Algorithm: sha256WithRSAEncryption - Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Issuer: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Validity - Not Before: May 23 17:48:02 2011 GMT - Not After : May 20 17:48:02 2021 GMT - Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root + Not Before: May 1 18:25:09 2011 GMT + Not After : Apr 28 18:25:09 2021 GMT + Subject: O=CAcert Testsever, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Class 3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (4096 bit) Modulus (4096 bit): - 00:ab:49:35:11:48:7c:d2:26:7e:53:94:cf:43:a9: - dd:28:d7:42:2a:8b:f3:87:78:19:58:7c:0f:9e:da: - 89:7d:e1:fb:eb:72:90:0d:74:a1:96:64:ab:9f:a0: - 24:99:73:da:e2:55:76:c7:17:7b:f5:04:ac:46:b8: - c3:be:7f:64:8d:10:6c:24:f3:61:9c:c0:f2:90:fa: - 51:e6:f5:69:01:63:c3:0f:56:e2:4a:42:cf:e2:44: - 8c:25:28:a8:c5:79:09:7d:46:b9:8a:f3:e9:f3:34: - 29:08:45:e4:1c:9f:cb:94:04:1c:81:a8:14:b3:98: - 65:c4:43:ec:4e:82:8d:09:d1:bd:aa:5b:8d:92:d0: - ec:de:90:c5:7f:0a:c2:e3:eb:e6:31:5a:5e:74:3e: - 97:33:59:e8:c3:03:3d:60:33:bf:f7:d1:6f:47:c4: - cd:ee:62:83:52:6e:2e:08:9a:a4:d9:15:18:91:a6: - 85:92:47:b0:ae:48:eb:6d:b7:21:ec:85:1a:68:72: - 35:ab:ff:f0:10:5d:c0:f4:94:a7:6a:d5:3b:92:7e: - 4c:90:05:7e:93:c1:2c:8b:a4:8e:62:74:15:71:6e: - 0b:71:03:ea:af:15:38:9a:d4:d2:05:72:6f:8c:f9: - 2b:eb:5a:72:25:f9:39:46:e3:72:1b:3e:04:c3:64: - 27:22:10:2a:8a:4f:58:a7:03:ad:be:b4:2e:13:ed: - 5d:aa:48:d7:d5:7d:d4:2a:7b:5c:fa:46:04:50:e4: - cc:0e:42:5b:8c:ed:db:f2:cf:fc:96:93:e0:db:11: - 36:54:62:34:38:8f:0c:60:9b:3b:97:56:38:ad:f3: - d2:5b:8b:a0:5b:ea:4e:96:b8:7c:d7:d5:a0:86:70: - 40:d3:91:29:b7:a2:3c:ad:f5:8c:bb:cf:1a:92:8a: - e4:34:7b:c0:d8:6c:5f:e9:0a:c2:c3:a7:20:9a:5a: - df:2c:5d:52:5c:ba:47:d5:9b:ef:24:28:70:38:20: - 2f:d5:7f:29:c0:b2:41:03:68:92:cc:e0:9c:cc:97: - 4b:45:ef:3a:10:0a:ab:70:3a:98:95:70:ad:35:b1: - ea:85:2b:a4:1c:80:21:31:a9:ae:60:7a:80:26:48: - 00:b8:01:c0:93:63:55:22:91:3c:56:e7:af:db:3a: - 25:f3:8f:31:54:ea:26:8b:81:59:f9:a1:d1:53:11: - c5:7b:9d:03:f6:74:11:e0:6d:b1:2c:3f:2c:86:91: - 99:71:9a:a6:77:8b:34:60:d1:14:b4:2c:ac:9d:af: - 8c:10:d3:9f:c4:6a:f8:6f:13:fc:73:59:f7:66:42: - 74:1e:8a:e3:f8:dc:d2:6f:98:9c:cb:47:98:95:40: - 05:fb:e9 + 00:c8:e7:be:89:42:e9:30:23:9f:33:b8:d8:9d:69: + 2d:07:51:85:42:06:6c:b8:9a:95:7b:56:1c:9d:0e: + d5:b4:ee:10:ee:e6:56:06:99:b7:2e:05:6f:92:7e: + 33:c2:8c:c3:11:41:51:22:36:b5:af:de:d2:dc:94: + 12:9a:87:fb:9b:3a:68:0f:d4:77:a7:43:14:5f:1a: + 22:64:b8:f9:3b:77:09:4c:ee:aa:8f:7d:19:ff:1f: + 53:e6:d7:0d:5b:8f:f7:b5:c9:99:1e:35:cd:14:cc: + c3:dd:45:b0:fd:22:74:77:fe:1c:07:43:58:5f:2c: + 72:86:6d:b6:1c:ea:e4:db:fb:45:0e:80:60:2c:33: + 06:ff:59:56:fe:f2:64:ab:80:44:59:f6:91:61:c3: + cb:8a:e7:e0:45:80:9c:12:76:c4:ec:37:af:21:e5: + 90:cb:e1:52:1f:f5:9a:bc:cf:c8:cd:19:c5:ca:d0: + 34:a8:67:4b:d3:d3:2e:84:c9:57:57:89:73:52:3c: + 5f:f3:00:f4:db:04:14:1c:04:69:a1:28:19:5c:4c: + bc:1c:3c:72:de:1c:81:1f:c1:11:9f:ef:6c:2a:05: + 83:4d:ad:3d:09:df:bc:93:72:2d:f5:c7:ec:42:d3: + f8:90:c2:33:c3:e2:b4:61:60:5c:66:fd:45:bd:b0: + 5b:44:25:5b:48:7f:da:3f:a2:3d:8c:87:61:46:45: + ad:03:0e:4d:28:5f:e8:de:c1:91:27:4f:2f:8c:51: + dd:24:e0:b1:72:31:de:94:72:7e:25:26:c6:f7:b8: + 79:e3:67:c6:b2:cf:90:c4:30:34:3f:dc:cc:e3:7f: + a0:a3:84:e7:38:a1:79:b9:51:7b:84:da:0b:19:ca: + 7a:3d:dd:f2:ed:4d:70:1c:e3:0d:0a:cc:c7:19:d9: + d8:80:a7:94:dd:a6:ad:30:de:93:09:50:01:68:7a: + 11:52:70:14:4a:ec:a6:fd:c6:e5:d5:3f:1a:12:bc: + 60:95:3c:d5:d7:52:c1:22:a0:89:5f:4f:64:ad:2a: + f0:d5:04:f0:53:b5:64:67:13:40:4b:61:32:5a:59: + 00:27:5a:9e:b8:42:05:a2:56:7f:89:99:d1:a4:22: + 6e:2c:1e:90:75:17:07:8d:e2:6b:1d:92:08:9c:e8: + 90:25:60:94:69:ef:5b:52:8e:e1:27:27:05:6d:82: + a2:ea:a5:4b:4b:3d:3a:49:eb:8f:f4:94:39:5a:cc: + 22:79:35:a7:6e:4e:90:00:f8:c4:aa:5e:51:d2:03: + f4:5b:43:55:52:68:a7:51:69:da:8b:60:e5:28:a8: + 61:70:1d:d9:5d:7b:26:69:03:0a:74:89:b3:3a:d8: + 69:95:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 75:A8:71:60:4C:88:13:F0:78:D9:89:77:B5:6D:C5:89:DF:BC:B1:7A + 84:84:E0:1D:16:49:5E:B1:C5:E5:E7:CF:2D:A8:56:74:4B:E8:92:94 X509v3 Authority Key Identifier: - keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 - DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org + keyid:85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE + DirName:/C=AU/ST=New South Wales/O=CAcert Testserver/OU=http://cacert1.it-sls.de/CN=CAcert Testserver Root serial:00 X509v3 Basic Constraints: critical @@ -63,7 +63,7 @@ Certificate: CA Issuers - URI:http://www.CAcert.org/ca.crt X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.18506 + Policy: Security CPS: http://www.CAcert.org/index.php?id=10 Netscape CA Policy Url: @@ -71,74 +71,75 @@ Certificate: Netscape Comment: To get your own certificate for FREE, go to http://www.CAcert.org Signature Algorithm: sha256WithRSAEncryption - 29:28:85:ae:44:a9:b9:af:a4:79:13:f0:a8:a3:2b:97:60:f3: - 5c:ee:e3:2f:c1:f6:e2:66:a0:11:ae:36:37:3a:76:15:04:53: - ea:42:f5:f9:ea:c0:15:d8:a6:82:d9:e4:61:ae:72:0b:29:5c: - 90:43:e8:41:b2:e1:77:db:02:13:44:78:47:55:af:58:fc:cc: - 98:f6:45:b9:d1:20:f8:d8:21:07:fe:6d:aa:73:d4:b3:c6:07: - e9:09:85:cc:3b:f2:b6:be:2c:1c:25:d5:71:8c:39:b5:2e:ea: - be:18:81:ba:b0:93:b8:0f:e3:e6:d7:26:8c:31:5a:72:03:84: - 52:e6:a6:f5:33:22:45:0a:c8:0b:0d:8a:b8:36:6f:90:09:a1: - ab:bd:d7:d5:4e:2e:71:a2:d4:ae:fa:a7:54:2b:eb:35:8d:5a: - b7:54:88:2f:ee:74:9f:ed:48:16:ca:0d:48:d0:94:d3:ac:a4: - a2:f6:24:df:92:e3:bd:eb:43:40:91:6e:1c:18:8e:56:b4:82: - 12:f3:a9:93:9f:d4:bc:9c:ad:9c:75:ee:5a:97:1b:95:e7:74: - 2d:1c:0f:b0:2c:97:9f:fb:a9:33:39:7a:e7:03:3a:92:8e:22: - f6:8c:0d:e4:d9:7e:0d:76:18:f7:01:f9:ef:96:96:a2:55:73: - c0:3c:71:b4:1d:1a:56:43:b7:c3:0a:8d:72:fc:e2:10:09:0b: - 41:ce:8c:94:a0:f9:03:fd:71:73:4b:8a:57:33:e5:8e:74:7e: - 15:01:00:e6:cc:4a:1c:e7:7f:95:19:2d:c5:a5:0c:8b:bb:b5: - ed:85:b3:5c:d3:df:b8:b9:f2:ca:c7:0d:01:14:ac:70:58:c5: - 8c:8d:33:d4:9d:66:a3:1a:50:95:23:fc:48:e0:06:43:12:d9: - cd:a7:86:39:2f:36:72:a3:80:10:e4:e1:f3:d1:cb:5b:1a:c0: - e4:80:9a:7c:13:73:06:4f:db:a3:6b:24:0a:ba:b3:1c:bc:4a: - 78:bb:e5:e3:75:38:a5:48:a7:a2:1e:af:76:d4:5e:f7:38:86: - 56:5a:89:ce:d6:c3:a7:79:b2:52:a0:c6:f1:85:b4:25:8c:f2: - 3f:96:b3:10:d9:8d:6c:57:3b:9f:6f:86:3a:18:82:22:36:c8: - b0:91:38:db:2a:a1:93:aa:84:3f:f5:27:65:ae:73:d5:c8:d5: - d3:77:ea:4b:9d:c7:41:bb:c7:c0:e3:a0:3f:e4:7d:a4:8d:73: - e6:12:4b:df:a1:73:73:73:3a:80:e8:d5:cb:8e:2f:cb:ea:13: - a7:d6:41:8b:ac:fa:3c:89:d7:24:f5:4e:b4:e0:61:92:b7:f3: - 37:98:c4:be:96:a3:b7:8a + 55:9e:77:16:00:84:00:fe:86:23:b1:22:a3:28:ca:7c:80:74: + c6:81:6e:60:a0:ef:32:5c:12:ae:a9:81:b3:fb:70:72:fe:e3: + 3c:c8:3f:86:5c:fe:d3:ec:99:b2:fb:8a:5d:dc:20:b6:f4:f8: + 44:f0:99:74:67:0b:a7:3d:13:6c:56:91:ee:a3:bf:da:b3:43: + 40:23:40:8e:c5:41:d0:ff:d1:c2:60:29:a8:0c:4e:7f:9a:06: + 0c:a2:18:6e:94:d3:34:ca:53:b7:0a:dc:07:b7:cd:28:ed:75: + a8:9b:10:9c:90:a1:09:4b:b8:4c:d9:cc:36:0e:2c:15:c9:5c: + 31:08:9e:1a:d9:fa:0a:96:46:75:83:38:9c:1d:af:fd:7d:6a: + 5a:a0:17:c9:ef:c4:a4:35:df:ab:d5:f0:ba:a6:b2:bc:dc:b3: + 43:be:ea:fe:77:61:e5:63:f4:06:32:78:22:ca:d9:73:c2:ca: + 11:a9:89:ad:ad:ee:e3:c8:37:5c:e8:94:28:09:2d:74:1c:24: + 48:37:74:64:6a:b2:60:1e:b8:1e:cf:ca:53:b3:f7:1b:b1:5e: + 36:11:4a:ae:9f:70:e3:f7:d4:2c:61:49:e1:f0:4e:a4:f1:ce: + 4b:b3:fe:ef:a5:e1:10:6a:ff:42:e4:31:2f:d0:04:19:a7:8d: + aa:8f:cb:74:db:13:09:de:af:fc:4c:5b:1c:8b:8b:d0:cf:2c: + fa:d7:9c:95:eb:c5:cc:d5:e5:27:14:b7:ed:1c:31:85:83:63: + e0:3e:a6:7c:70:77:4b:3f:4f:37:c3:20:28:62:75:24:ca:49: + b6:3d:90:f7:1b:c4:25:4e:5b:e3:f3:ea:6b:a8:61:6a:cf:ba: + 3d:36:ad:90:c8:37:6f:6b:21:00:1e:ef:7b:e1:dc:2f:be:ce: + f0:01:e9:27:db:7d:34:cc:8a:3f:7b:2b:ce:9f:73:d4:6c:e9: + a9:8a:0b:07:61:29:62:85:89:b2:fa:cf:41:61:c4:0b:e3:a7: + 1a:37:16:e8:26:e2:af:6c:0c:0c:f1:dc:61:d4:27:5b:f3:ab: + 76:49:01:b6:35:0a:23:e0:95:46:fd:ac:08:be:72:91:64:ae: + 74:8f:f6:96:9a:ff:0e:62:62:b4:93:38:17:6e:19:d0:69:f2: + 47:2b:1d:70:7d:46:e4:8b:9d:d2:fe:27:8d:71:7b:12:01:6f: + eb:52:4d:0f:07:f2:9c:e4:89:14:ce:7e:66:28:1a:28:b3:11: + 11:cc:d4:e5:25:f4:13:d6:ff:6f:94:67:da:38:29:49:7b:b0: + f6:a4:9e:23:24:a6:6d:5d:04:a8:6f:5e:3f:6b:70:0f:3e:49: + 4a:69:45:aa:20:eb:8f:93 -----BEGIN CERTIFICATE----- -MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv -b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ -Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y -dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU -MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0 -Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a -iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1 -aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C -jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia -pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0 -FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt -XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL -oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6 -R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp -rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/ -LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA -BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow -gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV -BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG -A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS -c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH -AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr -BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB -MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y -Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj -ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5 -b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D -QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc -7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH -Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4 -D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3 -VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a -lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW -Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt -hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz -0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn -ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT -d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60 -4GGSt/M3mMS+lqO3ig== +MIIHgjCCBWqgAwIBAgICEBswDQYJKoZIhvcNAQELBQAwgYcxCzAJBgNVBAYTAkFV +MRgwFgYDVQQIEw9OZXcgU291dGggV2FsZXMxGjAYBgNVBAoTEUNBY2VydCBUZXN0 +c2VydmVyMSEwHwYDVQQLExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxHzAdBgNV +BAMTFkNBY2VydCBUZXN0c2VydmVyIFJvb3QwHhcNMTEwNTAxMTgyNTA5WhcNMjEw +NDI4MTgyNTA5WjBiMRkwFwYDVQQKExBDQWNlcnQgVGVzdHNldmVyMSEwHwYDVQQL +ExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxIjAgBgNVBAMTGUNBY2VydCBUZXN0 +c2VydmVyIENsYXNzIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI +576JQukwI58zuNidaS0HUYVCBmy4mpV7VhydDtW07hDu5lYGmbcuBW+SfjPCjMMR +QVEiNrWv3tLclBKah/ubOmgP1HenQxRfGiJkuPk7dwlM7qqPfRn/H1Pm1w1bj/e1 +yZkeNc0UzMPdRbD9InR3/hwHQ1hfLHKGbbYc6uTb+0UOgGAsMwb/WVb+8mSrgERZ +9pFhw8uK5+BFgJwSdsTsN68h5ZDL4VIf9Zq8z8jNGcXK0DSoZ0vT0y6EyVdXiXNS +PF/zAPTbBBQcBGmhKBlcTLwcPHLeHIEfwRGf72wqBYNNrT0J37yTci31x+xC0/iQ +wjPD4rRhYFxm/UW9sFtEJVtIf9o/oj2Mh2FGRa0DDk0oX+jewZEnTy+MUd0k4LFy +Md6Ucn4lJsb3uHnjZ8ayz5DEMDQ/3Mzjf6CjhOc4oXm5UXuE2gsZyno93fLtTXAc +4w0KzMcZ2diAp5Tdpq0w3pMJUAFoehFScBRK7Kb9xuXVPxoSvGCVPNXXUsEioIlf +T2StKvDVBPBTtWRnE0BLYTJaWQAnWp64QgWiVn+JmdGkIm4sHpB1FweN4msdkgic +6JAlYJRp71tSjuEnJwVtgqLqpUtLPTpJ64/0lDlazCJ5NaduTpAA+MSqXlHSA/Rb +Q1VSaKdRadqLYOUoqGFwHdldeyZpAwp0ibM62GmVrQIDAQABo4ICGjCCAhYwHQYD +VR0OBBYEFISE4B0WSV6xxeXnzy2oVnRL6JKUMIG0BgNVHSMEgawwgamAFIXXBQrW +j/IELV7ry/32aYsfTgb+oYGNpIGKMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMP +TmV3IFNvdXRoIFdhbGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8G +A1UECxMYaHR0cDovL2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQg +VGVzdHNlcnZlciBSb290ggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEE +UTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEF +BQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBGBgNVHSAEPzA9MDsG +BCsGAQUwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5DQWNlcnQub3JnL2luZGV4 +LnBocD9pZD0xMDA0BglghkgBhvhCAQgEJxYlaHR0cDovL3d3dy5DQWNlcnQub3Jn +L2luZGV4LnBocD9pZD0xMDBQBglghkgBhvhCAQ0EQxZBVG8gZ2V0IHlvdXIgb3du +IGNlcnRpZmljYXRlIGZvciBGUkVFLCBnbyB0byBodHRwOi8vd3d3LkNBY2VydC5v +cmcwDQYJKoZIhvcNAQELBQADggIBAFWedxYAhAD+hiOxIqMoynyAdMaBbmCg7zJc +Eq6pgbP7cHL+4zzIP4Zc/tPsmbL7il3cILb0+ETwmXRnC6c9E2xWke6jv9qzQ0Aj +QI7FQdD/0cJgKagMTn+aBgyiGG6U0zTKU7cK3Ae3zSjtdaibEJyQoQlLuEzZzDYO +LBXJXDEInhrZ+gqWRnWDOJwdr/19alqgF8nvxKQ136vV8Lqmsrzcs0O+6v53YeVj +9AYyeCLK2XPCyhGpia2t7uPIN1zolCgJLXQcJEg3dGRqsmAeuB7PylOz9xuxXjYR +Sq6fcOP31CxhSeHwTqTxzkuz/u+l4RBq/0LkMS/QBBmnjaqPy3TbEwner/xMWxyL +i9DPLPrXnJXrxczV5ScUt+0cMYWDY+A+pnxwd0s/TzfDIChidSTKSbY9kPcbxCVO +W+Pz6muoYWrPuj02rZDIN29rIQAe73vh3C++zvAB6SfbfTTMij97K86fc9Rs6amK +CwdhKWKFibL6z0FhxAvjpxo3Fugm4q9sDAzx3GHUJ1vzq3ZJAbY1CiPglUb9rAi+ +cpFkrnSP9paa/w5iYrSTOBduGdBp8kcrHXB9RuSLndL+J41xexIBb+tSTQ8H8pzk +iRTOfmYoGiizERHM1OUl9BPW/2+UZ9o4KUl7sPakniMkpm1dBKhvXj9rcA8+SUpp +Raog64+T -----END CERTIFICATE----- diff --git a/www/certs/root.crt b/www/certs/root.crt index e7dfc82..fa9d766 100644 --- a/www/certs/root.crt +++ b/www/certs/root.crt @@ -1,41 +1,43 @@ -----BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD +MIIHpzCCBY+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMCQVUx +GDAWBgNVBAgTD05ldyBTb3V0aCBXYWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3Rz +ZXJ2ZXIxITAfBgNVBAsTGGh0dHA6Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UE +AxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIgUm9vdDAeFw0xMTAzMjkyMDQ1MjBaFw0yMTAz +MjYyMDQ1MjBaMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMPTmV3IFNvdXRoIFdh +bGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8GA1UECxMYaHR0cDov +L2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQgVGVzdHNlcnZlciBS +b290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5fvQIrtzGpSbyWam +2kHfXMCXgRuTHSuQwbvkqdLAqtiI4ZQkF4jTy+7D6LVnDd3kw/hC1EAhcV79WuTn +PrrpjM1JdliOOOvb5sh9SQrdT4w1IO2JBmHrykcHCcvh7tLcm8iKA3iIIxO76SXZ +Pd7buDEQQrP8z6AXBgCRIdtS9uA5WxAmmbj2ToL8UaViijB062zVO9euOuMdN5Qk +pCVOj9tfzotJDHw3sNvP65G/C63ZJ0ysUhohncXe+e6UIPHVS+V54nBENz+4HY/d +zchFFHhnhuCSyhPfSz975IlnBSgMqhVPEYuFpAkDUSUpc8kXoe+cVVSjPBw0exUJ +X4OUjEUf3HgdPyaoeeAPbkQ2pd118vMHzTzAX7t/GzVxROkYSzFvuSljI7ivFx9Y +lPRsMW5L9TRIjxCPBLoqTNKgQQOfZiib+T4PY/ii+qU17lMZK9L9hnAMjW8L2dzx +Z6/qrhM58vKqt6Rd9bsUt109WWflKY39YenlGaCJU+0qgsUcbl2qHjgbkz8rvJJM +10BkVROvVvqnPjkSc8ZPD+1Si9pP0pztAl7vXsDM30jtL6Jv/DyTFKUljpb0tqA9 +22SyOxUu0kkKBYXY1HrqL6Ahvjeorv5aDzrUqAYTYB6Z82ykx0bG5FsAK4ShoTv1 +3ir9ejhln4JPGiyQTdMXgRaHX/kCAwEAAaOCAhowggIWMB0GA1UdDgQWBBSF1wUK +1o/yBC1e68v99mmLH04G/jCBtAYDVR0jBIGsMIGpgBSF1wUK1o/yBC1e68v99mmL +H04G/qGBjaSBijCBhzELMAkGA1UEBhMCQVUxGDAWBgNVBAgTD05ldyBTb3V0aCBX +YWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3RzZXJ2ZXIxITAfBgNVBAsTGGh0dHA6 +Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UEAxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIg +Um9vdIIBADAPBgNVHRMBAf8EBTADAQH/MF0GCCsGAQUFBwEBBFEwTzAjBggrBgEF +BQcwAYYXaHR0cDovL29jc3AuQ0FjZXJ0Lm9yZy8wKAYIKwYBBQUHMAKGHGh0dHA6 +Ly93d3cuQ0FjZXJ0Lm9yZy9jYS5jcnQwRgYDVR0gBD8wPTA7BgQrBgEFMDMwMQYI +KwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAw +NAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/ +aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0 +ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMA0GCSqGSIb3 +DQEBBQUAA4ICAQDQjXJDogH/NiU53JEUaw7jEF7qgp8vLjO2AXkwwpdKOWKS6lm9 +BQXiKs6HUdVYwsdST30kSvF1dD9Y9gCgFVyN662Tk2LwaPyKRq9cxlUXwqKEczfE +4yFPhYXS1giIGL8aSUx0lok6KWRXNgspgBIZ+0tFV+9GLNTP5y+ofU2ME1xw6+zM +tN/rgN2Xt6oVO24tJlKWVvodIgfq8QPscxZHwFqyHWh8hsL8q4mSDZZ0B7wHy51F +gliDzcq+WG8tk29WV++7uHRnN2rqJSoGc91IAHN2YmBW/mCeiqPH0Ms1x7Oo1DuZ +C5pc1GGyxGun252NxRM9jEz7UsWqHRCCyyA6Tyo2E6b3gdiatmohW1JIUTk+WONZ +41+Htgz+vhGFzTOnAWUQLapPllNeYjs/b1Ub8vpycx2O0FU3ZPtC+41GriPHQ2rJ +/ToQVI4ZAHUp7O6n4+r7Onhf5qylVeux+Qzy+IV2Db7rj0KXBoHjW3S0hIfIJE0x +1T5Ldj+YBFvCLvd6RrcNgoS/HaKAV/42AENy1V1eBBP6TJ8kmXWVbyRpzRFgZmmB +z6jLle2M0/kaPER2s5QFvxu+Y6mwrQ237im9oPHzY4kGv8eeF+AMUOmSC+M5jb3m ++IafDexcFnjchflKWV/RRHSj28kJ3ops1lgpkx4+TJo3M62Udepphw0ItA== -----END CERTIFICATE----- diff --git a/www/certs/root.der b/www/certs/root.der Binary files differindex 719b0ff..9166696 100644 --- a/www/certs/root.der +++ b/www/certs/root.der diff --git a/www/certs/root.txt b/www/certs/root.txt index 96bb2cd..26c1593 100644 --- a/www/certs/root.txt +++ b/www/certs/root.txt @@ -2,139 +2,144 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) - Signature Algorithm: md5WithRSAEncryption - Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Validity - Not Before: Mar 30 12:29:49 2003 GMT - Not After : Mar 29 12:29:49 2033 GMT - Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Not Before: Mar 29 20:45:20 2011 GMT + Not After : Mar 26 20:45:20 2021 GMT + Subject: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (4096 bit) Modulus (4096 bit): - 00:ce:22:c0:e2:46:7d:ec:36:28:07:50:96:f2:a0: - 33:40:8c:4b:f1:3b:66:3f:31:e5:6b:02:36:db:d6: - 7c:f6:f1:88:8f:4e:77:36:05:41:95:f9:09:f0:12: - cf:46:86:73:60:b7:6e:7e:e8:c0:58:64:ae:cd:b0: - ad:45:17:0c:63:fa:67:0a:e8:d6:d2:bf:3e:e7:98: - c4:f0:4c:fa:e0:03:bb:35:5d:6c:21:de:9e:20:d9: - ba:cd:66:32:37:72:fa:f7:08:f5:c7:cd:58:c9:8e: - e7:0e:5e:ea:3e:fe:1c:a1:14:0a:15:6c:86:84:5b: - 64:66:2a:7a:a9:4b:53:79:f5:88:a2:7b:ee:2f:0a: - 61:2b:8d:b2:7e:4d:56:a5:13:ec:ea:da:92:9e:ac: - 44:41:1e:58:60:65:05:66:f8:c0:44:bd:cb:94:f7: - 42:7e:0b:f7:65:68:98:51:05:f0:f3:05:91:04:1d: - 1b:17:82:ec:c8:57:bb:c3:6b:7a:88:f1:b0:72:cc: - 25:5b:20:91:ec:16:02:12:8f:32:e9:17:18:48:d0: - c7:05:2e:02:30:42:b8:25:9c:05:6b:3f:aa:3a:a7: - eb:53:48:f7:e8:d2:b6:07:98:dc:1b:c6:34:7f:7f: - c9:1c:82:7a:05:58:2b:08:5b:f3:38:a2:ab:17:5d: - 66:c9:98:d7:9e:10:8b:a2:d2:dd:74:9a:f7:71:0c: - 72:60:df:cd:6f:98:33:9d:96:34:76:3e:24:7a:92: - b0:0e:95:1e:6f:e6:a0:45:38:47:aa:d7:41:ed:4a: - b7:12:f6:d7:1b:83:8a:0f:2e:d8:09:b6:59:d7:aa: - 04:ff:d2:93:7d:68:2e:dd:8b:4b:ab:58:ba:2f:8d: - ea:95:a7:a0:c3:54:89:a5:fb:db:8b:51:22:9d:b2: - c3:be:11:be:2c:91:86:8b:96:78:ad:20:d3:8a:2f: - 1a:3f:c6:d0:51:65:87:21:b1:19:01:65:7f:45:1c: - 87:f5:7c:d0:41:4c:4f:29:98:21:fd:33:1f:75:0c: - 04:51:fa:19:77:db:d4:14:1c:ee:81:c3:1d:f5:98: - b7:69:06:91:22:dd:00:50:cc:81:31:ac:12:07:7b: - 38:da:68:5b:e6:2b:d4:7e:c9:5f:ad:e8:eb:72:4c: - f3:01:e5:4b:20:bf:9a:a6:57:ca:91:00:01:8b:a1: - 75:21:37:b5:63:0d:67:3e:46:4f:70:20:67:ce:c5: - d6:59:db:02:e0:f0:d2:cb:cd:ba:62:b7:90:41:e8: - dd:20:e4:29:bc:64:29:42:c8:22:dc:78:9a:ff:43: - ec:98:1b:09:51:4b:5a:5a:c2:71:f1:c4:cb:73:a9: - e5:a1:0b + 00:e5:fb:d0:22:bb:73:1a:94:9b:c9:66:a6:da:41: + df:5c:c0:97:81:1b:93:1d:2b:90:c1:bb:e4:a9:d2: + c0:aa:d8:88:e1:94:24:17:88:d3:cb:ee:c3:e8:b5: + 67:0d:dd:e4:c3:f8:42:d4:40:21:71:5e:fd:5a:e4: + e7:3e:ba:e9:8c:cd:49:76:58:8e:38:eb:db:e6:c8: + 7d:49:0a:dd:4f:8c:35:20:ed:89:06:61:eb:ca:47: + 07:09:cb:e1:ee:d2:dc:9b:c8:8a:03:78:88:23:13: + bb:e9:25:d9:3d:de:db:b8:31:10:42:b3:fc:cf:a0: + 17:06:00:91:21:db:52:f6:e0:39:5b:10:26:99:b8: + f6:4e:82:fc:51:a5:62:8a:30:74:eb:6c:d5:3b:d7: + ae:3a:e3:1d:37:94:24:a4:25:4e:8f:db:5f:ce:8b: + 49:0c:7c:37:b0:db:cf:eb:91:bf:0b:ad:d9:27:4c: + ac:52:1a:21:9d:c5:de:f9:ee:94:20:f1:d5:4b:e5: + 79:e2:70:44:37:3f:b8:1d:8f:dd:cd:c8:45:14:78: + 67:86:e0:92:ca:13:df:4b:3f:7b:e4:89:67:05:28: + 0c:aa:15:4f:11:8b:85:a4:09:03:51:25:29:73:c9: + 17:a1:ef:9c:55:54:a3:3c:1c:34:7b:15:09:5f:83: + 94:8c:45:1f:dc:78:1d:3f:26:a8:79:e0:0f:6e:44: + 36:a5:dd:75:f2:f3:07:cd:3c:c0:5f:bb:7f:1b:35: + 71:44:e9:18:4b:31:6f:b9:29:63:23:b8:af:17:1f: + 58:94:f4:6c:31:6e:4b:f5:34:48:8f:10:8f:04:ba: + 2a:4c:d2:a0:41:03:9f:66:28:9b:f9:3e:0f:63:f8: + a2:fa:a5:35:ee:53:19:2b:d2:fd:86:70:0c:8d:6f: + 0b:d9:dc:f1:67:af:ea:ae:13:39:f2:f2:aa:b7:a4: + 5d:f5:bb:14:b7:5d:3d:59:67:e5:29:8d:fd:61:e9: + e5:19:a0:89:53:ed:2a:82:c5:1c:6e:5d:aa:1e:38: + 1b:93:3f:2b:bc:92:4c:d7:40:64:55:13:af:56:fa: + a7:3e:39:12:73:c6:4f:0f:ed:52:8b:da:4f:d2:9c: + ed:02:5e:ef:5e:c0:cc:df:48:ed:2f:a2:6f:fc:3c: + 93:14:a5:25:8e:96:f4:b6:a0:3d:db:64:b2:3b:15: + 2e:d2:49:0a:05:85:d8:d4:7a:ea:2f:a0:21:be:37: + a8:ae:fe:5a:0f:3a:d4:a8:06:13:60:1e:99:f3:6c: + a4:c7:46:c6:e4:5b:00:2b:84:a1:a1:3b:f5:de:2a: + fd:7a:38:65:9f:82:4f:1a:2c:90:4d:d3:17:81:16: + 87:5f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 + 85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE X509v3 Authority Key Identifier: - keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 - DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org + keyid:85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE + DirName:/C=AU/ST=New South Wales/O=CAcert Testserver/OU=http://cacert1.it-sls.de/CN=CAcert Testserver Root serial:00 X509v3 Basic Constraints: critical CA:TRUE - X509v3 CRL Distribution Points: - URI:https://www.cacert.org/revoke.crl + Authority Information Access: + OCSP - URI:http://ocsp.CAcert.org/ + CA Issuers - URI:http://www.CAcert.org/ca.crt + + X509v3 Certificate Policies: + Policy: Security + CPS: http://www.CAcert.org/index.php?id=10 - Netscape CA Revocation Url: - https://www.cacert.org/revoke.crl Netscape CA Policy Url: - http://www.cacert.org/index.php?id=10 + http://www.CAcert.org/index.php?id=10 Netscape Comment: - To get your own certificate for FREE head over to http://www.cacert.org - Signature Algorithm: md5WithRSAEncryption - 28:c7:ee:9c:82:02:ba:5c:80:12:ca:35:0a:1d:81:6f:89:6a: - 99:cc:f2:68:0f:7f:a7:e1:8d:58:95:3e:bd:f2:06:c3:90:5a: - ac:b5:60:f6:99:43:01:a3:88:70:9c:9d:62:9d:a4:87:af:67: - 58:0d:30:36:3b:e6:ad:48:d3:cb:74:02:86:71:3e:e2:2b:03: - 68:f1:34:62:40:46:3b:53:ea:28:f4:ac:fb:66:95:53:8a:4d: - 5d:fd:3b:d9:60:d7:ca:79:69:3b:b1:65:92:a6:c6:81:82:5c: - 9c:cd:eb:4d:01:8a:a5:df:11:55:aa:15:ca:1f:37:c0:82:98: - 70:61:db:6a:7c:96:a3:8e:2e:54:3e:4f:21:a9:90:ef:dc:82: - bf:dc:e8:45:ad:4d:90:73:08:3c:94:65:b0:04:99:76:7f:e2: - bc:c2:6a:15:aa:97:04:37:24:d8:1e:94:4e:6d:0e:51:be:d6: - c4:8f:ca:96:6d:f7:43:df:e8:30:65:27:3b:7b:bb:43:43:63: - c4:43:f7:b2:ec:68:cc:e1:19:8e:22:fb:98:e1:7b:5a:3e:01: - 37:3b:8b:08:b0:a2:f3:95:4e:1a:cb:9b:cd:9a:b1:db:b2:70: - f0:2d:4a:db:d8:b0:e3:6f:45:48:33:12:ff:fe:3c:32:2a:54: - f7:c4:f7:8a:f0:88:23:c2:47:fe:64:7a:71:c0:d1:1e:a6:63: - b0:07:7e:a4:2f:d3:01:8f:dc:9f:2b:b6:c6:08:a9:0f:93:48: - 25:fc:12:fd:9f:42:dc:f3:c4:3e:f6:57:b0:d7:dd:69:d1:06: - 77:34:0a:4b:d2:ca:a0:ff:1c:c6:8c:c9:16:be:c4:cc:32:37: - 68:73:5f:08:fb:51:f7:49:53:36:05:0a:95:02:4c:f2:79:1a: - 10:f6:d8:3a:75:9c:f3:1d:f1:a2:0d:70:67:86:1b:b3:16:f5: - 2f:e5:a4:eb:79:86:f9:3d:0b:c2:73:0b:a5:99:ac:6f:fc:67: - b8:e5:2f:0b:a6:18:24:8d:7b:d1:48:35:29:18:40:ac:93:60: - e1:96:86:50:b4:7a:59:d8:8f:21:0b:9f:cf:82:91:c6:3b:bf: - 6b:dc:07:91:b9:97:56:23:aa:b6:6c:94:c6:48:06:3c:e4:ce: - 4e:aa:e4:f6:2f:09:dc:53:6f:2e:fc:74:eb:3a:63:99:c2:a6: - ac:89:bc:a7:b2:44:a0:0d:8a:10:e3:6c:f2:24:cb:fa:9b:9f: - 70:47:2e:de:14:8b:d4:b2:20:09:96:a2:64:f1:24:1c:dc:a1: - 35:9c:15:b2:d4:bc:55:2e:7d:06:f5:9c:0e:55:f4:5a:d6:93: - da:76:ad:25:73:4c:c5:43 + To get your own certificate for FREE, go to http://www.CAcert.org + Signature Algorithm: sha1WithRSAEncryption + d0:8d:72:43:a2:01:ff:36:25:39:dc:91:14:6b:0e:e3:10:5e: + ea:82:9f:2f:2e:33:b6:01:79:30:c2:97:4a:39:62:92:ea:59: + bd:05:05:e2:2a:ce:87:51:d5:58:c2:c7:52:4f:7d:24:4a:f1: + 75:74:3f:58:f6:00:a0:15:5c:8d:eb:ad:93:93:62:f0:68:fc: + 8a:46:af:5c:c6:55:17:c2:a2:84:73:37:c4:e3:21:4f:85:85: + d2:d6:08:88:18:bf:1a:49:4c:74:96:89:3a:29:64:57:36:0b: + 29:80:12:19:fb:4b:45:57:ef:46:2c:d4:cf:e7:2f:a8:7d:4d: + 8c:13:5c:70:eb:ec:cc:b4:df:eb:80:dd:97:b7:aa:15:3b:6e: + 2d:26:52:96:56:fa:1d:22:07:ea:f1:03:ec:73:16:47:c0:5a: + b2:1d:68:7c:86:c2:fc:ab:89:92:0d:96:74:07:bc:07:cb:9d: + 45:82:58:83:cd:ca:be:58:6f:2d:93:6f:56:57:ef:bb:b8:74: + 67:37:6a:ea:25:2a:06:73:dd:48:00:73:76:62:60:56:fe:60: + 9e:8a:a3:c7:d0:cb:35:c7:b3:a8:d4:3b:99:0b:9a:5c:d4:61: + b2:c4:6b:a7:db:9d:8d:c5:13:3d:8c:4c:fb:52:c5:aa:1d:10: + 82:cb:20:3a:4f:2a:36:13:a6:f7:81:d8:9a:b6:6a:21:5b:52: + 48:51:39:3e:58:e3:59:e3:5f:87:b6:0c:fe:be:11:85:cd:33: + a7:01:65:10:2d:aa:4f:96:53:5e:62:3b:3f:6f:55:1b:f2:fa: + 72:73:1d:8e:d0:55:37:64:fb:42:fb:8d:46:ae:23:c7:43:6a: + c9:fd:3a:10:54:8e:19:00:75:29:ec:ee:a7:e3:ea:fb:3a:78: + 5f:e6:ac:a5:55:eb:b1:f9:0c:f2:f8:85:76:0d:be:eb:8f:42: + 97:06:81:e3:5b:74:b4:84:87:c8:24:4d:31:d5:3e:4b:76:3f: + 98:04:5b:c2:2e:f7:7a:46:b7:0d:82:84:bf:1d:a2:80:57:fe: + 36:00:43:72:d5:5d:5e:04:13:fa:4c:9f:24:99:75:95:6f:24: + 69:cd:11:60:66:69:81:cf:a8:cb:95:ed:8c:d3:f9:1a:3c:44: + 76:b3:94:05:bf:1b:be:63:a9:b0:ad:0d:b7:ee:29:bd:a0:f1: + f3:63:89:06:bf:c7:9e:17:e0:0c:50:e9:92:0b:e3:39:8d:bd: + e6:f8:86:9f:0d:ec:5c:16:78:dc:85:f9:4a:59:5f:d1:44:74: + a3:db:c9:09:de:8a:6c:d6:58:29:93:1e:3e:4c:9a:37:33:ad: + 94:75:ea:69:87:0d:08:b4 -----BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD +MIIHpzCCBY+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMCQVUx +GDAWBgNVBAgTD05ldyBTb3V0aCBXYWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3Rz +ZXJ2ZXIxITAfBgNVBAsTGGh0dHA6Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UE +AxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIgUm9vdDAeFw0xMTAzMjkyMDQ1MjBaFw0yMTAz +MjYyMDQ1MjBaMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMPTmV3IFNvdXRoIFdh +bGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8GA1UECxMYaHR0cDov +L2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQgVGVzdHNlcnZlciBS +b290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5fvQIrtzGpSbyWam +2kHfXMCXgRuTHSuQwbvkqdLAqtiI4ZQkF4jTy+7D6LVnDd3kw/hC1EAhcV79WuTn +PrrpjM1JdliOOOvb5sh9SQrdT4w1IO2JBmHrykcHCcvh7tLcm8iKA3iIIxO76SXZ +Pd7buDEQQrP8z6AXBgCRIdtS9uA5WxAmmbj2ToL8UaViijB062zVO9euOuMdN5Qk +pCVOj9tfzotJDHw3sNvP65G/C63ZJ0ysUhohncXe+e6UIPHVS+V54nBENz+4HY/d +zchFFHhnhuCSyhPfSz975IlnBSgMqhVPEYuFpAkDUSUpc8kXoe+cVVSjPBw0exUJ +X4OUjEUf3HgdPyaoeeAPbkQ2pd118vMHzTzAX7t/GzVxROkYSzFvuSljI7ivFx9Y +lPRsMW5L9TRIjxCPBLoqTNKgQQOfZiib+T4PY/ii+qU17lMZK9L9hnAMjW8L2dzx +Z6/qrhM58vKqt6Rd9bsUt109WWflKY39YenlGaCJU+0qgsUcbl2qHjgbkz8rvJJM +10BkVROvVvqnPjkSc8ZPD+1Si9pP0pztAl7vXsDM30jtL6Jv/DyTFKUljpb0tqA9 +22SyOxUu0kkKBYXY1HrqL6Ahvjeorv5aDzrUqAYTYB6Z82ykx0bG5FsAK4ShoTv1 +3ir9ejhln4JPGiyQTdMXgRaHX/kCAwEAAaOCAhowggIWMB0GA1UdDgQWBBSF1wUK +1o/yBC1e68v99mmLH04G/jCBtAYDVR0jBIGsMIGpgBSF1wUK1o/yBC1e68v99mmL +H04G/qGBjaSBijCBhzELMAkGA1UEBhMCQVUxGDAWBgNVBAgTD05ldyBTb3V0aCBX +YWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3RzZXJ2ZXIxITAfBgNVBAsTGGh0dHA6 +Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UEAxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIg +Um9vdIIBADAPBgNVHRMBAf8EBTADAQH/MF0GCCsGAQUFBwEBBFEwTzAjBggrBgEF +BQcwAYYXaHR0cDovL29jc3AuQ0FjZXJ0Lm9yZy8wKAYIKwYBBQUHMAKGHGh0dHA6 +Ly93d3cuQ0FjZXJ0Lm9yZy9jYS5jcnQwRgYDVR0gBD8wPTA7BgQrBgEFMDMwMQYI +KwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAw +NAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/ +aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0 +ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMA0GCSqGSIb3 +DQEBBQUAA4ICAQDQjXJDogH/NiU53JEUaw7jEF7qgp8vLjO2AXkwwpdKOWKS6lm9 +BQXiKs6HUdVYwsdST30kSvF1dD9Y9gCgFVyN662Tk2LwaPyKRq9cxlUXwqKEczfE +4yFPhYXS1giIGL8aSUx0lok6KWRXNgspgBIZ+0tFV+9GLNTP5y+ofU2ME1xw6+zM +tN/rgN2Xt6oVO24tJlKWVvodIgfq8QPscxZHwFqyHWh8hsL8q4mSDZZ0B7wHy51F +gliDzcq+WG8tk29WV++7uHRnN2rqJSoGc91IAHN2YmBW/mCeiqPH0Ms1x7Oo1DuZ +C5pc1GGyxGun252NxRM9jEz7UsWqHRCCyyA6Tyo2E6b3gdiatmohW1JIUTk+WONZ +41+Htgz+vhGFzTOnAWUQLapPllNeYjs/b1Ub8vpycx2O0FU3ZPtC+41GriPHQ2rJ +/ToQVI4ZAHUp7O6n4+r7Onhf5qylVeux+Qzy+IV2Db7rj0KXBoHjW3S0hIfIJE0x +1T5Ldj+YBFvCLvd6RrcNgoS/HaKAV/42AENy1V1eBBP6TJ8kmXWVbyRpzRFgZmmB +z6jLle2M0/kaPER2s5QFvxu+Y6mwrQ237im9oPHzY4kGv8eeF+AMUOmSC+M5jb3m ++IafDexcFnjchflKWV/RRHSj28kJ3ops1lgpkx4+TJo3M62Udepphw0ItA== -----END CERTIFICATE----- diff --git a/www/disputes.php b/www/disputes.php index 96c7c75..0034b93 100644 --- a/www/disputes.php +++ b/www/disputes.php @@ -28,7 +28,7 @@ if($type == "reallyemail") { $emailid = intval($_SESSION['_config']['emailid']); - $hash = mysql_escape_string(trim($_SESSION['_config']['hash'])); + $hash = mysql_real_escape_string(trim($_SESSION['_config']['hash'])); $res = mysql_query("select * from `disputeemail` where `id`='$emailid' and `hash`='$hash'"); if(mysql_num_rows($res) <= 0) @@ -81,7 +81,7 @@ if($type == "email") { $emailid = intval($_REQUEST['emailid']); - $hash = trim(mysql_escape_string(stripslashes($_REQUEST['hash']))); + $hash = trim(mysql_real_escape_string(stripslashes($_REQUEST['hash']))); if($emailid <= 0 || $hash == "") { showheader(_("Email Dispute")); @@ -127,7 +127,7 @@ if($type == "reallydomain") { $domainid = intval($_SESSION['_config']['domainid']); - $hash = mysql_escape_string(trim($_SESSION['_config']['hash'])); + $hash = mysql_real_escape_string(trim($_SESSION['_config']['hash'])); $res = mysql_query("select * from `disputedomain` where `id`='$domainid' and `hash`='$hash'"); if(mysql_num_rows($res) <= 0) @@ -168,7 +168,7 @@ if($type == "domain") { $domainid = intval($_REQUEST['domainid']); - $hash = trim(mysql_escape_string(stripslashes($_REQUEST['hash']))); + $hash = trim(mysql_real_escape_string(stripslashes($_REQUEST['hash']))); if($domainid <= 0 || $hash == "") { showheader(_("Domain Dispute")); @@ -214,7 +214,7 @@ if($oldid == "1") { csrf_check('emaildispute'); - $email = trim(mysql_escape_string(stripslashes($_REQUEST['dispute']))); + $email = trim(mysql_real_escape_string(stripslashes($_REQUEST['dispute']))); if($email == "") { showheader(_("Email Dispute")); @@ -224,7 +224,7 @@ } //check if email belongs to locked account - $res = mysql_query("select 1 from `email`, `users` where `email`.`email`='$email' and `email`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1)"); + $res = mysql_query("select 1 from `email`, `users` where `email`.`email`='$email' and `email`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1) and `email`.`deleted` = 0"); if(mysql_num_rows($res) > 0) { showheader(_("Email Dispute")); @@ -307,7 +307,7 @@ if($oldid == "2") { csrf_check('domaindispute'); - $domain = trim(mysql_escape_string(stripslashes($_REQUEST['dispute']))); + $domain = trim(mysql_real_escape_string(stripslashes($_REQUEST['dispute']))); if($domain == "") { showheader(_("Domain Dispute")); @@ -317,7 +317,7 @@ } //check if domain belongs to locked account - $res = mysql_query("select 1 from `domains`, `users` where `domains`.`domain`='$domain' and `domains`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1)"); + $res = mysql_query("select 1 from `domains`, `users` where `domains`.`domain`='$domain' and `domains`.`memid`=`users`.`id` and (`users`.`assurer_blocked`=1 or `users`.`locked`=1) and `domains`.`deleted` = 0"); if(mysql_num_rows($res) > 0) { showheader(_("Domain Dispute")); @@ -389,7 +389,7 @@ $bits = explode(":", $line, 2); $line = trim($bits[1]); if(!in_array($line, $addy) && $line != "") - $addy[] = trim(mysql_escape_string(stripslashes($line))); + $addy[] = trim(mysql_real_escape_string(stripslashes($line))); } } else { if(is_array($adds)) @@ -406,7 +406,7 @@ $line = $bit; } if(!in_array($line, $addy) && $line != "") - $addy[] = trim(mysql_escape_string(stripslashes($line))); + $addy[] = trim(mysql_real_escape_string(stripslashes($line))); } } @@ -423,7 +423,7 @@ if($oldid == "5") { - $authaddy = trim(mysql_escape_string(stripslashes($_REQUEST['authaddy']))); + $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy']))); if(!in_array($authaddy, $_SESSION['_config']['addy']) || $authaddy == "") { @@ -446,7 +446,7 @@ $domainid = intval($_SESSION['_config']['domainid']); $memid = intval($_SESSION['_config']['memid']); $oldmemid = intval($_SESSION['_config']['oldmemid']); - $domain = mysql_escape_string($_SESSION['_config']['domain']); + $domain = mysql_real_escape_string($_SESSION['_config']['domain']); $hash = make_hash(); $query = "insert into `disputedomain` set `domain`='$domain',`memid`='".