summaryrefslogtreecommitdiff
path: root/pages
diff options
context:
space:
mode:
Diffstat (limited to 'pages')
-rw-r--r--pages/account/10.php2
-rw-r--r--pages/account/12.php9
-rw-r--r--pages/account/16.php6
-rw-r--r--pages/account/17.php122
-rw-r--r--pages/account/18.php9
-rw-r--r--pages/account/20.php4
-rw-r--r--pages/account/22.php9
-rw-r--r--pages/account/3.php30
-rw-r--r--pages/account/4.php175
-rw-r--r--pages/account/43.php63
-rw-r--r--pages/account/5.php31
-rw-r--r--pages/account/51.php34
-rw-r--r--pages/account/52.php102
-rw-r--r--pages/account/6.php128
-rw-r--r--pages/account/60.php142
-rw-r--r--pages/gpg/0.php2
-rw-r--r--pages/gpg/2.php6
-rw-r--r--pages/index/11.php21
-rw-r--r--pages/wot/1.php2
-rw-r--r--pages/wot/12.php4
-rw-r--r--pages/wot/15.php2
-rw-r--r--pages/wot/6.php6
22 files changed, 385 insertions, 524 deletions
diff --git a/pages/account/10.php b/pages/account/10.php
index 704a05c..f5527ab 100644
--- a/pages/account/10.php
+++ b/pages/account/10.php
@@ -34,6 +34,8 @@
<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<? } ?>
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p>
<textarea name="CSR" cols="80" rows="15"></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
diff --git a/pages/account/12.php b/pages/account/12.php
index 44926ca..35ae6c2 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
</tr>
@@ -34,7 +35,8 @@
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
`domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`
+ UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
+ `domaincerts`.`description`
from `domaincerts`,`domains`
where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` ";
if($viewall != 1)
@@ -75,7 +77,8 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/16.php b/pages/account/16.php
index 514ecfd..338878d 100644
--- a/pages/account/16.php
+++ b/pages/account/16.php
@@ -56,6 +56,12 @@
<td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td>
</tr>
<? } ?>
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80>
+ </td>
+ </tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>">
<input type="submit" name="process" value="<?=_("Next")?>"></td>
diff --git a/pages/account/17.php b/pages/account/17.php
index 2ba5390..8ac8b65 100644
--- a/pages/account/17.php
+++ b/pages/account/17.php
@@ -14,124 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?>
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/18.php b/pages/account/18.php
index 13dcc30..45e3be9 100644
--- a/pages/account/18.php
+++ b/pages/account/18.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -35,7 +36,8 @@
UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`,
`oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`,
UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`,
- `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`
+ `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`,
+ `oemail`.`description`
from `orgemailcerts` as `oemail`, `org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
`org`.`orgid`=`oemail`.`orgid` ";
@@ -80,7 +82,8 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/20.php b/pages/account/20.php
index 510b708..5e91e77 100644
--- a/pages/account/20.php
+++ b/pages/account/20.php
@@ -29,9 +29,11 @@
<form method="post" action="account.php">
<input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br>
<input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br>
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p>
<p><?=_("Paste your CSR below...")?></p>
-<textarea name="CSR" cols="80" rows="15"></textarea><br>
+<textarea name="CSR" cols="80" rows="15"></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
</form>
diff --git a/pages/account/22.php b/pages/account/22.php
index 9df8200..ac7a645 100644
--- a/pages/account/22.php
+++ b/pages/account/22.php
@@ -25,7 +25,8 @@
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("CommonName")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("Comment")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
@@ -36,7 +37,8 @@
`orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`,
UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`,
`orgdomaincerts`.`serial`,
- `orgdomaincerts`.`id` as `id`
+ `orgdomaincerts`.`id` as `id`,
+ `orgdomaincerts`.`description`
from `orgdomaincerts`,`org`
where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` ";
if($viewall != 1)
@@ -77,7 +79,8 @@
<? } ?>
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['description']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
</tr>
diff --git a/pages/account/3.php b/pages/account/3.php
