summaryrefslogtreecommitdiff
path: root/includes/lib
diff options
context:
space:
mode:
Diffstat (limited to 'includes/lib')
-rw-r--r--includes/lib/account.php73
-rw-r--r--includes/lib/general.php41
-rw-r--r--includes/lib/l10n.php19
3 files changed, 100 insertions, 33 deletions
diff --git a/includes/lib/account.php b/includes/lib/account.php
index e311668..81bd59b 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -19,10 +19,10 @@
/**
* Function to recalculate the cached Assurer status
- *
+ *
* @param int $userID
* if the user ID is not given the flag will be recalculated for all users
- *
+ *
* @return bool
* false if there was an error on fixing the flag. This does NOT return the
* new value of the flag
@@ -30,7 +30,7 @@
function fix_assurer_flag($userID = NULL)
{
// Update Assurer-Flag on users table if 100 points and CATS passed.
- //
+ //
// We may have some performance issues here if no userID is given
// there are ~150k assurances and ~220k users currently
// but the exists-clause on cats_passed should be a good filter
@@ -46,20 +46,20 @@ function fix_assurer_flag($userID = NULL)
WHERE `cp`.`variant_id` = `cv`.`id`
AND `cv`.`type_id` = 1
AND `cp`.`user_id` = `u`.`id`
- )
+ )
AND (
SELECT SUM(`points`) FROM `notary` AS `n`
WHERE `n`.`to` = `u`.`id`
AND (`n`.`expire` > now()
- OR `n`.`expire` IS NULL)
+ OR `n`.`expire` IS NULL) and `n`.`deleted` = 0
) >= 100';
-
+
$query = mysql_query($sql);
if (!$query) {
return false;
}
// Challenge has been passed and non-expired points >= 100
-
+
// Reset flag if requirements are not met
//
// Also a bit performance critical but assurer flag is only set on
@@ -85,14 +85,65 @@ function fix_assurer_flag($userID = NULL)
AND (
`n`.`expire` > now()
OR `n`.`expire` IS NULL
- )
+ ) and `n`.`deleted` = 0
) < 100
)';
-
+
$query = mysql_query($sql);
if (!$query) {
return false;
}
-
+
return true;
-} \ No newline at end of file
+}
+
+
+/**
+ * Supported hash algorithms for signing certificates
+ */
+class HashAlgorithms {
+ /**
+ * Default hash algorithm identifier for signing
+ * @var string
+ */
+ public static $default = 'sha256';
+
+ /**
+ * Get display strings for the supported hash algorithms
+ * @return array(string=>array('name'=>string, 'info'=>string))
+ * - [$hash_identifier]['name'] = Name that should be displayed in UI
+ * - [$hash_identifier]['info'] = Additional information that can help
+ * with the selection of a suitable algorithm
+ */
+ public static function getInfo() {
+ return array(
+ 'sha256' => array(
+ 'name' => 'SHA-256',
+ 'info' => _('Currently recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x) still shipped in Debian for example.'),
+ ),
+ 'sha384' => array(
+ 'name' => 'SHA-384',
+ 'info' => '',
+ ),
+ 'sha512' => array(
+ 'name' => 'SHA-512',
+ 'info' => _('Highest protection against hash collision attacks of the algorithms offered here.'),
+ ),
+ );
+ }
+
+ /**
+ * Check if the input is a supported hash algorithm identifier otherwise
+ * return the identifier of the default hash algorithm
+ *
+ * @param string $hash_identifier
+ * @return string The cleaned identifier
+ */
+ public static function clean($hash_identifier) {
+ if (array_key_exists($hash_identifier, self::getInfo() )) {
+ return $hash_identifier;
+ } else {
+ return self::$default;
+ }
+ }
+}
diff --git a/includes/lib/general.php b/includes/lib/general.php
index 85b132d..5458788 100644
--- a/includes/lib/general.php
+++ b/includes/lib/general.php
@@ -18,10 +18,10 @@
/**
* Checks if the user may log in and retrieve the user id
- *
+ *
* Usually called with $_SERVER['SSL_CLIENT_M_SERIAL'] and
