summaryrefslogtreecommitdiff
path: root/includes/account.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/account.php')
-rw-r--r--includes/account.php715
1 files changed, 408 insertions, 307 deletions
diff --git a/includes/account.php b/includes/account.php
index 7c3748d..26845cd 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -84,6 +84,11 @@ function buildSubjectFromSession() {
$memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
$domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
+ $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
+
+ $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
+ $ticketvalidation = FALSE;
+
if(!$_SESSION['mconn'])
{
@@ -146,7 +151,7 @@ function buildSubjectFromSession() {
exit;
}
$hash = make_hash();
- $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
+ $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -166,7 +171,7 @@ function buildSubjectFromSession() {
{
$id = 2;
$emailid = intval($_REQUEST['emailid']);
- $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
+ $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -186,7 +191,7 @@ function buildSubjectFromSession() {
"support@cacert.org", "", "", "CAcert Support");
$_SESSION['profile']['email'] = $row['email'];
- $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
+ $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
showheader(_("My CAcert.org Account!"));
printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
@@ -211,7 +216,7 @@ function buildSubjectFromSession() {
}
$id = intval($id);
$query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
- `email`!='".$_SESSION['profile']['email']."'";
+ `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@@ -284,6 +289,9 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
$csr = "";
if(trim($_REQUEST['optionalCSR']) == "")
{
@@ -293,11 +301,8 @@ function buildSubjectFromSession() {
$_REQUEST['keytype'] = "MS";
$csr = clean_csr($_REQUEST['optionalCSR']);
}
- if(trim($_REQUEST['description']) != ""){
- $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
- }else{
- $_SESSION['_config']['description']= "";
- }
+
+ $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
}
if($oldid == 4)
@@ -321,7 +326,7 @@ function buildSubjectFromSession() {
if(is_array($_SESSION['_config']['addid']))
foreach($_SESSION['_config']['addid'] as $id)
{
- $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
+ $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
if(mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
@@ -340,7 +345,7 @@ function buildSubjectFromSession() {
showfooter();
exit;
}
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
+ $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
if($_SESSION['_config']['SSO'] == 1)
$emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
@@ -384,7 +389,8 @@ function buildSubjectFromSession() {
`codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
- `description`='".$_SESSION['_config']['description']."'";
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
if(is_array($addys))
@@ -395,7 +401,8 @@ function buildSubjectFromSession() {
fputs($fp, $emails);
fclose($fp);
$challenge=$_SESSION['spkac_hash'];
- $res=`openssl spkac -verify -in $CSRname`;
+ $CSRname_esc = escapeshellarg($CSRname);
+ $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
if(!strstr($res,"Challenge String: ".$challenge))
{
$id = $oldid;
@@ -457,7 +464,9 @@ function buildSubjectFromSession() {
$csrsubject .= "/emailAddress = ".$user['uniqueID'];
$tmpname = tempnam("/tmp", "id4csr");
- $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
+ $tmpfname_esc = escapeshellarg($tmpfname);
+ $tmpname_esc = escapeshellarg($tmpname);
+ $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
@unlink($tmpfname);
$csr = "";
$fp = fopen($tmpname, "r");
@@ -479,13 +488,14 @@ function buildSubjectFromSession() {
$query = "insert into emailcerts set
`CN`='$defaultemail',
`keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
- `memid`='".$_SESSION['profile']['id']."',
+ `memid`='".intval($_SESSION['profile']['id'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."',
- `codesign`='".$_SESSION['_config']['codesign']."',
+ `codesign`='".intval($_SESSION['_config']['codesign'])."',
`disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `description`='".$_SESSION['_config']['description']."'";
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
if(is_array($addys))
@@ -560,7 +570,7 @@ function buildSubjectFromSession() {
$addy = array();
$adds = array();
if(strtolower(substr($newdom, -4, 3)) != ".jp")
- $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
+ $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
{
if(is_array($adds))
@@ -650,7 +660,7 @@ function buildSubjectFromSession() {
$hash = make_hash();
$query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
- `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
+ `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
mysql_query($query);
$domainid = mysql_insert_id();
@@ -678,7 +688,7 @@ function buildSubjectFromSession() {
foreach($_REQUEST['delid'] as $id)
{
$id = intval($id);
- $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
+ $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@@ -723,19 +733,15 @@ function buildSubjectFromSession() {
exit;
}
- if(trim($_REQUEST['description']) != ""){
- $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
- }else{
- $_SESSION['_config']['description']= "";
- }
+ $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
fclose($fp);
- $CSR = $_SESSION['_config']['tmpfname'];
- $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
- $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
+ $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
+ $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
+ $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
foreach($bits as $val)
{
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
@@ -762,6 +768,8 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
}
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 11)
@@ -806,14 +814,16 @@ function buildSubjectFromSession() {
`domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
- `description`='".$_SESSION['_config']['description']."'";
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
$query = "insert into `domaincerts` set
`CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
`domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
`created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
`rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
- `description`='".$_SESSION['_config']['description']."'";
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
showheader(_("My CAcert.org Account!"));
echo _("Domain not verified.");
@@ -867,7 +877,7 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
- `domains`.`memid`='".$_SESSION['profile']['id']."'";
+ `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -886,22 +896,23 @@ function buildSubjectFromSession() {
mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
$query = "insert into `domaincerts` set
- `domid`='".$row['domid']."',
+ `domid`='".intval($row['domid'])."',
`CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',".