index 5590488..2726952 100644
--- a/pages/account/3.php
+++ b/pages/account/3.php
@@ -52,29 +52,28 @@ if($_SESSION['profile']['points'] >= 50)
$lname = $_SESSION['profile']['lname'];
$suffix = $_SESSION['profile']['suffix'];
?>
- <tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
- <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
- <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
+ <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br>
+ <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br>
+ <?=str_replace("\n", "<br>\n", wordwrap(_("Please note: The class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain. Until we are included in browsers this might not be a desirable option for most people"), 125))?>
</td>
</tr>
<tr>
<td class="DataTD" colspan="2" align="left">
- <input type="radio" name="incname" value="0" checked> <?=_("No Name")?><br>
-<? if($fname && $lname) { ?><input type="radio" name="incname" value="1"> <?=_("Include")?> '<?=$fname." ".$lname?>'<br><? } ?>
-<? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br><? } ?>
-<? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3"> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br><? } ?>
-<? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br><? } ?>
+ <input type="radio" name="incname" value="0" checked> <?=_("No Name")?><br>
+ <? if($fname && $lname) { ?><input type="radio" name="incname" value="1"> <?=_("Include")?> '<?=$fname." ".$lname?>'<br><? } ?>
+ <? if($fname && $mname && $lname) { ?><input type="radio" name="incname" value="2"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'<br><? } ?>
+ <? if($fname && $lname && $suffix) { ?><input type="radio" name="incname" value="3"> <?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'<br><? } ?>
+ <? if($fname && $mname && $lname && $suffix) { ?><input type="radio" name="incname" value="4"> <?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'<br><? } ?>
</td>
</tr>
<? } ?>
<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
<tr>
<td class="DataTD" align="left">
- <input type="checkbox" name="codesign" value="1"> <?=_("Code Signing")?></td>
+ <input type="checkbox" name="codesign" value="1"> <?=_("Code Signing")?></td>
<td class="DataTD" align="left">
- <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
+ <?=_("Please Note: By ticking this box you will automatically have your name included in any certificates.")?>
</td>
</tr>
<? } ?>
@@ -85,7 +84,12 @@ if($_SESSION['profile']['points'] >= 50)
<?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?><br/>
</td>
</tr>
-
+ <tr>
+ <td class="DataTD" colspan="2" align="left">
+ <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="100" size=100>
+ </td>
+ </tr>
<tr name="expertoff" style="display:none">
<td class="DataTD" colspan="2" align="left">
@@ -101,6 +105,8 @@ if($_SESSION['profile']['points'] >= 50)
<a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a>
</td>
</tr>
+
+
<tr name="expert">
<td class="DataTD" colspan="2"><?=_("Optional Client CSR, no information on the certificate will be used")?></td>
</tr>
diff --git a/pages/account/4.php b/pages/account/4.php
index a4d6597..8ac8b65 100644
--- a/pages/account/4.php
+++ b/pages/account/4.php
@@ -14,177 +14,6 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
-<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
-</object>
-<form method="post" action="account.php" name="CertReqForm"><p>
-<input type="hidden" name="session" value="UsedXenroll">
-<?=_("Key Strength:")?> <select name="CspProvider"></select>
-<input type="hidden" name="oldid" value="<?=$id?>">
-<INPUT TYPE=HIDDEN NAME="CSR">
-<input type="hidden" name="keytype" value="MS">
-<input type="submit" name="GenReq" value="Create Certificate"><br>
-</p></form>
-<script type="text/vbscript" language="vbscript">
-<!--
-Function GetProviderList()
- Dim CspList, cspIndex, ProviderName
- On Error Resume Next
+*/
- count = 0
- base = 0
- enhanced = 0
- CspList = ""
- ProviderName = ""
-
- // Vista:
- Set csps = CreateObject("X509Enrollment.CCspInformations")
- If IsObject(csps) Then
- csps.AddAvailableCsps()
- Document.CertReqForm.keytype.value="VI"
- For j = 0 to csps.Count-1
- Set oOption = document.createElement("OPTION")
- oOption.text = csps.ItemByIndex(j).Name
- oOption.value = j
- Document.CertReqForm.CspProvider.add(oOption)
- Next
-
- Else
-
- // 2000,XP:
-
- For ProvType = 0 to 13
- cspIndex = 0
- cec.ProviderType = ProvType
- ProviderName = cec.enumProviders(cspIndex,0)
-
- while ProviderName <> ""
- Set oOption = document.createElement("OPTION")
- oOption.text = ProviderName
- oOption.value = ProvType