$_SESSION['profile']['id']."', diff --git a/www/gpg.php b/www/gpg.php index cb72475..f7dfde8 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -48,31 +48,421 @@ $keyid=""; -if(0) -{ - if($_SESSION["profile"]["id"] != 5897) - { - showheader(_("Welcome to CAcert.org")); - echo "The OpenPGP signing system is currently shutdown due to a maintenance. We hope to get it fixed within the next few hours. We are very sorry for the inconvenience."; +function normalizeName($name) { + // Based on http://stackoverflow.com/questions/11176752/converting-named-html-entities-to-numeric-html-entities + static $HTML401NamedToNumeric = array( + //HTML 4.01 standard + ' ' => ' ', # no-break space = non-breaking space, U+00A0 ISOnum + '¡' => '¡', # inverted exclamation mark, U+00A1 ISOnum + '¢' => '¢', # cent sign, U+00A2 ISOnum + '£' => '£', # pound sign, U+00A3 ISOnum + '¤' => '¤', # currency sign, U+00A4 ISOnum + '¥' => '¥', # yen sign = yuan sign, U+00A5 ISOnum + '¦' => '¦', # broken bar = broken vertical bar, U+00A6 ISOnum + '§' => '§', # section sign, U+00A7 ISOnum + '¨' => '¨', # diaeresis = spacing diaeresis, U+00A8 ISOdia + '©' => '©', # copyright sign, U+00A9 ISOnum + 'ª' => 'ª', # feminine ordinal indicator, U+00AA ISOnum + '«' => '«', # left-pointing double angle quotation mark = left pointing guillemet, U+00AB ISOnum + '¬' => '¬', # not sign, U+00AC ISOnum + '­' => '­', # soft hyphen = discretionary hyphen, U+00AD ISOnum + '®' => '®', # registered sign = registered trade mark sign, U+00AE ISOnum + '¯' => '¯', # macron = spacing macron = overline = APL overbar, U+00AF ISOdia + '°' => '°', # degree sign, U+00B0 ISOnum + '±' => '±', # plus-minus sign = plus-or-minus sign, U+00B1 ISOnum + '²' => '²', # superscript two = superscript digit two = squared, U+00B2 ISOnum + '³' => '³', # superscript three = superscript digit three = cubed, U+00B3 ISOnum + '´' => '´', # acute accent = spacing acute, U+00B4 ISOdia + 'µ' => 'µ', # micro sign, U+00B5 ISOnum + '¶' => '¶', # pilcrow sign = paragraph sign, U+00B6 ISOnum + '·' => '·', # middle dot = Georgian comma = Greek middle dot, U+00B7 ISOnum + '¸' => '¸', # cedilla = spacing cedilla, U+00B8 ISOdia + '¹' => '¹', # superscript one = superscript digit one, U+00B9 ISOnum + 'º' => 'º', # masculine ordinal indicator, U+00BA ISOnum + '»' => '»', # right-pointing double angle quotation mark = right pointing guillemet, U+00BB ISOnum + '¼' => '¼', # vulgar fraction one quarter = fraction one quarter, U+00BC ISOnum + '½' => '½', # vulgar fraction one half = fraction one half, U+00BD ISOnum + '¾' => '¾', # vulgar fraction three quarters = fraction three quarters, U+00BE ISOnum + '¿' => '¿', # inverted question mark = turned question mark, U+00BF ISOnum + 'À' => 'À', # latin capital letter A with grave = latin capital letter A grave, U+00C0 ISOlat1 + 'Á' => 'Á', # latin capital letter A with acute, U+00C1 ISOlat1 + 'Â' => 'Â', # latin capital letter A with circumflex, U+00C2 ISOlat1 + 'Ã' => 'Ã', # latin capital letter A with tilde, U+00C3 ISOlat1 + 'Ä' => 'Ä', # latin capital letter A with diaeresis, U+00C4 ISOlat1 + 'Å' => 'Å', # latin capital letter A with ring above = latin capital letter A ring, U+00C5 ISOlat1 + 'Æ' => 'Æ', # latin capital letter AE = latin capital ligature AE, U+00C6 ISOlat1 + 'Ç' => 'Ç', # latin capital letter C with cedilla, U+00C7 ISOlat1 + 'È' => 'È', # latin capital letter E with grave, U+00C8 ISOlat1 + 'É' => 'É', # latin capital letter E with acute, U+00C9 ISOlat1 + 'Ê' => 'Ê', # latin capital letter E with circumflex, U+00CA ISOlat1 + 'Ë' => 'Ë', # latin capital letter E with diaeresis, U+00CB ISOlat1 + 'Ì' => 'Ì', # latin capital letter I with grave, U+00CC ISOlat1 + 'Í' => 'Í', # latin capital letter I with acute, U+00CD ISOlat1 + 'Î' => 'Î', # latin capital letter I with circumflex, U+00CE ISOlat1 + 'Ï' => 'Ï', # latin capital letter I with diaeresis, U+00CF ISOlat1 + 'Ð' => 'Ð', # latin capital letter ETH, U+00D0 ISOlat1 + 'Ñ' => 'Ñ', # latin capital letter N with tilde, U+00D1 ISOlat1 + 'Ò' => 'Ò', # latin capital letter O with grave, U+00D2 ISOlat1 + 'Ó' => 'Ó', # latin capital letter O with acute, U+00D3 ISOlat1 + 'Ô' => 'Ô', # latin capital letter O with circumflex, U+00D4 ISOlat1 + 'Õ' => 'Õ', # latin capital letter O with tilde, U+00D5 ISOlat1 + 'Ö' => 'Ö', # latin capital letter O with diaeresis, U+00D6 ISOlat1 + '×' => '×', # multiplication sign, U+00D7 ISOnum + 'Ø' => 'Ø', # latin capital letter O with stroke = latin capital letter O slash, U+00D8 ISOlat1 + 'Ù' => 'Ù', # latin capital letter U with grave, U+00D9 ISOlat1 + 'Ú' => 'Ú', # latin capital letter U with acute, U+00DA ISOlat1 + 'Û' => 'Û', # latin capital letter U with circumflex, U+00DB ISOlat1 + 'Ü' => 'Ü', # latin capital letter U with diaeresis, U+00DC ISOlat1 + 'Ý' => 'Ý', # latin capital letter Y with acute, U+00DD ISOlat1 + 'Þ' => 'Þ', # latin capital letter THORN, U+00DE ISOlat1 + 'ß' => 'ß', # latin small letter sharp s = ess-zed, U+00DF ISOlat1 + 'à' => 'à', # latin small letter a with grave = latin small letter a grave, U+00E0 ISOlat1 + 'á' => 'á', # latin small letter a with acute, U+00E1 ISOlat1 + 'â' => 'â', # latin small letter a with circumflex, U+00E2 ISOlat1 + 'ã' => 'ã', # latin small letter a with tilde, U+00E3 ISOlat1 + 'ä' => 'ä', # latin small letter a with diaeresis, U+00E4 ISOlat1 + 'å' => 'å', # latin small letter a with ring above = latin small letter a ring, U+00E5 ISOlat1 + 'æ' => 'æ', # latin small letter ae = latin small ligature ae, U+00E6 ISOlat1 + 'ç' => 'ç', # latin small letter c with cedilla, U+00E7 ISOlat1 + 'è' => 'è', # latin small letter e with grave, U+00E8 ISOlat1 + 'é' => 'é', # latin small letter e with acute, U+00E9 ISOlat1 + 'ê' => 'ê', # latin small letter e with circumflex, U+00EA ISOlat1 + 'ë' => 'ë', # latin small letter e with diaeresis, U+00EB ISOlat1 + 'ì' => 'ì', # latin small letter i with grave, U+00EC ISOlat1 + 'í' => 'í', # latin small letter i with acute, U+00ED ISOlat1 + 'î' => 'î', # latin small letter i with circumflex, U+00EE ISOlat1 + 'ï' => 'ï', # latin small letter i with diaeresis, U+00EF ISOlat1 + 'ð' => 'ð', # latin small letter eth, U+00F0 ISOlat1 + 'ñ' => 'ñ', # latin small letter n with tilde, U+00F1 ISOlat1 + 'ò' => 'ò', # latin small letter o with grave, U+00F2 ISOlat1 + 'ó' => 'ó', # latin small letter o with acute, U+00F3 ISOlat1 + 'ô' => 'ô', # latin small letter o with circumflex, U+00F4 ISOlat1 + 'õ' => 'õ', # latin small letter o with tilde, U+00F5 ISOlat1 + 'ö' => 'ö', # latin small letter o with diaeresis, U+00F6 ISOlat1 + '÷' => '÷', # division sign, U+00F7 ISOnum + 'ø' => 'ø', # latin small letter o with stroke, = latin small letter o slash, U+00F8 ISOlat1 + 'ù' => 'ù', # latin small letter u with grave, U+00F9 ISOlat1 + 'ú' => 'ú', # latin small letter u with acute, U+00FA ISOlat1 + 'û' => 'û', # latin small letter u with circumflex, U+00FB ISOlat1 + 'ü' => 'ü', # latin small letter u with diaeresis, U+00FC ISOlat1 + 'ý' => 'ý', # latin small letter y with acute, U+00FD ISOlat1 + 'þ' => 'þ', # latin small letter thorn, U+00FE ISOlat1 + 'ÿ' => 'ÿ', # latin small letter y with diaeresis, U+00FF ISOlat1 + 'ƒ' => 'ƒ', # latin small f with hook = function = florin, U+0192 ISOtech + 'Α' => 'Α', # greek capital letter alpha, U+0391 + 'Β' => 'Β', # greek capital letter beta, U+0392 + 'Γ' => 'Γ', # greek capital letter gamma, U+0393 ISOgrk3 + 'Δ' => 'Δ', # greek capital letter delta, U+0394 ISOgrk3 + 'Ε' => 'Ε', # greek capital letter epsilon, U+0395 + 'Ζ' => 'Ζ', # greek capital letter zeta, U+0396 + 'Η' => 'Η', # greek capital letter eta, U+0397 + 'Θ' => 'Θ', # greek capital letter theta, U+0398 ISOgrk3 + 'Ι' => 'Ι', # greek capital letter iota, U+0399 + 'Κ' => 'Κ', # greek capital letter kappa, U+039A + 'Λ' => 'Λ', # greek capital letter lambda, U+039B ISOgrk3 + 'Μ' => 'Μ', # greek capital letter mu, U+039C + 'Ν' => 'Ν', # greek capital letter nu, U+039D + 'Ξ' => 'Ξ', # greek capital letter xi, U+039E ISOgrk3 + 'Ο' => 'Ο', # greek capital letter omicron, U+039F + 'Π' => 'Π', # greek capital letter pi, U+03A0 ISOgrk3 + 'Ρ' => 'Ρ', # greek capital letter rho, U+03A1 + 'Σ' => 'Σ', # greek capital letter sigma, U+03A3 ISOgrk3 + 'Τ' => 'Τ', # greek capital letter tau, U+03A4 + 'Υ' => 'Υ', # greek capital letter upsilon, U+03A5 ISOgrk3 + 'Φ' => 'Φ', # greek capital letter phi, U+03A6 ISOgrk3 + 'Χ' => 'Χ', # greek capital letter chi, U+03A7 + 'Ψ' => 'Ψ', # greek capital letter psi, U+03A8 ISOgrk3 + 'Ω' => 'Ω', # greek capital letter omega, U+03A9 ISOgrk3 + 'α' => 'α', # greek small letter alpha, U+03B1 ISOgrk3 + 'β' => 'β', # greek small letter beta, U+03B2 ISOgrk3 + 'γ' => 'γ', # greek small letter gamma, U+03B3 ISOgrk3 + 'δ' => 'δ', # greek small letter delta, U+03B4 ISOgrk3 + 'ε' => 'ε', # greek small letter epsilon, U+03B5 ISOgrk3 + 'ζ' => 'ζ', # greek small letter zeta, U+03B6 ISOgrk3 + 'η' => 'η', # greek small letter eta, U+03B7 ISOgrk3 + 'θ' => 'θ', # greek small letter theta, U+03B8 ISOgrk3 + 'ι' => 'ι', # greek small letter iota, U+03B9 ISOgrk3 + 'κ' => 'κ', # greek small letter kappa, U+03BA ISOgrk3 + 'λ' => 'λ', # greek small letter lambda, U+03BB ISOgrk3 + 'μ' => 'μ', # greek small letter mu, U+03BC ISOgrk3 + 'ν' => 'ν', # greek small letter nu, U+03BD ISOgrk3 + 'ξ' => 'ξ', # greek small letter xi, U+03BE ISOgrk3 + 'ο' => 'ο', # greek small letter omicron, U+03BF NEW + 'π' => 'π', # greek small letter pi, U+03C0 ISOgrk3 + 'ρ' => 'ρ', # greek small letter rho, U+03C1 ISOgrk3 + 'ς' => 'ς', # greek small letter final sigma, U+03C2 ISOgrk3 + 'σ' => 'σ', # greek small letter sigma, U+03C3 ISOgrk3 + 'τ' => 'τ', # greek small letter tau, U+03C4 ISOgrk3 + 'υ' => 'υ', # greek small letter upsilon, U+03C5 ISOgrk3 + 'φ' => 'φ', # greek small letter phi, U+03C6 ISOgrk3 + 'χ' => 'χ', # greek small letter chi, U+03C7 ISOgrk3 + 'ψ' => 'ψ', # greek small letter psi, U+03C8 ISOgrk3 + 'ω' => 'ω', # greek small letter omega, U+03C9 ISOgrk3 + 'ϑ' => 'ϑ', # greek small letter theta symbol, U+03D1 NEW + 'ϒ' => 'ϒ', # greek upsilon with hook symbol, U+03D2 NEW + 'ϖ' => 'ϖ', # greek pi symbol, U+03D6 ISOgrk3 + '•' => '•', # bullet = black small circle, U+2022 ISOpub + '…' => '…', # horizontal ellipsis = three dot leader, U+2026 ISOpub + '′' => '′', # prime = minutes = feet, U+2032 ISOtech + '″' => '″', # double prime = seconds = inches, U+2033 ISOtech + '‾' => '‾', # overline = spacing overscore, U+203E NEW + '⁄' => '⁄', # fraction slash, U+2044 NEW + '℘' => '℘', # script capital P = power set = Weierstrass p, U+2118 ISOamso + 'ℑ' => 'ℑ', # blackletter capital I = imaginary part, U+2111 ISOamso + 'ℜ' => 'ℜ', # blackletter capital R = real part symbol, U+211C ISOamso + '™' => '™', # trade mark sign, U+2122 ISOnum + 'ℵ' => 'ℵ', # alef symbol = first transfinite cardinal, U+2135 NEW + '←' => '←', # leftwards arrow, U+2190 ISOnum + '↑' => '↑', # upwards arrow, U+2191 ISOnum + '→' => '→', # rightwards arrow, U+2192 ISOnum + '↓' => '↓', # downwards arrow, U+2193 ISOnum + '↔' => '↔', # left right arrow, U+2194 ISOamsa + '↵' => '↵', # downwards arrow with corner leftwards = carriage return, U+21B5 NEW + '⇐' => '⇐', # leftwards double arrow, U+21D0 ISOtech + '⇑' => '⇑', # upwards double arrow, U+21D1 ISOamsa + '⇒' => '⇒', # rightwards double arrow, U+21D2 ISOtech + '⇓' => '⇓', # downwards double arrow, U+21D3 ISOamsa + '⇔' => '⇔', # left right double arrow, U+21D4 ISOamsa + '∀' => '∀', # for all, U+2200 ISOtech + '∂' => '∂', # partial differential, U+2202 ISOtech + '∃' => '∃', # there exists, U+2203 ISOtech + '∅' => '∅', # empty set = null set = diameter, U+2205 ISOamso + '∇' => '∇', # nabla = backward difference, U+2207 ISOtech + '∈' => '∈', # element of, U+2208 ISOtech + '∉' => '∉', # not an element of, U+2209 ISOtech + '∋' => '∋', # contains as member, U+220B ISOtech + '∏' => '∏', # n-ary product = product sign, U+220F ISOamsb + '∑' => '∑', # n-ary sumation, U+2211 ISOamsb + '−' => '−', # minus sign, U+2212 ISOtech + '∗' => '∗', # asterisk operator, U+2217 ISOtech + '√' => '√', # square root = radical sign, U+221A ISOtech + '∝' => '∝', # proportional to, U+221D ISOtech + '∞' => '∞', # infinity, U+221E ISOtech + '∠' => '∠', # angle, U+2220 ISOamso + '∧' => '∧', # logical and = wedge, U+2227 ISOtech + '∨' => '∨', # logical or = vee, U+2228 ISOtech + '∩' => '∩', # intersection = cap, U+2229 ISOtech + '∪' => '∪', # union = cup, U+222A ISOtech + '∫' => '∫', # integral, U+222B ISOtech + '∴' => '∴', # therefore, U+2234 ISOtech + '∼' => '∼', # tilde operator = varies with = similar to, U+223C ISOtech + '≅' => '≅', # approximately equal to, U+2245 ISOtech + '≈' => '≈', # almost equal to = asymptotic to, U+2248 ISOamsr + '≠' => '≠', # not equal to, U+2260 ISOtech + '≡' => '≡', # identical to, U+2261 ISOtech + '≤' => '≤', # less-than or equal to, U+2264 ISOtech + '≥' => '≥', # greater-than or equal to, U+2265 ISOtech + '⊂' => '⊂', # subset of, U+2282 ISOtech + '⊃' => '⊃', # superset of, U+2283 ISOtech + '⊄' => '⊄', # not a subset of, U+2284 ISOamsn + '⊆' => '⊆', # subset of or equal to, U+2286 ISOtech + '⊇' => '⊇', # superset of or equal to, U+2287 ISOtech + '⊕' => '⊕', # circled plus = direct sum, U+2295 ISOamsb + '⊗' => '⊗', # circled times = vector product, U+2297 ISOamsb + '⊥' => '⊥', # up tack = orthogonal to = perpendicular, U+22A5 ISOtech + '⋅' => '⋅', # dot operator, U+22C5 ISOamsb + '⌈' => '⌈', # left ceiling = apl upstile, U+2308 ISOamsc + '⌉' => '⌉', # right ceiling, U+2309 ISOamsc + '⌊' => '⌊', # left floor = apl downstile, U+230A ISOamsc + '⌋' => '⌋', # right floor, U+230B ISOamsc + '⟨' => '〈', # left-pointing angle bracket = bra, U+2329 ISOtech + '⟩' => '〉', # right-pointing angle bracket = ket, U+232A ISOtech + '◊' => '◊', # lozenge, U+25CA ISOpub + '♠' => '♠', # black spade suit, U+2660 ISOpub + '♣' => '♣', # black club suit = shamrock, U+2663 ISOpub + '♥' => '♥', # black heart suit = valentine, U+2665 ISOpub + '♦' => '♦', # black diamond suit, U+2666 ISOpub + '"' => '"', # quotation mark = APL quote, U+0022 ISOnum + '&' => '&', # ampersand, U+0026 ISOnum + '<' => '<', # less-than sign, U+003C ISOnum + '>' => '>', # greater-than sign, U+003E ISOnum + 'Œ' => 'Œ', # latin capital ligature OE, U+0152 ISOlat2 + 'œ' => 'œ', # latin small ligature oe, U+0153 ISOlat2 + 'Š' => 'Š', # latin capital letter S with caron, U+0160 ISOlat2 + 'š' => 'š', # latin small letter s with caron, U+0161 ISOlat2 + 'Ÿ' => 'Ÿ', # latin capital letter Y with diaeresis, U+0178 ISOlat2 + 'ˆ' => 'ˆ', # modifier letter circumflex accent, U+02C6 ISOpub + '˜' => '˜', # small tilde, U+02DC ISOdia + ' ' => ' ', # en space, U+2002 ISOpub + ' ' => ' ', # em space, U+2003 ISOpub + ' ' => ' ', # thin space, U+2009 ISOpub + '‌' => '‌', # zero width non-joiner, U+200C NEW RFC 2070 + '‍' => '‍', # zero width joiner, U+200D NEW RFC 2070 + '‎' => '‎', # left-to-right mark, U+200E NEW RFC 2070 + '‏' => '‏', # right-to-left mark, U+200F NEW RFC 2070 + '–' => '–', # en dash, U+2013 ISOpub + '—' => '—', # em dash, U+2014 ISOpub + '‘' => '‘', # left single quotation mark, U+2018 ISOnum + '’' => '’', # right single quotation mark, U+2019 ISOnum + '‚' => '‚', # single low-9 quotation mark, U+201A NEW + '“' => '“', # left double quotation mark, U+201C ISOnum + '”' => '”', # right double quotation mark, U+201D ISOnum + '„' => '„', # double low-9 quotation mark, U+201E NEW + '†' => '†', # dagger, U+2020 ISOpub + '‡' => '‡', # double dagger, U+2021 ISOpub + '‰' => '‰', # per mille sign, U+2030 ISOtech + '‹' => '‹', # single left-pointing angle quotation mark, U+2039 ISO proposed + '›' => '›', # single right-pointing angle quotation mark, U+203A ISO proposed + '€' => '€', # euro sign, U+20AC NEW + + //XHTML standerd: + ''' => ''', # apostrophe = APL quote, U+0027 ISOnum + ); + + //Enhanced version of SanitizeHTML which is charset-aware for UTF-8 + ISO-8859-1 + $charset = mb_detect_encoding($name, "auto, ISO-8859-1, UTF-8", true); + if(false === $charset || !in_array($charset, array('UTF-8', 'ISO-8859-1', 'ISO-8859-15', 'cp1251', 'cp1252', 'KOI8-R', 'BIG5', 'GB2312', 'BIG5-HKSCS', 'Shift_JIS', 'EUC-JP')) ) { + $charset = 'ISO-8859-1'; + } + $name = htmlentities($name, ENT_QUOTES, $charset, false); + + //Normalize HTML entities + $name = strtr($name, $HTML401NamedToNumeric); + + return $name; +} - exit(0); - } +function expandVariants($name) { + static $replacements = array( + '¨' => array(''), # diaeresis = spacing diaeresis, U+00A8 ISOdia + '­' => array('-'), # soft hyphen = discretionary hyphen, U+00AD ISOnum + '¯' => array(''), # macron = spacing macron = overline = APL overbar, U+00AF ISOdia + '´' => array(''), # acute accent = spacing acute, U+00B4 ISOdia + '¸' => array(''), # cedilla = spacing cedilla, U+00B8 ISOdia + 'À' => array('A'), # latin capital letter A with grave = latin capital letter A grave, U+00C0 ISOlat1 + 'Á' => array('A'), # latin capital letter A with acute, U+00C1 ISOlat1 + 'Â' => array('A'), # latin capital letter A with circumflex, U+00C2 ISOlat1 + 'Ã' => array('A'), # latin capital letter A with tilde, U+00C3 ISOlat1 + 'Ä' => array('Ae', 'A'), # latin capital letter A with diaeresis, U+00C4 ISOlat1 + 'Å' => array('A'), # latin capital letter A with ring above = latin capital letter A ring, U+00C5 ISOlat1 + 'Æ' => array('AE'), # latin capital letter AE = latin capital ligature AE, U+00C6 ISOlat1 + 'Ç' => array('C'), # latin capital letter C with cedilla, U+00C7 ISOlat1 + 'È' => array('E'), # latin capital letter E with grave, U+00C8 ISOlat1 + 'É' => array('E'), # latin capital letter E with acute, U+00C9 ISOlat1 + 'Ê' => array('E'), # latin capital letter E with circumflex, U+00CA ISOlat1 + 'Ë' => array('Ee', 'E'), # latin capital letter E with diaeresis, U+00CB ISOlat1 + 'Ì' => array('I'), # latin capital letter I with grave, U+00CC ISOlat1 + 'Í' => array('I'), # latin capital letter I with acute, U+00CD ISOlat1 + 'Î' => array('I'), # latin capital letter I with circumflex, U+00CE ISOlat1 + 'Ï' => array('Ie', 'I'), # latin capital letter I with diaeresis, U+00CF ISOlat1 + 'Ð' => array('Dj', 'Gj', 'Th'), # latin capital letter ETH, U+00D0 ISOlat1 + 'Ñ' => array('N'), # latin capital letter N with tilde, U+00D1 ISOlat1 + 'Ò' => array('O'), # latin capital letter O with grave, U+00D2 ISOlat1 + 'Ó' => array('O'), # latin capital letter O with acute, U+00D3 ISOlat1 + 'Ô' => array('O'), # latin capital letter O with circumflex, U+00D4 ISOlat1 + 'Õ' => array('O'), # latin capital letter O with tilde, U+00D5 ISOlat1 + 'Ö' => array('Oe', 'O'), # latin capital letter O with diaeresis, U+00D6 ISOlat1 + 'Ø' => array('O'), # latin capital letter O with stroke = latin capital letter O slash, U+00D8 ISOlat1 + 'Ù' => array('U'), # latin capital letter U with grave, U+00D9 ISOlat1 + 'Ú' => array('U'), # latin capital letter U with acute, U+00DA ISOlat1 + 'Û' => array('U'), # latin capital letter U with circumflex, U+00DB ISOlat1 + 'Ü' => array('Ue', 'U'), # latin capital letter U with diaeresis, U+00DC ISOlat1 + 'Ý' => array('Y'), # latin capital letter Y with acute, U+00DD ISOlat1 + 'Þ' => array('Th'), # latin capital letter THORN, U+00DE ISOlat1 + 'ß' => array('ss', 'sz'), # latin small letter sharp s = ess-zed, U+00DF ISOlat1 + 'à' => array('a'), # latin small letter a with grave = latin small letter a grave, U+00E0 ISOlat1 + 'á' => array('a'), # latin small letter a with acute, U+00E1 ISOlat1 + 'â' => array('a'), # latin small letter a with circumflex, U+00E2 ISOlat1 + 'ã' => array('a'), # latin small letter a with tilde, U+00E3 ISOlat1 + 'ä' => array('ae', 'a'), # latin small letter a with diaeresis, U+00E4 ISOlat1 + 'å' => array('a'), # latin small letter a with ring above = latin small letter a ring, U+00E5 ISOlat1 + 'æ' => array('ae'), # latin small letter ae = latin small ligature ae, U+00E6 ISOlat1 + 'ç' => array('c'), # latin small letter c with cedilla, U+00E7 ISOlat1 + 'è' => array('e'), # latin small letter e with grave, U+00E8 ISOlat1 + 'é' => array('e'), # latin small letter e with acute, U+00E9 ISOlat1 + 'ê' => array('e'), # latin small letter e with circumflex, U+00EA ISOlat1 + 'ë' => array('ee', 'e'), # latin small letter e with diaeresis, U+00EB ISOlat1 + 'ì' => array('i'), # latin small letter i with grave, U+00EC ISOlat1 + 'í' => array('i'), # latin small letter i with acute, U+00ED ISOlat1 + 'î' => array('i'), # latin small letter i with circumflex, U+00EE ISOlat1 + 'ï' => array('ie', 'i'), # latin small letter i with diaeresis, U+00EF ISOlat1 + 'ð' => array('dj', 'gj', 'th'), # latin small letter eth, U+00F0 ISOlat1 + 'ñ' => array('n'), # latin small letter n with tilde, U+00F1 ISOlat1 + 'ò' => array('o'), # latin small letter o with grave, U+00F2 ISOlat1 + 'ó' => array('o'), # latin small letter o with acute, U+00F3 ISOlat1 + 'ô' => array('o'), # latin small letter o with circumflex, U+00F4 ISOlat1 + 'õ' => array('o'), # latin small letter o with tilde, U+00F5 ISOlat1 + 'ö' => array('oe', 'o'), # latin small letter o with diaeresis, U+00F6 ISOlat1 + 'ø' => array('o'), # latin small letter o with stroke, = latin