//`csr_name`='".$row['csr_name']."', // RACE CONDITION
- "`created`='".$row['created']."',
+ "`created`='".mysql_real_escape_string($row['created'])."',
`modified`=NOW(),
- `rootcert`='".$row['rootcert']."',
- `type`='".$row['type']."',
- `pkhash`='".$row['pkhash']."',
- `description`='".$row['description']."'";
+ `rootcert`='".intval($row['rootcert'])."',
+ `type`='".intval($row['type'])."',
+ `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
+ `description`='".mysql_real_escape_string($row['description'])."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","server",$newid);
copy($row['csr_name'], $newfile);
- $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
- $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
+ $newfile_esc = escapeshellarg($newfile);
+ $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
+ $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
foreach($bits as $val)
{
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
@@ -930,7 +941,8 @@ function buildSubjectFromSession() {
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
} else {
$drow = mysql_fetch_assoc($res);
- $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
+ $crt_name = escapeshellarg($drow['crt_name']);
+ $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
echo "<pre>\n$cert\n</pre>\n";
}
}
@@ -958,7 +970,7 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
- `domains`.`memid`='".$_SESSION['profile']['id']."'";
+ `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -972,8 +984,12 @@ function buildSubjectFromSession() {
continue;
}
mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
- printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
+ printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
+
+ // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
+ echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
+
}
else
{
@@ -989,7 +1005,7 @@ function buildSubjectFromSession() {
$query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
where `domaincerts`.`id`='$id' and
`domaincerts`.`domid`=`domains`.`id` and
- `domains`.`memid`='".$_SESSION['profile']['id']."'";
+ `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -1040,7 +1056,7 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
- where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
+ where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -1059,17 +1075,17 @@ function buildSubjectFromSession() {
mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
$query = "insert into emailcerts set
- `memid`='".$row['memid']."',
+ `memid`='".intval($row['memid'])."',
`CN`='".mysql_real_escape_string($row['CN'])."',
`subject`='".mysql_real_escape_string($row['subject'])."',
- `keytype`='".$row['keytype']."',
- `csr_name`='".$row['csr_name']."',
- `created`='".$row['created']."',
+ `keytype`='".mysql_real_escape_string($row['keytype'])."',
+ `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
+ `created`='".mysql_real_escape_string($row['created'])."',
`modified`=NOW(),
- `disablelogin`='".$row['disablelogin']."',
- `codesign`='".$row['codesign']."',
- `rootcert`='".$row['rootcert']."',
- `description`='".$row['description']."'";
+ `disablelogin`='".intval($row['disablelogin'])."',
+ `codesign`='".intval($row['codesign'])."',
+ `rootcert`='".intval($row['rootcert'])."',
+ `description`='".mysql_real_escape_string($row['description'])."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","client",$newid);
@@ -1114,7 +1130,7 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
- where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
+ where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -1128,8 +1144,11 @@ function buildSubjectFromSession() {
continue;
}
mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
- printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
+ printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
+
+ // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
+ echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
}
else
{
@@ -1143,7 +1162,7 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
- where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
+ where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -1175,14 +1194,14 @@ function buildSubjectFromSession() {
{
$cid = intval(substr($id,5));
$dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
- mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+ mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
}
if(substr($id,0,14)=="check_comment_")
{
$cid = intval(substr($id,14));
if(!empty($_REQUEST['check_comment_'.$cid])) {
$comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
- mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
+ mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
}
}
}
@@ -1256,7 +1275,7 @@ function buildSubjectFromSession() {
if($oldid == 13 && $process != "")
{
- $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
+ $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
$ddres = mysql_query($ddquery);
$ddrow = mysql_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total'];
@@ -1296,7 +1315,7 @@ function buildSubjectFromSession() {
`lname`='".$_SESSION['_config']['user']['lname']."',
`suffix`='".$_SESSION['_config']['user']['suffix']."',
`dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
- where `id`='".$_SESSION['profile']['id']."'";
+ where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
}
if ($showdetails!="") {
@@ -1310,25 +1329,15 @@ function buildSubjectFromSession() {
`A3`='".$_SESSION['_config']['user']['A3']."',
`A4`='".$_SESSION['_config']['user']['A4']."',
`A5`='".$_SESSION['_config']['user']['A5']."'