- Document.CertReqForm.CspProvider.add(oOption)
- if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
- base = count
- end if
- if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- enhanced = count
- end if
- cspIndex = cspIndex +1
- ProviderName = ""
- ProviderName = cec.enumProviders(cspIndex,0)
- count = count + 1
- wend
- Next
- Document.CertReqForm.CspProvider.selectedIndex = base
- if enhanced then
- Document.CertReqForm.CspProvider.selectedIndex = enhanced
- end if
- End If
-End Function
-
-Function CSR(keyflags)
- CSR = ""
- szName = ""
-
-
- // Vista
- if Document.CertReqForm.keytype.value="VI" Then
-
- Dim g_objClassFactory
- Dim obj
- Dim objPrivateKey
- Dim g_objRequest
- Dim g_objRequestCMC
-
- Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
- Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
- Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
- Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
- //Msgbox exit function
- objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
- // "Microsoft Enhanced RSA and AES Cryptographic Provider"
- objPrivateKey.ProviderType = "24"
- objPrivateKey.KeySpec = "1"
- objPrivateKey.ExportPolicy = 1
- objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
- Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
- objDN.Encode("CN=CAcertRequest")
- objRequest.Subject = objDN
-
- // obj.Initialize(1)
- obj.InitializeFromRequest(objRequest)
- obj.CertificateDescription="Description"
- obj.CertificateFriendlyName="FriendlyName"
- CSR=obj.CreateRequest(1)
- If len(CSR)<>0 Then Exit Function
- Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
-
- else
- // XP
-
- cec.HashAlgorithm = "MD5"
- err.clear
- On Error Resume Next
- set options = document.all.CspProvider.options
- index = options.selectedIndex
- cec.providerName = options(index).text
- tmpProviderType = options(index).value
- cec.providerType = tmpProviderType
- cec.KeySpec = 2
- if tmpProviderType < 2 Then
- cec.KeySpec = 1
- end if
- cec.GenKeyFlags = &h04000001 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = &h04000000 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
- if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
- cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
- else
- Exit Function
- end if
- end if
- cec.GenKeyFlags = 1 OR keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = keyflags
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- if len(CSR)<>0 then Exit Function
- cec.GenKeyFlags = 0
- CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
- End if
-End Function
-
-Sub GenReq_OnClick
- Dim TheForm
- Set TheForm = Document.CertReqForm
- err.clear
- result = CSR(2)
- if len(result)=0 Then
- result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
- Exit Sub
- end if
- TheForm.CSR.Value = result
- TheForm.Submit
- Exit Sub
-End Sub
-
-GetProviderList()
--->
-</script>
-<? } else { ?>
-<p>
-<form method="post" action="account.php">
-<input type="hidden" name="keytype" value="NS">
-<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
-
-<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-<input type="hidden" name="oldid" value="<?=$id?>">
-</form>
-</p>
-<? } ?>
+require_once($_SESSION['_config']['filepath'].'/includes/keygen.php');
diff --git a/pages/account/43.php b/pages/account/43.php
index 7bf6d04..c482cab 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -331,7 +331,66 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
<? } ?>
</table>
<br>
-<? } ?>
+<? }
+
+//
+// Display account creation/activity information
+//
+$showactivity = isset($_REQUEST['showactivity']);
+$activity_url = "/account.php?id=43&userid=$row[id]";
+if (!$showactivity) {
+ $activity_url .= "&showactivity";
+}
+
+?>
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="2" class="title">
+ <a href="<?= $activity_url ?>"><?=_("Account Activity")?></a>
+ </td>
+ </tr>
+
+<?php
+if ($showactivity) {
+ $query = "select `created`, `modified` from `users`
+ where `id` = '".intval($row['id'])."' ";
+ $dres = mysql_query($query);
+ $drow = mysql_fetch_assoc($dres);
+ $created = $drow['created'];
+
+ $modified = getdate(strtotime($drow['modified']));
+ $now = getdate();
+ // only a rough approximation
+ $days = ($now['year'] - $modified['year']) * 360;
+ $days += ($now['mon'] - $modified['mon']) * 30;
+ $days += $now['mday'] - $modified['mday'];
+ ?>
+ <tr>
+ <td class="DataTD"><?=_("Account created")?>:</td>
+ <td class="DataTD"><? echo $created ?></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD"><?=_("Last activity")?>:</td>
+ <td class="DataTD"><?