small letter o slash, U+00F8 ISOlat1 + 'ù' => array('u'), # latin small letter u with grave, U+00F9 ISOlat1 + 'ú' => array('u'), # latin small letter u with acute, U+00FA ISOlat1 + 'û' => array('u'), # latin small letter u with circumflex, U+00FB ISOlat1 + 'ü' => array('ue', 'u'), # latin small letter u with diaeresis, U+00FC ISOlat1 + 'ý' => array('y'), # latin small letter y with acute, U+00FD ISOlat1 + 'þ' => array('th'), # latin small letter thorn, U+00FE ISOlat1 + 'ÿ' => array('y', 'ij', 'ii', 'ei'), # latin small letter y with diaeresis, U+00FF ISOlat1 + 'ƒ' => array('f'), # latin small f with hook = function = florin, U+0192 ISOtech + 'Œ' => array('OE'), # latin capital ligature OE, U+0152 ISOlat2 + 'œ' => array('oe'), # latin small ligature oe, U+0153 ISOlat2 + 'Š' => array('s'), # latin capital letter S with caron, U+0160 ISOlat2 + 'š' => array('s'), # latin small letter s with caron, U+0161 ISOlat2 + 'Ÿ' => array('Y', 'Ij', 'Ii', 'Ei'), # latin capital letter Y with diaeresis, U+0178 ISOlat2 + 'ˆ' => array(''), # modifier letter circumflex accent, U+02C6 ISOpub + ); + + $variants = array($name); + + foreach($replacements as $rk => $rv) { + $vnew = array(); + foreach($variants as $variant) { + foreach($rv as $rv1) { + $vnew[] = str_replace($rk, $rv1, $variant); + } + } + $variants = $vnew; + $variants = array_unique($variants); + } + + $variants = array_filter($variants, function($a) { return false === strstr($a, "&"); } ); + + return $variants; } +function compareName($requested, $acceptable) { + if(empty($acceptable) || empty($requested)) { + return false; + } + + $requested = normalizeName($requested); + $acceptable = normalizeName($acceptable); + + if(0 === strcasecmp($requested, $acceptable)) { + return true; + } + + $variants = expandVariants($acceptable); + foreach($variants as $acceptable_variant) { + if(0 === strcasecmp($requested, $acceptable_variant)) { + return true; + } + } + + return false; +} function verifyName($name) { if($name == "") return 0; - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'])) return 1; // John Doe - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname'])) return 1; // John Joseph Doe - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname'])) return 1; // John J Doe - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname'])) return 1; // John J. Doe + $q = mysql_query("SELECT HEX(CONVERT(users.fname USING utf8)) as fname, HEX(CONVERT(users.mname USING utf8)) as mname, HEX(CONVERT(users.lname USING utf8)) as lname, HEX(CONVERT(users.suffix USING UTF8)) as suffix FROM users WHERE id='" . intval($_SESSION["profile"]["id"]) . "'"); + if( false === ($row = mysql_fetch_assoc($q)) ) { + return 0; + } + + $row['fname'] = hex2bin($row['fname']); + $row['mname'] = hex2bin($row['mname']); + $row['lname'] = hex2bin($row['lname']); + $row['suffix'] = hex2bin($row['suffix']); - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; // John Doe Jr. - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John Joseph Doe Jr. - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0]." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J Doe Jr. - if(!strcasecmp($name, $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname'][0].". ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])) return 1; //John J. Doe Jr. + if(compareName($name, $row['fname']." ".$row['lname'])) return 1; // John Doe + if(compareName($name, $row['fname']." ".$row['mname']." ".$row['lname'])) return 1; // John Joseph Doe + if(compareName($name, $row['fname']." ".$row['mname'][0]." ".$row['lname'])) return 1; // John J Doe + if(compareName($name, $row['fname']." ".$row['mname'][0].". ".$row['lname'])) return 1; // John J. Doe + + if(compareName($name, $row['fname']." ".$row['lname']." ".$row['suffix'])) return 1; // John Doe Jr. + if(compareName($name, $row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix'])) return 1; //John Joseph Doe Jr. + if(compareName($name, $row['fname']." ".$row['mname'][0]." ".$row['lname']." ".$row['suffix'])) return 1; //John J Doe Jr. + if(compareName($name, $row['fname']." ".$row['mname'][0].". ".$row['lname']." ".$row['suffix'])) return 1; //John J. Doe Jr. return 0; } @@ -84,8 +474,6 @@ function verifyEmail($email) return 0; } - - $ToBeDeleted=array(); $state=0; if($oldid == "0" && $CSR != "") @@ -159,7 +547,7 @@ function verifyEmail($email) if($npubs>1) { showheader(_("Welcome to CAcert.org")); - echo "<font color='#ff0000'>"._("Please upload only one key at a time.")."</font>"; + echo "<span class=\"error_indicator\">"._("Please upload only one key at a time.")."</span>"; unset($_REQUEST['process']); $id = $oldid; unset($oldid); @@ -183,7 +571,7 @@ function verifyEmail($email) { showheader(_("Welcome to CAcert.org")); - echo "<font color='#ff0000'>"._("Multiple Email Adresses per UID are not allowed.")."</font>"; + echo "<span class=\"error_indicator\">"._("Multiple Email Adresses per UID are not allowed.")."</span>"; unset($_REQUEST['process']); $id = $oldid; unset($oldid); @@ -191,7 +579,7 @@ function verifyEmail($email) } // Name (Comment) <Email> - if(preg_match("/^([^\(\)\[@<>]+) \(([^\(\)@<>]*)\) <([\w=\/%.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches)) + if(preg_match("/^([^\(\)\[@<>]+) \(([^\(\)@<>]*)\) <([\w=\/%+.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches)) { $name=trim(gpg_hex2bin($matches[1])); $nocomment=0; @@ -199,7 +587,7 @@ function verifyEmail($email) $mail=trim(gpg_hex2bin($matches[3])); } // Name <EMail> - elseif(preg_match("/^([^\(\)\[@<>]+) <([\w=\/%.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches)) + elseif(preg_match("/^([^\(\)\[@<>]+) <([\w=\/%+.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/",$bits[9],$matches)) { $name=trim(gpg_hex2bin($matches[1])); $nocomment=1; @@ -212,7 +600,7 @@ function verifyEmail($email) $nocomment=1; $uidformatwrong=1; } - $nameok=verifyName($name); + $nameok=verifyName($name); $emailok=verifyEmail($mail); @@ -291,7 +679,7 @@ function verifyEmail($email) showheader(_("Welcome to CAcert.org")); echo $resulttable; - echo "<font color='#ff0000'>"._("No valid UIDs found on your key")."</font>"; + echo "<span class=\"error_indicator\">"._("No valid UIDs found on your key")."</span>"; unset($_REQUEST['process']); $id = $oldid; unset($oldid); @@ -378,7 +766,7 @@ function verifyEmail($email) } $mail=""; - if (preg_match("/<([\w.-]*\@[\w.-]*)>/", $bits[9],$match)) { + if (preg_match("/<([\w=\/%+.-]*\@[\w.-]*|[\w.-]*\![\w=\/%.-]*)>/", $bits[9],$match)) { //echo "Found: ".$match[1]; $mail = trim(gpg_hex2bin($match[1])); } diff --git a/www/images/cacert4.png b/www/images/cacert4.png Binary files differindex e4650a0..9da24c2 100644 --- a/www/images/cacert4.png +++ b/www/images/cacert4.png diff --git a/www/index.php b/www/index.php index 8c5560c..a3e4e14 100644 --- a/www/index.php +++ b/www/index.php @@ -53,7 +53,7 @@ require_once('../includes/notary.inc.php'); $oldid = 0; if(array_key_exists('Q1',$_REQUEST) && $_REQUEST['Q1']) { - $_SESSION['lostpw']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1'])))); + $_SESSION['lostpw']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1'])))); if(stripslashes(strtolower($_SESSION['lostpw']['A1'])) == strtolower($_SESSION['lostpw']['user']['A1'])) $answers++; @@ -61,7 +61,7 @@ require_once('../includes/notary.inc.php'); } if(array_key_exists('Q2',$_REQUEST) && $_REQUEST['Q2']) { - $_SESSION['lostpw']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2'])))); + $_SESSION['lostpw']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2'])))); if(stripslashes(strtolower($_SESSION['lostpw']['A2'])) == strtolower($_SESSION['lostpw']['user']['A2'])) $answers++; @@ -69,7 +69,7 @@ require_once('../includes/notary.inc.php'); } if(array_key_exists('Q3',$_REQUEST) && $_REQUEST['Q3']) { - $_SESSION['lostpw']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3'])))); + $_SESSION['lostpw']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3'])))); if(stripslashes(strtolower($_SESSION['lostpw']['A3'])) == strtolower($_SESSION['lostpw']['user']['A3'])) $answers++; @@ -77,7 +77,7 @@ require_once('../includes/notary.inc.php'); } if(array_key_exists('Q4',$_REQUEST) && $_REQUEST['Q4']) { - $_SESSION['lostpw']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); + $_SESSION['lostpw']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); if(stripslashes(strtolower($_SESSION['lostpw']['A4'])) == strtolower($_SESSION['lostpw']['user']['A4'])) $answers++; @@ -85,15 +85,15 @@ require_once('../includes/notary.inc.php'); } if(array_key_exists('Q5',$_REQUEST) && $_REQUEST['Q5']) { - $_SESSION['lostpw']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); + $_SESSION['lostpw']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); if(stripslashes(strtolower($_SESSION['lostpw']['A5'])) == strtolower($_SESSION['lostpw']['user']['A5'])) $answers++; $body .= "System: ".$_SESSION['lostpw']['user']['A5']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A5']))."