- where `id`='".$_SESSION['profile']['id']."'";
- mysql_query($query);
- }
-
- //!!!Should be rewritten
- $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
- $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
- if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
- {
- $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
- `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
+ where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
}
$_SESSION['_config']['user']['set'] = 0;
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
$_SESSION['profile']['loggedin'] = 1;
- $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
+ $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
$ddres = mysql_query($ddquery);
$ddrow = mysql_fetch_assoc($ddres);
$_SESSION['profile']['points'] = $ddrow['total'];
@@ -1362,7 +1371,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
{
- $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
+ $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
(`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
`password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
$rc = mysql_num_rows($match);
@@ -1384,7 +1393,7 @@ function buildSubjectFromSession() {
echo _("You failed to correctly enter your current Pass Phrase.");
} else {
mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
- where `id`='".$_SESSION['profile']['id']."'");
+ where `id`='".intval($_SESSION['profile']['id'])."'");
echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
$body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
@@ -1426,14 +1435,9 @@ function buildSubjectFromSession() {
$_SESSION['_config']['emails'][] = $val;
}
$_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
- $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
-
+ $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
- if(trim($_REQUEST['description']) != ""){
- $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
- }else{
- $_SESSION['_config']['description']= "";
- }
+ $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
}
if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
@@ -1462,11 +1466,9 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
- if(trim($_REQUEST['description']) != ""){
- $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
- }else{
- $_SESSION['_config']['description']= "";
- }
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
+
+ $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
if(@count($_SESSION['_config']['emails']) > 0)
$id = 17;
@@ -1502,7 +1504,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['name'] != "")
$emails .= "commonName = ".$_SESSION['_config']['name']."\n";
if($_SESSION['_config']['OU'])
- $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
+ $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
if($org['O'])
$emails .= "organizationName = ".$org['O']."\n";
if($org['L'])
@@ -1527,13 +1529,14 @@ function buildSubjectFromSession() {
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
- `ou`='".$_SESSION['_config']['OU']."',
+ `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
`keytype`='NS',
- `orgid`='".$org['orgid']."',
+ `orgid`='".intval($org['orgid'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
- `codesign`='".$_SESSION['_config']['codesign']."',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `description`='".$_SESSION['_config']['description']."'";
+ `codesign`='".intval($_SESSION['_config']['codesign'])."',
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1545,7 +1548,8 @@ function buildSubjectFromSession() {
fputs($fp, $emails);
fclose($fp);
$challenge=$_SESSION['spkac_hash'];
- $res=`openssl spkac -verify -in $CSRname`;
+ $CSRname_esc = escapeshellarg($CSRname);
+ $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
if(!strstr($res,"Challenge String: ".$challenge))
{
$id = $oldid;
@@ -1597,7 +1601,9 @@ function buildSubjectFromSession() {
$csrsubject .= "/countryName=".$org['C'];
$tmpname = tempnam("/tmp", "id17csr");
- $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
+ $tmpfname_esc = escapeshellarg($tmpfname);
+ $tmpname_esc = escapeshellarg($tmpname);
+ $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
@unlink($tmpfname);
$csr = "";
$fp = fopen($tmpname, "r");
@@ -1618,14 +1624,15 @@ function buildSubjectFromSession() {
$query = "insert into `orgemailcerts` set
`CN`='$defaultemail',
- `ou`='".$_SESSION['_config']['OU']."',
+ `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
`keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
- `orgid`='".$org['orgid']."',
+ `orgid`='".intval($org['orgid'])."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
- `subject`='$csrsubject',
- `codesign`='".$_SESSION['_config']['codesign']."',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `description`='".$_SESSION['_config']['description']."'";
+ `subject`='".mysql_real_escape_string($csrsubject)."',
+ `codesign`='".intval($_SESSION['_config']['codesign'])."',
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
mysql_query($query);
$emailid = mysql_insert_id();
@@ -1667,7 +1674,7 @@ function buildSubjectFromSession() {
echo "Renewing certificate #$id ...\n<br/>";
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
- where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
+ where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -1692,17 +1699,17 @@ function buildSubjectFromSession() {
continue;
}
$query = "insert into `orgemailcerts` set
- `orgid`='".$row['orgid']."',
- `CN`='".$row['CN']."',
- `ou`='".$row['ou']."',
- `subject`='".$row['subject']."',
- `keytype`='".$row['keytype']."',
- `csr_name`='".$row['csr_name']."',
- `created`='".$row['created']."',
+ `orgid`='".intval($row['orgid'])."',
+ `CN`='".mysql_real_escape_string($row['CN'])."',
+ `ou`='".mysql_real_escape_string($row['ou'])."',
+ `subject`='".mysql_real_escape_string($row['subject'])."',
+ `keytype`='".mysql_real_escape_string($row['keytype'])."',
+ `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
+ `created`='".mysql_real_escape_string($row['created'])."',
`modified`=NOW(),
- `codesign`='".$row['codesign']."',
- `rootcert`='".$row['rootcert']."',
- `description`='".$row['description']."'";
+ `codesign`='".intval($row['codesign'])."',
+ `rootcert`='".intval($row['rootcert'])."',
+ `description`='".mysql_real_escape_string($row['description'])."'";
mysql_query($query);
$newid = mysql_insert_id();
$newfile=generatecertpath("csr","orgclient",$newid);
@@ -1740,7 +1747,7 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
- where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
+ where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -1755,8 +1762,11 @@ function buildSubjectFromSession() {
continue;
}
mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
- printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
+ printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
+
+ // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
+ echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
}
else
{
@@ -1770,7 +1780,7 @@ function buildSubjectFromSession() {
{
$id = intval($id);
$query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
- where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
+ where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orgemailcerts`.`orgid`";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -1840,19 +1850,15 @@ function buildSubjectFromSession() {
exit;
}
- if(trim($_REQUEST['description']) != ""){