+ if ($days >= 2 * 360) {
+ echo _("before 2 years");
+ } elseif ($days >= 360) {
+ echo _("before 1 year");
+ } elseif ($days >= 6 * 30) {
+ echo _("within last 12 months");
+ } elseif ($days >= 30) {
+ echo _("within last 6 months");
+ } else {
+ echo _("within the last month");
+ } ?></td>
+ </tr> <?php
+} ?>
+
+</table>
+<br>
+
+
<? // Begin - Debug infos ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
@@ -485,6 +544,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
// End - Debug infos
?>
+
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="6" class="title"><?=_("Certificates")?></td>
@@ -783,6 +843,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
</table>
<br>
+
<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
(<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
<br />
diff --git a/pages/account/5.php b/pages/account/5.php
index 5c131ba..206a149 100644
--- a/pages/account/5.php
+++ b/pages/account/5.php
@@ -19,17 +19,17 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="7" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
+ <td colspan="9" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><?=_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
<td class="DataTD"><?=_("Status")?></td>
<td class="DataTD"><?=_("Email Address")?></td>
- <td class="DataTD"><?=_("SerialNumber")?></td>
+ <td class="DataTD"><?=_("SerialNumber")?></td>
<td class="DataTD"><?=_("Revoked")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Login")?></td>
-
+ <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
<?
$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
@@ -40,8 +40,9 @@
`emailcerts`.`id`,
`emailcerts`.`CN`,
`emailcerts`.`serial`,
- emailcerts.disablelogin as `disablelogin`
- from `emailcerts`
+ emailcerts.disablelogin as `disablelogin`,
+ `emailcerts`.`description`
+ from `emailcerts`
where `emailcerts`.`memid`='".$_SESSION['profile']['id']."'
";
if($viewall != 1)
@@ -56,7 +57,7 @@
{
?>
<tr>
- <td colspan="7" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+ <td colspan="9" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
</tr>
<? } else {
while($row = mysql_fetch_assoc($res))
@@ -86,26 +87,36 @@
<td class="DataTD"><?=$verified?></td>
<td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td>
<? } ?>
- <td class="DataTD"><?=$row['serial']?></td>
+ <td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD">
<input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
<input type="hidden" name="cert_<?=$row['id']?>" value="1"/>
</td>
+ <td class="DataTD"><textarea name="description_<?=$row['id']?>" cols="50" rows="2"><?=htmlspecialchars($row['description'])?></textarea></td>
+ <td class="DataTD">
+ <input type="submit" name="descriptionsave_<?=$row['id']?>" value="<?=_("Save comment")?>">
+ </td>
</tr>
-<? } ?>
+ <? } ?>
<tr>
- <td class="DataTD" colspan="8">
+ <td class="DataTD" colspan="9">
<a href="account.php?id=5&amp;viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
</td>
</tr>
<tr>
+ <td class="DataTD" colspan="9">
+ <?=_("* Comment optional with max length of 100 characters. The comment is NOT included in the certificate as it is inteded for your personal reference only.. Save each comment seperately.")?>
+ </td>
+ </tr>
+
+ <tr>
<td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
<input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
- <td class="DataTD" colspan="3"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+ <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
</tr>
<? } ?>
diff --git a/pages/account/51.php b/pages/account/51.php
deleted file mode 100644
index 7273840..0000000
--- a/pages/account/51.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
-<?