* $_SERVER['SSL_CLIENT_I_DN_CN']
- *
+ *
* @param $serial string
* usually $_SERVER['SSL_CLIENT_M_SERIAL']
* @param $issuer_cn string
@@ -32,9 +32,9 @@
function get_user_id_from_cert($serial, $issuer_cn)
{
$query = "select `memid` from `emailcerts` where
- `serial`='".mysql_escape_string($serial)."' and
+ `serial`='".mysql_real_escape_string($serial)."' and
`rootcert`= (select `id` from `root_certs` where
- `Cert_Text`='".mysql_escape_string($issuer_cn)."') and
+ `Cert_Text`='".mysql_real_escape_string($issuer_cn)."') and
`revoked`=0 and disablelogin=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
$res = mysql_query($query);
@@ -43,7 +43,7 @@ function get_user_id_from_cert($serial, $issuer_cn)
$row = mysql_fetch_assoc($res);
return intval($row['memid']);
}
-
+
return -1;
}
@@ -71,7 +71,7 @@ function failWithId($errormessage) {
/**
* Runs a command on the shell and return it's exit code and output
- *
+ *
* @param string $command
* The command to run. Make sure that you escapeshellarg() any non-constant
* parts as this is executed on a shell!
@@ -85,7 +85,7 @@ function failWithId($errormessage) {
* @param string|bool $errors
* The output the command wrote to STDERR (this is passed as reference),
* if true (default) the output will be written to the real STDERR
- *
+ *
* @return int|bool
* The exit code of the command, true if the execution of the command
* failed (true because then
@@ -93,38 +93,38 @@ function failWithId($errormessage) {
*/
function runCommand($command, $input = "", &$output = null, &$errors = true) {
$descriptorspec = array();
-
+
if ($input !== true) {
$descriptorspec[0] = array("pipe", "r"); // STDIN for child
}
-
+
if ($output !== true) {
$descriptorspec[1] = array("pipe", "w"); // STDOUT for child
}
-
+
if ($errors !== true) {
$descriptorspec[2] = array("pipe", "w"); // STDERR for child
}
-
+
$proc = proc_open($command, $descriptorspec, $pipes);
-
+
if (is_resource($proc))
{
if ($input !== true) {
fwrite($pipes[0], $input);
fclose($pipes[0]);
}
-
+
if ($output !== true) {
$output = stream_get_contents($pipes[1]);
}
-
+
if ($errors !== true) {
$errors = stream_get_contents($pipes[2]);
}
-
+
return proc_close($proc);
-
+
} else {
return true;
}
@@ -145,19 +145,18 @@ function runCommand($command, $input = "", &$output = null, &$errors = true) {
{
$Result |= 5;
}
-
- $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
+
+ $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now() and `deleted` = 0');
$row = mysql_fetch_assoc($query);
if ($row['points'] < 100) {
$Result |= 3;
}
-
+
$query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
$row = mysql_fetch_assoc($query);
if ($row['assurer_blocked'] > 0) {
$Result |= 9;
}
-
+
return $Result;
}
- \ No newline at end of file
diff --git a/includes/lib/l10n.php b/includes/lib/l10n.php
index 85b7aff..41d785d 100644
--- a/includes/lib/l10n.php
+++ b/includes/lib/l10n.php
@@ -340,4 +340,21 @@ class L10n {
bindtextdomain($domain, $_SESSION['_config']['filepath'].'/locale');
textdomain($domain);
}
-} \ No newline at end of file
+
+ public static function set_recipient_language($accountid) {
+ //returns the language of a recipient to make sure that the language is correct
+ //use together with
+ $query = "select `language` from `users` where `id`='".intval($accountid)."'";
+ $res = mysql_query($query);
+ if (mysql_num_rows($res)>=0) {
+ $row = mysql_fetch_assoc($res);
+ if (NULL==$row['language'] || $row['language']=='') {
+ self::set_translation('en');
+ } else {
+ self::set_translation($row['language']);
+ }
+ } else {
+ self::set_translation('en');
+ }
+ }
+}