- $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
- }else{
- $_SESSION['_config']['description']= "";
- }
+ $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
$_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
$fp = fopen($_SESSION['_config']['tmpfname'], "w");
fputs($fp, $CSR);
fclose($fp);
- $CSR = $_SESSION['_config']['tmpfname'];
- $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
- $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
+ $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
+ $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
+ $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
foreach($bits as $val)
{
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
@@ -1865,16 +1871,16 @@ function buildSubjectFromSession() {
getalt2();
$query = "select * from `orginfo`,`org`,`orgdomains` where
- `org`.`memid`='".$_SESSION['profile']['id']."' and
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`org`.`orgid`=`orgdomains`.`orgid` and
- `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
+ `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
$_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
$query = "select * from `orginfo`,`org`,`orgdomains` where
- `org`.`memid`='".$_SESSION['profile']['id']."' and
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`orginfo`.`id` and
`org`.`orgid`=`orgdomains`.`orgid` and
- `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
+ `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
$_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
//echo "<pre>"; print_r($_SESSION['_config']); die;
@@ -1890,6 +1896,8 @@ function buildSubjectFromSession() {
$_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
+
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 21)
@@ -1924,14 +1932,14 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rowid']['0'] > 0)
{
$query = "select * from `org`,`orginfo` where
- `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
+ `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
`orginfo`.`id`=`org`.`orgid` and
- `org`.`memid`='".$_SESSION['profile']['id']."'";
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
} else {
$query = "select * from `org`,`orginfo` where
- `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
+ `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
`orginfo`.`id`=`org`.`orgid` and
- `org`.`memid`='".$_SESSION['profile']['id']."'";
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
}
$org = mysql_fetch_assoc(mysql_query($query));
$csrsubject = "";
@@ -1959,22 +1967,24 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rowid']['0'] > 0)
{
$query = "insert into `orgdomaincerts` set
- `CN`='".$_SESSION['_config']['rows']['0']."',
- `orgid`='".$org['id']."',
+ `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
+ `orgid`='".intval($org['id'])."',
`created`=NOW(),
- `subject`='$csrsubject',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `type`='$type',
- `description`='".$_SESSION['_config']['description']."'";
+ `subject`='".mysql_real_escape_string($csrsubject)."',
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `type`='".$type."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
$query = "insert into `orgdomaincerts` set
- `CN`='".$_SESSION['_config']['altrows']['0']."',
- `orgid`='".$org['id']."',
+ `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
+ `orgid`='".intval($org['id'])."',
`created`=NOW(),
- `subject`='$csrsubject',
- `rootcert`='".$_SESSION['_config']['rootcert']."',
- `type`='$type',
- `description`='".$_SESSION['_config']['description']."'";
+ `subject`='".mysql_real_escape_string($csrsubject)."',
+ `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
+ `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
+ `type`='".$type."',
+ `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
}
mysql_query($query);
$CSRid = mysql_insert_id();
@@ -1985,10 +1995,10 @@ function buildSubjectFromSession() {
mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
if(is_array($_SESSION['_config']['rowid']))
foreach($_SESSION['_config']['rowid'] as $id)
- mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
+ mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $id)
- mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
+ mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
waitForResult("orgdomaincerts", $CSRid,$oldid);
$query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
$res = mysql_query($query);
@@ -2019,7 +2029,7 @@ function buildSubjectFromSession() {
`orgdomaincerts`,`org`
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
- `org`.`memid`='".$_SESSION['profile']['id']."'";
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -2043,15 +2053,15 @@ function buildSubjectFromSession() {
continue;
}
$query = "insert into `orgdomaincerts` set
- `orgid`='".$row['orgid']."',
- `CN`='".$row['CN']."',
- `csr_name`='".$row['csr_name']."',
- `created`='".$row['created']."',
+ `orgid`='".intval($row['orgid'])."',
+ `CN`='".mysql_real_escape_string($row['CN'])."',
+ `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
+ `created`='".mysql_real_escape_string($row['created'])."',
`modified`=NOW(),
- `subject`='".$row['subject']."',
- `type`='".$row['type']."',
- `rootcert`='".$row['rootcert']."',
- `description`='".$row['description']."'";
+ `subject`='".mysql_real_escape_string($row['subject'])."',
+ `type`='".intval($row['type'])."',
+ `rootcert`='".intval($row['rootcert'])."',
+ `description`='".mysql_real_escape_string($row['description'])."'";
mysql_query($query);
$newid = mysql_insert_id();
//echo "NewID: $newid<br/>\n";
@@ -2061,7 +2071,7 @@ function buildSubjectFromSession() {
echo _("Renewing").": ".$row['CN']."<br>\n";
$res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
while($r2 = mysql_fetch_assoc($res))
- mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
+ mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
waitForResult("orgdomaincerts", $newid,$oldid,0);
$query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
$res = mysql_query($query);
@@ -2070,7 +2080,8 @@ function buildSubjectFromSession() {
printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
} else {
$drow = mysql_fetch_assoc($res);
- $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
+ $crtname = escapeshellarg($drow['crt_name']);
+ $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
echo "<pre>\n$cert\n</pre>\n";
}
}
@@ -2097,7 +2108,7 @@ function buildSubjectFromSession() {
`orgdomaincerts`,`org`
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
- `org`.`memid`='".$_SESSION['profile']['id']."'";
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -2111,8 +2122,11 @@ function buildSubjectFromSession() {
continue;
}
mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
- printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
+ printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
}
+
+ // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
+ echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
}
else
{
@@ -2129,7 +2143,7 @@ function buildSubjectFromSession() {
`orgdomaincerts`,`org`
where `orgdomaincerts`.`id`='$id' and
`orgdomaincerts`.`orgid`=`org`.`orgid` and
- `org`.`memid`='".$_SESSION['profile']['id']."'";
+ `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -2245,7 +2259,7 @@ function buildSubjectFromSession() {
`ST`='".$_SESSION['_config']['ST']."',
`C`='".$_SESSION['_config']['C']."',
`comments`='".$_SESSION['_config']['comments']."'
