diff options
Diffstat (limited to 'includes/general.php')
| -rw-r--r-- | includes/general.php | 112 |
1 files changed, 46 insertions, 66 deletions
diff --git a/includes/general.php b/includes/general.php index 3478dd4..596cc49 100644 --- a/includes/general.php +++ b/includes/general.php @@ -15,13 +15,16 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ + + require_once(dirname(__FILE__)."/lib/general.php"); + session_name("cacert"); session_start(); - session_register("_config"); - session_register("profile"); - session_register("signup"); - session_register("lostpw"); +// session_register("_config"); +// session_register("profile"); +// session_register("signup"); +// session_register("lostpw"); // if($_SESSION['profile']['id'] > 0) // session_regenerate_id(); @@ -54,7 +57,7 @@ exit; } - if(array_key_exists('HTTP_HOST',$_SERVER) && + if(array_key_exists('HTTP_HOST',$_SERVER) && ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] || $_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify'])) { @@ -74,12 +77,12 @@ L10n::detect_language(); L10n::init_gettext(); - if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0) + if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0) { - $locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".$_SESSION['profile']['id']."'")); + $locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".intval($_SESSION['profile']['id'])."'")); if($locked['locked'] == 0) { - $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; + $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); $_SESSION['profile']['points'] = $row['total']; @@ -166,19 +169,19 @@ $points++; //echo "Points due to length and charset: $points<br/>"; - + // check for historical password proposal if ($pwd === "Fr3d Sm|7h") { return 0; } - + return $points; } function checkpw($pwd, $email, $fname, $mname, $lname, $suffix) { $points = checkpwlight($pwd); - + if(@strstr(strtolower($pwd), strtolower($email))) $points--; @@ -216,7 +219,7 @@ //echo "Points due to name matches: $points<br/>"; $shellpwd = escapeshellarg($pwd); - $do = `grep $shellpwd /usr/share/dict/american-english`; + $do = shell_exec("grep -F -- $shellpwd /usr/share/dict/american-english"); if($do) $points--; @@ -229,7 +232,7 @@ { $bits = explode(": ", $_SESSION['_config']['subject'], 2); $bits = str_replace(", ", "|", str_replace("/", "|", array_key_exists('1',$bits)?$bits['1']:"")); - $bits = explode("|", $bits); + $bits = explode("|", $bits); $_SESSION['_config']['cnc'] = $_SESSION['_config']['subaltc'] = 0; $_SESSION['_config']['OU'] = ""; @@ -284,7 +287,7 @@ $dom = $bits[$i]; $_SESSION['_config']['row'] = ""; $dom = mysql_real_escape_string($dom); - $query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; + $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { @@ -336,7 +339,7 @@ $dom = $bits[$i]; $_SESSION['_config']['altrow'] = ""; $dom = mysql_real_escape_string($dom); - $query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; + $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { @@ -375,7 +378,7 @@ $_SESSION['_config']['row'] = ""; $dom = mysql_real_escape_string($dom); $query = "select *, `orginfo`.`id` as `id` from `orginfo`,`orgdomains`,`org` where - `org`.`memid`='".$_SESSION['profile']['id']."' and + `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `org`.`orgid`=`orginfo`.`id` and `orgdomains`.`orgid`=`orginfo`.`id` and `orgdomains`.`domain`='$dom'"; @@ -423,7 +426,7 @@ $_SESSION['_config']['altrow'] = ""; $dom = mysql_real_escape_string($dom); $query = "select * from `orginfo`,`orgdomains`,`org` where - `org`.`memid`='".$_SESSION['profile']['id']."' and + `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `org`.`orgid`=`orginfo`.`id` and `orgdomains`.`orgid`=`orginfo`.`id` and `orgdomains`.`domain`='$dom'"; @@ -455,7 +458,7 @@ $dom = $bits[$i]; $dom = mysql_real_escape_string($dom); $query = "select * from `org`,`orgdomains`,`orginfo` - where `org`.`memid`='".$_SESSION['profile']['id']."' + where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomains`.`orgid`=`org`.`orgid` and `orginfo`.`id`=`org`.`orgid` and `orgdomains`.`domain`='$dom'"; @@ -474,12 +477,12 @@ if($id <= 0) $id = $_SESSION['profile']['id']; - $query = "select sum(`points`) as `points` from `notary` where `to`='$id' group by `to`"; + $query = "select sum(`points`) as `points` from `notary` where `to`='$id' and `deleted` = 0 group by `to`"; $row = mysql_fetch_assoc(mysql_query($query)); $points = $row['points']; $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-18)); - $query = "select * from `users` where `id`='".