\n"; } - $_SESSION['lostpw']['pw1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass1'])))); - $_SESSION['lostpw']['pw2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass2'])))); + $_SESSION['lostpw']['pw1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['newpass1'])))); + $_SESSION['lostpw']['pw2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['newpass2'])))); if($answers < $_SESSION['lostpw']['total'] || $answers < 3) { @@ -130,7 +130,7 @@ require_once('../includes/notary.inc.php'); if($oldid == 5 && $process != "") { - $email = $_SESSION['lostpw']['email'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['email'])))); + $email = $_SESSION['lostpw']['email'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['email'])))); $_SESSION['lostpw']['day'] = intval($_REQUEST['day']); $_SESSION['lostpw']['month'] = intval($_REQUEST['month']); $_SESSION['lostpw']['year'] = intval($_REQUEST['year']); @@ -141,10 +141,17 @@ require_once('../includes/notary.inc.php'); { $id = $oldid; $oldid = 0; - $_SESSION['_config']['errmsg'] = _("Unable to match your details with any user accounts on file"); + $_SESSION['_config']['errmsg'] = _('Unable to match your details with any user accounts on file'); } else { - $id = 6; $_SESSION['lostpw']['user'] = mysql_fetch_assoc($res); + //check wether account is locked or deleted + if ($_SESSION['lostpw']['user']['locked'] == 1 || $_SESSION['lostpw']['user']['deleted'] != 0) { + $id = $oldid; + $oldid = 0; + $_SESSION['_config']['errmsg'] = sprintf(_('The account is not available, please get in contact with support (%s).'),'support@cacert.org'); + } else { + $id = 6; + } } } @@ -186,8 +193,8 @@ require_once('../includes/notary.inc.php'); $_SESSION['_config']['errmsg'] = ""; - $email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email'])))); - $pword = mysql_escape_string(stripslashes(trim($_REQUEST['pword']))); + $email = mysql_real_escape_string(stripslashes(strip_tags(trim($_REQUEST['email'])))); + $pword = mysql_real_escape_string(stripslashes(trim($_REQUEST['pword']))); $query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or `password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0"; $res = mysql_query($query); @@ -210,10 +217,8 @@ require_once('../includes/notary.inc.php'); L10n::set_translation($_SESSION['profile']['language']); L10n::init_gettext(); } - $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 group by `to`"; - $res = mysql_query($query); - $row = mysql_fetch_assoc($res); - $_SESSION['profile']['points'] = $row['total']; + update_points_in_profile(); + $_SESSION['profile']['loggedin'] = 1; if($_SESSION['profile']['Q1'] == "" || $_SESSION['profile']['Q2'] == "" || $_SESSION['profile']['Q3'] == "" || $_SESSION['profile']['Q4'] == "" || @@ -289,26 +294,26 @@ if ($oldid == 52 ) $_SESSION['_config']['errmsg'] = ""; - $_SESSION['signup']['email'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['email'])))); - $_SESSION['signup']['fname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['fname'])))); - $_SESSION['signup']['mname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['mname'])))); - $_SESSION['signup']['lname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['lname'])))); - $_SESSION['signup']['suffix'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['suffix'])))); + $_SESSION['signup']['email'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['email'])))); + $_SESSION['signup']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname'])))); + $_SESSION['signup']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname'])))); + $_SESSION['signup']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname'])))); + $_SESSION['signup']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix'])))); $_SESSION['signup']['day'] = intval($_REQUEST['day']); $_SESSION['signup']['month'] = intval($_REQUEST['month']); $_SESSION['signup']['year'] = intval($_REQUEST['year']); - $_SESSION['signup']['pword1'] = trim(mysql_escape_string(stripslashes($_REQUEST['pword1']))); - $_SESSION['signup']['pword2'] = trim(mysql_escape_string(stripslashes($_REQUEST['pword2']))); - $_SESSION['signup']['Q1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q1'])))); - $_SESSION['signup']['Q2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q2'])))); - $_SESSION['signup']['Q3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q3'])))); - $_SESSION['signup']['Q4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q4'])))); - $_SESSION['signup']['Q5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q5'])))); - $_SESSION['signup']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1'])))); - $_SESSION['signup']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2'])))); - $_SESSION['signup']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3'])))); - $_SESSION['signup']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); - $_SESSION['signup']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); + $_SESSION['signup']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1']))); + $_SESSION['signup']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2']))); + $_SESSION['signup']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1'])))); + $_SESSION['signup']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2'])))); + $_SESSION['signup']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3'])))); + $_SESSION['signup']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4'])))); + $_SESSION['signup']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5'])))); + $_SESSION['signup']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1'])))); + $_SESSION['signup']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2'])))); + $_SESSION['signup']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3'])))); + $_SESSION['signup']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); + $_SESSION['signup']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); $_SESSION['signup']['general'] = intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0); $_SESSION['signup']['country'] = intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0); $_SESSION['signup']['regional'] = intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0); @@ -397,7 +402,7 @@ if ($oldid == 52 ) if($score < 3) { $id = 1; - $_SESSION['_config']['errmsg'] = _("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored $score points out of 6."); + $_SESSION['_config']['errmsg'] = sprintf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score); } if($id == 2) diff --git a/www/robots.txt b/www/robots.txt new file mode 100644 index 0000000..6ffbc30 --- /dev/null +++ b/www/robots.txt @@ -0,0 +1,3 @@ +User-agent: * +Disallow: / + diff --git a/www/stats.php b/www/stats.php index d4d892d..824f19b 100644 --- a/www/stats.php +++ b/www/stats.php @@ -87,7 +87,7 @@ </tr> <tr> <td class="DataTD"><?=_("Assurers with test")?>:</td> - <td class="DataTD"><?=$stats['aussurers_with_test'];?></td> + <td class="DataTD"><?=$stats['assurer_with_test'];?></td> </tr> <tr> <td class="DataTD"><?=_("Points Issued")?>:</td> @@ -102,7 +102,7 @@ <tr> <td class="DataTD"><b><?=_("Date")?></b> <td class="DataTD"><b><?=_("New Users")?></b> - <td class="DataTD"><b><?=_("New Assurers")?></b> + <td class="DataTD"><b><?=_("New Assurers") . ' *'?></b> <td class="DataTD"><b><?=_("New Certificates")?></b> </tr> <? @@ -111,14 +111,14 @@ <tr> <td class="DataTD"><?=$stats['growth_last_12m'][$i]['date'];?></td> <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_users'];?></td> - <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_assurers'];?></td> + <td class="DataTD"><?= $stats['growth_last_12m'][$i]['new_candidates'] . '/' . $stats['growth_last_12m'][$i]['new_assurers'];?></td> <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_certificates'];?></td> </tr> <? } ?> <tr> <td class="DataTD"><?=_("Total")?></td> <td class="DataTD"><?=$stats['growth_last_12m_total']['new_users'];?></td> - <td class="DataTD"><?=$stats['growth_last_12m_total']['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m_total']['new_candidates'] . '/' . $stats['growth_last_12m_total']['new_assurers'];?></td> <td class="DataTD"><?=$stats['growth_last_12m_total']['new_certificates'];?></td> </tr> </table> @@ -130,7 +130,7 @@ <tr> <td class="DataTD"><b><?=_("Date")?></b> <td class="DataTD"><b><?=_("New Users")?></b> - <td class="DataTD"><b><?=_("New Assurers")?></b> + <td class="DataTD"><b><?=_("New Assurers") . ' *'?></b> <td class="DataTD"><b><?=_("New Certificates")?></b> </tr> <? @@ -139,21 +139,23 @@ <tr> <td class="DataTD"><?=$stats['growth_last_years'][$i]['date'];?></td> <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_users'];?></td> - <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_candidates'] . '/' . $stats['growth_last_years'][$i]['new_assurers'];?></td> <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_certificates'];?></td> </tr> <? } ?> <tr> <td class="DataTD"><?=_("Total")?></td> <td class="DataTD"><?=$stats['growth_last_years_total']['new_users'];?></td> - <td class="DataTD"><?=$stats['growth_last_years_total']['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_years_total']['new_candidates'] . '/' . $stats['growth_last_years_total']['new_assurers'];?></td> <td class="DataTD"><?=$stats['growth_last_years_total']['new_certificates'];?></td> </tr> </table> <br> <div style="text-align: center;font-size: small;"><? - printf(_("Last updated: %s"), date('Y-m-d H:i:s', $stats['timestamp']));?> + echo _('* user with at least 100 assurance points / assurer with CATS') . '</br>'; + echo _('Difference of calculation of assurer between total and running total result from assurers that have been deleted from the system.') . '</br>'; + printf(_("Last updated: %s"), date('Y-m-d H:i:s', $stats['timestamp']));?> </div> <? showfooter(); ?> diff --git a/www/styles/default.css b/www/styles/default.css index 4ddfbba..f178a37 100644 --- a/www/styles/default.css +++ b/www/styles/default.css @@ -21,7 +21,7 @@ body { /******* hyperlink and anchor tag styles *******/ a:link, a:visited { - color: #005fa9; + color: #a90000; text-decoration: none; } @@ -34,14 +34,14 @@ a:hover { h1 { font: bold 120% Arial ,sans-serif; - color: #334d55; + color: #550000; margin: 0px; padding: 0px; } h2 { font: bold 114% Arial ,sans-serif; - color: #006699; + color: #990000; margin: 0px; padding: 0px; } @@ -260,7 +260,7 @@ a.glink, a.glink:visited { font-weight: bold; margin: 0px; padding: 2px 5px 4px 5px; - border-right: 1px solid #8fb8bc; + border-right: 1px solid #BC8F8F; } a.glink:hover { @@ -379,7 +379,7 @@ a.glink:hover { } #breadCrumb a:hover { - color: #005fa9; + color: #A90000; text-decoration: underline; } @@ -424,8 +424,8 @@ a.glink:hover { .story a.capsule { font: bold 1em Arial,sans-serif; - color: #005FA9; - display: block; + color: #A90000; + display:block; padding-bottom: 5px; } @@ -468,12 +468,12 @@ td.storyLeft { background-image: url("siteimages/bg_nav.jpg"); font-weight: bold; padding: 3px 0px 3px 10px; - color: #21536A; + color: #6A2121; } #sectionLinks a:hover { border-top: 1px solid #cccccc; - background-color: #DDEEFF; + background-color: #FFDDDD; background-image: none; font-weight: bold; text-decoration: none; @@ -619,7 +619,7 @@ td.greytxt { } .ac_highlight { - background-color: #3366cc; + background-color: #cc3333; color: white; cursor: pointer; } @@ -644,6 +644,24 @@ td.greytxt { font-size: 10px; } +/************** error and warning styles ****************/ + +.error_fatal { + font-size: x-large; + color: #ff0000; + font-family: Arial,sans-serif; +} + +.error_warning { + font-size: large; + color: #ffa500; + font-family: Arial,sans-serif; +} + +.error_indicator, .warning_indicator { + color: #ff0000; +} + /************** sponsorInfo styles ****************/ @@ -727,3 +745,21 @@ div.footerbar { .accountdetail.suffix { } + +/********* div align ********/ +.blockcenter { + text-align:center; + margin: 0 auto; +} + +.blockleft { + text-align:left; + margin: 0; + margin-right:auto; +} + +.blockright { + text-align:right; + margin: 0; + margin-left:auto; +} diff --git a/www/tverify/seclayer.php b/www/tverify/seclayer.php deleted file mode 100644 index 50c7fb2..0000000 --- a/www/tverify/seclayer.php +++ /dev/null @@ -1,27 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<html> - <head> - <title>SecurityLayer Result</title> - </head> - <body> - <h1>User: <?