- where `id`='".$_SESSION['_config']['orgid']."'");
+ where `id`='".intval($_SESSION['_config']['orgid'])."'");
showheader(_("My CAcert.org Account!"));
printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
showfooter();
@@ -2425,11 +2439,11 @@ function buildSubjectFromSession() {
{
csrf_check('orgadmadd');
if($_SESSION['profile']['orgadmin'] == 1)
- $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
+ $masteracc = $_SESSION['_config']['masteracc'] = intval($_REQUEST['masteracc']);
else
- $masteracc = $_SESSION['_config'][masteracc] = 0;
+ $masteracc = $_SESSION['_config']['masteracc'] = 0;
$_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
- $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
+ $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
$comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
$res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
if(mysql_num_rows($res) <= 0)
@@ -2451,7 +2465,7 @@ function buildSubjectFromSession() {
set `memid`='".intval($row['id'])."',
`orgid`='".intval($_SESSION['_config']['orgid'])."',
`masteracc`='$masteracc',
- `OU`='$OU',
+ `OU`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
`comments`='$comments'");
}
}
@@ -2460,7 +2474,7 @@ function buildSubjectFromSession() {
if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
{
$orgid = intval($_SESSION['_config']['orgid']);
- $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
+ $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'");
if(mysql_num_rows($res) <= 0)
$id = 32;
}
@@ -2519,7 +2533,7 @@ function buildSubjectFromSession() {
{
if($key == $lang)
{
- mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
+ mysql_query("update `users` set `language`='$lang' where `id`='".intval($_SESSION['profile']['id'])."'");
$_SESSION['profile']['language'] = $lang;
showheader(_("My CAcert.org Account!"));
echo _("Your language setting has been updated.");
@@ -2674,10 +2688,27 @@ function buildSubjectFromSession() {
$oldid=0;
}
- if($oldid == 43 && $_REQUEST['action'] == "updatedob")
+ //check if ticket number was entered
+ if ( $id == 43 || $oldid == 43 || $id == 44 || $oldid == 44 ) {
+ if ($ticketno != "" ) {
+ $ticketno = trim($_REQUEST['ticketno']);
+ $ticketvalidation = valid_ticket_number($ticketno);
+ }
+
+ $_SESSION['ticketno'] = $ticketno;
+ }
+
+ if($oldid == 43 && $actionrequest == "updatedob" && $ticketvalidation == TRUE)
{
$id = 43;
$oldid=0;
+ $userid = intval($_REQUEST['userid']);
+ if (!write_se_log($userid, $_SESSION['profile']['id'],'SE Name/DOB Change',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$fname = mysql_real_escape_string($_REQUEST['fname']);
$mname = mysql_real_escape_string($_REQUEST['mname']);
$lname = mysql_real_escape_string($_REQUEST['lname']);
@@ -2685,21 +2716,29 @@ function buildSubjectFromSession() {
$day = intval($_REQUEST['day']);
$month = intval($_REQUEST['month']);
$year = intval($_REQUEST['year']);
- $userid = intval($_REQUEST['userid']);
- $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
- $details = mysql_fetch_assoc(mysql_query($query));
- $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
- `new-lname`='$lname',`new-dob`='$year-$month-$day',`uid`='$userid',`adminid`='".$_SESSION['profile']['id']."'";
- mysql_query($query);
$query = "update `users` set `fname`='$fname',`mname`='$mname',`lname`='$lname',`suffix`='$suffix',`dob`='$year-$month-$day' where `id`='$userid'";
mysql_query($query);
+ }elseif($oldid == 43 && $actionrequest == "updatedob" && $ticketvalidation == FALSE){
+ $id = 43;
+ $oldid=0;
+ $_SESSION['ticketmsg']='No action (name/dob change) taken. Ticket number is missing!';
}
- if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+ if($oldid == 43 && $actionrequest == 'revokecert' && $ticketvalidation == TRUE)
{
$userid = intval($_REQUEST['userid']);
+ if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE Revoke all certificates',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
revoke_all_private_cert($userid);
$id=43;
+ }elseif($oldid == 43 && $actionrequest == "revokecert" && $ticketvalidation == FALSE){
+ $id = 43;
+ $oldid=0;
+ $_SESSION['ticketmsg']='No certificates revokes. Ticket number is missing!';
}
if($oldid == 48 && $_REQUEST['domain'] == "")
@@ -2716,8 +2755,7 @@ function buildSubjectFromSession() {
if($id == 44)
{
- if($_REQUEST['userid'] != "")
- $_REQUEST['userid'] = intval($_REQUEST['userid']);
+ $_REQUEST['userid'] = intval($_REQUEST['userid']);
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
if($row['email'] == "")
$id = 42;
@@ -2725,18 +2763,25 @@ function buildSubjectFromSession() {
$_REQUEST['email'] = $row['email'];
}
- if($oldid == 44)
+ if($oldid == 44 && $ticketvalidation == TRUE)
{
showheader(_("My CAcert.org Account!"));
if(intval($_REQUEST['userid']) <= 0)
{
echo _("No such user found.");
} else {
+ if (!write_se_log(intval($_REQUEST['userid']), $_SESSION['profile']['id'],'SE reset password',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
mysql_query("update `users` set `password`=sha1('".mysql_real_escape_string(stripslashes($_REQUEST['newpass']))."') where `id`='".intval($_REQUEST['userid'])."'");
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email']));
-
+ $my_translation = L10n::get_translation();
+ L10n::set_recipient_language(intval($_REQUEST['userid']));
$body = sprintf(_("Hi %s,"),$row['fname'])."\n\n";
$body .= _("You are receiving this email because a CAcert administrator ".