- $uid = intval($_GET['photoid']);
- $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0) { ?>
-<img src="account.php?id=51&amp;photoid=<?=$uid ?>&amp;img=show" border="0" width="800">
-<? } else {
- $query = "select * from `tverify` where `id`='$uid' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo _("This UID has already been voted on.");
- } else {
- echo _("Unable to locate a valid request for that UID.");
- }
- } } ?>
diff --git a/pages/account/52.php b/pages/account/52.php
deleted file mode 100644
index 77a3bae..0000000
--- a/pages/account/52.php
+++ /dev/null
@@ -1,102 +0,0 @@
-<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
-<?
- $uid = intval($_GET['uid']);
- $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- $row = mysql_fetch_assoc($res);
- $memid = intval($row['memid']);
-
- $query2 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc2 = mysql_num_rows(mysql_query($query2));
- if($rc2 > 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("You have already voted on this request.");
- showfooter();
- exit;
- }
-
- $query = "select sum(`points`) as `points` from `notary` where `to`='$memid'";
- $notary = mysql_fetch_assoc(mysql_query($query));
- $query = "select * from `users` where `id`='$memid'";
- $user = mysql_fetch_assoc(mysql_query($query));
- $tobe = 50 - $notary['points'];
- if($row['URL'] != '' && $row['photoid'] != '')
- $tobe = 150 - $notary['points'];
- else if($row['URL'] != '')
- $tobe = 90 - $notary['points'];
- if(intval($tobe) <= 0)
- $tobe = 0;
-?>
-<?=_("Request Details")?>:<br>
-<?=_("Name on file")?>: <?=$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']?><br>
-<?=_("Primary email address")?>: <?=$user['email']." (".$user['id'].")"?><br>
-<?=_("Certificate Subject")?>: <?=$row['CN']?><br>
-<? if($row['URL'] != '') { ?><?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br><? } ?>
-<? if($row['photoid'] != '') { ?><?=_("Photo ID URL")?>: <a href="/account.php?id=51&amp;photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br><? } ?>
-<?=_("Current Points")?>: <?=intval($notary['points'])?><br>
-<?=_("Potential Points")?>: <?=intval($tobe)?><br>
-<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br>
-
-<br>
-<form method="post" action="account.php">
-<?=_("Comment")?>: <input type="text" name="comment"><br>
-<input type="submit" name="agree" value="<?=_("I agree with this Application")?>">
-<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>">
-<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>">
-<input type="hidden" name="uid" value="<?=$uid?>">
-</form>
-<? } else {
- $query = "select * from `tverify` where `id`='$uid' and `modified`=1";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo _("This UID has already been voted on.")."<br/>";
- } else {
- if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
- }
-
- // Search for open requests:
- $query = "select * from `tverify` where `modified`=0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
- {
- echo "<br/>"._("The following requests are still open:")."<br/><ul>";
- while($row = mysql_fetch_assoc($res))
- {
- $uid=intval($row['id']);
- $query3 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $rc3 = mysql_num_rows(mysql_query($query3));
- if($rc3 <= 0)
- {
- echo "<li><a href='account.php?id=52&amp;uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n";
- }
- }
- echo "</ul>\n<br>\n";
- }
- else
- {
- echo "<br/>"._("There are no pending requests where you haven't voted yet.");
- }
-
-
- } } ?>
diff --git a/pages/account/6.php b/pages/account/6.php
index 38af8e8..90affac 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -14,46 +14,95 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-<?
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
-
- $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("No such certificate attached to your account.");
- showfooter();
+*/
+
+// Get certificate information
+$certid = 0;
+if(array_key_exists('cert',$_REQUEST)) {
+ $certid = intval($_REQUEST['cert']);
+}
+
+$query = "select * from `emailcerts`
+ where `id`='$certid'
+ and `memid`='".intval($_SESSION['profile']['id'])."'";
+$res = mysql_query($query);
+if(mysql_num_rows($res) <= 0) {
+ showheader(_("My CAcert.org Account!"));
+ echo _("No such certificate attached to your account.");
+ showfooter();
+ exit;
+}
+$row = mysql_fetch_assoc($res);
+
+
+if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
+ }
+
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
+
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
+
+ echo $cert;
+ exit;
+
+} elseif (array_key_exists('install', $_REQUEST)) {
+ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+ strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
+
+ // Handle IE
+
+ //TODO
+
+ } else {
+ // All other browsers
+ $crtname=escapeshellarg($row['crt_name']);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+ header("Content-Type: application/x-x509-user-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($row['CN']);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+ echo $cert;
exit;
}
- $row = mysql_fetch_assoc($res);
+} else {
+
+ showheader(_("My CAcert.org Account!"));
+ echo "<h3>"._("Install your certificate")."</h3>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install'>".