=htmlspecialchars($_REQUEST['user'])?></h1> - The following is the result that your signature card has sent to CAcert. At this point, CAcert would have to parse the result and verify the signature, but this hasn't been implemented yet. Our developers might ask you to send them this data. But please be careful, since it contains your personal data! - <pre><?=htmlspecialchars($_REQUEST['XMLResponse'])?></pre> - </body> - </html> diff --git a/www/verify.php b/www/verify.php index 6f603e4..2e409b6 100644 --- a/www/verify.php +++ b/www/verify.php @@ -43,7 +43,7 @@ { $id = 1; $emailid = intval($_REQUEST['emailid']); - $hash = mysql_escape_string(stripslashes($_REQUEST['hash'])); + $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash'])); $query = "select * from `email` where `id`='$emailid' and hash!='' and deleted=0"; $res = mysql_query($query); @@ -101,7 +101,7 @@ { $id = 7; $domainid = intval($_REQUEST['domainid']); - $hash = mysql_escape_string(stripslashes($_REQUEST['hash'])); + $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash'])); $query = "select * from `domains` where `id`='$domainid' and hash!='' and deleted=0"; $res = mysql_query($query); diff --git a/www/wot.php b/www/wot.php index 35dce1f..1bcf009 100644 --- a/www/wot.php +++ b/www/wot.php @@ -27,7 +27,7 @@ function show_page($target,$message,$error) if ($error != "") $message=_("ERROR").": ".$error; if ($message != "") - echo "<p><font color='orange' size='+1'>".$message."</font></p>"; + echo "<p class=\"error_warning\">".$message."</p>"; switch ($target) { @@ -79,6 +79,12 @@ function show_page($target,$message,$error) case '15': case 'MyPointsNew': includeit(15, "wot"); break; + case '16': + case 'TTPForm': includeit(16, "wot"); + break; + case '17': + case 'AssurerCheck': includeit(17, "wot"); + break; } showfooter(); @@ -121,6 +127,7 @@ function send_reminder() if(array_key_exists('location',$_POST) && $_POST['location'] != "") $_SESSION['_config']['location'] = $_POST['location']; + $id=array_key_exists('id',$_REQUEST)?intval($_REQUEST['id']):0; $oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0; if($oldid == 12) @@ -181,7 +188,7 @@ function send_reminder() if($oldid == 5) { - $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `deleted`=0"; + $query = "select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."' and `deleted`=0"; $res = mysql_query($query); if(mysql_num_rows($res) != 1) { @@ -209,7 +216,7 @@ function send_reminder() } } } - $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `locked`=1"; + $query = "select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."' and `locked`=1"; $res = mysql_query($query); if(mysql_num_rows($res) >= 1) { @@ -336,24 +343,13 @@ function send_reminder() { $max = maxpoints(); - $awarded = $newpoints = intval($_POST['points']); - if($newpoints > $max) - $newpoints = $awarded = $max; - if($newpoints < 0) - $newpoints = $awarded = 0; - - $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['_config']['notarise']['id'])."' and `deleted` = 0 group by `to`"; - $res = mysql_query($query); - $drow = mysql_fetch_assoc($res); - - $_POST['expire'] = 0; + $awarded = intval($_POST['points']); + if($awarded > $max) + $awarded = $max; + if($awarded < 0) + $awarded = 0; - if(($drow['total'] + $newpoints) > 100 && $max < 100) - $newpoints = 100 - $drow['total']; - if(($drow['total'] + $newpoints) > $max && $max >= 100) - $newpoints = $max - $drow['total']; - if($newpoints < 0) - $newpoints = 0; + $drow_points = get_received_assurance_points(intval($_SESSION['_config']['notarise']['id'])); if(mysql_real_escape_string(stripslashes($_POST['date'])) == "") $_POST['date'] = date("Y-m-d H:i:s"); @@ -376,7 +372,7 @@ function send_reminder() { $query = "insert into `notary` set `from`='".intval($_SESSION['profile']['id'])."', `to`='".intval($_SESSION['_config']['notarise']['id'])."', - `points`='".intval($newpoints)."', `awarded`='".intval($awarded)."', + `points`='0', `awarded`='".intval($awarded)."', `location`='".mysql_real_escape_string(stripslashes($_POST['location']))."', `date`='".mysql_real_escape_string(stripslashes($_POST['date']))."', `when`=NOW()"; @@ -385,13 +381,17 @@ function send_reminder() write_user_agreement($_SESSION['profile']['id'], "CCA", "assurance", "Assuring", 1, $_SESSION['_config']['notarise']['id']); write_user_agreement($_SESSION['_config']['notarise']['id'], "CCA", "assurance", "Being assured", 0, $_SESSION['profile']['id']); } - if($_SESSION['profile']['ttpadmin'] == 1 && ($_POST['method'] == 'Trusted 3rd Parties' || $_POST['method'] == 'Trusted Third Parties')) { + if($_SESSION['profile']['ttpadmin'] >= 1 && $_POST['method'] == 'TTP-Assisted') { $query .= ",\n`method`='TTP-Assisted'"; } + if($_SESSION['profile']['ttpadmin'] == 2 && $_POST['method'] == 'TTP-TOPUP') { + $query .= ",\n`method`='TTP-TOPUP'"; + } mysql_query($query); - fix_assurer_flag($_SESSION['_config']['notarise']['id']); include_once("../includes/notary.inc.php"); + recalculate_old_assurance_points($_SESSION['_config']['notarise']['id']); + fix_assurer_flag($_SESSION['_config']['notarise']['id']); if($_SESSION['profile']['points'] < 150) { $addpoints = 0; @@ -416,17 +416,15 @@ function send_reminder() L10n::set_translation($_SESSION['_config']['notarise']['language']); $body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n"; - if($_POST['points'] != $newpoints) - $body .= sprintf(_("You were issued %s points however the system has rounded this down to %s and you now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n"; - else - $body .= sprintf(_("You were issued %s points and you now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n"; - if(($drow['total'] + $newpoints) < 100 && ($drow['total'] + $newpoints) >= 50) + $body .= sprintf(_("You were issued %s assurance points and you now have %s assurance points in total."), $awarded, ($awarded + $drow_points))."\n\n"; + + if(($drow_points + $awarded) < 100 && ($drow_points + $awarded) >= 50) { $body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n"; } - if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0) + if(($drow_points + $awarded) >= 100 && $drow_points < 0 && !is_assurer(intval($_SESSION['_config']['notarise']['id'])) ) { $body .= _("You have at least 100 Assurance Points, if you want to become an assurer try the Assurer Challenge")." ( https://cats.cacert.org )\n\n"; $body .= _("To make it easier for others in your area to find you, it's helpful to list yourself as an assurer (this is voluntary), as well as a physical location where you live or work the most. You can flag your account to be listed, and add a comment to the display by going to:")."\n"; @@ -443,10 +441,7 @@ function send_reminder() L10n::set_translation($my_translation); $body = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n"; - if($_POST['points'] != $newpoints) - $body .= sprintf(_("You issued %s points however the system has rounded this down to %s and they now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n"; - else - $body .= sprintf(_("You issued %s points and they now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n"; + $body .= sprintf(_("You issued %s assurance points."), $awarded)."\n\n"; $body .= _("Best regards")."\n"; $body .= _("CAcert Support Team"); @@ -491,9 +486,7 @@ function send_reminder() $subject = $_REQUEST['subject']; $userid = intval($_REQUEST['userid']); $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($userid)."' and `listme`=1")); - $points = mysql_num_rows(mysql_query("select sum(`points`) as `total` from `notary` - where `to`='".intval($user['id'])."' and `deleted` = 0 group by `to` HAVING SUM(`points`) > 0")); - if($points > 0) + if(is_assurer($userid) > 0) { $my_translation = L10n::get_translation(); L10n::set_translation($user['language']); @@ -549,9 +542,76 @@ function send_reminder() exit; } -// showheader(_("My CAcert.org Account!")); -// echo "ID now = ".$id."/".$oldid.">>".$iecho; -// includeit($id, "wot"); -// showfooter(); + // Assurer Check + if($oldid == 17 ) + { + $oldid = 0; + $id = 17; + $number = 5; + $email = mysql_real_escape_string(trim($_REQUEST['email'])); + $reason = mysql_real_escape_string(trim($_REQUEST['reason'])); + $uid = get_user_id_from_email($email); + + if ($uid == 0) { + show_page("AssurerCheck", "", _("I'm sorry, there was no email matching what you entered in the system. Please double check your information.")); + exit; + } + + if ($reason == "--") { + show_page("AssurerCheck", "" ,_("I'm sorry, there was no reason given why you need to check the assurer status.")); + exit; + } + + if (get_number_of_adminlog_entries($_SESSION['profile']['id'],1000,1) > $number) { + show_page("AssurerCheck", "", sprintf(_("I'm sorry, you reached the maximum requests of %s per hour. Please wait until you try it again."),$number)); + exit; + } + + if (is_assurer($uid)) { + $status = _('Is assurer'); + } else { + $status = _('Is no assurer'); + } + + write_se_log($uid, $_SESSION['profile']['id'], 'User Assurer status check', '', 1000); + + $assurer = get_user($uid); + + //mail to member + $my_translation = L10n::get_translation(); + L10n::set_translation($assurer['language']); + + $subject = "[CAcert.org] ". _("Assurer status report for you"); + + $body = sprintf(_("Hi %s,"), $assurer['fname'])."\n\n"; + $body .= sprintf(_("%s %s (%s) has requested your assurer status for %s."), + $_SESSION['profile']['fname'], + $_SESSION['profile']['lname'], + $_SESSION['profile']['email'], + $reason)."\n\n"; + $body .= sprintf(_("The transmitted result: %s"), $status)."\n"; + $body .= _("Best regards")."\n"; + $body .= _("CAcert Support Team"); + + sendmail($assurer['email'], "[CAcert.org] ". $subject, $body, + "support@cacert.org", //from + "", //replyto + "", //toname + "CAcert Support"); //fromname + + L10n::set_translation($my_translation); + + showheader(_("My CAcert.org Account!"));?> + <p> + <?=sprintf(_('The assurer status for %s %s (%s) is: %s'), + $assurer['fname'], + $assurer['lname'], + $assurer['email'], + $status) . '<br/>'. _('The mail with the status request has been sent to the email address above.'); ?> + </p> + <? + showfooter(); + exit; + } + show_page ($id,"",""); -?> |