"has changed the password on your account.")."\n\n";
@@ -2745,18 +2790,24 @@ function buildSubjectFromSession() {
sendmail($row['email'], "[CAcert.org] "._("Password Update Notification"), $body,
"support@cacert.org", "", "", "CAcert Support");
+ L10n::set_translation($my_translation);
}
showfooter();
exit;
+ }elseif($oldid == 44 && $ticketvalidation == FALSE){
+ $_SESSION['ticketmsg']='No password reset taken. Ticket number is missing!';
}
+
if($process != "" && $oldid == 45)
{
$CSR = clean_csr($CSR);
$_SESSION['_config']['CSR'] = $CSR;
- $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep "Subject:"`);
- $bits = explode(",", trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
+ runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep \"Subject:\"", $CSR, $CSRSubjects);
+ runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:", $CSR, $CSRAlts);
+ $_SESSION['_config']['subject'] = trim($CSRSubjects);
+ $bits = explode(",", trim($CSRAlts));
foreach($bits as $val)
{
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
@@ -2780,8 +2831,11 @@ function buildSubjectFromSession() {
if($process != "" && $oldid == 46)
{
$CSR = clean_csr($_SESSION['_config']['CSR']);
- $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep "Subject:"`);
- $bits = explode(",", trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
+ runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep \"Subject:\"", $CSR, $CSRSubjects);
+ runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:", $CSR, $CSRAlts);
+
+ $_SESSION['_config']['subject'] = trim($CSRSubjects);
+ $bits = explode(",", trim($CSRAlts));
foreach($bits as $val)
{
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
@@ -2817,10 +2871,10 @@ function buildSubjectFromSession() {
$CSRid = mysql_insert_id();
foreach($_SESSION['_config']['rowid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
+ mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
if(is_array($_SESSION['_config']['altid']))
foreach($_SESSION['_config']['altid'] as $dom)
- mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
+ mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='".intval($dom)."'");
$CSRname=generatecertpath("csr","server",$CSRid);
$fp = fopen($CSRname, "w");
@@ -2843,150 +2897,279 @@ function buildSubjectFromSession() {
}
}
- if($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0)
+ /* presently not needed
+ if($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0 && $ticketvalidation==TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['tverify']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change tverify status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['tverify'];
mysql_query("update `users` set `tverify`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('tverify',$_REQUEST) && $_REQUEST['tverify'] > 0 && $ticketvalidation==FALSE){
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
+ */
- if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0)
+ if($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admsetassuret');
$memid = $_REQUEST['userid'] = intval($_REQUEST['assurer']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change assurer status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['assurer'];
mysql_query("update `users` set `assurer`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('assurer',$_REQUEST) && $_REQUEST['assurer'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['assurer']);
+ $_SESSION['ticketmsg']='No action (Change assurer status) taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0)
+ if($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change assurer blocked status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['assurer_blocked'];
mysql_query("update `users` set `assurer_blocked`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('assurer_blocked',$_REQUEST) && $_REQUEST['assurer_blocked'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['assurer_blocked']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0)
+ if($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admactlock');
$memid = $_REQUEST['userid'] = intval($_REQUEST['locked']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change locked status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['locked'];
mysql_query("update `users` set `locked`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('locked',$_REQUEST) && $_REQUEST['locked'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['locked']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] > 0)
+ if($id == 43 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admcodesign');
$memid = $_REQUEST['userid'] = intval($_REQUEST['codesign']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change codesign status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['codesign'];
mysql_query("update `users` set `codesign`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['codesign']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('orgadmin',$_REQUEST) && $_REQUEST['orgadmin'] > 0)
+ if($id == 43 && array_key_exists('orgadmin',$_REQUEST) && $_REQUEST['orgadmin'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admorgadmin');
$memid = $_REQUEST['userid'] = intval($_REQUEST['orgadmin']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change org assuer status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['orgadmin'];
mysql_query("update `users` set `orgadmin`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('orgadmin',$_REQUEST) && $_REQUEST['orgadmin'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['orgadmin']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('ttpadmin',$_REQUEST) && $_REQUEST['ttpadmin'] > 0)
+ if($id == 43 && array_key_exists('ttpadmin',$_REQUEST) && $_REQUEST['ttpadmin'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admttpadmin');
$memid = $_REQUEST['userid'] = intval($_REQUEST['ttpadmin']);
+ if(!write_se_log($memid, $_SESSION['profile']['id'],'SE Change ttp admin status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['ttpadmin'];