+ _("Install the certificate into your browser").
+ "</a></p>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;format=pem'>".
+ _("Download the certificate in PEM format")."</a></p>\n";
+
+ echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;format=der'>".
+ _("Download the certificate in DER format")."</a></p>\n";
+
+ showfooter();
+ exit;
+}
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname`;
- if($row['keytype'] == "NS")
- {
- if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
- {
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
- $fname=sanitizeFilename($row['CN']);
- if($fname=="") $fname="certificate";
- header('Content-Disposition: inline; filename="'.$fname.'.crt"');
- echo $cert;
- exit;
- } else {
- showheader(_("My CAcert.org Account!"));
- echo "<h3>"._("Installing your certificate")."</h3>\n";
- echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n";
- echo "<p><a href='account.php?id=6&amp;cert=$certid&amp;install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n";
- showfooter();
- exit;
- }
- } else {
- showheader(_("My CAcert.org Account!"));
?>
+<!-- to be converted to JavaScript -->
<h3><?=_("Installing your certificate")?></h3>
<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
@@ -125,12 +174,3 @@
End Sub
</SCRIPT>
-<p><?=_("Your certificate:")?></p>
-<pre><?=$cert?></pre>
-<?
-
- showfooter();
- exit;
- }
-?>
-
diff --git a/pages/account/60.php b/pages/account/60.php
new file mode 100644
index 0000000..3c2cb79
--- /dev/null
+++ b/pages/account/60.php
@@ -0,0 +1,142 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+<?
+/*
+ $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
+ $row = mysql_fetch_assoc(mysql_query($query));
+ $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ $org = mysql_fetch_assoc(mysql_query($query));
+ $query = "select * from `users` where `id`='".intval($_REQUEST['memid'])."'";
+ $user = mysql_fetch_assoc(mysql_query($query));
+
+ $_SESSION['_config']['domain'] = $row['domain'];
+ */
+
+
+ $delcount = 0;
+ if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
+ {
+
+
+/*
+ foreach($_REQUEST['delid'] as $id)
+ {
+ $id = intval($id);
+ $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
+ `email`!='".$_SESSION['profile']['email']."'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+ echo $row['email']."<br>\n";
+ */
+/*
+ $query = "select `emailcerts`.`id`
+ from `emaillink`,`emailcerts` where
+ `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
+ `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
+ group by `emailcerts`.`id`";
+ $dres = mysql_query($query);
+ while($drow = mysql_fetch_assoc($dres))
+ mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
+
+ $query = "update `email` set `deleted`=NOW() where `id`='$id'";
+ mysql_query($query);
+ */
+/* $delcount++;
+ }
+ } */
+
+?>
+
+<form method="post" action="account.php">
+<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
+ <tr>
+ <td colspan="4" class="title"><?=_("Delete User Account Email(s)")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD"><?=_("Default")?></td>
+ <td class="DataTD"><?=_("Status")?></td>
+ <td class="DataTD"><?=_("Delete")?></td>
+ <td class="DataTD"><?=_("Address")?></td>
+ </tr>
+<?