$_SESSION['profile']['id']."' and `dob` < '$dob'"; + $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `dob` < '$dob'"; if(mysql_num_rows(mysql_query($query)) < 1) { if($points >= 100) @@ -503,7 +506,7 @@ return(0); } - function hex2bin($data) + function gpg_hex2bin($data) { while(strstr($data, "\\x")) { @@ -524,7 +527,8 @@ $fp = fopen($tmpfname, "w"); fputs($fp, $message); fclose($fp); - $do = `/usr/bin/gpg --homedir /home/gpg --clearsign "$tmpfname"|/usr/sbin/sendmail "$to"`; + $to_esc = escapeshellarg($to); + $do = shell_exec("/usr/bin/gpg --homedir /home/gpg --clearsign \"$tmpfname\"|/usr/sbin/sendmail ".$to_esc); @unlink($tmpfname); } @@ -533,23 +537,28 @@ $myemail = mysql_real_escape_string($email); if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { - list($username,$domain)=split('@',$email); + list($username,$domain)=explode('@',$email,2); $dom = escapeshellarg($domain); - $line = trim(`dig +short MX $dom 2>&1`); + $line = trim(shell_exec("dig +short MX $dom 2>&1")); #echo $email."-$dom-$line-\n"; -#echo `dig +short mx heise.de 2>&1`."-<br>\n"; +#echo shell_exec("dig +short mx heise.de 2>&1")."-<br>\n"; $list = explode("\n", $line); - foreach($list as $row) - list($pri, $mxhosts[]) = explode(" ", substr(trim($row), 0, -1)); + foreach($list as $row) { + if(!strstr($row, " ")) { + continue; + } + list($pri, $mxhosts[]) = explode(" ", trim($row), 2); + } $mxhosts[] = $domain; -#print_r($mxhosts); die; + array_walk($mxhosts, function(&$mx) { $mx = trim($mx, '.'); } ); + foreach($mxhosts as $key => $domain) { $fp = @fsockopen($domain,25,$errno,$errstr,5); if($fp) { - + $line = fgets($fp, 4096); while(substr($line, 0, 4) == "220-") $line = fgets($fp, 4096); @@ -573,7 +582,7 @@ $line = mysql_real_escape_string(trim(strip_tags($line))); $query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'"; - if(is_array($_SESSION['profile'])) $query.=", `uid`='".$_SESSION['profile']['id']."'"; + if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'"; mysql_query($query); if(substr($line, 0, 3) != "250") @@ -583,7 +592,7 @@ } } } - $query = "insert into `pinglog` set `when`=NOW(), `uid`='".$_SESSION['profile']['id']."', + $query = "insert into `pinglog` set `when`=NOW(), `uid`='".intval($_SESSION['profile']['id'])."', `email`='$myemail', `result`='Failed to make a connection to the mail server'"; mysql_query($query); return _("Failed to make a connection to the mail server"); @@ -654,9 +663,9 @@ return $ticket; } - function sanitizeHTML($input) + function sanitizeHTML($input) { - return htmlentities(strip_tags($input), ENT_QUOTES); + return htmlentities(strip_tags($input), ENT_QUOTES, 'ISO-8859-1'); //In case of problems, please use the following line again: //return htmlentities(strip_tags(utf8_decode($input)), ENT_QUOTES); //return htmlspecialchars(strip_tags($input)); @@ -724,38 +733,8 @@ $text=preg_replace("/[^\w-.@]/","",$text); return($text); } - - // returns 0 if $userID is an Assurer - // Otherwise : - // Bit 0 is always set - // Bit 1 is set if 100 Assurance Points are not reached - // Bit 2 is set if Assurer Test is missing - // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0) - function get_assurer_status($userID) - { - $Result = 0; - $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '. - ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\''); - if(mysql_num_rows($query) < 1) - { - $Result |= 5; - } - - $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()'); - $row = mysql_fetch_assoc($query); - if ($row['points'] < 100) { - $Result |= 3; - } - - $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\''); - $row = mysql_fetch_assoc($query); - if ($row['assurer_blocked'] > 0) { - $Result |= 9; - } - - return $Result; - } - + + // returns text message to be shown to the user given the result of is_no_assurer function no_assurer_text($Status) { @@ -797,7 +776,7 @@ $name="../$type/$kind/".intval($id/1000)."/$kind-".intval($id).".$type"; if (!is_dir("../csr")) { mkdir("../csr",0777); } if (!is_dir("../crt")) { mkdir("../crt",0777); } - + if (!is_dir("../csr/$kind")) { mkdir("../csr/$kind",0777); } if (!is_dir("../crt/$kind")) { mkdir("../crt/$kind",0777); } if (!is_dir("../csr/$kind/".intval($id/1000))) { mkdir("../csr/$kind/".intval($id/1000)); } @@ -824,4 +803,5 @@ return $res; } + ?> |