mysql_query("update `users` set `ttpadmin`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('ttpadmin',$_REQUEST) && $_REQUEST['ttpadmin'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['ttpadmin']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('adadmin',$_REQUEST) && $_REQUEST['adadmin'] > 0)
+ if($id == 43 && array_key_exists('adadmin',$_REQUEST) && $_REQUEST['adadmin'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['adadmin']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change advertising admin status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = $row['adadmin'] + 1;
if($ver > 2)
$ver = 0;
mysql_query("update `users` set `adadmin`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('adadmin',$_REQUEST) && $_REQUEST['adadmin'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['adadmin']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('locadmin',$_REQUEST) && $_REQUEST['locadmin'] > 0)
+ if($id == 43 && array_key_exists('locadmin',$_REQUEST) && $_REQUEST['locadmin'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['locadmin']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change location admin status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['locadmin'];
mysql_query("update `users` set `locadmin`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('locadmin',$_REQUEST) && $_REQUEST['locadmin'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['locadmin']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('admin',$_REQUEST) && $_REQUEST['admin'] > 0)
+ if($id == 43 && array_key_exists('admin',$_REQUEST) && $_REQUEST['admin'] > 0 && $ticketvalidation == TRUE)
{
csrf_check('admsetadmin');
$memid = $_REQUEST['userid'] = intval($_REQUEST['admin']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change SE status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `users` where `id`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['admin'];
mysql_query("update `users` set `admin`='$ver' where `id`='$memid'");
+ }elseif($id == 43 && array_key_exists('admin',$_REQUEST) && $_REQUEST['admin'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['admin']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('general',$_REQUEST) && $_REQUEST['general'] > 0)
+ if($id == 43 && array_key_exists('general',$_REQUEST) && $_REQUEST['general'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['general']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change general status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `alerts` where `memid`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['general'];
mysql_query("update `alerts` set `general`='$ver' where `memid`='$memid'");
+ }elseif($id == 43 && array_key_exists('general',$_REQUEST) && $_REQUEST['general'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['general']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('country',$_REQUEST) && $_REQUEST['country'] > 0)
+ if($id == 43 && array_key_exists('country',$_REQUEST) && $_REQUEST['country'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['country']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change country status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `alerts` where `memid`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['country'];
mysql_query("update `alerts` set `country`='$ver' where `memid`='$memid'");
+ }elseif($id == 43 && array_key_exists('country',$_REQUEST) && $_REQUEST['country'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['country']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('regional',$_REQUEST) && $_REQUEST['regional'] > 0)
+ if($id == 43 && array_key_exists('regional',$_REQUEST) && $_REQUEST['regional'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['regional']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change regional status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `alerts` where `memid`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['regional'];
mysql_query("update `alerts` set `regional`='$ver' where `memid`='$memid'");
+ }elseif($id == 43 && array_key_exists('regional',$_REQUEST) && $_REQUEST['regional'] > 0 && $ticketvalidation == FALSE){
+ $_REQUEST['userid'] = intval($_REQUEST['regional']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
- if($id == 43 && array_key_exists('radius',$_REQUEST) && $_REQUEST['radius'] > 0)
+ if($id == 43 && array_key_exists('radius',$_REQUEST) && $_REQUEST['radius'] > 0 && $ticketvalidation == TRUE)
{
$memid = $_REQUEST['userid'] = intval($_REQUEST['radius']);
+ if (!write_se_log($memid, $_SESSION['profile']['id'],'SE Change radius status',$ticketno)) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ showfooter();
+ exit;
+ }
$query = "select * from `alerts` where `memid`='$memid'";
$row = mysql_fetch_assoc(mysql_query($query));
$ver = !$row['radius'];
mysql_query("update `alerts` set `radius`='$ver' where `memid`='$memid'");
+ }elseif($id == 43 && array_key_exists('radius',$_REQUEST) && $_REQUEST['radius'] > 0 && $ticketvalidation == false){
+ $_REQUEST['userid'] = intval($_REQUEST['radius']);
+ $_SESSION['ticketmsg']='No action taken. Ticket number is missing!';
}
if($id == 50)
{
- if(array_key_exists('userid',$_REQUEST) && $_REQUEST['userid'] != "")
+ if(array_key_exists('userid',$_REQUEST) && $_REQUEST['userid'] !== "") {
$_REQUEST['userid'] = intval($_REQUEST['userid']);
+ }
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
- if($row['email'] == "")
+ if($row['email'] == "") {
$id = 42;
- else
+ } else {
$_REQUEST['email'] = $row['email'];
+ }
}
if($oldid == 50)
@@ -3001,151 +3184,69 @@ function buildSubjectFromSession() {
if (trim($_REQUEST['arbitrationno'])==""){
showheader(_("My CAcert.org Account!"));
echo _("You did not enter an arbitration number entry.");
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
showfooter();
exit;
}
if ( 1 !== preg_match('/^[a-z]\d{8}\.\d+\.\d+$/i',trim($_REQUEST['arbitrationno'])) ) {
showheader(_("My CAcert.org Account!"));
printf(_("'%s' is not a valid arbitration number entry."), sanitizeHTML(trim($_REQUEST['arbitrationno'])));