+// $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+// $res = mysql_query($query);
+// while($row = mysql_fetch_assoc($res))
+ foreach($_REQUEST['delid'] as $did)
+ {
+ $did = intval($did);
+ $query = "select * from `email` where `id`='$did' and `memid`='".intval($_SESSION['profile']['id'])."' and
+ `email`!='".$_SESSION['profile']['email']."'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+// echo $row['email']."<br>\n";
+
+ {
+ if($row['hash'] == "")
+ $verified = _("Verified");
+ else
+ $verified = _("Unverified");
+?>
+ <tr>
+ <td class="DataTD">&nbsp;</td>
+ <td class="DataTD"><?=$verified?></td>
+ <td class="DataTD"><input type="hidden" name="delid[]" value="<?=$row['id']?>"><b>X</b></td>
+ <td class="DataTD"><?=sanitizeHTML($row['email'])?></td>
+ </tr>
+<? }
+ }
+ }
+ ?>
+ <!-- tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?=_("Make Default")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ </tr -->
+ <tr>
+ <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("Are you really sure you want to remove above listed emails from your account?")); ?></span></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("This revokes also all client certificates for above listed email addresses.")); ?></span></td>
+ </tr>
+
+ <tr>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>"></td>
+ <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td>
+ </tr>
+
+</table>
+<input type="hidden" name="oldid" value="<?=$id?>">
+<input type="hidden" name="csrf" value="<?=make_csrf('chgdefcnfd')?>" />
+</form>
+<p>
+<?=_("Please Note: You can not set an unverified email as a default email, and you can not remove a default email. To remove the default email you must set another verified email as the default.")?>
+</p>
+<?
+ } else {
+ echo _("You did not select any email accounts for removal.");
+ echo _("You failed to select any email addresses to be removed, or you attempted to remove the default email address. No action was taken.");
+ $oldid = 0;
+ $id = 0;
+ showfooter();
+ exit;
+
+ }
+?>
diff --git a/pages/gpg/0.php b/pages/gpg/0.php
index ce3b72a..319c2f9 100644
--- a/pages/gpg/0.php
+++ b/pages/gpg/0.php
@@ -19,6 +19,8 @@
?>
<p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p>
<form method="post" action="gpg.php">
+<p> <?=_("Optional comment, only used in the certifictate overview")?><br>
+ <input type="text" name="description" maxlength="80" size=80></p>
<textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br>
<input type="submit" name="process" value="<?=_("Submit")?>">
<input type="hidden" name="oldid" value="<?=$id?>">
diff --git a/pages/gpg/2.php b/pages/gpg/2.php
index e10935e..fd26367 100644
--- a/pages/gpg/2.php
+++ b/pages/gpg/2.php
@@ -24,13 +24,13 @@
<td class="DataTD"><?=_("Email Address")?></td>
<td class="DataTD"><?=_("Expires")?></td>
<td class="DataTD"><?=_("Key ID")?></td>
-
+ <td class="DataTD"><?=_("Comment")?></td>
<?
$query = "select UNIX_TIMESTAMP(`issued`) as `issued`,
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`expire`) as `expired`,
`expire` as `expires`, `id`, `level`,
- `email`,`keyid` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
+ `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."'
ORDER BY `issued` desc";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -62,7 +62,7 @@
<? } ?>
<td class="DataTD"><?=$row['expires']?></td>
<td class="DataTD"><a href="gpg.php?id=3&amp;cert=<?=$row['id']?>"><?=$row['keyid']?></a></td>
-
+ <td class="DataTD"><?=$row['description']?></td>
</tr>
<? } ?>
<? } ?>
diff --git a/pages/index/11.php b/pages/index/11.php
index 01eca3a..697fb96 100644
--- a/pages/index/11.php
+++ b/pages/index/11.php
@@ -29,15 +29,26 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
<form method="post" action="index.php" name="form1">
<input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="support" value="yes">
+<!-- <input type="hidden" name="support" value="yes"> -->
<input type="hidden" name="secrethash2" value="">
+ <p class="robotic" id="pot">
+ <label>If you're human leave this blank:</label>
+ <input name="robotest" type="text" id="robotest" class="robotest" />
+ </p>
<table border="0">
<tr><td width="90"><?=_("Your Name")?>:</td><td><input type="text" name="who"></td><td>&#160;</td></tr>
<tr><td><?=_("Your Email")?>:</td><td><input type="text" name="email"></td></tr>
<tr><td><?=_("Subject")?>:</td><td><input type="text" name="subject"></td></tr>
<tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