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
showfooter();
exit;
}
if (check_email_exists(trim($_REQUEST['arbitrationno']).'@cacert.org')) {
showheader(_("My CAcert.org Account!"));
printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['arbitrationno'].'@cacert.org'));
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
showfooter();
exit;
- }
- if (check_client_cert_running($_REQUEST['userid'],1) ||
- check_server_cert_running($_REQUEST['userid'],1) ||
- check_gpg_cert_running($_REQUEST['userid'],1)) {
+ }
+ if (check_client_cert_running(intval($_REQUEST['userid']),1) ||
+ check_server_cert_running(intval($_REQUEST['userid']),1) ||
+ check_gpg_cert_running(intval($_REQUEST['userid']),1)) {
showheader(_("My CAcert.org Account!"));
printf(_("The CCA retention time for at least one certificate is not over. Can't continue."));
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
showfooter();
exit;
}
- if (check_is_orgadmin($_REQUEST['userid'],1)) {
+ if (check_is_orgadmin(intval($_REQUEST['userid']),1)) {
showheader(_("My CAcert.org Account!"));
printf(_("The user is listed as Organisation Administrator. Can't continue."));
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
+ showfooter();
+ exit;
+ }
+ if (!write_se_log(intval($_REQUEST['userid']), $_SESSION['profile']['id'], 'SE Account delete', trim($_REQUEST['arbitrationno']))) {
+ showheader(_("Something went wrong"));
+ echo _("Writing to the admin log failed. Can't continue.");
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
showfooter();
exit;
}
- account_delete($_REQUEST['userid'], trim($_REQUEST['arbitrationno']), $_SESSION['profile']['id']);
+ account_delete(intval($_REQUEST['userid']), trim($_REQUEST['arbitrationno']), $_SESSION['profile']['id']);
}
- if(($id == 51 || $id == 52 || $oldid == 52) && $_SESSION['profile']['tverify'] <= 0)
+ if(($id == 51 || $id == 52 || $oldid == 52))
{
showheader(_("My CAcert.org Account!"));
- echo _("You don't have access to this area.");
+ echo _("You don't have access to this area.\nThe Tverify programme is terminated as of 16th November 2010" );
showfooter();
exit;
}
- if($oldid == 52)
- {
- $uid = intval($_REQUEST['uid']);
- $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $rc = mysql_num_rows(mysql_query($query));
- if($rc <= 0)
+ if($id == 59){
+ if (!($oldid == 43 && $_SESSION['profile']['admin'] == 1) &&
+ !($oldid == 13 && intval($_REQUEST['userid']) == $_SESSION['profile']['id']))
{
showheader(_("My CAcert.org Account!"));
- echo _("Unable to find a valid tverify request for this ID.");
+ echo _("You do not have access to this page.");
showfooter();
exit;
}
}
- if($oldid == 52)
- {
- $query = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".$_SESSION['profile']['id']."'";
- $rc = mysql_num_rows(mysql_query($query));
- if($rc > 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("You have already voted on this request.");
- showfooter();
- exit;
- }
- }
-
- if($oldid == 52 && ($_REQUEST['agree'] != "" || $_REQUEST['disagree'] != ""))
- {
- $vote = -1;
- if($_REQUEST['agree'] != "")
- $vote = 1;
-
- $query = "insert into `tverify-vote` set
- `tverify`='$uid',
- `memid`='".$_SESSION['profile']['id']."',
- `when`=NOW(), `vote`='$vote',
- `comment`='".mysql_real_escape_string($_REQUEST['comment'])."'";
- mysql_query($query);
-
- $rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'"));
- if($rc >= 8)
- {
- mysql_query("update `tverify` set `modified`=NOW() where `id`='$uid'");
- $tverify = mysql_fetch_assoc(mysql_query("select * from `tverify` where `id`='$uid'"));
- $memid = $tverify['memid'];
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'"));
- $tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'"));
-
- $points = 0;
- if($tverify['URL'] != "" && $tverify['photoid'] != "")
- $points = 150 - intval($tmp['points']);
- if($tverify['URL'] != "" && $tverify['photoid'] == "")
- $points = 90 - intval($tmp['points']);
- if($tverify['URL'] == "" && $tverify['photoid'] == "")
- $points = 50 - intval($tmp['points']);
-
- if($points < 0)
- $points = 0;
-
- if($points > 0)
- {
- mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points',
- `method`='Thawte Points Transfer', `when`=NOW()");
- fix_assurer_flag($memid);
- }
- $totalpoints = intval($tmp['points']) + $points;
-
- $body = _("Your request to have points transfered was successful. You were issued $points points as a result, and you now have $totalpoints in total")."\n\n"._("The following comments were made by reviewers")."\n\n";
- $res = mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'");
- while($row = mysql_fetch_assoc($res))
- $body .= $row['comment']."\n";
- $body .= "\n";
-
- $body .= _("Best regards")."\n";
- $body .= _("CAcert Support Team");
- sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify");
- }
-
- $rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='-1'"));
- if($rc >= 4)
- {
- mysql_query("update `tverify` set `modified`=NOW() where `id`='$uid'");
- $tverify = mysql_fetch_assoc(mysql_query("select * from `tverify` where `id`='$uid'"));
- $memid = $tverify['memid'];
- $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'"));
-
- $body = _("Unfortunately your request for a points increase has been denied, below is the comments from people that reviewed your request as to why they rejected your application.")."\n\n";
- $res = mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='-1'");
- while($row = mysql_fetch_assoc($res))
- $body .= $row['comment']."\n";
- $body .= "\n";
-
- $body .= _("You are welcome to try submitting another request at any time in the future, please make sure you take the reviewer comments into consideration or you risk having your application rejected again.")."\n\n";
-
- $body .= _("Best regards")."\n";
- $body .= _("CAcert Support Team");
- sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify");
- }
-
- showheader(_("My CAcert.org Account!"));
- echo _("Your vote has been accepted.");
- showfooter();
- exit;
- }
if(intval($cert) > 0)
$_SESSION['_config']['cert'] = intval($cert);