- <tr><td colspan="3"><font color="#ff0000"><?=_("Warning: Please do not enter confidential data into this form, it is being sent to a public mailinglist. Use the form further below instead.")?></font></td></tr>
- <tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
+
+ <tr>
+ <td ><font color="#ff0000"><?=_("Warning: Please do not use send to mailing list when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+ <td ><?=_("For confidential data use send to support.")?></font></td>
+ </tr>
+ <tr>
+ <td><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
+ <td><input type="submit" name="process[1]" value="<?=_("Send to support")?>"></td>
+ </tr>
</table>
</form>
@@ -50,7 +61,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<p><?=_("There are a number of other mailing lists CAcert runs, some are general discussion, others are technical (such as the development list) or platform specific help (such as the list for Apple Mac users)")?></p>
<p><a href="http://lists.cacert.org/"><?=_("Click here to view all lists available")?></a></p>
-<p><b><?=_("Sensitive Information")?></b></p>
+<!-- <p><b><?=_("Sensitive Information")?></b></p>
<p><?=_("If you have questions, comments or otherwise and information you're sending to us contains sensitive details, you should use the contact form below. Due to the large amounts of support emails we receive, sending general questions via this contact form will generally take longer then using the support mailing list. Also sending queries in anything but english could cause delays in supporting you as we'd need to find a translator to help.")?></p>
<form method="post" action="index.php" name="form2">
<input type="hidden" name="secrethash2" value="">
@@ -62,7 +73,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
<tr><td colspan="2"><textarea name="message" cols="40" rows="10"></textarea></td></tr>
<tr><td colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td></tr>
</table>
-</form>
+</form>-->
<p><b><?=_("Security Issues")?></b></p>
<p><?=sprintf(_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on %s and mark it as private."),"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p>
diff --git a/pages/wot/1.php b/pages/wot/1.php
index a45b5df..fa391a0 100644
--- a/pages/wot/1.php
+++ b/pages/wot/1.php
@@ -109,7 +109,7 @@
<? while($row = mysql_fetch_assoc($list)) { ?>
<tr>
<td class="DataTD" width="100"><nobr><?=$row['fname']?> <?=substr($row['lname'], 0, 1)?></nobr></td>
- <td class="DataTD"><?=maxpoints($row['id'])?></td>
+ <td class="DataTD"><?=max_points($row['id'])?></td>
<td class="DataTD"><?=$row['contactinfo']?></td>
<td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td>
<td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td>
diff --git a/pages/wot/12.php b/pages/wot/12.php
index a0bbf50..85d986b 100644
--- a/pages/wot/12.php
+++ b/pages/wot/12.php
@@ -119,9 +119,7 @@ document.f.location.focus();
</tr>
<? while($row = mysql_fetch_assoc($res))
{
- $points = maxpoints($row['uid']);
- if($points > 35)
- $points = 35;
+ $points = max_points($row['uid']);
?>
<tr>
<td class="DataTD" width="100"><nobr><?=$row['name']?></nobr></td>
diff --git a/pages/wot/15.php b/pages/wot/15.php
index 8579588..0ad7fa2 100644
--- a/pages/wot/15.php
+++ b/pages/wot/15.php
@@ -16,8 +16,6 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
-
$userid = intval($_SESSION['profile']['id']);
output_ranking($userid);
diff --git a/pages/wot/6.php b/pages/wot/6.php
index 28c1875..a27fccd 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -40,19 +40,17 @@
$name = $fname." ".$mname." ".$lname." ".$suffix;
$_SESSION['_config']['wothash'] = md5($name."-".$dob);
- include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php");
-
AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
AssureTextLine(_("Name"),$name);
AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day"));
- AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face."));
+ AssureMethodLine(_("Method"),$methods,"");
AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1);
AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1);
AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>");
- AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")");
+ AssureInboxLine("points",_("Points"),"","<br />(Max. ".max_points($_SESSION['profile']['id']).")");
AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname));
AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"));
AssureFoot($id,_("I confirm this Assurance"));